All news with #aws tag

💬 AWS announced general availability of Amazon Quick Suite Embedded Chat, a ready-made conversational AI you can embed into applications via one-click embedding or API-based iframes. The agent unifies structured data and unstructured knowledge in a single conversation so users can reference KPIs, pull file details, check customer feedback, and trigger actions without leaving the app. Connectors include SharePoint, websites, Slack, and Jira, and enterprises retain control over data access and action scopes. Embedded Chat is available in select Regions with no additional charge beyond existing Quick Suite pricing.

🔗 AWS announces general availability of AWS Glue catalog federation for remote Apache Iceberg catalogs. The feature enables analytics engines to query Iceberg tables stored in Amazon S3 and cataloged remotely without moving or copying data, with real-time metadata synchronization to the AWS Glue Data Catalog. It leverages AWS Lake Formation for fine-grained access controls and supports the Iceberg REST specifications; federation is available in the Lake Formation console and via SDKs/APIs.

🔐 Amazon Redshift now supports federated permissions to centralize and enforce data access policies across multiple Redshift warehouses, reducing governance overhead for multi-warehouse deployments. Registered warehouses are auto-mounted account-wide and can be queried using existing workforce identities via AWS IAM Identity Center or IAM roles. Row-level, column-level, and masking controls are applied automatically, ensuring consistent fine-grained access control regardless of query location.

🔁 AWS Lambda now offers enhanced error handling for Amazon Managed Streaming for Apache Kafka (MSK) and self-managed Kafka event sources, enabling developers to define custom retry configurations and route failed messages to a Kafka topic as an on-failure destination. The update extends Kafka event source mapping (ESM) in Provisioned mode to support retry limits, time-bound retry windows, automatic discards of exceeded records, and per-message failure reporting to optimize retries. Configure these settings via the ESM API, AWS Console, or AWS CLI.

🔁 Amazon has expanded availability of Amazon MSK Replicator, allowing customers to replicate streaming data across Amazon MSK clusters in five more AWS Regions: Asia Pacific (Thailand), Mexico (Central), Asia Pacific (Taipei), Canada West (Calgary), and Europe (Spain). MSK Replicator offers automatic asynchronous replication, auto-scales underlying resources on demand, and replicates Kafka metadata such as topic configurations, ACLs, and consumer group offsets. You can configure replication from the Amazon MSK console or the AWS CLI.

🚀 Amazon EC2 High Memory U7i instances (u7i-6tb.112xlarge) are now available in Asia Pacific (Jakarta), offering 6TB of DDR5 memory and 448 vCPUs powered by custom Intel Sapphire Rapids processors. The instances support up to 100Gbps for EBS and networking and include ENA Express for lower-latency, consistent network performance. They are positioned for mission-critical in-memory databases such as SAP HANA, Oracle, and SQL Server, enabling higher transaction throughput and faster data loading and backups.

🔐 A Trend Micro report warns that ransomware groups are shifting from on-premises targets to cloud object storage, particularly AWS S3, by abusing integrated encryption and key management. Attackers probe configurations from AWS-managed KMS keys to customer-provided and external key stores to encrypt or irreversibly lock data. The report urges hardening S3 settings, enforcing least privilege, enabling versioning and Object Lock, and isolating backups.

🌐 Amazon CloudFront now supports bringing your own IP addresses (BYOIP) for Anycast Static IPs through VPC IP Address Manager (IPAM). Network teams can register and manage public IPv4 address pools in IPAM and assign dedicated Anycast Static IP lists to CloudFront distributions, preserving existing allow-lists and avoiding changes to application address space. The capability simplifies IP address management across AWS's global edge network and improves partner reachability and security. It is available in all commercial AWS Regions except AWS GovCloud (US) and the China regions.

🚀 Amazon SageMaker HyperPod now supports NVIDIA Multi-Instance GPU (MIG), enabling administrators to partition a single GPU into multiple isolated devices to run simultaneous small generative AI tasks. Administrators can use an easy console configuration or a custom setup for fine-grained hardware isolation, allocate compute quotas across teams, and monitor real-time performance per partition via a utilization dashboard. Available on HyperPod clusters using the EKS orchestrator in multiple AWS Regions, this capability reduces wait times by letting data scientists run lightweight inference and interactive notebooks in parallel without consuming full GPU capacity.

⚡ Amazon SageMaker HyperPod now supports Spot Instances, enabling customers to reduce GPU compute costs by up to 90% compared with on-demand instances. The integration is available on HyperPod EKS clusters and works with Karpenter for intelligent autoscaling, automatic Spot capacity discovery, and interruption handling. You can enable Spot when creating instance groups via the CreateCluster API or the AWS Console, and the feature supports all HyperPod instance types across available regions.

