All news with #aws s3 tag

📈 You can now monitor Mountpoint operations in observability tools such as Amazon CloudWatch, Prometheus, and Grafana. Mountpoint emits near real-time metrics (request count, request latency, and error types) over the OpenTelemetry Protocol (OTLP), so you can use the CloudWatch agent or an OpenTelemetry collector to publish metrics and build dashboards. Configure Mountpoint at mount time to stream per-EC2-instance metrics for proactive monitoring and faster troubleshooting.

🔒 Amazon S3 Access Grants are now available in the AWS Asia Pacific (Thailand) and AWS Mexico (Central) Regions. The feature maps corporate identities—such as Microsoft Entra ID or AWS IAM principals—to S3 datasets, enabling administrators to automate and scale dataset access. This reduces manual policy overhead and helps ensure consistent, auditable permissions. Check the AWS Region Table and product page for regional availability and details.

🔐 Amazon S3 now supports conditional copy operations via the CopyObject API, enabling verification of an object's existence or content in the destination bucket before copying. You can supply the HTTP If-None-Match header to ensure the destination object does not exist, or If-Match with an ETag to validate content prior to copy. Administrators can enforce these checks using s3:if-match and s3:if-none-match bucket policy condition keys. This capability is available at no additional charge in all AWS Regions and removes the need for additional client-side coordination or pre-copy validation calls.

🔔Amazon S3 now emits AWS CloudTrail events for S3 Tables maintenance operations so you can track compaction and snapshot expiration. Maintenance activities are recorded as management events in CloudTrail, enabling auditing and monitoring of automatic optimization tasks. To monitor these events, create a trail and filter for eventType='AwsServiceEvents' and eventName='TablesMaintenanceEvent'. Events are available in all Regions where S3 Tables are offered.

📥 Amazon Redshift Auto-Copy is now available in Asia Pacific (Malaysia), Asia Pacific (Thailand), Mexico (Central), and Asia Pacific (Taipei). The feature lets you configure an integration to continuously detect and load new files from a specified Amazon S3 prefix into Redshift tables without requiring custom COPY pipelines or external tooling. Auto-Copy records previously loaded files to prevent duplicate ingestion and exposes job status and metrics via Redshift system tables for monitoring and troubleshooting.

🆕 Amazon has expanded S3 Metadata to three additional AWS Regions — Europe (Frankfurt), Europe (Ireland), and Asia Pacific (Tokyo). The service provides automated, near-real-time, queryable metadata for S3 objects, covering system-defined attributes (size, source, timestamps) and custom metadata via tags. Metadata is automatically populated for both new and existing objects, enabling faster discovery, curation, and use for analytics and real-time inference. With this release, S3 Metadata is generally available in six AWS Regions.

🛠️ Amazon Web Services announced that SageMaker AI Projects can now provision custom ML project templates stored in Amazon S3. Administrators can define and manage standardized end-to-end project templates in SageMaker AI Studio so data scientists can create projects that follow organizational patterns and automated workflows. The feature is available in all AWS Regions where SageMaker AI Projects is offered.

🔓 UpGuard discovered a publicly accessible Amazon S3 bucket containing over 273,000 PDFs documenting individual bank transfers in India, many with unredacted account numbers, amounts, and personal contact details. Aye Finance was disproportionately represented in the sample, and researchers observed roughly 3,000 new files added daily before the bucket was secured following notifications to AyeFin, NPCI, and CERT‑IN. The exposure poses an immediate risk of large‑scale fraud and targeted abuse across dozens of banks.

🔓 UpGuard discovered a publicly accessible Amazon S3 bucket containing roughly 273,160 PDF documents formatted as NACH MANDATE records that documented bank transfers in India. The files exposed unredacted bank account numbers, transaction amounts and, in many cases, individuals’ names, phone numbers and email addresses. A 55K-file sample (~42 GB) showed 38 financial institutions represented, with AyeFin appearing in nearly 60% of sampled records. UpGuard notified AyeFin and NPCI, escalated to CERT‑IN when the bucket continued to grow, and verified the repository was secured on September 4.

🔍 You can now preview Amazon S3 Tables directly in the S3 console without writing SQL. The console preview displays table schema, column types, and sample rows so you can quickly inspect structure and key data points without additional setup. Previews are available in all AWS Regions where S3 Tables are offered. You are charged only for the S3 requests used to read the sampled rows; consult S3 pricing and the S3 User Guide for details.

