All news with #aws tag

AWS preview: Fully managed MCP servers for EKS and ECS

🔔 Amazon EKS and ECS now offer fully managed MCP servers in preview, providing a cloud-hosted Model Context Protocol endpoint to enrich AI-powered development and operations. These servers remove local installation and maintenance, and deliver enterprise features such as automatic updates and patching, centralized security via AWS IAM, and audit logging through AWS CloudTrail. Developers can connect AI coding assistants like Kiro CLI, Cursor, or Cline for context-aware code generation and debugging, while operators gain access to a knowledge base of best practices and troubleshooting guidance.

AWS Compute Optimizer Adds Automation Rules for EBS

🛠 AWS Compute Optimizer introduces automation rules to optimize Amazon Elastic Block Store (EBS) volumes at scale. The feature can automatically clean up unattached volumes and upgrade volumes to the latest-generation types on a recurring schedule, using filters such as AWS Region and Resource Tags. A new dashboard summarizes automation events, shows step history and estimated savings, and supports action reversal.

AWS Control Tower Adds 279 AWS Config Rules and Frameworks

🔒AWS Control Tower now supports 279 additional managed AWS Config rules and seven new compliance frameworks in the Control Catalog. You can search, discover, enable, and manage these rules directly from the AWS Control Tower console or via the ListControls, GetControl, and EnableControl APIs. The ListControlMappings API has been enhanced to show relationships between controls — complementary, alternative, or mutually exclusive — helping map detection (Config rules) to prevention (Service Control Policies). These features are available in Regions where Control Tower is offered, including AWS GovCloud (US).

AWS CloudFormation StackSets Adds Deployment Ordering

🧭 AWS CloudFormation StackSets now supports deployment ordering in auto-deployment mode, allowing you to define the sequence in which stack instances deploy across accounts and regions. You can specify up to 10 dependencies per stack instance using the new DependsOn parameter in AutoDeployment to orchestrate foundational and dependent stacks. StackSets performs cycle detection to prevent circular dependencies and returns clear error messages to aid troubleshooting. This capability is available in all Regions where StackSets is offered and can be configured via the CLI, SDK, or CloudFormation Console at no extra charge.

Amazon ECR Adds Managed Container Image Signing Capability

🔐 Amazon ECR now offers managed container image signing to simplify and standardize container provenance. Using a few clicks in the ECR Console or a single API call, you create a signing rule that references an AWS Signer signing profile (signature validity, target repositories), and ECR automatically signs images when they are pushed using the pusher's identity. AWS Signer handles key and certificate lifecycle, and all signing operations are logged to CloudTrail. The feature is available in all Regions where AWS Signer is offered.

AWS VPC Encryption Controls: Audit and Enforce AES-256

🔒 AWS launched VPC Encryption Controls to simplify auditing and enforcement of encryption in transit within and across Amazon Virtual Private Clouds. You can enable it on existing VPCs to monitor encryption status of traffic flows, identify resources that permit plaintext, and generate audit logs for compliance. The feature can also transparently enable hardware-based AES-256 encryption on traffic between supported resources such as AWS Fargate, Network Load Balancers and Application Load Balancers.

CloudWatch Database Insights: Cross-Account, Cross-Region

🔍 Amazon CloudWatch Database Insights now supports cross-account and cross-region monitoring, enabling teams to observe and manage database fleets across multiple AWS accounts and regions from a single console. The feature centralizes performance metrics and troubleshooting workflows so teams can correlate incidents across distributed environments. It is intended to reduce operational overhead and improve mean time to resolution by enforcing consistent monitoring standards.

Amazon OpenSearch Adds OR2 and OM2 Instances in Regions

🚀 Amazon Web Services has expanded OR2 and OM2 OpenSearch Optimized instances into additional global regions, delivering higher indexing throughput and S3-based managed storage for indexing-heavy workloads. In AWS internal benchmarks OR2 showed up to 26% higher indexing throughput vs OR1 (70% vs R7g) and OM2 up to 15% vs OR1 (66% vs M7g). Both families include local instance caching, S3-managed storage, pay-as-you-go and reserved pricing, and a range of sizes to fit different compute and memory needs.

Ransomware Shifts Focus to AWS S3 Buckets and Keys

🔐 A Trend Micro analysis warns ransomware actors are increasingly targeting cloud storage by abusing AWS-native encryption and key management to render S3 data unrecoverable. Attackers probe buckets with disabled versioning or Object Lock, exploit wide write permissions, and weaponize SSE-KMS, SSE-C, BYOK and XKS to seize control of keys. Researchers recommend least-privilege IAM, enable versioning/Object Lock, isolate backups, and continuously monitor audit logs. An "assume breach" posture and short-lived credentials are urged to limit impact.

Amazon SageMaker notebooks with built-in AI agent experience

🤖 Amazon SageMaker introduces a serverless notebook experience that consolidates SQL, Python, and natural-language workflows into a single interactive workspace for analytics and ML. The environment is backed by Amazon Athena for Apache Spark to scale from interactive queries to petabyte-scale processing without pre-provisioned infrastructure. A built-in AI agent generates code and SQL from natural-language prompts to accelerate development, and the feature is available via SageMaker Unified Studio's one-click onboarding in multiple AWS Regions.

