9/17/2025, 12:00:00 AM ~ 9/18/2025, 12:00:00 AM (UTC)
Recent Announcements
AWS Lambda Now Supports Cross-Account Container Images in GovCloud Regions
AWS Lambda now supports creating or updating functions using container images stored in an Amazon Elastic Container Registry (ECR) repository located in a different AWS account than the Lambda function in all GovCloud Regions (AWS GovCloud (US-West) and AWS GovCloud (US-East)). Previously, users could only access container images within the same AWS account as their Lambda function. This often required copying images to a local ECR repository if they were stored in a centralized account.\n This enhancement streamlines the process by allowing access to container images across different accounts. To achieve this, you need to grant necessary permissions to the Lambda resource and the Lambda service principal. This functionality is available in all AWS Regions where both Lambda and ECR are available. See the AWS Region table for more info. Visit the AWS Lambda documentation for further details on configuring these permissions
Amazon Corretto 25 is now generally available
Amazon Corretto 25, a Long Term Support (LTS) version, is now generally available. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of OpenJDK. You can download Corretto 25 for Linux, Windows, and macOS from our downloads page.\n Amazon Corretto 25 new features include:
Two features that were initially released as experimental in JDK 24 are now LTS production-ready in JDK 25: Compact Object Headers: designed to lower heap memory usage by shrinking object headers from 96-128 bits down to 64 bits. Generational Shenandoah GC: engineered to provide sustainable throughput and lower p99 pause times or similar pause times with a smaller heap and reduced CPU usage.
Ahead-of-Time (AOT) Caching: designed to improve cold-start and warm-up time by reusing pre-parsed pre-linked classes and compilation profiles between training and production runs.
Language improvements: primitive types in patterns, flexible constructors, module‑wide imports, compact source files, scoped values for thread-local variables, stable values for immutable data, all designed to cut boilerplate, keep everyday code shorter and safer.
Observability: JDK Flight Recorder gains CPU‑time sampling, cooperative sampling and method‑trace events for low‑overhead production profiling.
Structured Concurrency: designed to provide coordinated task management, allowing related tasks fail or finish together.
Vector API: developed to provide computations that compile to optimal vector instructions on supported CPUs.
Virtual Thread pinning improvements: reduces thread pinning in synchronized blocks for better scalability.
A detailed description of these features can be found on the OpenJDK 25 Project page. Amazon Corretto 25 is distributed by Amazon under an open source license and will be supported through October 2032.
Amazon Connect launches the ability to search contacts using agent hierarchy filters
Amazon Connect now provides you with agent hierarchy filters on the contact search page in the Amazon Connect UI. This launch enables contact center leaders to drill-down into their hierarchy to review contacts handled by specific contact center sites, departments or teams, for assessing contact quality or agent performance. This also enables centralized teams within contact centers, such as quality management and regulatory compliance, to efficiently locate and review contacts handled by specific teams or departments, streamlining their workflow for performance evaluation and compliance auditing.\n This feature is available in all regions where Amazon Connect is offered. To learn more, please visit our documentation and our webpage.
Amazon EC2 I8ge instances now available in AWS Europe (Frankfurt)
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) storage optimized I8ge instances are available in AWS Europe (Frankfurt) region. I8ge instances are powered by AWS Graviton4 processors to deliver up to 60% better compute performance compared to previous generation Graviton2-based storage optimized Amazon EC2 instances. I8ge instances use the latest third generation AWS Nitro SSDs, local NVMe storage that deliver up to 55% better real-time storage performance per TB while offering up to 60% lower storage I/O latency and up to 75% lower storage I/O latency variability compared to previous generation Im4gn instances. At 120 TB, I8ge instances have the highest storage density among AWS Graviton-based storage optimized Amazon EC2 instances. These instances are built on the AWS Nitro System, which offloads CPU virtualization, storage, and networking functions to dedicated hardware and software enhancing the performance and security for your workloads.\n I8ge instances offer instance sizes up to 48xlarge including two metal sizes, 1,536 GiB of memory, and 120 TB instance storage. At 300 Gbps, these instances have the highest networking bandwidth among storage optimized Amazon EC2 instances. They are ideal for real-time applications that require much larger storage density such as relational databases, non-relational databases, streaming databases, search queries and data analytics.
To learn more, see Amazon EC2 I8ge instances. To begin your Graviton journey, visit the Level up your compute with AWS Graviton page. To get started, see AWS Management Console, AWS Command Line Interface (AWS CLI), and AWS SDKs.
