All news with #aws tag

Amazon MSK Express Brokers Add Intelligent Rebalancing

⚡ Effective today, all new Amazon MSK Provisioned clusters with Express brokers support Intelligent Rebalancing at no additional cost. The feature automates partition balancing when clusters scale up or down, maximizing capacity utilization and removing the need for manual or third-party partition management. AWS reports Intelligent Rebalancing runs up to 180× faster than Standard brokers and scales brokers without impacting client availability.

Amazon S3 Express One Zone Adds IPv6 for VPC Endpoints

🌐 Amazon now supports Internet Protocol version 6 (IPv6) addresses for S3 Express One Zone gateway VPC endpoints, enabling access over IPv6 or DualStack without additional translation infrastructure. This applies in all Regions where the storage class exists at no extra cost. You can enable IPv6 for new or existing endpoints via Console, CLI, SDK, or CloudFormation. See the S3 User Guide to get started.

AWS Control Tower adds automatic account enrollment

🔁 AWS Control Tower customers can now automatically enroll member accounts simply by moving them into an Organizational Unit (OU). When moved, Control Tower applies the destination OU's baseline configurations and controls and removes the originals from the prior OU, removing the need for manual re-registration. This streamlines provisioning by allowing accounts to be created and then placed in the correct OU using the AWS Organizations console or the CreateAccount and MoveAccount APIs. Customers on landing zone version 3.1+ can opt in by toggling the automatically enroll accounts flag or by setting RemediationTypes to Inheritance_Drift in the CreateLandingZone or UpdateLandingZone APIs.

Anthropic's Claude Sonnet 4.5 Now in AWS GovCloud (US)

🚀 Anthropic's Claude Sonnet 4.5 is now available in Amazon Bedrock within AWS GovCloud (US‑West and US‑East) via US‑GOV Cross‑Region Inference. The model emphasizes advanced instruction following, superior code generation and refactoring judgment, and is optimized for long‑horizon agents and high‑volume workloads. Bedrock adds an automatic context editor and a new external memory tool so Claude can clear stale tool-call context and store information outside the context window, improving accuracy and performance for security, financial services, and enterprise automation use cases.

Amazon Braket Adds Native CUDA-Q Support in Notebooks

🔬 Amazon Braket notebook instances now include native support for CUDA-Q, enabled by upgrading the underlying OS to Amazon Linux 2023 to deliver improved performance, security, and compatibility for quantum development and production-ready workflows. Developers can run GPU-accelerated quantum circuit simulation alongside access to QPUs from IonQ, Rigetti, and IQM within the managed notebook environment. This eliminates the need for local deployment or separate Hybrid Jobs, streamlining hybrid quantum-classical experimentation. CUDA-Q support is available in all Regions where Braket operates.

CloudWatch Agent Adds Shared Memory Utilization Metrics

📈 Amazon Web Services announced that the Amazon CloudWatch Agent can now collect shared memory utilization metrics from Linux hosts running on Amazon EC2 or in on‑premises environments. This complements existing memory metrics (free, used, cached) and captures memory used by large enterprise databases and in‑memory applications. Administrators can enable the feature in the agent configuration file to obtain accurate total memory usage for sizing and optimization. The capability is available in all commercial and AWS GovCloud (US) Regions; CloudWatch custom metrics pricing applies.

AWS Private CA Adds ML-DSA Post-Quantum Certificates

🔐 AWS Private CA now supports the post-quantum digital signature algorithm ML-DSA (NIST FIPS 204), enabling organizations to create CAs and issue certificates designed to resist quantum attacks. The feature lets you test certificate issuance, identity verification, and code signing using ML-DSA, and supports CRLs and OCSP responders. Availability spans all commercial AWS Regions, AWS GovCloud (US), and China Regions to help teams begin transitioning PKI toward post-quantum cryptography.

Amazon EC2 C7i‑flex Instances Now Available in UAE Region

🚀Amazon Web Services has launched EC2 C7i-flex instances in the Middle East (UAE), offering up to 19% better price performance versus C6i. Powered by AWS-exclusive 4th generation Intel Xeon Scalable (Sapphire Rapids) custom processors and priced about 5% below C7i, these instances cover common sizes from large through 16xlarge. They target web and application servers, caches, databases, Apache Kafka, Elasticsearch and other compute-intensive workloads that don’t fully utilize all vCPUs. For sustained heavy-CPU needs or very large configurations, customers can continue to use standard C7i instances.

Amazon SageMaker Unified Studio Adds Catalog Notifications

🔔 Amazon SageMaker Unified Studio now delivers real-time notifications for data catalog activities, including new dataset publications, metadata changes, subscription requests, comments, and access approvals. Alerts are surfaced via a bell icon on the project home page and through a notification center that shows a recent list and a full, filterable tabular view by catalog, project, and event type. The feature is available in all regions where SageMaker Unified Studio is supported.

AWS adds IPv6 for S3 Gateway and Interface VPC Endpoints

🌐 Amazon Web Services now supports IPv6 addresses for AWS PrivateLink Gateway and Interface VPC endpoints for Amazon S3. To enable IPv6 connectivity on new or existing S3 endpoints, set the IP address type to IPv6 or Dualstack; S3 will update route tables for gateway endpoints and provision ENIs with IPv6 for interface endpoints. IPv6 for S3 VPC endpoints is available in all AWS Commercial Regions and AWS GovCloud (US) Regions at no additional cost, and can be configured via the Console, CLI, SDK, or CloudFormation.

