11/4/2025, 12:00:00 AM ~ 11/5/2025, 12:00:00 AM (UTC)
Recent Announcements
Amazon OpenSearch Serverless now supports FIPS compliant endpoints
Amazon OpenSearch Serverless has added support for Federal Information Processing Standards (FIPS) compliant endpoints for Data Plane APIs in US East (N. Virginia), US East (Ohio), Canada (Central), AWS GovCloud (US-East), and AWS GovCloud (US-West). The service now meets the security requirements for cryptographic modules as outlined in Federal Information Processing Standard (FIPS) 140-3.\n Please refer to the AWS Regional Services List for more information about Amazon OpenSearch Service availability. To learn more about OpenSearch Serverless FIPS, see the documentation.
Starting today, you can add warm pools to Auto Scaling groups (ASGs) that have mixed instances policies. With warm pools, customers can improve the elasticity of their applications by creating a pool of pre-initialized EC2 instances that are ready to quickly serve application traffic. By combining warm pools with instance type flexibility, an ASG can rapidly scale out to its maximum size at any time, deploying applications across multiple instance types to enhance availability.\n Warm pools are particularly beneficial for applications with lengthy initialization processes, such as writing large amounts of data to disk, running complex custom scripts, or other time-consuming setup procedures that can take several minutes or longer to serve traffic. With this new release, the warm pool feature now works seamlessly with ASGs configured for multiple On-Demand instance types, whether specified through manual instance type lists or attribute-based instance type selection. The combination of instance type flexibility and warm pools provides a powerful solution that helps customers scale out efficiently while maximizing availability. The warm pool feature is available through the AWS Management Console, the AWS SDKs, and the AWS Command Line Interface (CLI). It is available in all public AWS Regions and AWS GovCloud (US) Regions. To learn more about warm pools, visit this AWS documentation.
AWS Cloud WAN is now available in three more AWS Regions
Starting today, AWS Cloud WAN is available in the AWS Asia Pacific (Thailand), AWS Asia Pacific (Taipei) and AWS Asia Pacific (New Zealand) Regions.\n With AWS Cloud WAN, you can use a central dashboard and network policies to create a global network that spans multiple locations and networks, removing the need to configure and manage different networks using different technologies. You can use network policies to specify the Amazon Virtual Private Clouds, AWS Transit Gateways, and on-premises locations you want to connect to using an AWS Site-to-Site VPN, AWS Direct Connect, or third-party software-defined WAN (SD-WAN) products. The AWS Cloud WAN central dashboard generates a comprehensive view of the network to help you monitor network health, security, and performance. In addition, AWS Cloud WAN automatically creates a global network across AWS Regions by using Border Gateway Protocol (BGP) so that you can easily exchange routes worldwide. To learn more, please visit the AWS Cloud WAN product detail page.
AWS Service Reference Information now supports SDK Operation to Action mapping
AWS is expanding service reference information to include which operations are supported by AWS services and which IAM permissions are needed to call a given operation. This will help you answer questions such as “I want to call a specific AWS service operation, which IAM permissions do I need?”\n You can automate the retrieval of service reference information, eliminating manual effort and ensuring your policies align with the latest service updates. You can also incorporate this service reference information directly into your policy management tools and processes for a seamless integration. This feature is offered at no additional cost. To get started, refer to the documentation on programmatic service reference information.
AWS Config launches 42 new managed rules
AWS Config announces launch of an additional 42 managed Config rules for various use cases such as security, cost, durability, and operations. You can now search, discover, enable and manage these additional rules directly from AWS Config and govern more use cases for your AWS environment.\n With this launch, you can now enable these controls across your account or across your organization. For example, you can evaluate your tagging strategies across Amazon EKS Fargate profiles, Amazon EC2 Network Insight Analyses, AWS Glue Machine learning transforms. Or you can assess your security posture across Amazon Cognito Identity pools, Amazon Lightsail buckets, AWS Amplify apps and more. Additionally, you can leverage Conformance Packs to group these new controls and deploy across an account or across organization, streamlining your multi-account governance.
