Week 43 (21 Oct - 27 Oct)

AWS Firewall Manager now supports retrofitting of existing AWS WAF WebACLs

Published Date: 2024-10-25 17:25:00

Starting today, AWS Firewall Manager enables customers to centrally create policies for AWS WAF that add baseline rule sets to existing WAF WebACLs associated with their resources. Security administrators can now use Firewall Manager policies for WAF to insert first and last rule groups or centrally configure a logging destination for existing WebACLs while leaving custom rule sets intact. By enabling the “retrofit“ setting on a Firewall Manager WAF policy, security administrators can centrally define baseline protection that applies to resources protected by WAF while ensuring it is enforced by the WebACLs that are already associated with those resources. This allows customers to rapidly deploy a standard set of WAF rules to all web applications before, during, or after a security event without affecting existing WAF deployments, such as those with application-specific rule sets or infrastructure-as-code (IaC) pipelines. To learn more about the feature, see documentation. For more details on the service and region availability, please visit the service website and AWS Region Table.

AWS now accepts partial card payments

Published Date: 2024-10-25 17:00:00

Today, we are enabling AWS customers who pay with their cards to make partial payments towards their monthly bill. Until now, customers could only pay their entire bill at once, prior to the due date. With partial payments, customers can split the amount due into smaller payments which they can charge on different cards, to accommodate their business needs. This functionality, which would have previously required calling AWS Customer Service, is now available by logging into your Console account. To make partial payments, login to your AWS Billing Console, then go to the Payments section, and select the invoice(s) you want to pay. Next, choose the eligible card you want to use, edit the amount you want to pay, then review and confirm your partial payment. You may use the same process multiple times with other cards. After your bank processes the payments, you are done! We are launching this functionality for credit and debit cards. If you run into any issues, like your card being declined, you can try a different eligible card. You can also contact AWS Customer Service if you need help. To learn more about how to make partial payments with your card, see Making payments in the Billing User Guide.

Announcing increased quotas and improvements to CloudWatch Logs Anomaly Detection and Pattern Analysis

Published Date: 2024-10-25 17:00:00

Amazon CloudWatch is excited to announce improvements to its log pattern analysis and anomaly detection features. First, CloudWatch Logs Insights pattern and diff commands now use named tokens to make the results easier to read. Second, the default quota for Log Anomaly detectors has been increased from 10 to 500 per account. CloudWatch Logs Insights customers use Machine Lowered (ML) powered commands to aggregate logs into patterns, enabling thousands of logs to be condensed to few lines for analysis. Now, the pattern and diff commands make it eaiser to analyze your log data by parsing and naming fields according to the data type. For example, a field containing an ARN values will now be named ARN-1, a field containing an IP address will be named IPV4-1, etc. Using the named patterns, customers can easily identify and inspect common fields that occur in their logs such as Request IDs, HTTP response codes, and more. This feature is now supported in all AWS Regions where CloudWatch Logs Anomaly Detection is available. To get started with the pattern and diff commands, visit the CloudWatch Logs Insights Query Syntax Guide or select “Query help” from within the CloudWatch Log Insights console page. See the documentation to get started with CloudWatch Logs Anomaly Detection.

Amazon Aurora Global Database support for tagging global clusters

Published Date: 2024-10-25 17:00:00

Amazon Aurora Global Database now supports applying tags to your global clusters, enabling you to associate metadata information with your overall Global Database cluster. For instance, you can apply a tag to organize resource costs for your entire Global Database cluster, making it easier to categorize and track your AWS costs. Aurora Global Database allows a single Aurora database to span multiple AWS Regions, providing disaster recovery from Region-wide outages and enabling fast local reads for globally distributed applications. With this launch, you can now apply tags at various levels in your Global Database, including tagging your global cluster, individual primary or secondary clusters, and individual database instances. You can apply tags for these resources using the AWS Management Console, Command Line Interface (CLI), or RDS API. The feature is available in all AWS Regions and for all Aurora MySQL and Aurora PostgreSQL version where Aurora Global Database is available. See our documentation to learn more. Amazon Aurora is designed for unparalleled high performance and availability at a global scale with full MySQL and PostgreSQL compatibility. To get started with Amazon Aurora, take a look at our getting started page. ?

AWS Storage Gateway is now available in AWS Asia Pacific (Malaysia) Region

Published Date: 2024-10-25 17:00:00

AWS Storage Gateway expands availability to the AWS Asia Pacific (Malaysia) Region enabling customers to deploy and manage hybrid cloud storage for their on-premises workloads. AWS Storage Gateway is a hybrid cloud storage service that provides on-premises applications access to virtually unlimited storage in the cloud. You can use AWS Storage Gateway for backing up and archiving data to AWS, providing on-premises file shares backed by cloud storage, and providing on-premises applications low latency access to data in the cloud. Visit the AWS Storage Gateway product page to learn more. Access the AWS Storage Gateway console to get started. To see all the Regions where AWS Storage Gateway is available, please visit the AWS Region table. ?

Amazon RDS for Oracle now supports Oracle Application Express (APEX) Version 24.1

Published Date: 2024-10-24 20:00:00

Amazon Relational Database Service (RDS) for Oracle now supports version 24.1 of Oracle Application Express (APEX) for 19c and 21c versions of Oracle Database. Using APEX, developers can build applications entirely within their web browser. To learn more about the latest features of APEX 24.1, please refer to Oracle’s documentation. For more details on supported APEX versions and how to add or modify APEX options for your RDS for Oracle database, please refer to the Amazon RDS for Oracle APEX Documentation. See Amazon RDS for Oracle Database Pricing for regional availability.

