All news with #aws tag

Amazon RDS Proxy Adds IPv6 Support for Connections

🌐 Amazon RDS Proxy now supports IPv6 addresses for pooling and sharing database connections, while continuing to offer existing IPv4 endpoints for backwards compatibility. Customers may specify proxy target connections using either IPv4 or IPv6. The change reduces the need to manage overlapping VPC address spaces and helps mobile, IoT, and modern serverless applications that open many database connections. By pooling connections, RDS Proxy improves database efficiency and application scalability.

Amazon GuardDuty Adds Custom Entity Lists for Detection

🛡️ AWS announced general availability of Amazon GuardDuty custom threat detection using entity lists, expanding support beyond legacy IP-only lists to include domains and mixed IP/domain lists. The service adds a new finding type, Impact:EC2/MaliciousDomainRequest.Custom, when activity involves a listed domain. Entity lists can also be used to suppress alerts from trusted sources, and they simplify permissions and cross-region management. The capability is available in all Regions where GuardDuty runs, excluding China and GovCloud (US).

Amazon GuardDuty Adds Custom Entity Lists for Domains

🛡️ AWS announced general availability of Amazon GuardDuty custom threat detection using entity lists, extending support beyond IP-only lists to include malicious domains and IP addresses. GuardDuty introduces a new finding type, Impact:EC2/MaliciousDomainRequest.Custom, triggered when activity related to a listed domain is observed. Entity lists also allow suppression of alerts from trusted sources and simplify cross-region permission management, avoiding IAM policy size limits. The feature is available in all GuardDuty Regions except China and GovCloud (US).

Aurora PostgreSQL Limitless Now Supports PostgreSQL 16.9

🚀 Amazon Aurora PostgreSQL Limitless Database now supports PostgreSQL 16.9 compatibility. This release delivers PostgreSQL community bug fixes and performance improvements along with Aurora-specific additions, including support for the hstore and auto_explain extensions. The serverless, distributed engine transparently scales compute and queries across multiple Aurora Serverless instances while preserving single-database transactional consistency, distributed query planning, and transaction management. Available across multiple AWS regions; review the documentation and pricing for details.

AWS Config Tracks Resource Tags for IAM Policies Globally

🔍 AWS Config now records resource tags for IAM policy resource types, enabling you to capture tag values and track their changes directly in your Config recorder. You can scope both Config-managed and custom rule evaluations by tag and use Config aggregators to selectively collect IAM policies across accounts. This capability is available in all supported AWS Regions at no additional cost.

AWS GA: Org Notification Configurations for Organizations

📣 AWS announced general availability of Organizational Notification Configurations for AWS User Notifications, enabling centralized configuration and visibility of notifications across an AWS Organization. The Management Account or up to five Delegated Administrators (DAs) can configure and view notifications for specific OUs or all accounts rolling up to the organization. Events from member accounts generate notifications in the Management Account and can push to the AWS Console Mobile Application and the Admin Console Notifications Center. This capability works with any Amazon EventBridge-supported event and is available in all Regions where AWS User Notifications is offered.

AWS Backup Audit Manager Adds Organization-wide Reports

🔔 AWS has extended AWS Backup Audit Manager to produce organization-wide, cross-account and cross-Region reports in six additional Regions: Asia Pacific (Hyderabad, Jakarta, Melbourne), Europe (Spain, Zurich), and Middle East (UAE). Using an AWS Organizations management or delegated administrator account, you can aggregate compliance and operational backup data across accounts and Regions. The feature centralizes policy enforcement and helps demonstrate adherence to business and regulatory data protection requirements.

Amazon RDS Custom Adds Latest GDR Updates for SQL Server

🔔 Amazon RDS Custom for SQL Server now supports the latest Microsoft GDR updates, including SQL Server 2019 CU32 (KB5063757) — RDS version 15.00.4440.1.v1 — and SQL Server 2022 CU20 (KB5063814) — RDS version 16.00.4210.1.v1. These GDRs remediate multiple vulnerabilities (CVE-2025-49758, CVE-2025-24999, CVE-2025-49759, CVE-2025-53727, CVE-2025-47954). We recommend upgrading instances via the Amazon RDS Management Console or programmatically with the AWS SDK/CLI, and following the Amazon RDS Custom User Guide for detailed upgrade instructions.

Amazon EC2 AMI Usage: Track and Manage AMI Consumption

🔍 Amazon EC2 today announced AMI Usage, a new capability to track AMI consumption across AWS accounts and resources. It generates reports listing accounts that use your AMIs in EC2 instances and launch templates and shows utilization across instances, launch templates, Image Builder recipes, and SSM parameters. This reduces the need for custom scripts, helps safely manage AMI deregistrations, and supports cost optimization. AMI Usage is available at no additional cost in all AWS regions, including China and GovCloud.

Validate SAP HANA Best-Practice Compliance with SSM

🔍 AWS Systems Manager Configuration Manager now supports SAP HANA, enabling automated validation of SAP HANA databases running on AWS against best practices defined in the AWS Well‑Architected Framework SAP Lens. The capability automatically assesses configurations, proactively flags misconfigurations, and provides specific remediation guidance so teams can address issues before they impact operations. Checks can be scheduled or run on demand, and SSM for SAP Configuration Manager is available in all commercial AWS Regions.