For the full list of recently released rules, visit the AWS Config developer guide. For description of each rule and the AWS Regions in which it is available, please refer our Config managed rules documentation. To start using Config rules, please refer our documentation. New Rules Launched:
AMPLIFY_APP_NO_ENVIRONMENT_VARIABLES
AMPLIFY_BRANCH_DESCRIPTION
APIGATEWAY_STAGE_DESCRIPTION
APIGATEWAYV2_STAGE_DESCRIPTION
API_GWV2_STAGE_DEFAULT_ROUTE_DETAILED_METRICS_ENABLED
APIGATEWAY_STAGE_ACCESS_LOGS_ENABLED
APPCONFIG_DEPLOYMENT_STRATEGY_MINIMUM_FINAL_BAKE_TIME
APPCONFIG_DEPLOYMENT_STRATEGY_TAGGED
APPFLOW_FLOW_TRIGGER_TYPE_CHECK
APPMESH_VIRTUAL_NODE_CLOUD_MAP_IP_PREF_CHECK
APPMESH_VIRTUAL_NODE_DNS_IP_PREF_CHECK
APPRUNNER_SERVICE_IP_ADDRESS_TYPE_CHECK
APPRUNNER_SERVICE_MAX_UNHEALTHY_THRESHOLD
APS_RULE_GROUPS_NAMESPACE_TAGGED
AUDITMANAGER_ASSESSMENT_TAGGED
BATCH_MANAGED_COMPUTE_ENV_ALLOCATION_STRATEGY_CHECK
BATCH_MANAGED_SPOT_COMPUTE_ENVIRONMENT_MAX_BID
COGNITO_IDENTITY_POOL_UNAUTHENTICATED_LOGINS
COGNITO_USER_POOL_PASSWORD_POLICY_CHECK
CUSTOMERPROFILES_DOMAIN_TAGGED
DEVICEFARM_PROJECT_TAGGED
DEVICEFARM_TEST_GRID_PROJECT_TAGGED
DMS_REPLICATION_INSTANCE_MULTI_AZ_ENABLED
EC2_LAUNCH_TEMPLATES_EBS_VOLUME_ENCRYPTED
EC2_NETWORK_INSIGHTS_ANALYSIS_TAGGED
EKS_FARGATE_PROFILE_TAGGED
GLUE_ML_TRANSFORM_TAGGED
IOT_SCHEDULED_AUDIT_TAGGED
IOT_PROVISIONING_TEMPLATE_DESCRIPTION
IOT_PROVISIONING_TEMPLATE_JITP
IOT_PROVISIONING_TEMPLATE_TAGGED
KINESIS_VIDEO_STREAM_MINIMUM_DATA_RETENTION
LAMBDA_FUNCTION_DESCRIPTION
LIGHTSAIL_BUCKET_ALLOW_PUBLIC_OVERRIDES_DISABLED
RDS_MYSQL_CLUSTER_COPY_TAGS_TO_SNAPSHOT_CHECK
RDS_PGSQL_CLUSTER_COPY_TAGS_TO_SNAPSHOT_CHECK
ROUTE53_RESOLVER_FIREWALL_DOMAIN_LIST_TAGGED
ROUTE53_RESOLVER_FIREWALL_RULE_GROUP_ASSOCIATION_TAGGED
ROUTE53_RESOLVER_FIREWALL_RULE_GROUP_TAGGED
ROUTE53_RESOLVER_RESOLVER_RULE_TAGGED
RUM_APP_MONITOR_TAGGED
RUM_APP_MONITOR_CLOUDWATCH_LOGS_ENABLED
Amazon Kinesis Data Streams launches On-demand Advantage mode
Amazon Kinesis Data Streams launches On-demand Advantage, so customers can warm on-demand streams to handle instant throughput increases up to 10GB or 10 million events per second, eliminating the need to over-provision or build custom scaling solutions. Amazon Kinesis Data Streams is a serverless streaming data service that makes it easy to capture, process, and store data streams at any scale. On-demand streams automatically scale capacity based on data usage, and now you can warm write capacity ad hoc. On-demand Advantage also provides a simpler pricing structure that removes the fixed, per-stream charge, so customers only pay for data usage at better rates.\n On-demand Advantage offers data usage with 60% lower pricing compared to On-demand Standard, with data ingest at $0.032/GB and data retrieval at $0.016/GB in the US East (N. Virginia) region. The price of Enhanced fan-out data retrieval is the same as shared-throughput retrievals, making higher fan-out use cases more cost effective. The mode also decreases the price of extended retention by 77% from $0.10/GB-month to $0.023/GB-month. Once you enable On-demand Advantage mode, the account will be billed for a minimum of 25MB/s of data ingest and 25MB/s of data retrieval at the lower rates across all on-demand streams. The new pricing means On-demand Advantage is the most cost effective way to stream with Kinesis Data Streams when you ingest at least 10MB/s in aggregate, fan out to more than two consumer applications, or have hundreds of streams in a region. You can check directly in the Kinesis console and the pricing page if On-demand Advantage is a good fit for your account. On-demand Advantage is available in all AWS regions where Kinesis Data Streams is available, including AWS GovCloud (US) and China regions. To learn more, see the launch blog and the Kinesis Data Streams User Guide.
