aws.amazon.com

Starting today, you can enable Route 53 Resolver DNS Firewall Advanced to monitor and block queries associated with Dictionary-based Domain Generation Algorithm (DGA) attacks, that generate domain names by pseudo-randomly concatenating words from a predefined dictionary, creating human-readable strings to evade detection. Route 53 DNS Firewall Advanced is an offering on Route 53 DNS Firewall that enables you to enforce protections to monitor and block your DNS traffic in real-time based on anomalies identified in the domain names being queried from your VPCs. These include protections for DNS tunneling and DGA attacks. With this launch, you can also enforce protections for Dictionary-based DGA attacks, which is a variant of the DGA attack, where domain names are generated to mimic and blend with legitimate domain names, to resist detection. To get started, you can configure one or multiple DNS Firewall Advanced rule(s), specifying Dictionary DGA as the threat to be inspecte

Amazon WorkSpaces Applications now offers enhanced flexibility features that provide customers with more choices for compute and configurable storage volume. Customers can also import their custom EC2 AMIs to create Amazon WorkSpaces images. These new capabilities help customers better match resources to their specific application requirements while optimizing costs. The service now includes 100+ additional compute instance types and sizes across all supported instance families, including general purpose, compute optimized, memory optimized, and accelerated options. Customers can also customize storage volumes ranging from 200GB to 500GB, and utilize their own Microsoft Windows Server 2022 AMIs along with their preferred image customization tools. With these enhancements, customers can now match their computing resources to exactly what their applications need while controlling costs effectively. Organizations can choose the right instance type for each use case -

Amazon Web Services (AWS) has expanded the regional availability for Amazon WorkSpaces Applications. Starting today, AWS customers can deploy their applications and desktops in the AWS Europe (Milan), Europe (Spain), Asia Pacific (Malaysia), and Israel (Tel Aviv) Regions and stream them using WorkSpaces Applications. Deploying your applications in a region closer to your end users helps provide a more responsive experience.  Amazon WorkSpaces Applications is a fully managed, secure application streaming service that provides users with instant access to their desktop applications from anywhere. It allows users to stream applications and desktops from AWS to their devices, without requiring them to download, install, or manage any software locally. WorkSpaces Applications manages the AWS resources required to host and run your applications, scales automatically, and provides access to your users on demand. To get started with Amazon WorkSpaces Applications, sig

Amazon Redshift today announces the general availability of write capability to Apache Iceberg tables, enabling users to run analytics read and write queries for append-only workloads on Apache Iceberg tables within Amazon Redshift. Amazon Redshift is a petabyte-scale, enterprise-grade cloud data warehouse service used by tens of thousands of customers. Whether your data is stored in operational data stores, data lakes, streaming engines or within your data warehouse, Amazon Redshift helps you quickly ingest, securely share data, and achieve the best performance at the best price. The Apache Iceberg open table format has been used by many customers to simplify data processing on rapidly expanding and evolving tables stored in data lakes. Customers have been using Amazon Redshift to run queries on data lake tables in various file and table formats, achieving a wide range of scalability across data warehouse and data lake workloa

Starting today, Amazon EC2 M8i and M8i-flex instances are now available in Asia Pacific (Mumbai) Region. These instances are powered by custom Intel Xeon 6 processors, available only on AWS, delivering the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. The M8i and M8i-flex instances offer up to 15% better price-performance, and 2.5x more memory bandwidth compared to previous generation Intel-based instances. They deliver up to 20% better performance than M7i and M7i-flex instances, with even higher gains for specific workloads. The M8i and M8i-flex instances are up to 30% faster for PostgreSQL databases, up to 60% faster for NGINX web applications, and up to 40% faster for AI deep learning recommendation models compared to M7i and M7i-flex instances. M8i-flex are the easiest way to get price performance benefits for a majority of general-purpose workloads like web and application servers, microservices, small and medium data

EC2 Image Builder now supports invoking Lambda functions and executing Step Functions state machine through image workflows. These capabilities enable you to incorporate complex, multi-step workflows and custom validation logic into your image creation process, providing greater flexibility and control over how your images are built and validated. Prior to this launch, customers had to write custom code and implement multi-step workarounds to integrate Lambda or Step Functions within image workflows. This was a cumbersome process that was time-consuming to set up, difficult to maintain, and prone to errors. With these new capabilities, you can now seamlessly invoke Lambda functions to execute custom logic or orchestrate Step Functions state machines for complex, multi-step workflows. This native integration allows you to implement use cases such as custom compliance validation, sending custom notifications, multi-stage security testing —all within your Image Builder workf

Today, AWS announced support for Resolver query logging configurations in Amazon Route 53 Profiles, allowing you to manage Resolver query logging configuration and apply it to multiple VPCs and AWS accounts within your organization. With this enhancement, Amazon Route 53 Profiles simplifies the management of Resolver query logging by streamlining the process of associating logging configurations with VPCs, and without requiring you to manually associate them with each VPC. Route 53 Profiles allows you to create and share Route 53 configurations (private hosted zones, DNS Firewall rule groups, Resolver rules) across multiple VPCs and AWS accounts. Previously, Resolver query logging required you to manually set it up for each VPC in every AWS account. Now, with Route 53 Profiles you can manage your Resolver query logging configurations for your VPCs and AWS accounts, using a single Profile configuration. Profiles support for Resolver query logging configurations reduces the m

Starting today, Amazon EC2 High Memory U7i instances with 12TB of memory (u7i-12tb.224xlarge) are now available in the AWS Europe (Ireland) Region. U7i-12tb instances are part of AWS 7th generation and are powered by custom fourth generation Intel Xeon Scalable Processors (Sapphire Rapids). U7i-12tb instances offer 12TB of DDR5 memory, enabling customers to scale transaction processing throughput in a fast-growing data environment. U7i-12tb instances offer 896 vCPUs, support up to 100Gbps Elastic Block Storage (EBS) for faster data loading and backups, deliver up to 100Gbps of network bandwidth, and support ENA Express. U7i instances are ideal for customers using mission-critical in-memory databases like SAP HANA, Oracle, and SQL Server.. To learn more about U7i instances, visit the High Memory instances page.

Today, AWS announced that you can now designate Amazon EC2 instances running license-included SQL Server as part of a High-Availability (HA) cluster to reduce licensing costs with just a few clicks. This enhancement is particularly valuable for mission-critical SQL Server databases with Always On Availability Groups and/or Always On failover cluster instances. For example, you can save up to 40% of the full HA costs with no performance compromises when running SQL Server HA on two m8i.4xlarge instances with license-included Windows and SQL Server. This feature is available in all commercial AWS Regions. To learn more, see Microsoft SQL Server on Amazon EC2 User Guide or read the blog post

AWS Backup now supports logically air-gapped vaults as a primary backup target. You can assign a logically air-gapped vault as the primary target in backup plans, organization-wide policies, or on-demand backups. Previously, logically air-gapped vaults could only store copies of existing backups. This capability reduces storage costs for customers who want the security and recoverability benefits of logically air-gapped vaults. Organizations wanting those benefits can now back up directly to a logically air-gapped vault without storing multiple backups. Resource types that support full AWS Backup management back up directly to the specified air-gapped vault. For resource types without full management support, AWS Backup creates a temporary snapshot in a standard vault, copies it to the air-gapped vault, then removes the snapshot. This feature is available in all AWS Regions that