AWS News Feed on 🦋

AWS KMS now supports Edwards-curve Digital Signature Algorithm (EdDSA) AWS Key Management Service (KMS) announces support for the Edwards-curve Digital Signature Algorithm (EdDSA). With this new capability, you can create an elliptic curve asymmetric KMS key or data key pairs to sign and verify EdDSA signatures using the Edwards25519 curve (Ed25519). Ed25519 provides 128-bit security level equivalent to NIST P-256, faster signing performance, and small signature size (64 bytes) and public key sizes (32 bytes). Ed25519 is ideal for situations that require small key and signature sizes, such as Internet of Things (IoT) devices and blockchain applications like cryptocurrency. This new capability is available in all AWS Regions, including the AWS GovCloud (US) Regions and the China Regions. To learn more about this new capability, see Asymmetric key specs section in the AWS KMS Developer Guide.

🆕 AWS KMS now supports EdDSA with Ed25519, offering 128-bit security, faster signing, and small key/signature sizes ideal for IoT and blockchain. Available in all regions. See AWS KMS Developer Guide for details.

#AWS #AwsGovcloudUs #AwsKms

Amazon Cognito user pools now supports private connectivity with AWS PrivateLink Amazon Cognito user pools now supports AWS PrivateLink for secure and private connectivity. With AWS PrivateLink, you can establish a private connection between your virtual private cloud (VPC) and Amazon Cognito user pools to configure, manage, and authenticate against your Cognito user pools without using the public internet. By enabling private network connectivity, this enhancement eliminates the need to use public IP addresses or relying solely on firewall rules to access Cognito. This feature supports user pool management operations (e.g., list user pools, describe user pools), administrative operations (e.g., admin-created users), and user authentication flows (sign in local users stored in Cognito). OAuth 2.0 authorization code flow (Cognito managed login, hosted UI, sign-in via social identity providers), client credentials flow (Cognito machine-to-machine authorization), and federated sign-ins via SAML and OIDC standards are not supported through VPC endpoints at this time. You can use PrivateLink connections in all AWS Regions where Amazon Cognito user pools is available, except AWS GovCloud (US) Regions. Creating VPC endpoints on AWS PrivateLink will incur additional charges; refer to AWS PrivateLink pricing page for details. You can get started by creating an AWS PrivateLink interface endpoint for Amazon Cognito user pools using the AWS Management Console, AWS Command Line Interface (CLI), AWS Software Development Kits (SDKs), AWS Cloud Development Kit (CDK), or AWS CloudFormation. To learn more, refer to the documentation on creating an interface VPC endpoint and Amazon Cognito’s developer guide.

🆕 Amazon Cognito user pools now support AWS PrivateLink for secure private connectivity, eliminating public internet use. VPC endpoints enable private access for management and user auth, excluding OAuth 2.0. Available in all regions except AWS GovCloud (US). A…

#AWS #AmazonCognito #AwsPrivatelink

Amazon VPC Lattice now supports custom domain names for resource configurations Starting today, VPC Lattice allows you to specify a custom domain name for a resource configuration. Resource configurations enable layer-4 access to resources such as databases, clusters, domain names, etc. across VPCs and accounts. With this feature, you can use resource configurations for cluster-based and TLS-based resources. Resource owners can use this feature by specifying a custom domain for a resource configuration and sharing the resource configuration with consumers. Consumers can then access the resource using the custom domain, with VPC Lattice managing a private hosted zone in the consumer’s VPC. This feature also provides resource owners and consumers control and flexibility over the domains they want to use. Resource owners can use a custom domain owned by them, or AWS, or a third-party. Consumers can use granular controls to choose which domains they want VPC Lattice to manage private hosted zones for. This feature is available at no additional cost in all AWS Regions where VPC Lattice resource configuration is available. For more information, please read our blog or visit the Amazon VPC Lattice product detail page and Amazon VPC Lattice documentation.

🆕 Amazon VPC Lattice now supports custom domain names for resource configurations, enabling resource owners to specify and share custom domains for cluster-based and TLS-based resources across VPCs and accounts, at no additional cost.

#AWS #AwsPrivatelink

AWS Advanced .NET Data Provider Driver is Generally Available The Amazon Web Services (AWS) Advanced .NET Data Provider Driver is now generally available for Amazon RDS and Amazon Aurora PostgreSQL and MySQL-compatible databases. This advanced database driver reduces RDS Blue/Green switchover and database failover times, improving application availability. Additionally, it supports multiple authentication mechanisms for your database, including Federated Authentication, AWS Secrets Manager authentication, and token-based authentication with AWS Identity and Access Management (IAM). The driver builds on top of Npgsql PostgreSQL, native MySql.Data, and MySqlConnector drivers to further enhance functionality beyond standard database connectivity. The driver is natively integrated with Aurora and RDS databases, enabling it to monitor database cluster status and quickly connect to newly promoted writers during unexpected failures that trigger database failovers. Furthermore, the driver seamlessly works with popular frameworks like NHibernate and supports Entity Framework (EF) with MySQL databases. The driver is available as an open-source project under the Apache 2.0 license. Refer the instructions on the on the GitHub repository to get started.

