1/28/2025, 12:00:00 AM ~ 1/29/2025, 12:00:00 AM (UTC)
Recent Announcements
Amazon EC2 M7g instances are now available in the AWS Middle East (UAE)
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) M7g instances are available in the AWS Middle East (UAE) region. These instances are powered by AWS Graviton3 processors that provide up to 25% better compute performance compared to AWS Graviton2 processors, and built on top of the the AWS Nitro System, a collection of AWS designed innovations that deliver efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage.\n Amazon EC2 Graviton3 instances also use up to 60% less energy to reduce your cloud carbon footprint for the same performance than comparable EC2 instances. For increased scalability, these instances are available in 9 different instance sizes, including bare metal, and offer up to 30 Gbps networking bandwidth and up to 20 Gbps of bandwidth to the Amazon Elastic Block Store (EBS). To learn more, see Amazon EC2 M7g. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS Management Console.
AWS CodeBuild announces support for project ARN and build ARN IAM condition keys
AWS CodeBuild announces support for codebuild:projectArn and codebuild:buildArn as IAM condition keys. These two new condition keys can be used in IAM policies to restrict the ARN of the project or build that originated the request. Starting today, CodeBuild will automatically add the new codebuild:projectArn and codebuild:buildArn condition keys to the request context of all AWS API calls made within the build. You can use the Condition element in your IAM policy to compare the codebuild:projectArn condition key in the request context with values that you specify in your policy.\n This capability allows you to implement advanced security controls for the AWS API calls originating from within your builds. For example, you can write conditional policies using the new codebuild:projectArn condition key to grant permissions to AWS API calls only if those originate from inside a build for the specified project. This feature is available in all regions where CodeBuild is offered. For more information about the AWS Regions where CodeBuild is available, see the AWS Regions page. To learn more about CodeBuild’s condition keys, please visit our documentation. To learn more about how to get started with CodeBuild, visit the AWS CodeBuild product page.
Amazon EC2 C8g instances now available in AWS Europe (Stockholm)
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C8g instances are available in AWS Europe (Stockholm) region. These instances are powered by AWS Graviton4 processors and deliver up to 30% better performance compared to AWS Graviton3-based instances. Amazon EC2 C8g instances are built for compute-intensive workloads, such as high performance computing (HPC), batch processing, gaming, video encoding, scientific modeling, distributed analytics, CPU-based machine learning (ML) inference, and ad serving. These instances are built on the AWS Nitro System, which offloads CPU virtualization, storage, and networking functions to dedicated hardware and software to enhance the performance and security of your workloads.\n AWS Graviton4-based Amazon EC2 instances deliver the best performance and energy efficiency for a broad range of workloads running on Amazon EC2. These instances offer larger instance sizes with up to 3x more vCPUs and memory compared to Graviton3-based Amazon C7g instances. AWS Graviton4 processors are up to 40% faster for databases, 30% faster for web applications, and 45% faster for large Java applications than AWS Graviton3 processors. C8g instances are available in 12 different instance sizes, including two bare metal sizes. They offer up to 50 Gbps enhanced networking bandwidth and up to 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS). To learn more, see Amazon EC2 C8g Instances. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS Management Console.
AWS DataSync adds support for Kerberos authentication
AWS DataSync now supports Kerberos authentication for self-managed file servers that use the Server Message Block (SMB) network protocol. This update provides enhanced security options for connecting to SMB file servers commonly found in Microsoft Windows environments.\n DataSync is a secure, high-speed data transfer service that simplifies and accelerates moving data over a network. It automates copying files and objects between AWS Storage services, on-premises storage, and other clouds. DataSync uses protocols like SMB to transfer data to and from network storage systems. With this launch, you can configure your DataSync SMB locations to authenticate access to your storage using Kerberos, in addition to existing support for NT LAN Manager (NTLM) authentication. DataSync supports any Kerberos server, such as Microsoft Active Directory, that implements Kerberos protocol version 5. Kerberos authentication is available in all AWS Regions where AWS DataSync is offered. To get started, visit the AWS DataSync console. To learn more, refer to the AWS DataSync documentation.
AWS Amplify now supports using the TypeScript Data client in server-side AWS Lambda functions
AWS Amplify now enables developers to use the Amplify Data client within AWS Lambda functions. This new capability allows you to leverage the same type-safe data operations you use in your frontend applications directly in your Lambda functions, eliminating the need to write raw GraphQL queries.\n The Amplify Data client in Lambda functions brings a consistent data access pattern across your entire application stack. Instead of managing separate GraphQL implementations, you can now use the same familiar client-side syntax to query and mutate data with full TypeScript support. This unified approach reduces development time, minimizes errors, and makes your codebase more maintainable. This feature is now available in all AWS regions where AWS Amplify is supported. To get started, visit the AWS Amplify documentation to learn how to integrate the Amplify Data client in your Lambda functions.
