All news with #aws tag

AWS launches regional service discovery in Builder Center

🔍 AWS announced AWS Capabilities by Region in Builder Center, a web-based tool to discover and compare service availability, features, APIs, and CloudFormation resources across AWS Regions. The interactive interface lets users explore Regions, run side-by-side comparisons, and view forward-looking roadmap details to support global deployment planning. AWS also enhanced the Knowledge MCP Server to expose regional capability data in an LLM-compatible format, enabling MCP clients and agentic frameworks to obtain real-time availability insights and suggested alternatives when features are unavailable.

ThreatsDay Bulletin: Cybercrime Trends and Major Incidents

🛡️ This bulletin catalogues a broad set of 2025 incidents showing cybercrime’s increasing real-world impacts. Microsoft patched three Windows GDI flaws (CVE-2025-30388, CVE-2025-53766, CVE-2025-47984) rooted in gdiplus.dll and gdi32full.dll, while Check Point warned partial fixes can leave data leaks lingering. Threat actors expanded toolsets and infrastructure — from RondoDox’s new exploits and TruffleNet’s AWS abuse to FIN7’s SSH backdoor and sophisticated phishing campaigns — and law enforcement action ranged from large fraud takedowns to prison sentences and cross-border crackdowns.

Amazon S3 Adds Tagging for S3 Tables (ABAC & Cost)

🔖Amazon S3 now supports tags on S3 Tables to enable attribute-based access control (ABAC) and cost allocation. Tags can be applied to table buckets and individual tables, letting you manage permissions for users and roles without frequent IAM or resource-policy updates. Tagging is available in all Regions where S3 Tables is offered and can be used via the Console, SDK, API, or CLI. Use tags to simplify governance and track costs.

AWS End User Messaging adds SMS Carrier Lookup feature

📲 AWS End User Messaging now offers Carrier Lookup, enabling customers to retrieve carrier-related details for a phone number — including country, number type, dialing code, and mobile network and carrier codes. By validating these attributes before sending, teams can improve SMS deliverability, reduce failed or misrouted messages, and avoid sending to incorrect destinations. The capability supports common use cases such as OTPs, account updates, reminders, and promotions, and is available in all AWS Regions where the service is offered.

Amazon CloudFront Adds Cross-Account VPC Origins Support

🔒 Amazon announced that CloudFront now supports cross-account VPC origins, enabling distributions to reach ALB, NLB, and EC2 origins inside private subnets across different AWS accounts. Customers can grant access via AWS RAM, including across Organizations and OUs, removing the need to place origins in public subnets. The capability is available in AWS Commercial Regions at no extra charge and is designed to simplify security and multi-account operations.

AWS Releases Whitepaper on European Sovereign Cloud

🔒 Amazon Web Services (AWS) published a whitepaper, Overview of the AWS European Sovereign Cloud, available in English, German, and French, outlining the planned design and objectives. The document describes a new, independent cloud for Europe supported by a €7.8 billion investment and a target launch of the first Region in the State of Brandenburg, Germany by the end of 2025. It highlights dedicated physical infrastructure, logical isolation, EU-based corporate governance, and continued access to the full AWS service portfolio while addressing data sovereignty and law enforcement processes.

CloudWatch Database Insights expands anomaly detection

🔍 Amazon CloudWatch Database Insights now detects anomalies across additional metrics in its on‑demand analysis experience. The ML-driven on‑demand reports identify anomalies in database-level and OS-level counters and surface per‑SQL anomalies for top statements, automatically comparing selected periods to learned baselines. The feature pairs intuitive visualizations with specific remediation advice to help reduce mean time to diagnosis. Enable Advanced mode for Amazon Aurora or Amazon RDS via the AWS Management Console, APIs, or CloudFormation and consult RDS and Aurora documentation for availability by region, engine, and instance class.

Amazon FSx Integrates with AWS Secrets Manager for AD

🔒 Amazon FSx now integrates with AWS Secrets Manager to store and manage Active Directory domain service account credentials for FSx for Windows File Server and FSx for NetApp ONTAP Storage Virtual Machines (SVMs). This removes the need to supply plain-text service account usernames and passwords in the console, APIs, CLI, or CloudFormation, and enables credential rotation and improved credential hygiene. The capability is available in all AWS Regions where FSx is offered.

Migrating from OPA to Amazon Verified Permissions Guide

🔁 This AWS Security Blog post by Samuel Folkes outlines a practical approach to migrating authorization from Open Policy Agent (OPA) and Rego to Amazon Verified Permissions using the Cedar policy language. It highlights key benefits: a fully managed service, reduced operational overhead, and significant performance gains. The article walks through schema design, common translation patterns (RBAC, ABAC, ReBAC), application integration changes, testing practices, and a phased deployment strategy to compare and validate behavior during migration.

Amazon GameLift Streams Adds AWS Health Lifecycle Alerts

🔔 Amazon GameLift Streams now integrates with AWS Health to deliver automated lifecycle notifications for stream groups. AWS Health will send reminders on day 45 and day 150 about upcoming restrictions at day 180, and a final reminder on day 335 before automatic expiration on day 365. Stream groups older than 180 days cannot add new applications. The feature is available in all Regions at no extra cost, and the ExpiresAt field in the GetStreamGroup API or the Stream group details page in the console shows status.

