All news with #aws tag

AWS Lambda Adds Python 3.14 Managed Runtime Support

🔔 AWS Lambda now supports Python 3.14 for both managed runtimes and as a container base image. AWS will automatically apply updates to the managed runtime and base image as they become available, reducing maintenance overhead. The runtime is available in all Regions, including AWS GovCloud (US) and China Regions, and is supported for Lambda@Edge in applicable Regions. Developers can deploy using the Lambda console, AWS CLI, AWS SAM, AWS CDK, and CloudFormation, and Powertools for AWS Lambda (Python) also supports Python 3.14.

CloudFormation introduces drift-aware change sets for IaC

🔁 AWS CloudFormation now offers drift-aware change sets to detect and reconcile configuration drift by comparing a new template, the last-deployed template, and the live infrastructure state. The feature lets you preview deployment impacts on drifted resources, avoid unintended overwrites, and revert out-of-band changes. Create a change set in the console as “Drift-aware” or call CreateChangeSet with --deployment-mode REVERT_DRIFT. Available in Regions where CloudFormation is offered.

AWS Backup releases low-cost warm storage for S3 backups

🚀 AWS Backup introduces a low-cost warm storage tier for Amazon S3 backups that can cut storage costs by up to 30%. After S3 backup data resides in a vault for 60 days (configurable to a longer period), you can automatically move it to the new tier while preserving the same performance and features, including ransomware protection, recovery, and auditing. Automatic tiering can be enabled at the account, vault, or bucket level and is available in all Regions where AWS Backup for S3 is offered; a one-time transition fee applies.

Amazon RDS for Oracle: October 2025 RU and Spatial Fixes

🔔 Amazon RDS for Oracle now supports the Oracle October 2025 Release Update (RU) for 19c and 21c, and the corresponding Spatial Patch Bundle for 19c. AWS recommends upgrading because the RU includes six new security patches for Oracle database products, and the Spatial Patch Bundle provides important fixes and performance improvements for Oracle Spatial and Graph. You can apply the RU from the Amazon RDS Management Console or programmatically via the AWS SDK or CLI, and enable Automatic Minor Version Upgrade to install updates during your maintenance window. To deploy the Spatial Patch Bundle, select the 'Spatial Patch Bundle Engine Versions' checkbox when creating new instances or upgrade existing instances to engine version '19.0.0.0.ru-2025-10.spb-1.r1'.

AWS launches Supplementary Packages for Amazon Linux

📦 AWS announced the general availability of Supplementary Packages for Amazon Linux (SPAL), a curated repository offering thousands of pre-built EPEL9-compatible packages for Amazon Linux 2023 (AL2023). SPAL reduces the need to compile software from source, accelerating deployments and lowering operational overhead for developers, system administrators, and DevOps teams. Packages are derived from community EPEL9 sources with AWS applying security patches as they become available upstream. SPAL is available across all AWS Commercial Regions, including GovCloud and China.

Active Threat Defense Now Default in AWS Network Firewall

🔒 Starting today, AWS Network Firewall enables active threat defense by default in alert mode when you create new firewall policies in the AWS Management Console. The feature provides automated, intelligence-driven visibility into ongoing threat activities and the indicator groups, types, and names you are protected against. You can switch to block mode to automatically prevent suspicious traffic or disable the feature entirely. AWS verifies threat indicators to reduce false positives and the capability is available in all Regions, including AWS GovCloud (US) and China.

Amazon Redshift JIT ANALYZE for Apache Iceberg tables

📈 Amazon Redshift now supports Just‑In‑Time (JIT) ANALYZE for Apache Iceberg tables, automatically collecting table‑ and column‑level statistics during query execution. The feature uses intelligent heuristics and lightweight sketch data structures to determine when runtime statistics will improve optimizer decisions and to build high‑quality statistics on the fly. JIT ANALYZE is generally available in all AWS regions with Redshift and requires no configuration changes to begin improving query plans and performance.

Amazon RDS Supports MariaDB 10.6.24, 10.11.15, 11.4.9

🔔 Amazon RDS for MariaDB now supports community minor versions 10.6.24, 10.11.15, and 11.4.9. Customers are recommended to upgrade to these latest minor releases to address known security vulnerabilities and gain bug fixes, performance improvements, and new community features. You can enable automatic minor version upgrades or use Amazon RDS Managed Blue/Green deployments to apply updates during scheduled maintenance windows. See the Amazon RDS User Guide for upgrade and deployment details.

CloudFormation adds pre-deploy validation and operation IDs

🔎 AWS CloudFormation now validates change sets for three common template errors—invalid property syntax, resource name conflicts with existing account resources, and S3 bucket emptiness constraints on delete—before provisioning begins. If validation fails, the change set status is marked 'FAILED' and includes detailed failure messages and property paths to pinpoint issues. Runtime failures can still occur during execution, so CloudFormation also groups stack events by a unique operation ID that you can view in the Console or via the describe-operation API to filter and diagnose failures quickly. Together these capabilities are intended to shorten deployment cycles and cut troubleshooting time from minutes to seconds.

AWS Builder Center Adds Searchable Workshops Catalog

📚 AWS Builder Center now hosts the Workshops Catalog, offering step-by-step, expert-authored tutorials that guide users through deploying and using AWS services in their own accounts. The catalog includes hundreds of workshops across categories like Machine Learning, Security, and Serverless, with filters for service, complexity (100–400), and duration. Content is localized to the Builder Center language preference and accessible with a free Builder ID for hands-on learning.

