< ciso
brief />
Tag Banner

All news with #aws tag

2288 articles · page 2 of 115

AWS reduces EKS Auto Mode GPU management fees

🔔 Amazon EKS Auto Mode now reduces management fees for GPU and accelerated instance types, effective July 1, 2026. G-series Auto Mode fees drop 35%, while P-series and AWS Trainium fees drop 60%, applied automatically to existing clusters. EKS Auto Mode includes accelerator-focused features like parallel image pulling and accelerator-aware node repair to speed startup and improve reliability for ML and rendering workloads. The pricing change applies in all Regions where EKS Auto Mode is available and mirrors identical reductions for ECS Managed Instances.
read more →

Amazon Cognito adds self-service provisioned limits

🔧 Amazon Cognito now lets customers increase or decrease provisioned API rate limits on demand. Previously adjustments required Service Quotas requests and manual review; the new self-service model enables immediate changes via the Amazon Cognito console or new limit provisioning API operations. Rate limit changes take effect instantly and are available for adjustable API categories in all Regions where Cognito is offered. Pricing and setup guidance are provided in the Cognito pricing page and developer guide.
read more →

SageMaker Studio adds one‑click Hugging Face integration

🔧 Amazon SageMaker Studio now offers direct, one‑click integration with Hugging Face so users can open a fully configured Studio environment with a selected model preloaded. Previously, users had to navigate console menus, configure IAM and serverless settings, and request GPU quotas; the new flow automates environment creation and permission configuration. New customers receive a Studio environment on sign‑up; verified customers gain default GPU access and visible quota information within Studio.
read more →

Declarative VPC Encryption Controls for AWS Organizations

🔐 You can now use declarative policies to enable VPC Encryption Controls in monitor or enforce mode across all VPCs in your environment. This capability lets security teams centrally define and apply consistent encryption-in-transit settings for an account, organization, or specific organizational unit. The feature provides centralized visibility into Encryption Controls status for all accounts and VPCs and is available in all AWS regions that support VPC Encryption Controls. There is no additional charge to use declarative policies in AWS Organizations.
read more →

Amazon EVS adds support for VMware Cloud Foundation 9

🆕 Amazon Elastic VMware Service (EVS) now supports VMware Cloud Foundation (VCF) 9.0 and 9.1, enabling customers to run VCF directly within their Amazon VPC on EC2 bare-metal instances. You retain full control over installation, operations, and management of the VMware virtualization stack and can continue using existing tools, processes, and skills. AWS also launched the Solutions for EVS GitHub repository with examples, templates, and infrastructure-as-code artifacts to accelerate deployments. The release is available in all regions where Amazon EVS is offered.
read more →

AWS Certificate Manager adds managed ACME endpoints

🛡️ AWS Certificate Manager (ACM) now offers a fully managed ACME server endpoint that issues public TLS certificates with 45-day validity from Amazon Trust Services, compatible with any ACMEv2 client such as Certbot, cert-manager, and acme.sh. PKI teams can create managed ACME endpoints with domain scopes, wildcard controls, and delegated issuance without sharing DNS credentials. Domain validation is performed once at the endpoint level, and issuance and renewal activities are auditable via the ACM console, AWS CloudTrail, and Amazon CloudWatch. ACME support is available in all commercial AWS Regions; see ACM pricing and documentation for details.
read more →

CloudWatch Service Events for Application Signals

🔔 AWS announced Service Events for Amazon CloudWatch Application Signals, which automatically captures exception and latency event snapshots, function-level performance data, and deployment events from instrumented services without additional code changes. Customers can view whether a deployment introduced new exceptions via CloudWatch > Application Signals > [Service] > Errors in the console. Service Events works with ADOT SDKs or the CloudWatch Observability EKS add-on and supports Java, Python, and JavaScript. Data is stored as logs and function-call metrics as OpenTelemetry metrics; standard CloudWatch pricing applies.
read more →

AWS CodePipeline now available in New Zealand Region

🚀 AWS CodePipeline is now available in Asia Pacific (New Zealand) Region (ap-southeast-6). CodePipeline is a continuous delivery service that models, visualizes, and automates release processes including build, test, and deployment. It integrates with AWS services like CodeBuild, CodeDeploy, and CloudFormation, and supports third-party tools such as GitHub. The service includes governance controls like manual approvals, IAM-based access, and artifact encryption to help enforce security and compliance.
read more →

AWS CodeBuild adds Amazon Linux 2023 host option

🔧 AWS CodeBuild now supports Amazon Linux 2023 for on-demand build hosts via a new host kernel selection setting. This managed CI service lets you choose between Amazon Linux 2 (kernel 4) and Amazon Linux 2023 (kernel 6) for new or non-production projects to validate builds while keeping production unchanged. Host kernel selection is broadly available across Regions except GovCloud (US) and China, which only offer Amazon Linux 2023.
read more →

Amazon EC2 X8i instances expand to Asia regions

🚀 Amazon EC2 X8i instances are now available in Asia Pacific (Seoul), Asia Pacific (Malaysia) and Asia Pacific (Tokyo). These instances use custom Intel Xeon 6 processors exclusive to AWS and are SAP-certified, offering up to 43% higher performance, 1.5x more memory (up to 6TB) and 3.3x more memory bandwidth versus prior X2i instances. They target memory-intensive workloads such as SAP HANA, large databases, analytics, and EDA, and come in 14 sizes including bare metal options. Purchase options include Savings Plans, On-Demand, and Spot.
read more →