🆕 AWS Advanced .NET Data Provider Driver is now GA for RDS and Aurora PostgreSQL/MySQL, reducing failover times and supporting multiple auth methods. Open-source under Apache 2.0, it integrates with popular frameworks and is available on GitHub.

#AWS #AmazonAurora

Amazon S3 now supports tags on S3 Tables Amazon S3 now supports tags on S3 Tables for attribute-based access control (ABAC) and cost allocation. You can use tags for ABAC to automatically manage permissions for users and roles accessing table buckets and tables. This helps eliminate frequent AWS Identity and Access Management (IAM) or S3 Tables resource-based policy updates, simplifying how you govern access at scale. Additionally, you can add tags to individual tables to track and organize AWS costs using AWS Billing and Cost Management. Amazon S3 supports tags on S3 Tables in all AWS Regions where S3 Tables is available. You can get started with tagging using the AWS Management Console, SDK, API, or CLI. To learn more about using tags on S3 Tables, visit the S3 User Guide.

🆕 Amazon S3 now supports tags on S3 Tables for ABAC and cost tracking. Use tags to manage access and simplify governance, reducing frequent IAM policy updates. Available in all regions, start tagging via console, SDK, API, or CLI. For details, see the S3 User Guide.

#AWS #AmazonS3

Amazon CloudWatch Application Signals now available in AWS GovCloud (US) Regions Amazon CloudWatch Application Signals expands its availability to AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions, enabling government customers and regulated industries to automatically monitor and improve application performance in these regions. CloudWatch Application Signals provides comprehensive application monitoring capabilities by automatically collecting telemetry data from applications running on Amazon EC2, Amazon ECS, Amazon EKS and AWS Lambda, helping customers meet their compliance and monitoring requirements while maintaining workload visibility. With CloudWatch Application Signals, customers in AWS GovCloud (US) regions can now monitor application health in real time, track performance against business goals, visualize service relationships and dependencies, and quickly identify and resolve performance issues. This automated observability solution eliminates the need for manual instrumentation while providing detailed insights into application behavior and performance patterns. The service automatically detects anomalies and helps correlate issues across different AWS services, enabling faster problem resolution and improved application reliability. CloudWatch Application Signals will be available in AWS GovCloud (US-East) and AWS GovCloud (US-West). For pricing information, visit the Amazon CloudWatch pricing page. To get started, visit the Amazon CloudWatch Application Signals documentation.

🆕 Amazon CloudWatch Application Signals now available in AWS GovCloud (US) regions, enabling government customers to monitor and improve application performance automatically, providing real-time health tracking and anomaly detection across AWS services.

#AWS #AwsGovcloudUs #AmazonCloudwatch

Deadline Cloud expands support with latest 6th, 7th, and 8th generation instances AWS announces expanded instance family support in Deadline Cloud, adding new 6th, 7th, and 8th generation EC2 instances to enhance visual effects and animation rendering workloads. This release includes support for C7i, C7a, M7i, M7a, R7a, R7i, M8a, M8i, and R8i instance families, along with additional 6th generation instance types that were previously unavailable. Deadline Cloud is a fully managed service that helps customers run visual compute workloads in the cloud without having to manage infrastructure. With this enhancement, studios can utilize a broader range of AWS compute technology to optimize their rendering workflows. The compute-optimized (C-series), general-purpose (M-series), and memory-optimized (R-series) instances provide tailored options for different rendering workloads - from compute-intensive simulations to memory-heavy scene processing. The inclusion of latest-generation instances like M8a and R8i enables customers to access improved performance and efficiency for their most demanding rendering tasks. These instance families are available in all 10 AWS Regions where Deadline Cloud is offered. The specific instance types available in each Region depend on the regional availability of the EC2 instance types themselves. To learn more about the new instance types supported in Deadline Cloud and their regional availability, see the AWS Deadline Cloud pricing page.

🆕 AWS expands Deadline Cloud support with 6th, 7th, and 8th gen EC2 instances (C7i, C7a, M7i, M7a, R7a, R7i, M8a, M8i, R8i) to optimize visual effects rendering, available in 10 regions.

#AWS #AwsDeadlineCloud

AWS Backup now supports AWS KMS customer managed keys with logically air-gapped vaults AWS Backup now supports encrypting backups in logically air-gapped vaults with AWS Key Management Service (KMS) customer managed keys (CMKs). This enhancement provides additional encryption options beyond the existing AWS-owned keys, helping organizations meet their regulatory and compliance requirements. You can now create logically air-gapped vaults using your own customer managed keys (CMKs) in AWS KMS, giving you more control over your backup protection strategy. Whether you want to use keys from the same account or across accounts, you maintain centralized key management while preserving the security benefits of logically air-gapped vaults. This integration works seamlessly with your existing logically air-gapped vaults and other AWS Backup features, ensuring no disruption to your backup workflows. AWS KMS customer managed key support with logically air-gapped vaults is available in all AWS Regions where logically air-gapped vaults are currently supported. You can get started with logically air-gapped vault support for CMKs using the AWS Backup console, API, or CLI. When creating a new logically air-gapped vault, you can now choose between an AWS-owned key or your own CMK for encryption. For more information about implementing this feature, visit the AWS Backup product page, documentation, and blog.