Amazon RDS for SQL Server Adds Resource Governor Support

🔧 Amazon RDS for SQL Server now supports resource governor, enabling customers to manage CPU, memory, and I/O allocation across workloads on Enterprise Edition instances. RDS exposes stored procedures for configuring resource pools, workload groups, and classifier functions so administrators can isolate resource‑intensive queries and maintain predictable performance. This feature is available in all AWS Regions where RDS for SQL Server is offered.

AWS Lambda lowers Kafka ESM costs with Provisioned mode

⚡ AWS announces enhancements to Lambda's Provisioned mode for Kafka event source mappings, enabling grouping of ESMs and higher density of event pollers to reduce costs by up to 90% for low-throughput workloads. Each Event Poller Unit (EPU) still provides 20 MB/s but now defaults to 10 pollers per EPU and supports shared capacity via the new PollerGroupName parameter. Changes are available today across AWS Commercial Regions and can be configured via API, CLI, Console, SDK, CloudFormation, or SAM.

EC2 Fleet Adds Encryption Attribute for ABIS Selection

🔐 Amazon EC2 Fleet now supports an encryption attribute for Attribute-Based Instance Type Selection (ABIS). You can set RequireEncryptionInTransit in InstanceRequirements to limit launches to instance types that support encryption-in-transit, addressing compliance with VPC Encryption Controls in enforced mode. The GetInstanceTypesFromInstanceRequirements (GITFIR) API previews eligible instance types. The feature is available in all AWS commercial and GovCloud (US) Regions. To start, set RequireEncryptionInTransit=true when calling CreateFleet or GITFIR.

CloudWatch Container Insights: Sub-Minute GPU Metrics

🔍 Amazon CloudWatch Container Insights now supports configurable sub-minute GPU sampling for Amazon EKS, enabling GPU metrics to be collected at a per-second sample rate and aggregated to CloudWatch once per minute. This enhancement gives teams finer visibility into short-lived AI/ML inference and GPU-intensive workloads, helping to optimize resource utilization, troubleshoot performance issues, and improve operational efficiency for containerized GPU applications. The feature is available in all AWS Commercial Regions and AWS GovCloud (US) Regions at no additional cost.

Amazon Lex adds Wait & Continue in 10 new languages

🗣️ Amazon Lex now supports Wait & Continue in ten additional languages — Chinese, Japanese, Korean, Cantonese, Spanish, French, Italian, Portuguese, Catalan, and German. The feature enables deterministic voice and chat bots to pause while customers gather information and then resume the interaction seamlessly. It enhances natural, multilingual self-service experiences and is available in all AWS Regions where Amazon Lex operates.

AWS Backup Adds Support for FSx Intelligent-Tiering

🔒 AWS Backup now supports Amazon FSx Intelligent-Tiering, enabling centralized protection for FSx for Lustre and FSx for OpenZFS file systems. The Intelligent-Tiering storage class delivers fully elastic file storage that automatically scales with workloads while optimizing costs through pay-for-what-you-use elasticity. Existing Amazon FSx backup plans continue to run without modification. Support is available in all Regions where FSx Intelligent-Tiering is offered, and you can manage protections from the AWS Backup console.

Amazon Athena auto-scales Capacity Reservations with limits

🔁 Amazon Athena now provides an auto-scaling solution for Capacity Reservations that adjusts reserved DPUs automatically based on workload utilization. The solution uses AWS Step Functions to monitor Amazon CloudWatch metrics and add or remove DPUs when utilization crosses configured high and low thresholds. You can set measurement frequency, utilization thresholds, and capacity limits, and customize behavior via the provided CloudFormation template. The feature is available in Regions where Capacity Reservations is supported.

AWS Glue adds DynamoDB connector with Spark DataFrame

🚀 AWS Glue now includes a new Amazon DynamoDB connector that natively supports Apache Spark DataFrames. This enables developers to reuse existing Spark DataFrame code across AWS Glue, Amazon EMR, and other Spark environments with minimal modification, replacing prior reliance on Glue-specific DynamicFrame objects. The connector exposes the full range of DataFrame operations and current Spark performance optimizations and is available in all AWS Commercial Regions where Glue runs.

API Gateway Adds Private ALB Integration for REST APIs

🔗 Amazon API Gateway REST APIs now support private integration with Application Load Balancer (ALB), enabling direct inter‑VPC connectivity to internal ALBs. This removes the previously required Network Load Balancer hop, which can reduce latency and simplify deployments. The integration brings Layer 7 capabilities — such as HTTP/HTTPS health checks, advanced request‑based routing, and native container service alignment — while retaining NLB-based layer‑4 options.

AWS Announces Amazon ECS Express Mode for Fast Deploys

🚀 Amazon Web Services today introduced Amazon ECS Express Mode, a managed deployment option that helps developers rapidly launch containerized web applications and APIs with minimal configuration. Every Express Mode service is assigned an AWS‑provided domain and supports public or private HTTPS, autoscaling, and ALB-based traffic distribution. The feature can consolidate up to 25 Express Mode services behind a single Application Load Balancer while preserving isolation through intelligent rule-based routing. All provisioned resources remain in your AWS account and are fully accessible; Express Mode is available now in all AWS Regions at no additional service charge — you pay only for the underlying AWS resources used.