6/26/2025, 12:00:00 AM ~ 6/27/2025, 12:00:00 AM (UTC)
Recent Announcements
Today, Amazon Web Services (AWS) announced general availability of a new resource-level distributed denial of service (DDoS) mitigation capability for Application Load Balancers (ALB). This new WAF DDoS protection is directly integrated with ALB as an on-host agent to detect and mitigates DDoS attacks from known malicious sources within seconds while maintaining service quality for legitimate traffic. The WAF resource-level DDoS protection for ALBs is built on upon existing IP reputation rule group to provide rapid protection against known attack sources through static rules. This feature efficiently rate limits the traffic based on both direct client IP addresses and proxy networks by inspecting DDoS indicators in X-Forwarded-For (XFF) headers.\n Resource-level DDoS protection for ALBs can be configured to be active at all times or to be active only during high load conditions. You can enable this feature in AWS WAF for any Web ACL that is associated with ALB in all supported AWS Regions. See the AWS WAF pricing page for more details on Web ACL pricing. To learn more about AWS WAF’s resource level DDoS protection, visit the AWS WAF documentation or the AWS WAF console. To get started, refer to our technical documentation for detailed information about enabling this feature to protect your web applications.
AWS Elastic Beanstalk is now available in Middle East (UAE) region
We are excited to announce the general availability of AWS Elastic Beanstalk in the Middle East (UAE) region.\n AWS Elastic Beanstalk is a service that simplifies application deployment and management on AWS. The service automatically handles deployment, capacity provisioning, load balancing, auto-scaling, and application health monitoring, allowing developers to focus on writing code. For a complete list of regions and service offerings, see AWS Regions. To get started on AWS Elastic Beanstalk, see the AWS Elastic Beanstalk Developer Guide. To learn more about Elastic Beanstalk, visit the Elastic Beanstalk product page.
Amazon Cognito introduces AWS WAF support for Managed Login
Amazon Cognito introduces AWS Web Application Firewall (AWS WAF) support in Cognito Managed Login. This new capability allows customers to protect their Managed Login endpoints configured in Cognito user pools from unwanted or malicious requests and web-based attacks. Managed Login, a fully-managed, hosted sign-in and sign-up experience that customers can personalize to align with their company or application branding, now offers an additional layer of protection against threat vectors through integration with AWS WAF web access control lists (web ACLs).\n This integration provides customers with powerful new capabilities to safeguard their applications against malicious attacks. With AWS WAF support, you can now define rules that enforce rate limits, gain visibility into web traffic to your applications, and allow or block traffic to Cognito Managed Login based on your specific business or security requirements. Additionally, the AWS WAF integration enables you to optimize costs by controlling bot traffic to your Cognito user pools. Managed Login and WAF support in Managed Login are offered as part of the Cognito Essentials and Plus tiers and are available in all AWS Regions where Amazon Cognito is available. Please note that AWS WAF charges apply for the inspection of user pool requests. For more information, see AWS WAF Pricing. To learn more, see Using AWS WAF to protect Amazon Cognito User Pools, and to get started, visit the Amazon Cognito console.
AWS Backup adds support to copy your Amazon S3 backups across AWS Regions and accounts in the AWS GovCloud (US) Regions.\n With Amazon S3 backup copies in multiple AWS Regions, you can maintain separate, protected copies of your backup data to help meet compliance requirements for data protection and disaster recovery. Amazon S3 backup copies across accounts offers an additional layer of protection against inadvertent or unauthorized actions. The capability to copy Amazon S3 backups across AWS Regions and accounts, supported in all AWS Commercial Regions, is now available in the AWS GovCloud (US) Regions. For more information on regional availability and pricing, see AWS Backup pricing page. To learn more about AWS Backup for Amazon S3, visit the product page and technical documentation. To get started, visit the AWS Backup console.
