All news with #aws tag

🔁 The AWS Cloud Development Kit (CDK) CLI introduces cdk refactor (Preview), a new command that enables safe renaming, moving, and reorganization of constructs while preserving the state of deployed resources. It leverages CloudFormation refactor capabilities and automated mapping computation to prevent unintended resource replacement during code changes. Typical use cases include breaking up monolithic stacks, moving resources between stacks, and upgrading to higher-level constructs. The feature is available in all regions where AWS CDK is supported.

🔁 AWS announced native anomaly detection enhancements for AWS IoT SiteWise, including automated model retraining, flexible promotion modes, and exposed model metrics. Retraining can be scheduled between 30 days and one year to keep models current with changing equipment conditions. Customers can choose automatic service-managed promotion or manual customer-managed promotion using exposed metrics such as precision, recall, and AUC. Multivariate detection is available in N. Virginia, Ireland, and Sydney.

🔒 Amazon Interactive Video Service (Amazon IVS) now supports media ingest via interface VPC endpoints using AWS PrivateLink. This lets customers broadcast RTMP(S) streams privately to IVS Low-Latency channels and IVS Real-Time stages without traversing the public internet. Interface VPC endpoints can be created from within your VPC or from on-premises environments over AWS Direct Connect, providing private and reliable connectivity for live video workflows. The feature is available in US West (Oregon), Europe (Frankfurt), and Europe (Ireland); standard PrivateLink pricing applies.

🔒 A ransomware incident attributed to KillSec has disrupted MedicSolution, a Brazilian healthcare IT vendor, after attackers claimed to exfiltrate more than 34 GB comprising 94,818 files. Resecurity reports the haul includes medical evaluations, lab results, X‑rays and unredacted patient photos, and says data was exposed via misconfigured AWS cloud buckets. MedicSolution has not publicly responded; regulators and affected providers face notification and remediation challenges.

🔒 AWS announced that Amazon Bedrock AgentCore Gateway now supports AWS PrivateLink for private VPC access and adds invocation logging to Amazon CloudWatch, Amazon S3, and Amazon Data Firehose. These updates allow agent traffic to avoid the public internet while sending per-invocation logs to common observability and storage services. The combination improves network isolation, governance, and operational visibility. AgentCore Gateway is currently in preview in US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), and Europe (Frankfurt).

🔒 AWS Labs published a Model Context Protocol (MCP) server for CloudTrail that enables AI assistants to perform security and compliance analysis via natural‑language queries. The server provides direct access to CloudTrail events and CloudTrail Lake, allowing searches of 90‑day management event histories and Trino SQL queries on Lake data spanning up to 10 years. By exposing these capabilities through a conversational interface, the MCP server removes the need for bespoke API integrations and streamlines investigation and compliance workflows. The component is available in regions that support CloudTrail LookupEvents or CloudTrail Lake and is available with code and documentation in the AWS Labs repository.

🚀 Amazon Web Services has announced general availability of Amazon EC2 I8g storage-optimized instances in the US East (Ohio) region. Powered by AWS Graviton4 processors and third-generation Nitro SSDs, I8g delivers up to 60% better compute and up to 65% improved real-time storage performance per TB, with lower I/O latency and variability. Built on the AWS Nitro System, these instances target I/O-intensive, low-latency workloads such as transactional databases, real-time analytics and AI pre-processing. Ten sizes, including a metal option, provide up to 45 TB local NVMe storage and high network and EBS bandwidth.

🔐 AWS HealthImaging now supports OpenID Connect (OIDC) authentication for DICOMweb REST APIs, enabling OAuth 2.0–compatible identity providers to issue JWTs to authorize requests. You can integrate existing IdPs such as Amazon Cognito, Okta, or Auth0 to manage user accounts and access to DICOM resources. OIDC support is limited to DICOMweb REST API requests while native AWS IAM authentication remains available for all API calls and the feature is available in all regions where HealthImaging is generally available.

🔒 AWS Backup now lets you choose whether to include Access Control Lists (ACLs) and ObjectTags when backing up Amazon S3 buckets. Previously, these metadata elements were included for all objects by default; the new option lets administrators include only the metadata required for their recovery or compliance needs. This capability is available in all Regions where AWS Backup for Amazon S3 is offered; review pricing and regional availability on the AWS Backup pricing page.

🌐 AWS Elastic Beanstalk now supports dual-stack configuration for Application Load Balancers (ALB) and Network Load Balancers (NLB). By setting the IpAddressType option to dualstack, Elastic Beanstalk automatically configures your load balancer to serve both IPv4 and IPv6 and creates corresponding A and AAAA DNS records. Existing IPv4 environments can be upgraded to dual-stack or reverted back as needed. The feature is available in all AWS regions that support Elastic Beanstalk and ALB/NLB and simplifies deployment to IPv6-only networks while retaining IPv4 compatibility.

