2025-08-13

8/13/2025, 12:00:00 AM ~ 8/14/2025, 12:00:00 AM (UTC)

Recent Announcements

Amazon SageMaker Studio now supports trusted identity propagation

We are excited to announce that Amazon SageMaker Studio now supports trusted identity propagation (TIP), enabling admins to trace actions taken in SageMaker Studio back to a human user. It also enables administrators to manage permissions based on user identity to AWS Lake Formation and Amazon S3 Access Grants.\n Starting today, SageMaker Studio now supports trusted identity propagation for AWS services, including AWS Lake Formation, Amazon S3, Amazon EMR, Amazon EMR-Serverless, Amazon Redshift and Amazon Athena. Customers can enable trusted identity propagation for SageMaker Studio domains, either at domain creation or while updating an existing domain. With this capability, customers can apply fine grained access controls using S3 Access Grants, Lake Formation, or Redshift Data APIs to govern user access to data in their SageMaker Studio notebooks. Customers’ Training and Processing jobs in Studio notebooks will integrate with S3 Access Grants. With this change, administrators can trace creation of user interactive sessions as well as user background sessions across Studio applications (JupyterLab and CodeEditor) via AWS CloudTrail events. As an example, administrators can now track which user creates SageMaker Pipeline steps to run experiments using SageMaker MLFlow, trains ML models using SageMaker Training, and deploys using SageMaker Inference. This feature is available in all AWS Regions where Amazon SageMaker Studio with IdC support is currently available, excluding China regions, and GovCloud (US) regions. To learn more, visit our documentation.

AWS Resource Explorer now Supports Filtering for Multiple Values

Today, AWS Resource Explorer introduces support for filtering on multiple values in both the Search and ListResources APIs. This new feature allows customers to build targeted queries to find resources more easily.\n The new filtering feature allows customers to search for resources based on multiple criteria simultaneously, improving upon the previous process where they had to query each individual facet and combine the search results. For example, customers can now find all storage-types tagged as non-production by querying “tag.key:environment tag.value:dev,test,integ service:dynamodb,rds,ebs…”. Importantly, customers with large AWS Organizations can now scope their Resource Explorer Views to specific listed accounts, rather than being scoped to an entire Organization or Organizational Unit. To scope multi-account views to a specific set of accounts, add a view filter with the “account:” operator, and a comma-separated list of account IDs to be included in search results.

This feature is available in all AWS Regions where AWS Resource Explorer is supported. For specific regional availability, please refer to the AWS Regional Services List. To learn more about this new feature visit the AWS Resource Explorer documentation page. You can start using this enhanced querying capability immediately through the AWS Management Console, AWS CLI, or AWS SDKs.

Amazon DocumentDB announces Extended Support for Version 3.6

Amazon DocumentDB (with MongoDB compatibility) offers Extended Support for version 3.6, allowing customers to maintain critical workloads on version 3.6 for up to three years beyond the standard support end date on March 30, 2026. This is designed for customers who may need more time to plan and implement version upgrades, especially when navigating application dependencies or managing enterprise-scale deployments.\n Standard support for Amazon DocumentDB version 3.6 will end on March 30, 2026. After this date, clusters not upgraded to a supported version will incur Extended Support charges. During the Extended Support period, AWS will continue to provide critical security updates for Common Vulnerabilities and Exposures (CVEs). To perform an upgrade from Amazon DocumentDB version 3.6 to 5.0, customers can use an in-place major version upgrade. Upgrading to version 5.0 of Amazon DocumentDB enables customers to benefit from features such as I/O-Optimized, Graviton2, and Serverless instances, providing price per performance improvements. To get started and learn more about the Extended Support, see our blog.

Amazon DynamoDB now supports more frequent throughput mode updates from provisioned to on-demand capacity

You can now update your Amazon DynamoDB table throughput mode from provisioned capacity to on-demand mode up to four times in a rolling 24-hour period. This enhancement makes it simpler for customers who have use cases which require loading large volumes of data into their DynamoDB tables multiple times per day, or want greater flexibility to manage their workload requirements and optimize costs. The increased quota also simplifies CloudFormation deployments and rollbacks, allowing templates to execute more readily without being blocked by previous changes. Previously, you could only set or update your table throughput mode to on-demand capacity once in a 24-hour period.\n DynamoDB on-demand mode offers a truly serverless database experience with pay-per-request pricing and automatic scaling to accommodate the most demanding workloads without capacity planning. Many customers prefer the simplicity of on-demand mode to build modern, serverless applications that can start small and scale to millions of requests per second. There is no charge for switching capacity modes, and the increased quota automatically applies to all DynamoDB tables. On-demand throughput is available in all AWS Regions. For more information about DynamoDB on-demand throughput, see the Developer Guide.

