< ciso
brief />
Tag Banner

All news with #aws tag

2299 articles · page 35 of 115

Amazon RDS for Oracle Adds OMA 24.1.0.0.v1 Support

📣 Amazon RDS for Oracle now supports Oracle Management Agent version 24.1.0.0.v1 for Oracle Enterprise Manager Cloud Control 24aiR1. To enable it, add the OEM_AGENT option in Option Groups and set the AGENT_VERSION to "24.1.0.0.v1". You must also configure OMS hostname (or IP), port, agent registration password, and a minimum TLS version of TLSv1.2 so the agent can securely communicate with your Oracle Management Service. Refer to the Amazon RDS for Oracle documentation for full configuration guidance.
read more →

Amazon EMR: Spark Troubleshooting and Upgrade Powers

🔧 The Apache Spark troubleshooting and upgrade agents for Amazon EMR are now available as Kiro powers, providing one-click, AI-assisted Spark operations directly in the Kiro IDE. The troubleshooting power identifies root causes by analyzing logs, metrics, and configurations across EMR on EC2 and EMR Serverless, and offers targeted PySpark code recommendations. The upgrade power automates Spark version migrations—including code transformation, dependency resolution, remote validation, and data quality comparison—compressing upgrades from months to weeks. Both powers connect via MCP Proxy for AWS with IAM role-based authentication and record actions in AWS CloudTrail; they are available in all AWS commercial regions.
read more →

AWS Glue Schema Registry Expands to 3 More Regions

🗂️ AWS Glue Schema Registry is now available in Asia Pacific (Jakarta), Europe (Spain), and Europe (Zurich). The serverless, free registry centralizes Avro, JSON, and Protobuf schemas to validate streaming data and control schema evolution. Through Apache-licensed serializers and deserializers it integrates with C# and Java applications for Apache Kafka/Amazon MSK, Amazon Kinesis Data Streams, Apache Flink/Kinesis Data Analytics, and AWS Lambda. The expansion aims to reduce cross-team coordination, improve streaming data quality, and lower downstream application failures.
read more →

Amazon SageMaker Data Agent Adds Charts, SQL, and MVs

📊 Amazon SageMaker Data Agent now embeds interactive charting, SQL analytics across Snowflake sources, and materialized view management directly inside SageMaker Unified Studio notebooks. You can ask natural-language prompts like "plot monthly revenue trends by region for 2025" to generate interactive charts that support hover, editing, and refinement without writing code. When analyses span AWS and Snowflake, the agent lets you join Snowflake tables via external connections with AWS Glue Data Catalog data in a single prompt. The agent can also recommend and create materialized views, including refresh schedules, to optimize query performance.
read more →

AWS Partner Revenue Measurement Adds Marketplace Metering

🔍 Partner Revenue Measurement now integrates with AWS Marketplace Metering for AMI and ML products, enabling automatic attribution of service consumption. This captures Amazon EC2 and Amazon SageMaker usage across partner-managed and customer-managed accounts without additional partner implementation, complementing Resource Tagging and User Agent string methods. The capability is generally available in all commercial regions and helps partners understand revenue impact and consumption patterns.
read more →

AWS Partner Revenue Measurement Adds User Agent Support

📈 Partner Revenue Measurement now supports embedding a User Agent string to attribute AWS service consumption to specific AWS Marketplace products. Partners can format the string as APN_1.1/pc_<AWS Marketplace product-code>$ and apply it in application code, via environment variables, or in the shared AWS configuration to capture API-driven usage across common SDKs. This complements Resource Tagging and Marketplace Metering and is generally available in all commercial regions.
read more →

AWS Secrets Manager Console Accepts Custom KMS ARNs

🔒 The AWS Secrets Manager console now lets you enter a custom customer-managed AWS KMS key ARN when creating secrets. Previously, the console only presented keys from the current account in a dropdown. By accepting direct KMS key ARNs, the console now supports keys in other accounts and aligns with existing API capabilities. This change simplifies cross-account encryption workflows and offers more flexible key management across accounts.
read more →

How AWS KMS and Encryption SDK Avoid AES-GCM Limits

🔒 This post explains how AWS KMS and the AWS Encryption SDK mitigate AES-GCM invocation and data bounds by deriving a fresh symmetric key per encryption using nonce-based KDFs. By producing unique K_d values (via HMAC-SHA256 in KMS and HKDF-SHA512 in the SDK) and using per-invocation IV and frame controls, they prevent (K, IV) reuse and limit exhaustion. Default settings—128- or 256-bit nonces, 96-bit IVs, and 4 KB frames—keep total data and invocation counts well within conservative security margins, reducing the need for manual key rotation and operational tracking.
read more →

Amazon QuickSight Adds Sparklines in Table Cells Globally

📈 Amazon QuickSight now supports sparklines, letting authors embed compact line or area trend charts directly inside table cells. Authors add sparklines by configuring a metric with a date dimension; QuickSight automatically renders a miniature trend for each row. Customization includes visual type, line color, interpolation (linear, smooth, or stepped), and shared or independent Y-axis scaling. The feature is available in all QuickSight regions.
read more →

Amazon CloudWatch Query Studio Adds Native PromQL Support

🔍 Amazon CloudWatch Query Studio is now in public preview, bringing native PromQL querying and integrated visualization to the CloudWatch console. The interface unifies PromQL and CloudWatch Metric Insights so teams can query AWS-vended and OpenTelemetry metrics side by side without switching tools. Query Studio offers a visual form builder with autocomplete and a code editor with syntax highlighting, and it lets users add charts or create alarms directly from query results.
read more →