🆕 AWS Backup now supports AWS KMS CMKs for encrypting backups in logically air-gapped vaults, offering enhanced encryption options and compliance flexibility across all supported regions.

#AWS #AwsBackup

AWS announces a new Regional planning tool in Builder Center Today, AWS announced a new tool called AWS Capabilities by Region in Builder Center. This tool helps you discover and compare AWS services, features, APIs, CloudFormation resources across AWS Regions. You can explore service availability through an interactive interface, compare multiple Regions side-by-side, and view forward-looking roadmap information. This detailed visibility helps you make informed decisions about global deployments and prevent project delays due to service unavailability. In addition to this tool, AWS also enhanced the AWS Knowledge Model Context Protocol (MCP) Server to include information about Regional capabilities in an LLM-compatible format. MCP clients and agentic frameworks can connect to the AWS Knowledge MCP Server to get real-time insights into regional service availability and suggestions for alternative solutions when specific services or features are unavailable. You can begin exploring AWS Capabilities by Region in AWS Builder Center today. The Knowledge MCP server is also publicly accessible at no cost and does not require an AWS account. Usage is subject to rate limits. Follow the getting started guide for setup instructions.

🆕 AWS's new Regional planning tool in Builder Center helps compare service availability for better global deployment. The enhanced Knowledge MCP Server provides real-time insights on regional capabilities; no AWS account needed, but usage has rate limits.

#AWS

Amazon SageMaker launches custom tags for project resources Today, Amazon SageMaker Unified Studio announced new capabilities allowing SageMaker projects to add custom tags to resources created through the project. This helps customers enforce tagging standards that conform to Service Control Policies (SCP) and helps enable cost tracking reporting practices on resources created across the organization. As an Amazon SageMaker Unified Studio administrator, you can configure a project profile with tag configurations that will be pushed down to all projects using the project profile. Project profiles can be setup to pass Key and Value tag pairings or pass the Key of the tag with a default Value that can be modified during project creation. All tag values passed to the project will result in the resources created by that project being tagged. This provides administrators a governance mechanism that enforces project resources have the expected tags. This first release of custom tags for project resources is supported only through application programming interface (API). Custom tags for project resources capability is available in all AWS Regions where Amazon SageMaker Unified Studio is supported, including: Asia Pacific (Tokyo), Europe (Ireland), US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), South America (São Paulo), Asia Pacific (Seoul), Europe (London), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), Asia Pacific (Mumbai), Europe (Paris), Europe (Stockholm) To learn more, visit Amazon SageMaker then get started with the custom tag API documentation.

🆕 Amazon SageMaker now supports custom tags for project resources, aiding SCP compliance and cost tracking. Admins can set tag configurations in project profiles, enforced via API. Available in all supported regions. For more, see SageMaker custom tag API documentation.

#AWS #AmazonSagemaker

AWS End User Messaging SMS launches Carrier Lookup Starting today, AWS End User Messaging customers can now lookup carrier information related to a phone number including the country, number type, dialing code, and mobile network and carrier codes. With Carrier Lookup, you can increase deliverability by checking important information about a phone number before you start sending messages, avoiding sending messages to the wrong destination, or to incorrect phone numbers. AWS End User Messaging provides developers with a scalable and cost-effective messaging infrastructure without compromising the safety, security, or results of their communications. Developers can integrate messaging to support uses cases such as one-time passcodes (OTP) at sign-ups, account updates, appointment reminders, delivery notifications, promotions and more. Support for Carrier Lookup is available in all AWS Regions where End User Messaging is available, see the AWS Region table. To learn more, see AWS End User Messaging.

🆕 AWS End User Messaging now offers Carrier Lookup to check phone number details like country, type, dialing code, and carrier info, enhancing deliverability and avoiding incorrect message delivery. Available in all regions where End User Messaging operates.

#AWS #AwsGovcloudUs

Amazon Elastic VMware Service (Amazon EVS) is now available in additional Regions Today, we're announcing that Amazon Elastic VMware Service (Amazon EVS) is now available in all availability zones in the Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central) and Europe (Paris) Regions. This expansion provides more options to leverage the scale and flexibility of AWS for running your VMware workloads in the cloud. Amazon EVS lets you run VMware Cloud Foundation (VCF) directly within your Amazon Virtual Private Cloud (VPC) on EC2 bare-metal instances, powered by AWS Nitro. Using either our step-by-step configuration workflow or the AWS Command Line Interface (CLI) with automated deployment capabilities, you can set up a complete VCF environment in just a few hours. This rapid deployment enables faster workload migration to AWS, helping you eliminate aging infrastructure, reduce operational risks, and meet critical timelines for exiting your data center. The added availability in the Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central) and Europe (Paris) Regions gives your VMware workloads lower latency through closer proximity to your end users, compliance with data residency or sovereignty requirements, and additional high availability and resiliency options for your enhanced redundancy strategy. To get started, visit the Amazon EVS product detail page and user guide.

