All news with #aws tag

AWS Transfer Family Adds Terraform SFTP Connector Support

🚀 The AWS Transfer Family Terraform module now supports provisioning SFTP connectors to transfer files between Amazon S3 and remote SFTP servers. Announced 2025-08-27, the addition builds on existing Terraform support for SFTP server endpoints and enables programmatic provisioning of connectors, dependencies, and customizations in a single IaC deployment. The module includes end-to-end examples to automate transfers on schedules or event triggers, reducing manual configuration and improving repeatability, security, and scale.

AWS Network Firewall adds ReceivedBytes metric in CloudWatch

🔍 AWS has added the new ReceivedBytes metric for AWS Network Firewall to Amazon CloudWatch, giving customers per-firewall visibility into total incoming bytes inspected. The metric differentiates counts for the stateless and stateful engines, enabling more granular analysis of processing and performance. Available in all Regions where Network Firewall is supported, the data can be integrated into existing monitoring, alerting, and optimization workflows to support capacity planning and cost reduction.

SageMaker HyperPod Supports Customer-Managed KMS for EBS

🔐 Amazon SageMaker HyperPod now supports customer-managed AWS KMS keys (CMKs) to encrypt EBS volumes, giving enterprises direct control over encryption for root and secondary storage. This enables integration with existing key management and compliance workflows and uses a grants-based approach for secure cross-account access. Customers can specify CMKs via the CreateCluster and UpdateCluster APIs for clusters in continuous provisioning mode. The capability is available in all Regions where HyperPod runs.

Whistleblower: DOGE Placed SSA NUMIDENT on Insecure Cloud

⚠️A protected whistleblower alleges that the Department of Government Efficiency (DOGE) copied the Social Security Administration's NUMIDENT database to an unsecured Amazon Web Services test environment, bypassing mandated oversight and authorization. The complaint names several DOGE-affiliated hires and documents approvals and risk assessments dated June 12, June 25, and July 25, 2025. It alleges the move circumvented required FISMA authorization and NIST SP 800-53 controls, exposing sensitive personal data for more than 300 million people and potentially violating the Privacy Act and the CFAA.

Amazon EC2 C7i Instances Now Available in Osaka Region

🚀 Amazon EC2 C7i instances powered by custom 4th Gen Intel Xeon Scalable processors are now available in the Asia Pacific (Osaka) Region. C7i delivers up to 15% better performance versus comparable x86-based Intel processors and up to 15% improved price-performance over C6i. Instances scale to 48xlarge and provide two bare-metal sizes with Intel accelerators, support Intel AMX, and allow up to 128 EBS volumes to better handle compute-intensive workloads.

Custom Metrics in Amazon CloudWatch Application Signals

🔍 Amazon CloudWatch Application Signals now supports Custom Metrics, enabling developers and operators to define and visualize application-specific telemetry alongside standard health metrics such as fault rates, errors, and latency. You can ingest metrics directly with OpenTelemetry Metrics or derive them from spans using the OpenTelemetry Traces SDK and Metrics Filters. The Application Signals console offers correlated views in the Related Metrics tab, interactive visualization, and quick navigation to correlated spans, top contributors, and related logs. Custom Metrics support is available in all regions where Application Signals is offered; see documentation and CloudWatch pricing for details.

AWS SageMaker Adds P5.4xlarge with NVIDIA H100 GPU

🚀 Amazon SageMaker Training and Processing Jobs now supports the new EC2 P5 instance size with a single NVIDIA H100 GPU, offering the P5.4xlarge configuration for cost‑effective ML and HPC workloads. The instance enables fine-grained scaling so customers can begin with smaller configurations and expand incrementally, improving cost management and infrastructure flexibility. P5.4xlarge is available via SageMaker Flexible Training Plans and in select regions through On‑Demand and Spot.

AWS App Runner Adds IPv6 for Inbound and Outbound Traffic

🌐 AWS App Runner now supports IPv6 for both inbound and outbound traffic on public and private service endpoints. This removes the need for IPv4/IPv6 address translation and helps customers meet IPv6 compliance requirements. You enable the capability by selecting the dual-stack option in the networking configuration for new or existing services. IPv6 support is available in all Regions where App Runner is offered.

AWS Console Adds Account Color Settings for Quick ID

🎨 Today AWS announced general availability of account color settings in the AWS Management Console across all Public Regions. Account administrators can assign a persistent color (for example, red for production or yellow for testing) that appears in the Console navigation bar for all authorized users, enabling quick visual identification of accounts. The default color is grey; viewing the color requires AWSManagementConsoleBasicUserAccess or the custom permission uxc:getaccountcolor.

Amazon Braket local device emulator for verbatim circuits

🔬 Amazon Braket now offers a local device emulator to test verbatim circuits with device-specific constraints and realistic noise models before running on quantum hardware. The emulator validates qubit connectivity, native gate sets, and topology while applying depolarizing channels to one- and two-qubit gates using device calibration data and local density-matrix simulation. It supports both real-time and historical calibration snapshots and can be instantiated from AWS quantum devices or custom device properties via the Amazon Braket SDK, integrating into existing workflows so developers can catch compatibility and performance issues early without incurring hardware costs.