Announcing availability of second-generation AWS Outposts racks in 52 more countries
Second-generation AWS Outposts racks can now be shipped and installed at your data center and on-premises locations in Australia, Bahrain, Brazil, Brunei, Chile, Costa Rica, Egypt, European Union countries, Iceland, Indonesia, Israel, Japan, Jordan, Kenya, the Kingdom of Saudi Arabia, Kuwait, Malaysia, New Zealand, Peru, the Philippines, Singapore, Trinidad and Tobago, Türkiye, the United Arab Emirates (UAE), the United Kingdom, and Vietnam.\n Outposts racks extend AWS infrastructure, AWS services, APIs, and tools to virtually any on-premises data center or colocation space for a truly consistent hybrid experience. Outposts racks are ideal for workloads that require low-latency access to on-premises systems, local data processing, and migration of applications with local system interdependencies. Outposts racks can also help meet data residency requirements. Second-generation Outposts racks support the latest generation of x86-powered Amazon Elastic Compute Cloud (Amazon EC2) instances, starting with C7i, M7i, and R7i instances. These instances provide up to 40% better performance compared to C5, M5, and R5 instances on first-generation Outposts racks. Second-generation Outposts racks also offer simplified network scaling and configuration, and support a new category of accelerated networking Amazon EC2 instances optimized for ultra-low latency and high throughput needs.
With the availability of second-generation Outposts racks in the above countries, you can use AWS services to run your workloads and data in country in your on-premises facilities and connect to the nearest available AWS Region for management and operations.
To learn more about second-generation Outposts racks, read this blog post and the user guide. For the most updated list of countries and territories and the AWS Regions where second-generation Outposts racks are supported, check out the Outposts racks FAQs page.
Amazon CloudWatch launches Cross-Account and Cross-Region Log Centralization
Amazon CloudWatch now offers cross-account and cross-region log centralization, allowing customers to copy log data from multiple AWS accounts and regions into a single destination account. This capability seamlessly integrates with AWS Organizations, enabling efficient aggregation of logs from workloads that span multiple accounts and regions into a single account without the need to manage custom solutions.\n The log centralization feature provides the ability to scope the centralization rules to copy log data from their entire organization, specific organizational units, or selected accounts into a single account. To maintain source context and data lineage, log events are enriched with new system fields (@aws.account and @aws.region) that identify the original source account and region. Additional capabilities include selective log group copying, automatic merging of same-named log groups in the destination account, and optional backup region setup, simplifying centralized log management. Log centralization is available in US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Osaka), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), and South America (São Paulo). To learn more, visit the Amazon CloudWatch documentation. Customers can centralize one copy of logs for free. Additional copies are charged at $0.05/GB of logs centralized (the backup region feature is considered an additional copy). For details, visit the CloudWatch Pricing page.
Amazon EventBridge now extends AWS Key Management Service (KMS) customer managed key support to event bus rule filter patterns and input transformers. This capability enables you to use your own encryption keys to protect sensitive information in your event filtering and transformation logic to meet stringent security and compliance requirements while maintaining full control over your encryption keys.\n Amazon EventBridge is a serverless event router that enables you to create scalable event-driven applications by routing events between your applications, third-party SaaS applications, and AWS services. Filter patterns determine which events match your rules, while input transformers allow you to customize the event data before sending it to targets. By encrypting these components with customer managed keys, you can help meet your organization’s compliance and governance requirements and use AWS CloudTrail to audit and track encryption key usage. This feature is available in all commercial AWS Regions. Using this feature incurs no additional cost, but standard AWS KMS pricing applies. To learn more, visit the EventBridge documentation and AWS KMS documentation.
AWS Budgets now supports custom time periods
Today AWS announced custom time periods for AWS Budgets, a new capability that lets you create budgets with flexible start and end dates. This enhancement allows you to define budget periods that align with your organization’s specific needs, moving beyond traditional calendar-based periods like monthly, quarterly, or annual budgets.\n Custom time periods help you accurately monitor costs for projects with specific duration and funding limits. For example, if you have a three-month development project starting mid-month, you can create a single budget for that exact time frame and receive alerts when spending approaches your thresholds. This eliminates the need to calculate and split your project budget across multiple calendar months or maintain separate spreadsheets to track time-bound initiatives. Custom time periods in AWS Budgets is available today in all AWS commercial Regions, except the AWS GovCloud (US) Regions and the China Regions. To learn more about custom time periods in AWS Budgets, see Managing your costs with AWS Budgets in the AWS Billing User Guide.
Amazon RDS for MySQL announces Extended Support minor 5.7.44-RDS.20250818
Amazon Relational Database Service (RDS) for MySQL now supports new Amazon RDS Extended Support minor version 5.7.44-RDS.20250818. We recommend that you upgrade to this version to fix known security vulnerabilities and bugs in prior versions of MySQL. Learn more about upgrading your database instances, including minor and major version upgrades, in the Amazon RDS User Guide.\n Amazon RDS Extended Support provides you more time, up to three years, to upgrade to a new major version to help you meet your business requirements. During Extended Support, Amazon RDS will provide critical security and bug fixes for your MySQL databases on Aurora and RDS after the community ends support for a major version. You can run your MySQL databases on Amazon RDS with Extended Support for up to three years beyond a major version’s end of standard support date. Learn more about Extended Support in the Amazon RDS User Guide and the Pricing FAQs. Amazon RDS for MySQL makes it simple to set up, operate, and scale MySQL deployments in the cloud. See Amazon RDS for MySQL Pricing for pricing details and regional availability. Create or update a fully managed Amazon RDS database in the Amazon RDS Management Console.