Amazon WorkSpaces Personal now supports PrivateLink for streaming traffic
Amazon WorkSpaces Personal now allows you to route streaming traffic privately between your Amazon Virtual Private Cloud (VPC) and WorkSpaces virtual desktops using AWS PrivateLink, without the data ever traversing the public internet.\n With this new capability, you can now stream your WorkSpaces through private IP addresses within your VPC, or from on-premises environments using AWS VPN or AWS Direct Connect. The feature helps you to meet your compliance requirements by keeping streaming traffic within the trusted networks. To get started using PrivateLink with WorkSpaces, create a WorkSpaces VPC endpoint for DCV streaming protocol in the chosen Amazon VPC, then specify the VPC endpoint when creating a new WorkSpaces Personal directory or modifying an existing one. Your users will then use the VPC endpoint when they stream their DCV WorkSpaces. The feature is available for WorkSpaces Personal running DCV protocol in all AWS Regions where Amazon WorkSpaces is supported, except China (Ningxia) Region. You can configure this feature through the AWS Management Console, AWS Command Line Interface (CLI), or Amazon WorkSpaces APIs. For detailed configuration instructions and requirements, please refer to the Amazon WorkSpaces documentation.
AWS announces 100G expansion in Jakarta, Indonesia
Today, AWS announced the expansion of 100 Gbps dedicated connections at the AWS Direct Connect location in the NTT Jakarta 2 data center center near Jakarta, Indonesia. You can now establish private, direct network access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones from this location. This is the second AWS Direct Connect location in Jakarta to provide 100 Gbps connections with MACsec encryption capabilities.\n The Direct Connect service enables you to establish a private, physical network connection between AWS and your data center, office, or colocation environment. These private connections can provide a more consistent network experience than those made over the public internet. For more information on the over 142 Direct Connect locations worldwide, visit the locations section of the Direct Connect product detail pages. Or, visit our getting started page to learn more about how to purchase and deploy Direct Connect.
AWS Directory Service for Microsoft AD and AD Connector available in Asia Pacific (Taipei) Region
AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, and AD Connector are now available in the Asia Pacific (Taipei) Region.\n Built on actual Microsoft Active Directory (AD), AWS Managed Microsoft AD enables you to migrate AD-aware applications while reducing the work of managing AD infrastructure in the AWS Cloud. You can use your Microsoft AD credentials to domain join EC2 instances, and also manage containers and Kubernetes clusters. You can keep your identities in your existing Microsoft AD or create and manage identities in your AWS managed directory. AD Connector is a proxy that enables AWS applications to use your existing on-premises AD identities without requiring AD infrastructure in the AWS Cloud. You can also use AD Connector to join Amazon EC2 instances to your on-premises AD domain and manage these instances using your existing group policies. Please see all AWS Regions where AWS Managed Microsoft AD and AD Connector are available. To learn more, see AWS Directory Service.
AWS announces that Amazon SageMaker has contributed a custom transport ‘AmazonDataZoneTransport’ to the OpenLineage community and enhanced automated lineage capabilities. These lineage enhancements include improvements to automation from sources such as AWS Glue, Amazon Redshift, and automated lineage capture from tools, enabling data scientists and engineers to work more efficiently with their data and models.\n The new ‘custom transport’ contribution to the OpenLineage community allows builders to download the transport along with OpenLineage plugins to augment and automate lineage events captured from OpenLineage-enabled systems. With this, customers can automate lineage capture and send these lineage events to the SageMaker Unified Studio domain, enhancing data governance and traceability within their data workflows. Amazon SageMaker has also introduced enhanced automated lineage capabilities from various sources. These improvements include better support for lineage events from AWS Glue, Amazon Redshift, and automated lineage capture from tools such as vETL processes and notebooks. Additionally, SageMaker has improved its SQL lineage support, particularly for Amazon Redshift, with new features including support for stored procedures and materialized views. These enhancements enable automatic lineage capture of complex data operations, providing a more comprehensive view of data transformations and dependencies. This feature is available all AWS Regions where Amazon SageMaker is available. To learn more about the custom transport contribution and enhanced lineage capabilities, visit the Amazon SageMaker. page. For detailed information on how to get started with lineage using these new features, refer to the user documentation.
Amazon EventBridge now supports AWS CodeBuild batch builds as a target
Amazon EventBridge now supports AWS CodeBuild batch builds as a target. This enhancement allows you to trigger concurrent and coordinated builds of a CodeBuild project using EventBridge, providing greater flexibility and control over your build processes.\n The Amazon EventBridge Event Bus is a serverless event broker for creating scalable event-driven applications by routing events between your own applications, third-party SaaS applications, and other AWS services. AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. While the EventBridge Event Bus has long supported standard CodeBuild builds as targets, you can now also trigger batch builds. With batch builds, you can trigger features like build graphs, build lists, build matrices, and build fanouts in response to events from AWS services, SaaS partner applications, or your own applications. By combining EventBridge and batch builds, you can automate and orchestrate complex build workflows more effectively, leveraging concurrent and coordinated builds that automatically scale to meet your needs. This feature is now available in all AWS Regions including the AWS GovCloud (US) Regions. To learn more, see CodeBuild projects as targets in the Amazon EventBridge documentation and Create AWS CodeBuild triggers programmatically in the AWS CodeBuild documentation.
