< ciso
brief />
Tag Banner

All news with #aws tag

2297 articles · page 88 of 115

Migrating from OPA to Amazon Verified Permissions Guide

🔁 This AWS Security Blog post by Samuel Folkes outlines a practical approach to migrating authorization from Open Policy Agent (OPA) and Rego to Amazon Verified Permissions using the Cedar policy language. It highlights key benefits: a fully managed service, reduced operational overhead, and significant performance gains. The article walks through schema design, common translation patterns (RBAC, ABAC, ReBAC), application integration changes, testing practices, and a phased deployment strategy to compare and validate behavior during migration.
read more →

Keyspaces Multi-Region Replication: Bahrain and Hong Kong

🔁Amazon Web Services has expanded Amazon Keyspaces (for Apache Cassandra) to support Multi-Region Replication in Middle East (Bahrain) and Asia Pacific (Hong Kong). The managed capability automatically replicates tables across Regions with typically less than one second of replication lag, allowing applications to read and write the same table in multiple Regions. Customers gain lower latency, improved regional resiliency, and can replicate between these Regions and any other supported AWS Region while paying only for resources they use.
read more →

AWS Launches Memory-Optimized EC2 R8a Instances, GA

🧠 AWS has announced general availability of new Amazon EC2 R8a memory-optimized instances powered by 5th Gen AMD EPYC processors (Turin) with up to 4.5 GHz. R8a delivers up to 30% higher performance, up to 19% better price-performance and 45% more memory bandwidth versus R7a. Available in 12 sizes (including 2 bare metal) and SAP-certified, R8a targets latency-sensitive, memory-intensive workloads and supports Savings Plans, On-Demand and Spot purchasing.
read more →

AWS CloudWatch Application Signals Adds AI Canary Debugging

🔍 CloudWatch Application Signals (Model Context Protocol / MCP Server) now ingests CloudWatch Synthetics canary data to enable AI-powered debugging of synthetic-monitoring failures. From natural-language prompts like “Why is my checkout canary failing?”, supported AI assistants (for example Amazon Q or Claude) drive diagnostics that correlate canary failures with metrics, traces, and dependencies. The system analyzes HAR files, CloudWatch Logs, S3 artifacts, and configuration to triage issues across network, authentication, performance, script, infrastructure, and dependency layers. This capability is available in all commercial AWS regions where CloudWatch Synthetics is offered; customers must have access to a compatible AI agent to use the AI-driven debugging features.
read more →

AWS Marketplace Enables Local INR Transactions for India

🇮🇳 Buyers and sellers in India can now transact locally on AWS Marketplace using INR, with invoices issued in Indian Rupees and tax compliance facilitated by AWS India. India-based sellers can register to sell paid offerings, create private offers in USD or INR, and work with India-based Channel Partners. AWS India will automate WHT and GST-TCS collection and remittance to authorities, simplifying buyer compliance.
read more →

Amazon GameLift Streams Adds AWS Health Lifecycle Alerts

🔔 Amazon GameLift Streams now integrates with AWS Health to deliver automated lifecycle notifications for stream groups. AWS Health will send reminders on day 45 and day 150 about upcoming restrictions at day 180, and a final reminder on day 335 before automatic expiration on day 365. Stream groups older than 180 days cannot add new applications. The feature is available in all Regions at no extra cost, and the ExpiresAt field in the GetStreamGroup API or the Stream group details page in the console shows status.
read more →

AWS Glue Schema Registry Adds Native C# Client Support

🔧 AWS Glue Schema Registry now provides C# support in its client library, extending beyond the existing Java SDK to offer first-class integration for .NET streaming applications. C# services using Apache Kafka, Amazon MSK, Amazon Kinesis Data Streams, or Apache Flink can register, validate, and enforce schemas to keep producers and consumers aligned. The serverless registry enforces centralized schema validation at no additional charge. C# support is available in all regions where Glue Schema Registry is offered and the SDK is distributed via NuGet.
read more →

AWS Launch Wizard: SQL Server Developer Edition Deployments

🛠️ AWS Launch Wizard now provides a guided workflow to size, configure, and deploy Windows Server EC2 instances with Microsoft SQL Server Developer Edition installed from your own media. The capability simplifies provisioning cost-effective, full-featured SQL Server instances on Amazon EC2 and is aimed at developers building non-production and test database environments. It supports customers migrating non-production databases from SQL Server Enterprise and Standard Editions to reduce licensing costs while preserving feature parity, and is available in all supported commercial AWS Regions and AWS GovCloud (US) Regions.
read more →

Amazon CloudFront Anycast Adds IPv6 Static IP Support

🌐 Amazon Web Services announced that CloudFront now assigns both IPv4 and IPv6 addresses for Anycast Static IP configurations. Previously limited to IPv4, the change enables dual‑stack deployments so customers can meet IPv6 compliance and reach IPv6‑only end users. IPv6 addresses are available from all edge locations except the AWS China (Beijing) and AWS China (Ningxia) regions operated by partner carriers. Customers should review the CloudFront Developer Guide and pricing for details.
read more →

Amazon OpenSearch Serverless Adds FIPS Endpoints in Regions

🔐 Amazon announced that Amazon OpenSearch Serverless now offers FIPS compliant endpoints for Data Plane APIs in US East (N. Virginia), US East (Ohio), Canada (Central), AWS GovCloud (US-East), and AWS GovCloud (US-West). The update brings the service into conformance with FIPS 140-3 cryptographic requirements. Customers in regulated or federal environments can use these endpoints to meet in-transit cryptography controls.
read more →

