All news with #aws tag

🚀 Amazon ElastiCache now offers Valkey 9.0, adding built-in full-text and hybrid search, semantic retrieval, and expanded vector similarity to node-based and serverless caches. The update delivers up to 40% higher throughput for pipelined workloads, microsecond latency for real-time queries, and throughput that can reach millions of requests per second. It also introduces hash field expiration for per-field TTLs and multi-database support for lightweight namespaces.

🔒 AWS Elemental MediaTailor now automatically authenticates server-to-server connections with Google Ad Manager (GAM), Google Campaign Manager (GCM), and Display & Video 360 (DV360), streamlining SSAI integration for customers. The service auto-detects requests to Google's ad servers and establishes the required secure, authenticated connection — no support case or allow-listing needed. GAM ad requests are secured to support access to Authorized Buyers, and GCM/DV360 impression tracking is routed through Google's authenticated endpoints to improve reporting and reduce rejected impressions. The feature is available in all Regions where MediaTailor runs and incurs no additional charge.

🔍 The AWS blog announces AI Traffic Analysis dashboards for AWS WAF, adding AI-specific visibility into bot and agent activity across web ACLs. The dashboards extend WAF Bot Control detection to more than 650 named bots and provide identity, intent classification, organization breakdowns, top paths, and 14‑day temporal trends. Data is emitted to Amazon CloudWatch and is queryable via the GetTopPathStatisticsByTraffic API for custom dashboards, alerting, and automation. A reference sample demonstrates per-path monetization with CloudFront and Lambda@Edge, with usage guidance and cost warnings.

🛠️The SAM CLI now supports BuildKit for building container images from Dockerfiles, enabling faster, more efficient Lambda container builds. You can use multi-stage builds to produce smaller final images, improved caching to reduce rebuild times, and parallelized build steps for faster overall builds. BuildKit also enables cross-architecture targets (x86_64 and arm64) and secure build-time use of Docker secrets. To use it, update to SAM CLI v1.159.0+ and run sam build with the --use-buildkit flag; the feature works with both Docker and Finch.

🚀AWS Serverless Application Model (AWS SAM) now supports WebSocket APIs for Amazon API Gateway, enabling developers to declare complete WebSocket APIs with minimal configuration in a SAM template. SAM automatically generates the necessary resources and permissions, reducing the manual CloudFormation work and common IAM debugging issues. The new AWS::Serverless::WebSocketApi resource offers parity with API Gateway WebSocket features — including IAM and Lambda authorization, custom domains, RouteSettings, Models, StageVariables, and Globals support. Define routes by assigning Lambda handlers for $connect, $disconnect, $default, and custom routes; SAM wires up integrations and permissions automatically.

🔍 Amazon ElastiCache now publishes thirteen new Amazon CloudWatch metrics for node-based clusters to surface network throttling, memory fragmentation, and connection exhaustion without running INFO commands or manual baselining. The host- and engine-level diagnostics include network baseline percentages, allocator fragmentation, OS page-faults, connection rejects, pub/sub channel counts, and command throughput. Metrics are available in all commercial, China, and GovCloud regions at no additional cost and can be viewed in the ElastiCache monitoring tab or the AWS/ElastiCache namespace in CloudWatch.

🤖 Amazon WorkSpaces now lets AI agents securely access and operate desktop applications within managed, enterprise-grade WorkSpaces environments. Agents built on any framework and running in cloud, on-premises, or hybrid deployments can connect with minimal code using the industry-standard MCP integration, while IT retains centralized permissions, logging, and auditing identical to human desktops. Observability includes screenshots and metrics for full visibility, and pay-as-you-go pricing supports elastic scale.

📍 AWS IoT Core for Device Location now lets developers specify a confidence level (50–99%) for Cell ID, Wi‑Fi, and Cell+Wi‑Fi solvers when resolving device positions via HTTP, trading radius size for statistical certainty. It also adds a measurement type field in resolved metadata to indicate GNSS, Wi‑Fi, or BLE sources, improving data quality assessment and debugging. These enhancements are available in all supported regions.

🔄 Amazon MQ now supports in-place upgrades for RabbitMQ brokers, enabling upgrades from 3.13 to 4.2 without provisioning a new broker or migrating data. The upgrade preserves broker configuration, queues, exchanges, bindings, users, and policies. Eligible brokers must run on M7G (Graviton) instance types and must not use classic mirrored queues; a migration tool is available to convert those to quorum queues. Major-version upgrades will render the broker unavailable while Amazon MQ performs the operation.

🤖 Amazon Quick now integrates with New Relic's AI agents, enabling on-call engineers, SREs, and engineering leaders to investigate incidents, run NRQL queries, and generate evidence-backed RCAs directly within the Quick workspace. After connecting to New Relic’s remote model context protocol (MCP) server, users can invoke alert insights, log analysis, transaction diagnostics, and user-impact assessments from a conversational prompt. Quick Flows can automate recurring triage runbooks or escalation steps, and responses are surfaced alongside enterprise knowledge in Spaces for context-aware outcomes. The integration is available in all AWS Regions where Amazon Quick operates.