AWS Security Incident Response adds integration with Amazon EventBridge
Today, AWS Security Incident Response announces integration with Amazon EventBridge. This integration enables customers to react, monitor, and orchestrate events associated with cases and memberships within AWS Security Incident Response. Amazon EventBridge is a service that can provide near real-time access to changes in data in AWS services, your own applications, and software as a service (SaaS) applications without writing code. With Amazon EventBridge acting as a central hub for changes in AWS Security Incident Response cases and memberships, customers can either route these events via Rules (for fan-out scenarios to one or more targets) or through Pipes (for point-to-point integrations with enhanced filtering, enrichment, and transformation capabilities).\n With the Amazon EventBridge integration, customers can now create integrations between AWS Security Incident Response and third-party tooling or aggregate data to analyze using generative AI and other AWS tooling. For example, when AWS Security Incident Response proactively creates a case, Amazon EventBridge automation can trigger systems to notify stakeholders, which enables quicker response and minimizes barriers to engaging customer teams during potential security incidents. Customers and partners who manage multiple AWS environments can now leverage the Amazon EventBridge integration to monitor AWS Security Incident Response memberships, helping ensure their environments maintain a strong security posture for incident response. Support for Amazon EventBridge is available in all regions where AWS Security Incident Response is available. To learn more, see the AWS Security Incident Response documentation. Get started today by visiting AWS Security Incident Response via the console, AWS Command Line Interface, or APIs. For additional information on EventBridge, visit the Amazon EventBridge page.
Announcing general availability of managed integrations for AWS IoT Device Management
Today, AWS announced the general availability of managed integrations, a feature of AWS IoT Device Management designed to simplify the control and management of IoT devices across multiple manufacturers and connectivity protocols. Developers can now onboard and manage diverse IoT devices through a single unified interface regardless of connection type - direct, hub-based, or third-party cloud-based. Managed integrations can also use Cloud-to-Cloud (C2C) connectors and device data model templates. At preview, developers had access to a catalog of pre-built C2C connectors from partners and vendors along with 80+ device data model templates. Now, with expanded functionality, developers can create and list their own connectors and customize the templates to create new data models.\n Using the managed integrations feature, developers can accelerate their IoT solution development. The unified interface, combined with device and hub SDKs that support ZigBee, Z-Wave, and Wi-Fi protocols, streamlines device management and onboarding across multiple devices, vendors, and connectivity standards. Development is further accelerated by a catalog of pre-built C2C connectors and custom connector building capabilities to enable integration with various third-party cloud-based devices. Moreover, a comprehensive library of over 80+ device data model templates, based on AWS’s implementation of the Matter data model standard, paired with the ability to create new data models, provides developers a flexible and scalable approach to define device capabilities. Managed integrations gives developers a powerful way to integrate devices into applications that are designed to provide a seamless experience for their end users, and empowers the creation of value-added services, such as home security, energy management, and elderly care monitoring. The managed integrations feature is available in Canada (Central) and Europe (Ireland). To learn more, refer to the developer guide and get started on the AWS IoT console.
Amazon Connect Outbound Campaigns is now available in three additional AWS Regions
Today, we are excited to announce that Amazon Connect Outbound Campaigns is now available in Asia Pacific (Seoul), Asia Pacific (Tokyo), Asia Pacific (Singapore). With this launch, customers can initiate proactive outbound communications for real-time service updates, promotional offers, product usage tips, and appointment reminders at just the right moments throughout your customer’s experience from the right channel.\n Outbound Campaigns empowers businesses to create targeted and personalized outreach strategies through key capabilities including segmentation, omnichannel orchestration, content personalization and built-in analytics. Outbound Campaigns supports predictive and progressive voice dialing, AI-powered call classification, retry strategies based on contact outcomes, time zone detection, and communication limits. These features ensure that businesses can optimize their outreach while adhering to regulatory requirements and customer preferences. Additionally, businesses can fine tune audience segments, personalize message templates and start event-based campaigns across voice and digital channels like SMS and email. By leveraging these features, businesses can significantly enhance their customer engagement strategies and improve overall communication effectiveness. To learn more and get started, visit the Amazon Connect Outbound Campaigns product page and documentation.
