All news with #aws tag

Amazon SageMaker Unified Studio Adds Custom Blueprints

🔧 AWS announced general availability of Custom Blueprints in Amazon SageMaker Unified Studio, enabling customers to supply their own managed IAM policies when creating project roles. Teams can replace or augment the default service-managed policies and use custom AWS CloudFormation templates to define infrastructure and parameters for resources such as Amazon EMR on EC2, AWS Glue Data Catalog, and Amazon Redshift. Sample templates are available in the SageMaker documentation, and the capability is offered in all AWS Commercial Regions where the next-generation SageMaker is available.

Amazon Neptune Analytics Now Supported in NetworkX

🚀 NetworkX now supports Amazon Neptune Analytics as a graph store, enabling developers to use familiar NetworkX APIs while transparently offloading heavy graph-algorithm workloads to Neptune’s scalable analytics engine. The integration provides Zero-ETL data handling, automatic provisioning and teardown for a serverless-like experience, and preserves existing Python workflows without refactoring code.

Amazon CloudFront Adds IPv6 Origin Connectivity Support

🌐 Amazon CloudFront now supports IPv6 connectivity to origin servers, enabling end-to-end IPv6 content delivery for web applications. Customers can configure custom origins as IPv4-only (default), IPv6-only, or dual-stack; in dual-stack mode CloudFront will automatically balance requests across IPv4 and IPv6 addresses. IPv6 origin support is available in all supported AWS Commercial Regions and excludes Amazon S3 and VPC origins. This capability can improve performance for native IPv6 users and reduce pressure from IPv4 address exhaustion for origin infrastructure.

Improved AI Assistance in Amazon SageMaker Unified Studio

🤖 Amazon Web Services announced enhancements to the Amazon Q Developer chat experience within SageMaker Unified Studio Jupyter notebooks and added a command-line interface for use in notebooks and the Code Editor. By integrating with Model Context Protocol (MCP) servers, the assistant becomes aware of project resources—data, compute, and code—and provides personalized, context-aware help. These updates aim to speed tasks like code refactoring, file edits, and troubleshooting while preserving transparency around assistant actions. The capabilities are available at no additional cost via the Amazon Q Developer Free Tier where SageMaker Unified Studio is offered; customers can enable Amazon Q Developer Pro for expanded functionality.

Amazon RDS Adds Latest Microsoft SQL Server GDR Updates

🔒 Amazon Relational Database Service (RDS) for Microsoft SQL Server now supports the latest General Distribution Release (GDR) updates for SQL Server 2016 SP3, 2017 CU31, 2019 CU32, and 2022 CU20. The supported RDS engine versions map to KB5063762, KB5063759, KB5063757, and KB5063814 respectively. These GDRs address vulnerabilities tracked as CVE-2025-49758, CVE-2025-24999, CVE-2025-49759, CVE-2025-53727, and CVE-2025-47954. We recommend that customers upgrade their RDS instances via the RDS Management Console, AWS SDK, or AWS CLI and follow the RDS SQL Server upgrade guidance.

AWS MediaConvert Adds Time-Addressable Media Store

🎬 AWS Elemental MediaConvert now integrates with Time-Addressable Media Store (TAMS), enabling customers to reference and extract precise, time-bound media segments as inputs to encoding workflows. The integration requires customers to operate their own TAMS servers—MediaConvert does not host or manage TAMS—and supports quick-turnaround use cases like live-event highlight clipping, near-real-time social publishing, and archive repurposing. This capability is aimed at media operations teams modernizing archives, automating editorial workflows, and connecting broadcast infrastructure and CMS directly into high-performance encoding pipelines.

Amazon CloudFront Adds Post-Quantum and TLS1.3 Policy

🔐 Amazon CloudFront now supports hybrid post-quantum key establishment across all existing TLS security policies for client-to-edge connections, enabling quantum-resistant key exchange without customer configuration. CloudFront also introduces a new TLS1.3_2025 policy that enforces TLS 1.3 only. Both features are enabled by default at all edge locations and incur no additional charges. These updates help organizations strengthen long-term in-transit protection and simplify compliance planning.

Amazon RDS Proxy Adds IPv6 Support for Connections

🌐 Amazon RDS Proxy now supports IPv6 addresses for pooling and sharing database connections, while continuing to offer existing IPv4 endpoints for backwards compatibility. Customers may specify proxy target connections using either IPv4 or IPv6. The change reduces the need to manage overlapping VPC address spaces and helps mobile, IoT, and modern serverless applications that open many database connections. By pooling connections, RDS Proxy improves database efficiency and application scalability.

Amazon GuardDuty Adds Custom Entity Lists for Detection

🛡️ AWS announced general availability of Amazon GuardDuty custom threat detection using entity lists, expanding support beyond legacy IP-only lists to include domains and mixed IP/domain lists. The service adds a new finding type, Impact:EC2/MaliciousDomainRequest.Custom, when activity involves a listed domain. Entity lists can also be used to suppress alerts from trusted sources, and they simplify permissions and cross-region management. The capability is available in all Regions where GuardDuty runs, excluding China and GovCloud (US).