🆕 Amazon EVS now available in Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central), and Europe (Paris) for faster VMware workload migration, lower latency, and enhanced redundancy. Set up VMware Cloud Foundation in hours via AWS CLI.

#AWS

AWS IoT Greengrass v2.16 introduces system log forwarder and TPM2.0 capabilities AWS announces the release of AWS IoT Greengrass v2.16, introducing new core components for nucleus and nucleus lite. AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software at the edge. The latest version 2.16 release includes enhanced debugging capabilities through the system log forwarder component. This component uploads system log files to AWS Cloud Watch, making it easier for developers to troubleshoot IoT edge applications. The AWS IoT Greengrass v2.16 release also features a new nucleus lite version (v2.3) with TPM2.0 specification support, enabling developers to manage edge device security for their resource constrained devices using hardware-based root of trust modules. The implementation helps developers to scale their IoT deployments with confidence while providing secure storage for secrets and streamlined device authentication. AWS IoT Greengrass v2.16 is available in all AWS Regions where AWS IoT Greengrass is offered. To learn more about AWS IoT Greengrass v2.16 and its new features, visit the AWS IoT Greengrass documentation. Follow the Getting Started guide for a quick introduction to AWS IoT Greengrass.

🆕 AWS IoT Greengrass v2.16 adds system log forwarder and TPM2.0 support for enhanced debugging and secure edge device management, available in all regions. For details, see AWS IoT Greengrass documentation.

#AWS #AwsIot

Amazon DynamoDB Streams expands AWS PrivateLink support to FIPS endpoints Amazon DynamoDB Streams now supports AWS PrivateLink for all available Amazon DynamoDB Streams Federal Information Processing Standard (FIPS) endpoints in US and Canada commercial AWS Regions. With this launch, you can establish a private connection between your virtual private cloud (VPC) and Amazon DynamoDB Streams FIPS endpoints instead of connecting over the public internet, helping you meet your organization's business, compliance, and regulatory requirements to limit public internet connectivity. Amazon DynamoDB Streams support for AWS PrivateLink FIPs endpoints is available with Amazon DynamoDB Streams in the US and Canada commercial AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), and Canada West (Calgary). To learn more about Amazon DynamoDB Streams support for AWS PrivateLink FIPs endpoints, visit the Amazon DynamoDB Stream documentation. For more information about AWS PrivateLink and its benefits, visit the AWS PrivateLink product page.

🆕 Amazon DynamoDB Streams now supports AWS PrivateLink for FIPS endpoints in US and Canada, enabling private VPC connections to meet compliance and regulatory needs, available in select regions.

#AWS #AwsPrivatelink #AmazonDynamodb

Amazon ECS announces non-root container support for managed EBS volumes Amazon Elastic Container Service (ECS) now supports mounting Amazon Elastic Block Store (EBS) volumes to containers running as non-root users. With this launch, ECS automatically configures the EBS volume’s file system permissions to allow non-root users to read and write data securely, while preserving the root-level ownership of the volume. This enhancement simplifies security-first container deployments by removing the need for manual permission management or custom entrypoint scripts. This feature enhances container security by allowing tasks to run as non-root users, reducing the risk of privilege escalation and unauthorized access to data. Previously, for a container in a task to write to a mounted Amazon EBS volume, it had to run as the root user. ECS now automatically manages EBS volume permissions, simplifying workflows and ensuring that all containers within a task — regardless of user ID — can securely read and write to the mounted volume. This feature is now available in all AWS Regions where Amazon ECS and Amazon EBS are supported, for EC2, AWS Fargate, and ECS Managed Instances launch types. To learn more, see Use Amazon EBS volumes with Amazon ECS in the Amazon ECS Developer Guide.

🆕 Amazon ECS now supports non-root container access to managed EBS volumes, simplifying security and reducing privilege escalation risks. Available in all regions with ECS and EBS.

#AWS #AmazonEcs

Amazon Keyspaces (for Apache Cassandra) is now available in the Middle East (UAE) Region Amazon Keyspaces (for Apache Cassandra) is now available in the Middle East (UAE) Region, allowing customers in the Middle East to build Cassandra-compatible applications with lower latency while keeping their data within the Region to meet data residency requirements. Amazon Keyspaces (for Apache Cassandra) is a scalable, highly available, and managed Apache Cassandra–compatible database service. Amazon Keyspaces is serverless, so you pay for only the resources that you use and you can build applications that serve thousands of requests per second with virtually unlimited throughput and storage. The Middle East (UAE) Region provides the same Amazon Keyspaces features available in other AWS Regions, including point-in-time recovery, Multi-Region replication, CDC streams, and IPv6 support. This regional expansion enables organizations in the Middle East to build highly scalable, low-latency applications using familiar Cassandra Query Language (CQL) without the operational burden of managing Cassandra clusters. To learn more about on Keyspaces, visit the Amazon Keyspaces documentation.