EC2 Auto Scaling: Warm Pools Now Support Mixed Instances

🚀 Starting today, AWS lets you add warm pools to EC2 Auto Scaling groups (ASGs) that use mixed instances policies. Warm pools maintain a set of pre-initialized EC2 instances that can rapidly serve traffic, reducing scale‑out latency for workloads with lengthy initialization tasks like large disk writes or complex scripts. The capability supports manual instance type lists and attribute-based selection, and is available via the Console, SDKs, and CLI in all public AWS Regions and AWS GovCloud (US). Combining warm pools with instance type flexibility helps ASGs scale to their maximum size quickly while improving availability across multiple instance types.
read more →

AWS Cloud WAN expands to Thailand, Taipei, New Zealand

📡 AWS Cloud WAN is now available in the AWS Asia Pacific (Thailand), AWS Asia Pacific (Taipei), and AWS Asia Pacific (New Zealand) Regions. Using a central dashboard and policy-driven model, you can connect Amazon VPCs, AWS Transit Gateways, and on-premises locations via AWS Site-to-Site VPN, AWS Direct Connect, or supported SD‑WAN products. The service automatically builds a global network using BGP and provides a consolidated view to monitor network health, security, and performance.
read more →

AWS Service Reference adds SDK operation-to-action mapping

🔐 AWS has expanded its Service Reference Information to map SDK operations to the specific IAM action(s) required to call them. This enables teams to answer questions such as “Which permission is needed for this API operation?” and to retrieve authoritative answers programmatically. You can integrate the data into policy management and automation pipelines to reduce manual effort and keep policies aligned with service updates. The capability is provided at no additional cost.
read more →

AWS Config Adds 42 New Managed Rules for Governance

🔔 AWS Config has launched 42 new managed rules to help organizations govern security, cost, durability, and operational best practices across AWS environments. You can now search, discover, enable, and manage these rules directly from AWS Config, and apply them account-wide or across an organization, including via Conformance Packs. New checks cover services such as Amazon EKS Fargate, EC2 Network Insights, AWS Glue ML transforms, Amazon Cognito, Lightsail, Amplify, Lambda, RDS, Route53 Resolver, Kinesis Video, and more.
read more →

AWS Config Conformance Packs Expand to Five Regions

📣 AWS Config conformance packs and organization-level management are now available in additional Regions: Asia Pacific (Malaysia), Asia Pacific (New Zealand), Asia Pacific (Thailand), Asia Pacific (Taipei), and Mexico (Central). Conformance packs let you package managed or custom AWS Config rules into reusable bundles for security, operational, or cost-optimization governance and to monitor compliance scores. You can deploy packs via the AWS Config console, AWS CLI, or AWS CloudFormation. Note that pricing is charged per conformance pack evaluation per account and Region.
read more →

Amazon Connect adds email address aliasing for branding

📧 Amazon Connect now lets organizations configure aliases for email addresses so customers continue to see trusted sender identities when messages are sent or received. For example, forwarding a public-facing address like support@company.com into Amazon Connect Email can preserve the visible sender as support@company.com. The capability is available in multiple AWS regions to simplify email management and maintain a consistent brand experience.
read more →

Amazon Bedrock AgentCore Runtime Adds Code Upload Options

🧰 Amazon Bedrock AgentCore Runtime now supports two deployment methods: direct code-zip upload and container-based deployment. Developers can use drag-and-drop code-zip uploads for rapid prototyping or opt for container images when they need custom runtime configurations and dependencies. The serverless, model-agnostic runtime is designed to scale for production while maintaining enterprise security. This capability is available across nine AWS Regions with consumption-based pricing and no upfront costs.
read more →

Amazon RDS for Oracle adds R7i memory-optimized instances

🧠 Amazon RDS for Oracle now offers R7i memory-optimized preconfigured instances powered by custom 4th Gen Intel Xeon Scalable processors, the AWS Nitro System, and DDR5 memory. These instances provide up to a 64:1 memory-to-vCPU ratio and higher storage I/O per vCPU, enabling many Oracle workloads to reduce vCPU counts without performance loss. Available under BYOL for Oracle Database Enterprise Edition and Standard Edition 2, R7i can lower Oracle licensing and support costs while meeting high-performance requirements.
read more →

AWS and SANS Whitepaper: AI for Security Guidance Overview

🔒 AWS and SANS released a whitepaper, AI for Security and Security for AI, that examines how organizations can use generative AI safely and defend against AI-powered threats. The paper examines three lenses: securing generative AI applications, using generative AI to improve cloud security posture, and protecting against AI-enabled attacks. It offers practical action items, architecture guidance, and recommendations for responsible AI and human oversight.
read more →

CloudWatch Synthetics Adds Multi-Browser Support in GovCloud

🔍 Amazon CloudWatch Synthetics now supports running the same canary scripts across Chrome and Firefox in AWS GovCloud (US‑East, US‑West). You can use Playwright‑based or Puppeteer‑based canaries to collect browser-specific performance metrics, success rates, and visual monitoring results while retaining aggregate health views. This helps teams detect and remediate browser compatibility issues faster.
read more →