AWS Deadline Cloud now sends Job, Step, and Task related events

Published Date: 2024-10-24 17:00:00

Today, AWS Deadline Cloud announces new event types delivered via Amazon EventBridge that allow you to trigger workflows as your jobs progress and complete. AWS Deadline Cloud is a fully managed service that simplifies render management for teams creating computer-generated 2D/3D graphics and visual effects for films, TV shows, commercials, games, and industrial design. The new events are sent when jobs, steps, and tasks change status, allowing you to build systems that react to job activity. For example, by invoking a Lambda function from these events, you can:

• Publish a notification to Slack when a job fails
• Automatically update a project tracking tool with job progress
• Sync the outputs from a job to another location when jobs succeed

The new events are available in all AWS Regions where Deadline Cloud is available. For more information, please visit the Deadline Cloud product page and the Deadline Cloud User Guide.

AWS announces EFA update for scalability with AI/ML applications

Published Date: 2024-10-24 17:00:00

AWS announces the launch of a new interface type that decouples the Elastic Fabric Adapter (EFA) from the Elastic Network Adapter (ENA). EFA provides high-bandwidth, low-latency networking crucial for scaling AI/ML workloads. The new interface, "EFA-only", allows you to create a standalone EFA device on secondary interfaces. This allows you to scale your compute clusters to run AI/ML applications without straining your private IPv4 address space or encountering IP routing challenges associated with Linux. Previously, each EFA interface was coupled with an ENA device, which consumed an IP address. This could result in a scaling limit for growing AI/ML model training jobs. Linux could also introduce routing challenges when multiple interfaces with private IPs were used, such as packet drops because of source IP mismatch and host name mapping problems. EFA-only interfaces solve these challenges as the EFA device is not assigned an IP address because it uses the Scalable Reliable Datagram (SRD) protocol, which operates over MAC addresses. EFA-only interfaces can only be configured as a secondary interface, with the primary interface being either EFA coupled with ENA or just ENA, since ENA is required for TCP/IP VPC routing. EFA-only is available on all EFA supported instances in all AWS Regions, including the AWS GovCloud (US) Regions and the AWS China Regions. You can enable EFA at no additional cost to run your AI/ML workloads at scale. To learn more, see the EFA documentation. ?

AWS Lambda now supports using a custom serializer with Java runtimes

Published Date: 2024-10-24 17:00:00

AWS Lambda now supports replacing the default Java object serialization library with a customer-defined serializer. This feature is supported in all current Lambda managed runtimes and container base images for Java. The ability to replace the default Java serializer enables customers to adapt their Lambda functions to cases where the incoming event format is not compatible with the default Lambda serializer. For example, to map a JSON event object whose properties are not in camel case such as 'vehicle-type' to a standard camel-cased field in a Java object. This feature is available in all commercial AWS Regions where Lambda is supported, the AWS GovCloud (US) Regions, and the China Regions. For more information, and to get started, see the Lambda documentation. ?

Amazon SES now provides TLS Version for Outgoing Messages within AutoTags

Published Date: 2024-10-24 17:00:00

Today, Amazon Simple Email Service (SES) released a feature which gives customers visibility into the Transport Layer Security (TLS) version used in the messages sent through SES. Customers can track email sending at a granular level by publishing email sending events to various AWS services such as Amazon CloudWatch. Customers can also categorize their emails by using message tags defined in configuration sets. This feature adds a new auto-tag to the existing set of auto-tags that SES automatically applies, in addition to the message tags specified by customers. Previously, SES generated auto-tags such as “ses:source-tls-version” to identify TLS protocol version used by the caller to send the email. However, customers did not have a way to determine the TLS version used by SES to send the email. Now, SES includes the “ses:outgoing-tls-version” auto-tag, which contains the TLS protocol version that SES used to send the email. Customers can leverage this new auto-tag to better understand and monitor the TLS version used when SES sends emails to mailbox providers that do not support the latest versions of TLS. SES supports “ses:outgoing-tls-version” in all AWS regions where Amazon SES is offered. For more information, see the documentation for SES event publishing.

Amazon Redshift Serverless is now available in the AWS GovCloud (US) Regions

Published Date: 2024-10-24 17:00:00

Amazon Redshift Serverless, which allows you to run and scale analytics without having to provision and manage data warehouse clusters, is now generally available in the AWS GovCloud (US) Regions. With Amazon Redshift Serverless, all users, including data analysts, developers, and data scientists, can use Amazon Redshift to get insights from data in seconds. Amazon Redshift Serverless automatically provisions and intelligently scales data warehouse capacity to deliver high performance for all your analytics. You only pay for the compute used for the duration of the workloads on a per-second basis. You can benefit from this simplicity without making any changes to your existing analytics and business intelligence applications. With a few clicks in the AWS Management Console, you can get started with querying data using the Query Editor V2 or your tool of choice with Amazon Redshift Serverless. There is no need to choose node types, node count, workload management, scaling, and other manual configurations. You can create databases, schemas, and tables, and load your own data from Amazon S3, access data using Amazon Redshift data shares, or restore an existing Amazon Redshift provisioned cluster snapshot. With Amazon Redshift Serverless, you can directly query data in open formats, such as Apache Parquet, in Amazon S3 data lakes. Amazon Redshift Serverless provides unified billing for queries on any of these data sources, helping you efficiently monitor and manage costs. To get started, see the Amazon Redshift Serverless feature page, user documentation, and API Reference.

Announcing pro forma budgets integration for AWS Billing Conductor

Published Date: 2024-10-24 17:00:00

Starting today, AWS Billing Conductor (ABC) customers can monitor their pro forma spend and be alerted when exceeding their desired pro forma spending limit. AWS Partners can use the feature to enable their customers to create budgets based on their usage priced at pro forma rates, which reflect the customer’s specific pricing agreement.

