< ciso
brief />
Tag Banner

All news with #aws tag

2288 articles · page 3 of 115

Amazon Managed Service for Prometheus gains FedRAMP High

🛡️ Amazon Managed Service for Prometheus is now authorized for FedRAMP High and DoD CC SRG IL-4 and IL-5 in the AWS GovCloud (US) Regions. The fully managed, Prometheus-compatible monitoring service supports high-cardinality workloads with automatic scaling of ingestion and storage. It integrates with AWS security services to provide secure access to telemetry and alerting for regulated federal and public sector environments. Customers with FedRAMP High or DoD IL-4/5 requirements can adopt the service with confidence.
read more →

AWS Security Agent expands to new regions

🛡️ AWS Security Agent (now part of AWS Continuum) is available in Asia Pacific (Mumbai), Asia Pacific (Singapore), and South America (São Paulo). Customers in these regions can access STRIDE-based threat modeling (preview), full-repo and PR-level code reviews (preview) across major source platforms, managed compliance packs, and custom security requirements. New IDE plugins and MCP integration enable triggering threat modeling, code reviews, and remediation from Kiro or Claude Code, while on-demand penetration testing and retesting provide validated findings and fixes; simulated validation remains only in US East (N. Virginia).
read more →

Amazon OpenSearch launches log analytics engine

🔍 Amazon OpenSearch Service introduces a new engine optimized for log analytics that combines faster analytical queries with full-text search. The engine delivers up to 4x better price-performance on internal benchmarks, up to 70% lower storage using columnar storage, 2x higher ingestion throughput, and 2x faster analytical queries. It supports OpenSearch 3.5+, PPL and SQL queries, JDBC/ODBC drivers, and mixed full-text plus analytical predicates. The capability is available across 12 global AWS regions with no additional engine charges.
read more →

Amazon Connect adds rule-based screen redaction

🔒 Amazon Connect Customer now supports rule-based redaction for agent screen recordings, allowing administrators to define rules that redact specific applications or URLs from recorded sessions. This feature helps protect sensitive information captured during voice calls, chats, and tasks by automatically applying redaction when rule conditions are met. Rule-based redaction is available in all AWS Regions where Amazon Connect is offered and is supported on Windows operating systems. For deployment details and pricing, consult the vendor documentation and pricing pages.
read more →

CloudWatch Logs adds resource tag enrichment

🔍 Amazon CloudWatch Logs now enriches log events with AWS resource tags at ingestion, enabling filtering, searching, and analysis by metadata such as team ownership, environment, cost center, or application name without changing logging instrumentation. Tags are applied at ingestion so you can use them immediately in log queries to scope analysis and incident investigations. The feature is available in all commercial AWS Regions except UAE, Bahrain, and Israel (Tel Aviv). Enable resource tags on telemetry in Amazon CloudWatch Settings, via the AWS CLI, or SDKs; tag enrichment is provided at no extra cost.
read more →

CloudFormation and CDK Express Mode for Faster Deployments

🚀 AWS announces CloudFormation and CDK express mode, cutting deployment time by up to 4x for developers and AI agents by marking stacks complete once resource configuration is applied, rather than waiting for extended stabilization. Express mode lets propagation and long-running stabilization continue asynchronously, preserves dependency ordering and failure handling within stacks, and disables rollback by default to speed iterative fix-and-retry workflows. It requires no template changes and can be enabled via CLI, SDKs, console, or cdk deploy --express. The feature is available in all Regions where CloudFormation is supported.
read more →

CloudFormation adds pre-deployment validation by default

🔍 AWS CloudFormation now performs pre-deployment validation on Create Stack and Update Stack operations, surfacing common deployment errors in seconds before any resources are provisioned. The release extends validation previously limited to change set creation and introduces three new checks as warnings for service quota limits, AWS Config Recorder conflicts, and ECR repository deletion readiness. Validation results are viewable via the DescribeEvents API, the CloudFormation console Deployment validations tab, and in CDK outputs for automation and AI agents. Pre-deployment validation is enabled by default across supported regions (excluding China) and can be skipped per-operation with the DisableValidation parameter or CLI flag.
read more →

AWS PCS adds managed in-place Slurm upgrades

🔧 AWS Parallel Computing Service (PCS) now supports managed in-place Slurm major version upgrades for existing clusters, allowing moves up to three versions ahead without disrupting running jobs. Administrators update the cluster configuration via the Console, CLI, or UpdateCluster API and PCS upgrades the controller, accounting database, and REST API while preserving accounting data. Running jobs continue uninterrupted, queued jobs resume after completion, and compute nodes can be updated separately at administrators’ convenience. The feature is available in all Regions where PCS is offered and documentation is in the PCS User Guide.
read more →

Amazon ElastiCache T4g expands to additional regions

⚙️ Amazon ElastiCache now supports T4g node types in Africa (Cape Town), Asia Pacific (Jakarta), Asia Pacific (Osaka), AWS GovCloud (US-East), and AWS GovCloud (US-West). T4g nodes use AWS Graviton2 processors and deliver a baseline CPU performance with burst capability, suited for workloads with intermittent spikes. Users can create or modify clusters via the AWS Management Console, CLI, or API and should consult the ElastiCache pricing and user guide for details.
read more →

