All news with #aws tag

Amazon ECS: Run Firelens Logging Containers Non-Root

🔒 Amazon Elastic Container Service (Amazon ECS) now lets you run Firelens containers as a non-root user by specifying a numeric user ID in the user field of your Task Definition. Running Firelens as non-root reduces the potential attack surface and helps meet security and compliance requirements, including checks surfaced by AWS Security Hub. This capability replaces the previous default of "user": "0" and is available in all AWS Regions. See the Firelens documentation for configuration details.

Amazon RDS for Oracle Zero-ETL Integration in 8 Regions

⚡ Amazon RDS for Oracle now offers zero-ETL integration with Amazon Redshift in eight additional AWS Regions, enabling near real-time analytics and ML on transactional data without building ETL pipelines. Data written to an RDS for Oracle instance is replicated to Redshift within seconds. Administrators can configure integrations via Console, API, CLI, or CloudFormation, select specific PDBs and tables, and must use Oracle Database 19c.

Amazon RDS MySQL and PostgreSQL Zero-ETL to Redshift

⚡Amazon RDS for MySQL and Amazon RDS for PostgreSQL now support zero-ETL integrations with Amazon Redshift in eight additional regions. Data written to RDS is replicated to Redshift within seconds, enabling near real-time analytics and ML on transactional datasets. You can create multiple integrations per database, apply per-integration filtering to include or exclude specific databases and tables, and automate deployment with AWS CloudFormation.

Amazon Kinesis Data Streams Adds FIS API Error Actions

🧪 Amazon Kinesis Data Streams now integrates with AWS Fault Injection Service (FIS) to simulate Kinesis API errors and validate application error handling, retry logic, and monitoring. Customers can induce throttling, internal errors, service unavailable, and expired iterator exceptions—covering 500, 503, and 400 responses for GET and PUT operations—to test resilience and CloudWatch alarms. FIS experiments support templates, CI integration, and automatic stop thresholds to keep tests controlled, and are generally available in all Regions where FIS is offered, including AWS GovCloud (US).

Amazon MSK Adds Apache Kafka 4.1 with Queues Preview

📣 Amazon Managed Streaming for Apache Kafka (Amazon MSK) now supports Apache Kafka 4.1, introducing Queues as a preview feature, a new Streams Rebalance Protocol in early access, and Eligible Leader Replicas (ELR) enabled by default. These features target improved parallelism, optimized Kafka Streams task rebalancing, and stronger availability. To adopt 4.1, select 4.1.x when creating a cluster or perform an in-place rolling update; MSK orchestrates broker restarts to maintain availability. Kafka 4.1 support is available today across all AWS regions where MSK is offered.

ALB Now Supports URL and Host Header Rewrite Across Regions

🔁 With the new URL and Host Header rewrite capability for Application Load Balancer, AWS lets customers modify request URLs and Host headers using regex-based pattern matching before routing to targets. You can rewrite paths (for example, transform "/api/v1/users" to "/users"), standardize URL patterns, remove or add path prefixes, and modify the Host header for internal service routing. Configurable via the AWS Management Console, AWS CLI, SDKs, and APIs, the feature incurs no extra charge beyond ALB usage and is available in all AWS commercial regions.

AWS Backup Adds Detailed Job and Audit Report Fields

🔍 AWS Backup now returns more detailed metadata in job APIs and Backup Audit Manager reports to improve visibility into backup configuration and compliance. New fields in backup, copy, and restore job APIs expose retention settings, vault lock and type, encryption details, plan and rule names, schedules, and vault access policies. Delegated administrators can view job details across an organization. These fields are available today in supported Regions at no extra charge.

Cloudflare addresses Workers CPU benchmark disparities

🔍 Cloudflare investigated an independent October benchmark comparing server-side JavaScript performance between Cloudflare Workers and Vercel, which initially showed Workers up to 3.5x slower. The company found multiple causes — scheduling heuristics, outdated V8 garbage-collector tuning, and framework-level inefficiencies in OpenNext/Next.js — and implemented fixes. Most changes are live and yield parity with Vercel across nearly all tested cases, with further work planned to close the remaining Next.js gap.

Amazon EC2 M7i arrives in Milan with custom Intel CPUs

🚀 Amazon EC2 M7i instances, powered by custom 4th Gen Intel Xeon Scalable processors (Sapphire Rapids), are now available in the Europe (Milan) region. M7i delivers up to 15% better performance versus comparable x86 Intel processors on other clouds and up to 15% improved price-performance compared to M6i. Instances scale to 48xlarge and include two bare-metal sizes (metal-24xl, metal-48xl) with built-in Intel accelerators for data streaming, in-memory analytics, and QuickAssist Technology, making them suited for sustained high-CPU workloads like gaming servers, CPU-based ML, and video streaming.

Amazon AppStream Adds License-Included Microsoft Apps

🧾 Amazon AppStream 2.0 now offers license-included Microsoft Office, Visio, and Project (2021/2024) in Standard and Professional editions, available in both 32‑bit and 64‑bit for On‑Demand and Always‑On fleets. Administrators can add or remove these applications from images and fleets to control availability, and end users access fully integrated Microsoft apps within AppStream sessions. Deployments require an AppStream Image Builder agent released on or after October 2, 2025, or managed image updates dated October 3, 2025 or later. Billing remains hourly for streaming and per-user per-month (non-prorated) for Microsoft apps.

