All news with #aws tag

🚀 Amazon MQ is now available in the AWS Asia Pacific (New Zealand) Region (API name ap-southeast-6) with three Availability Zones. The managed message broker supports Apache ActiveMQ and RabbitMQ, reducing operational overhead by managing provisioning, setup, and maintenance. Because it uses industry-standard APIs and protocols, customers can migrate applications to AWS without rewriting code. With this launch, Amazon MQ is now offered in 38 AWS regions globally.

🆕 Amazon has expanded S3 Metadata to three additional AWS Regions — Europe (Frankfurt), Europe (Ireland), and Asia Pacific (Tokyo). The service provides automated, near-real-time, queryable metadata for S3 objects, covering system-defined attributes (size, source, timestamps) and custom metadata via tags. Metadata is automatically populated for both new and existing objects, enabling faster discovery, curation, and use for analytics and real-time inference. With this release, S3 Metadata is generally available in six AWS Regions.

🚀 Amazon Web Services has launched C7i-flex instances in the Asia Pacific (Jakarta) Region. The new instances deliver up to 19% better price-performance versus C6i and use custom 4th generation Intel Xeon Scalable (Sapphire Rapids) processors available only on AWS, while offering roughly 5% lower prices than standard C7i. C7i-flex covers common sizes from large to 16xlarge and is intended for compute-intensive workloads that don’t fully utilize all vCPUs; customers with continuous high CPU usage or needs for very large sizes (up to 192 vCPUs and 384 GiB) should consider full-size C7i instances.

🚀 Amazon DocumentDB (with MongoDB compatibility) now supports Graviton4-based R8g instances, delivering DDR5 memory and Nitro System improvements for memory‑intensive workloads. R8g is available for Amazon DocumentDB 5.0 on both Standard and IO‑Optimized cluster storage. Customers can modify existing clusters or create new ones via the AWS Management Console, CLI, or SDK; check documentation for regional availability and pricing.

🔒 AWS has made Nitro Enclaves available in every AWS Region, expanding regional support to include new locations across Asia Pacific, Europe, the Middle East, and North America. Nitro Enclaves enables customers to create isolated compute environments inside EC2 instances to protect and process sensitive data and reduce attack surface. There is no additional charge beyond the EC2 and associated service usage.

🔒 This post demonstrates deploying the AWS Secrets Manager Agent as a sidecar container in Amazon EKS to provide a language-agnostic local HTTP interface (localhost:2773) for secrets retrieval. The agent pulls and caches secret values, reducing direct API calls to Secrets Manager and improving application availability. It enforces SSRF protection via a generated token at /var/run/awssmatoken and implements ML‑KEM post‑quantum key exchange by default. Authentication uses Amazon EKS Pod Identity and IAM permissions (secretsmanager:GetSecretValue and secretsmanager:DescribeSecret), and the post includes build, containerization, and deployment steps.

📘 The AWS re:Invent 2025 attendee guide highlights the conference's digital sovereignty program, detailing sessions, workshops, and code talks focused on data residency, hybrid and edge deployments, and sovereign infrastructure. Key topics include the AWS European Sovereign Cloud, AWS Outposts, Local Zones, and security features such as the Nitro System. Practical workshops and chalk talks demonstrate RAG, agentic AI, and low-latency SLM deployments with operational controls and compliance patterns. Reserve seating via the attendee portal or access sessions with the free virtual pass.

📬 Amazon Simple Email Service (SES) now exposes the exact IP addresses used by Dedicated IP Addresses - Managed (DIP-M) pools. Customers can view these IPs via the console, CLI, or SES API and access Microsoft SNDS metrics for each address. SES also creates CloudWatch metrics for SNDS data to aid reputation monitoring. This gives customers greater transparency into sending activity and helps diagnose deliverability and reputation issues with mailbox providers.

🔔 Amazon released quarterly security and critical updates for Amazon Corretto LTS builds on October 21, 2025, providing new binaries for Corretto 25.0.1, 21.0.9, 17.0.17, 11.0.29 and 8u472. The distributions for Generic Linux, Alpine and macOS now include Async-Profiler, a low‑overhead sampling profiler that captures CPU, heap and native allocations, contention and hardware/software counters. Downloads are available from the Corretto home page or via Apt, Yum and Apk repositories, and contributors can provide feedback on the Corretto GitHub.

🔔 Amazon Connect can now automatically initiate follow-up evaluations when specific conditions are detected during initial Contact Lens reviews. For example, if the first evaluation surfaces customer interest in a product, Connect can trigger a targeted follow-up focused on the agent's sales performance. Managers gain consistent standards across cohorts and capture deeper insights into sales opportunities, escalations, and other critical interaction moments. The capability is available in all regions where Amazon Connect is offered.