AWS Adds ML-DSA Post-Quantum Code Signing to Private CA

🔐 AWS announced support for post-quantum ML-DSA code signing in AWS Private CA, integrated with AWS KMS. The integration lets customers create ML-DSA X.509 certificate chains and generate KMS-held ML-DSA key pairs to sign binaries, enabling quantum-resistant code-signing, device authentication, and private-PKI workflows such as mTLS or IKEv2/IPsec. A provided Java Runner demonstrates CA creation, CSR issuance, CMS detached signing with SHAKE256, and signature verification against customer-managed roots.

Route 53 Adds Protection Against Dictionary DGA Attacks

🛡️ Amazon Web Services has added Dictionary-based DGA detection to Route 53 Resolver DNS Firewall Advanced, enabling real-time monitoring and blocking of domain queries that use word-based DGA techniques designed to mimic legitimate names. Administrators can create DNS Firewall Advanced rule(s) targeting Dictionary DGA and add them to rule groups to enforce protections on VPCs directly or through AWS Firewall Manager, RAM, CloudFormation, or Route 53 Profiles. The capability is available in all AWS Regions, including AWS GovCloud (US). See the Route 53 documentation for setup and pricing details.

AWS Expands Amazon WorkSpaces Applications Regions

🌍 Amazon Web Services has added Europe (Milan), Europe (Spain), Asia Pacific (Malaysia), and Israel (Tel Aviv) to the regional footprint for Amazon WorkSpaces Applications. The fully managed, secure application streaming service lets organizations stream desktops and apps to users without local installs while AWS manages hosting, scaling, and on‑demand access. Deploying applications closer to end users reduces latency and improves responsiveness. Administrators can enable the service from the WorkSpaces Applications console; pricing follows a pay‑as‑you‑go model.

Amazon Redshift Adds Apache Iceberg Write Support (GA)

🔔 Amazon Redshift now supports write operations to Apache Iceberg tables in general availability, enabling SQL DDL and DML including CREATE, SHOW, DROP, and INSERT for append-only workloads. Customers can execute concurrent read and write queries against Iceberg tables cataloged in AWS Glue Data Catalog while benefiting from transactional consistency and schema and partition evolution support. The capability is available in all regions where Amazon Redshift is offered.

WorkSpaces Applications adds 100+ instance types and storage

🚀 Amazon WorkSpaces Applications now offers expanded compute and storage flexibility, adding 100+ instance types across general purpose, compute-optimized, memory-optimized, and accelerated families. Customers can configure storage volumes from 200GB to 500GB and import custom EC2 AMIs, including Windows Server 2022, for image creation and customization. These enhancements are generally available in all supported AWS Regions and follow the standard pay-as-you-go pricing for the service.

AWS Backup Adds Direct Primary Support for Air-Gapped Vaults

🔐 AWS Backup now lets customers designate a logically air-gapped vault as the primary backup target across backup plans, organization policies, and on-demand jobs. This removes the prior restriction that air-gapped vaults could only hold copies, enabling direct writes to the air-gapped store and reducing duplicate-storage costs. For resource types without full AWS Backup management support, the service still creates a temporary snapshot in a standard vault, copies it into the air-gapped vault, and then removes the temporary snapshot. The capability is available in all Regions that support logically air-gapped vaults and can be selected via the console, API, or CLI.

Amazon U7i 12TB EC2 Instances Launch in Ireland Region

🚀 Amazon Web Services has launched EC2 High Memory U7i-12tb.224xlarge instances in the AWS Europe (Ireland) Region. These 7th-generation instances offer 12TB DDR5 memory, 896 vCPUs, up to 100Gbps EBS and network bandwidth, and ENA Express support. They target mission-critical in-memory databases such as SAP HANA, Oracle, and SQL Server. Availability aims to accelerate transaction processing and large-scale in-memory workloads.

Amazon Route 53 Profiles Adds Resolver Query Logging

🛡️ AWS announced support for Resolver query logging configurations in Amazon Route 53 Profiles, allowing centralized management of Resolver query logging across multiple VPCs and AWS accounts. The enhancement eliminates the need to manually associate logging configurations with each VPC and helps produce consistent DNS query logs for compliance and auditing. The feature is available now in supported AWS Regions via the console or AWS CLI.

AWS Reduces EC2 Costs for SQL Server High Availability

🔔 AWS announced on Nov 17, 2025 a new capability that lets customers designate Amazon EC2 instances running license-included Microsoft SQL Server as part of a High-Availability (HA) cluster to reduce licensing costs with a few clicks. The enhancement targets mission-critical deployments using Always On Availability Groups and Always On failover cluster instances, with AWS citing savings up to 40% in example configurations. The feature is available in all commercial AWS Regions.

AWS Backup Adds Delegated Admin Support in 17 Regions

🔔 AWS Backup now supports delegated administrators in 17 additional AWS Regions, allowing designated accounts to manage backup operations and administrative tasks across member accounts. The expansion includes regions in Africa, Asia Pacific, Canada, Europe, Israel, Mexico, and the Middle East. AWS Backup Audit Manager also supports cross-Region and cross-account delegated admin reports for jobs and backup plan compliance. Visit the AWS Backup console to get started.