2025-11-06

11/6/2025, 12:00:00 AM ~ 11/7/2025, 12:00:00 AM (UTC)

Recent Announcements

Amazon SageMaker launches custom tags for project resources

Today, Amazon SageMaker Unified Studio announced new capabilities allowing SageMaker projects to add custom tags to resources created through the project. This helps customers enforce tagging standards that conform to Service Control Policies (SCP) and helps enable cost tracking reporting practices on resources created across the organization.\n As an Amazon SageMaker Unified Studio administrator, you can configure a project profile with tag configurations that will be pushed down to all projects using the project profile. Project profiles can be setup to pass Key and Value tag pairings or pass the Key of the tag with a default Value that can be modified during project creation. All tag values passed to the project will result in the resources created by that project being tagged. This provides administrators a governance mechanism that enforces project resources have the expected tags. This first release of custom tags for project resources is supported only through application programming interface (API). Custom tags for project resources capability is available in all AWS Regions where Amazon SageMaker Unified Studio is supported, including: Asia Pacific (Tokyo), Europe (Ireland), US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), South America (São Paulo), Asia Pacific (Seoul), Europe (London), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), Asia Pacific (Mumbai), Europe (Paris), Europe (Stockholm) To learn more, visit Amazon SageMaker then get started with the custom tag API documentation.

AWS B2B Data Interchange is now available in AWS Europe (Ireland) Region

Customers in AWS Europe (Ireland) Region can now use AWS B2B Data Interchange to build highly customizable, scalable and cost-efficient EDI workloads.\n AWS B2B Data Interchange automates validation, transformation, and generation of EDI files such as ANSI X12 documents to and from JSON and XML data formats. With this launch, you can use AWS B2B Data Interchange to process your EDI documents in AWS Europe (Ireland) Region, which enables you to meet your compliance and data sovereignty obligations while modernizing your B2B integration workloads. As part of this launch, the AWS B2B Data Interchange generative AI mapping capability will also become available in AWS Europe (Ireland) Region, simplifying mapping code development and ultimately expediting trading partners onboarding. To learn more about AWS B2B Data Interchange visit our product page, user-guide or take our self-paced workshop. See the AWS Region Table for complete regional availability.

Amazon DynamoDB Streams expands AWS PrivateLink support to FIPS endpoints

Amazon DynamoDB Streams now supports AWS PrivateLink for all available Amazon DynamoDB Streams Federal Information Processing Standard (FIPS) endpoints in US and Canada commercial AWS Regions.\n With this launch, you can establish a private connection between your virtual private cloud (VPC) and Amazon DynamoDB Streams FIPS endpoints instead of connecting over the public internet, helping you meet your organization’s business, compliance, and regulatory requirements to limit public internet connectivity. Amazon DynamoDB Streams support for AWS PrivateLink FIPs endpoints is available with Amazon DynamoDB Streams in the US and Canada commercial AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), and Canada West (Calgary). To learn more about Amazon DynamoDB Streams support for AWS PrivateLink FIPs endpoints, visit the Amazon DynamoDB Stream documentation. For more information about AWS PrivateLink and its benefits, visit the AWS PrivateLink product page.

Amazon Keyspaces (for Apache Cassandra) is now available in the Middle East (UAE) Region

Amazon Keyspaces (for Apache Cassandra) is now available in the Middle East (UAE) Region, allowing customers in the Middle East to build Cassandra-compatible applications with lower latency while keeping their data within the Region to meet data residency requirements.\n Amazon Keyspaces (for Apache Cassandra) is a scalable, highly available, and managed Apache Cassandra–compatible database service. Amazon Keyspaces is serverless, so you pay for only the resources that you use and you can build applications that serve thousands of requests per second with virtually unlimited throughput and storage. The Middle East (UAE) Region provides the same Amazon Keyspaces features available in other AWS Regions, including point-in-time recovery, Multi-Region replication, CDC streams, and IPv6 support. This regional expansion enables organizations in the Middle East to build highly scalable, low-latency applications using familiar Cassandra Query Language (CQL) without the operational burden of managing Cassandra clusters. To learn more about on Keyspaces, visit the Amazon Keyspaces documentation.

