All news with #aws tag

🔁 Amazon RDS Blue/Green Deployments now supports Amazon RDS Proxy, eliminating DNS propagation delays to enable faster application recovery during switchovers. RDS Proxy actively monitors database instances during single-Region switchovers and redirects connections to the Green environment so applications begin using the new production database immediately without driver or configuration changes. This integration supports Amazon Aurora (MySQL and PostgreSQL), Amazon RDS for MySQL, PostgreSQL, and MariaDB in commercial Regions where RDS Proxy is available, and deployments can be initiated via the RDS Console or CLI.

🔍 AWS has previewed the Agent Registry in AgentCore, a private, governed catalog and discovery layer for agents, tools, skills, MCP servers, and custom resources across an organization. The registry is accessible via the AgentCore Console, APIs (AWS CLI, AWS SDK), or as an MCP server that builders can query from their IDEs, and it supports IAM and OAuth (Custom JWT) access. Teams can register resources manually or use URL-based discovery to harvest metadata from live endpoints; records pass through an approval workflow and are auditable via AWS CloudTrail. Semantic and keyword search lets developers find capabilities by describing use cases in natural language.

🔎 The AWS Marketplace Discovery API provides programmatic access to product and pricing data across the Marketplace catalog, including SaaS, AI agents and tools, AMIs, containers, and machine learning models. Buyers can embed catalog data into internal portals and procurement workflows, while sellers and channel partners can surface listings, public pricing, and private offer details within their storefronts. The API is available in US East (N. Virginia), US West (Oregon), and Europe (Ireland) and is accessed using IAM permissions via the AWS SDK.

🗜️ Amazon OpenSearch Serverless now supports Zstandard (zstd) codecs for index storage, giving customers a choice between the default LZ4 and the new zstd or zstd_no_dict modes. Zstandard can reduce index size by up to 32% compared with LZ4 and lets you tune compression levels to balance storage savings against indexing throughput and query latency. Lower compression levels (for example, level 1) deliver meaningful space savings with minimal performance impact, while higher levels (for example, level 6) maximize compression at the cost of slower indexing. The feature is available today in all Regions where OpenSearch Serverless is supported and can be configured in index settings at creation time.

🔒 AWS Private Certificate Authority now supports customer managed permissions in AWS Resource Access Manager (AWS RAM), enabling administrators to grant only the specific API operations each consuming account needs. You can choose from granular read operations (for example, DescribeCertificateAuthority, GetCertificate, GetCertificateAuthorityCertificate) and write operations (for example, IssueCertificate, RevokeCertificate). Cross-account issuers are no longer limited to a single certificate template. The feature is available in all Regions where Private CA and RAM are offered.

🔁Route 53 Resolver endpoints in AWS GovCloud (US) Regions now support DNS delegation for private hosted zone subdomains. This update enables both inbound and outbound delegation between on-premises DNS and Route 53 Resolver endpoints, simplifying namespace management across teams and environments. The capability removes the need for conditional forwarding rules and extends the earlier commercial-region support to GovCloud (US-East and US-West). Delegation incurs no extra charge beyond Resolver endpoint usage.

🔐 Unit 42 found the AgentCore starter toolkit auto-creates overly permissive IAM roles that grant wildcard access to Bedrock AgentCore and ECR resources. The default deployment enables an “Agent God Mode” scenario where a compromised agent can exfiltrate container images, retrieve other agents’ MemoryIDs, invoke code interpreters, and read or poison memories across an entire AWS account. AWS updated documentation to warn these roles are intended for development; Unit 42 recommends creating scoped, least-privilege roles and auditing ECR, memory, and invoke permissions.

🔁 Amazon IVS Real-Time Streaming now supports redundant ingest, enabling simultaneous streaming from two encoders to a single stage with automated failover. This feature protects live feeds from source encoder failures and first-mile network issues, helping maintain uninterrupted delivery to viewers. It's particularly suited for live events and continuous 24/7 streams where availability is critical. The capability is available through the IVS console and APIs in supported AWS Regions.

🔍 Amazon WorkSpaces Advisor is an AI-powered troubleshooting assistant for Amazon WorkSpaces Personal. It analyzes WorkSpace configurations, identifies problems, and provides actionable recommendations to restore service and optimize performance. Administrators can use its generative AI insights to streamline investigations, reduce downtime, and proactively maintain virtual desktop infrastructure. The feature is now available in all AWS commercial regions via the WorkSpaces console.

🚀 Amazon OpenSearch Service now supports i8ge storage-optimized instances powered by AWS Graviton4. i8ge delivers up to 60% better compute performance versus prior Graviton2-based Im4gn instances and uses third-generation AWS Nitro SSDs for up to 55% higher real-time storage throughput per TB, with substantially lower I/O latency and variability. Instances scale to 18xlarge (up to 45 TB) and offer up to 112.5 Gbps networking, and they support all OpenSearch versions plus Elasticsearch 7.9 and 7.10. Availability spans multiple US, Europe, and Asia Pacific regions; consult regional pricing and product pages for details.