🔒 This post presents an architecture to enforce strong, source-of-truth authorization for Retrieval-Augmented Generation (RAG) knowledge bases using Amazon S3 Access Grants with Amazon Bedrock. It explains why vector DB metadata filtering is insufficient—permission changes can be delayed and complex identity memberships are hard to represent—and recommends validating permissions at the data source before returning chunks to an LLM. The blog includes a practical Python walkthrough for exchanging identity tokens, retrieving caller grant scopes, filtering returned chunks, and logging withheld items to reduce the risk of sensitive data leaking into LLM prompts.

🔒 AWS Network Firewall now delivers expanded console monitoring and enhanced TLS inspection capabilities to improve outbound security. The monitoring dashboard adds visibility into traffic to AWS services such as Amazon S3, Amazon DynamoDB, and AWS Backup, including traffic sent over PrivateLink, and surfaces top source and destination IPs by packets and bytes. Customers can filter views by IP and protocol for targeted analysis. A new session holding feature for TLS Inspection prevents TCP/TLS establishment from reaching servers until SNI-based rules are evaluated, strengthening controls against malicious endpoints.

🔒 Amazon S3 now supports conditional deletes in S3 general purpose buckets. You can include an HTTP If-Match header with an object's ETag when calling DeleteObject or DeleteObjects; S3 will only delete the object if the provided ETag matches, reducing accidental removals in high-concurrency, multi-writer environments. Administrators can also enforce conditional deletes using the s3:if-match bucket policy condition. The capability is available at no additional cost in all AWS Regions and accessible via the API, SDKs, and CLI.

🚀 AWS announced that AWS Transfer Family is now available in the Asia Pacific (Taipei) Region, supporting SFTP, FTP, FTPS and AS2 for managed file transfers. The service delivers fully managed ingress and egress to Amazon S3 and Amazon EFS, and integrates with event-driven automation to streamline file-processing workflows. This regional availability helps customers modernize and migrate business-to-business file exchanges to AWS while reducing operational overhead.

📦 Amazon S3 Batch Operations now allows users to target all objects within an S3 bucket, or refine selection by prefix, suffix, creation date, or storage class directly from the AWS Management Console. Instead of providing a manifest, customers can specify these filters when creating a job and S3 will apply the chosen operation to every matching object and produce a detailed completion report. Typical use cases include copying between buckets, restoring archived data from Glacier classes, and computing checksums for datasets. The capability is available in all AWS Regions and can also be accessed via the AWS CLI or SDK.

🛡️ AWS has expanded GuardDuty Malware Protection for S3 scanning limits, raising the maximum file size from 5 GB to 100 GB and increasing archive processing to 10,000 files per archive (previously 1,000). These enhancements are automatically enabled in all supported AWS Regions. Customers gain broader coverage for large objects and dense archives stored in S3, improving pre-ingestion threat detection. This update strengthens protection for workloads and downstream processes.

🔒 AWS Backup now lets you choose whether to include Access Control Lists (ACLs) and ObjectTags when backing up Amazon S3 buckets. Previously, these metadata elements were included for all objects by default; the new option lets administrators include only the metadata required for their recovery or compliance needs. This capability is available in all Regions where AWS Backup for Amazon S3 is offered; review pricing and regional availability on the AWS Backup pricing page.

🚀 Amazon Redshift Serverless is now generally available in the AWS Europe (Milan) and Africa (Cape Town) regions. With Redshift Serverless, users—data analysts, developers, and data scientists—can run analytics without provisioning or managing clusters, benefiting from automatic provisioning, intelligent scaling, and per-second compute billing. You can query data via Query Editor V2 or existing BI tools, load data from Amazon S3 (including Apache Parquet), use Redshift data shares, restore provisioned snapshots, and take advantage of unified billing for queries across these sources.

🚀 The AWS Transfer Family Terraform module now supports provisioning SFTP connectors to transfer files between Amazon S3 and remote SFTP servers. Announced 2025-08-27, the addition builds on existing Terraform support for SFTP server endpoints and enables programmatic provisioning of connectors, dependencies, and customizations in a single IaC deployment. The module includes end-to-end examples to automate transfers on schedules or event triggers, reducing manual configuration and improving repeatability, security, and scale.

📂 Amazon SageMaker Unified Studio now offers a simplified S3-based file storage option for project collaboration. Customers can choose between Git integrations (GitHub, GitLab, Bitbucket Cloud) or Amazon S3 buckets, with S3 set as the default while Git remains fully supported. The S3 option gives a consistent view of files across Studio tools, uses a last-write-wins model, and supports basic versioning when administrators enable it.