🆕 Amazon Keyspaces (for Apache Cassandra) is now available in UAE, offering scalable, managed, and low-latency Cassandra-compatible database service with regional data residency, point-in-time recovery, and Multi-Region replication.

#AWS #AmazonKeyspaces

Amazon CloudFront announces cross-account support for VPC origins Amazon CloudFront announces cross-account support for Virtual Private Cloud (VPC) origins, enabling customers to access VPC origins that reside in different AWS accounts from their CloudFront distributions. With VPC origins, customers can have their Application Load Balancers (ALB), Network Load Balancers (NLB), and EC2 Instances in a private subnet that is accessible only through their CloudFront distributions. With the support for cross-account VPC origins in CloudFront, customers can now leverage the security benefits of VPC origins while maintaining their existing multi-account architecture. Customers set up multiple AWS accounts for better security isolation, cost management, and compliance. Previously, customers could access origins in private VPCs from CloudFront only if CloudFront and the origin were in the same AWS account. This meant customers who had their origins in multiple AWS accounts, had to keep their accounts in public subnets to get the scale and performance benefits of CloudFront. Customers then had to maintain additional security controls, such as access control lists (ACL), at both the edge and within regions, rather than benefiting from the inherent security of VPC origins. Now, customers can use AWS Resource Access Manager (RAM) to allow CloudFront access to origins in private VPCs in different AWS accounts, both within and outside their AWS Organizations and organizational units (OUs). This streamlines security management and reduces operational complexity, making it easy to use CloudFront as the single front door for applications. VPC origins is available in AWS Commercial Regions only, and the full list of supported AWS Regions is available here. There is no additional cost for using cross-account VPC origins with CloudFront. To learn more about implementing cross-account VPC origins and best practices for multi-account architectures, visit CloudFront VPC origins.

🆕 Amazon CloudFront now supports cross-account VPC origins, allowing secure access to private VPC resources in different AWS accounts, enhancing security and simplifying multi-account architecture management without additional costs.

#AWS #AmazonCloudfront

AWS B2B Data Interchange is now available in AWS Europe (Ireland) Region Customers in AWS Europe (Ireland) Region can now use AWS B2B Data Interchange to build highly customizable, scalable and cost-efficient EDI workloads. AWS B2B Data Interchange automates validation, transformation, and generation of EDI files such as ANSI X12 documents to and from JSON and XML data formats. With this launch, you can use AWS B2B Data Interchange to process your EDI documents in AWS Europe (Ireland) Region, which enables you to meet your compliance and data sovereignty obligations while modernizing your B2B integration workloads. As part of this launch, the AWS B2B Data Interchange generative AI mapping capability will also become available in AWS Europe (Ireland) Region, simplifying mapping code development and ultimately expediting trading partners onboarding. To learn more about AWS B2B Data Interchange visit our product page, user-guide or take our self-paced workshop. See the AWS Region Table for complete regional availability.

🆕 AWS B2B Data Interchange is now available in AWS Europe (Ireland), enabling scalable EDI automation, compliance, and generative AI mapping for B2B integration workloads.

#AWS #AwsB2bDataInterchange

Microsoft SQL Server Developer Edition now available through AWS Launch Wizard AWS Launch Wizard now offers a guided approach to sizing, configuring, and deploying Windows Server EC2 instances with Microsoft SQL Server Developer Edition installed from your own media. AWS Launch Wizard for SQL Server Developer Edition allows you to simplify launching cost-effective and full-featured SQL Server instances on Amazon EC2, making it ideal for developers building non-production and test database environments. This feature is ideal for customers who also have existing non-production databases running SQL Server Enterprise Edition or SQL Server Standard Edition, as migrating the non-production databases to SQL Server Developer Edition will reduce SQL license costs while maintaining feature parity. This feature is available in all supported commercial AWS Regions and the AWS GovCloud (US) Regions. To learn more, see the AWS Launch Wizard for SQL Server User Guide and blog post here.

🆕 AWS Launch Wizard deploys Windows Server EC2 instances with SQL Server Developer Edition, simplifying cost-effective SQL Server setups for non-production use, reducing license costs, available in all commercial AWS regions and AWS GovCloud.

#AWS #AwsGovcloudUs #AmazonEc2

Amazon Cloudfront adds IPv6 support for Anycast Static IPs Amazon CloudFront now supports both IPv4 and IPv6 addresses for Anycast Static IP configurations. Previously, this feature was limited to IPv4 addresses only. This update now provides customers with ability to have both IPv4 and IPv6 addresses when using CloudFront Anycast Static IP addresses. Previously, customers could only use IPv4 addresses when using CloudFront Anycast static IP addresses. With this launch, customers using CloudFront Anycast Static IP addresses receive both IPv4 and IPv6 addresses for their workloads. This dual-stack support allows customers to meet IPv6 compliance requirements, future-proof their infrastructure, and serve end users on IPv6-only networks. CloudFront supports IPv6 for Anycast Static IPs from all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. Learn more about Anycast Static IPs here and for more information, please refer to the Amazon CloudFront Developer Guide. For pricing, please see CloudFront Pricing.