CERT-EU: Commission cloud hack exposes 30 EU entities

🔐 CERT-EU attributed a cloud compromise of the European Commission to TeamPCP, saying attackers used a compromised AWS API key allegedly stolen in a Trivy supply‑chain incident to access the Commission’s cloud and harvest secrets. The intruders used TruffleHog to locate additional credentials, attached a new access key to an existing user to evade detection, and carried out reconnaissance before exfiltrating data. The stolen dataset was later posted by ShinyHunters as a 90GB archive (≈340GB uncompressed), and CERT-EU confirmed the theft includes tens of thousands of files with personal information. CERT-EU reported no websites were defaced and found no evidence of lateral movement between Commission AWS accounts.
read more →

Amazon ElastiCache Serverless Adds IPv6 and Dual-Stack

🌐 Amazon ElastiCache Serverless now supports IPv6 and dual-stack connectivity, expanding beyond previous IPv4-only access. When creating a Serverless cache, you can choose IPv4, IPv6, or dual stack so a cache can accept connections over both protocols simultaneously. IPv6 support also enables deployment into IPv6-only subnets. The capability is available in all AWS Regions, including AWS GovCloud (US) and China Regions, at no additional charge.
read more →

Four Security Principles for Agentic AI Systems Guidance

🔒AWS outlines four security principles for agentic AI in its NIST CAISI response, arguing existing security frameworks should be extended rather than replaced. It emphasizes secure development lifecycles for both traditional and AI components, continued use of standard controls, and deterministic, infrastructure-level enforcement outside the agent's reasoning ('security box'). AWS applies these through Amazon Bedrock AgentCore, which provides compute isolation, identity and access controls, centralized tool gateways, observability, and secure model execution.
read more →

CloudWatch Container Insights adds OpenTelemetry for EKS

🔔 Amazon CloudWatch now offers Container Insights with OpenTelemetry metrics for Amazon EKS in public preview. The feature collects OTLP metrics from open source and AWS collectors, enriches each metric with up to 150 labels, and supplies curated dashboards and PromQL query support in CloudWatch Query Studio. Deployment is available via the CloudWatch Observability EKS add‑on, console, CloudFormation, CDK, or Terraform, and preview metrics are free.
read more →

AWS Deadline Cloud Adds Configurable Job Scheduling

⚙️ AWS Deadline Cloud now offers configurable job scheduling modes that let administrators control how workers are distributed across queued jobs. You can choose from three modes when creating or updating a queue: priority FIFO (the existing default), priority balanced, and weighted balanced. The balanced options help artists get immediate feedback by distributing capacity across concurrent jobs rather than allocating all workers to the earliest, highest-priority job. This change is available in all Regions that support Deadline Cloud.
read more →

Amazon Lightsail: Compute-Optimized Instances with 72 vCPUs

Amazon Lightsail now offers compute-optimized instance bundles with up to 72 vCPUs across seven sizes and supports both IPv6-only and dual-stack networking. These bundles are compatible with all Lightsail blueprints, including popular OS and application stacks such as WordPress, cPanel & WHM, Plesk, Drupal, Magento, MEAN, LAMP, Node.js, Ruby on Rails, Amazon Linux, Ubuntu, CentOS, Debian, AlmaLinux, and Windows. The instances provide consistent, dedicated CPU performance for CPU-intensive workloads—examples include batch processing, distributed analytics, high-performance web serving, scientific modeling, dedicated gaming servers, ad serving engines, video encoding, and CPU-bound ML inference—and are available in 15 AWS Regions.
read more →

CloudWatch Auto-Enablement for CloudFront, Security, Bedrock

🔁 Amazon CloudWatch now supports automatic enablement of Amazon CloudFront Standard access logs, AWS Security Hub CSPM finding logs, and Amazon Bedrock AgentCore memory and gateway logs and traces to CloudWatch Logs. Enablement rules can be applied organization-wide, to specific accounts, or scoped by resource tags to ensure consistent telemetry collection for both existing and newly created resources. A central security or operations team can create a single rule to centralize log flow across their organization. Log ingestion is billed according to CloudWatch Pricing.
read more →

AWS Direct Connect adds 100 Gbps in Auckland Datacom DH6

🔒 AWS expanded AWS Direct Connect to provide 100 Gbps dedicated connections at the Datacom Orbit DH6 colocation near Auckland, New Zealand. Customers can now establish private, direct access to all public AWS Regions (excluding China), AWS GovCloud Regions, and AWS Local Zones from this location. This site is the second in New Zealand to offer 100 Gbps with MACsec encryption, improving throughput and secure hybrid connectivity.
read more →

Amazon WorkSpaces Applications adds instance drain mode

🔁 Amazon WorkSpaces Applications introduces a drain mode for multi-session fleets that prevents instances from accepting new user sessions while allowing existing sessions to continue uninterrupted. Administrators can use this capability to perform maintenance, apply security patches, or scale down resources without forcibly terminating users. The change routes new connections to other available instances, improving stability and end-user experience, and is available at no additional cost in all supported AWS Regions.
read more →

Amazon CloudWatch Adds Native OpenTelemetry Metrics

📈 Amazon CloudWatch now supports native OpenTelemetry metrics in public preview, allowing customers to send metrics directly via OTLP without custom conversion logic or additional tooling. You can combine custom OTel metrics with AWS-vended metrics from over 70 services and query them using PromQL across EKS and on-premises environments with no additional agents or code changes. CloudWatch anomaly detection and a new Query Studio console enable unified dashboards and alarms that span application and infrastructure telemetry.
read more →