8/21/2025, 12:00:00 AM ~ 8/22/2025, 12:00:00 AM (UTC)
Recent Announcements
Amazon Verified Permissions now supports Cedar 4.5
Amazon Verified Permissions now supports Cedar 4.5. This enables customers to use the latest Cedar features, including the “is” operator, which allows customers to grant access based on resource types. For example, in a petstore application, you can use the “is” operator to write a policy that only grants administrators permission to view a resource if that resource “is” an invoice. This addition enhances Cedar’s type system and helps catch potential type-related errors early in policy development. You can learn about other enhancements to Cedar on the Cedar releases page.\n Amazon Verified Permissions is a permissions management and fine-grained authorization service for the applications that you build. Amazon Verified Permissions uses the Cedar policy language to enable developers and admins to define policy-based access controls using roles and attributes. Amazon Verified Permissions supports Cedar 4.5 in all AWS Regions where the service is available. All new accounts and backward-compatible accounts have been automatically upgraded to Cedar-4, and no additional actions are required. For more information about Amazon Verified Permissions, visit the Verified Permissions product page.
Amazon VPC IPAM adds in-console CloudWatch alarm management
Today, Amazon Web Services announced improved Amazon CloudWatch alarm integration for Amazon VPC IP Address Manager (IPAM). This enhancement provides better visibility and management of existing CloudWatch alarms directly from the IPAM console. With this new integration, you can quickly identify potential IP address management issues and take proactive actions across your organization.\n The enhanced integration brings IPAM-related CloudWatch alarms directly into the IPAM console, providing a unified view of alarm states across all IPAM pages. This visibility enables quick response to potential IP address management issues. You can now create CloudWatch alarms directly from the IPAM console - clicking the ‘Create Alarm’ option redirects you to CloudWatch with relevant fields pre-populated, streamlining IP usage alert setup. A new resource-level “Alarms” tab offers comprehensive visibility into all alarms associated with specific IPAM resources, making it easier to manage and monitor your IP address space effectively. This improved integration is particularly valuable for networking teams managing IP address spaces, as it helps prevent issues through better visibility and easier management of existing alarms. The console also provides proactive monitoring suggestions for resources without associated alarms, helping ensure comprehensive monitoring coverage across your IP address management infrastructure. This feature is now available in all AWS Regions where Amazon VPC IPAM is supported, including AWS China Regions, and AWS GovCloud (US) Regions. To learn more about monitoring IPAM with CloudWatch, view the CloudWatch IPAM documentation. For details on pricing, refer to the IPAM tab on the Amazon VPC Pricing Page.
Amazon CloudWatch Logs Insights expands natural language query result summarization to 15 additional AWS Regions: Asia Pacific (Hong Kong, Malaysia, Mumbai, Thailand, Tokyo, Singapore, Sydney), Europe (Frankfurt, Ireland, London, Spain, Stockholm), South America (Sao Paulo). US East (Ohio), and US West (Oregon).\n CloudWatch Logs Insights lets you interactively search and analyze your logs with Logs Insights query language, OpenSearch Service Piped Processing Language (PPL), and OpenSearch Service Structured Query Language (SQL). The query result summarization capability generates a natural language summary of the query results, providing users with clear, actionable insights. Interpreting log entries can be time-consuming and this feature transforms complex query results into concise summaries that help you quickly identify issues and gain actionable insights from your log data. In addition, natural language query generation capability in CloudWatch Logs is now available for CloudWatch Logs Insights and Metrics Insights in 6 additional AWS Regions: Asia Pacific (Malaysia, Mumbai, Thailand), Europe (London, Spain), and South America (Sao Paulo). Query generation for PPL and SQL languages is available in 3 additional AWS Regions: Asia Pacific (Mumbai), Europe (London), and South America (Sao Paulo). Natural language query generation powered by generative AI allows users to use plain English to quickly generate queries in the context of their logs without needing extensive knowledge of the query language, reducing time to gather insights.