Amazon Neptune adds dual‑stack IPv6 support

🔷 Amazon Neptune now supports dual‑stack mode, allowing database clusters to accept connections over IPv4, IPv6, or both simultaneously. This enables organizations to adopt IPv6 while preserving compatibility with existing IPv4 deployments. Dual‑stack offers Private mode for internal, non‑internet IPv6 endpoints and Public mode for internet‑accessible IPv6 endpoints to support hybrid and internet‑facing applications. The feature is available in all AWS Regions that support Amazon Neptune.
read more →

Amazon Connect allows seven security profiles per user

🔒 Amazon Connect Customer now permits assigning up to seven security profiles per user, up from two, enabling granular, scoped permissions for agents who support multiple lines of business. This supports tag-based or hierarchy-based access controls so each profile can grant access only to resources for a specific division. The change improves flexibility to implement least-privilege access aligned with organizational structure and is available in all AWS regions where Amazon Connect is offered.
read more →

AWS adds rich RCS messaging and new pricing

📱AWS End User Messaging now supports rich media and interactive RCS messaging across all 22 supported countries through the new SendRcsMessage API. You can send rich cards, carousels, images, videos, and interactive suggestion buttons so recipients can take actions—confirm appointments, browse catalogs, complete payments, share locations, or interact with AI—without leaving their messaging app. The release supports four RCS types (text, files, rich cards, carousels) with six action types and configurable SMS/MMS fallback. AWS also introduced RCS Conversation pricing in 21 countries as a flat rate for unlimited messages within a 24-hour session.
read more →

EC2 Time Sync Adds Microsecond Accuracy to More Instances

🔧 Amazon Time Sync Service now supports microsecond accurate time on 26 additional EC2 instance types across all commercial regions. Built on the AWS Nitro System, the feature exposes nanosecond precision hardware timestamps from reference clocks in Nitro, enabling ordered event logging, one-way latency measurement, and faster distributed transactions. Customers enable this by creating a Precision Time Placement Group (PTPG) to launch instances with PHC enabled and can associate PTPGs with Cluster Placement Groups for combined low-latency and precise timing benefits.
read more →

Amazon WorkSpaces for AI agents now generally available

🖥️ Amazon WorkSpaces for agents is generally available, enabling AI agents to securely access and operate desktop applications inside managed WorkSpaces. The service lets agents interact with legacy ERP, CRM, mainframe, and proprietary tools without application modernization or custom integrations, while preserving identity controls, network isolation, and compliance boundaries. It supports any agent framework using the Model Context Protocol (MCP), and pricing is based on active session time.
read more →

EC2 Auto Scaling adds reservations‑then‑balanced AZ strategy

🔔 Amazon EC2 Auto Scaling introduces a new reservations-then-balanced Availability Zone distribution strategy that prioritizes launching instances into your capacity reservations before distributing remaining capacity across AZs. You can configure it in the AvailabilityZoneDistribution of your Auto Scaling group and target reservations by Capacity Reservation Group ARN or individual Capacity Reservation IDs. The feature is available today in all AWS commercial Regions at no extra charge beyond standard EC2 pricing for reservations, On-Demand, and Spot instances.
read more →

AWS launches self‑hosted Capability Insights

🛠️ Announcing Capability Insights, an open-source, self-hosted dashboard that deploys regional AWS capabilities data into your Amazon VPC. The solution auto-refreshes every 24 hours with data across Regions, including services, features, API operations, and CloudFormation resource types. Its Workload Analysis scans CloudTrail and CloudFormation to narrow 200+ services to the ones your account actually uses, aiding multi-Region planning while keeping all data within your VPC for compliance and data residency needs.
read more →

AWS Network Firewall Adds Container Attribute Rules

🔒 Today AWS announced container attribute-based rules for AWS Network Firewall, allowing firewall policies to reference native container constructs like Namespace, Cluster Name, Labels for Amazon EKS, and Cluster Name and Container Instance Attributes for Amazon ECS. This removes the need for fragile IP-based rules that break when pods scale or restart and supports generative AI and other dynamic workloads. The feature supports TLS decryption, FQDN and URL category filtering, and GeoIP controls, and is available at no extra cost in supported regions.
read more →

SageMaker Inference adds container image caching

🚀 Amazon SageMaker Inference now supports container image caching to reduce scale-out latency for generative AI models. The service pre-caches the specified container image so new instances can begin serving without waiting to pull large images from Amazon ECR. This feature works with accelerator instance types, single-model endpoints, and inference component-based endpoints and requires no customer changes.
read more →

AWS Security Hub Adds AI Security Best Practices

🛡️ AWS Security Hub CSPM introduces the AI Security Best Practices standard, offering 31 automated controls to detect misaligned AI resources. The standard evaluates Amazon Bedrock, Bedrock AgentCore, and Amazon SageMaker workloads against recommended configurations without manual rule creation. It covers domains like network isolation, encryption, VPC placement, KMS usage, private registries, and authorization, producing findings to help teams remediate issues. Available in all Regions where Security Hub CSPM operates, including GovCloud (US) and China.
read more →

Anthropic Claude Sonnet 5 available on AWS

🤖 AWS now offers Claude Sonnet 5, Anthropic’s latest Sonnet-generation model, delivering high capability at Sonnet pricing for coding, agents, and professional workflows. The model excels at navigating large codebases, performing multi-file changes, debugging, and refactoring with fewer corrections. For agentic use it maintains state, calls tools precisely, and recovers from errors to increase successful runs. Customers can access Sonnet 5 via Amazon Bedrock or the Claude Platform on AWS, with Bedrock providing AWS-managed features like guardrails and regional data residency.
read more →