All news with #aws tag

CrowdStrike Secures AI Across the Enterprise with Partners

🔒 CrowdStrike describes how the Falcon platform delivers unified visibility and lifecycle defense across the full AI stack, from GPUs and training data to inference pipelines and SaaS agents. The post highlights integrations with NVIDIA, AWS, Intel, Dell, Meta, and Salesforce to extend protection into infrastructure, data, models, and applications. It also introduces agentic defense via Charlotte AI for autonomous triage and rapid response, and emphasizes governance controls to prevent data leaks and adversarial manipulation.

Automating OIDC Client Secret Rotation for ALB on AWS

🔁 This AWS blog demonstrates how to automate OIDC client secret rotation for Application Load Balancer authentication using AWS Secrets Manager, AWS Lambda, and Amazon EventBridge. The solution securely stores IdP credentials (Auth0 in the example), schedules a Lambda handler to fetch and compare tokens, and updates Secrets Manager and ALB listener rules when changes occur. It reduces manual effort, limits plaintext credential exposure, and adds monitoring via CloudWatch alarms.

Multi-Region Key Replication in AWS Payment Cryptography

🔐 AWS introduces Multi-Region keys for AWS Payment Cryptography, a built-in option to automatically synchronize exportable symmetric payment keys from a primary Region to one or more replica Regions. You can choose account-level defaults or per-key replication targets, keep consistent key IDs across Regions, and rely on asynchronous replication with monitoring via new CloudTrail events. The feature improves availability and disaster recovery for global payment operations while preserving granular control over replication.

Amazon EKS Adds Community Add-Ons Catalog for GovCloud

🔒Amazon EKS now offers a curated catalog of community add-ons for AWS GovCloud (US) Regions. The catalog includes popular open-source components such as metrics-server, kube-state-metrics, cert-manager, prometheus-node-exporter, fluent-bit, and external-dns, all packaged, scanned, and validated for compatibility by EKS. Container images are hosted in an EKS-owned private ECR repository, and you can install and manage add-ons via the EKS Console, API, CLI, eksctl, or infrastructure-as-code tools like AWS CloudFormation.

AWS launches EC2 I7i storage-optimized instances globally

🚀 Amazon Web Services has announced the availability of high-performance, storage-optimized EC2 I7i instances in the South America (São Paulo) and Canada West (Calgary) regions. Powered by 5th-generation Intel Xeon Scalable processors and 3rd-generation AWS Nitro SSDs, these instances deliver up to 23% better compute and improved price performance versus I4i. I7i offers up to 45TB NVMe, lower latency, and enhanced real-time storage performance, with support for bare-metal sizes and up to 100Gbps networking for I/O-intensive, latency-sensitive workloads.

Amazon Lex Adds LLM-Based NLU for Eight New Languages

🚀 Amazon Lex now leverages large language models to augment the natural language understanding of deterministic conversational bots in eight additional languages: Chinese, Japanese, Korean, Portuguese, Catalan, French, Italian, and German. The enhancement helps voice and chat bots parse complex utterances, tolerate spelling errors, and extract key details from verbose inputs so bots can fulfill customer requests. The capability is available in 10 commercial AWS Regions where Amazon Connect operates.

AWS FIS Adds EBS I/O Latency Injection for Testing

⚙️ Amazon EBS now provides a latency injection action in AWS Fault Injection Service (FIS) to simulate degraded I/O performance on EBS volumes as part of controlled fault injection experiments. The action reproduces real-world signals such as Amazon CloudWatch alarms and OS timeouts so teams can observe application behavior and validate recovery. Pre-defined templates are available in the EBS and FIS consoles, and experiments can be customized or combined with other actions to integrate into chaos engineering and CI workflows. The capability is available in all Regions where FIS is supported.

Amazon EC2 adds detailed NVMe instance store metrics

📊 Amazon announced detailed performance statistics for EC2 instance store NVMe volumes, providing real-time I/O visibility on Nitro-based instances. The capability exposes 11 metrics at one-second granularity, including IOPS, throughput, queue lengths, and latency histograms broken down by IO size. Available by default across AWS Commercial and China Regions at no extra charge, it aligns NVMe monitoring with EBS detailed metrics for a consistent operational experience.

AWS OSPAR 2025 Report: 170 Services Covered Under OSPAR v2.0

🔒 AWS has completed its annual OSPAR 2025 audit cycle under the newly enhanced OSPAR v2.0 guidelines, becoming the first global cloud provider in Singapore to receive the report. The certification covers 170 services in the AWS Asia Pacific (Singapore) Region, including seven newly scoped services such as Amazon DynamoDB Accelerator (DAX) and AWS Payment Cryptography. Customers can retrieve the full report through AWS Artifact to support due diligence and compliance.

Amazon AppStream Adds Fractional GPU Graphics G6 Instances

🖥️ Amazon AppStream 2.0 now supports Graphics G6 instances with fractionalized GPU sizes, enabling customers to provision GPU capacity in smaller fractions (for example 1/2, 1/4, or 1/8) instead of full GPU instances. The new G6f and Gr6f options are built on the EC2 G6 family and are designed to optimize shared GPU resources for graphics workloads that need less than a full GPU. These instances are available in 10 AWS Regions and use pay-as-you-go pricing; they can be launched from the AWS Management Console or via the AWS SDK when creating an image builder or fleet.

