All news with #aws tag

AWS Location Service Introduces Advanced Map Styling

🗺️ Amazon Web Services announced enhanced map styling for Amazon Location Service, enabling developers to customize maps with terrain visualization, contour lines, real-time traffic, and transportation-specific routing. Users can adjust parameters such as terrain, contour-density, traffic, and travel-mode through the GetStyleDescriptor API. These options support use cases including outdoor navigation, logistics planning, and traffic management while maintaining reliable performance.

LinkPro Rootkit Uses eBPF and Magic TCP Packets to Hide

🔒 An AWS-hosted compromise revealed a new GNU/Linux rootkit dubbed LinkPro, discovered by Synacktiv. Attackers leveraged an exposed Jenkins server vulnerable to CVE-2024-23897 and deployed a malicious Docker image (kvlnt/vv) to Kubernetes clusters, delivering a VPN/proxy (vnt), a Rust downloader (vGet) and vShell backdoors. LinkPro relies on two eBPF modules—Hide and Knock—to conceal processes and activate via a magic TCP packet, with a user-space fallback via /etc/ld.so.preload when kernel support is missing.

Amazon EC2: Optimize CPU for Windows license instances

🔧 Amazon EC2 now lets customers customize CPU options on Windows Server and SQL Server license-included instances, including changing vCPU counts and disabling hyperthreading. This capability targets workloads that need high memory and IOPS but fewer logical CPUs, enabling lower vCPU-based licensing costs while preserving instance memory and I/O performance. AWS highlights an r7i.8xlarge example where turning off hyperthreading reduces 32 vCPUs to 16, cutting licensing expenses by roughly 50%. The feature is available in all commercial AWS Regions and AWS GovCloud (US).

Amazon EC2 C8gn Instances Expand to Additional Regions

🚀 Amazon EC2 C8gn instances, powered by AWS Graviton4 processors, are now available in Asia Pacific (Malaysia, Sydney, Thailand), expanding AWS compute availability. C8gn offers up to 30% better compute versus Graviton3-based C7gn, features 6th-generation Nitro Cards, and delivers up to 600 Gbps network throughput. Instances scale to 48xlarge (up to 384 GiB) and selected large sizes support EFA for lower latency and improved cluster performance, optimizing cost for network-intensive workloads.

Amazon EC2 CPU Options Optimize License-Included Windows

🔧 Amazon EC2 now allows customers to modify CPU options on Windows Server and SQL Server license-included instances to reduce vCPU-based licensing costs. You can customize the number of vCPUs and disable hyperthreading to achieve higher memory-to-vCPU ratios while preserving instance memory and IOPS. This enhancement targets database workloads that need high memory and I/O but lower vCPU counts. See the Amazon EC2 User Guide and AWS blog post for implementation details and best practices.

AWS Global Accelerator Now Supports Two Asia Pacific Regions

🚀 AWS Global Accelerator now supports application endpoints in two additional AWS Regions — Asia Pacific (Thailand) and Asia Pacific (Taipei) — bringing total coverage to thirty-three Regions. The service offers static IP addresses, congestion-free AWS network routing, edge DDoS protections, and continuous health monitoring to enable deterministic multi-region failover without DNS dependencies. To use the new Regions, configure endpoints such as Application Load Balancers, Network Load Balancers, Amazon EC2 instances, or Elastic IPs and review the Global Accelerator documentation.

Amazon DocumentDB Adds IPv6 Dual-Stack Support for AWS

🌐 Amazon DocumentDB now supports IPv6 addressing for new and existing clusters, enabling dual-stack (IPv4/IPv6) deployments within VPCs. Customers can enable IPv6 with a few clicks in the AWS Management Console or programmatically via the AWS CLI to reduce address overlap and simplify networking. The change helps teams standardize applications on IPv6 and is generally available on versions 4.0 and 5.0 in supported Regions. Amazon DocumentDB remains a fully managed, native JSON database designed for scale and operational simplicity.

AWS Security Hub CSPM Adds CIS AWS Foundations v5.0

🛡️ AWS Security Hub CSPM now supports the CIS AWS Foundations Benchmark v5.0, introducing 40 automated configuration checks aligned to the industry standard. The new standard is available in all Regions where Security Hub CSPM operates, including AWS GovCloud (US) and the China Regions. AWS recommends using Security Hub CSPM central configuration to enable the standard across selected accounts and Regions with a single action. Customers can subscribe to the CSPM SNS topic for updates and try Security Hub free for 30 days.

Encoding-Based Attack Protection with Bedrock Guardrails

🔒 Amazon Bedrock Guardrails offers configurable, cross-model safeguards to protect generative AI applications from encoding-based attacks that attempt to hide harmful content using encodings such as Base64, hexadecimal, ROT13, and Morse code. It implements a layered defense—output-focused filtering, prompt-attack detection, and customizable denied topics—so legitimate encoded inputs are allowed while attempts to request or generate encoded harmful outputs are blocked. The design emphasizes usability and performance by avoiding exhaustive input decoding and relying on post-generation evaluation.

Simplified Amazon Bedrock Model Access and Governance Controls

🔐 Amazon Bedrock now automatically enables serverless foundation models in each AWS Region, removing the prior per-model enablement step and retiring the Model Access page and PutFoundationModelEntitlement IAM permission. Access is managed through standard AWS controls—IAM and Service Control Policies (SCPs)—so account- and organization-level governance remains intact. Existing model restrictions enforced by IAM or SCPs continue to apply, and previously enabled models are unaffected. Administrators should transition to scoped IAM/SCP policies and patterns such as wildcards and NotResource denies to maintain least-privilege control.