Announcing expanded support for Cilium with Amazon EKS Hybrid Nodes

Today, Amazon Elastic Kubernetes Service (Amazon EKS) expands support for Cilium as the Container Networking Interface (CNI) for Amazon EKS Hybrid Nodes. Cilium is a Cloud-Native Computing Foundation (CNCF) graduated project that provides core networking capabilities for Kubernetes workloads. Now, you can receive support from AWS for a broader set of Cilium features when using Cilium with Amazon EKS Hybrid Nodes including application ingress, in-cluster load balancing, Kubernetes network policies, and kube-proxy replacement mode.\n Kubernetes clusters require a CNI for connectivity between pods running in the cluster, but most Kubernetes applications require additional components, such as ingress controllers and load balancers, to serve and secure network traffic with other external systems or users. These additional capabilities are integrated features of Cilium, built on Cilium’s eBPF-powered networking and security. Now, Amazon EKS Hybrid Nodes users can receive support from AWS for Cilium’s Ingress and Gateway features, Border Gateway Protocol (BGP) Control Plane, Load Balancer IP Address Management (LB IPAM), kube-proxy replacement, and Kubernetes network policies. AWS supports the Amazon VPC CNI for Amazon EKS nodes in AWS Cloud, which is optimized for Amazon VPC networking with built-in features such as enhanced subnet discovery, Kubernetes network policies, and multiple network interfaces per pod. Cilium support for Amazon EKS Hybrid Nodes is available in all AWS Regions where Amazon EKS Hybrid Nodes is available. To learn more about Cilium support for Amazon EKS Hybrid Nodes, see Configure CNI for hybrid nodes in the Amazon EKS User Guide.

Amazon FSx for OpenZFS now supports Internet Protocol Version 6 (IPv6)

Amazon FSx now offers customers the option to use Internet Protocol version 6 (IPv6) for access to Amazon FSx for OpenZFS file systems.\n More and more customers are adopting IPv6 to mitigate IPv4 address exhaustion in their private networks or to satisfy government mandates such as the US Office of Management and Budget (OMB) M-21-07 memorandum. With this launch, customers can now access their file systems using IPv4, IPv6, or dual-stack clients without the need for complex infrastructure to handle IPv6 to IPv4 address translation. IPv6 support for new FSx for OpenZFS file systems is now available in all AWS Commercial, AWS GovCloud (US), and AWS China regions where Amazon FSx is available, with IPv6 support for existing FSx for OpenZFS file systems coming in an upcoming weekly maintenance window. To learn more, visit the Amazon FSx user guide.

AWS IAM Identity Center introduces support for user background sessions with Amazon SageMaker Studio

AWS IAM Identity Center introduces support for user background sessions, a new feature which allows Amazon SageMaker Studio users to initiate long-running jobs that continue to run in the background even after a user logs off from their computer. User background sessions leverage permissions tied to a user’s identity and their corporate directory group associations while accessing data across multiple AWS services including Amazon Athena, Amazon EMR, AWS Lake Formation, Amazon Redshift, and Amazon S3.\n Building on IAM Identity Center’s trusted identity propagation (TIP) capability, this feature allows SageMaker Studio jobs to run for up to 90 days without requiring users to stay signed in. When launching jobs such as SageMaker Training, Processing, or Pipeline executions, IAM Identity Center creates a new user background session that runs independently until job completion or the background session duration limit is reached, whichever comes first. Administrators can track the creation of user background sessions via AWS CloudTrail events, update the background session duration for their IAM Identity Center instance and terminate background sessions for different users in their organization.

AWS IAM Identity Center helps you securely connect your workforce identities and manage their access centrally across AWS applications. For more information on user background sessions, see here. For the list of supported regions and compatible AWS services supported with user background sessions, refer to the Amazon SageMaker Studio page, linked here.

AWS Blogs

AWS Japan Blog (Japanese)

• AWS Weekly Roundup: OpenAI models, automated inference checks, Amazon EVS, and more (August 11, 2025)
• Introducing the Amazon EKS Auto Mode Workshop
• EDA on the Cloud — Tokyo (held on 9/16)
• Simplify remote actions on IoT devices using AWS IoT Device Management command features

AWS News Blog

• Meet our newest AWS Heroes — August 2025

AWS Big Data Blog

• Build data pipelines with dbt in Amazon Redshift using Amazon MWAA and Cosmos

AWS Database Blog

• Announcing Extended Support for Amazon DocumentDB (with MongoDB compatibility) version 3.6

AWS DevOps & Developer Productivity Blog

• Introducing AWS Cloud Control API MCP Server: Natural Language Infrastructure Management on AWS
• Flexibility to Framework: Building MCP Servers with Controlled Tool Orchestration

AWS for Industries

• Validate radiology reports using Amazon Nova

Artificial Intelligence

• Securely launch and scale your agents and tools on Amazon Bedrock AgentCore Runtime
• PwC and AWS Build Responsible AI with Automated Reasoning on Amazon Bedrock
• How Amazon scaled Rufus by building multi-node inference using AWS Trainium chips and vLLM
• Build an intelligent financial analysis agent with LangGraph and Strands Agents
• Amazon Bedrock AgentCore Memory: Building context-aware agents
• Build a conversational natural language interface for Amazon Athena queries using Amazon Nova

AWS for M&E Blog

• Edit in the cloud: Nine Network modernizes edit suites with AWS

AWS Security Blog

• 177 AWS services achieve HITRUST certification

Open Source Project

AWS CLI

• 2.28.9
• 1.42.9

AWS CDK

• v2.211.0

Firecracker

• v1.14.0-dev