All news with #aws tag

🌐 AWS has expanded availability of second-generation Outposts racks to 20 additional countries, enabling customers to deploy AWS infrastructure and services on-premises for low-latency access, data residency, and local processing. These racks support the latest x86 Amazon EC2 instance families (C7i, M7i, R7i) with up to 40% better performance versus first-generation racks, and they introduce simplified network scaling plus a new class of accelerated networking instances optimized for ultra-low latency and high throughput.

⚠️ A recent Pentera investigation discovered nearly 2,000 intentionally vulnerable security-testing web applications (DVWA, OWASP Juice Shop, Hackazon, bWAPP) exposed on the public internet, often running from overly privileged cloud accounts on AWS, GCP and Azure. Attackers exploited these instances to deploy crypto miners, install webshells and create persistence mechanisms, then pivot to sensitive cloud resources. Affected vendors including Cloudflare, F5 and Palo Alto Networks were notified and remediated issues. Pentera recommends inventories, isolation of test systems, enforcement of least-privilege IAM, and elimination of default credentials.

🔧 The AWS Transfer Family Terraform module now supports provisioning Transfer Family web apps, offering a branded, managed web portal for users to browse, upload, and download data in Amazon S3. The module centralizes deployment with federated authentication via AWS IAM Identity Center and fine-grained permissions using S3 Access Grants. An included end-to-end example covers Identity Center user and group assignment, Access Grants setup, web app configuration, and CloudTrail auditing.

🛡️ Amazon RDS for SQL Server now supports native differential and transaction log restores for instances configured with Multi‑AZ and same‑region read replicas. This removes the prior requirement to convert instances to Single‑AZ before performing differential or log restores. Customers can reduce restore time while maintaining Multi‑AZ high availability and preserving Read Replica read capacity. The feature is available in all Regions where RDS for SQL Server is offered.

📦 Amazon Elastic Container Registry (ECR) now supports cross-repository layer sharing via a capability called blob mounting. By enabling this registry-level setting through the ECR console or AWS CLI, teams can reuse identical image layers across repositories to accelerate image pushes and reduce duplicate storage. Blob mounting is available in all AWS commercial and AWS GovCloud (US) Regions and is applied automatically during image push operations.

🔁 Amazon SageMaker Unified Studio now supports cross-Region subscriptions and IAM role-based subscriptions, enabling teams to subscribe to AWS Glue and Amazon Redshift tables and views published in different AWS Regions. Cross-Region support helps break down data silos and removes the need for manual replication. IAM role-based subscriptions let users request access without creating a SageMaker project, simplifying governance. These APIs are available via the SageMaker console, Amazon DataZone API, SDK, and AWS CLI.

🔒 AWS has published its Fall 2025 SOC 1, SOC 2, and SOC 3 reports covering 185 services for the 12‑month period from October 1, 2024 through September 30, 2025, providing customers with a full year of assurance. Customers can download SOC 1 and SOC 2 reports via AWS Artifact, while the SOC 3 report is available on the AWS SOC compliance page. AWS continues to expand the set of services in scope and encourages customers to contact their account team with questions.

🔌 AWS IoT Device Management now offers the managed integrations feature in the Middle East (UAE), enabling local organizations to onboard and manage diverse IoT devices via a single interface. The capability includes device SDKs and protocol support for ZigBee, Z-Wave, Matter, and Wi‑Fi, along with partner cloud-to-cloud connectors and 80+ device data model templates. These tools help developers accelerate integrations for home security, energy management, and elderly care monitoring, regardless of whether devices connect directly, through hubs, or via third-party clouds.

🚀 AWS Glue is now available in the Asia Pacific (New Zealand) Region, enabling customers to build and run ETL workloads closer to their data sources. The AWS Glue serverless data integration service offers both visual and code-based interfaces to discover, prepare, and combine data for analytics, machine learning, and application development. This regional launch reduces latency, eases data residency compliance, and accelerates time-to-insight for New Zealand workloads.

🔧 Amazon QuickSight has enhanced its SPICE in-memory engine to support datasets up to 2 TB, doubling the prior 1 TB limit, while optimizing ingestion and refresh to reduce time to insight. String length limits have been increased from 2K to 64K Unicode characters and timestamp support extended from year 1400 back to 0001. These capabilities are available in Enterprise Editions across supported regions.

🔔 Amazon RDS for Oracle now supports bare metal instances with Bring Your Own License (BYOL) for Oracle Standard Edition 2. Supported bare metal families include M7i, R7i, X2iedn, X2idn, X2iezn, M6i, M6id, M6in, R6i, R6id, and R6in, offered at a 25% lower price than equivalent virtualized instances. Bare metal provides full visibility into CPU cores and sockets, which may reduce licensing and support costs—consult your legal or licensing partner to confirm eligibility. Bare metal is also available for Oracle Enterprise Edition under BYOL; check RDS pricing and region availability for specific configurations.