Amazon WorkSpaces Core Managed Instances: New Regions

🚀 AWS has expanded Amazon WorkSpaces Core Managed Instances to five regions — US East (Ohio), Asia Pacific (Malaysia and Hong Kong), Middle East (UAE), and Europe (Spain) — with partner support from Citrix, Workspot, Leostream, and Dizzion. Managed Instances provision compute resources in customers' AWS accounts while AWS handles the infrastructure lifecycle for persistent and non-persistent VDI workloads, enabling highly customizable CPU, memory, and graphics configurations, including accelerated graphics instances. Customers can continue to use Savings Plans, discounts, and On-Demand Capacity Reservations and will incur standard compute costs plus an hourly WorkSpaces Core fee.

AWS Backup Now Adds Schedule Preview for Backup Plans

🗓️ AWS Backup now provides a schedule preview for backup plans, displaying the next ten scheduled backup runs and showing when features such as continuous backup, indexing, or copy settings take effect. The preview consolidates all backup rules into a single timeline so you can quickly identify overlaps, gaps, or configuration conflicts. This capability is available in all AWS Regions and accessible from the AWS Backup console, API, or CLI without additional configuration.

AWS Step Functions Adds Amazon Q AI Troubleshooting Guidance

🔍 AWS has integrated Amazon Q's AI diagnostics into the AWS Step Functions console to provide context-aware troubleshooting for workflow errors. Users can click the Diagnose with Amazon Q button in error alerts and the console notification area to receive tailored remediation steps for state machine execution failures and Amazon States Language (ASL) syntax errors and warnings. Troubleshooting recommendations appear in a dedicated window showing remediation steps, analysis of relevant state, input, and logs, and suggested fixes to reduce manual investigation. The feature is automatically enabled in commercial AWS Regions where Amazon Q is available to help teams accelerate resolution and lower operational overhead.

Amazon Bedrock automatically enables serverless models

🔓 Amazon Bedrock now automatically enables access to all serverless foundation models by default in all commercial AWS regions. This removes the prior manual activation step and lets users immediately use models via the Amazon Bedrock console, AWS SDK, and features such as Agents, Flows, and Prompt Management. Anthropic models remain enabled but require a one-time usage form before first use; completing the form via the console or API and submitting it from an AWS organization management account will enable Anthropic across member accounts. Administrators continue to control access through IAM policies and Service Control Policies (SCPs).

AWS SAM CLI Adds Finch Support for Local Development

🔧 AWS Serverless Application Model CLI (SAM CLI) now supports Finch as an alternative to Docker for local container-based development and testing. Developers can continue to build, test, debug, and package serverless applications locally using the same SAM CLI workflows, including sam build, sam local invoke, sam local start-api, and sam local start-lambda. SAM CLI will automatically detect and use Finch when Docker is not available, and you can also set Finch explicitly as your preferred container tool. Finch is an open-source, AWS-supported project that offers an additional choice for local serverless tooling.

Anthropic Claude Haiku 4.5 Now Available in Bedrock

🚀 Claude Haiku 4.5 is now available in Amazon Bedrock, offering near-frontier performance comparable to Claude Sonnet 4 while reducing cost and improving inference speed. The model targets latency-sensitive and budget-conscious deployments, excelling at coding, computer use, agent tasks, and vision-enabled workflows. Haiku 4.5 supports global cross-region inference and is positioned for scaled production use; consult Bedrock documentation, the console, and pricing pages for region and billing details.

Amazon Bedrock expands DeepSeek, OpenAI, Qwen models

🚀 Amazon Bedrock has expanded regional access to several foundation models, adding DeepSeek-V3.1, OpenAI open-weight models (20B, 120B), and multiple Qwen3 variants. The update makes DeepSeek-V3.1 and Qwen3 Coder-480B available in US East (Ohio) and Asia Pacific (Jakarta), and brings OpenAI open-weight and additional Qwen models to US East (Ohio), Europe (Frankfurt), and Asia Pacific (Jakarta). Customers can deploy these models locally to meet data residency needs, reduce latency, and enable faster AI-powered experiences.

Second-Generation AWS Outposts Racks Supported in Ireland

📡 Second-generation AWS Outposts racks are now supported in the AWS Europe (Ireland) Region, allowing customers to order racks connected to that Region. Outposts extend AWS infrastructure, services, APIs, and tools into on-premises data centers and colocation sites for a consistent hybrid experience. This expansion helps organizations optimize latency and address data residency needs while retaining centralized management through their home Region.

Aurora PostgreSQL zero-ETL now integrates SageMaker

🔁 Amazon Aurora PostgreSQL-Compatible Edition now offers zero-ETL integration with Amazon SageMaker, enabling near-real-time replication of PostgreSQL tables into a lakehouse. The synced data conforms to Apache Iceberg open standards and is immediately accessible to SQL, Apache Spark, BI, and ML tools via a simple no-code interface without impacting production workloads. Comprehensive, fine-grained access controls are enforced across analytics engines, and the capability is available in multiple AWS Regions.

Amazon EC2 R8g Instances Now Available in Three Regions

🚀 Amazon EC2 R8g instances powered by AWS Graviton4 are now available in São Paulo (South America), London (Europe), and Melbourne (Asia Pacific). These memory-optimized instances deliver up to 30% better performance versus Graviton3-based R7g instances and are suited for databases, in-memory caches, and real-time big data analytics. Built on the AWS Nitro System, R8g offers enhanced performance and security with larger sizes (up to 48xlarge and 1.5 TB RAM), up to 50 Gbps networking, and up to 40 Gbps EBS bandwidth.