🔒 Amazon Aurora PostgreSQL-Compatible Edition now supports dynamic data masking using the new pg_columnmask extension, enabling column-level protection at query time. The extension complements PostgreSQL row-level security and column grants by letting administrators define SQL-based masking policies that alter how data appears to users without changing stored values. Policies can use built-in or user-defined functions to hide, partially mask, or transform data, and multiple policies can be applied with weighted precedence. pg_columnmask protects results across WHERE, JOIN, ORDER BY, and GROUP BY clauses and is available for Aurora PostgreSQL 16.10+ and 17.6+ in all regions.

📢 Amazon OpenSearch Service now supports OpenSearch 3.3, introducing search performance, observability, and agentic AI integration improvements. Vector search enhancements include agentic search for natural-language queries without complex DSLs, batch processing for the semantic highlighter to lower latency and improve GPU utilization, and optimizations in the Neural Search plugin. The release also makes Apache Calcite the default query engine for PPL, adds a broader PPL command library, and improves the approximation framework for more responsive pagination and dashboards. A new workload management plugin enables grouping of search traffic and tenant-level network isolation to prevent resource overuse.

🚀 Amazon EMR Serverless now supports Apache Spark 4.0.1 (preview), enabling teams to build data pipelines using standard ANSI SQL and native VARIANT types for semi-structured data. The release adds Apache Iceberg v3 table format to provide transactional guarantees and audit-ready change tracking. Improved streaming controls make it easier to manage stateful, real-time applications and monitor streaming jobs.

🚀 Amazon SageMaker now supports Amazon Athena for Apache Spark, combining a new notebook experience with a fast serverless Spark runtime in a single workspace. Data engineers, analysts, and data scientists can query data, run Python, develop jobs, train models, and visualize results with no infrastructure to manage and second-level billing. The service runs Spark 3.5.6, is optimized for Apache Iceberg and Delta Lake, and adds debugging, real-time Spark UI monitoring, and secure Spark Connect communication. Table-level access controls are enforced through AWS Lake Formation.

🔐 AWS Payments Cryptography now supports hybrid post-quantum TLS to protect API calls and long-lived data-in-transit using ML-KEM-based PQC. This helps enterprises mitigate “harvest now, decrypt later” risks by combining classical and post-quantum key establishment. Customers enable PQ-TLS by upgrading to a compatible AWS SDK or browser and can verify sessions via tlsDetails in CloudTrail. The capability is generally available across Regions at no added cost.

📱 AWS Device Farm now provides a fully managed Appium endpoint that developers can connect to with just a few lines of code to run interactive tests on multiple real devices from their IDE or local machine. The capability integrates with third-party tools such as Appium Inspector (hosted and local) for element inspection and debugging. Live video and log streaming deliver faster feedback in local workflows while existing server-side execution remains available for scaled, secure enterprise runs.

🔐 This AWS Security blog by Jennifer Paz outlines a layered, practical approach to reduce exposure from long‑term AWS credentials. It recommends discovery and risk assessment with CodeGuru Security, IAM Access Analyzer, credential reports, and Trusted Advisor, followed by enforcement using SCPs and RCPs to create a network data perimeter. The post also covers runtime protections (security groups, NACLs, Network Firewall, AWS WAF), automated rotation using Secrets Manager or rotation patterns, and threat detection via GuardDuty, all intended to bridge the gap until migration to temporary credentials is feasible.

🔁 EC2 Image Builder now supports automatic versioning for recipes and automatic build version increments for components, removing the need to manually manage version numbers. You can place an 'x' placeholder to auto-increment any position in a recipe version and use wildcard patterns to resolve to the highest compatible version in pipelines. The feature is available across all AWS regions, including China and GovCloud, and is accessible via Console, CLI, API, CloudFormation, and CDK.

🧪 Amazon Web Services has added natural-language test Q&A generation to Automated Reasoning checks in Amazon Bedrock Guardrails. The capability generates up to N test Q&As from input documents to accelerate creating and validating formal verification policies. Automated Reasoning checks apply formal methods to detect correct model outputs and report up to 99% accuracy in identifying correct responses and reducing hallucinations. The feature is available in multiple US and EU Regions and accessible via the Bedrock console and Python SDK.

🔎 The new AI-powered investigative agent in AWS Security Incident Response automates evidence collection, correlation, and timeline building to speed incident investigations from hours to minutes. It interactively asks clarifying questions, queries CloudTrail, IAM, EC2, and cost data, and summarizes critical findings and timelines. The capability is available now across commercial AWS Regions and is included with the service’s metered pricing.