5/16/2025, 12:00:00 AM ~ 5/19/2025, 12:00:00 AM (UTC)

Recent Announcements

Amazon Lightsail now supports IPv6 connectivity over AWS PrivateLink

Amazon Lightsail now supports IPv6-only and dual-stack PrivateLink interface VPC endpoints. AWS PrivateLink is a highly available, scalable service that allows you to privately connect your VPC to services and resources as if they were in your VPC.\n Previously, Lightsail supported private connectivity over PrivateLink using IPv4-only VPC endpoints. With today’s launch, customers can use IPv6-only, IPv4-only, or dual-stack VPC endpoints to create a private connection between their VPC and Lightsail, and access Lightsail without traversing the public internet. Lightsail supports connectivity using PrivateLink in all AWS Regions supporting Lightsail. To learn more about accessing Lightsail using PrivateLink, please see documentation.

AWS Entity Resolution is now available in 2 additional regions

Starting today, AWS Entity Resolution is now available in AWS Canada (Central) and Africa (Cape Town) Regions. With AWS Entity Resolution, organizations can match and link related customer, product, business, or healthcare records stored across multiple applications, channels, and data stores. You can get started in minutes using matching workflows that are flexible, scalable, and can seamlessly connect to your existing applications, without any expertise in entity resolution or ML.\n With this launch, AWS Entity Resolution rule-based and ML-powered workflows are now generally available in 12 AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Canada (Central), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), and Africa (Cape Town). To learn more, visit AWS Entity Resolution.

AWS Config rules now available in additional AWS Regions

Additional AWS Config rules are now available in 17 AWS Regions. AWS Config rules help you automatically evaluate your AWS resource configurations for desired settings, enabling you to assess, audit, and evaluate configurations of your AWS resources.\n When a resource violates a rule, an AWS Config rule evaluates it as non-compliant and can send you a notification through Amazon EventBridge. AWS Config provides managed rules, which are predefined, customizable rules that AWS Config uses to evaluate whether your AWS resources comply with common best practices. With this expansion, AWS Config managed rules in the following AWS Regions: Africa (Cape Town), Asia Pacific (Hong Kong), Asia Pacific (Hyderabad), Asia Pacific (Jakarta), Asia Pacific (Kuala Lumpur), Asia Pacific (Melbourne), Asia Pacific (Osaka), Canada (Calgary), Europe (Milan), Europe (Paris), Europe (Stockholm), Europe (Zaragoza), Europe (Zurich), Middle East (Bahrain), Middle East (Tel Aviv), Middle East (UAE), South America (São Paulo). You will be charged per rule evaluation in your AWS account per AWS Region. Visit the AWS Config pricing page for more details. To learn more about AWS Config rules, visit our documentation.

AWS CodePipeline now supports Deploy Spec file in EC2 deploy action

AWS CodePipeline now supports Deploy Spec file configurations in the EC2 Deploy action, enabling you to specify deployment parameters directly in your source repository. You can now include either a Deploy Spec file name or deploy configurations in your EC2 Deploy action. The action accepts Deploy Spec files in YAML format and maintains compatibility with existing CodeDeploy AppSpec files.\n The deployment debugging experience for large-scale EC2 deployments is also enhanced. Previously, customers relied solely on action execution logs to track deployment status across multiple instances. While these logs provide comprehensive deployment details, tracking specific instance statuses in large deployments was challenging. The new deployment monitoring interface displays real-time status information for individual EC2 instances, eliminating the need to search through extensive logs to identify failed instances. This improvement streamlines troubleshooting for deployments targeting multiple EC2 instances. To learn more about how to use the EC2 deploy action, visit our documentation. For more information about AWS CodePipeline, visit our product page. These new actions are available in all regions where AWS CodePipeline is supported, except the AWS GovCloud (US) Regions and the China Regions.

AWS CodePipeline now supports deploying to AWS Lambda with traffic shifting

AWS CodePipeline now offers a new Lambda deploy action that simplifies application deployment to AWS Lambda. This feature enables seamless publishing of Lambda function revisions and supports multiple traffic-shifting strategies for safer releases.\n For production workloads, you can now deploy software updates with confidence using either linear or canary deployment patterns. The new action integrates with CloudWatch alarms for automated rollback protection - if your specified alarms trigger during traffic shifting, the system automatically rolls back changes to minimize impact. To learn more about using this Lambda Deploy action in your pipeline, visit our documentation. For more information about AWS CodePipeline, visit our product page. These new actions are available in all regions where AWS CodePipeline is supported, except the AWS GovCloud (US) Regions and the China Regions.

