All news with #aws tag

AWS S3 bucket-level setting to standardize encryption

🔒 Amazon S3 now provides a bucket-level default encryption configuration to enforce SSE-S3 or SSE-KMS for all write requests, allowing organizations to standardize server-side encryption types across buckets. The PutBucketEncryption API update lets you disable SSE-C on specific buckets or in CloudFormation templates. This capability is available in all AWS Regions and configurable via Console, SDK, API, or CLI. It helps simplify compliance and reduce misconfiguration risk.

AWS Network Load Balancer Adds Weighted Target Groups

🚀 AWS Network Load Balancer now supports weighted target groups, letting you distribute traffic across multiple target groups with configurable weights from 0 to 999. This enables progressive deployment strategies such as Blue-Green and Canary deployments, application migration, and A/B testing while supporting instance, IP address, and ALB targets. The capability is available across AWS commercial and GovCloud regions at no additional charge; standard NLB Capacity Unit (LCU) pricing applies.

Amazon ECR adds Archive storage class and lifecycle rules

📦 Amazon Web Services announced a new Amazon ECR Archive storage class to lower costs for large volumes of rarely accessed container images. Lifecycle policies can now archive images by last pull time, age, or count, and archived images are excluded from repository image limits. Archived images are inaccessible for pulls but can be restored via Console, CLI, or API within about 20 minutes, and all operations are logged to CloudTrail; the feature is available in AWS Commercial and GovCloud (US) Regions.

AWS enables console sign-in credentials for CLI and SDK

🔐 AWS now permits developers to use their existing AWS Management Console sign-in credentials for programmatic access via the AWS CLI, AWS Tools for PowerShell, and AWS SDKs after a brief browser-based authentication flow. The aws login command in AWS CLI v2.32.0 and later obtains automatically rotated, short-lived credentials to reduce reliance on long-term access keys. This capability is available in all commercial AWS regions and aims to streamline local development setup while improving security posture.

AWS Network Firewall Log Analysis Using OpenSearch

📊 The post describes a new Amazon CloudWatch and Amazon OpenSearch Service dashboard that simplifies analysis of AWS Network Firewall logs by removing previous multi-step setup and streamlining integration. It explains prerequisites, creating an OpenSearch integration and dashboard, selecting log groups, sync intervals, and IAM roles. The overview covers widgets, filters, CSV export, common use cases, and cost considerations to improve visibility and troubleshooting.

AWS launches EC2 P6-B300 with NVIDIA Blackwell Ultra

🚀 Amazon Web Services has announced general availability of Amazon EC2 P6-B300 instances powered by NVIDIA Blackwell Ultra B300 GPUs. The p6-b300.48xlarge delivers eight GPUs, 2.1 TB of high-bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps ENA throughput, and 4 TB of system memory. It targets training and deploying trillion-parameter foundation models and LLMs, offering higher memory, compute, and networking versus P6-B200.

OpenSearch Serverless: CloudTrail data-plane audit logging

🔒 Amazon has added detailed audit logging for OpenSearch Serverless data-plane requests through AWS CloudTrail. Customers can now record and retain user actions on collections — including authorization attempts, index changes, and search queries — to support compliance and incident investigations. Logs can be filtered with read-only or write-only options or captured using advanced event selectors for granular control. Data events are delivered to Amazon S3 and can be forwarded to Amazon CloudWatch Events for real-time monitoring and response.

EC2 Auto Scaling adds synchronous LaunchInstances API

🔔 Today, EC2 Auto Scaling launched a synchronous LaunchInstances API that gives customers precise control over where instances are provisioned and provides immediate feedback on capacity availability. The API supports overrides for any Availability Zone and/or subnet in an Auto Scaling group and includes optional asynchronous retries to help reach desired capacity. It is available now in US East (N. Virginia), US West (Oregon), Europe (Ireland), and Asia Pacific (Singapore) at no additional cost beyond standard EC2 and EBS usage. Use the AWS CLI or SDKs to get started.

Amazon Bedrock adds Priority and Flex inference tiers

🔔 Amazon Bedrock introduces two new inference tiers—Priority and Flex—to help customers balance cost and latency for varied AI workloads. Flex targets non-time-critical jobs like model evaluations and summarization with discounted pricing and lower scheduling priority. Priority offers premium performance and preferential processing (up to 25% better OTPS vs. Standard) for mission-critical, real-time applications. The existing Standard tier remains available for general-purpose use.

Automating Session Manager Preferences with CloudFormation

🔐 This post explains how to centrally manage AWS Systems Manager Session Manager preferences across multiple accounts and Regions using CloudFormation StackSets and an AWS Lambda function. The solution automates updates to the SSM-SessionManagerRunShell document, provisions optional logging destinations (Amazon S3 or CloudWatch Logs), and can create KMS keys for session and log encryption. It aims to reduce manual configuration errors and ensure consistent security and compliance at scale.

AWS Releases Responsible AI and Updated ML Lenses at Scale

🔔 AWS has published one new Responsible AI lens and updated Generative AI and Machine Learning lenses to guide safe, secure, and production-ready AI workloads. The guidance addresses fairness, reliability, and operational readiness while helping teams move from experimentation to production. Updates include recommendations for Amazon SageMaker HyperPod, Agentic AI, and integrations with Amazon SageMaker Unified Studio, Amazon Q, and Amazon Bedrock. The lenses are aimed at business leaders, ML engineers, data scientists, and risk and compliance professionals.

