All news with #aws tag

Amazon Route 53 Resolver Adds AWS PrivateLink Support

🔒 Amazon Route 53 Resolver now supports AWS PrivateLink, allowing customers to access and manage Resolver and its associated features privately over the Amazon network rather than the public internet. This private access covers Resolver endpoints, Route 53 Resolver DNS Firewall, Resolver Query Logging, and Resolver for AWS Outposts, with create, delete, edit and list operations handled via PrivateLink. Route 53 Resolver continues to respond recursively for public records, VPC-specific DNS names, and private hosted zones and remains available by default in all VPCs. The capability can be used in regions where Resolver and its features are offered, including AWS GovCloud (US) Regions.

Amazon GameLift Streams Adds AWS Health Lifecycle Alerts

🔔 Amazon GameLift Streams is integrated with AWS Health to send automated lifecycle notifications about aging stream groups. Accounts receive reminders on days 45 and 150 warning that adding new applications will be restricted after day 180, with a final re-creation reminder on day 335 before expiration at day 365. The feature is available in all AWS Regions at no additional cost, and expiration details are visible in the console or via the GetStreamGroup ExpiresAt field.

Amazon Route 53 Resolver Adds AWS PrivateLink Support

🔒 Amazon Route 53 Resolver now supports AWS PrivateLink, enabling private management and access to Resolver and its features without traversing the public internet. Customers can use PrivateLink to reach Resolver endpoints, Route 53 Resolver DNS Firewall, Resolver Query Logging, and Resolver for AWS Outposts over the Amazon network. All operations — create, delete, edit, list — are supported via the private connection in supported regions, including AWS GovCloud.

AWS PrivateLink Adds Native Cross-Region Service Access

🚀 AWS PrivateLink now supports native cross-region connectivity for select AWS services. With this change, Interface VPC endpoints can privately access Amazon S3, Route 53, ECR and other supported services hosted in different Regions of the same AWS partition without cross-region peering or internet exposure. Endpoints present a private IP in your VPC, simplifying secure inter-region connectivity and helping meet data residency requirements. Refer to AWS PrivateLink pricing and documentation for the full list of supported services and Regions.

SAP Cloud ERP (GROW) Now Available in Frankfurt Region

🚀 SAP and AWS have expanded the SAP Cloud ERP on AWS (GROW) offering to the Europe (Frankfurt) region, delivering a full SaaS ERP solution that can be implemented in months rather than years. The service centers on SAP S/4HANA Cloud, Public edition and integrates HR, procurement, sales, finance, supply chain, and manufacturing with SAP Business AI–powered processes. Customers can leverage generative AI via Amazon Bedrock in the SAP generative AI hub and benefit from AWS Graviton processors' energy efficiency.

Amazon DynamoDB Accelerator (DAX) Adds AWS PrivateLink

🔒 Amazon DynamoDB Accelerator (DAX) now supports AWS PrivateLink, allowing cluster management APIs such as CreateCluster, DescribeClusters, and DeleteCluster to be accessed over private IP addresses inside your VPC. Data-plane operations like GetItem and Query were already handled privately within the VPC; this update moves management-plane traffic off the public regional endpoint. The feature is available in all Regions where DAX runs and incurs additional AWS PrivateLink charges.

Amazon Aurora DSQL Adds FIPS 140-3 Compliant Endpoints

🔐 Amazon Web Services announced that Aurora DSQL now supports FIPS 140-3 compliant endpoints, enabling customers to meet federal cryptography requirements when sending requests over public or VPC endpoints. The capability is available beginning Oct 31, 2025, in US East (N. Virginia), US East (Ohio), and US West (Oregon). This update lets organizations contracting with the U.S. federal government use Aurora DSQL for workloads that require a FIPS-validated cryptographic module.

Amazon Connect adds scheduling for individual agents

📅 Amazon Connect now supports scheduling of individual agents, allowing managers to create and publish schedules for specific employees and automatically merge them with existing business unit schedules. For example, when onboarding 100 new agents into a unit with published schedules for the next two months, you can schedule only the new hires and merge without regenerating or copying entire schedules. This eliminates manual workarounds, improves manager productivity, and increases operational efficiency. The capability is available in all AWS Regions where Amazon Connect agent scheduling is supported.

Large-Scale AWS Credential Abuse and SES Exploitation

🔐 Identity compromise is driving large-scale AWS abuse, with attackers leveraging stolen access keys to test accounts and weaponize Amazon SES for Business Email Compromise and invoice fraud. FortiGuard Labs attributes the reconnaissance layer to a campaign named TruffleNet that uses TruffleHog and automated AWS CLI/Boto3 requests to validate credentials and probe SES quotas. Fortinet recommends continuous monitoring, least-privilege access, MFA, and integrated detection via FortiCNAPP and related controls to detect and block these activities.

AWS Marketplace: Flexible Pricing and Deployment for Agents

🤖 AWS Marketplace now offers flexible pricing and simplified deployment for AI agents and tools, including contract-based and usage-based options for Amazon Bedrock AgentCore Runtime containers. The update also streamlines OAuth credential management via Quick Launch for API-based agents and allows supported remote MCP servers procured through Marketplace to be used as MCP targets on AgentCore Gateway. These enhancements reduce deployment complexity and give partners more pricing flexibility while improving scalability for customers.

AWS VPC IPAM Adds Automated Prefix List Resolver Support

🔁 AWS announced that Amazon VPC IP Address Manager (IPAM) can now automate prefix list updates using a prefix list resolver (PLR). Administrators can define business rules in IPAM to synchronize prefix lists with IP address ranges from VPCs, subnets, and IPAM pools, and reference those lists in route tables and security groups. This automation removes the need for manual updates and reduces operational overhead. The feature is available in all AWS Regions where IPAM is supported, including AWS China and AWS GovCloud (US).