The primary account of a billing group can create budgets and budget forecast, for the entire billing group or for a subset of accounts in the billing group. Non-primary accounts in an ABC billing group can create and view proforma budgets for their own accounts. When accounts join a billing group, their existing budgets will start to capture pro forma billing data. When accounts leave a billing group, the budget will start to capture billable billing data.

This release is available in all commercial AWS Regions, excluding the Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD.

To learn more about this feature integration, visit the AWS Billing Conductor product page, or review the User Guide and API Reference. ?

AWS WAF Bot and Fraud Control RuleGroup is now available in 6 additional AWS Regions

Published Date: 2024-10-23 21:20:00

Starting today, you can use AWS WAF Bot and Fraud Control RuleGroup in 6 additional AWS regions: Middle East (UAE), Europe (Spain), Europe (Zurich), Asia Pacific (Hyderabad), AWS Asia Pacific (Melbourne), and Israel (Tel Aviv). With this launch, AWS WAF Bot and Fraud Control is available in all AWS Regions, except Canada West (Calgary), AWS Asia Pacific (Malaysia) Region, the AWS GovCloud (US) Regions and the China Regions. AWS WAF Bot Control and Fraud Control deliver comprehensive security for web applications, APIs, and mobile apps. Bot Control protects against automated bot traffic with easy deployment and configurable actions, ensuring scalable management. Fraud Control focuses on preventing account takeovers and fraudulent account creation, leveraging machine learning to reduce financial losses and enhance user trust. Both solutions integrate seamlessly with AWS WAF, providing real-time visibility and detailed metrics for effective protection and operational efficiency. For more information, visit the AWS WAF page. For more information about pricing, visit the AWS WAF Pricing page.

Amazon Connect now offers screen sharing

Published Date: 2024-10-23 20:00:00

The Amazon Connect screen sharing capability enables agents to quickly gain an understanding of issues and help guide the customer, accelerating resolution and sales, and reducing customer frustration. Agents and end users can leverage screen sharing with Amazon Connect Web and Video calls and pass contextual information to Amazon Connect to personalize the customer experience. Additionally, you can ensure a safe and secure customer experience by restricting screen share to specific web pages. Using the fully managed communication widget, you can add screen sharing to voice and video calling with as little as a single line of code. You can also create a fully custom experience for your customers by leveraging the SDK. Amazon Connect’s screen sharing capabilities are available in US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Seoul), Africa (Cape Town), Canada (Central), Europe (Frankfurt) and Europe (London). To learn more and get started, please refer to the help documentation or visit the Amazon Connect website. To learn more about pricing, please visit the Amazon Connect pricing page.

Research and Engineering Studio on AWS Version 2024.10 now available

Published Date: 2024-10-23 19:59:00

Today we’re excited to announce Research and Engineering Studio (RES) on AWS Version 2024.10. This release adds new features such as virtual desktop instance auto-stop, project level home file systems, file browser availability control, and customizable DCV permissions. Instance auto-stop gives administrators the ability to automatically stop or terminate idle sessions to save costs. Admins can set their own thresholds for how long the session must remain below a certain CPU utilization to be considered idle. Stopped sessions are placed into a Stopped-Idle state where they can be resumed by either a user, admin, or the session’s daily schedule. This release also includes the ability to assign projects their own home file system. Linux virtual desktops can now utilize a project specific file system for their default home directory. Any Amazon Elastic File System (EFS), Amazon FSx for Lustre, or Amazon FSx for NetApp ONTAP onboarded to RES can be used. 2024.10 introduces two new user permissions. First, admins can now toggle file browser access on or off for the entire environment. Second, admins can customize DCV permissions for session owners to allow or disallow functions such as copying and pasting from a virtual session. A subset of these permissions can be used to create profiles to share sessions among users. Find these features in the RES UI under Permission policy. See the regional availability page for the list of regions where RES is available. Check out additional release notes on Github to get started and deploy RES 2024.10.

AWS IAM Identity Center simplifies calls to AWS services with single identity context

Published Date: 2024-10-23 19:33:00

AWS IAM Identity Center now enables the use of a single identity context to propagate the identity of users requesting access to AWS services, simplifying the experience of application developers. Previously, application developers that wanted to enable their applications to use trusted identity propagation, had to call AWS services using two different IAM role sessions – one for services that can authorize access by user; and another for services that only log the user identity for audits. With this release, application developers can call any AWS service using a single IAM role session with sts:identity_context. When an application is configured in a trusted identity propagation use case, AWS services use the identity context to authorize user access. If an AWS service is not part of a trusted identity propagation use case, access to resources continues to be authorized by IAM roles. All AWS services using CloudTrail event version 1.09 and above log IAM Identity Center userId in their service logs and in the OnBehalfOf element of the Amazon CloudTrail logs. IAM Identity Center enables you to connect your existing source of workforce identities to AWS once and access the personalized experiences offered by AWS applications, such as Amazon Q; define and audit user-aware access to data in AWS services, such as Amazon Redshift; and manage access to multiple AWS accounts from a central place. Learn more about IAM Identity Center identity-enhanced role sessions here. The feature is available at no additional cost in all AWS Regions with IAM Identity Center. ?

Amazon MWAA now simplifies interaction with the Airflow REST API

Published Date: 2024-10-23 19:00:00

Amazon Managed Workflows for Apache Airflow (MWAA) now supports a simplified mechanism for interacting with the Apache Airflow REST API using AWS credentials. This feature enables customers to programmatically manage and automate workflows, enhancing ease of use and integration capabilities across their Apache Airflow environments. Amazon MWAA is a managed orchestration service for Apache Airflow that makes it easier to set up and operate end-to-end data pipelines in the cloud. With AWS Signature Version 4 (SigV4) support, customers can now integrate MWAA with other AWS and third-party services, and securely interact with the Airflow REST API using their existing AWS credentials. This feature eliminates the complexity of managing login tokens or cookies, enhancing interactions for automation tools and service integrations. You can launch or upgrade an Apache Airflow environment to start using simplified Airflow REST API with just a few clicks in the AWS Management Console in all currently supported Amazon MWAA regions. To learn more about simplified Airflow REST API, visit the Launch Blog. To learn more about Amazon MWAA visit the Amazon MWAA documentation. Apache, Apache Airflow, and Airflow are either registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. ?

