All news with #aws tag

GitHub Copilot Chat prompt injection exposed secrets

🔐 GitHub Copilot Chat was tricked into leaking secrets from private repositories through hidden comments in pull requests, researchers found. Legit Security researcher Omer Mayraz reported a combined CSP bypass and remote prompt injection that used image rendering to exfiltrate AWS keys. GitHub mitigated the issue in August by disabling image rendering in Copilot Chat, but the case underscores risks when AI assistants access external tools and repository content.

Configure and Verify ACM Certificates with Trust Stores

🔐 This post explains how to configure customer trust stores to accept public certificates issued through AWS Certificate Manager (ACM) and clarifies the role of Amazon Trust Services. It warns that ACM issues certificates via dynamically selected intermediates, so trusting only intermediates or pinning end-entity certificates can cause outages. The recommended action is to install five Amazon root CAs in your trust stores and to validate configuration across Windows, Amazon Linux, and Java environments.

Amazon Cognito: Managed vs. Custom Login UI Options

🔒 This post contrasts Amazon Cognito's two primary UI approaches—managed login and a fully custom UI—and outlines feature, security, and operational trade-offs to guide architects and developers. Managed login (offered as a modern branding editor or the Hosted UI classic) offloads hosting, scaling, and maintenance while providing OAuth2 flows, federation with social and OIDC/SAML providers, passwordless options, and CloudTrail action logging. A custom UI gives full control over UX, session management, localization, and supports custom authentication flows via Lambda triggers, but requires development, hosting, and operational responsibility under the AWS Shared Responsibility Model.

Crimson Collective Targets AWS Cloud Instances for Theft

🔒 Researchers report the 'Crimson Collective' has been targeting long-term AWS credentials and IAM accounts to steal data and extort companies. Using open-source tools like TruffleHog, the attackers locate exposed AWS keys, create new IAM users and access keys, then escalate privileges by attaching AdministratorAccess. They snapshot RDS and EBS volumes, export data to S3, and send extortion notices via AWS SES. Rapid7 urges organisations to audit keys, enforce least privilege, and scan for exposed secrets.

Amazon EC2 I7ie Instances Now in AWS São Paulo Region

⚙️ AWS has made Amazon EC2 I7ie instances available in the South America (São Paulo) region. Designed for high-density, storage-optimized workloads, I7ie uses 5th Gen Intel Xeon processors and 3rd-generation AWS Nitro SSDs, offering up to 120 TB of local NVMe and up to twice the vCPUs and memory of the prior generation. AWS reports up to 40% better compute, up to 65% better storage performance, and lower I/O latency and variability versus I3en, with up to 100 Gbps network and 60 Gbps EBS throughput.

AWS launches general-purpose Amazon EC2 M8a instances

🚀 AWS announced general availability of the new Amazon EC2 M8a general-purpose instances powered by 5th Gen AMD EPYC processors (Turin), with a maximum frequency of 4.5 GHz and up to 30% higher performance over M7a. M8a instances deliver 45% more memory bandwidth and notable benchmark improvements—60% faster on GroovyJVM and up to 39% faster on Cassandra. They are SAP-certified, come in 12 sizes including two bare-metal options, and are available in US East (Ohio), US West (Oregon), and Europe (Spain). Customers can purchase M8a via On-Demand, Spot, and Savings Plans.

AWS Launches General Purpose EC2 M8a Instances with AMD EPYC

🚀 AWS announced general availability of new Amazon EC2 M8a instances powered by 5th Gen AMD EPYC (Turin) processors with up to 4.5 GHz. M8a offers up to 30% higher performance, up to 19% better price-performance, and 45% more memory bandwidth vs M7a, with strong gains on JVM and Cassandra benchmarks. The family includes 12 sizes (two bare-metal), is SAP-certified, built on the AWS Nitro System, and is initially available in US East (Ohio), US West (Oregon) and Europe (Spain).

Amazon EC2 M8gd Instances Expand to Additional Regions

🚀 Amazon EC2 M8gd instances with up to 11.4 TB of local NVMe SSD storage are now available in Europe (London), Asia Pacific (Sydney, Malaysia), and Canada (Central). Powered by AWS Graviton4, they deliver up to 30% better compute performance than Graviton3-based instances, up to 40% higher I/O performance for databases, and up to 20% faster real-time analytics queries. Instances come in 12 sizes, offer up to 50 Gbps networking and 40 Gbps EBS bandwidth, support EFA on large sizes, and allow ±25% adjustment of network and EBS bandwidth via EC2 instance bandwidth weighting.

Amazon EC2 R8gd Instances Expand to Additional Regions

🚀 Amazon EC2 R8gd instances are now available in Europe (Ireland), Asia Pacific (Sydney, Malaysia), South America (São Paulo), and Canada (Central). Powered by AWS Graviton4, they deliver up to 30% better compute performance than Graviton3-based instances and include up to 11.4 TB of local NVMe SSD for low-latency storage. Instances offer up to 50 Gbps networking, EFA on larger sizes, and adjustable network/EBS bandwidth weighting to better optimize workloads.

Amazon Q Developer Gains Service Pricing and Estimates

🔍 Amazon Q Developer now offers integrated pricing and cost estimation, enabling developers and architects to query product attributes, regional availability, and service pricing in natural language. The assistant retrieves data from the AWS Price List APIs to provide workload cost estimates and side-by-side comparisons, so teams can evaluate cost/performance tradeoffs without manually consulting multiple pricing pages. Access the feature via the Amazon Q chat panel in the AWS Management Console.

