All news with #aws tag

VPC Reachability & Network Access Analyzers Now in GovCloud

🔍 Amazon announced that VPC Reachability Analyzer and VPC Network Access Analyzer are now available in AWS GovCloud (US-West) and AWS GovCloud (US-East). Reachability Analyzer diagnoses network paths between source and destination resources in VPCs to identify misconfigurations such as missing route table entries across accounts. Network Access Analyzer finds unintended access paths by letting you define scopes to ensure traffic traverses required controls, for example verifying web app traffic goes through a firewall. See the product documentation and the Network Analysis section of the Amazon VPC pricing page for details.

Amazon VPC Reachability and Network Analyzer Now in GovCloud

🛡️ Amazon has launched VPC Reachability Analyzer and VPC Network Access Analyzer in both AWS GovCloud (US‑West) and GovCloud (US‑East) Regions. These tools let administrators diagnose network reachability between source and destination resources across VPCs and accounts, for example identifying missing route table entries that block EC2-to-EC2 connectivity. Network Access Analyzer finds unintended access paths such as traffic that bypasses firewalls so teams can enforce security and compliance scopes. For pricing and operational details consult the VPC Network Analysis pricing information.

Why Threat Actors Succeed and How Defenders Respond

🔍 The Unit 42 2025 Incident Response analysis explains that attackers exploit complexity, visibility gaps and excessive trust to succeed against organizations of all sizes. The report notes almost a third of incidents were cloud-related, IAM failures appeared in 41% of cases and attackers often moved within an hour, causing outsized disruption and cost. The recommended response is to consolidate telemetry into an integrated platform like Cortex, extend protection into cloud with Cortex Cloud, secure browser activity with Prisma Browser, and engage Unit 42 for advisory and retainer services.

AWS outage: DynamoDB DNS failure caused disruption

⚠️ Amazon says a major DNS failure in DynamoDB's DNS management system triggered a widespread AWS outage focused on the us-east-1 (Northern Virginia) region. A race condition at 11:48 PM PDT caused the accidental deletion of all IP addresses for the regional DynamoDB public endpoint, producing immediate DNS resolution failures for customer and internal traffic. The fault cascaded across services, kept automated recovery from restoring consistency, and required manual operator intervention to recover. AWS has disabled the problematic DNS automation globally, added protective checks, improved throttling, built new test suites, and apologized for the impact.

AWS Transfer Family: Change IdP Type Without Downtime

🔁 AWS Transfer Family now lets administrators change a server's identity provider (IdP) type without service interruption. This update allows dynamic switching among service-managed, Active Directory, and custom IdP authentication for SFTP, FTPS, and FTP servers, enabling zero-downtime migrations and faster compliance adaptation. The capability is available in all AWS Regions where Transfer Family operates.

CloudWatch Adds EC2 Metrics for EBS IOPS and Throughput

🔔 Amazon introduced two new Amazon CloudWatch instance-level metrics — Instance EBS IOPS Exceeded Check and Instance EBS Throughput Exceeded Check — that flag when the driven IOPS or throughput exceeds the EBS-Optimized limits of an EC2 instance. Each metric returns 0 (not exceeded) or 1 (exceeded), enabling rapid identification of I/O bottlenecks and the creation of dashboards or alarms. These metrics are provided by default at a 1-minute frequency at no additional charge for Nitro-based EC2 instances with EBS attached and are accessible via the EC2 console, CLI, or CloudWatch API across Commercial, GovCloud (US), and China Regions.

SageMaker Studio Integrates with Athena Workgroups

📊 Data engineers and analysts can now connect Amazon SageMaker Unified Studio to existing Amazon Athena workgroups to run SQL queries using the workgroups' default settings and properties. This lets teams reuse access controls, cost limits, and query-tracking policies already defined in Athena, reducing setup time while maintaining governance. To enable it, choose 'Add compute' → 'Connect to existing compute resources' in Unified Studio; the connected Athena workgroup then appears in the query editor and is available in all regions where Unified Studio is supported.

AWS Lambda ups asynchronous payload limit to 1 MB today

🚀 AWS has increased the maximum payload size for AWS Lambda asynchronous invocations from 256 KB to 1 MB. This change lets customers deliver richer, complex events—such as LLM prompts, telemetry batches, or detailed JSON outputs—without splitting, compressing, or externalizing data. The increase is generally available in all AWS Commercial and AWS GovCloud (US) Regions and can be used via the Lambda invoke API. Billing counts 1 request for the first 256 KB and an additional request per 64 KB chunk beyond that up to 1 MB.

HP Pulls Update That Broke Entra ID Auth on AI PCs

⚠️ HP has pulled an over-the-air update to HP OneAgent for Windows 11 after a cleanup script removed Microsoft certificates required for some organizations to authenticate to Microsoft Entra ID. The silent update deployed on HP AI PCs ran package SP161710 and an install.cmd that deleted any certificate containing the substring "1E", producing false positives. Affected devices disconnected from Entra ID/Intune; HP says the update is no longer available and is assisting impacted customers.