Amazon Managed Service for Apache Flink now supports per second billing

Published Date: 2024-10-23 17:00:00

Amazon Managed Service for Apache Flink is now billed in one-second increments. There is a ten-minute minimum charge per application. Per-second billing is applicable to applications that are newly launched or already running. Amazon Managed Service for Apache Flink makes it easier to transform and analyze streaming data in real time with Apache Flink. Apache Flink is an open source framework and engine for processing data streams. Amazon Managed Service for Apache Flink reduces the complexity of building and managing Apache Flink applications and integrates with Amazon Managed Streaming for Apache Kafka (Amazon MSK), Amazon Kinesis Data Streams, Amazon OpenSearch Service, Amazon DynamoDB streams, Amazon S3, custom integrations, and more using built-in connectors. Create or update an Amazon Managed Service for Apache Flink application in the Amazon Managed Service for Apache Flink console. This capability is available in all AWS regions where Amazon Managed Service for Apache Flink is currently available, excluding China Regions and GovCloud (US) Regions. To learn more, see our documentation.

Amazon Timestream for LiveAnalytics introduces Query Insights

Published Date: 2024-10-23 17:00:00

Today, Amazon Timestream for LiveAnalytics announces the launch of Query Insights, a feature that provides details of your query execution, enabling you to identify areas for improvement to optimize your queries, resulting in improved query performance and lower query costs. Amazon Timestream for LiveAnalytics is a serverless time-series database that automatically scales to ingest and analyze large volumes of time-series data, allowing you to store and process massive amounts of data without worrying about provisioning or managing infrastructure. To maximize the value of your time-series data and enable real-time analytics, optimizing query performance is essential. Query Insights provides detailed information of the pruning efficiency of the query, tables with inefficient pruning, and other query metrics. You can leverage these insights to refine your queries to effectively prune the relevant data, and optimize your data model for your desired query patterns, improving query performance and reducing your query costs. You can enable this feature for your queries in the Timestream console, AWS SDK or CLI and receive insights in the query response, all without requiring additional infrastructure or incurring additional costs. To get started with Query Insights, navigate to the Amazon Timestream console, AWS SDK, or CLI, and start analyzing your query performance today, at no additional cost. The feature is available in all commercial AWS Regions?where Amazon Timestream for LiveAnalytics is available. For more information, visit the Amazon Timestream documentation.

AWS Billing Conductor now supports RI and Savings Plans coverage and utilization reports

Published Date: 2024-10-23 17:00:00

Starting today, AWS Billing Conductor (ABC) customers can view pro forma data in Reservation and Saving Plan coverage and utilization reports. This release allows ABC customers to analyze Reservation and Saving Plans utilization and coverage metrics scoped at the billing group level and reflecting the pro forma pricing rules. AWS Partners can use the feature to enable their customers to view commitment discount application on cost data that reflect the customer’s specific pricing agreement. For billing groups that contain accounts with Reservations or Saving Plan commitments, the billing group primary account can view pro forma coverage and utilization data for all accounts in the billing group. Non-primary accounts in an ABC billing group can view pro forma coverage and utilization for their own account. Organizations should use non-pro forma cost data to drive cost optimization initiatives. Pro forma Reservation and Saving Plans coverage and utilization reports are available in all commercial AWS Regions, excluding the Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD.

To learn more about this feature integration, visit the AWS Billing Conductor product page, or review the User Guide and API Reference.

EC2 Image Builder now supports Apple macOS

Published Date: 2024-10-23 17:00:00

EC2 Image Builder now supports Apple macOS operating system, allowing customers to use macOS as base images for their image pipelines. This capability enables customers to create and manage custom macOS images with the same ease as they do today for supported Windows and Linux distributions. Previously, customers had to manually build their up-to-date macOS images or rely on separate tools, leading to a fragmented image management experience. Now, customers can simply use a macOS image in EC2 Image Builder, customize the image, and easily distribute it to required AWS accounts and regions. EC2 Image Builder supports latest x86 and ARM64 macOS images available for EC2 Mac instances. It provides automatic updates to the latest macOS versions, allowing customers to stay up-to-date and easily move to the latest version of macOS. This addition of macOS operating system enables customers to consolidate their image management processes within EC2 Image Builder. EC2 Image Builder provides these managed images at no additional cost to the customers. Apple macOS managed images are available in all AWS regions that supports EC2 Mac instances. To view the EC2 instance type availability by region, customers can visit the documentation here. For more information on the supported operating systems in EC2 Image Builder, customers can visit EC2 Image Builder documentation. Customers can get started from the EC2 Image Builder Console, CLI, API, CloudFormation, or CDK, and learn more in the EC2 Image Builder documentation. ?