💾 Amazon EKS now supports the EC2 Instance Store CSI driver as an EKS add-on, and you can install and manage it via the EKS console or AWS CLI. The driver exposes ephemeral NVMe-based instance store volumes as Kubernetes persistent volumes and manages their lifecycle on EC2 hosts. This feature simplifies attaching local instance storage to EKS clusters and is available in all commercial regions.

🔁 Amazon Connect Cases now automatically reassociates cases when duplicate customer profiles are merged by Amazon Connect Customer Profiles Identity Resolution, ensuring agents see a consolidated interaction history. When customers have multiple profiles from different channels or with different contact details, Identity Resolution detects and merges those duplicates and Cases brings all associated cases together under the unified profile. This reduces manual searching and the risk of incomplete context. The capability is available in multiple AWS regions.

🔐 AWS security teams can accelerate triage and remediation using Kiro and Amazon Q Developer. The post outlines five techniques—embedding persistent security context, accelerating Security Hub triage, remediating infrastructure-as-code, performing Well-Architected security reviews, and drafting Service Control Policies—aligned to the AWS Well-Architected Security Pillar. It highlights steering files and .amazonq/rules to codify standards, recommends staged testing and human validation, and proposes measurable metrics to track reduced time-to-triage and improved compliance.

🔒 The Federal Trade Commission will ban data broker Kochava and its subsidiary Collective Data Solutions (CDS) from selling precise geolocation data without consumers' affirmative express consent as part of a settlement stemming from an August 2022 suit. The FTC alleged Kochava supplied paid clients — via an AWS Marketplace feed — with high-volume raw latitude/longitude transactions that enabled tracking to sensitive sites. Under the proposed court order, sales or transfers of precise location data are prohibited unless consumers directly request a service and explicitly consent; the companies must also implement a sensitive location program, supplier assessments, consent withdrawal and disclosure mechanisms, incident reporting to the FTC, and retention/deletion schedules.

🔒 Amazon announces that Bedrock AgentCore is now available in the AWS GovCloud (US-West) Region, bringing enterprise-grade agentic AI to workloads with elevated compliance and data residency requirements. AgentCore is a managed platform for building, deploying, and operating AI agents at scale without customers managing infrastructure. Core capabilities include AgentCore Runtime for session-isolated, long-running agents; AgentCore Gateway, which uses the Model Context Protocol to convert APIs and Lambda functions into agent-ready tools with controlled access to enterprise services; AgentCore Identity for integrated authentication and permission delegation; and AgentCore Observability and Evaluations for real-time monitoring and continuous quality assessment in production.

🔒 Amazon announced AgentCore availability in the AWS GovCloud (US-West) region, bringing enterprise-grade agent capabilities to workloads with elevated compliance needs. AgentCore is a managed platform for building, deploying, and operating AI agents at scale without customers managing infrastructure. Its composable services—including Runtime, Gateway, Identity, Observability, and Evaluations—enable session isolation, long-running workloads, secure access to enterprise data via the Model Context Protocol, and integration with existing identity providers.

🔍 Amazon OpenSearch Service expanded Cluster Insights to support OpenSearch 1.0 and later and Elasticsearch 6.8 and later, providing proactive cluster health and performance visibility via the Console. A new Unused Index insight identifies indices with zero search or indexing activity in the last 30 days and recommends migrating them to warm or cold storage to reduce costs. These insights surface through the Console, OpenSearch UI, OpenSearch Service Notifications, and Amazon EventBridge, and are available at no additional cost in all Regions where the service runs.

🚀 AWS Backup now completes Amazon EKS cluster state backups up to 10x faster. This improvement reduces backup windows for clusters with large numbers of namespaces and Kubernetes resources from days to hours and is automatically enabled at no additional cost in supported Regions. AWS Backup is a policy-based, fully managed solution to centralize and automate protection across compute, storage, and databases.

🔁 Amazon WorkSpaces Applications now supports host-to-client URL redirection, automatically launching approved links from streaming sessions in the user's local browser. Administrators can configure allow and deny URL patterns via the AWS Management Console to keep sensitive applications inside the streaming environment while offloading bandwidth-heavy content such as video. The feature works for browser navigation and embedded links in applications like Microsoft Word, with host-side support for Chrome and Edge; URLs on the configured allow list open automatically in the user's default local browser.

📧 Kaspersky reports a surge in phishing campaigns that abuse AWS Simple Email Service (SES) to bypass authentication and reputation-based defenses. Attackers are exploiting exposed AWS Identity and Access Management keys discovered in public repositories, configuration files, container images, backups, and open S3 buckets. They automate secret scanning, permission validation, and mass email distribution to send highly credible lures—custom HTML templates and fake document-signing notifications—that redirect victims to AWS-hosted phishing pages.