All news with #aws tag

Amazon QuickSight Launches in Israel and UAE Regions

📍 Amazon QuickSight is now available in the Israel (Tel Aviv) and United Arab Emirates (Dubai) AWS Regions, enabling local customers to author, share, and embed interactive analytics at scale. QuickSight is a fast, fully managed BI service that supports browser-based dashboard creation and can be shared with tens of thousands of users without provisioning infrastructure. The launch expands QuickSight to 25 regions globally, improving latency, data residency options, and compliance for regional organizations.

AWS End User Messaging Adds International Toll‑Free SMS

📣 AWS End User Messaging now supports international SMS sending from US toll-free numbers to more than 150 countries, including Canada. This lets customers use a single US toll-free number to reach supported global destinations, simplifying account and resource setup. Available in all AWS Regions where AWS End User Messaging is offered, the capability supports common use cases such as OTPs, notifications, reminders, and promotions.

Amazon Disrupts APT29 Watering-Hole Device Code Scam

🛡️ Amazon says its security team detected and disrupted an opportunistic watering-hole campaign attributed to APT29 that redirected visitors from compromised sites to attacker-controlled domains mimicking Cloudflare verification pages. The threat used the Microsoft device code authentication flow to trick users into authorizing attacker-controlled devices. Amazon observed multiple evasion techniques and continued tracking as the actor migrated infrastructure.

AWS HealthOmics Adds Third-Party Container Registry Support

🧬 AWS HealthOmics now supports third-party container registries through Amazon ECR pull-through cache and a new container URI remapping capability, easing access to tools hosted on Docker Hub, GitHub, Quay, GitLab, Azure, and other registries. The pull-through cache automatically retrieves and caches images while URI remapping translates third-party references to private ECR URIs using customer-defined mapping rules. These capabilities remove the need for manual image migration or workflow edits and are available in all regions where AWS HealthOmics is offered, helping bioinformatics teams accelerate workflow development and execution.

Amazon Verified Permissions Adds Four New AWS Regions

🔒 Amazon Verified Permissions is now available in Asia Pacific (Taipei), Asia Pacific (Thailand), Asia Pacific (Malaysia), and Mexico (Central), expanding regional coverage to 35 AWS Regions. The managed service provides scalable, fine-grained authorization using the open-source Cedar policy language, enabling applications to enforce permissions as policies rather than embedding them in code. Developers and administrators can define role-, attribute-, and context-aware access controls for APIs and application resources, simplifying authorization and improving governance.

Amazon EC2 I8ge Instances: Graviton4 Storage Optimized

🚀 Amazon Web Services announced general availability of Amazon EC2 I8ge instances, storage-optimized instances powered by AWS Graviton4 processors. They deliver up to 60% better compute and up to 55% better real-time storage performance per TB compared with previous Graviton2/Im4gn generations. I8ge offers up to 120 TB local NVMe instance storage, 1,536 GiB memory, sizes up to 48xlarge plus two metal options, and up to 300 Gbps networking, making them suitable for real-time databases, analytics, search, and streaming workloads. Instances are available in US East (Ohio), US East (N. Virginia), and US West (Oregon).

Amazon EMR S3A Connector: Faster S3 Access for Analytics

🚀 Amazon Web Services announced the Amazon EMR S3A connector, an AWS-optimized S3 interface for Apache Hadoop, Spark, and Hive on EMR. It extends open-source S3A with AWS-specific enhancements including MagicCommitter V2, improved credentials resolution, accelerated prefix listing, and Spark fine-grained access control. The connector is pre-configured in EMR release 7.10 and later and is available in all Regions where EMR runs.

Amazon EMR Adds Spark FGAC and Glue Data Catalog Views

🔒 Amazon EMR on EC2 now supports Apache Spark native fine-grained access control (FGAC) through AWS Lake Formation and adds support for AWS Glue Data Catalog views. These capabilities let administrators define and enforce granular Lake Formation policies once and apply them consistently to Spark jobs and interactive sessions, reducing administrative overhead and security risk. Access checks support named resource grants, data filters, and tag-based controls and are logged in AWS CloudTrail for auditing.

AWS IAM: New VPC Endpoint Condition Keys for Perimeter

🔐 AWS Identity and Access Management (IAM) introduces three global condition keys — aws:VpceAccount, aws:VpceOrgPaths, and aws:VpceOrgID — to enforce that requests to resources or identities originate via VPC endpoints. These keys provide account-, organization-path-, and organization-level granularity, automatically scaling as endpoints are added or removed. Use them in new or existing SCPs, RCPs, resource-based, and identity-based policies. They are supported for selected services in commercial Regions where AWS PrivateLink is available.

Amazon Disrupts APT29 Watering Hole Campaign Targeting Users

🔒 Amazon's threat intelligence team identified and disrupted a watering hole campaign conducted by APT29, a group linked to Russia’s SVR. The actor compromised legitimate websites and injected obfuscated JavaScript to redirect a subset of visitors to attacker-controlled pages that mimicked Cloudflare verification. The campaign aimed to abuse Microsoft's device code authentication flow to trick users into authorizing attacker-controlled devices; Amazon isolated affected EC2 instances and coordinated with partners to disrupt infrastructure and share intelligence.

