All news with #aws tag

AWS Glue Adds Apache Iceberg-Based Materialized Views

⚡ AWS Glue now supports materialized views stored in Apache Iceberg format and managed in the AWS Glue Data Catalog. Data teams can create views with standard Spark SQL, attach a refresh schedule, and rely on automatic change detection, incremental updates, and managed compute for refresh jobs. Query engines across Athena, EMR, and AWS Glue rewrite queries to use these views, improving performance by up to 8x and lowering compute costs, while SQL tools like Redshift and SageMaker can read the Iceberg tables directly.

AWS Marketplace adds multi-product solution listings

🔗 AWS Marketplace now supports solution-centric procurement via multi-product solutions. Partners, including ISVs and System Integrators, can bundle their own software and services with products they are authorized to resell, while each component retains distinct pricing and terms. Customers gain a single point of contact for negotiation, consolidated procurement, and the ability to manage renewals and term lengths for each component independently. This capability is available across all AWS Regions that operate AWS Marketplace and supports SaaS, Server, AI Agents and Tools, Machine Learning, and Professional Services.

AWS AI League 2026 Championship Expands Challenges

🤖 AWS has launched the AWS AI League 2026 Championship, expanding its flagship AI tournament with new challenge tracks and a doubled prize pool of $50,000 to drive builder innovation. The program pairs a brief orientation with two competition tracks: a Model Customization track using Amazon SageMaker AI to fine-tune foundation models for domain-specific tasks, and an Agentic AI track using Amazon Bedrock AgentCore to build planning and execution agents. Enterprises can apply to host internal tournaments and receive AWS credits to run team competitions, while individual developers can compete at AWS Summits to test skills and build with AWS AI services.

AWS launches Interconnect - last mile preview with Lumen

🔌 AWS Interconnect - last mile is a fully managed connectivity service launched in a gated preview with Lumen, letting customers connect branch offices, data centers, and remote sites to AWS in a few clicks. Users enter a location, select bandwidth (1–100 Gbps), and pick an AWS Region while AWS automates BGP peering, VLAN configuration, and ASN assignment, supporting dynamic scaling and zero‑downtime maintenance. The service is architected for high availability, backed by SLAs, and enables MACsec encryption by default; it is available in the US through Lumen.

Automated AWS Integration: CrowdStrike Falcon Next-Gen SIEM

🛡️ AWS and CrowdStrike have launched an automated integration experience for CrowdStrike Falcon Next-Gen SIEM in AWS Marketplace that streamlines cloud-native security monitoring. The guided wizard automates connector configuration and provisions least-privilege IAM roles, Amazon SQS queues, EventBridge rules, and SNS topics. Security teams can quickly enable agentic AI-assisted investigation, advanced correlation, and automated response across their AWS Organization, and subscribe via new pay-as-you-go pricing.

AWS Expands Resilience Software Competency Program

🔧 AWS has expanded its Resilience Competency to include Technology Partners, enabling customers to identify validated software for high availability and recovery. The program evaluates solutions across Design, Recovery, and Operate categories through expert technical validation to meet strict performance and operational requirements. Qualified partners and solutions are discoverable via the AWS Resilience Competency and purchasable through AWS Marketplace, aligning with AWS's shared responsibility model. This aims to help organizations build always-on applications with lower cost and higher availability than on-premises alternatives.

AWS previews MCP Server for AI agents across AWS ecosystem

🔧 The AWS MCP Server is now in preview and offers a managed remote Model Context Protocol (MCP) interface that consolidates the prior AWS API MCP and AWS Knowledge servers into a single endpoint. It enables AI agents and AI-native IDEs to access AWS documentation, generate and execute calls to over 15,000 APIs, and follow pre-built Agent SOPs to perform multi-step tasks. Authentication and authorization use AWS IAM, and audit logging is provided via CloudTrail; the service is available at no additional cost in US East (N. Virginia), with customers paying only for resources and data transfer.

AWS Marketplace Adds Variable Payments for Services

📢 AWS Marketplace now offers variable payments, a general-availability billing option that lets professional services sellers invoice customers as work is delivered while enforcing a predetermined contract cap. Sellers can create private offers and submit payment requests tied to outcomes, milestones, or time-and-materials. Customers receive email notifications and can approve each request manually or enable auto-approval for streamlined processing. The feature increases engagement flexibility and buyer transparency and reduces the need for full upfront payments or rigid installment schedules.

AWS Bedrock Knowledge Bases Adds Multimodal Retrieval

🔍 AWS has announced general availability of multimodal retrieval in Amazon Bedrock Knowledge Bases, enabling unified search across text, images, audio, and video. The managed Retrieval Augmented Generation (RAG) workflow provides developers full control over ingestion, parsing, chunking, embedding (including Amazon Nova multimodal), and vector storage. Users can submit text or image queries and receive relevant text, image, audio, and video segments back, which can be combined with the LLM of their choice to generate richer, lower-latency responses. Region availability varies by feature set and is documented by AWS.

AWS IAM Policy Autopilot generates baseline IAM policies

🔒 AWS announced IAM Policy Autopilot, an open-source MCP server and CLI that analyzes Python, TypeScript, and Go code locally to generate baseline, identity-based IAM policies for application roles. It integrates with AI coding assistants such as Kiro, Claude Code, and Cursor to speed policy creation. The tool stays current with AWS services and is available at no additional cost for local use. Generated policies are intended as starting points that require review and least-privilege refinement.

