All news with #serverless security tag

🚀 The next generation of Amazon OpenSearch Serverless is now generally available, offering a fully managed search and vector engine optimized for agentic workflows. It auto-scales up to 20x faster and provisions resources in seconds, supports scale-to-zero and pay-per-usage pricing, and can reduce costs by up to 60% versus provisioning clusters for peak loads. New features include a shared storage layer that decouples compute and storage, two resource-based endpoints for simplified network connectivity, and native integrations with AI development platforms and OpenSearch Agent Skills.

🛠️ AWS SAM CLI now processes AWS CloudFormation Language Extensions in-memory for local workflows, letting developers define repeating serverless resources once and iterate without deploying to the cloud. Commands such as sam build, sam local invoke, sam sync, and sam local start-api automatically expand Fn::ForEach loops and support several helper functions and conditional policies. Update to the latest SAM CLI and add AWS::LanguageExtensions to your template to begin.

🚀 Amazon EventBridge Scheduler expands its AWS SDK integrations with 619 new API actions across 13 additional services, including support for AWS Lambda Managed Instances. This update enables customers to schedule direct API invocations for a broader set of AWS services without writing custom integration code. As a serverless scheduler, EventBridge Scheduler can manage billions of scheduled events and now supports time-based scaling of Lambda managed instances for more precise capacity control. The enhancements are generally available in all Regions where Scheduler is offered, subject to target service availability.

🚀 Cloudflare announced Dynamic Workflows, a compact TypeScript library that lets a single Worker Loader route durable Workflows to per-tenant code at runtime. It wraps the WORKFLOWS binding so tenant-created workflows persist, resume, and execute in the correct tenant sandbox. Built on Dynamic Workers, it supports per-tenant caching, hibernation, and minimal dispatch overhead.

🚀 AWS Lambda now supports creating serverless applications with Ruby 4.0. Developers can use Ruby 4.0 as both a managed runtime and a container base image, and AWS will automatically apply updates to the managed runtime and base image as they become available. The runtime adds advanced logging controls including JSON structured logs, configurable logging levels, and the ability to target specific Amazon CloudWatch log groups. Ruby 4.0 is available in all AWS Regions, including China and AWS GovCloud (US).

🚀 Google announced a broad set of updates to Cloud Run to accelerate full‑stack app delivery, agent hosting, and high‑performance inference. New capabilities include full‑stack app deployment from AI Studio, a fully managed remote MCP server, and integration with the Gemini Enterprise Agent Platform. High‑end NVIDIA RTX PRO 6000 Blackwell GPUs are now GA, while instance primitives, SSH access, ephemeral sandboxes, and billing caps are rolling out in preview or coming soon.

🚀 AWS has expanded Lambda durable functions into 16 additional regions, enabling developers to run orchestrated, multi-step serverless workflows closer to users and data. The feature adds primitives like steps and waits to checkpoint progress, recover from failures, and pause execution without incurring compute charges for on‑demand functions. You can enable durable functions for Python 3.13/3.14, Node.js 22/24, or Java 17+ via the API, Console, SDK, or IaC tools such as CloudFormation, SAM, and CDK.

📦 AWS introduces the Agent Plugin for AWS Serverless, which integrates AI coding assistants like Kiro, Claude Code, and Cursor to simplify building, deploying, troubleshooting, and managing serverless applications. The plugin packages reusable agent skills, sub-agents, hooks, and MCP servers to provide contextual guidance across the development lifecycle. It supports Lambda integrations with common event sources, IaC workflows via SAM and CDK, long‑running stateful patterns with durable functions, and API design with API Gateway. Skills are distributed in the open Agent Skills format and are available in AI tooling that supports agent plugins or skills.

🚀 Amazon Aurora PostgreSQL introduces an express configuration that creates serverless clusters and enables query execution in seconds. These clusters are provisioned outside a VPC with an internet access gateway that supports the full PostgreSQL wire protocol and multi‑AZ availability. IAM-based passwordless admin authentication is enabled by default, and the tier is available under the AWS Free Tier. Use the RDS Console, AWS CLI, or SDKs to deploy.

🚀 Cloudflare's Dynamic Worker Loader API enables Workers to instantiate isolated JavaScript sandboxes at runtime, letting LLM-generated code run securely and on-demand. Using lightweight V8 isolates rather than containers, Dynamic Workers start in milliseconds, are far more memory efficient, and scale across Cloudflare's edge. The feature supports TypeScript RPC interfaces, credential injection for outbound HTTP, and helper libraries for bundling, virtual filesystems, and Code Mode integration.

