All news with #aws tag

Amazon QuickSight Adds Advanced Dashboard Theme Controls

🎨 Amazon QuickSight now provides expanded dashboard theming to help organizations maintain consistent brand identity across analytics dashboards and embedded experiences. Authors can customize interactive sheet backgrounds with gradients and angles, implement sophisticated card styling with configurable borders and opacity, and control typography for titles and subtitles at the theme level. These theme-level controls help ensure visual consistency across departments and enable embedded dashboards to match host application styling so analytics appear native. The enhancements address enterprise needs for professional, brand-aligned presentation and are available in all supported QuickSight regions.

Amazon CloudFront Adds CBOR Web Tokens and CAT Support

🔐 Amazon CloudFront now supports CWT (CBOR Web Tokens) and CAT (Common Access Tokens), providing a compact, binary alternative to JWTs using CBOR and protected with COSE. Developers can validate, generate, and refresh tokens directly in CloudFront Functions with sub-millisecond execution and seamless integration with the CloudFront Functions KeyValueStore for secure key management. CAT extends CWT with fine-grained access controls such as URL patterns, IP restrictions, and HTTP method limits, enabling edge-enforced authorization without additional charge.

Aurora DSQL Adds Statement-Level DPU Cost Estimates

🔍 Amazon Aurora DSQL now surfaces statement-level cost estimates directly in query plans, providing developers immediate visibility into resource use per SQL statement. The EXPLAIN ANALYZE VERBOSE output is extended to append per-category (compute, read, write, and multi-Region write) and total estimated Distributed Processing Unit (DPU) usage. This enhancement offers fine-grained, real-time cost insight that complements CloudWatch metrics, enabling faster identification of cost drivers and more effective query tuning. The feature is available in all Regions where Aurora DSQL is supported.

EC2 Auto Scaling adds instance lifecycle retention policy

🛡️ EC2 Auto Scaling introduces an instance lifecycle policy that lets you retain instances when lifecycle hooks fail or time out, enabling manual intervention for graceful shutdowns. Previously, the default continue or abandon outcomes both resulted in instance termination after a timeout; the new policy adds configurable retention triggers to keep instances in a retained state. This is particularly helpful for stateful applications that need to save local data, close database connections, deregister from discovery, or remove sensitive credentials before termination. The feature is available in US East (N. Virginia), US West (Oregon), Europe (Ireland), and Asia Pacific (Singapore).

AWS Site-to-Site VPN Partners with eero for Remote Sites

🔒 AWS Site-to-Site VPN is partnering with eero to simplify secure connectivity from remote sites to AWS. Using eero Wi‑Fi access points and gateway appliances, customers can automatically establish VPN tunnels to AWS in a few clicks. The integration is intended to accelerate scaling across hundreds of locations and reduce the need for onsite networking expertise. Available in the US geography.

AWS Expands R8i and R8i-flex Instances to Three Regions

⚡ Amazon EC2 R8i and R8i-flex instances are now available in Asia Pacific (Sydney), Canada (Central), and US West (N. California). Powered by AWS-exclusive custom Intel Xeon 6 processors, they offer up to 15% better price-performance and 2.5× the memory bandwidth versus prior Intel-based instances, and about 20% higher performance than R7i. R8i-flex provides common memory-optimized sizes from large to 16xlarge for workloads that underutilize CPU; R8i includes 13 sizes, two bare-metal options and a new 96xlarge, and is SAP-certified at 142,100 aSAPS. Available via Savings Plans, On-Demand, and Spot.

Amazon Redshift Serverless Lowers Minimum to 4 RPUs

🚀 Amazon Redshift Serverless now offers a lower base capacity of 4 RPUs, reducing the prior minimum from 8 RPUs and enabling entry-level analytics at roughly $1.50 per hour. Each RPU provides 16 GB of memory, so the 4‑RPU configuration supplies up to 64 GB of memory and supports up to 32 TB of Redshift managed storage with limits such as 100 columns per table. The configuration is available in multiple Asia Pacific, European, Middle East, African and Mexico regions and is suited for both development and lightweight production workloads. You continue to pay per-second for active RPU-hours, helping lower cost for sporadic or small-scale analytics.

Amazon CloudFront Adds Three Functions Enhancements

🔧 Amazon announced three new CloudFront Functions capabilities: edge location and Regional Edge Cache (REC) metadata, raw query string retrieval, and advanced origin overrides. CloudFront Functions runs lightweight JavaScript at edge locations with sub-millisecond execution, and these additions give developers direct visibility into serving edges and expected RECs. The raw query string preserves exact viewer input for precise parsing and compliance, while advanced origin overrides let teams customize SSL/TLS handshake behavior, including SNI, to support multi-tenant and complex backend configurations.

AWS CloudTrail Insights Adds Data-Event Anomaly Detection

🔍 AWS CloudTrail Insights now analyzes data events as well as management events, automatically detecting anomalies in data access patterns such as unexpected surges in S3 delete calls or increased Lambda error rates. When unusual activity is found, CloudTrail generates an Insights event that includes the relevant data events and can trigger alerts for rapid investigation. The capability is available in all regions where CloudTrail is offered; additional charges apply for data-event Insights.

Amazon Braket Adds AQT IBEX Q1 Trapped-Ion QPU in Europe

🔬 Amazon Braket now offers access to IBEX Q1, a 12-qubit trapped-ion QPU from Alpine Quantum Technologies (AQT) featuring full all-to-all connectivity that eliminates the need for intermediate SWAP gates. The device is available on-demand and via Hybrid Jobs, and customers can reserve dedicated capacity through Braket Direct with hourly pricing and no upfront commitments. IBEX Q1 runs in the Europe (Stockholm) Region with launch access Tuesdays and Wednesdays 09:00–16:00 UTC. Accredited researchers may apply for AWS Cloud Credits for Research to support experiments.