Amazon GuardDuty Adds Custom Entity Lists for Domains

🛡️ AWS announced general availability of Amazon GuardDuty custom threat detection using entity lists, extending support beyond IP-only lists to include malicious domains and IP addresses. GuardDuty introduces a new finding type, Impact:EC2/MaliciousDomainRequest.Custom, triggered when activity related to a listed domain is observed. Entity lists also allow suppression of alerts from trusted sources and simplify cross-region permission management, avoiding IAM policy size limits. The feature is available in all GuardDuty Regions except China and GovCloud (US).

AWS Config Tracks Resource Tags for IAM Policies Globally

🔍 AWS Config now records resource tags for IAM policy resource types, enabling you to capture tag values and track their changes directly in your Config recorder. You can scope both Config-managed and custom rule evaluations by tag and use Config aggregators to selectively collect IAM policies across accounts. This capability is available in all supported AWS Regions at no additional cost.

Aurora PostgreSQL Limitless Now Supports PostgreSQL 16.9

🚀 Amazon Aurora PostgreSQL Limitless Database now supports PostgreSQL 16.9 compatibility. This release delivers PostgreSQL community bug fixes and performance improvements along with Aurora-specific additions, including support for the hstore and auto_explain extensions. The serverless, distributed engine transparently scales compute and queries across multiple Aurora Serverless instances while preserving single-database transactional consistency, distributed query planning, and transaction management. Available across multiple AWS regions; review the documentation and pricing for details.

AWS GA: Org Notification Configurations for Organizations

📣 AWS announced general availability of Organizational Notification Configurations for AWS User Notifications, enabling centralized configuration and visibility of notifications across an AWS Organization. The Management Account or up to five Delegated Administrators (DAs) can configure and view notifications for specific OUs or all accounts rolling up to the organization. Events from member accounts generate notifications in the Management Account and can push to the AWS Console Mobile Application and the Admin Console Notifications Center. This capability works with any Amazon EventBridge-supported event and is available in all Regions where AWS User Notifications is offered.

AWS Backup Audit Manager Adds Organization-wide Reports

🔔 AWS has extended AWS Backup Audit Manager to produce organization-wide, cross-account and cross-Region reports in six additional Regions: Asia Pacific (Hyderabad, Jakarta, Melbourne), Europe (Spain, Zurich), and Middle East (UAE). Using an AWS Organizations management or delegated administrator account, you can aggregate compliance and operational backup data across accounts and Regions. The feature centralizes policy enforcement and helps demonstrate adherence to business and regulatory data protection requirements.

Amazon RDS Custom Adds Latest GDR Updates for SQL Server

🔔 Amazon RDS Custom for SQL Server now supports the latest Microsoft GDR updates, including SQL Server 2019 CU32 (KB5063757) — RDS version 15.00.4440.1.v1 — and SQL Server 2022 CU20 (KB5063814) — RDS version 16.00.4210.1.v1. These GDRs remediate multiple vulnerabilities (CVE-2025-49758, CVE-2025-24999, CVE-2025-49759, CVE-2025-53727, CVE-2025-47954). We recommend upgrading instances via the Amazon RDS Management Console or programmatically with the AWS SDK/CLI, and following the Amazon RDS Custom User Guide for detailed upgrade instructions.

Amazon EC2 AMI Usage: Track and Manage AMI Consumption

🔍 Amazon EC2 today announced AMI Usage, a new capability to track AMI consumption across AWS accounts and resources. It generates reports listing accounts that use your AMIs in EC2 instances and launch templates and shows utilization across instances, launch templates, Image Builder recipes, and SSM parameters. This reduces the need for custom scripts, helps safely manage AMI deregistrations, and supports cost optimization. AMI Usage is available at no additional cost in all AWS regions, including China and GovCloud.

Validate SAP HANA Best-Practice Compliance with SSM

🔍 AWS Systems Manager Configuration Manager now supports SAP HANA, enabling automated validation of SAP HANA databases running on AWS against best practices defined in the AWS Well‑Architected Framework SAP Lens. The capability automatically assesses configurations, proactively flags misconfigurations, and provides specific remediation guidance so teams can address issues before they impact operations. Checks can be scheduled or run on demand, and SSM for SAP Configuration Manager is available in all commercial AWS Regions.

Amazon Neptune Adds Public Endpoints for Developers

🌐 Amazon Neptune now supports Public Endpoints, enabling developers to connect to Neptune clusters directly from development desktops without VPNs, bastion hosts, or complex network setups. The capability can be enabled for new or existing clusters running engine version 1.4.6 or later via the AWS Console, CLI, or SDK. Security is maintained using IAM authentication, VPC security groups, and encryption in transit. The feature is available at no additional cost in all Regions where Neptune is offered.

Managed Service for Prometheus: Quota Visibility via AWS

🔍 Amazon Managed Service for Prometheus now exposes applied quota values and utilization through AWS Service Quotas and Amazon CloudWatch. This integration delivers centralized visibility of service limits across workspaces, enables quick quota increase requests, and provides usage metrics that you can incorporate into CloudWatch alarms and dashboards. Usage metrics are always enabled, provided at no extra cost, and accessible via console, APIs, and CLI in all regions where the service is generally available.

AWS adds condition keys to govern Amazon Bedrock API keys

🔐 AWS introduced three new IAM condition keys that let administrators govern API keys for Amazon Bedrock. The keys control which services can be issued service-specific credentials, the maximum allowable age of long-term Bedrock API keys at creation, and whether requests use short-term or long-term bearer tokens. These controls are available in all AWS Regions and are documented in the IAM and Bedrock User Guides.