AWS Glue Data Catalog usage metrics now available with Amazon CloudWatch
AWS Glue Data Catalog now offers usage metrics for APIs in Amazon CloudWatch, enabling you to monitor, troubleshoot, and optimize your API usage with greater visibility. The insights from these API usage metrics will help you better understand your lakehouse runtime API usage in production environments.\n Customers seek better observability of their API usage to identify bottlenecks, detect anomalies, and understand usage patterns in their lakehouse architecture. With Data Catalog Usage Metrics in CloudWatch, you can track critical API usage performance indicators per minute, including reads, updates, and deletions of lakehouse resources such as catalogs, tables, partitions, connections, and statistics. You can set up CloudWatch alarms to receive notifications when metrics exceed specified thresholds, allowing proactive management of your lakehouse. You can get started by navigating to Metrics in the CloudWatch console and filter usage by AWS Glue resource. You can then graph the metrics and configure alarms that alert you when usage approaches specified thresholds. This feature is available in all AWS Regions where Data Catalog is available. To get started, read the launch blog and read Data Catalog documentation.
Amazon Braket adds dynamic circuit capabilities on IQM Garnet
Today, Amazon Braket introduced experimental support for dynamic circuits on IQM’s Garnet quantum processing unit (QPU). This capability enables mid-circuit measurements (MCM) and feed-forward operations, allowing quantum researchers and developers to implement more advanced quantum algorithms. Dynamic circuits are a key building block for quantum error mitigation and correction. They can improve resource efficiency via qubit reuse, as well as enable experimentation with algorithms and protocols that require conditional logic.\n With dynamic circuits, customers can now perform active qubit reset to reuse qubits within a single circuit execution and apply conditional operations based on measurement outcomes. These techniques can reduce circuit depth requirements unlocking new capabilities on Amazon Braket. To use dynamic circuits, customers can submit verbatim programs that include mid-circuit measurement and conditional rotation instructions. These programs can be written using using OpenQASM, the Amazon Braket SDK, or the Amazon Braket Qiskit Provider. This experimental capability is available to all customers using an IQM device in the Europe (Stockholm) Region without requiring any special access permissions. For more information, visit our Experimental Capabilities documentation page and read our launch blog post.
AWS Service Reference Information now supports annotations for service actions
AWS is expanding service reference information to include annotations for service actions, starting with action properties. Action properties provide context to indicate what an action is capable of, such as write or list capabilities, when you use it in a policy. Service reference information streamlines automation of policy management workflows, helping you retrieve available actions across AWS services from machine-readable files. Whether you are a security administrator establishing guardrails for workloads or a developer ensuring appropriate access to applications, you can now more easily identify the scope for each AWS service.\n You can automate the retrieval of service reference information, eliminating manual effort and ensuring your policies align with the latest service updates. You can also incorporate this service reference directly into your policy management tools and processes for a seamless integration. This feature is offered at no additional cost. To get started, refer to the documentation on programmatic service reference information.
AWS Blogs
AWS Japan Blog (Japanese)
- Contribution: Real-time automated analysis of genomic data on the cloud at the H.U. Group Central Research Institute
- Amazon Bedrock Guardrails now supports Japanese
AWS Open Source Blog
AWS Architecture Blog
AWS Cloud Financial Management
AWS Cloud Operations Blog
- Observing Agentic AI workloads using Amazon CloudWatch
- Best practices for utilizing AWS Systems Manager with AWS Fault Injection Service
AWS Big Data Blog
- Building serverless event streaming applications with Amazon MSK and AWS Lambda
- Enhance data ingestion performance in Amazon Redshift with concurrent inserts
- Introducing AWS Glue Data Catalog usage metrics for API usage
Desktop and Application Streaming
Artificial Intelligence
- Tailor responsible AI with new safeguard tiers in Amazon Bedrock Guardrails
- Structured data response with Amazon Bedrock: Prompt Engineering and Tool Use
- Using Amazon SageMaker AI Random Cut Forest for NASA’s Blue Origin spacecraft sensor data
AWS for M&E Blog
Networking & Content Delivery
- Building secure multicloud access with AWS Client VPN and AWS Site-to-Site VPN
- Addressing private IPv4 exhaustion with AWS Cloud WAN service insertion