🆕 Amazon CloudFront now supports IPv6 for Anycast Static IPs, offering both IPv4 and IPv6 addresses globally, excluding AWS China regions. This update helps meet IPv6 compliance and future-proofs infrastructure.

#AWS #AmazonCloudfront

AWS Marketplace now open for India-based sellers supporting transactions in Indian Rupees (INR) Buyers and sellers in India can now transact locally in AWS Marketplace, with invoicing in Indian Rupees (INR), and with simplified tax compliance through AWS India. With this launch, India-based sellers can now register to sell in AWS Marketplace and offer paid subscriptions to buyers in India. India-based sellers will be able to create private offers in US dollars (USD) or INR. Buyers in India purchasing paid offerings in AWS Marketplace from India-based sellers will receive invoices in INR, helping to simplify invoicing with consistency across AWS Cloud and AWS Marketplace purchases. Sellers based in India can begin selling paid offerings in AWS Marketplace and can work with India-based Channel Partners to sell to customers. AWS India will facilitate the issuance of tax-compliant invoices in INR to buyers, with the independent software vendor (ISV) or Channel Partner as the seller of record. AWS India will automate the collection and remittance of Withholding Tax (WHT) and GST-Tax Collected at Source (GST-TCS) to the relevant tax authorities, fulfilling compliance requirements for buyers. During this phase, non-India based sellers can continue to sell directly to buyers in India through AWS Inc., in USD or through AWS India by working through authorized distributors. To learn more and explore solutions available from India-based sellers, visit this page. To get started as a seller, India-based ISVs and Channel Partners can register in the AWS Marketplace Management Portal. For more information about buying or selling using AWS Marketplace in India, visit the India FAQs page and help guide.

🆕 AWS Marketplace now aids India-based sellers with INR transactions, easing tax compliance and invoicing. Sellers can offer subscriptions in INR or USD, with AWS India handling tax and issuing INR invoices. Non-India sellers can still sell in USD. Register via AWS Marketplac…

#AWS #AwsMarketplace

Amazon Keyspaces (for Apache Cassandra) extends Multi-Region Replication to Bahrain and Hong Kong Region Amazon Keyspaces (for Apache Cassandra) now supports Multi-Region Replication in the Middle East (Bahrain) and Asia Pacific (Hong Kong) Regions. With this expansion, customers can now replicate their Amazon Keyspaces tables to and from these Regions, enabling lower latency access to data and improved regional resiliency. Amazon Keyspaces Multi-Region Replication automatically replicates data across AWS Regions with typically less than a second of replication lag, allowing applications to read and write data to the same table in multiple Regions. This capability helps customers build globally distributed applications that can serve users with low latency regardless of their location, while also providing business continuity in the event of a regional disruption. The addition of Multi-Region Replication support in Middle East (Bahrain) and Asia Pacific (Hong Kong) enables organizations operating in these regions to build highly available applications that can maintain consistent performance for users across the Middle East and Asia Pacific. Customers can now replicate their Keyspaces tables between these regions and any other supported AWS Region without managing complex replication infrastructure. You pay only for the resources you use, including data storage, read/write capacity, and writes in each Region of your multi-Region keyspace. To learn more about Amazon Keyspaces Multi-Region Replication and its regional availability, visit the Amazon Keyspaces documentation.

🆕 Amazon Keyspaces now supports Multi-Region Replication in Bahrain and Hong Kong, enabling lower latency and improved regional resiliency. Customers can replicate data across regions with minimal lag, enhancing global app performance and continuity.

#AWS #AmazonKeyspaces

Amazon CloudWatch Database Insights expands anomaly detection in on-demand analysis Amazon CloudWatch Database Insights now detects anomalies on additional metrics through its on-demand analysis experience. Database Insights is a monitoring and diagnostics solution that helps database administrators and application developers optimize database performance by providing comprehensive visibility into database metrics, query performance, and resource utilization patterns. The on-demand analysis feature utilizes machine learning to help identify anomalies and performance bottlenecks during the selected time period, and gives advice on what to do next. The Database Insights on-demand analysis feature now offers enhanced anomaly detection capabilities. Previously, database administrators could analyze database performance and correlate metrics based on database load. Now, the on-demand analysis report also identifies anomalies in database-level and operating system-level counter metrics for the database instance, as well as per-SQL metrics for the top SQL statements contributing to database load. The feature automatically compares your selected time period against normal baseline performance, identifies anomalies, and provides specific remediation advice while reducing mean time to diagnosis. Through intuitive visualizations and clear explanations, you can quickly identify performance issues and receive step-by-step guidance for resolution. You can get started with on-demand analysis by enabling the Advanced mode of CloudWatch Database Insights on your Amazon Aurora or RDS databases using the AWS management console, AWS APIs, or AWS CloudFormation. Please refer to RDS documentation and Aurora documentation for information regarding the availability of Database Insights across different regions, engines, and instance classes.