Amazon EC2 C8gd Instances: Up to 11.4 TB NVMe in Regions

⚡ Amazon EC2 C8gd instances with up to 11.4 TB of local NVMe SSD are now available in Europe (Ireland) and Asia Pacific (Sydney, Malaysia). Powered by AWS Graviton4 processors, they deliver up to 30% better performance than Graviton3 and accelerate I/O-intensive database and real-time analytics workloads. Built on the AWS Nitro System, C8gd offers 12 sizes, up to 50 Gbps network and up to 40 Gbps EBS bandwidth, with configurable bandwidth weighting (+25%) and EFA on select large sizes.

Amazon Location Service Updates Vietnam Boundaries

🗺️ Amazon Location Service updated Vietnam mapping data to reflect the nationwide administrative reorganization that took effect on July 1, 2025. The refresh consolidates provincial-level units from 63 to 34 (28 provinces and 6 centrally managed cities) and reduces commune-level units from 10,310 to 3,321 while preserving street-level address accuracy. Place names and administrative components in POI records were updated, and the revised data is automatically available to customers querying Vietnam addresses. The update supports logistics, e-commerce, and public-service use cases such as delivery zone planning, service-area management, and address validation.

Amazon EC2 C7gd Instances Now in Europe (Zurich) Region

🚀 Amazon EC2 C7gd instances are now available in the Europe (Zurich) Region, offering up to 3.8 TB of local NVMe SSD block storage and DDR5 memory on the AWS Nitro System. These Graviton3-based instances deliver up to 45% improved real-time NVMe storage performance versus comparable Graviton2 instances and use up to 60% less energy for equivalent performance. They suit workloads needing high-speed, low-latency temporary storage such as scratch space, caches, and temp files, and AWS provides migration tools like the Graviton Fast Start program and Porting Advisor.

VPC Lattice Enables Configurable IPs for Resource Gateways

🔧 Amazon Web Services announced that Amazon VPC Lattice now lets you configure the number of IPv4 addresses assigned to resource gateway ENIs. The selected IPv4 count is immutable after creation and directly affects network address translation capacity and the maximum concurrent IPv4 connections to backend resources. By default VPC Lattice assigns 16 IPv4 addresses per ENI; for IPv6 it always assigns a /80 CIDR per ENI. This capability is available at no additional cost in all Regions where VPC Lattice is offered.

Amazon DocumentDB Expands to New Asia Pacific and Mexico

🚀 Amazon DocumentDB (with MongoDB compatibility) is now available in AWS Asia Pacific (Osaka), Asia Pacific (Thailand), Asia Pacific (Malaysia) and Mexico (Central). The fully managed, native JSON document database supports mission‑critical MongoDB workloads and can scale to millions of requests per second with up to 15 low‑latency read replicas and automatic storage up to 128 TiB. With Serverless, capacity scales automatically in fine increments and AWS cites up to 90% cost savings versus peak provisioning. Amazon DocumentDB also integrates with AWS DMS, CloudWatch, CloudTrail, Lambda and AWS Backup, and clusters can be created via the Console, CLI or SDK.

Amazon RDS for Db2 Adds Native Database-Level Backups

💾 Amazon RDS for Db2 now supports native database-level backups that let customers back up individual databases within a multi-database instance. This enables selective migration of specific databases to other RDS instances or on-premises environments, and lets teams create isolated copies for development, testing, or compliance. By targeting single databases rather than full instance snapshots, customers can reduce storage costs and streamline operations. The feature is available in all Regions where Amazon RDS for Db2 is offered; see the service documentation and pricing pages for configuration and cost details.

AWS Releases Whitepaper: Security Overview of EKS Auto Mode

🛡️ AWS has published a new whitepaper titled Security Overview of Amazon EKS Auto Mode that explains the service’s architecture, core security principles, and built-in protections. The guidance highlights a new approach to node management that leverages Amazon EC2 managed instances to let customers delegate operational control to AWS. Intended for cloud architects, security professionals, and Kubernetes practitioners, the document helps teams understand how EKS Auto Mode reduces infrastructure complexity while maintaining secure operations.

AWS Marketplace Adds Japan Consumption Tax Support for CPPOs

🧾 Starting today, AWS Marketplace expands Japan consumption tax (JCT) support to Channel Partner Private Offers (CPPOs), improving tax handling for Japan ISVs and Channel Partners. AWS Japan will collect the 10% JCT on the first leg between ISVs and Channel Partners, issue a tax qualified invoice (TQI) to Channel Partners, and disburse the JCT to ISVs. AWS Japan will continue to collect the 10% JCT and issue a TQI on the second leg to buyers, unifying compliance for transactions via the AWS Japan Marketplace Operator.

AWS Marketplace Adds EUR, GBP, AUD, JPY for Private Offers

🌍 AWS Marketplace now supports usage-based private offers priced in four additional local currencies—EUR, GBP, AUD, and JPY. Sellers and Channel Partners can create private offers and receive disbursements in the offer currency for consumption-based and contract pricing, simplifying cash flow and reducing foreign-exchange exposure. For Channel Partner Private Offers, the seller, partner, and buyer must transact in the same currency; public offers remain in USD only.

Amazon EC2 Im4gn Instances Now in Asia Pacific (Mumbai)

🚀 Amazon Web Services has launched EC2 Im4gn instances in the Asia Pacific (Mumbai) region. Built on the AWS Nitro System and powered by AWS Graviton2 processors, Im4gn provides up to 30 TB of 2nd Generation Nitro SSD instance storage and up to 100 Gbps networking. These instances are optimized for I/O-intensive workloads—relational and NoSQL databases, search engines, and data analytics—and support Elastic Fabric Adapter (EFA) for high inter-node communication. Users can provision Im4gn via the AWS Management Console, AWS CLI, or AWS SDKs.