aws.amazon.com

AWS announces an official source for AWS API Model definition files and service model packages, providing developers with access to API definitions for all AWS services. We now publish daily updates of these API models to an open-source GitHub repository in Smithy format and also publish these packages to Maven Central. AWS public service models enable developers to take advantage of the same service model definitions that AWS uses for live services. These API models can be pulled into integrated development environments using the new packages available in Maven and can be used for developer tools use cases like mock testing or evolving MCP server needs. By utilizing open source Smithy code generators, you can also generate purpose-built AWS SDKs. The AWS service API models can be found on

Today, AWS announces that AWS Control Tower supports seven new compliance frameworks in Control Catalog. Control Catalog is the central place in AWS for searching and enabling managed controls.In addition to existing frameworks, controls are now mapped to CIS-v8.0, FedRAMP-r4, ISO-IEC-27001:2013-Annex-A, NIST-CSF-v1.1, NIST-SP-800-171-r2, PCI-DSS-v4.0, SSAE-18-SOC-2-Oct-2023. To get started, navigate to the Control Catalog in AWS Control Tower and search for a framework like PCI-DSS-v4.0 to view related controls. This feature helps you meet your compliance requirements faster and with higher confidence. For programmatic access, utilize the new ListControlMappings API to search controls by frameworks, and take advantage of the updated ListControls and GetControl APIs, which now support GovernedResources, to understand the resource types governed by each control. We've also introduced a new classification system to help you better comprehend and manage controls. In a

AWS Key Management Service (KMS) now supports the FIPS 203 Module-Lattice Digital Signature Standard (MLDSA), a quantum-resistant digital signature algorithm designed to help organizations address emerging quantum computing threats. This post-quantum signature algorithm is one of the selected algorithms standardized by NIST to protect sensitive information well into the foreseeable future, including after the advent of cryptographically relevant quantum computers. ML-DSA is particularly valuable for manufacturers and developers who need to protect firmware and application code signing where cryptographic signatures cannot be easily updated after deployment and for organizations that require signatures on digital content to remain valid for several years. The ML-DSA keys integrate with the existing KMS CreateKey and Sign APIs, enabling customers to preserve their established automation processes, IAM and

Today, Amazon Q Developer announced support for Model Context Protocol (MCP) in the integrated development environment (IDE) plugins, enabling developers to utilize external tools to support richer contextual, development workflows. MCP is an open protocol that standardizes how AI models can, in a secure and structured way, access external tools, data sources, and APIs. You can now augment the list of built-in tools with any MCP server that supports the stdio transport layer. MCP servers can be managed within the Q Developer user interface, making it easy to add or remove servers, and modify tool permissions. By extending your IDE, Q Developer is able to provide more customized responses by orchestrating tasks across native and MCP server-based tools. MCP support is available within the Visual Studio Code and JetBrains IDE plugins, and Amazon Q Developer CLI. To get started, visit the

Amazon Virtual Private Cloud IP Address Manager (Amazon VPC IPAM) that makes it easier for you to plan, track, and monitor IP addresses for your AWS workloads, is now available in Asia Pacific (Taipei) Region. Amazon VPC IPAM allows you to easily organize your IP addresses based on your routing and security needs, and set simple business rules to govern IP address assignments. Using VPC IPAM, you can automate IP address assignment to Amazon VPCs and VPC Subnets, eliminating the need to use spreadsheet-based or homegrown IP address planning applications, which can be hard to maintain and time-consuming. With this expansion, Amazon VPC IPAM is available in all AWS Regions, including China (Beijing, operated by Sinnet), and China (Ningxia, operated by NWCD), and th

Amazon Connect Outbound Campaigns now offers new instance-level communication total limit control to give you greater flexibility in configuring how often you want to engage with your customers across multiple campaigns. It also provides the ability to opt out of limit controls for critical campaigns. These new capabilities enable more efficient and targeted customer engagement strategies. The new instance-level total limit setting allows businesses to manage overall outbound communication limits across all campaigns while ensuring compliance with regulations such as the U.S. Telephone Consumer Protection Act (TCPA). This feature provides a centralized approach to managing communication frequency, helping businesses avoid over-contacting customers and potentially improving customer satisfaction. The ability to opt out of these limits for specific campaigns enables critical communications, such as fraud alerts or support during inclement weather, to reach customers when need

Following the announcement of the price reduction for Amazon EC2 NVIDIA GPU-accelerated instances, we are announcing up to 45% price reduction for Amazon SageMaker AI instances to enable more cost-efficient generative AI model development. The price reduction for SageMaker AI instances includes P4 (P4d and P4de) and P5 (P5, P5e and P5en) instance types. This price reduction to On-Demand and Savings Plan pricing applies to all Regions where these instances are available. The pricing reduction applies to On-Demand purchases beginning June 9 and to Savings Plan purch

Amazon EKS Pod Identity now provides a simplified experience for configuring application permissions to access AWS resources in separate accounts. With enhancements to EKS Pod Identity APIs, you can now seamlessly configure access to resources across AWS accounts by providing the resource account’s IAM details during the creation of the Pod Identity association. Your applications running in the EKS cluster automatically receive the required AWS credentials during runtime without requiring any code changes. EKS Pod Identity enables applications in your EKS cluster to access AWS resources across accounts through a process called IAM role chaining. When creating a Pod Identity association, you can provide two IAM roles — an

Today, AWS announces enhanced application layer (L7) DDoS protection capabilities with faster automatic detection and mitigation, designed to respond to events within seconds. AWS WAF application layer (L7) DDoS protection is an AWS Managed Rule group that automatically detects and mitigates DDoS events of any duration to ensure your applications on Amazon CloudFront, Application Load Balancer (ALB) and other AWS services supported by WAF stay available and responsive to your users. This enhancement helps cloud security administrators and site reliability engineers protect applications while reducing the operational overhead of manually configuring and managing rules. This AWS Managed Rule group monitors traffic data to establish a baseline within minutes of activation, then leverages machine learning models to detect anomalies from normal traffic patterns. When traffic deviates from the established baseline, the system automatically applies rules designed to address suspic

Amazon Nova Sonic, a state-of-the-art speech-to-speech foundation model, now supports Spanish language, bringing natural, real-time voice conversations to more users and developers worldwide. This expands on its original support for English, with expressive voices in American and British accents, to now include Spanish with two additional (masculine and feminine-sounding) expressive voices. Nova Sonic unifies speech understanding and speech generation into a single model, to enable human-like voice conversations in AI applications. The novel architecture enables the model to adapt the generated voice response to the acoustic context (e.g., tone, style) and the spoken input, resulting in more natural human-like dialogue. Additionally, Amazon Nova Sonic supports function calling, agentic workflows, and knowledge grounding with enterprise data. To learn more, read the