Amazon EC2 High Memory U7i Instances Now in GovCloud

🚀 Amazon Web Services has added High Memory U7i instances to AWS GovCloud, offering 12TiB (u7i-12tb.224xlarge) and 16TiB (u7in-16tb.224xlarge) in GovCloud (US-West) and 24TiB (u7in-24tb.224xlarge) in GovCloud (US-East). These 7th‑generation instances use custom 4th‑generation Intel Xeon Scalable (Sapphire Rapids) processors, provide 896 vCPUs and DDR5 memory, and support ENA Express. The u7i-12tb delivers up to 100Gbps network and EBS throughput while the 16tb and 24tb variants deliver up to 200Gbps, making them well suited for mission‑critical in‑memory databases like SAP HANA, Oracle, and SQL Server.

Amazon VPC Lattice Adds Custom Domain Name Support

🌐 Amazon VPC Lattice now lets resource owners assign a custom domain name to a resource configuration, enabling layer‑4 access to databases, clusters and TLS‑based endpoints across VPCs and accounts. Owners specify a custom domain and share the resource configuration; VPC Lattice then provisions and manages a private hosted zone in the consumer VPC so consumers can resolve and access the resource using that domain. Resource owners may use AWS, customer‑owned, or third‑party domains, and consumers can exercise granular controls over which domains VPC Lattice manages. The feature is available at no additional cost in Regions where VPC Lattice resource configuration is offered.

Amazon Cognito User Pools Add AWS PrivateLink Support

🔒 Amazon Cognito user pools now support AWS PrivateLink, enabling private VPC connectivity to manage and authenticate against user pools without traversing the public internet. The enhancement covers user pool management APIs, administrative operations, and sign-in for local Cognito users, but does not support OAuth 2.0 authorization code flow (hosted UI/social logins), client credentials, or federated SAML/OIDC sign-ins via VPC endpoints. It is available in all Regions where Cognito user pools exist except AWS GovCloud (US); creating VPC endpoints will incur AWS PrivateLink charges.

AWS KMS Adds Ed25519 (EdDSA) Support for Signatures

🔐 AWS Key Management Service (KMS) now supports the Edwards-curve Digital Signature Algorithm (EdDSA) using the Ed25519 curve. You can create asymmetric KMS keys or data key pairs to sign and verify EdDSA signatures, benefiting from 128-bit security equivalent to NIST P-256, faster signing, and compact 64‑byte signatures and 32‑byte public keys. This capability is available in all AWS Regions, including GovCloud and China.

AWS Advanced .NET Data Provider Driver Now GA for RDS

🔔 The Amazon Web Services Advanced .NET Data Provider Driver is now generally available for Amazon RDS and Amazon Aurora PostgreSQL and MySQL-compatible databases. The driver reduces RDS Blue/Green switchover and database failover times to improve application availability and supports multiple authentication mechanisms including Federated Authentication, AWS Secrets Manager, and IAM token-based authentication. Built on top of Npgsql, native MySql.Data and MySqlConnector, it integrates with NHibernate and supports Entity Framework for MySQL, and is released under the Apache 2.0 license.

Why Enterprises Still Struggle with Cloud Misconfigurations

🔒 Enterprises continue to struggle with cloud misconfigurations that expose sensitive data, according to recent industry reporting and a Qualys study. The report cites a 28% breach rate tied to cloud or SaaS services over the past year and high misconfiguration rates across AWS (45%), GCP (63%) and Azure (70%). Experts blame permissive provider defaults, shadow IT and rapid business-driven deployments, and recommend controls such as MFA everywhere, private networking, encryption, least-privilege and infrastructure-as-code.

Amazon SageMaker Adds Custom Tags for Project Resources

🔖 Amazon SageMaker Unified Studio now lets administrators define custom tags that are applied to resources created by a SageMaker project. Administrators configure project profiles to supply tag key/value pairs or keys with default values that users can modify during project creation, helping enforce tagging standards and support SCPs and cost allocation. This initial release is API-only and available across all supported AWS Regions.

AWS Backup: Support for KMS Customer Managed Keys for Vaults

🔐 AWS Backup now lets you encrypt logically air-gapped vaults with your own AWS KMS customer managed keys (CMKs). This gives organizations more control over key lifecycle, access policies, and compliance posture while preserving the security benefits of logically air-gapped backups. Support covers same-account and cross-account CMKs and is available in all Regions where air-gapped vaults are supported. You can enable CMK encryption when creating vaults via the console, API, or CLI.

AWS Deadline Cloud Adds 6th–8th Gen EC2 Instances Now

🚀 Deadline Cloud now supports an expanded set of EC2 instance families — including C7i, C7a, M7i, M7a, R7a, R7i, M8a, M8i and R8i — plus additional 6th-generation types that were previously unavailable. The update broadens compute-optimized, general-purpose and memory-optimized options for visual effects and animation rendering workloads. Studios can better right-size resources for tasks ranging from compute-heavy simulations to memory-intensive scene processing, improving performance and cost-efficiency in the Regions where Deadline Cloud is offered.

AWS launches regional service discovery in Builder Center

🔍 AWS announced AWS Capabilities by Region in Builder Center, a web-based tool to discover and compare service availability, features, APIs, and CloudFormation resources across AWS Regions. The interactive interface lets users explore Regions, run side-by-side comparisons, and view forward-looking roadmap details to support global deployment planning. AWS also enhanced the Knowledge MCP Server to expose regional capability data in an LLM-compatible format, enabling MCP clients and agentic frameworks to obtain real-time availability insights and suggested alternatives when features are unavailable.