🆕 Amazon CloudWatch Database Insights now enhances anomaly detection in on-demand analysis, identifying issues in database and OS metrics, and offering remediation advice for quicker resolution. Available for Amazon Aurora and RDS via AWS console, APIs, or CloudFormation.

#AWS #AmazonRds

AWS Glue Schema Registry adds support for C# AWS Glue Schema Registry (GSR) has now expanded the programming language support for GSR Client library to include C# support along with existing Java support. C# applications integrating with Apache Kafka or Amazon Managed Streaming for Apache Kafka (Amazon MSK), Amazon Kinesis Data Streams, and Apache Flink or Amazon Managed Service for Apache Flink can now interact with AWS Glue Schema Registry to maintain data quality and schema compatibility in streaming data applications. AWS Glue Schema Registry, a serverless feature of AWS Glue, enables you to validate and control the evolution of streaming data using registered schemas at no additional charge. Schemas define the structure and format of data records produced by applications. Using AWS Glue Schema Registry, you can centrally manage and enforce schema definitions across your data ecosystem. This ensures consistency of schemas across applications and enables seamless data integration between producers and consumers. Through centralized schema validation, teams can maintain data quality standards and evolve their schemas in a controlled manner.   C# support is available across all AWS regions where Glue Schema Registry is available. Visit the Glue Schema Registry developer guide, and SDK to get started with C# integration.

🆕 AWS Glue Schema Registry now supports C#, adding it to Kafka, MSK, Kinesis, and Flink. This expands client library to C#, ensuring data quality and schema compatibility in all regions.

#AWS #AmazonMsk #AmazonManagedServiceForApacheFlink #AwsGovcloudUs #AwsGlue #AmazonKinesisStreams

Amazon FSx now integrates with AWS Secrets Manager for enhanced management of Active Directory credentials Amazon FSx now integrates with AWS Secrets Manager, enabling enhanced protection and management of the Active Directory domain service account credentials for your FSx for Windows File Server file systems and FSx for NetApp ONTAP Storage Virtual Machines (SVMs). Previously, if you wanted to join your FSx for Windows file system or FSx for ONTAP SVM to your Active Directory domain for user authentication and access control, you needed to specify the username and password for your service account in the Amazon FSx Console, Amazon FSx API, AWS CLI, or AWS CloudFormation. With this launch, you can now specify an AWS Secrets Manager secret containing the service account credentials, enabling you to strengthen your security posture by eliminating the need to store plain text credentials in application code or configuration files, and aligning with best practices for credential management. Additionally, you can use AWS Secrets Manager to rotate your Active Directory credentials and consume them when needed in FSx workloads. You can now use AWS Secrets Manager to store your domain join service credentials for all FSx for Windows file systems and FSx for ONTAP Storage Virtual Machines in all AWS Regions where they are available. For more information, see Amazon FSx for Windows File Server documentation and Amazon FSx for NetApp ONTAP documentation.

🆕 Amazon FSx now integrates with AWS Secrets Manager for secure Active Directory credentials management, eliminating plain text storage in code, and enabling automatic rotation for FSx for Windows and ONTAP SVMs.

#AWS #AmazonFsxNetappOntap #AmazonFsxForWindowsFileServer

Amazon Connect now supports configuration of email address aliases Amazon Connect now lets you configure aliases for email addresses, so customers see trusted identities when sending or receiving messages, helping maintain a consistent brand experience and simplify email management. For example, when forwarding a customer-facing address such as support@company.com to an address in Amazon Connect, you can configure an alias to ensure customers continue to see support@company.com as the sender. Amazon Connect Email is available in the US East (N. Virginia), US West (Oregon), Africa (Cape Town), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), and Europe (London) regions. To learn more and get started, please refer to the help documentation, pricing page, or visit the Amazon Connect website.

🆕 Amazon Connect now supports email aliases for consistent branding and simplified email management, forwarding customer-facing addresses like support@company.com. Available in multiple regions. For details, visit the Amazon Connect website or help documentation.

#AWS #AmazonConnect

Announcing New EC2 R8a Memory-Optimized Instances AWS is announcing the general availability of new memory-optimized Amazon EC2 R8a instances. R8a instances, feature 5th Gen AMD EPYC processors (formerly code named Turin) with a maximum frequency of 4.5 GHz, deliver up to 30% higher performance, and up to 19% better price-performance compared to R7a instances. R8a instances deliver 45% more memory bandwidth compared to R7a instances, making these instances ideal for latency sensitive workloads. Compared to Amazon EC2 R7a instances, R8a instances provide up to 60% faster performance for GroovyJVM, allowing higher request throughput and better response times for business-critical applications. Built on the AWS Nitro System using sixth generation Nitro Cards, R8a instances are ideal for high performance, memory-intensive workloads, such as SQL and NoSQL databases, distributed web scale in-memory caches, in-memory databases, real-time big data analytics, and Electronic Design Automation (EDA) applications. R8a instances offer 12 sizes including 2 bare metal sizes. Amazon EC2 R8a instances are SAP-certified, and providing 38% more SAPS compared to R7a instances. R8a instances are available in the following AWS Regions: US East (N. Virginia), US East (Ohio), and US West (Oregon) regions. To get started, sign in to the AWS Management Console. Customers can purchase these instances via Savings Plans, On-Demand instances, and Spot instances. For more information visit the Amazon EC2 R8a instance page.