Amazon EC2 Adds AMI Ancestry for Complete Lineage Visibility

🔍 Amazon EC2 now publishes AMI ancestry, enabling you to trace an AMI’s full lineage from its immediate parent back to the root across regions. This built‑in visibility replaces manual tagging and cross‑region record‑keeping, simplifying compliance audits and incident response. AMI ancestry is accessible via the AWS CLI, SDKs, and Console at no additional cost. It helps quickly identify all derived AMIs when a vulnerability is discovered in an ancestor, improving remediation speed and reducing operational risk.

Amazon SageMaker Studio Integrates EMR on EKS with SSO

🔒 Amazon SageMaker Unified Studio now supports EMR on EKS as a compute option for interactive Apache Spark sessions, bringing containerized, large-scale distributed compute with automatic scaling and cost optimizations directly into the Studio environment. The feature adds trusted identity propagation through AWS Identity Center, enabling single sign-on and end-to-end data access traceability for interactive analytics. Data practitioners can use corporate credentials to access Glue Data Catalog resources from SageMaker JupyterLab while administrators retain fine-grained access controls and audit trails. This capability is available in all existing SageMaker Unified Studio regions.

CloudWatch Application Map Adds Un‑instrumented Discovery

🔍 Amazon CloudWatch Application Map now detects and visualizes services that are not instrumented with Application Signals, providing out-of-the-box observability coverage across distributed environments. It also offers cross-account, unified views and retains a history of recent changes so teams can correlate configuration modifications with performance shifts. These enhancements aim to reduce MTTR and are available at no additional cost in most AWS commercial regions.

AWS Step Functions Adds Local TestState API for Workflows

🔧 AWS Step Functions' TestState API now supports local unit testing of complete workflows, including advanced constructs like Map and Parallel states, without deploying state machines to AWS. Developers can mock AWS service integrations and opt into API contract validation so mocked responses align with actual service outputs, improving test fidelity. TestState calls integrate with frameworks such as Jest and pytest and can be used in CI/CD pipelines; the feature is available via the AWS SDK and CLI in all Regions where Step Functions is offered.

EC2 Auto Scaling adds ReplaceRootVolume for live root swaps

🔁 Amazon EC2 Auto Scaling introduces the ReplaceRootVolume strategy for instance refresh, allowing replacement of an instance's root Amazon EBS volume without stopping or terminating the instance. The feature preserves attachments and metadata (network interfaces, elastic IPs) and reduces operational complexity for OS-level updates, patching, and recovery from corrupted root volumes. It is particularly valuable for specialized instance types such as Mac and GPU instances and for stateful applications where data and attachments must be preserved. ReplaceRootVolume is available in select regions at no additional cost beyond standard EC2 and EBS usage.

AWS Site-to-Site VPN Adds BGP Logging for Tunnels Now

🔍 AWS Site-to-Site VPN now publishes Border Gateway Protocol (BGP) logs from VPN tunnels to Amazon CloudWatch, providing deeper visibility into routing and session behavior. Previously, customers only had access to IKE/IPSec tunnel activity logs; the new BGP logs show session status, transitions, routing updates, and detailed error states. With both tunnel and BGP logs in CloudWatch, teams can correlate events, speed troubleshooting, and identify configuration mismatches between AWS endpoints and customer gateways across commercial Regions and AWS GovCloud (US).

SageMaker Studio: Long‑Running Sessions with Corporate IDs

⏳ Amazon SageMaker Unified Studio now supports long-running background sessions using corporate identities via AWS IAM Identity Center's trusted identity propagation (TIP). Users can launch interactive notebooks and data processing on SageMaker, Amazon EMR, and AWS Glue that persist when they log off or experience network or credential interruptions. Sessions retain corporate permissions and can run up to 90 days (default 7 days), reducing the need for continuous monitoring and improving productivity for multi-hour or multi-day workloads.

Amazon CloudFront Adds TLS 1.3 Support for Origins

🔒 Amazon CloudFront now supports TLS 1.3 for connections to origins, automatically enabled across custom origins, Amazon S3, and Application Load Balancers with no configuration changes required. The upgrade provides stronger encryption and reduced handshake latency, delivering up to 30% faster connection establishment when an origin supports TLS 1.3. CloudFront will negotiate TLS 1.3 where supported while maintaining backward compatibility with older TLS versions. This support is available at no additional charge in all CloudFront edge locations and benefits sensitive workloads such as financial services, healthcare, and e-commerce.

AWS India Adds UPI AutoPay for New Account Sign‑Up

🔔 AWS now lets customers in India sign up using UPI AutoPay as the default payment method, replacing the prior card-only requirement. Users add and verify a UPI ID in the AWS console, confirm their billing address, and approve an authorization request in their UPI app to enable recurring payments up to INR 15,000. After verification, future invoices up to that limit are charged automatically from the next billing cycle, reducing manual payment steps and the risk of missed payments.

Amazon S3 Adds Attribute-Based Access Control (ABAC)

🏷️ Amazon S3 now supports attribute-based access control (ABAC) for general purpose buckets, allowing organizations to use bucket tags to automatically manage permissions. Instead of constantly editing IAM or bucket policies, administrators can create policies that reference bucket tags and grant access by adding or modifying tags. Enable ABAC with the S3 PutBucketAbac API and manage tags via TagResource/UntagResource; you can also require tags at bucket creation to enforce standards. The feature is available in all AWS Regions at no additional cost via the Console, REST API, CLI, SDK, and CloudFormation.