🔍 Amazon ECS now emits AWS CloudTrail data events for ECS Agent API activities, giving teams detailed visibility into container instance operations. Customers can opt in to the new data event resource type AWS::ECS::ContainerInstance to capture actions such as ecs:Poll, ecs:StartTelemetrySession, and ecs:PutSystemLogEvents. The capability is available for ECS on EC2 across all AWS Regions and for ECS Managed Instances in select regions. Standard CloudTrail data event charges apply.

🔒 Researchers at Wiz found that careless developers published Visual Studio extensions to the VSCode Marketplace and OpenVSX containing more than 550 validated secrets across over 500 extensions, including API keys and personal access tokens for providers such as OpenAI, AWS, GitHub, Azure DevOps, and multiple databases. The primary cause was bundled dotfiles (notably .env) and hardcoded credentials in source and config files, with AI-related configs and build manifests also contributing. Microsoft and OpenVSX collaborated with Wiz on coordinated remediation: notifying publishers, adding pre-publication secrets scanning, blocking verified secrets, and prefixing OVSX tokens to reduce abuse.

⚠️ AWS experienced a widespread outage affecting multiple services in the US-EAST-1 region, causing elevated error rates and latencies across key APIs. The disruption, tied to a DNS resolution issue for the DynamoDB API endpoint and subsequent network load balancer problems, interrupted login and content services for platforms such as Amazon, Prime Video, Fortnite, Canva and Perplexity. AWS reported mitigation steps and later declared services restored after extended recovery efforts.

🚨 An AWS outage in the US-EAST-1 region caused widespread disruptions across multiple consumer services, producing elevated error rates and higher latencies. Major platforms including Amazon, PrimeVideo, Fortnite, Perplexity, and Canva reported failures ranging from login and chat outages to impaired editing functionality. AWS acknowledged the incident on its Health page and said engineers were investigating and mitigating the issue. After roughly 45 minutes some services began recovering, though many users still experienced intermittent problems.

🚀 AWS Parallel Computing Service (PCS) now supports Slurm v25.05, enabling PCS clusters to run the latest Slurm capabilities. The release introduces enhanced multi-cluster sackd configuration so login nodes can manage multiple clusters without requiring sackd reconfiguration or restarts, allowing administrators to preconfigure user access across clusters. It also implements improved requeue behavior that automatically retries failed instance launches during capacity shortages, increasing scheduling resilience and overall cluster reliability.

🔐 AWS details practical guidance for implementing and managing Amazon Bedrock API keys, the service-specific credentials that provide bearer-token access to Bedrock. It recommends STS temporary credentials when possible and defines two API key types: short-term (client-generated, auto-expiring) and long-term (IAM-user associated). Protection advice includes using SCPs, iam and bedrock condition keys, and storing long-term keys in secure vaults. Detection and monitoring use CloudTrail, EventBridge rules, and an AWS Config rule, and response steps show CLI commands to deactivate and delete compromised keys.

🔐 Amazon CloudWatch Database Insights now supports tag-based access control for database-level and per-query metrics powered by RDS Performance Insights. Instance tags defined on RDS and Aurora are now automatically evaluated to authorize Performance Insights metrics, enabling IAM policies to use tag-based access conditions across logical groups of databases. This reduces manual, resource-level permission management and improves governance and security consistency. The feature is available in all AWS regions where Database Insights is offered.

🚀 Amazon OpenSearch Service now supports Graviton4-based EC2 instance families — compute-optimized C8g, general-purpose M8g, and memory-optimized R8g/R8gd — across multiple regions. Graviton4 processors deliver up to 30% better performance compared with Graviton3 and are supported on all OpenSearch versions as well as Elasticsearch 7.9 and 7.10. The change is intended to improve price-performance for compute-, general-, and memory-intensive search and analytics workloads.

🔐 AWS now supports customer-managed AWS Key Management Service (KMS) keys for Amazon Bedrock Guardrails Automated Reasoning checks. Customers can encrypt policy content and test artifacts with their own keys instead of the default key, retaining control over lifecycle and access. This capability helps regulated organizations meet compliance requirements and is available in all Bedrock Guardrails regions. Refer to AWS documentation and the Bedrock console to get started.

🚀 Amazon has made EC2 C8g instances available in AWS Europe (Milan) and AWS Asia Pacific (Hong Kong, Osaka, Melbourne). These Graviton4-powered instances deliver up to 30% better compute performance than Graviton3-based instances and are optimized for compute-intensive workloads such as HPC, batch processing, gaming, video encoding, distributed analytics, CPU-based ML inference, and ad serving. Built on the AWS Nitro System, C8g instances provide larger instance sizes (including bare metal), up to 50 Gbps enhanced networking, and up to 40 Gbps EBS bandwidth to improve both performance and security.