🔔 AWS has announced the developer preview of the Lambda Durable Execution SDK for Java, enabling Java 17+ developers to build resilient, multi-step serverless applications without custom progress tracking. The SDK adds automatic checkpointing, wait primitives that suspend execution for up to a year, and durable futures for callback-based flows. Paused on-demand functions are not billed for duration, and the preview includes samples and guidance to get started.

🛡️ This article presents a layered, AI-enhanced defense-in-depth architecture for protecting serverless microservices on AWS. It outlines seven security layers—from edge DDoS and WAF protections to identity, API gateway controls, network isolation, compute hardening, secrets management, and data encryption—integrating GuardDuty, Cognito, API Gateway, Secrets Manager, and DynamoDB. The guidance emphasizes continuous monitoring, automated incident response using Amazon Bedrock and EventBridge, and operational practices that balance security, compliance, and developer velocity.

🚀 Cloud Run now supports NVIDIA RTX PRO 6000 Blackwell GPUs in preview, enabling serverless deployment of large inference models such as Gemma 3 27B and Llama 3.1 70B. The GPUs provide 96GB vGPU memory, 1.6 TB/s bandwidth and support for FP4 and FP6 precision. Cloud Run pre-installs drivers, offers rapid GPU startup and autoscaling to zero, and integrates with Cloud Storage and IAP for production use.

🔒 Cloudflare ported a Matrix homeserver to Cloudflare Workers as a proof-of-concept, combining edge execution with built-in post-quantum TLS to reduce operational burden. The implementation remaps traditional components — Postgres to D1, Redis to KV, filesystem to R2, and coordination to Durable Objects — to provide strong consistency where needed and near-zero idle cost. End-to-end encryption remains client-side via Megolm, so Workers terminate TLS but only handle ciphertext. The result is a low-latency, easy-to-deploy homeserver with automatic DDoS protection and request-based pricing.

🔒 Cloudflare describes a proof-of-concept Matrix homeserver implemented on Cloudflare Workers, porting core logic from Synapse to a TypeScript service. By mapping Postgres to D1, Redis to KV, filesystem to R2, and coordination to Durable Objects, the architecture removes much of the traditional operational burden. The Worker preserves full Matrix E2EE (Megolm) while TLS automatically negotiates a post-quantum hybrid key agreement (X25519MLKEM768), delivering lower latency, usage-based cost scaling, and global distribution.

🚀 Cloudflare has significantly upgraded Python Workers to support any package compatible with Pyodide, delivering a more complete Python-native developer experience. Rather than shipping a limited set of built-ins, developers can install pure-Python and many dynamic-library packages using the integrated uv tooling and pywrangler. Cloudflare also uses dedicated memory snapshots and its isolate-based architecture to achieve markedly faster cold starts than competing serverless options while keeping easy, global deployment and free-tier options.

🚀 Amazon EMR Serverless now provides fully managed serverless local storage for Apache Spark workloads, removing the need to provision disk type or size per application. The service offloads intermediate operations such as shuffle to an auto-scaling, encrypted serverless storage with job-level isolation, so customers pay only for compute and memory consumed. This reduces disk-related job failures and can lower costs by up to 20%. It is generally available for EMR release 7.12 and later.

🆕 AWS Lambda now supports creating serverless applications with Node.js 24, available as both a managed runtime and a container base image. AWS will automatically apply updates to the managed runtime and base image as they become available, and the runtime is offered in all Regions including GovCloud (US) and China. The release emphasizes modern async/await handlers and removes callback-based handlers; Lambda@Edge and Powertools for AWS Lambda (TypeScript) are also supported, and standard AWS deployment tools (Console, CLI, SAM, CDK, CloudFormation) can be used to deploy Node.js 24 functions.

🚀 Amazon launched MWAA Serverless, a managed, serverless deployment option for Apache Airflow that eliminates infrastructure management and bills only for actual task compute time. Workflows can be authored as YAML configurations or Python DAGs and leverage over 80 AWS Operators from Airflow v3.0. Each workflow runs in isolation with distinct IAM permissions while the service automatically provisions and scales resources across supported regions.

🌐 Cloudflare announced the open beta of Workers VPC Services, enabling Workers to securely reach APIs, containers, VMs, serverless functions and databases inside regional private networks via Cloudflare Tunnels. Developers register services by hostname or IP and bind them to Workers, with access verified at deploy time to restrict Workers to only the declared service. The model reduces cloud lock‑in, mitigates SSRF risk, and is available free during the beta.