Amazon Connect launches iOS and Android Chat SDKs to support in-app chat experiences

Published Date: 2024-10-23 17:00:00

Amazon Connect Chat now offers SDKs for iOS and Android, allowing you to deliver native in-app chat experiences that improve customer satisfaction and reduce operational costs. These SDKs provide pre-built components for network and session management, along with a sample UX application, streamlining integration and ensuring seamless, resilient in-app chat experiences. Amazon Connect Chat SDK capabilities leverage the same generative AI-powered chatbots, routing, configuration, analytics, and agent experience as calls, tasks, SMS, and web calling in Amazon Connect, making it easier for you to deliver omnichannel experiences. For example, you can offer customers waiting in a call queue the option to switch to in-app chat, reducing wait times and increasing both customer satisfaction and operational efficiency. The Amazon Connect Chat SDKs for iOS and Android are available in all AWS regions where Amazon Connect Chat is available. To get started, see the following resources:

• Admin Documentation
• Amazon Connect Chat SDK for iOS
• Amazon Connect Chat SDK for Android
• Sample App Examples

NVIDIA GPU Time-slicing Now Available for Bottlerocket to Enhance AI/ML Workload Efficiency

Published Date: 2024-10-23 17:00:00

Today, AWS has announced the introduction of NVIDIA GPU Time-slicing support for Bottlerocket, the Linux-based operating system purpose-built for hosting containers, with a focus on security, minimal footprint, and safe updates. This new feature addresses the challenge of maximizing GPU utilization in multi-tenant and resource-constrained environments by enabling more efficient GPU resource sharing for Artificial Intelligence/Machine Learning (AI/ML) workloads running on containers. By dividing the GPU's processing time into smaller intervals or “slices,” Bottlerocket's support of Time-slicing allows multiple tasks to access a single GPU concurrently. This enables Bottlerocket customers to run multiple AI/ML models on a single GPU, improving GPU utilization and allowing them to scale their workloads more effectively. GPU Time-slicing on Bottlerocket is now available in all commercial and AWS GovCloud (US) Regions. To learn more about Bottlerocket's GPU Time-slicing feature, please visit the Bottlerocket developer website.

AWS Mainframe Modernization introduces new integrations for managed runtimes

Published Date: 2024-10-22 21:00:00

We are excited to announce that the AWS Mainframe Modernization service now offers new integrations that provide greater flexibility of managed runtime environments running modernized mainframe applications. The new capabilities include new integrations with LDAP, LRS print and output management, AWS Health events, and support for Amazon EC2 M7i instances. For applications modernized using AWS Mainframe Modernization Replatform with Micro Focus and running on managed runtime environments, customers now have additional integration options. They can configure the managed runtimes to integrate with LRS VPSX Enterprise for centralized, scalable print and output management. Furthermore, application-level security can now be enhanced with LDAP/AD authorization support, enabling granular security controls when accessing application resources. With managed runtime environments now supporting the latest EC2 M7i instance types, customers benefit from improved performance and cost efficiency as they migrate mainframe applications to the cloud. Additionally, they integrate with AWS Health, enabling operational event monitoring and enhanced visibility into modernized mainframe workloads running on AWS. The new capabilities are available in any AWS Region where AWS Mainframe Modernization managed runtime is already deployed. To learn more, please visit AWS Mainframe Modernization product and documentation pages.

Announcing the new Resiliency widget on myApplications

Published Date: 2024-10-22 18:56:00

Today, we are excited to announce the launch of the new Resiliency widget on myApplications, providing enhanced visibility and proactive control over the resilience posture for each application in myApplications. Using the new Resiliency widget, you can start a resilience assessment directly from the myApplications dashboard. AWS Resilience Hub will automatically create an application based on the constructs defined in myApplications, eliminating the need for manual replication. It will then assess the application against a predefined policy and publish the results. The Resiliency widget provides the most recent, actionable insights into the application's resilience, potential vulnerabilities, and recommended actions for improvement. You can access the full capabilities of AWS Resilience Hub with a single click to view more details. You can access the Resiliency widget on myApplications by signing into the AWS Management Console. To learn more about AWS Resilience Hub, visit the product page or technical documentation. To learn more about myApplications, visit the feature documentation. ?

Amazon EKS now supports Amazon Application Recovery Controller (ARC)

Published Date: 2024-10-22 18:55:00

Amazon Elastic Kubernetes Service (Amazon EKS) now supports Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift. ARC helps you manage and coordinate recovery for your applications across AWS Regions and Availability Zones (AZs). With EKS support for ARC zonal shift and zonal autoshift, you can better maintain Kubernetes application availability by automating the process of shifting in-cluster network traffic away from an impaired AZ. Customers increasingly deploy highly available applications in Amazon EKS across multiple AZs to eliminate a single point of failure. If you’re running multi-AZ applications in EKS, you can now quickly shift application traffic away from an impaired AZ in your cluster. With zonal shift, you can temporarily mitigate issues and incidents by triggering a shift and redirecting in-cluster network traffic to a healthy AZ. For a fully automated experience, you can authorize AWS to manage this shift on your behalf using zonal autoshift. With zonal autoshift, you can configure practice runs to test that your cluster environment functions as expected with one less AZ. To get started, you can enable zonal shift using the Amazon EKS Console, the AWS CLI, CloudFormation or eksctl. Once enabled, you can manage zonal shifts or zonal autoshifts using the ARC Console, the AWS CLI, or the Zonal Shift and Zonal Autoshift APIs. EKS support for ARC zonal shift and zonal autoshift is available in all commercial AWS Regions, excluding the AWS GovCloud (US) Regions. To get started, visit our documentation.

Amazon Redshift launches query profiler for enhanced query monitoring and diagnostics

Published Date: 2024-10-22 17:00:00

Amazon Redshift introduces query profiler for enhanced query visibility and troubleshooting. The query profiler is a feature in the AWS console that provides a visual and graphical representation of query execution plans and statistics, letting you easily monitor, analyze, and troubleshoot query performance without the need for manual analysis of system tables and logs. Enhanced query profiling in Amazon Redshift expands the current capabilities in the AWS console that let you monitor both running and completed queries. With the new query profiler, you can now further introspect your queries and review execution plans to discover query performance bottlenecks. The query profiler uses data from system views like SYS_QUERY_DETAIL to include performance metrics that help you optimize queries, including execution time, total input/output rows, and bytes read/written for each step of the query. The query profiler capability is now generally available for both Amazon Redshift Serverless and Amazon Redshift provisioned data warehouses in all AWS commercial and the AWS GovCloud (US) Regions where Amazon Redshift is available. To get started and learn more about using the query profiler, visit the Amazon Redshift database developer guide. ?