Amazon Neptune Adds Public Endpoints for Developers

🌐 Amazon Neptune now supports Public Endpoints, enabling developers to connect to Neptune clusters directly from development desktops without VPNs, bastion hosts, or complex network setups. The capability can be enabled for new or existing clusters running engine version 1.4.6 or later via the AWS Console, CLI, or SDK. Security is maintained using IAM authentication, VPC security groups, and encryption in transit. The feature is available at no additional cost in all Regions where Neptune is offered.

Managed Service for Prometheus: Quota Visibility via AWS

🔍 Amazon Managed Service for Prometheus now exposes applied quota values and utilization through AWS Service Quotas and Amazon CloudWatch. This integration delivers centralized visibility of service limits across workspaces, enables quick quota increase requests, and provides usage metrics that you can incorporate into CloudWatch alarms and dashboards. Usage metrics are always enabled, provided at no extra cost, and accessible via console, APIs, and CLI in all regions where the service is generally available.

AWS adds condition keys to govern Amazon Bedrock API keys

🔐 AWS introduced three new IAM condition keys that let administrators govern API keys for Amazon Bedrock. The keys control which services can be issued service-specific credentials, the maximum allowable age of long-term Bedrock API keys at creation, and whether requests use short-term or long-term bearer tokens. These controls are available in all AWS Regions and are documented in the IAM and Bedrock User Guides.

AWS Clean Rooms Adds Configurable PySpark Compute Capacity

🔧 AWS Clean Rooms now lets customers configure compute size for PySpark analyses, enabling selection of instance type and cluster size at job runtime for each analysis. Customers can choose larger instances for complex datasets and higher performance or smaller instances to optimize costs. The change provides flexible, per-job resource allocation to balance scale, throughput, and budget while maintaining Clean Rooms' collaborative data protections.

Amazon RDS: PostgreSQL 18 RC1 in Preview Environment

🆕 Amazon RDS for PostgreSQL 18 Release Candidate 1 (RC1) is now available in the Amazon RDS Database Preview Environment, letting customers evaluate a fully managed pre-release. PostgreSQL 18 adds skip scan support for multicolumn B-tree indexes, parallel GIN index builds, improved OR/IN WHERE handling, and updated join behavior. Observability enhancements expose buffer usage counts, index lookup details during execution, and a per-connection I/O utilization metric. Preview instances are retained for up to 60 days, snapshots remain usable only within the preview, and pricing follows the US East (Ohio) region.

Amazon ECR Repository Templates Now in AWS GovCloud

📦 Amazon ECR now supports repository creation templates in AWS GovCloud (US) Regions. Templates let you preconfigure encryption, lifecycle policies, access permissions, and tag immutability for repositories that ECR creates during pull-through cache and replication operations. Templates use a prefix to automatically match and apply settings to new repositories, reducing manual setup and helping enforce consistent registry governance across environments.

AWS CloudFormation Hooks Adds Managed Proactive Controls

🔔 AWS CloudFormation Hooks now supports managed proactive controls, allowing teams to validate resource configurations against AWS best practices without writing custom Hook logic. Customers can select controls from the AWS Control Tower Controls Catalog and apply them during CloudFormation operations, and run them in warn mode for nonblocking evaluation before enforcing policies. A new Hooks Invocation Summary page provides a centralized historical view of control executions and outcomes to simplify compliance reporting and troubleshooting.

Amazon Connect: Expanded Disconnect Reasons for Outbound

📞 Amazon Connect now provides expanded disconnect reasons that map outbound call failures to standard telecom error codes. These enhanced reasons appear in Contact Trace Records and reporting, giving contact center teams real-time visibility into granular disconnection data to speed troubleshooting and reduce support tickets. The feature is available in all AWS regions where Amazon Connect is offered; refer to the public documentation and best practice guide for implementation details.

AWS Console Adds ECS Exec for Direct Container Shell Access

🔐 The AWS Management Console now supports ECS Exec, allowing operators to open secure, interactive shell sessions to running containers directly from the console. This removes the need to switch to the CLI, API, or SDKs for troubleshooting and avoids opening inbound ports or managing SSH keys. You can enable ECS Exec when creating or updating services and standalone tasks, and configure encryption and logging at the cluster level. Sessions launch through CloudShell, and the console displays the underlying AWS CLI command for reuse in a local terminal.

AWS HealthOmics private workflows now in Seoul Region

🧬 AWS HealthOmics private workflows are now available in the Asia Pacific (Seoul) Region, providing fully managed bioinformatics pipelines for healthcare and life sciences customers in Korea. The HIPAA-eligible service supports domain-specific languages such as Nextflow, WDL, and CWL and offers features like call caching, dynamic run storage, Git integrations, and ECR pull-through cache. These capabilities simplify pipeline migration, accelerate genomics development, and help maintain data provenance and compliance.