AWS Client VPN Adds Connectivity for IPv6 Resources

🔒 AWS Client VPN now supports secure remote access to IPv6-enabled VPC resources, allowing administrators to connect remote users and devices directly to IPv6 workloads. Administrators can deploy IPv6-only or dual-stack Client VPN endpoints to preserve end-to-end IPv6 connectivity and simplify network design for organizations adopting IPv6. This capability expands prior IPv4-only support and helps meet IPv6 adoption and compliance goals. The feature is generally available in all Client VPN regions except Middle East (Bahrain) and is provided at no additional cost, with IPv6 and dual-stack endpoints billed at the existing per-hour endpoint rate.

Amazon GameLift Streams Adds Default Application Controls

🚀 Amazon GameLift Streams now gives developers finer control over default applications for stream groups. You can create stream groups without assigning a default, change which linked application serves as the default, or unlink a default without deleting the group. The service console and APIs — including UpdateStreamGroup, AssociateApplications, and DisassociateApplications — have been updated to manage default application configurations.

Amazon RDS for Oracle adds ECC384 CA and ECDSA ciphers

🔒 Amazon RDS for Oracle now supports an ECC384 Certificate Authority and two new ECDSA cipher suites for SSL and OEM Agent options on Oracle Database 19c and 21c. The added cipher suites — TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 and TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 — offer security comparable to RSA with shorter keys and lower CPU usage. To enable them, select rds-ca-ecc384-g1 as the CA for your DB instances and follow the documented steps to add SSL or modify OEM Agent settings.

Amazon MWAA Enables In-place Downgrades of Airflow

🔄 You can now perform in-place minor Apache Airflow version downgrades on Amazon Managed Workflows for Apache Airflow (MWAA). This feature lets administrators revert an MWAA environment to any other supported minor Airflow version without needing to recreate the environment. You can also launch new Airflow environments in all currently supported MWAA regions via the AWS Management Console with a few clicks. For details, see the Amazon MWAA documentation.

AWS Elastic Beanstalk Now in Thailand, Malaysia, Spain

📢 AWS announced general availability of AWS Elastic Beanstalk in Asia Pacific (Thailand), Asia Pacific (Malaysia), and Europe (Spain). The service automates application deployment, capacity provisioning, load balancing, auto-scaling, and application health monitoring so developers can focus on writing code. These region additions provide local access that can reduce latency, help address data-residency and compliance requirements, and broaden deployment options for customers in Southeast Asia and Spain. Customers can follow the Elastic Beanstalk developer guidance to begin deploying applications in the new regions.

Amazon RDS for Oracle: Redo Transport Compression Now

⚙️ Amazon RDS for Oracle now supports Redo Transport Compression, which compresses redo data before it is transmitted to standby databases to reduce network traffic and improve redo transport performance. Because transport is faster, customers can achieve a lower Recovery Point Objective (RPO). Compression and decompression consume CPU on both primary and standby instances, so ensure adequate CPU capacity before enabling. Enable the feature by setting the redo_compression parameter in the instance Parameter Group; it supports mounted and read replicas and requires Oracle Enterprise Edition with Oracle Advanced Compression licensing.

Aurora DSQL Adds FIS Integration for Resilience Testing

🔧 Amazon announces that Aurora DSQL now integrates with AWS Fault Injection Service (FIS) to enable controlled resilience testing for applications that depend on Aurora DSQL. Customers can simulate regional connectivity disruptions and full inaccessibility to validate failover, reconnection, and recovery behaviours across single-Region and multi-Region deployments. Experiment templates can be included in CI pipelines and FIS generates detailed reports that can be stored in Amazon S3 for auditing and compliance. The capability is available in multiple AWS Regions.

AWS Deadline Cloud Adds Cinema 4D and Redshift on Linux

🎬 Starting today, AWS Deadline Cloud supports running Maxon Cinema 4D and Redshift render jobs on Linux service-managed fleets. Previously limited to Windows-only service-managed fleets, the new Linux option reduces worker compute costs and lets teams provision and elastically scale rendering capacity automatically. Service-managed fleets can be configured in minutes and the feature is available in all regions where Deadline Cloud is offered.

Amazon Polly adds seven expressive generative voices

🔊 Amazon Polly announces general availability of seven new highly expressive generative voices in English, French, Polish, and Dutch. The release introduces one male-sounding voice (Canadian French - Liam) and six female-sounding voices, including US English - Salli and Polish - Ola and Ewa, bringing the Generative TTS roster to 27 voices. These generative voices are available in US East (N. Virginia), US West (Oregon), and Europe (Frankfurt), and leverage Polly’s GenAI-based polyglot capability to preserve a consistent vocal identity across languages.

AWS Transform for .NET Adds Azure DevOps Repos Support

🔗 AWS Transform for .NET now supports Azure DevOps repositories alongside GitHub, GitLab, and Bitbucket. You can connect Azure DevOps repos directly to AWS Transform to discover, assess, and transform hundreds of repositories in parallel and run unit tests as part of the modernization workflow. Dependencies hosted in Azure Artifacts (NuGet) are resolved automatically during transformation, simplifying migration of .NET Framework applications to Linux-ready, cross-platform .NET while preserving Azure DevOps workflows.