🆕 AWS releases R8a EC2 instances with AMD EPYC processors, providing up to 30% better performance and 19% better price-performance than R7a, ideal for memory-intensive tasks. Available in US East and West regions.

#AWS #AmazonEc2

Amazon CloudWatch Application Signals adds AI-powered Synthetics debugging Amazon CloudWatch Application Signals Model Context Protocol or MCP Server for Application Performance Monitoring (APM) now integrates CloudWatch Synthetics canary monitoring directly into its audit framework, enabling automated, AI-powered debugging of synthetic monitoring failures. DevOps teams and developers can now use natural language questions like 'Why is my checkout canary failing?' in compatible AI assistants such as Amazon Q, Claude, or other supported assistants to utilize the new AI-powered debugged capabilities and quickly distinguish between canary infrastructure issues and actual service problems, addressing the significant challenge of extensive manual analysis in maintaining reliable synthetic monitoring. The integration extends Application Signals' existing multi-signal (services, operations, SLOs, golden signals) analysis capabilities to include comprehensive canary diagnostics. The new feature automatically correlates canary failures with service health metrics, traces, and dependencies through an intelligent audit pipeline. Starting from natural language prompts from users, the system performs multi-layered diagnostic analysis across six major areas: Network Issues, Authentication Failures, Performance Problems, Script Errors, Infrastructure Issues, and Service Dependencies. This analysis includes automated comparison of HTTP Archive or HAR files, CloudWatch logs analysis, S3 artifact examination, and configuration validation, significantly reducing the time needed to identify and resolve synthetic monitoring issues. Customers can then access these insights through natural language interactions with supported AI assistants. This feature is available in all commercial AWS regions where Amazon CloudWatch Synthetics is offered. Customers will need access to a compatible AI agent such as Amazon Q, Claude, or other supported AI assistants to utilize the AI-powered debugging capabilities. To learn more about implementing AI-based debugging for your synthetic monitoring, visit the CloudWatch Application Signals MCP Server documentation.

🆕 Amazon CloudWatch Application Signals adds AI-powered Synthetics debugging, automating diagnostics for synthetic monitoring failures, correlating canary issues with service metrics, and cutting manual analysis time. Available in all commercial AWS regions.

#AWS #AmazonCloudwatch

AWS Cloud WAN is now available in three more AWS Regions Starting today, AWS Cloud WAN is available in the AWS Asia Pacific (Thailand), AWS Asia Pacific (Taipei) and AWS Asia Pacific (New Zealand) Regions. With AWS Cloud WAN, you can use a central dashboard and network policies to create a global network that spans multiple locations and networks, removing the need to configure and manage different networks using different technologies. You can use network policies to specify the Amazon Virtual Private Clouds, AWS Transit Gateways, and on-premises locations you want to connect to using an AWS Site-to-Site VPN, AWS Direct Connect, or third-party software-defined WAN (SD-WAN) products. The AWS Cloud WAN central dashboard generates a comprehensive view of the network to help you monitor network health, security, and performance. In addition, AWS Cloud WAN automatically creates a global network across AWS Regions by using Border Gateway Protocol (BGP) so that you can easily exchange routes worldwide. To learn more, please visit the AWS Cloud WAN product detail page.

🆕 AWS Cloud WAN now available in Asia Pacific (Thailand), Taipei, and New Zealand, offering global network management via a central dashboard, BGP route exchange, and integration with VPCs, Transit Gateways, and SD-WAN.

#AWS #AwsCloudWan

Amazon OpenSearch Serverless now supports FIPS compliant endpoints Amazon OpenSearch Serverless has added support for Federal Information Processing Standards (FIPS) compliant endpoints for Data Plane APIs in US East (N. Virginia), US East (Ohio), Canada (Central), AWS GovCloud (US-East), and AWS GovCloud (US-West). The service now meets the security requirements for cryptographic modules as outlined in Federal Information Processing Standard (FIPS) 140-3. Please refer to the AWS Regional Services List for more information about Amazon OpenSearch Service availability. To learn more about OpenSearch Serverless FIPS, see the documentation.

🆕 Amazon OpenSearch Serverless now supports FIPS 140-3 compliant endpoints in select regions, enhancing security for cryptographic modules and meeting federal standards. For more details, refer to the AWS Regional Services List and documentation.

#AWS #AwsGovcloudUs #AmazonOpensearchService