AWS Config adds eight new resource types

🔔 AWS Config now supports eight additional resource types across key services including Amazon API Gateway, Amazon EC2, Amazon S3 Vectors, Network Firewall, OpenSearch Serverless, and OSIS. If you have recording enabled for all resource types, AWS Config will automatically begin tracking these new resources. The new types are also available for use in Config rules and Config aggregators, expanding discovery, assessment, audit, and remediation coverage.
read more →

ECS Service Connect adds zone-aware routing

🔁 Amazon ECS introduces zone-aware routing for ECS Service Connect to reduce cross Availability Zone (AZ) data transfer costs and latency by prioritizing intra-AZ traffic. The feature dynamically adjusts traffic weights as endpoints scale to preserve balanced load and shifts traffic to healthy AZs when local endpoints are unhealthy or constrained. Enabled by default for new and existing services, it requires a one-time redeploy for existing services and no infrastructure or code changes.
read more →

Amazon ECS adds real-time deployment observability

🚀 Amazon Elastic Container Service (Amazon ECS) now offers real-time deployment observability within the Amazon ECS Console. This update enables customers to track deployment progress, monitor health, and diagnose failures directly in the console with a live deployment timeline, circuit breaker and alarm status, and container and load-balancer health checks. Failed tasks surface with diagnostic context and deep links to related services like AWS CloudTrail. These features are available at no additional charge in all AWS commercial Regions and AWS GovCloud (US) for services using the rolling update deployment type.
read more →

AWS Artifact adds AI-driven Assurance Assistant

🔍 AWS Artifact now offers Assurance Assistant, an AI-powered feature that provides citation-backed answers to security and compliance questions about AWS services. It supports single-question mode and bulk questionnaire uploads (XLSX) including CAIQ, SIG, and custom DDQs. Responses include citations from SOC reports, ISO certifications, and C5 attestations and can be exported with or without citations. Two new IAM managed policies control access: AWSArtifactComplianceInquiriesReadOnlyAccess and AWSArtifactComplianceInquiriesFullAccess.
read more →

Secure container workloads with attribute-based rules

🛡️ AWS Network Firewall now supports container attribute-based rules for Amazon EKS and Amazon ECS, enabling firewall policies based on native container attributes (namespaces, pod names, labels, cluster names) instead of ephemeral IPs. This feature automatically discovers and tracks matching pods, dynamically updates IP-to-attribute mappings, and enriches alert logs with container context for easier troubleshooting and auditing. It integrates with Suricata-compatible rules, exports logs to CloudWatch Logs and S3, and can be configured via the AWS Console, CLI, or SDK with no additional feature charge.
read more →

AWS Marketplace co-selling integration now GA

📣 Partners can now associate existing AWS Marketplace listings directly to co-sell opportunities in AWS Partner Central. This removes the need to maintain separate co-sell-specific solutions, allowing up to 10 Marketplace Solutions and 10 Marketplace Products per opportunity, including listings from subsidiary-linked accounts. The capability is available in the AWS Console and via the AWS Partner Central Selling API, and an associated listing is required to progress an opportunity to Committed or Launched.
read more →

Amazon Bedrock AgentCore expands to four regions

🚀 Amazon Bedrock AgentCore is now available in four additional AWS Regions: Asia Pacific (Bangkok), Asia Pacific (Malaysia), Europe (Milan), and Europe (Spain). AgentCore is a platform to build, connect, and optimize agents, enabling engineers to ship agents quickly with any framework and model while enforcing security at the infrastructure layer. The launch brings runtime, identity and access control, policy management, session persistence, tool connectivity, and observability to these regions, reducing latency for local end users.
read more →

Amazon RDS cross-region automated backups expand

🔁 This update announces availability of Cross-Region Automated Backup replication for Amazon RDS in four additional AWS Regions, enabling automated backup replication between specified region pairs. The feature replicates snapshots and transaction logs to a destination Region to support point-in-time restores and near-real-time recovery. It supports multiple RDS engines and can be configured via the RDS Console, AWS SDK, or CLI. Organizations can achieve Recovery Point Objectives within minutes by using this replication.
read more →

AWS AppConfig Adds Built‑In Experimentation Tools

🧭 AWS announces general availability of experimentation tools in AWS AppConfig, enabling built-in A/B testing and multivariate experiments without separate infrastructure. The tools leverage 25+ years of Amazon experimentation practices and provide AI-driven guidance, exposure control, and locked treatment allocations to support robust, data-driven releases. Experiments can be configured via console, CLI, API, or AWS CDK and analyzed with CloudWatch or existing analytics tools before promoting winners through standard safe rollouts.
read more →

AWS Workload Credentials Provider: Role Chaining and Prefetch

🔒 This post explains how to use two enhancements to the AWS Workload Credentials Provider: role chaining for cross-account secret retrieval and prefetching to reduce cold-start latency. It covers configuration, required IAM permissions, SSRF token usage, and how to build and deploy the Rust-based provider across EC2, ECS, EKS, and Lambda. Examples show curl and Python calls, TOML configuration for max roles, and prefetch settings for individual secrets or tag-based discovery.
read more →