All news with #aws tag

SageMaker Studio: Long‑Running Sessions with Corporate IDs

⏳ Amazon SageMaker Unified Studio now supports long-running background sessions using corporate identities via AWS IAM Identity Center's trusted identity propagation (TIP). Users can launch interactive notebooks and data processing on SageMaker, Amazon EMR, and AWS Glue that persist when they log off or experience network or credential interruptions. Sessions retain corporate permissions and can run up to 90 days (default 7 days), reducing the need for continuous monitoring and improving productivity for multi-hour or multi-day workloads.

AWS EC2 High Memory U7i Instances Expand Regions and Sizes

🚀 Amazon Web Services has expanded availability of its EC2 High Memory U7i instances: the u7in-16tb.224xlarge (16TiB) is now in AWS Europe (Ireland); u7i-12tb.224xlarge (12TiB) is available in Asia Pacific (Hyderabad); and u7i-8tb.112xlarge (8TiB) is available in Asia Pacific (Mumbai) and AWS GovCloud (US-West). Powered by custom 4th-gen Intel Xeon Scalable processors (Sapphire Rapids) and DDR5 memory, these instances provide high vCPU counts (up to 896), ENA Express support, up to 100Gbps EBS performance and up to 200Gbps networking on the 16TiB size, making them suited for mission-critical in-memory databases like SAP HANA, Oracle, and SQL Server.

AWS Step Functions Adds Local TestState API for Workflows

🔧 AWS Step Functions' TestState API now supports local unit testing of complete workflows, including advanced constructs like Map and Parallel states, without deploying state machines to AWS. Developers can mock AWS service integrations and opt into API contract validation so mocked responses align with actual service outputs, improving test fidelity. TestState calls integrate with frameworks such as Jest and pytest and can be used in CI/CD pipelines; the feature is available via the AWS SDK and CLI in all Regions where Step Functions is offered.

Amazon CloudFront Adds TLS 1.3 Support for Origins

🔒 Amazon CloudFront now supports TLS 1.3 for connections to origins, automatically enabled across custom origins, Amazon S3, and Application Load Balancers with no configuration changes required. The upgrade provides stronger encryption and reduced handshake latency, delivering up to 30% faster connection establishment when an origin supports TLS 1.3. CloudFront will negotiate TLS 1.3 where supported while maintaining backward compatibility with older TLS versions. This support is available at no additional charge in all CloudFront edge locations and benefits sensitive workloads such as financial services, healthcare, and e-commerce.

Amazon S3 Adds Attribute-Based Access Control (ABAC)

🏷️ Amazon S3 now supports attribute-based access control (ABAC) for general purpose buckets, allowing organizations to use bucket tags to automatically manage permissions. Instead of constantly editing IAM or bucket policies, administrators can create policies that reference bucket tags and grant access by adding or modifying tags. Enable ABAC with the S3 PutBucketAbac API and manage tags via TagResource/UntagResource; you can also require tags at bucket creation to enforce standards. The feature is available in all AWS Regions at no additional cost via the Console, REST API, CLI, SDK, and CloudFormation.

Amazon SageMaker Studio Integrates EMR on EKS with SSO

🔒 Amazon SageMaker Unified Studio now supports EMR on EKS as a compute option for interactive Apache Spark sessions, bringing containerized, large-scale distributed compute with automatic scaling and cost optimizations directly into the Studio environment. The feature adds trusted identity propagation through AWS Identity Center, enabling single sign-on and end-to-end data access traceability for interactive analytics. Data practitioners can use corporate credentials to access Glue Data Catalog resources from SageMaker JupyterLab while administrators retain fine-grained access controls and audit trails. This capability is available in all existing SageMaker Unified Studio regions.

AWS PCS Adds Slurm REST API for Programmatic Job Control

🔁 The AWS Parallel Computing Service (AWS PCS) now supports the Slurm REST API, enabling programmatic job submission, resource management, and cluster monitoring over HTTP. This removes reliance on CLI-only workflows and lets teams integrate HPC operations into web portals, CI/CD pipelines, and data processing frameworks. The feature is available in all AWS Regions with AWS PCS and has no additional charge.

AWS introduces aws login for secure developer access

🔐 The new aws login CLI command lets developers obtain temporary programmatic credentials using the same sign-in method as the AWS Management Console, eliminating the need to create and manage long-term access keys. The command opens a browser-based OAuth2 flow and supports root/IAM user sign-in as well as federated identity providers. Issued credentials auto-rotate every 15 minutes and remain valid up to the IAM session duration (maximum 12 hours). Aws login integrates with profiles, remote development workflows, AWS SDKs, AWS Tools for PowerShell, and legacy SDKs via credential_process.

AWS Designated Critical Third-Party Provider under DORA

🔐 Amazon Web Services has been designated a critical third-party provider (CTPP) by the European Supervisory Authorities under the EU’s DORA regulation, which took effect in January 2025. The designation establishes a formal oversight relationship between AWS and the ESAs and signals heightened regulatory engagement for financial services customers operating in the EU. AWS says it will continue investing in compliance, operational resilience, risk management, and transparency, and will support customers with documentation, whitepapers, and a dedicated security and compliance team to help meet DORA obligations.