Amazon ECS announces non-root container support for managed EBS volumes

Amazon Elastic Container Service (ECS) now supports mounting Amazon Elastic Block Store (EBS) volumes to containers running as non-root users. With this launch, ECS automatically configures the EBS volume’s file system permissions to allow non-root users to read and write data securely, while preserving the root-level ownership of the volume. This enhancement simplifies security-first container deployments by removing the need for manual permission management or custom entrypoint scripts.\n This feature enhances container security by allowing tasks to run as non-root users, reducing the risk of privilege escalation and unauthorized access to data. Previously, for a container in a task to write to a mounted Amazon EBS volume, it had to run as the root user. ECS now automatically manages EBS volume permissions, simplifying workflows and ensuring that all containers within a task — regardless of user ID — can securely read and write to the mounted volume.

This feature is now available in all AWS Regions where Amazon ECS and Amazon EBS are supported, for EC2, AWS Fargate, and ECS Managed Instances launch types. To learn more, see Use Amazon EBS volumes with Amazon ECS in the Amazon ECS Developer Guide.

AWS announces a new Regional planning tool in Builder Center

Today, AWS announced a new tool called AWS Capabilities by Region in Builder Center. This tool helps you discover and compare AWS services, features, APIs, CloudFormation resources across AWS Regions. You can explore service availability through an interactive interface, compare multiple Regions side-by-side, and view forward-looking roadmap information. This detailed visibility helps you make informed decisions about global deployments and prevent project delays due to service unavailability.\n In addition to this tool, AWS also enhanced the AWS Knowledge Model Context Protocol (MCP) Server to include information about Regional capabilities in an LLM-compatible format. MCP clients and agentic frameworks can connect to the AWS Knowledge MCP Server to get real-time insights into regional service availability and suggestions for alternative solutions when specific services or features are unavailable. You can begin exploring AWS Capabilities by Region in AWS Builder Center today. The Knowledge MCP server is also publicly accessible at no cost and does not require an AWS account. Usage is subject to rate limits. Follow the getting started guide for setup instructions.

AWS IoT Greengrass v2.16 introduces system log forwarder and TPM2.0 capabilities

AWS announces the release of AWS IoT Greengrass v2.16, introducing new core components for nucleus and nucleus lite. AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software at the edge. The latest version 2.16 release includes enhanced debugging capabilities through the system log forwarder component. This component uploads system log files to AWS Cloud Watch, making it easier for developers to troubleshoot IoT edge applications.\n The AWS IoT Greengrass v2.16 release also features a new nucleus lite version (v2.3) with TPM2.0 specification support, enabling developers to manage edge device security for their resource constrained devices using hardware-based root of trust modules. The implementation helps developers to scale their IoT deployments with confidence while providing secure storage for secrets and streamlined device authentication. AWS IoT Greengrass v2.16 is available in all AWS Regions where AWS IoT Greengrass is offered. To learn more about AWS IoT Greengrass v2.16 and its new features, visit the AWS IoT Greengrass documentation. Follow the Getting Started guide for a quick introduction to AWS IoT Greengrass.

Deadline Cloud expands support with latest 6th, 7th, and 8th generation instances

AWS announces expanded instance family support in Deadline Cloud, adding new 6th, 7th, and 8th generation EC2 instances to enhance visual effects and animation rendering workloads. This release includes support for C7i, C7a, M7i, M7a, R7a, R7i, M8a, M8i, and R8i instance families, along with additional 6th generation instance types that were previously unavailable. Deadline Cloud is a fully managed service that helps customers run visual compute workloads in the cloud without having to manage infrastructure. \n With this enhancement, studios can utilize a broader range of AWS compute technology to optimize their rendering workflows. The compute-optimized (C-series), general-purpose (M-series), and memory-optimized (R-series) instances provide tailored options for different rendering workloads - from compute-intensive simulations to memory-heavy scene processing. The inclusion of latest-generation instances like M8a and R8i enables customers to access improved performance and efficiency for their most demanding rendering tasks. These instance families are available in all 10 AWS Regions where Deadline Cloud is offered. The specific instance types available in each Region depend on the regional availability of the EC2 instance types themselves. To learn more about the new instance types supported in Deadline Cloud and their regional availability, see the AWS Deadline Cloud pricing page.