🧪 AWS announced that Fault Injection Service (FIS) is now available in the Europe (Zurich) Region. FIS is a fully managed service for running controlled fault injection experiments to validate application performance, observability, and resilience under scenarios such as AZ power interruptions and cross-region connectivity failures. Customers can create reusable experiment templates, integrate them into CI/CD pipelines, and generate detailed experiment reports stored in Amazon S3 for audit and compliance needs. This launch expands FIS to 24 regions globally.

🔍 With this update, Amazon CloudWatch Network Monitoring flow monitors can observe traffic between AWS Regions over the AWS global network. Flow monitors deliver near real-time metrics for compute instances such as Amazon EC2 and Amazon EKS, and for services like Amazon S3 and Amazon DynamoDB, to help detect and attribute network-driven impairments. The network health indicator now captures cross-Region path health including visibility into remote public IPs and private traffic over VPC and Transit Gateway peering.

🔔 Amazon Managed Service for Prometheus is now available in the AWS GovCloud (US) Regions, providing a fully managed, Prometheus-compatible monitoring solution for government and regulated workloads. The service supports high-scale ingestion—customers can send up to 1 billion active metrics to a single workspace—and allows multiple workspaces per account for isolation and organization. It simplifies metric storage, querying, and alerting while reducing operational overhead. Customers should consult the user guide for the full list of supported regions.

🚀 Starting today, Amazon EC2 C6in instances are available in AWS Region Asia Pacific (Thailand). These sixth-generation, network-optimized instances use 3rd Gen Intel Xeon Scalable processors and the AWS Nitro System to deliver up to 200 Gbps of network bandwidth—about 2x the bandwidth of comparable fifth-generation instances. C6in offers up to 128 vCPUs across 10 sizes (including a bare metal option), up to 100 Gbps of EBS bandwidth, and up to 400K IOPS, with Elastic Fabric Adapter (EFA) supported on 32xlarge and metal sizes.

🚀 Amazon has launched MSK Connect in the Asia Pacific (Malaysia) Region, offering a fully managed service for running Kafka Connect clusters alongside Amazon MSK. The service simplifies deploying, monitoring, and scaling connectors that move data between Apache Kafka and external systems, without provisioning infrastructure. It supports both Amazon MSK-managed and self-managed Kafka clusters and can be used via the console or CLI.

🔐 Amazon CloudFront now supports ECDSA for signed URLs and signed cookies, giving customers an alternative to RSA with improved performance and significantly smaller signature sizes. This reduces URL length and accelerates signature generation and verification, benefiting high-volume, mobile, and IoT workloads where CPU and bandwidth are constrained. ECDSA is available at all edge locations except the AWS China (Beijing and Ningxia) regions, with no additional charge to use the feature.

🔐 AWS Managed Microsoft AD now supports certificate auto-enrollment for LDAPS and Smart Card authentication by integrating with AWS Private CA through the AWS Private CA Connector for AD. The integration automates issuance, renewal, and lifecycle management of domain controller certificates, removing the need to maintain CA infrastructure on Amazon EC2. This capability is available in all Regions offering the connector and can be configured via the console or API.

🚀 Amazon EC2 R8g instances are now available in AWS Asia Pacific (Osaka) and AWS Canada (Central). Powered by AWS Graviton4 processors and the AWS Nitro System, R8g delivers up to 30% better performance than Graviton3-based instances for memory‑intensive workloads. The family includes 12 sizes (two bare‑metal options), scales up to 48xlarge with 1.5 TB RAM, and offers up to 50 Gbps enhanced networking and 40 Gbps to Amazon EBS. AWS recommends the Graviton Fast Start program and Porting Advisor to help migrate workloads.

🚀 Amazon Web Services has expanded Amazon ElastiCache to support Graviton3-based M7g and R7g node families across multiple regions including Canada (Calgary), Middle East & Africa, Europe, and Asia Pacific. Graviton3 nodes deliver improved price-performance over Graviton2, yielding up to 28% higher throughput, up to 21% better P99 latency, and up to 25% more networking bandwidth. To adopt the new instances, create a new cluster or upgrade existing clusters via the AWS Management Console and review the ElastiCache documentation for supported node types.

🤖Amazon Q in Connect now lets contact center administrators select different LLM model families directly from the Amazon Connect web UI. This no-code configuration enables quick switching between models to optimize for latency, cost, or complex reasoning. Administrators can choose Amazon Nova Pro for faster responses or Anthropic Claude Sonnet for complex reasoning, tailoring AI Agents to specific customer interaction types.