Amazon Connect: Conversational Analytics for Self-Service

🔍 Amazon Connect now provides conversational analytics for end-customer self-service across voice and digital channels, including PSTN/telephony, in-app and web calling, chat, SMS, WhatsApp Business, and Apple Messages for Business. The capability analyzes sentiment, redacts sensitive data, surfaces top contact drivers and themes, flags compliance risks, and supports semantic matching rules to categorize interactions. Administrators can use easy-to-customize dashboards to proactively identify areas for improvement and align automated flows with customer needs.

AWS Network Firewall — Managed Rule Groups from Marketplace

🔒 AWS Network Firewall now supports managed rule groups from AWS Marketplace partners, enabling customers to deploy partner-curated threat intelligence directly from the console. These managed rules are continuously updated by vendors and integrate with existing firewall architectures without routing changes. They reduce operational overhead across multiple VPCs and help maintain compliance and security posture. Customers should evaluate partner offerings against their requirements.

Amazon Bedrock Expands Availability to New Regions

🚀 Amazon Bedrock is now available in Africa (Cape Town), Canada West (Calgary), Mexico (Central), and Middle East (Bahrain). The managed service provides access to multiple foundation models and tools to build, deploy, and operate secure, scalable generative AI applications and agents. Customers in these Regions can expect lower latency, improved regional data options, and an easier path from experimentation to production.

Amazon Bedrock Expands Availability to Four New Regions

🚀 Beginning today, Amazon has made Amazon Bedrock available in Africa (Cape Town), Canada West (Calgary), Mexico (Central), and Middle East (Bahrain). The managed service provides secure access to a variety of foundation models and tools for building and operating generative AI applications and agents. With regional endpoints, customers can reduce latency and address data residency and compliance needs. To get started, customers can consult the Bedrock documentation and regional resources.

Check Point Launches Managed Rules for AWS Network Firewall

🔒 Check Point and AWS have introduced Check Point Managed Rules for AWS Network Firewall to simplify scaling network security across complex cloud environments. The service provides centrally managed, preconfigured rule sets that reduce the time and effort required to deploy and maintain firewalls across multiple VPCs and subnets. By automating updates and delivering threat-informed rules, the offering aims to lower operational overhead, accelerate response to new attack vectors, and free scarce IT resources for higher-value tasks.

Amazon Connect: Configure Ring Time for Outbound Campaigns

📞 Amazon Connect outbound campaigns now let campaign managers set ring duration from 15 to 60 seconds before a call is marked no answer and the dialer moves on. Each contact logs ring start and end timestamps for detailed, per-call reporting and traceability. The change enables tuning dialing behavior to audience patterns to improve contact rates and agent productivity. The feature is available in multiple AWS regions and follows the platform’s pay-as-you-go billing model.

Amazon: Nation-State Cyber-Enabled Kinetic Targeting

🔎 Amazon Threat Intelligence reports a rising trend in which nation-state actors use cyber operations to collect real-time intelligence that directly supports physical attacks. The team calls this behavior cyber-enabled kinetic targeting, documenting campaigns that compromised AIS platforms, CCTV feeds, and enterprise systems. Amazon highlights multi-source telemetry and partner collaboration, urging defenders to expand threat models to address digital activities that enable kinetic outcomes.

AWS IAM Adds Outbound Identity Federation with JWTs

🔐 AWS Identity and Access Management (IAM) now supports outbound identity federation, enabling customers to exchange AWS credentials for short‑lived, cryptographically signed JSON Web Tokens (JWTs) to authenticate workloads with third‑party clouds, SaaS providers, and self‑hosted applications. Tokens include workload context so external services can enforce fine‑grained access control. Administrators can restrict who can generate tokens and configure token properties such as lifetime, audience, and signing algorithm via IAM policies, and audit issuance and usage through CloudTrail. The capability is available in all AWS commercial Regions, AWS GovCloud (US) Regions, and China Regions.

Amazon OpenSearch Serverless: Console Backup & Restore

🗄️ Amazon OpenSearch Serverless now supports backup and restore via the AWS Management Console, giving administrators a graphical option to manage snapshots. The service automatically creates backups for all collections and indexes every hour and retains them for 14 days; this behavior is enabled by default and requires no configuration. Restores can be initiated from either the Console or the API, simplifying recovery and operational workflows for serverless search deployments.

AWS Channel Partner Billing Transfer for Reselling Services

🧾 AWS Channel Partners in the Solution Provider and Distribution programs can now resell AWS services using Billing Transfer. This capability allows partners to assume financial responsibility for customer AWS Organizations while customers retain full control of their management accounts. Partners centrally manage billing and payments, receive eligible program benefits on partner-delivered bills, and can use new Partner Central APIs for channel reporting and incentive qualification.

AWS Get Invoice PDF API Generally Available in US East

📄 AWS has made the Get Invoice PDF API generally available, enabling customers to programmatically download invoice PDF artifacts via SDK or API calls. Callers submit an AWS Invoice ID and receive pre-signed Amazon S3 URLs for immediate download of invoice and supplemental PDF documents. For bulk retrieval, customers can call List Invoice Summaries to obtain Invoice IDs for a billing period and then invoke Get Invoice PDF for each artifact. The API is deployed in US East (N. Virginia) and is accessible to customers in commercial regions except China.