Model Context Protocol Proxy for AWS now generally available

🔒 The Model Context Protocol (MCP) Proxy for AWS is now generally available, offering a client-side proxy that lets MCP clients connect to remote, AWS-hosted MCP servers using AWS SigV4 authentication. It supports agentic development tools such as Amazon Q Developer CLI, Kiro, Cursor, and agent frameworks like Strands Agents, and interoperates with MCP servers built on Amazon Bedrock AgentCore Gateway or Runtime. The open-source Proxy includes safety controls (read-only mode), configurable retry logic, and logging for troubleshooting, and can be installed from source, via Python package managers, or as a container to integrate with existing MCP-supported tools.

Amazon Lightsail Adds Larger Instances up to 64 vCPUs

🔹 Amazon Lightsail now offers three larger instance bundles with up to 64 vCPUs and 256 GB memory, announced in October 2025. The bundles are available with pre-configured Linux OS and application blueprints and support both IPv6-only and dual-stack networking. Blueprints include WordPress, cPanel & WHM, Plesk, Drupal, Magento, MEAN, LAMP, Node.js, Amazon Linux, Ubuntu, CentOS, Debian, AlmaLinux, and Windows. These higher-performance instances enable scaling of web and application servers, large databases, virtual desktops, batch processing, and enterprise applications, and they are available in all AWS Regions where Lightsail is offered.

Amazon RDS adds IPv6 for publicly accessible DBs in regions

🌐 Amazon RDS now extends IPv6 support to publicly accessible databases, enabling dual-stack (IPv4 and IPv6) connectivity for both RDS and Aurora publicly accessible instances. This builds on existing IPv6 support for privately accessible databases in a VPC and lets teams scale beyond IPv4 address limits and assign contiguous IP ranges to microservices. The feature is available in all AWS regions where private IPv6 RDS is offered, and can be enabled via the AWS CLI or Management Console.

Amazon WorkSpaces Adds USB Redirection for DCV on Windows

🔌 AWS announced USB redirection support for Amazon WorkSpaces using the Amazon DCV protocol, enabling users to access locally connected USB peripherals from their virtual desktops. Supported devices include credit card readers, 3D mice, and other specialized hardware. The capability is limited to WorkSpaces Personal running Windows and accessed from Windows clients; performance and compatibility may vary, so testing before allowlisting is recommended. The feature is available in all AWS Regions where WorkSpaces is offered.

TwelveLabs Pegasus 1.2 Now in Three Additional AWS Regions

🚀 Amazon expanded availability of TwelveLabs Pegasus 1.2 to US East (Ohio), US West (N. California), and Europe (Frankfurt) via Amazon Bedrock. Pegasus 1.2 is a video-first language model optimized for long-form video understanding, video-to-text generation, and temporal reasoning across visual, audio, and textual signals. The regional rollout brings the model closer to customers' data and end users, reducing latency and simplifying deployment architectures. Developers can now build enterprise-grade video intelligence applications in these regions.

Amazon S3 Access Grants Expand to Thailand and Mexico

🔒 Amazon S3 Access Grants are now available in the AWS Asia Pacific (Thailand) and AWS Mexico (Central) Regions. The feature maps corporate identities—such as Microsoft Entra ID or AWS IAM principals—to S3 datasets, enabling administrators to automate and scale dataset access. This reduces manual policy overhead and helps ensure consistent, auditable permissions. Check the AWS Region Table and product page for regional availability and details.

Amazon ECS Adds Built-in Linear and Canary Deployments

🚀 Amazon ECS now supports built-in linear and canary deployment strategies to give teams finer control over traffic shifts during container rollouts. Linear deployments shift traffic in equal percentage steps with configurable step percentage and step bake time, while canary deployments route a small portion of traffic to the new revision for a configurable canary bake time before completing the shift. Both strategies provide a post-deployment bake time, support deployment lifecycle hooks, and can use Amazon CloudWatch alarms to detect failures and trigger automated rollbacks. The feature is available in all commercial AWS Regions and is supported via Console, SDK, CLI, CloudFormation, CDK, and Terraform for services using ALB or ECS Service Connect.

EKS Split Cost Allocation Now Imports Pod Labels for Billing

🔖 Starting today, Split Cost Allocation Data for Amazon EKS can import up to 50 Kubernetes custom labels per pod as cost allocation tags. You can attribute pod-level costs in the AWS Cost and Usage Report (CUR) using labels such as cost center, application, business unit, and environment. New customers enable the feature in the AWS Billing and Cost Management console; existing customers will have labels automatically imported but must activate them as cost allocation tags. After activation labels appear in CUR within 24 hours and can be visualized via the Containers Cost Allocation dashboard in Amazon QuickSight or queried with Amazon Athena.

Amazon GameLift Servers Adds Built-in Telemetry Metrics

📊 Amazon GameLift Servers now includes built-in telemetry metrics across all server SDKs and game engine plugins, powered by OpenTelemetry, to generate, collect, and export client-side metrics for game-specific insights. The feature can be configured to collect and publish telemetry from game servers running on managed Amazon EC2 and container fleets, supporting both pre-defined and custom metrics and exporting to Amazon Managed Service for Prometheus or Amazon CloudWatch. Visualizations are available via Amazon Managed Grafana and Amazon CloudWatch dashboards to help optimize resources, improve player experience, and surface operational issues. Telemetry is available in all supported regions except AWS China; see the GameLift Servers documentation for details.