AWS launches preview of Interconnect - multicloud service

🔗 AWS has opened a preview of AWS Interconnect - multicloud, a new service to create private, resilient, high-speed links between Amazon VPCs and other cloud providers. The preview launches with Google Cloud as the initial partner and a planned expansion to Microsoft Azure in 2026. It integrates with AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC, and is available in five AWS Regions via the AWS Management Console. CSPs can adopt the capability through a published open API package on GitHub.

Public GitLab Repositories Exposed 17,000+ Secrets

🔒 After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Using the open-source tool TruffleHog and an AWS-driven pipeline (SQS queue and Lambda workers), the researcher completed the scan in just over 24 hours at a cost of $770. Notifications were automated with Claude Sonnet 3.7 and scripts; affected parties revoked many credentials and the researcher collected $9,000 in bug bounties, though some secrets remain exposed.

Choosing the Best Cloud Security Posture Management Tools

🔒 Cloud security posture management (CSPM) combines threat intelligence, continuous detection, and automated remediation to find and fix cloud misconfigurations that can expose data. Customers—not cloud providers—are responsible for configuring and protecting workloads, so organizations must select CSPM that delivers multicloud visibility, integrated data security, and policy-driven automated remediation. Modern offerings increasingly fold CSPM into broader CNAPP and SSE suites from vendors such as Wiz, Palo Alto Networks, Tenable, and CrowdStrike, making coverage, integration, and operational model critical factors in vendor selection.

AWS Private CA Adds Partitioned CRLs for Scale, Compliance

🔒 AWS Private Certificate Authority now supports partitioned Certificate Revocation Lists (CRLs) to scale revocation handling up to 100 million certificates per CA. Partitioning breaks revocation data into ~1 MB CRL partitions and binds certificates to partitions using a critical Issuer Distribution Point (IDP) extension, allowing validators to match CDP and IDP URIs for accurate checks. The feature is backward compatible, RFC5280-compliant, configurable in the console (including S3 setup), and carries no charge beyond AWS Private CA and Amazon S3 usage.

SageMaker HyperPod: Managed Tiered KV Cache Launch

⚡ Amazon SageMaker HyperPod now offers Managed Tiered KV Cache and Intelligent Routing to optimize LLM inference for long-context prompts and multi-turn conversations. The two-tier cache combines local CPU memory (L1) with disaggregated cluster storage (L2) — with AWS-native tiered storage recommended and Redis optional — to reuse computed key-value pairs and reduce recomputation. Intelligent Routing directs requests using prefix-aware, KV-aware, or round-robin strategies, while built-in observability integrates with Amazon Managed Grafana and deployment is enabled via InferenceEndpointConfig or SageMaker JumpStart.

AWS Secrets Store CSI Driver Add-on for Amazon EKS

🔐 This post introduces the AWS provider for the Secrets Store CSI Driver and the new Amazon EKS add-on that mounts Secrets Manager secrets and Systems Manager parameters as files in Kubernetes pods. The add-on simplifies installation compared with Helm or kubectl, supports EC2 and hybrid nodes, and includes security patches and FIPS endpoint options. The walkthrough covers prerequisites, creating a test secret, installing the add-on, configuring an IAM role and EKS Pod Identity association, deploying an example pod that mounts the secret at /mnt/secrets-store, validating retrieval, and cleaning up resources.

SageMaker HyperPod Adds Custom Kubernetes Labels and Taints

🛠️ Amazon SageMaker HyperPod now supports custom Kubernetes labels and taints configured at the instance group level via the CreateCluster and UpdateCluster APIs. You can specify up to 50 labels and 50 taints per instance group using the KubernetesConfig parameter. HyperPod automatically applies and preserves these settings across node creation, replacement, scaling, and patching, eliminating manual kubectl work and ensuring device plugin pods (EFA, NVIDIA) schedule correctly while allowing NoSchedule taints to protect costly GPU nodes.

Shai-Hulud v2 Supply-Chain Campaign Hits Maven Central

⚠️ The second wave of the Shai-Hulud supply-chain attack has moved from npm into the Maven ecosystem after researchers found org.mvnpm:posthog-node:4.18.1 embedding the same setup_bun.js loader and bun_environment.js payload. The artifact was rebundled via an automated mvnpm process and was not published by PostHog; mirrored copies were purged from Maven Central on Nov 25, 2025. The campaign steals API keys, cloud credentials and npm/GitHub tokens by backdooring developer environments and injecting malicious GitHub workflows, affecting thousands of repositories.

AWS Adds Warm Storage Tier to Kinesis Video Streams

📦 AWS announced a new warm storage tier for Amazon Kinesis Video Streams, offering lower-cost storage for extended media retention while preserving sub-second access latency. The existing standard tier is now designated the hot tier and remains optimized for real-time, short-term use. Developers can configure fragment sizes to trade latency for ingestion cost, and both tiers integrate with Amazon Rekognition Video and Amazon SageMaker for continuous video analytics. The warm tier is available in all supported regions except AWS GovCloud (US).

Amazon Aurora adds PostgreSQL minor versions and DDM support

🔒 Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22, bringing community fixes plus Aurora-specific enhancements. The release introduces database-level Dynamic Data Masking (DDM) for 16.10 and 17.6 to mask sensitive column values at query time using role-based policies without altering stored data. Additional updates include a shared plan cache, improved performance and recovery-time-objective (RTO), and more reliable Global Database switchovers. New clusters can be created in the Amazon RDS console or existing databases upgraded; releases are available across all commercial AWS Regions and AWS GovCloud (US).