AWS Config conformance packs now available in additional AWS Regions
AWS Config conformance packs and organization-level management capabilities for conformance packs are now available in additional AWS Regions. Conformance packs allow you to bundle AWS Config rules into a single package, simplifying deployment at scale. You can deploy and manage these conformance packs throughout your AWS environment.\n Conformance packs provide a general-purpose compliance framework designed to enable you to create security, operational, or cost-optimization governance checks using managed or custom AWS Config rules. This allows you to monitor compliance scores based on your own groupings. With this launch, you can also manage the AWS Config conformance packs and individual AWS Config rules at the organization level which simplifies the compliance management across your AWS Organization. With this expansion, AWS Config Conformance Packs are now also available in the following AWS Regions: Asia Pacific (Malaysia), Asia Pacific (New Zealand), Asia Pacific (Thailand), Asia Pacific (Taipei) and Mexico (Central). To get started, you can either use the provided sample conformance pack templates or craft a custom YAML file from scratch based on a custom conformance pack. Conformance pack deployment can be done through the AWS Config console, AWS CLI, or via AWS CloudFormation. You will be charged per conformance pack evaluation in your AWS account per AWS Region. Visit the AWS Config pricing page for more details. To learn more about AWS Config conformance packs, see our documentation.
Amazon Bedrock AgentCore Runtime now supports direct code deployment
Amazon Bedrock AgentCore Runtime now supports two deployment methods for AI agents: container-based deployment and direct code upload. Developers can now choose between direct code-zip file upload for rapid prototyping and iteration, or leverage advanced container-based options for complex use cases requiring custom configurations.\n AgentCore Runtime provides a serverless, framework and model agnostic runtime for running agents and tools at scale. This deployment option streamlines the prototyping workflow while maintaining enterprise security and scaling capabilities for production deployments. Developers can now deploy agents using direct code-zip upload with easy drag-and-drop functionality. This enables faster iteration cycles, empowering developers to prototype quickly and focus on building innovative agent capabilities. This feature is available in all nine AWS Regions where Amazon Bedrock AgentCore Runtime is available: US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Ireland). To learn more about AgentCore Runtime deployment options, see the AgentCore documentation and get started with the AgentCore Starter Toolkit. AgentCore offers consumption-based pricing with no upfront costs.
Amazon Relational Database Service (RDS) for Oracle is now available with R7i memory-optimized preconfigured instances that offer additional memory and storage I/O per vCPU. Powered by custom 4th Gen Intel Xeon Scalable processors with AWS Nitro System and DDR5 memory for high performance, these instances provide up to 64:1 memory-to-vCPU ratio. Many Oracle database workloads require high memory, but can safely reduce the number of vCPUs without impacting application performance. By running such Oracle database workloads on R7i pre-configured instances, customers can lower their Oracle database licensing and support costs while meeting high performance application requirements.\n Memory optimized R7i pre-configured instances are available for Amazon RDS for Oracle with Bring Your Own License (BYOL) license model supporting both Oracle Database Enterprise Edition and Oracle Database Standard Edition 2. To learn more about Amazon RDS for Oracle R7i memory-optimized preconfigured instances, read RDS for Oracle User Guide and visit Amazon RDS for Oracle Pricing for available instance configurations, pricing details, and region availability.
AWS Blogs
AWS Japan Blog (Japanese)
- Build more accurate AI applications using Amazon Nova Web Grounding
- AWS Weekly Roundup: Project Rainier Online, Amazon Nova, Amazon Bedrock, etc. (11/3/2025)
- Amazon Nova Multimodal Embeddings: the most advanced embedding model for agmatic RAG and semantic search
- AWS Weekly — 2025/10/27
- Weekly Generative AI with AWS — Week 2025/10/27
- New Amazon CloudWatch Application Signals enhancements for application monitoring
- Notice of end of support for AWS X-Ray SDK/Daemon and migration to OpenTelemetry
- Utilizing Amazon Q Developer in NTT DOCOMO’s web service platform “POPLAR” development
AWS Big Data Blog
AWS Compute Blog
- Orchestrating big data processing with AWS Step Functions Distributed Map
- Optimizing nested JSON array processing using AWS Step Functions Distributed Map