Amazon Aurora DSQL Now Available in Frankfurt Region

🚀 Amazon Aurora DSQL is now available in Europe (Frankfurt), expanding AWS’s global footprint for its serverless distributed SQL engine. The managed service provides active-active high availability, multi-Region strong consistency, and automatic, virtually unlimited scaling so teams can build always-on applications without infrastructure management. Aurora DSQL is advertised as offering the fastest distributed SQL reads and writes, and is already available across US, Asia Pacific, and European Regions. Customers can trial it via the AWS Free Tier.

Amazon Connect Introduces Granular Recording Permissions

🔒 Amazon Connect now offers granular UI permissions for conversation recordings and transcripts, enabling administrators to control access to playback, copying and downloads separately. Administrators can allow users to listen to calls while preventing transcript copying, and set download rules that permit redacted recordings but block unredacted downloads. The capability supports complex scenarios where sensitive conversations remain redacted while other interactions remain fully available.

Amazon Connect Adds Preview Dialing to Outbound Campaigns

📞 Amazon Connect outbound campaigns introduces a preview dialing mode that gives agents customer context—name, balance, and prior interactions—before placing calls. Campaign managers can set review time limits, optionally remove contacts, and use new dashboards to monitor agent behavior, discard rates, and engagement trends. By reserving an agent prior to dialing, teams gain operational control and help support TCPA and OFCOM compliance.

CISA Warns of Critical Lanscope Endpoint Manager Flaw

⚠️ CISA warns that attackers are exploiting a critical flaw (CVE-2025-61932) in Motex's Lanscope Endpoint Manager, enabling unauthenticated remote code execution via specially crafted packets. The issue affects client components in versions 9.4.7.2 and earlier; Motex has released patched client builds and noted managers do not require updates. No mitigations are available—install the vendor updates; CISA added the flaw to its KEV with a Nov. 12 remediation deadline for federal agencies.

AWS Outposts 2U Server Now Available in GovCloud Regions

🔒 AWS now supports the Outposts 2U server in AWS GovCloud (US-East) and GovCloud (US-West). The fully managed, industry-standard 2U form factor delivers up to 128 vCPUs and extends AWS infrastructure, services, APIs, and tools to on-premises or edge locations with limited space. Customers can run Amazon EC2, Amazon ECS, and AWS IoT Greengrass locally while connecting to the parent GovCloud region for broader management and operations.

Amazon QuickSight Adds Visual Data Preparation Experience

📊 Amazon QuickSight now provides a visual data preparation experience that enables business users to clean, transform, and combine data without writing code. The interface supports multi-step workflows—appends, aggregations, flexible joins—and records each transformation step to improve traceability and shareability. It increases dataset source depth from 3 to 10 levels and boosts cross-source join capacity 20× (1GB to 20GB), and is available to Author, Author Pro, and select Quick Suite Enterprise subscribers across multiple regions.

DynamoDB Zero-ETL Integration with Redshift in Taipei

🔁 The Amazon DynamoDB zero-ETL integration with Amazon Redshift is now available in the Asia Pacific (Taipei) region, enabling analytics on production DynamoDB tables without impacting operational workloads. Customers can run high-performance SQL, leverage built-in ML and Spark integrations, and use materialized views with automatic incremental refresh and data sharing. History mode provides built-in support for analyzing historical data and building Type 2 Slowly Changing Dimension (SCD 2) tables without custom ETL code.

Enterprises Move From Static Secrets to Managed Identities

🔐 Organizations are rapidly replacing embedded API keys and passwords with platform-native managed identities to reduce manual credential management and leakage risk. Enterprises report significant productivity gains—case studies cite up to a 95% reduction in time spent managing credentials and a 75% drop in time learning platform authentication. While major clouds (AWS, Azure, GCP) and CI platforms have built-in solutions, legacy systems and third-party APIs remain the primary obstacles to eliminating static secrets entirely.

AWS RTB Fabric Generally Available for Low-Latency AdTech

🚀 AWS today announced RTB Fabric, a fully managed service that connects publishers and buyers with AdTech partners such as Amazon Ads, GumGum, Kargo, MobileFuse, Sovrn, TripleLift, Viant, and Yieldmo over a private, high‑performance network delivering single‑digit millisecond latency. The service can reduce standard cloud networking costs by up to 80% and requires no upfront commitments. Built-in modules support containerized applications and foundation models and run inline to optimize traffic, improve bid efficiency, and increase bid response rates.

Amazon EC2 I8g Storage-Optimized Instances Expand Regions

💾 Amazon Web Services has made Amazon EC2 I8g storage-optimized instances generally available in Europe (London), Asia Pacific (Singapore), and Asia Pacific (Tokyo). Powered by AWS Graviton4 processors and third-generation Nitro SSDs, I8g delivers up to 60% better compute performance and up to 65% improved real-time storage performance per TB versus the previous generation. These instances offer up to 45 TB of local NVMe storage, up to 100 Gbps networking, and are aimed at transactional databases, real-time analytics, and I/O-intensive AI pre-processing workloads.

Amazon Connect adds threaded email views and history

📧 Amazon Connect now includes threaded email views and appends conversation history to agent replies, helping agents and customers preserve context and continuity across exchanges. The update provides a familiar, mail-like threading model and surfaces prior messages inline within Amazon Connect Email, making follow-ups and issue resolution faster. The capability is available in multiple AWS regions and streamlines agent workflows.