Anthropic’s upgraded Claude 3.5 Sonnet model and computer use now in Amazon Bedrock

Published Date: 2024-10-22 17:00:00

Anthropic’s upgraded Claude 3.5 Sonnet model is now available in Amazon Bedrock. According to Anthropic, the model delivers across-the-board improvements over its predecessor, with significant gains in coding—an area where it already led the field. The upgraded Claude 3.5 Sonnet model shows wide-ranging improvements on industry benchmarks. On coding the model improves performance on SWE-bench Verified from 33% to 49%, scoring higher than all publicly available models, according to Anthropic. It also improves performance on TAU-bench, an agentic tool use task, from 62.6% to 69.2% in the retail domain, and from 36.0% to 46.0% in the airline domain. The new Claude 3.5 Sonnet offers these advancements at the same price of its predecessor. Additionally, Claude 3.5 Sonnet now offers computer use capabilities in Amazon Bedrock in a public beta, allowing Claude to perceive and interact with computer interfaces. Developers can direct Claude to use computers the way people do—by looking at a screen, moving a cursor, clicking buttons, and typing text. Given this technology is early, developers are encouraged to explore lower-risk tasks. The upgraded Claude 3.5 Sonnet model is now available in Amazon Bedrock in the US West (Oregon) Region.?Computer use is now available in public beta. To learn more, read the AWS News launch blog, Claude in Amazon Bedrock product page, and documentation. To get started with Claude, visit the Amazon Bedrock console.

Amazon Aurora launches Global Database writer endpoint

Published Date: 2024-10-22 17:00:00

Amazon Aurora now supports a Global Database writer endpoint. This highly available and fully managed endpoint simplifies routing for your applications and eliminates the need to make application code changes to establish connectivity after initiating a cross-region Global Database Switchover or Failover operation. With Global Database, a single Aurora cluster can span multiple AWS Regions, providing disaster recovery from Region-wide outages and enabling fast local reads for globally distributed applications. The new Global Database writer endpoint automatically updates to point to the current writer instance in your global cluster. This eliminates the need to modify your application code or configuration after you initiate a cross-region failover or switchover to change the location of the primary cluster in your Global Database. The endpoint is created automatically for your global clusters and can be found on the AWS Management Console, or using the RDS CLI or API. The feature is available in all AWS Regions where Aurora Global Database is available. See our documentation to learn more. Amazon Aurora combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open-source databases. To get started with Amazon Aurora, take a look at our getting started page. ?

Amazon Application Recovery Controller zonal shift and zonal autoshift extends support for two new multi-AZ resources

Published Date: 2024-10-22 17:00:00

Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift have expanded their capabilities and now support Amazon Elastic Kubernetes Service (Amazon EKS) and Network Load Balancers (NLB) with cross-zone configuration enabled. ARC zonal shift helps customers quickly recover an unhealthy application in an Availability Zone (AZ), and reduce the duration and severity of impact to the application due to events such as power outages and hardware or software failures. ARC zonal autoshift safely and automatically shifts an application’s traffic away from an AZ when AWS identifies a potential failure affecting that AZ. All NLB customers can now shift traffic away from an AZ in the event of a failure. Zonal shift works with NLB by blocking all traffic to targets in an impaired AZ and removing the zonal IP from DNS responses while it is active. You can enable NLBs for zonal shift using the NLB console or API. Amazon EKS customers can now shift traffic away from an AZ in the event of a failure. Zonal shift works with Amazon EKS by shifting in-cluster traffic to healthy AZs and ensuring Pods aren’t scheduled in the impaired AZ. You can enable EKS clusters for zonal shift using the EKS console or API. You can start a zonal shift or enable Zonal autoshift in the ARC console for EKS and NLB resources. There is no additional charge for using zonal shift or zonal autoshift. See the AWS Regional Services List for the most up-to-date availability information. ?

Enhanced Monitoring for applications hosted on Amazon ECS via Application Signals

Published Date: 2024-10-22 17:00:00

Today, AWS announces enhanced monitoring for applications hosted in Amazon ECS with Amazon CloudWatch Application Signals, an application performance monitoring (APM) feature in CloudWatch, that makes it easy to automatically instrument and track application performance against their most important business or service level objectives (SLOs). With no manual effort or custom code required, Application Signals’ support for ECS already offered service operators a pre-built, standardized dashboard showcasing essential application performance metrics—volume, availability, latency, faults, and errors—for each application. In this launch, it further enhances this visibility by adding infrastructure metrics correlation for ECS, alongside existing traces and logs correlation, enabling a more complete view of application health. By correlating telemetry across application metrics, traces, logs, real-user monitoring, synthetic monitoring and infrastructure metrics, Application Signals enables customers to speed up troubleshooting and reduce application disruptions. For example, an application developer managing a payment processing application can begin their investigation with Application Signals to detect any spikes in payment processing latency. From there, they can delve into infrastructure metrics through ECS Container Insights, enabling them to determine if the issue is linked to specific ECS tasks, such as high CPU usage or memory shortage. Application Signals enhancements for ECS is available in 28 commercial AWS Regions, except, CA West (Calgary) Region, AWS GovCloud (US) Regions and China Regions. For pricing, see Amazon CloudWatch pricing. To learn more, see documentation to enable Amazon CloudWatch Application Signals on your applications hosted in Amazon ECS. To try Application Signals on a sample application hosted on ECS follow these instructions.