Amazon Aurora PostgreSQL Limitless Now in AWS GovCloud

🚀 Amazon Aurora PostgreSQL Limitless Database is now available in AWS GovCloud (US‑East, US‑West), providing a serverless endpoint that transparently distributes data and queries across multiple Aurora Serverless instances while preserving transactional consistency. The service supports PostgreSQL 16.6, 16.8, and 16.9 compatibility and includes distributed query planning and transaction management so you don’t need to build custom sharding or manage multiple databases. Compute automatically scales up and down within customer-specified budgets, reducing the need to provision for peak capacity.

AWS Storage Gateway Adds IPv6 Dual-Stack Support Globally

🌐 AWS Storage Gateway now supports IPv6 for endpoints, APIs, and gateway appliance interfaces, offering new dual‑stack access alongside IPv4. Existing IPv4-only endpoints remain available for backward compatibility. Customers can standardize on IPv6 or transition gradually using the dual‑stack appliances and APIs. Support is available in all AWS Regions where the service is offered.

Amazon S3 Adds Conditional Deletes for General Buckets

🔒 Amazon S3 now supports conditional deletes in S3 general purpose buckets. You can include an HTTP If-Match header with an object's ETag when calling DeleteObject or DeleteObjects; S3 will only delete the object if the provided ETag matches, reducing accidental removals in high-concurrency, multi-writer environments. Administrators can also enforce conditional deletes using the s3:if-match bucket policy condition. The capability is available at no additional cost in all AWS Regions and accessible via the API, SDKs, and CLI.

AWS Transfer Family Now Available in Taipei Region

🚀 AWS announced that AWS Transfer Family is now available in the Asia Pacific (Taipei) Region, supporting SFTP, FTP, FTPS and AS2 for managed file transfers. The service delivers fully managed ingress and egress to Amazon S3 and Amazon EFS, and integrates with event-driven automation to streamline file-processing workflows. This regional availability helps customers modernize and migrate business-to-business file exchanges to AWS while reducing operational overhead.

AWS Adds R8i and R8i-flex Instances in New Regions

🚀 AWS today expanded availability of EC2 R8i and R8i‑flex instances to Asia Pacific (Malaysia, Singapore) and Europe (Frankfurt). These instances use custom Intel Xeon 6 processors exclusive to AWS and deliver up to 15% better price‑performance and 2.5× more memory bandwidth versus prior Intel‑based generations. R8i targets large, memory‑intensive workloads with 13 sizes (including two bare‑metal and a new 96xlarge) and SAP certification at 142,100 aSAPS, while R8i‑flex offers common memory‑optimized sizes from large to 16xlarge for cost-efficient right‑sizing.

OpenSearch Adds Derived Source Feature to Reduce Storage

🔧 Amazon OpenSearch Service announced support for Derived Source, an opt-in feature that lets you omit persisting the document _source and reconstruct it dynamically when needed. The capability, available with OpenSearch 3.1, reduces domain storage by skipping stored _source fields while still supporting search, get, mget, reindex, and update operations. Enable Derived Source at index creation using composite index settings.

OpenSearch Star-Tree Index Speeds Aggregations for Analytics

⚡ OpenSearch introduces the Star-Tree Index, an opt-in index type that pre-aggregates data at ingestion to enable sub-second responses for frequent high-cardinality and multi-dimensional aggregations such as terms, histogram, and range. The feature is designed for real-time analytics and requires no query syntax changes; OpenSearch automatically routes supported queries to the optimized path. Early benchmarks indicate markedly faster aggregation performance on large datasets with minimal impact to ingestion throughput. Available in regions that support OpenSearch 3.1 and enabled at index creation via composite index settings.

Amazon S3 Batch Operations: Manage Objects by Bucket

📦 Amazon S3 Batch Operations now allows users to target all objects within an S3 bucket, or refine selection by prefix, suffix, creation date, or storage class directly from the AWS Management Console. Instead of providing a manifest, customers can specify these filters when creating a job and S3 will apply the chosen operation to every matching object and produce a detailed completion report. Typical use cases include copying between buckets, restoring archived data from Glacier classes, and computing checksums for datasets. The capability is available in all AWS Regions and can also be accessed via the AWS CLI or SDK.

Amazon GuardDuty Protection Plans and Threat Detection

🔐 Amazon GuardDuty centralizes continuous threat detection across AWS using AI/ML and integrated threat intelligence. It offers optional protection plans—S3, EKS, Runtime Monitoring, Malware Protection for EC2 and S3, RDS, and Lambda—that extend detections to service-specific telemetry and runtime behaviors. Built-in Extended Threat Detection correlates signals into high-confidence attack sequences and maps findings to MITRE ATT&CK, providing prioritized remediation guidance.

Amazon SageMaker HyperPod: Slurm Health Agent Now GA

🩺 Amazon announces general availability of the SageMaker HyperPod health monitoring agent for Slurm clusters. The agent runs continuously on GPU- and Trainium-based nodes to perform passive background checks, detect hardware faults (for example, unresponsive GPUs and NVLink errors), and mark and replace unhealthy nodes automatically. It supports automatic reboots and coordinates with Slurm job auto-resume so training can continue from the last checkpoint, reducing manual intervention and downtime.