Tag: Internet

Amazon OpenSearch Service now supports cross-account data access, enabling users to access OpenSearch domains hosted in different AWS accounts from within a single OpenSearch UI application. With this feature, you can query or build dashboard with data from OpenSearch domains across different accounts in the same region - without switching to a new endpoint or replicating data. Cross-account data access is available for OpenSearch domains hosted in both public and Virtual Private Cloud (VPC) configurations. With cross-account data access, teams no longer need to consolidate data into a single account or maintain costly data pipelines to enable unified analysis across organizational boundaries. This makes it easier to build centralized observability, search, and security analytics workflows that span multiple AWS accounts while keeping data in place and maintaining each account's access controls. Cross-account data access supports both IAM (including SAML via IAM federation)

AWS Elastic Beanstalk now provides a Deployments tab in the environment dashboard, giving customers a consolidated view of their deployment history and real-time deployment progress with step-by-step deployment logs. Previously, customers had to wait until a deployment completed before retrieving logs, and then correlate events across multiple sources to understand what happened. With this launch, customers can view deployment status, events, and detailed logs in a single interface directly from the Elastic Beanstalk console, even while a deployment is still in progress. The Deployments tab displays a history of recent deployments for an environment, including application deployments, configuration updates, and environment launches. Each deployment includes a detailed view with deployment events and a new consolidated log that captures each step of the deployment process, including dependency installation, application builds, .ebextensions, platform hooks, and application st

AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately, keeping all traffic within the AWS network. AWS Private CA Connector for SCEP is a managed connector that enables you to use the Simple Certificate Enrollment Protocol (SCEP) to issue certificates from AWS Private Certificate Authority (CA). SCEP is widely used for automated certificate enrollment and renewal for mobile devices, network equipment, and IoT devices. AWS PrivateLink support simplifies network connectivity by eliminating the need for internet gateways, NAT devices, or VPN connections to access your SCEP connector endpoints, while helping you meet compliance requirements that mandate private connectivity for certificate management. AWS PrivateLink support for AWS P

AWS announces the general availability of CDK Mixins, a new feature of the AWS Cloud Development Kit (CDK) that lets you add composable, reusable abstractions to any AWS construct, whether L1, L2, or custom, without rebuilding your existing infrastructure code. CDK Mixins are available through the aws-cdk-lib package and work across all construct types, giving you flexibility to apply the right abstractions where and when you need them. Previously, teams had to choose between immediate access to new AWS features using L1 constructs or the convenience of higher-level abstractions with L2 constructs, often requiring significant rework to meet security, compliance, or operational requirements. CDK Mixins simplify the maintenance of custom construct libraries. CDK Mixins let you apply features like auto-delete, bucket encryption, versioning, and block public access directly to constructs using a simple .with() syntax, combine multiple Mixins into custom L2 constructs, and apply

AWS Glue zero-ETL now supports configurable change data capture (CDC) refresh intervals and on-demand data ingestion for integrations with Amazon DynamoDB as the source. This enhancement can help you to customize how frequently data changes are captured from your Amazon DynamoDB tables, with refresh intervals ranging from 15 minutes to 6 days, and trigger immediate data ingestion when needed. These capabilities bring zero-ETL integrations from Amazon DynamoDB sources to feature parity with zero-ETL integrations from SaaS sources, like Salesforce, SAP, and ServiceNow, ensuring consistent functionality across different source types. With configurable CDC refresh intervals, you can optimize your data pipeline performance by adjusting the frequency of change capture to match your specific business requirements—whether you need near real-time updates every 15 minutes or can work with longer intervals up to 6 days to reduce costs. The on-demand ingestion capability allows you t

Starting today, Amazon EC2 M8i and M8i-flex instances are now available in Europe (Ireland) and Europe (London) Regions. These instances are powered by custom Intel Xeon 6 processors, available only on AWS, delivering the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. The M8i and M8i-flex instances offer up to 15% better price-performance, and 2.5x more memory bandwidth compared to previous generation Intel-based instances. They deliver up to 20% better performance than M7i and M7i-flex instances, with even higher gains for specific workloads. The M8i and M8i-flex instances are up to 30% faster for PostgreSQL databases, up to 60% faster for NGINX web applications, and up to 40% faster for AI deep learning recommendation models compared to M7i and M7i-flex instances. M8i-flex are the easiest way to get price performance benefits for a majority of general-purpose workloads like web and application servers, micros

Amazon Bedrock AgentCore Memory now supports streaming notifications for long-term memory, eliminating the need to poll for changes. Long-term memory extracts insights from agent interactions to deliver personalized experiences in future interactions. Developers now receive push notifications whenever memory records are created or modified. Updates stream directly to Amazon Kinesis each time a memory record is created or modified. This enables developers to trigger downstream workflows, refresh application state, and audit memory updates automatically without writing polling logic or managing refresh intervals. This feature is available in 15 AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (S

AWS announces availability of new bundles powered by Microsoft Windows Server 2025, offered for Amazon WorkSpaces Personal and Amazon WorkSpaces Core. With these bundles, customers can launch Windows Server 2025 WorkSpaces and take advantage of the latest Windows server operating systems features. Customers can run applications such as eligible Microsoft 365 Apps for enterprise that require newer Windows versions. While Windows Server 2016, 2019, and 2022 powered WorkSpaces bundles remain available, the Windows Server 2025 option brings enhanced security and modern capabilities such as Trusted Platform Module 2.0 (TPM 2.0), Unified Extensible Firmware Interface (UEFI) Secure Boot, Secured-core server, Credential Guard and Hypervisor-protected Code Integrity (HVCI) and DNS-over-HTTPS. You can get started using the managed Windows Server 2025 WorkSpaces bundles or create your own custom bundle and image tailored to your requirements. For more information on

You can now create Amazon S3 general purpose buckets in your own reserved namespace, eliminating the need to find globally unique bucket names and making it easier to build workloads that utilize a bucket per customer, team, or dataset. With account regional namespaces, you can create predictable bucket names across multiple AWS Regions with assurance that the names you want will always be available for you to use. Account regional namespaces help simplify bucket creation and management as your data storage needs grow in size and scope. To get started, add the new bucket namespace request header when creating buckets through the CreateBucket API or by updating your AWS CloudFormation templates to include your unique account regional suffix in the requested name. Additionally, cloud security teams can use service control policies (SCP) and IAM policies to enforce that users only create buckets in their account regional namespace, helping teams enforce consistent bucket namin

AWS Backup logically air-gapped vault now supports Amazon EKS. Logically air-gapped vaults are a type of AWS Backup vault that allows secure sharing of backups across accounts and AWS Organizations, supporting direct restore to reduce recovery time from a data loss event. You can now protect your Amazon EKS clusters in logically air-gapped vaults. A logically air-gapped vault stores immutable backup copies that are locked by default, and isolated with encryption using AWS owned keys or customer-managed keys. You can store your Amazon EKS backups in a logically air gapped vault either the same account or across other accounts and Regions. This helps reduce the risk of downtime, ensure business continuity, and meet compliance and disaster recovery requirements. You can get started using the AWS Backup console, API, or CLI. Target Amazon EKS backups to a logically air-gapped vault by specifying it as the primary t