aws.amazon.com

Today, AWS announces support for policy store aliases and named policies and policy templates in Amazon Verified Permissions, simplifying multi-tenant deployments and day-to-day policy management. Amazon Verified Permissions is a fine-grained authorization service that helps you manage and enforce permissions across your applications using Cedar policies. These new capabilities eliminate the need to maintain separate mapping tables for associating tenant identifiers with policy store IDs or tracking individual policy and template IDs. With policy store aliases, multi-tenant application developers can assign a human-readable alias based on a tenant identifier and use it in any API call, removing the need for a lookup table. Similarly, named policies and policy templates let you reference policies by meaningful names instead of system-generated IDs, making it easier to manage authorization logic as your application grows. Amazon Verified Permissions policy store aliase

Amazon WorkSpaces Personal now provides unique, publicly resolvable Domain Name System (DNS) names for each AWS PrivateLink Virtual Private Cloud (VPC) endpoint, enabling enterprise customers to deploy WorkSpaces across multiple AWS VPCs and accounts without DNS resolution conflicts. Each interface VPC endpoint now receives a globally unique AWS-managed DNS name in addition to the previous generic DNS name that was shared across all endpoints. This enhancement enables customers to route traffic appropriately in multi-account environments with centralized DNS infrastructure. Customers can now deploy WorkSpaces Personal directories across different VPCs and AWS accounts while maintaining proper security isolation, eliminating the DNS name collision that previously prevented customers from using separate interface VPC endpoints across accounts. The publicly resolvable DNS names simplify configuration while maintaining security, as they resolve to private IP addresses accessibl

AWS today announced the general availability of Smithy-Java, an open-source Java framework for generating type-safe clients and standalone classes from Smithy models. Smithy-Java addresses one of the most consistently requested capabilities from enterprise Smithy users: production-grade Java SDK generation. The framework allows you to generate clients from models and async patterns that increase cognitive load and maintenance burden for developers building modern Java applications. Built on Java 21's virtual threads, Smithy-Java provides a blocking-style API that is both simpler to use and competitive in performance with complex async alternatives. Key benefits include auto-generated type-safe clients from Smithy, protocol flexibility with runtime protocol swapping for gradual migration paths. The GA release includes the Java client code generator, support for AWS SigV4 and all major AWS protocols (AWS JSON, REST-JSON, REST-XML, AWS Query, and Smithy RPCv2-CBOR), standalone

Customers can now create Amazon FSx for OpenZFS file systems in the AWS Asia Pacific (Melbourne) Region, providing fully managed shared file storage built on the OpenZFS file system. Amazon FSx makes it easier and more cost effective to launch, run, and scale feature-rich, high-performance file systems in the cloud. It supports a wide range of workloads with its reliability, security, scalability, and broad set of capabilities. Amazon FSx for OpenZFS provides fully managed, cost-effective, shared file storage powered by the popular OpenZFS file system, and is designed to deliver sub-millisecond latencies and multi-GB/s throughput along with rich ZFS-powered data management capabilities (like snapshots, data cloning, and compression). To learn more about Amazon FSx for OpenZFS, visit our product page, and see the AWS Region Ta

Amazon Relational Database Service (Amazon RDS) for Oracle now supports Oracle Management Agent (OMA) version 24.1.0.0.v1 for Oracle Enterprise Manager (OEM) Cloud Control 24ai Release 1. OEM 24ai offers web-based tools to monitor and manage your Oracle databases. Amazon RDS for Oracle installs OMA, which communicates with your Oracle Management Service (OMS) to provide monitoring information. Customers running OMS version 24.1 Release 1 or later can now manage databases by installing OMA 24.1.0.0.v1 To enable the version 24.1.0.0.v1 of OMA for OEM 24aiR1 or later, navigate to "Option Groups" in the AWS Management Console and add the "OEM_AGENT" option to a new or existing option group and set AGENT_VERSION to “24.1.0.0.v1”. You will also need to configure option settings including OMS hostname (or IP), port, agent registration password, and minimum TLS version of TLSv1.2 to allow OMA on your Amazon RDS fo

The Apache Spark troubleshooting agent and upgrade agent for Amazon EMR are now available as Kiro powers, bringing one-click access to AI-assisted Spark operations directly in Kiro. With these powers, data engineers can reduce troubleshooting time from hours to minutes and compress Spark version upgrades from months to weeks. When a Spark job fails, the troubleshooting power identifies the root cause by analyzing logs, metrics, and configurations across EMR on EC2 and EMR Serverless, and provides specific code recommendations for PySpark applications. The upgrade power automates Spark version upgrades, such as moving from EMR 6.5 to EMR 7.12, by handling code transformation and dependency resolution through remote validation and data quality comparison on EMR. Both powers connect to Spark agents through MCP Proxy for AWS with IAM role-based authentication, and all actions are recorded in AWS CloudTrail for full auditability.. The Apache Spark troubleshooting and upg

You can now use the AWS Glue Schema Registry, a serverless and free feature of AWS Glue, in the Asia Pacific (Jakarta), Europe (Spain), and Europe (Zurich) regions to validate and control the evolution of streaming data using registered Apache Avro, JSON, and Protobuf schema formats. The Schema Registry acts as a centralized repository for managing data format and structure between decoupled applications in data streaming systems. By using it, you can eliminate data validation logic and cross-team coordination, improve streaming data quality, and reduce downstream application failures. Through Apache-licensed serializers and deserializers, the Schema Registry integrates with C# and Java applications developed for Apache Kafka/Amazon Managed Streaming for Apache Kafka, 

Amazon SageMaker Data Agent now supports interactive charting, SQL analytics on Snowflake data sources, and materialized view management in Amazon SageMaker Unified Studio notebooks. Data Agent now provides a complete analytics workflow that goes beyond code generation, enabling you to explore AWS and external data sources, visualize results, and optimize query performance, all with natural language prompts. You can ask "plot monthly revenue trends by region for 2025" and Data Agent generates an interactive chart directly in your notebook, where you can hover over data points, and modify without writing code. When your analysis spans AWS and Snowflake, you can query Snowflake tables through external connections and join them with your AWS Glue Data Catalog data in a single prompt. Additionally, you can ask "analyze my notebook and suggest which queries would benefit from materialized views" and the agent recommends optimizations based on your query patterns, creates the view

Amazon Bedrock Guardrails now enables centralized enforcement of safety controls across all AWS accounts within an organization through cross-account safeguards. Amazon Bedrock Guardrails offers configurable safeguards that help block up to 88% of harmful multimodal content from both input prompts and model responses, while filtering hallucinated responses from foundation models. Central security teams and administrators can now automatically implement these controls for all foundation model interactions in Amazon Bedrock across their organization, eliminating the operational overhead of manually configuring guardrails for each account. With cross-account safeguards, you can specify a guardrail ID from your management account in a new Amazon Bedrock policy that automatically enforces configured safeguards across all member entities including organizatio

Today, AWS announces the launch of Partner Revenue Measurement integration with AWS Marketplace Metering for Amazon Machine Image (AMI) and Machine Learning (ML) products listed in AWS Marketplace. Partner Revenue Measurement allows Partners to better understand their AWS revenue impact and product consumption patterns. The AWS Marketplace Metering capability automatically measures AWS service consumption when customers purchase and use AMI and ML products via AWS Marketplace. Partners can now gain visibility into how their solutions impact Amazon Elastic Compute Cloud (Amazon EC2) and Amazon SageMaker AI service consumption across partner-managed and customer-managed accounts. This method complements Partner Revenue Measurement’s Resource Tagging and User Agent string capabili