🚀 Oracle Database@AWS is now generally available in five additional AWS Regions — EU-West-1 (Dublin), EU-West-2 (London), AP-South-1 (Mumbai), AP-South-2 (Hyderabad), and AP-Northeast-2 (Seoul) — expanding coverage to twelve Regions. The service enables AWS customers to access OCI-managed Oracle Exadata systems from within AWS data centers, supporting in-region data residency and migrations of on-prem Exadata and RAC workloads. Dublin, Mumbai, and Hyderabad offer two Availability Zones while London and Seoul currently provide one; CA-Central-1 and AP-Southeast-2 now support two AZs for enhanced production availability. To consume the service, request a private offer from Oracle via the AWS Marketplace and provision databases through the AWS Management Console.

🔎 Unit 42 found that Amazon's AgentCore Code Interpreter sandbox permitted recursive DNS resolution, enabling covert DNS tunneling that can exfiltrate and receive data despite advertised isolation. They also identified a regression in the microVM Metadata Service where MMDSv1 accepted unauthenticated HTTP GETs without session-token enforcement, exposing credentials and pre-signed S3 artifacts. AWS was notified and implemented mitigations including documentation updates, setting MMDSv2 as the default for new runtimes, and providing APIs to disable v1 on legacy agents.

🛡️ At AWS, decades of scaled security operations combine with new AI collaborations to proactively harden critical systems. Through Project Glasswing and Anthropic’s Claude Mythos Preview, AWS runs continuous AI-driven code reviews and provides gated research previews via Amazon Bedrock. Complementary offerings include AWS Security Agent for autonomous penetration testing and Bedrock guardrails and Automated Reasoning to enforce enterprise controls and reduce risk.

🚀 Amazon Lightsail is now available in the Asia Pacific (Malaysia) Region, bringing Lightsail's simplified cloud compute and networking to customers in Malaysia and neighboring countries. The launch offers lower latency, improved performance and helps meet local data residency requirements. Customers gain access to instances (general purpose, compute- and memory-optimized), managed databases, containers, load balancers and predictable pricing via the Lightsail Console, AWS CLI and SDKs.

⚙️ Amazon SageMaker Unified Studio now supports Serverless Workflows in Identity Center domains, allowing customers to orchestrate data-processing tasks with Apache Airflow (via Managed Workflows for Apache Airflow) without provisioning Airflow infrastructure. Serverless Workflows auto-provision compute during runs and release it afterward, so you pay only for actual run time. Each workflow runs with its own execution role and isolated worker to ensure workflow-level security and prevent cross-workflow interference. The Visual Workflow experience supports around 200 operators and built-in integrations with services such as Amazon S3, Amazon Redshift, Amazon EMR, AWS Glue, and Amazon SageMaker AI.

📁 S3 Files provides a shared, high-performance file system that lets any AWS compute resource access data directly in Amazon S3 with full file-system semantics and low-latency performance, without moving objects out of S3. Built on Amazon EFS, it maintains a live view of bucket objects and translates file operations into efficient S3 requests so applications and agents run unchanged. It caches active data for fast reads, delivers multi-terabytes-per-second aggregate throughput, and is generally available in 34 AWS Regions.

⚡ Amazon RDS for Oracle now supports M8i and R8i 8th‑generation instances powered by custom Intel Xeon 6 processors available only on AWS. These instance types deliver up to 15% better price‑performance and up to 2.5× more memory bandwidth versus prior Intel‑based generations, targeting memory‑intensive and latency‑sensitive Oracle workloads. Support is offered in a Bring Your Own License (BYOL) model for Oracle Database Enterprise Edition and Standard Edition 2, and you can modify existing RDS instances or create new ones through the RDS Management Console, AWS SDKs, or CLI.

🔬 Amazon Braket now offers access to Rigetti's Cepheus-1-108Q, the first 100+ qubit superconducting QPU available on the service. The device uses a modular 3×4 array of twelve 9‑qubit chiplets with tunable and intermodule couplers and introduces CZ gates with an adiabatic implementation to reduce phase and leakage errors. Customers can run deeper circuits for chemical simulation, combinatorial optimization, and machine learning via the Braket SDK or frameworks such as Qiskit, CUDA‑Q, and Pennylane, and researchers can use pulse‑level control. Cepheus-1-108Q is available in the US West (N. California) Region.

🌐 AWS announced IPv6 support for AWS Transfer Family SFTP connectors, AS2 connectors, and Transfer Family web apps. The change enables connectors to reach IPv6-native remote servers and trading partners while letting end users access web apps from IPv6 networks and devices. Dual-stack support lets customers communicate with both IPv4 and IPv6 systems during migration. The feature is available in most regions where Transfer Family is offered.

🔍 AWS Certificate Manager (ACM) now provides a console search bar and a new SearchCertificates API to locate certificates by domain name, certificate ARN, or validity range. Administrators managing large certificate inventories can combine parameters to quickly find certificates that are expiring soon or match specific criteria. The capability supports both ad hoc console queries and scripted automation via the API. This feature is available in Public AWS, AWS China, and AWS GovCloud regions.