Amazon EKS endpoints now support connectivity over Internet Protocol version 6 (IPv6)

Published Date: 2024-10-22 17:00:00

Amazon EKS introduces dual stack support for the EKS management API endpoint and the Kubernetes API server endpoint in IPv6 EKS clusters, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual stack support is also available when the EKS management API endpoint is privately accessed from your Amazon Virtual Private Cloud (VPC) using AWS PrivateLink. Dual stack endpoints are made available on a new AWS DNS domain name. The existing EKS management API endpoints are maintained for backwards compatibility reasons. The urgency to transition to Internet Protocol version 6 (IPv6) is driven by the continued growth of internet, which is exhausting available Internet Protocol version 4 (IPv4) addresses. With simultaneous support for both IPv4 and IPv6 clients on EKS endpoints, you are able to gradually transition from IPv4 to IPv6 based systems and applications, without needing to switch all over at once. This enables you to meet IPv6 compliance requirements and removes the need for expensive networking equipment to handle the address translation between IPv4 and IPv6. This launch only affects EKS managed endpoints and does not change the behavior of pod networking. To understand how EKS supports IPv6 connectivity in pods, refer to this blog. There is no additional charge when you connect to EKS endpoints using Internet Protocol Version 6 (IPv6) clients. To learn more, see EKS user guide.

Gain deeper insights into Amazon Q Business with new analytics and conversation insights

Published Date: 2024-10-22 17:00:00

Amazon Q Business now offers an analytics dashboard and integration with Amazon CloudWatch Logs, providing comprehensive insights into the usage of your Amazon Q Business application environments and Amazon Q Apps. The new analytics dashboard in the Amazon Q Business console offers insights through interactive charts and visualizations, enabling administrators to monitor key metrics such as usage trends, user conversations, query trends, and user feedback. Additionally, user chat conversation and feedback information is now available in Amazon CloudWatch Logs, Amazon S3 and Amazon Data Firehouse, allowing you to ingest and analyze this data to build custom dashboards if needed. These new features empower administrators to monitor, analyze, and optimize Amazon Q Business for their users. The analytics dashboard provides at-a-glance visibility into performance metrics, while the Amazon CloudWatch Logs integration enables in-depth analysis of conversation data and user feedback. Whether you need to track usage patterns, identify areas for improvement, or gain deeper insights into user interactions, these capabilities offer valuable tools for enhancing your Amazon Q Business experience. The new analytics dashboard and Amazon CloudWatch Logs integration for Amazon Q Business are now available in all AWS Regions where Amazon Q Business is available. To learn more, visit the Amazon Q Business documentation, or activate your analytics dashboard to start leveraging these powerful insights. ?

AWS Lambda console now features a new code editor based on Code-OSS (VS Code - Open Source)

Published Date: 2024-10-22 17:00:00

Today, AWS Lambda announces the launch of a new code editing experience in the Lambda console based on Code-OSS (VS Code – Open Source). This integration brings new interface and productivity features directly into the Lambda console, giving customers a more intuitive coding environment when building serverless applications. The new Code-OSS (VS Code – Open Source) based code editor on console offers a similar layout to the desktop version of the editor and includes features such as the command palette and quick search. Developers can apply preferred themes and personalize their settings, mirroring their local development environment setup. Additionally, this new editor allows customers to enable an Amazon Q Developer extension for real-time code suggestions and insights to help boost productivity. Developers can also view their function code and test results simultaneously, streamlining the development and debugging workflow. The new code editor is available in all AWS Regions where Lambda is available. To learn more about the new editing experience based on Code-OSS (VS Code – Open Source), visit the compute blog.

Amazon OpenSearch Serverless now available in the AWS GovCloud (US-East) Region

Published Date: 2024-10-22 17:00:00

We are excited to announce that Amazon OpenSearch Serverless is expanding its availability to the AWS GovCloud (US-East) Region. OpenSearch Serverless is a serverless deployment option for Amazon OpenSearch Service that makes it simple to run search and analytics workloads without the complexities of infrastructure management. OpenSearch Serverless’ compute capacity used for data ingestion, search, and query is measured in OpenSearch Compute Units (OCUs). The support for OpenSearch Serverless is now available in 17 regions globally: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe West (Paris), Europe West (London), Asia Pacific South (Mumbai), South America (Sao Paulo), Canada Central (Montreal), Asia Pacific (Seoul). Europe (Zurich), AWS GovCloud (US-West), and AWS GovCloud (US-East). Please refer to the AWS Regional Services List for more information about Amazon OpenSearch Service availability. To learn more about OpenSearch Serverless, see the documentation. ?

AWS DMS now supports homogeneous migrations via CLI, SDK and API

Published Date: 2024-10-22 17:00:00

AWS Database Migration Service (DMS) announces the general availability of CLI, SDK and API support for homogeneous data migrations. This launch enables programmatic migration or replication of your self-managed MySQL, PostgreSQL, MariaDB, or MongoDB databases from on-premises or Amazon EC2 sources, to equivalent targets on Amazon Relational Database Service (RDS), Amazon Aurora, or Amazon DocumentDB. Homogeneous data migrations provide easy and performant like-to-like migrations with minimal downtime and zero data loss. Using the AWS API, AWS CLI or AWS SDK you can initiate fully automated homogeneous migrations or replications including all data types, secondary objects, and partitions. This feature is serverless, so there is no need to manage replication instances. Homogeneous data migrations are generally available in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), Canada West (Calgary), South America (S?o Paulo), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Osaka), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Jakarta), Asia Pacific (Melbourne), Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Hyderabad, Europe (Frankfurt), Europe (Zurich), Europe (Stockholm), Europe (Ireland), Europe (London), Europe (Paris), Europe (Milan), Europe (Spain), Middle East (UAE), Middle East (Bahrain), Israel (Tel Aviv), and Africa (Cape Town). See AWS DMS homogeneous data migrations to learn more.