AWS Parallel Computing Service (PCS) now supports Amazon EC2 Capacity Blocks for ML
AWS Parallel Computing Service (PCS) now supports Amazon EC2 Capacity Blocks for ML. You can now use Amazon EC2 instances reserved using EC2 Capacity Blocks natively in PCS clusters.\n Native support for EC2 Capacity Blocks in PCS simplifies capacity planning for cutting-edge GPU-based workloads in Slurm clusters, helping to ensure that GPU capacity is available when and where it’s needed. EC2 Capacity Blocks can be associated with PCS compute node groups via an EC2 Launch Template. PCS is a managed service that makes it easier for you to run and scale your high performance computing (HPC) workloads and build scientific and engineering models on AWS using Slurm. You can use PCS to build complete, elastic environments that integrate compute, storage, networking, and visualization tools. PCS simplifies cluster operations with managed updates and built-in observability features, helping to remove the burden of maintenance. You can work in a familiar environment, focusing on your research and innovation instead of worrying about infrastructure. PCS now supports EC2 Capacity Blocks in all AWS Regions where both services are available. Read more about PCS support for EC2 Capacity Blocks in the PCS User Guide.
AWS End User Messaging now supports CloudFormation for SMS
Today, AWS End User Messaging SMS announces support for AWS CloudFormation, enabling customers to deploy and manage SMS resources using AWS CloudFormation templates. Using AWS CloudFormation, customers can standardize how they setup and manage their SMS resources along side their other AWS resources in the development environment simplifying deployments and delivery pipelines. SMS resources supported via CloudFormation include phone numbers, sender IDs, configuration sets, protection configurations, opt-out lists, resource policies, and phone pools.\n AWS End User Messaging provides developers with a scalable and cost-effective messaging infrastructure without compromising the safety, security, or results of their communications. Developers can integrate messaging to support uses cases such as one-time passcodes (OTP) at sign-ups, account updates, appointment reminders, delivery notifications, promotions and more. Support for CloudFormation for SMS resources is available in all AWS Regions where End User Messaging is available, see the AWS Region table. To learn more, see AWS End User Messaging.
AWS Network Firewall enhances console, monitoring, and security features
AWS Network Firewall now offers enhancements to its console, monitoring dashboard, and security controls. These improvements include expanded monitoring insights and advanced TLS Inspection features. These updates provide customers with enhanced visibility into their firewall’s performance and stronger security measures for outbound connections.\n The monitoring dashboard now provides deeper insights into traffic going to AWS services such as Amazon S3, Amazon DynamoDB, and AWS Backup, which can be sent over PrivateLink endpoints. The dashboard also gives visibility into top source and destination IP addresses based on packets and bytes processed. Customers can filter the dashboard based on IP addresses and protocol, enabling more targeted analysis of network traffic patterns. To further strengthen security, AWS Network Firewall has introduced session holding for TLS Inspection. This feature prevents any TCP and TLS establishment packets from reaching destination servers until TLS protocol rules matching on Server Name Indication (SNI) have been evaluated. This enhancement provides stronger security controls for outbound traffic and helps protect against connections to potentially malicious targets. These new features are available in all AWS Regions where AWS Network Firewall is offered. To learn more about these new features and other AWS Network Firewall capabilities, visit the AWS Network Firewall product page and the service documentation.
AWS Blogs
AWS Japan Blog (Japanese)
- Achieve SAP-enabled agent-based AI assistants with AWS generative AI services
- Amazon blocks Russia’s APT29 drinking fountain attack campaign
AWS Big Data Blog
- Tailor Amazon SageMaker Unified Studio project environments to your needs using custom blueprints
- Unlock the power of Apache Iceberg v3 deletion vectors on Amazon EMR
AWS Compute Blog
Containers
AWS Database Blog
- Create an SSL connection to Amazon RDS for Db2 in Java without KeyStore or Keytool
- Build graph applications faster with Amazon Neptune public endpoints
AWS for Industries
- Reducing Mean Time to Repair (MTTR) with Amazon Q Business
- Multi-agent collaboration using Amazon Bedrock for Telecom Network Operations
The Internet of Things on AWS – Official Blog
Artificial Intelligence
- Supercharge your organization’s productivity with the Amazon Q Business browser extension
- Build Agentic Workflows with OpenAI GPT OSS on Amazon SageMaker AI and Amazon Bedrock AgentCore
AWS Security Blog
- Enhance TLS inspection with SNI session holding in AWS Network Firewall
- How we built a flywheel to steadily improve security for Amazon RDS
- 2025 ISO and CSA STAR certificates now available with two additional services
- Automate OIDC client secret rotation with Application Load Balancer