Amazon Cognito now supports OIDC prompt parameter

Amazon Cognito announces support for the OpenID Connect (OIDC) prompt parameter in Cognito Managed Login. Managed Login provides a fully-managed, hosted sign-in and sign-up experience that customers can personalize to align with their company or application branding. This new capability enables customers to control authentication flows more precisely by supporting two commonly requested prompt values: ’login’ for re-authentication scenarios and ’none’ for silent authentication state check. These prompt parameters respectively allow applications to specify whether users should be prompted to authenticate again or leverage existing sessions, enhancing both security and user experience. With this launch, Cognito can also pass through select_account and consent prompts to third-party OIDC providers when the user pool is configured for federated sign-in.\n With the ’login’ prompt, applications can now require users to re-authenticate explicitly while maintaining their existing authenticated sessions. This is particularly useful for scenarios requiring additional and more recent authentication verification, such as right before accessing sensitive information or performing transactions. The ’none’ prompt enables a silent check on authentication state, allowing applications to check if users have an existing active authentication session without having to re-authenticate. This prompt can be valuable for implementing seamless single sign-on experiences across multiple applications sharing the same user pool. This enhancement is available in Amazon Cognito Managed Login to customers on the Essentials or Plus tiers in all AWS Regions where Amazon Cognito is available. To learn more about implementing these authentication flows, visit the Amazon Cognito documentation.

Amazon Data Lifecycle Manager now supports (IPv6) in the AWS GovCloud (US) Regions

Amazon Data Lifecycle Manager now offers customers the option to use Internet Protocol version 6 (IPv6) addresses for their new and existing endpoints. Customers moving to IPv6 can simplify their networks stack by running their Data Lifecycle Manager dual-stack endpoints on a network supporting both IPv4 and IPv6, depending on the protocol used by their network and client.\n Customers create Amazon Data Lifecycle Manager policies to automate the creation, retention, and management of EBS Snapshots and EBS-backed Amazon Machine Images (AMIs). The policies can also automatically copy created resources across AWS Regions, move EBS Snapshots to EBS Snapshots Archive tier, and manage Fast Snapshot Restore. Customers can also create policies to automate creation and retention of application-consistent EBS Snapshots via pre and post-scripts, as well as create Default Policies for comprehensive protection for their account or AWS Organization. Amazon Data Lifecycle Manager with IPv6, supported in all AWS Commercial Regions, is now available in the AWS GovCloud (US) Regions. To learn more about configuring Amazon Data Lifecycle Manager endpoints for IPv6, please refer to our documentation.

Amazon SageMaker - move project across domain units

Today, Amazon SageMaker and Amazon DataZone announced a new data governance capability that enables customers to move a project from one domain unit to another. Domain units enable customers to create business unit/team level organization and manage authorization policies per their business needs. Customers can now take a project mapped to a domain unit and organize it under a new domain unit within their domain unit hierarchy. The move project feature lets customers reflect changes in team structures as business initiatives or organizations shift by allowing them to change a project’s owning domain unit.\n As an Amazon SageMaker or Amazon DataZone administrator, you can now create domain units (e.g Sales, Marketing) under the top-level domain and organize the catalog by moving existing projects to new owning domain units. Users can then login to the portal to browse and search assets in the catalog by the domain units associated with their business units or teams. The move project feature for domain units is available in all AWS Regions where Amazon SageMaker and Amazon DataZone are available. To learn more, visit Amazon SageMaker, and get started with move project documentation.

AWS Blogs

AWS Japan Blog (Japanese)

AWS Open Source Blog

AWS Cloud Operations Blog

AWS Big Data Blog

AWS Database Blog

AWS Machine Learning Blog

AWS Messaging & Targeting Blog

Networking & Content Delivery

AWS Storage Blog

Open Source Project

AWS CLI

AWS CDK

Amazon EKS Anywhere