Amazon Elastic VMware Service (Amazon EVS) is now available in additional Regions

Today, we’re announcing that Amazon Elastic VMware Service (Amazon EVS) is now available in all availability zones in the Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central) and Europe (Paris) Regions. This expansion provides more options to leverage the scale and flexibility of AWS for running your VMware workloads in the cloud.\n Amazon EVS lets you run VMware Cloud Foundation (VCF) directly within your Amazon Virtual Private Cloud (VPC) on EC2 bare-metal instances, powered by AWS Nitro. Using either our step-by-step configuration workflow or the AWS Command Line Interface (CLI) with automated deployment capabilities, you can set up a complete VCF environment in just a few hours. This rapid deployment enables faster workload migration to AWS, helping you eliminate aging infrastructure, reduce operational risks, and meet critical timelines for exiting your data center. The added availability in the Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central) and Europe (Paris) Regions gives your VMware workloads lower latency through closer proximity to your end users, compliance with data residency or sovereignty requirements, and additional high availability and resiliency options for your enhanced redundancy strategy. To get started, visit the Amazon EVS product detail page and user guide.

AWS Backup now supports AWS KMS customer managed keys with logically air-gapped vaults

AWS Backup now supports encrypting backups in logically air-gapped vaults with AWS Key Management Service (KMS) customer managed keys (CMKs). This enhancement provides additional encryption options beyond the existing AWS-owned keys, helping organizations meet their regulatory and compliance requirements.\n You can now create logically air-gapped vaults using your own customer managed keys (CMKs) in AWS KMS, giving you more control over your backup protection strategy. Whether you want to use keys from the same account or across accounts, you maintain centralized key management while preserving the security benefits of logically air-gapped vaults. This integration works seamlessly with your existing logically air-gapped vaults and other AWS Backup features, ensuring no disruption to your backup workflows. AWS KMS customer managed key support with logically air-gapped vaults is available in all AWS Regions where logically air-gapped vaults are currently supported. You can get started with logically air-gapped vault support for CMKs using the AWS Backup console, API, or CLI. When creating a new logically air-gapped vault, you can now choose between an AWS-owned key or your own CMK for encryption. For more information about implementing this feature, visit the AWS Backup product page, documentation, and blog.

Amazon CloudWatch Application Signals now available in AWS GovCloud (US) Regions

Amazon CloudWatch Application Signals expands its availability to AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions, enabling government customers and regulated industries to automatically monitor and improve application performance in these regions. CloudWatch Application Signals provides comprehensive application monitoring capabilities by automatically collecting telemetry data from applications running on Amazon EC2, Amazon ECS, Amazon EKS and AWS Lambda, helping customers meet their compliance and monitoring requirements while maintaining workload visibility.\n With CloudWatch Application Signals, customers in AWS GovCloud (US) regions can now monitor application health in real time, track performance against business goals, visualize service relationships and dependencies, and quickly identify and resolve performance issues. This automated observability solution eliminates the need for manual instrumentation while providing detailed insights into application behavior and performance patterns. The service automatically detects anomalies and helps correlate issues across different AWS services, enabling faster problem resolution and improved application reliability. CloudWatch Application Signals will be available in AWS GovCloud (US-East) and AWS GovCloud (US-West). For pricing information, visit the Amazon CloudWatch pricing page. To get started, visit the Amazon CloudWatch Application Signals documentation.

AWS End User Messaging SMS launches Carrier Lookup

Starting today, AWS End User Messaging customers can now lookup carrier information related to a phone number including the country, number type, dialing code, and mobile network and carrier codes. With Carrier Lookup, you can increase deliverability by checking important information about a phone number before you start sending messages, avoiding sending messages to the wrong destination, or to incorrect phone numbers. \n AWS End User Messaging provides developers with a scalable and cost-effective messaging infrastructure without compromising the safety, security, or results of their communications. Developers can integrate messaging to support uses cases such as one-time passcodes (OTP) at sign-ups, account updates, appointment reminders, delivery notifications, promotions and more. Support for Carrier Lookup is available in all AWS Regions where End User Messaging is available, see the AWS Region table. To learn more, see AWS End User Messaging.