To learn about the log summarizer in CloudWatch Logs Insights, visit the Amazon CloudWatch Logs documentation. To learn about natural language query generation, go to CloudWatch Logs documentation.
AWS Security Incident Response introduces integrations with ITSM
AWS Security Incident Response now offers seamless integration with popular IT Service Management (ITSM) tools like Jira and ServiceNow, enabling you to respond faster to security incidents while maintaining your existing processes and operating models. These integrations provide bidirectional synchronization, allowing you to create, update, and delete issues in either platform with automatic data replication into AWS Security Incident Response cases. Comments and attachments are also fully synchronized between platforms.\n The integrations are available as open-source projects on GitHub, providing customers and partners the opportunity to contribute to and extend the functionality. The repository includes sample code, deployment instructions, and best practices for building custom integrations with AWS Security Incident Response. The solution features a modular architecture that makes it straightforward to add new integration targets beyond the initial Jira and ServiceNow offerings. The GitHub repository includes guidance on how to leverage tools like Amazon Q Developer, Kiro, or similar AI assistants for rapid customization and use with your favorite ITSM platform. To get started with AWS Security Incident Response ITSM Integrations, visit our GitHub repository. Visit our technical documentation for Jira and ServiceNow for implementation details. Learn more about AWS Security Incident Response in the service’s User Guide.
AWS Security Incident Response achieves HITRUST Certification
AWS Security Incident Response is now Health Information Trust Alliance Common Security Framework (HITRUST CSF) certified, demonstrating its alignment with stringent security and privacy requirements established by HITRUST for managing sensitive data. This certification validates that AWS Security Incident Response meets comprehensive security controls required by healthcare, life sciences and many other regulated sectors.\n HITRUST CSF is a comprehensive security and privacy framework developed by the HITRUST Alliance to help organizations in the healthcare industry and other regulated sectors effectively manage information risk and comply with a variety of security, privacy and regulatory requirements. It provides a scalable, transparent, and certifiable approach based on well-known industry standards and regulations, allowing organizations to demonstrate their commitment to protecting sensitive data and meeting compliance obligations. AWS customers can achieve HITRUST certification using AWS products and inherit AWS HITRUST scores, reducing the audit burden for both parties. Visit the AWS Services in Scope by Compliance Program to see a full list of services also covered by HITRUST. AWS Security Incident Response automates security alert monitoring, streamlines incident response coordination, and provides direct access to 24/7 security experts, enabling organizations to efficiently detect, investigate, and mitigate security incidents. To learn more, see the AWS Security Incident Response documentation. Get started today by visiting AWS Security Incident Response via the console, AWS Command Line Interface, or APIs.
AWS Blogs
AWS Japan Blog (Japanese)
- Maximizing SAP Data Value with Amazon Q Business and Amazon Bedrock — Part 1
- Offline caching using AWS Amplify, TanStack, AppSync, and MongoDB Atlas
AWS Open Source Blog
AWS Architecture Blog
AWS Big Data Blog
Containers
Artificial Intelligence
- Fine-tune OpenAI GPT-OSS models using Amazon SageMaker HyperPod recipes
- Inline code nodes now supported in Amazon Bedrock Flows in public preview
- Accelerate enterprise AI implementations with Amazon Q Business
- Speed up delivery of ML workloads using Code Editor in Amazon SageMaker Unified Studio
- How Infosys Topaz leverages Amazon Bedrock to transform technical help desk operations
AWS for M&E Blog
Networking & Content Delivery
- Best Practices to Optimize Failover Times for Overlay Tunnels on AWS Direct Connect
- Streamlining RISE with SAP Connectivity using AWS Cloud WAN
- Secure internet-based access to SaaS PrivateLink endpoints using AWS Verified Access
- Accelerate your Cloud Strategy with Megaport’s 25 Gbps Hosted AWS Direct Connect