AWS Launches Memory-Optimized EC2 R8a Instances, GA

🧠 AWS has announced general availability of new Amazon EC2 R8a memory-optimized instances powered by 5th Gen AMD EPYC processors (Turin) with up to 4.5 GHz. R8a delivers up to 30% higher performance, up to 19% better price-performance and 45% more memory bandwidth versus R7a. Available in 12 sizes (including 2 bare metal) and SAP-certified, R8a targets latency-sensitive, memory-intensive workloads and supports Savings Plans, On-Demand and Spot purchasing.

AWS Marketplace Enables Local INR Transactions for India

🇮🇳 Buyers and sellers in India can now transact locally on AWS Marketplace using INR, with invoices issued in Indian Rupees and tax compliance facilitated by AWS India. India-based sellers can register to sell paid offerings, create private offers in USD or INR, and work with India-based Channel Partners. AWS India will automate WHT and GST-TCS collection and remittance to authorities, simplifying buyer compliance.

Keyspaces Multi-Region Replication: Bahrain and Hong Kong

🔁Amazon Web Services has expanded Amazon Keyspaces (for Apache Cassandra) to support Multi-Region Replication in Middle East (Bahrain) and Asia Pacific (Hong Kong). The managed capability automatically replicates tables across Regions with typically less than one second of replication lag, allowing applications to read and write the same table in multiple Regions. Customers gain lower latency, improved regional resiliency, and can replicate between these Regions and any other supported AWS Region while paying only for resources they use.

AWS CloudWatch Application Signals Adds AI Canary Debugging

🔍 CloudWatch Application Signals (Model Context Protocol / MCP Server) now ingests CloudWatch Synthetics canary data to enable AI-powered debugging of synthetic-monitoring failures. From natural-language prompts like “Why is my checkout canary failing?”, supported AI assistants (for example Amazon Q or Claude) drive diagnostics that correlate canary failures with metrics, traces, and dependencies. The system analyzes HAR files, CloudWatch Logs, S3 artifacts, and configuration to triage issues across network, authentication, performance, script, infrastructure, and dependency layers. This capability is available in all commercial AWS regions where CloudWatch Synthetics is offered; customers must have access to a compatible AI agent to use the AI-driven debugging features.

Amazon CloudFront Anycast Adds IPv6 Static IP Support

🌐 Amazon Web Services announced that CloudFront now assigns both IPv4 and IPv6 addresses for Anycast Static IP configurations. Previously limited to IPv4, the change enables dual‑stack deployments so customers can meet IPv6 compliance and reach IPv6‑only end users. IPv6 addresses are available from all edge locations except the AWS China (Beijing) and AWS China (Ningxia) regions operated by partner carriers. Customers should review the CloudFront Developer Guide and pricing for details.

AWS Glue Schema Registry Adds Native C# Client Support

🔧 AWS Glue Schema Registry now provides C# support in its client library, extending beyond the existing Java SDK to offer first-class integration for .NET streaming applications. C# services using Apache Kafka, Amazon MSK, Amazon Kinesis Data Streams, or Apache Flink can register, validate, and enforce schemas to keep producers and consumers aligned. The serverless registry enforces centralized schema validation at no additional charge. C# support is available in all regions where Glue Schema Registry is offered and the SDK is distributed via NuGet.

AWS Launch Wizard: SQL Server Developer Edition Deployments

🛠️ AWS Launch Wizard now provides a guided workflow to size, configure, and deploy Windows Server EC2 instances with Microsoft SQL Server Developer Edition installed from your own media. The capability simplifies provisioning cost-effective, full-featured SQL Server instances on Amazon EC2 and is aimed at developers building non-production and test database environments. It supports customers migrating non-production databases from SQL Server Enterprise and Standard Editions to reduce licensing costs while preserving feature parity, and is available in all supported commercial AWS Regions and AWS GovCloud (US) Regions.

Amazon OpenSearch Serverless Adds FIPS Endpoints in Regions

🔐 Amazon announced that Amazon OpenSearch Serverless now offers FIPS compliant endpoints for Data Plane APIs in US East (N. Virginia), US East (Ohio), Canada (Central), AWS GovCloud (US-East), and AWS GovCloud (US-West). The update brings the service into conformance with FIPS 140-3 cryptographic requirements. Customers in regulated or federal environments can use these endpoints to meet in-transit cryptography controls.

AWS Cloud WAN expands to Thailand, Taipei, New Zealand

📡 AWS Cloud WAN is now available in the AWS Asia Pacific (Thailand), AWS Asia Pacific (Taipei), and AWS Asia Pacific (New Zealand) Regions. Using a central dashboard and policy-driven model, you can connect Amazon VPCs, AWS Transit Gateways, and on-premises locations via AWS Site-to-Site VPN, AWS Direct Connect, or supported SD‑WAN products. The service automatically builds a global network using BGP and provides a consolidated view to monitor network health, security, and performance.

EC2 Auto Scaling: Warm Pools Now Support Mixed Instances

🚀 Starting today, AWS lets you add warm pools to EC2 Auto Scaling groups (ASGs) that use mixed instances policies. Warm pools maintain a set of pre-initialized EC2 instances that can rapidly serve traffic, reducing scale‑out latency for workloads with lengthy initialization tasks like large disk writes or complex scripts. The capability supports manual instance type lists and attribute-based selection, and is available via the Console, SDKs, and CLI in all public AWS Regions and AWS GovCloud (US). Combining warm pools with instance type flexibility helps ASGs scale to their maximum size quickly while improving availability across multiple instance types.