Amazon SageMaker Lakehouse Adds Tag-Based Access Control

🏷️ Amazon SageMaker lakehouse now supports tag-based access control (TBAC) across federated catalogs, extending capability beyond the default AWS Glue Data Catalog to Amazon S3 Tables, Amazon Redshift, and federated sources such as DynamoDB, PostgreSQL, and SQL Server. TBAC lets administrators group resources with tags, grant access based on those tags, and rely on tag inheritance so new tables automatically receive fine-grained controls. Administrators can create and apply tags via the AWS Lake Formation console and grant tag-based permissions to principals; tagged resources are then usable through Amazon Athena, Amazon Redshift, Amazon EMR, and SageMaker Unified Studio. The feature is available in all commercial AWS Regions via the Console, AWS CLI, and SDKs, with supporting Lake Formation Tags documentation and a blog post.

AWS Adds VPC Endpoint Organization-Based Policy Keys

🔐 AWS introduced three new global IAM condition keys—aws:VpceAccount, aws:VpceOrgPaths, and aws:VpceOrgID—to simplify network-origin access controls across multiple accounts and OUs. These keys let administrators restrict resource access based on the account, organizational unit path, or organization that owns the VPC endpoint used for a request, reducing the need to enumerate VPC or VPC endpoint IDs. Example use cases include S3 bucket policies and centrally applied RCPs or SCPs to enforce corporate network perimeters and intra-organization segmentation; adoption depends on service support and testing prior to production rollout.

Amazon Q Developer adds MCP admin control in AWS Console

🔒 Administrators can now manage the Model Context Protocol (MCP) servers used by Amazon Q Developer clients from the AWS console. Admins can enable or disable MCP functionality across their organization; when disabled, users cannot add MCP servers and previously defined servers are not initialized. Q Developer enforces admin settings at session start and every 24 hours. The control covers the CLI and IDE plugins (VSCode, JetBrains, Visual Studio, Eclipse).

AWS HealthOmics Adds Nextflow Task-Level Timeout Support

🕒 AWS HealthOmics now supports the Nextflow time directive, enabling task-level timeout controls to limit runtime for specific Nextflow tasks. Customers can automatically cancel tasks that exceed defined durations to prevent wasted compute and downstream delays. AWS HealthOmics is HIPAA-eligible, and this capability is available in all regions where the service operates.

Amazon EBS Adds Snapshot Copy Support for Local Zones

🔁 Amazon Elastic Block Store (EBS) now supports snapshot copy for AWS Local Zones, enabling point-in-time local snapshots to be copied to the parent Region or another Local Zone. The feature is generally available and accessible via the AWS Console, CLI, and SDKs. This capability helps customers meet disaster recovery, data migration, and compliance requirements by storing snapshots in Amazon S3 within the chosen Region or Local Zone.

AWS IoT ExpressLink Technical Specification v1.3 Released

🔧 AWS IoT ExpressLink technical specification v1.3 introduces expanded Bluetooth Low Energy (BLE) capabilities and a new set of I/O control commands that enable host processors to manage module pins. The BLE enhancements make it easier for devices to advertise presence and capabilities and to pair securely within a local Personal Area Network (PAN). The I/O control commands allow an ExpressLink-powered module to act as a flexible digital and analog I/O expander. AWS Partners including Espressif and u‑blox have adopted the update for their Wi‑Fi and BLE qualified modules.

Amazon Connect Adds Generative Text-to-Speech Voices

🔊 Amazon Connect now provides generative text-to-speech voices—20 generative-enhanced voices across English, French, Spanish, German, and Italian. Use them for welcome messages, policy announcements, or dynamic conversational AI, configurable in the drag-and-drop flow designer via the “Set Voice” block or through public APIs. Available in US East (N. Virginia), Europe (Frankfurt), and US West (Oregon). Pricing options include unlimited AI or individual per-use pricing.

Amazon EC2 U7i-12TB High Memory Instances in Seoul

🚀 Amazon EC2 High Memory U7i instances (u7i-12tb.224xlarge) with 12TiB of DDR5 memory are now available in the AWS Asia Pacific (Seoul) Region. Powered by custom fourth-generation Intel Xeon Scalable (Sapphire Rapids) processors, the U7i-12tb offers 896 vCPUs, ENA Express support, and up to 100 Gbps for both EBS and network throughput. These instances are designed for mission-critical in-memory databases and large transactional workloads such as SAP HANA, Oracle, and SQL Server, enabling faster data loading, backups, and higher transaction processing throughput.

AWS launches M8i and M8i-flex EC2 instances, Xeon 6

🚀 AWS has made the new M8i and M8i-flex EC2 instances generally available, powered by custom Intel Xeon 6 processors exclusive to AWS. The instances offer up to 15% better price-performance and 2.5x the memory bandwidth versus previous Intel-based generations, and AWS reports up to 20% higher performance compared with M7i and M7i-flex with larger gains for specific workloads. Initial availability includes US East (N. Virginia), US East (Ohio), US West (Oregon), and Europe (Spain).

Amazon OpenSearch Serverless Adds ABAC and RCP Support

🔐 Amazon announced that OpenSearch Serverless now supports attribute-based authorization (ABAC) for Data Plane APIs, enabling identity policies in AWS IAM to control data read and write operations on collections. The release also introduces resource control policy (RCP), a new AWS Organizations–managed policy type that enforces organization-wide preventative controls centrally. Customers should check regional availability and consult the documentation for implementation guidance.