Streamlined SAP application management with AWS Launch Wizard and AWS Systems Manager integration

Published Date: 2024-10-21 18:00:00

AWS Launch Wizard for SAP now offers deeper integration with AWS Systems Manager for SAP, simplifying management and operations of your SAP applications on AWS. Now, you can register your SAP application to AWS Systems Manager and schedule managed backups with AWS Backup for SAP HANA, during the deployment process using Launch Wizard. With this launch, customers can register their SAP HANA database and NetWeaver applications with AWS Systems Manager for SAP which enables out of the box management features such as managed backups with AWS Backup for SAP HANA and graceful start/stop of SAP HANA. Customers can also view the onboarding status of your SAP deployments in the List Deployments page of AWS Launch Wizard for SAP and navigate to Application Manager for SAP to perform management tasks from the Launch Wizard console. This launch supports deployments of SAP HANA standalone, and SAP NetWeaver on HANA, both on single node and highly available patterns. Supported software stacks for NetWeaver on HANA deployments include S/4HANA, S/4HANA Foundation, NetWeaver 7.5X, and BW/4HANA. This feature is available in all commercial AWS Regions where Launch Wizard, Systems Manger for SAP, and AWS Backup mutually operate. To learn more, visit the Launch Wizard Page. To get started, check out the Launch Wizard User Guide.

AWS announces a seamless link experience for the AWS Console Mobile App

Published Date: 2024-10-21 18:00:00

Amazon Web Services (AWS) is announcing a seamless link experience for the AWS Console Mobile Application. Links to AWS services and resources can now be opened in the AWS Console Mobile App when customers have the app installed on their mobile device. Now, AWS customers who are on-the-go can open links to AWS services and resources from sources like email and chat in the AWS Console Mobile Application. Customers benefit from the AWS Console Mobile Application's biometric authentication (sign-in), and mobile optimized customer experience. Links to AWS services or resources not available natively, are accessible via an in-app browser where customers are deep linked to the relevant pages without additional authentication, manual navigation, or need to switch from the app to a browser. The Console Mobile Application lets users view and manage a select set of resources to stay informed and connected with their AWS resources while on-the-go. The sign in process supports device password managers and biometrics authentication, making access to AWS resources simple, secure, and quick. Visit the product page for more information about the Console Mobile App.

Amazon Bedrock Custom Model Import now generally available

Published Date: 2024-10-21 17:00:00

Today, AWS announces the general availability of Custom Model Import, which allows customers to import and use their customized models alongside existing foundation models via a single, unified API. You can now import custom weights for a variety of supported model architectures (such as Meta Llama 3.2 and Mixtral 8x7B) without the overhead of model lifecycle and infrastructure management. Now, customers can access their imported custom models in an on-demand serverless manner without having to manage instances. They can accelerate generative AI application development by integrating their imported custom models seamlessly with native Bedrock tools and features like Agents, Knowledge Bases, Guardrails, Prompt Flows, and more. Amazon Bedrock Custom Model Import is generally available in the US-East (N. Virginia) and US-West (Oregon) AWS regions. You can get started by initiating the model import workflow in the custom models page of the Amazon Bedrock console. To learn more read the AWS Machine Learning Blog, Bedrock Custom Model Import page, or visit the documentation page. ?

RDS Custom for SQL Server now supports Windows Authentication

Published Date: 2024-10-21 17:00:00

Amazon RDS Custom for SQL Server now supports Windows Authentication, allowing you to use your existing Active Directory to manage access to your RDS Custom databases. This feature provides flexibility, as you can join your RDS Custom for SQL Server DB instance to either an AWS Managed Microsoft Active Directory (AD) or a AD managed by customers. With AWS Managed Microsoft AD and Self-Managed AD domains, you can use both Kerberos and NTLM authentication protocols to connect to your RDS Custom instance. This enables you to centrally manage user identities and permissions across your on-premises and cloud-based SQL Server environments. RDS Custom for SQL Server is a managed database service that gives you the flexibility to customize the underlying operating system and install your own SQL Server software. The new Windows Authentication feature allows you to create SQL Server logins for your Active Directory users and groups, providing a familiar authentication experience for your domain-joined applications and users. This helps simplify identity management and ensures consistent security controls across your hybrid database deployments. The Windows Authentication capability for RDS Custom for SQL Server is available in all commercial AWS Regions where RDS Custom is offered. To get started, you can use the AWS Directory Service for Microsoft Active Directory or your own Self-Managed AD to set up the domain and connect it to your RDS Custom instance. To learn more, see the documentation on Setting Windows Authentication for RDS Custom for SQL Server instances. ?

AWS Control Tower is now available in AWS Asia Pacific (Malaysia) Region

Published Date: 2024-10-21 17:00:00

Starting today, customers can use AWS Control Tower in the AWS Asia Pacific (Malaysia) Region. With this launch, AWS Control Tower is available in 30 AWS Regions and the AWS GovCloud (US) Regions. AWS Control Tower offers the easiest way to set up and govern a secure, multi-account AWS environment. It simplifies AWS experiences by orchestrating multiple AWS services on your behalf while maintaining the security and compliance needs of your organization. You can set up a multi-account AWS environment within 30 minutes or less, govern new or existing account configurations, gain visibility into compliance status, and enforce controls at scale. If you are new to AWS Control Tower, you can launch it today in any of the supported regions, and you can use AWS Control Tower to build and govern your multi-account environment in all supported Regions. If you are already using AWS Control Tower and you want to extend its governance features to the newly supported regions in your accounts, you can go to the settings page in your AWS Control Tower dashboard, select your regions, and then update your landing zone. You must then update all accounts that are governed by AWS Control Tower, then your entire landing zone, all accounts, and OUs will be under governance in the new region(s). For a full list of Regions where AWS Control Tower is available, see the AWS Region Table. To learn more, visit the AWS Control Tower homepage or see the AWS Control Tower User Guide. ?