🛡️ Amazon announced quarterly security and critical updates for Amazon Corretto LTS distributions on January 20, 2026. Updated builds — Corretto 25.0.2, 21.0.10, 17.0.18, 11.0.30, and 8u482 — are available for download. Customers can obtain releases from the Corretto home page or configure Apt, Yum, or Apk repositories on Linux to receive updates. Feedback and issue reports are invited via the Corretto GitHub repository.

🔁 Amazon RDS Blue/Green Deployments now provide faster switchover for single-Region configurations, typically reducing writer-node downtime to five seconds or lower. Applications using the AWS Advanced JDBC Driver typically see cutovers of two seconds or lower because DNS propagation delays are avoided. The enhancement supports Amazon Aurora and Amazon RDS engines — including PostgreSQL, MySQL, and MariaDB — in all AWS Regions, and you can apply changes such as major engine upgrades, maintenance updates, and instance scaling via the Amazon RDS Console or CLI in a few clicks.

🚀 AWS has expanded support for Graviton4-based R8g, plus R7g and R7i, across additional regions for Amazon Aurora and Amazon RDS. The launch adds R8g availability in Hong Kong, Osaka, Jakarta, Seoul, Singapore and Canada (Central), with R7i in Hyderabad and R7g in Cape Town. Graviton4 instances deliver up to 40% higher performance and up to 29% better price/performance versus Graviton3, and introduce 24xlarge/48xlarge sizes (up to 192 vCPUs) with DDR5, high networking, and enhanced EBS bandwidth. Instances can be launched via the RDS console or AWS CLI; consult engine-version documentation and RDS pricing for details.

🚀 Amazon EC2 G7e instances are now generally available, powered by NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs. G7e delivers up to 2.3x inference performance versus G6e and supports configurations with up to 8 GPUs (96 GB each), 5th Gen Intel Xeon processors, 192 vCPUs, and up to 1600 Gbps of Elastic Fabric Adapter networking. Designed for LLMs, multimodal and spatial computing workloads, G7e includes NVIDIA GPUDirect P2P and RDMA support in EC2 UltraClusters and is available in US East (N. Virginia) and US East (Ohio) as On‑Demand, Spot, or via Savings Plans.

📊 Amazon QuickSight now lets dashboard readers customize tables and pivot tables directly within dashboards, including adding or removing fields, changing aggregations, and modifying formatting without requiring updates from dashboard authors. These in-dashboard edits enable users to tailor views for specific analyses—for example, sales managers can add revenue breakdowns by category while finance teams switch aggregations from sum to average. The features are available in Enterprise Edition across all supported QuickSight regions; see the AWS blog for usage guidance.

🔍 Amazon has expanded CloudWatch Database Insights on-demand analysis to four additional Regions: Asia Pacific (New Zealand), Asia Pacific (Taipei), Asia Pacific (Thailand), and Mexico (Central). The on-demand experience uses machine learning to compare selected time periods against normal baselines, detect anomalies, and provide targeted remediation guidance. Administrators can enable Advanced mode for Amazon Aurora and Amazon RDS via the RDS console, APIs, SDKs, or CloudFormation to accelerate diagnosis and resolution.

🛠 Amazon Elastic VMware Service (Amazon EVS) now lets administrators specify supported combinations of VMware Cloud Foundation (VCF) and ESX software versions when provisioning environments and hosts. You can designate a VCF version with the CreateEnvironment API, select an ESX version when adding hosts via CreateEnvironmentHost, and query valid pairings with the GetVersions API. AWS also adds support for new environment deployments using VCF 5.2.2 to broaden compatibility.

🚀 AWS has expanded availability of its EC2 High Memory U7i instances into additional regions. New placements include U7i-6tb.112xlarge in Asia Pacific (Thailand, Sydney, Singapore), Canada (Central) and AWS GovCloud (US‑East); U7i-8tb.112xlarge in South America (Sao Paulo); and U7in-16tb.224xlarge in AWS GovCloud (US‑East). These 7th‑generation instances use custom 4th‑gen Intel Xeon (Sapphire Rapids), provide 6–16 TiB of DDR5 memory, up to 896 vCPUs, 100–200Gbps networking, EBS throughput and ENA Express, and are targeted at mission‑critical in‑memory databases such as SAP HANA, Oracle and SQL Server.

🔒 This post outlines a practical technical approach to implementing data governance on AWS, focusing on monitoring, preventive controls, automated remediation, and advanced features such as data sovereignty and lifecycle management. It recommends an event-driven model using CloudTrail, EventBridge, Lambda, and AWS Config to validate and enforce tagging and security controls. The guidance covers organization-wide tag policies, ABAC with IAM conditions, multi-account strategies, and integration with on-premises governance via Service Catalog and compliant CloudFormation products.