Amazon RDS Adds R8gd and M8gd for Optimized Reads Now

🚀 Amazon RDS now supports R8gd and M8gd instances for Optimized Reads on Amazon Aurora PostgreSQL and RDS for PostgreSQL, MySQL, and MariaDB, offering improved price-performance. Optimized Reads uses local NVMe-based SSDs to store ephemeral data (temporary tables and evicted pages) to reduce network I/O and boost read latency and throughput. AWS reports up to 165% better throughput and up to 120% better price-performance on R8gd versus R6g for Aurora PostgreSQL. These instances are available in select US, Europe, and Asia Pacific regions and can be enabled via the Console, CLI, or SDK.

AWS Transfer Family Terraform Module Adds Malware Scanning

🛡️ AWS has updated the Transfer Family Terraform module to support automated malware scanning workflows for files transferred to S3. The module provisions GuardDuty S3 Protection–based scan pipelines, dynamic routing based on results, and threat notifications in a single deployment. It preserves folder structure, allows granular S3 prefix targeting, and helps ensure only verified clean files reach applications and data lakes.

Amazon Polly adds five voices and three Asia Pacific regions

🎧 Amazon Polly now offers five new Generative TTS voices—Austrian German (Hannah), Irish English (Niamh), Brazilian Portuguese (Camila), Belgian Dutch (Lisa), and Korean (Seoyeon)—bringing the Generative engine to thirty-one voices across twenty locales. The Generative engine is generally available in three new Asia Pacific regions: Asia Pacific (Seoul), Asia Pacific (Singapore), and Asia Pacific (Tokyo), and all Generative voices are now available in US East (N. Virginia), Europe (Frankfurt), and US West (Oregon). These updates expand Amazon Polly's managed text-to-speech capabilities for conversational AI and speech content creation.

AWS EC2 I7ie Instances Arrive in Singapore Region Now

🚀 Amazon Web Services (AWS) has launched EC2 I7ie instances in the Asia Pacific (Singapore) Region. Designed for large storage I/O–intensive workloads, I7ie pairs 5th Gen Intel Xeon processors with 3rd‑generation AWS Nitro SSDs to deliver up to 40% better compute and up to 65% improved real‑time storage performance versus I3en. Instances support up to 120 TB local NVMe density, up to twice the vCPU and memory of prior generations, nine size options, and up to 100 Gbps networking with 60 Gbps EBS bandwidth.

Amazon RDS for Oracle: October 2025 RU and Spatial Fixes

🔔 Amazon RDS for Oracle now supports the Oracle October 2025 Release Update (RU) for 19c and 21c, and the corresponding Spatial Patch Bundle for 19c. AWS recommends upgrading because the RU includes six new security patches for Oracle database products, and the Spatial Patch Bundle provides important fixes and performance improvements for Oracle Spatial and Graph. You can apply the RU from the Amazon RDS Management Console or programmatically via the AWS SDK or CLI, and enable Automatic Minor Version Upgrade to install updates during your maintenance window. To deploy the Spatial Patch Bundle, select the 'Spatial Patch Bundle Engine Versions' checkbox when creating new instances or upgrade existing instances to engine version '19.0.0.0.ru-2025-10.spb-1.r1'.

AWS launches Supplementary Packages for Amazon Linux

📦 AWS announced the general availability of Supplementary Packages for Amazon Linux (SPAL), a curated repository offering thousands of pre-built EPEL9-compatible packages for Amazon Linux 2023 (AL2023). SPAL reduces the need to compile software from source, accelerating deployments and lowering operational overhead for developers, system administrators, and DevOps teams. Packages are derived from community EPEL9 sources with AWS applying security patches as they become available upstream. SPAL is available across all AWS Commercial Regions, including GovCloud and China.

AWS offers flat-rate CloudFront plans with built-in security

🔒 AWS is introducing flat-rate pricing plans for CloudFront that bundle global CDN delivery with built-in security (WAF, DDoS protection), Route 53 DNS, CloudWatch Logs ingestion, serverless edge compute, and monthly S3 storage credits. Plans eliminate overage charges so traffic spikes or attacks won’t trigger surprise fees. Tiers include Free, Pro ($15), Business ($200) and Premium ($1,000), and pay-as-you-go remains an option.

Active Threat Defense Now Default in AWS Network Firewall

🔒 Starting today, AWS Network Firewall enables active threat defense by default in alert mode when you create new firewall policies in the AWS Management Console. The feature provides automated, intelligence-driven visibility into ongoing threat activities and the indicator groups, types, and names you are protected against. You can switch to block mode to automatically prevent suspicious traffic or disable the feature entirely. AWS verifies threat indicators to reduce false positives and the capability is available in all Regions, including AWS GovCloud (US) and China.

Amazon Redshift Adds SUPER Type for Case-Insensitive DBs

🧩 Amazon Redshift now supports the SUPER data type in databases configured with case-insensitive collation, enabling analytics on semi-structured and nested data alongside structured SQL types. Using PartiQL, users can query JSON and mixed data without additional normalization. The COLLATE function lets you explicitly control case sensitivity for SUPER columns. This capability is available in all AWS Regions, including AWS GovCloud (US).