AWS Health now supports Internet Protocol Version 6 (IPv6)
AWS Health customers can now use Internet Protocol version 6 (IPv6) addresses, via our new dual-stack endpoints to view operational issues or planned lifecycle events for all accounts and resources in your organization. The existing Health endpoints supporting IPv4 will remain available for backwards compatibility.\n The urgency to transition to Internet Protocol version 6 (IPv6) is driven by the continued growth of internet, which is exhausting available Internet Protocol version 4 (IPv4) addresses. With simultaneous support for both IPv4 and IPv6 clients on Health endpoints, you are able to gradually transition from IPv4 to IPv6 based systems and applications, without needing to switch all over at once. This enables you to meet IPv6 compliance requirements and removes the need for expensive networking equipment to handle the address translation between IPv4 and IPv6. To learn more on best practices for configuring IPv6 in your environment, visit the whitepaper on IPv6 in AWS. Support for IPv6 on AWS Health is available in all commercial regions. To learn more, please refer to the user guide.
Amazon Redshift announces enhanced default security configurations for new warehouses
Amazon Redshift announces enhanced security defaults to help you adhere to best practices in data security and reduce the risk of potential misconfigurations. These changes include disabling public accessibility, enabling database encryption, and enforcing secure connections by default when creating a new data warehouse.\n The enhanced security defaults bring three key changes: First, public accessibility is disabled by default for all newly created provisioned clusters and clusters restored from snapshots. In this configuration, connections to clusters will only be permitted from client applications within the same Virtual Private Cloud (VPC). Second, database encryption is enabled by default for provisioned clusters. If you don’t specify an AWS KMS key when creating a provisioned cluster, the cluster is now automatically encrypted with an AWS-owned key. Third, Amazon Redshift now enforces secure, encrypted connections by default, a new default parameter group named “default.redshift-2.0” will be introduced for all newly created or restored clusters, with “require_ssl” parameter set to “true” by default. This default change will also apply to new serverless workgroups. Review your data warehouse creation configurations, scripts, and tools to align with the new default settings to avoid any potential disruption. While these security features are enabled by default, you will still have the ability to modify cluster or workgroup settings to change the default behavior. Your existing data warehouses will not be impacted by these security enhancements. These new default changes are implemented in all AWS regions where Amazon Redshift is available. For more information, please refer to our documentation.
Amazon Lex Global Resiliency now supports CloudFormation and existing alias replication
We are excited to announce new capabilities for Amazon Lex Global Resiliency. Building on our existing regional replication framework, we now support existing alias replication and CloudFormation for enabling bot replication. These new features enhance the existing automation that synchronizes your Lex V2 bots, associated resources, versions, and aliases to paired AWS regions in near real-time, while maintaining hot standby resources for immediate failover or an active-active setup.\n For contact center customers, this update streamlines disaster recovery by automatically keeping regional configurations in sync. The feature preserves existing alias ARNs during replication and removes the need to update contact flows in multiple places when modifying your bots. With support across the console, CLI, CDK, and CloudFormation, implementing robust disaster recovery solutions is more streamlined than ever. Global Resiliency for Amazon Lex is available in the following AWS region pairs: us-east-1 (N. Virginia)/us-west-2 (Oregon), and eu-west-2 (London)/eu-central-1 (Frankfurt). To get started with these new capabilities, contact your Amazon Connect Solutions Architect or Technical Account Manager. Visit the Amazon Lex Global Resiliency documentation to learn more about implementing Global Resiliency for your Lex bots.
YouTube
AWS Developer Live Show (Japanese)
AWS Black Belt Online Seminar (Japanese)
- AWS Transit Gateway Deep Dive [AWS Black Belt]
- AWS Entity Resolution [AWS Black Belt]
- PrivateLink and Lattice - Amazon VPC Lattice Service Edition [AWS Black Belt]
- AWS MGN: An introduction to useful features that make it easy to plan and execute large-scale migrations [AWS Black Belt]
AWS Blogs
AWS Japan Blog (Japanese)
- Extend SaaS functionality across AWS accounts using AWS PrivateLink’s VPC resource support
- Tokio Marine & Nichido Systems, Inc.’s AWS-Generated AI Case Study: Application Modernization Using LLM
AWS Architecture Blog
AWS Big Data Blog
AWS Database Blog
AWS HPC Blog
AWS for Industries
- Centralize renewable operations around the world on AWS
- Financial Market Infrastructure Providers Cloud Adoption Trends for The First Half of 2024
AWS Machine Learning Blog
- Develop a RAG-based application using Amazon Aurora with Amazon Kendra
- Optimizing AI responsiveness: A practical guide to Amazon Bedrock latency-optimized inference
- Track LLM model evaluation using Amazon SageMaker managed MLflow and FMEval
AWS for M&E Blog
Networking & Content Delivery
AWS Security Blog
- Updated whitepaper available: Aligning to the NIST Cybersecurity Framework in the AWS Cloud
- Testing and evaluating GuardDuty detections
- AWS Firewall Manager retrofitting: Harmonizing central security with application team flexibility