AWS for Fluent Bit 3.0.0: Based on Fluent Bit 4.1.0

🚀 AWS for Fluent Bit 3.0.0, based on Fluent Bit 4.1.0 and Amazon Linux 2023, delivers faster, more secure container logging for Amazon ECS and Amazon EKS. It adds native OpenTelemetry (OTel) support for OTLP logs, metrics, and traces with SigV4 authentication and faster JSON parsing for higher throughput and lower latency. TLS minimum version and cipher controls enforce stronger output security. The image is available in the Amazon ECR Public Gallery and Amazon ECR, and source code and guidance are provided on GitHub.

Amazon EBS Volume Clones for Instant Volume Copies

⚡ Amazon Web Services has launched general availability of Amazon EBS Volume Clones, enabling instant, point-in-time copies of EBS volumes within the same Availability Zone. Cloned volumes are immediately accessible with single-digit millisecond latency and support all EBS volume types. The capability integrates with the EBS Container Storage Interface (CSI) driver and is available via Console, CLI, SDKs, and CloudFormation across AWS Commercial and GovCloud (US) Regions.

AWS for Fluent Bit 3.0.0 Released with Fluent Bit 4.1.1

🚀 AWS for Fluent Bit 3.0.0, based on Fluent Bit 4.1.1 and built on Amazon Linux 2023, is now available for Amazon ECS and Amazon EKS customers. The release introduces native OpenTelemetry (OTel) support to ingest and forward OTLP logs, metrics, and traces with AWS SigV4 authentication, removing the need for additional sidecars. It delivers faster JSON parsing and higher log throughput per vCPU with lower latency, plus configurable TLS minimum versions and cipher controls to strengthen output security. Upgrade by pulling the 3.0.0 image from the Amazon ECR Public Gallery, updating your ECS FireLens task definition, or updating the DaemonSet/Helm release on EKS.

Amazon Route 53 Profiles Adds AWS PrivateLink Support

🔒 Amazon Route 53 Profiles now supports AWS PrivateLink, allowing customers to access and manage their Profiles privately over the Amazon network instead of the public internet. When accessed via PrivateLink, management operations such as creating, editing, listing, and deleting Profiles occur over private connectivity between VPCs, AWS services, and on‑premises applications. This capability reduces control‑plane exposure and supports hybrid and regulated deployments.

Amazon MSK Connect Expands to Ten More AWS Regions

🚀 Amazon MSK Connect is now available in ten additional AWS Regions — Jakarta, Hong Kong, Osaka, Melbourne, Milan, Zurich, Bahrain, UAE, Cape Town, and Tel Aviv. MSK Connect provides fully managed Kafka Connect clusters for deploying, monitoring, and scaling connectors to move data between Apache Kafka/Amazon MSK and external systems without provisioning infrastructure. The service supports both managed and self-managed Kafka clusters and is accessible via the MSK console and CLI.

AWS Expands Graviton4 M8g EC2 Instances to Regions

🚀 AWS announced that Amazon EC2 M8g instances, powered by Graviton4 processors, are now available in Europe (Paris), Asia Pacific (Osaka), Canada (Central), and the Middle East (Bahrain). The M8g family delivers up to 30% better performance versus Graviton3-based instances and offers larger sizes with up to 3× more vCPUs and memory. Built on the AWS Nitro System, these instances provide enhanced networking and EBS bandwidth for general-purpose workloads such as application servers, microservices, gaming servers, and caching fleets.

Amazon Connect Adds Configurable Schedule Adherence

📈 Amazon Connect now supports configurable thresholds for schedule adherence, enabling contact center managers to set allowable early and late windows for shift starts, shift ends, and individual activities. Administrators can apply defaults and customize thresholds at the team level—for example, allowing a 5-minute early start, a 10-minute late end, or a 3-minute late break—so minor timing differences don’t hurt adherence scores. This reduces false violations, helps managers focus on real adherence issues, and improves agent satisfaction and productivity.

AWS Transfer Family SFTP Connectors Gain VPC Support

🔒 AWS Transfer Family SFTP connectors can now route connections through your Amazon VPC, enabling secure file transfers between Amazon S3 and remote SFTP servers whether privately or publicly hosted. Connectors can present VPC CIDR IP addresses for compatibility with IP allowlists and leverage NAT Gateway bandwidth for higher-throughput internet transfers. All traffic is routed through existing VPC networking and security controls, including Transit Gateway and centralized firewalls to help meet data security mandates.

Amazon RDS Adds Latest CU and GDR Updates for SQL Server

🛡️Amazon Relational Database Service (Amazon RDS) now supports the latest General Distribution Release (GDR) and Cumulative Update packages for Microsoft SQL Server, including SQL Server 2016 SP3+GDR (KB5065226), 2017 CU31+GDR (KB5065225), 2019 CU32+GDR (KB5065222) and 2022 CU21 (KB5065865). These updates address multiple security vulnerabilities tracked as CVE-2025-47997, CVE-2025-55227 and CVE-2024-21907. AWS recommends that customers upgrade their RDS SQL Server instances using the Amazon RDS Management Console, AWS SDKs or the AWS CLI and follow the RDS SQL Server upgrade guidance.

Amazon QuickSight Adds Expanded Font Customization

🔤 Amazon QuickSight now extends font customization to data labels and axes across supported charts, complementing existing controls for titles, subtitles, legends, and table headers. Authors can set font family, pixel size, color, and styling such as bold, italics, and underline for analyses, dashboards, reports, and embedded scenarios. The update improves branding alignment and readability on large displays and is available in all supported regions.