Amazon S3 now supports tags on S3 Tables

Amazon S3 now supports tags on S3 Tables for attribute-based access control (ABAC) and cost allocation. You can use tags for ABAC to automatically manage permissions for users and roles accessing table buckets and tables. This helps eliminate frequent AWS Identity and Access Management (IAM) or S3 Tables resource-based policy updates, simplifying how you govern access at scale. Additionally, you can add tags to individual tables to track and organize AWS costs using AWS Billing and Cost Management.\n Amazon S3 supports tags on S3 Tables in all AWS Regions where S3 Tables is available. You can get started with tagging using the AWS Management Console, SDK, API, or CLI. To learn more about using tags on S3 Tables, visit the S3 User Guide.

Amazon CloudFront announces cross-account support for VPC origins

Amazon CloudFront announces cross-account support for Virtual Private Cloud (VPC) origins, enabling customers to access VPC origins that reside in different AWS accounts from their CloudFront distributions. With VPC origins, customers can have their Application Load Balancers (ALB), Network Load Balancers (NLB), and EC2 Instances in a private subnet that is accessible only through their CloudFront distributions. With the support for cross-account VPC origins in CloudFront, customers can now leverage the security benefits of VPC origins while maintaining their existing multi-account architecture.\n Customers set up multiple AWS accounts for better security isolation, cost management, and compliance. Previously, customers could access origins in private VPCs from CloudFront only if CloudFront and the origin were in the same AWS account. This meant customers who had their origins in multiple AWS accounts, had to keep their accounts in public subnets to get the scale and performance benefits of CloudFront. Customers then had to maintain additional security controls, such as access control lists (ACL), at both the edge and within regions, rather than benefiting from the inherent security of VPC origins. Now, customers can use AWS Resource Access Manager (RAM) to allow CloudFront access to origins in private VPCs in different AWS accounts, both within and outside their AWS Organizations and organizational units (OUs). This streamlines security management and reduces operational complexity, making it easy to use CloudFront as the single front door for applications. VPC origins is available in AWS Commercial Regions only, and the full list of supported AWS Regions is available here. There is no additional cost for using cross-account VPC origins with CloudFront. To learn more about implementing cross-account VPC origins and best practices for multi-account architectures, visit CloudFront VPC origins.

AWS Blogs

AWS Japan Blog (Japanese)

• Amazon Connect Update Summary — October 2025
• How D2L transformed education analytics using Amazon Quick Sight visual data preparation
• Build data prep flows without SQL using Amazon Quick Sight
• AWS for VMware: The Complete Guide to Re:Invent 2025

AWS News Blog

• Introducing AWS Capabilities by Region for easier Regional planning and faster global deployments

AWS Open Source Blog

• The Swift AWS Lambda Runtime moves to AWSLabs

AWS Database Blog

• Migrating Amazon DocumentDB Cluster across Regions: A step by step guide

Desktop and Application Streaming

• Amazon WorkSpaces applications simple pricing tool

Integration & Automation

• Accelerate Region expansion with the AWS Knowledge MCP server

Artificial Intelligence

• Transform your MCP architecture: Unite MCP servers through AgentCore Gateway

AWS for M&E Blog

• Optimizing TV and radio media buying using SmartSpot360 on AWS

AWS Messaging Blog

• Cómo Enviar SMS Internacionales con Números Gratuitos de EE.UU. Usando AWS End User Messaging

Networking & Content Delivery

• Introducing cross-account support for Amazon CloudFront Virtual Private Cloud (VPC) origins

AWS Security Blog

• Introducing the Overview of the AWS European Sovereign Cloud whitepaper

AWS Storage Blog

• Encrypt AWS Backup logically air-gapped vaults with customer-managed keys

Open Source Project

AWS CLI

• 2.31.31
• 1.42.68

OpenSearch

• 2.19.4

Amplify for JavaScript

• tsc-compliance-test@0.1.94
• 2025-11-06 Amplify JS release - aws-amplify@6.15.8
• @aws-amplify/storage@6.10.1
• @aws-amplify/rtn-passkeys-example@0.1.1
• @aws-amplify/react-native@1.3.0
• @aws-amplify/pubsub@6.1.64
• @aws-amplify/predictions@6.1.64
• @aws-amplify/notifications@2.0.89
• @aws-amplify/interactions@6.1.30
• @aws-amplify/geo@3.0.89

Bottlerocket OS

• v1.50.0

Amazon EKS Anywhere

• v0.24.0
• v0.23.5