11/12/2025, 12:00:00 AM ~ 11/13/2025, 12:00:00 AM (UTC)

Recent Announcements

Application loadbalancer support client credential flow with JWT verification

Amazon Web Services (AWS) announces JWT Verification for Application Load Balancer (ALB), enabling secure machine-to-machine (M2M) and service-to-service (S2S) communications. This feature allows ALB to verify JSON Web Tokens (JWTs) included in request headers, validating token signatures, expiration times, and claims without requiring modifications to application code.\n By offloading OAuth 2.0 token validation to ALB, customers can significantly reduce architectural complexity and streamline their security implementation. This capability is particularly valuable for microservices architectures, API security, and enterprise service integration scenarios where secure service-to-service communication is critical. The feature supports tokens issued through various OAuth 2.0 flows, including Client Credentials Flow, enabling centralized token validation with minimal operational overhead. The JWT Verification feature is now available in all AWS Regions where Application Load Balancer is supported.

To learn more, visit the ALB Documentation.

Amazon ElastiCache supports M7g and R7g Graviton3-based nodes in AWS GovCloud (US) Regions

Amazon ElastiCache now supports Graviton3-based M7g and R7g node families in the AWS GovCloud (US) Regions (US-East, US-West). ElastiCache Graviton3 nodes deliver improved price-performance compared to Graviton2. As an example, when running ElastiCache for Redis OSS on an R7g.4xlarge node, you can achieve up to 28% increased throughput (read and write operations per second) and up to 21% improved P99 latency, compared to running on R6g.4xlarge. In addition, these nodes deliver up to 25% higher networking bandwidth.\n For complete information on pricing and regional availability, please refer to the Amazon ElastiCache pricing page. To get started, create a new cluster or upgrade to Graviton3 using the AWS Management Console. For more information on supported node types, please refer to the documentation.

AWS Fault Injection Service (FIS) launches new test scenarios for partial failures

AWS Fault Injection Service (FIS) now offers two new scenarios that help you proactively test how your applications handle partial disruptions within and across Availability Zones (AZs). These disruptions, often called gray failures, are more common than complete outages and can be particularly challenging to detect and mitigate.\n The FIS scenario library provides AWS-created, pre-defined experiment templates that minimize the heavy lifting of designing tests. The new scenarios expand the testing capabilities for partial disruptions. “AZ: Application Slowdown” lets you test for increased latency and degraded performance for resources, dependencies, and connections within a single AZ. This helps validate observability setups, tune alarm thresholds, and practice critical operational decisions like AZ evacuation. The scenario works with both single and multi-AZ applications. “Cross-AZ: Traffic Slowdown” enables testing of how multi-AZ applications handle traffic disruptions between AZs. With both scenarios, you can target specific portions of your application traffic for more realistic testing of partial disruptions. These scenarios are particularly valuable for testing application sensitivity to these more subtle disruptions that often manifest as traffic and application slowdowns. For instance, you can test how your application responds to degraded network paths causing packet loss for some traffic flows, or misconfigured connection pools that slow down specific requests. To get started, access these new scenarios through the FIS scenario library in the AWS Management Console. These new scenarios are available in all AWS Regions where AWS FIS is available, including AWS GovCloud (US) Regions. To learn more, visit the FIS scenario library user guide. For pricing information, visit the FIS pricing page.

Amazon Connect Cases adds conditional field visibility and dependent options

Amazon Connect Cases now supports conditional field visibility and dependent field options, so you can simplify case layouts and ensure agents capture the right information faster. For example, you can show a Return Reason field only when the case involves a return, and limit Issue Type choices to hardware-related options when Issue Category is set to Hardware.\n Amazon Connect Cases is available in the following AWS regions: US East (N. Virginia), US West (Oregon), Canada (Central), Europe (Frankfurt), Europe (London), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), and Africa (Cape Town) AWS regions. To learn more and get started, visit the Amazon Connect Cases webpage and documentation.

Amazon CloudWatch Logs now supports Network Load Balancer access logs

Amazon CloudWatch Logs now supports Network Load Balancer (NLB) access logs as vended logs, improving observability and simplifying debugging for network traffic patterns. You can now analyze NLB access logs directly in CloudWatch to gain insights into client connections, traffic distribution, and connection status, helping you identify and troubleshoot network issues faster.\n With this CloudWatch Logs integration, you can track detailed access patterns using CloudWatch Logs Insights queries, create metric filters for monitoring, and review traffic patterns in real time using Live Tail. NLB access logs can be configured through the integrations tab of your network load balancer in AWS Management Console, AWS CLI, or SDKs. You can also configure delivery of NLB access logs to Amazon Data Firehose or Amazon S3 with support for Apache Parquet format. NLB access logs delivery to CloudWatch is available in all AWS Commercial and GovCloud regions where Network Load Balancer and CloudWatch are available. NLB access logs are charged as vended logs when delivered to CloudWatch Logs and Data Firehose, while delivery to Amazon S3 is free (Parquet conversion is charged at $0.035/GB - N. Virginia). 

To learn more about configuring NLB access logs in CloudWatch Logs, please visit our documentation. For pricing information, see CloudWatch pricing page.

Amazon S3 Tables now support Amazon CloudWatch metrics

Amazon CloudWatch metrics are now available for S3 Tables, helping you monitor table storage, requests, and maintenance operations. You can use CloudWatch metrics to track performance, detect anomalies, and monitor the operational health of applications that use S3 Tables.\n CloudWatch metrics for S3 Tables provide three types of metrics. Storage metrics track daily storage usage and count of objects. Table maintenance metrics track daily bytes and objects processed by compaction operations. Request metrics monitor table operations, data transfer volumes, error rates, and latency measurements at minute-level granularity. These metrics are available through the CloudWatch console, AWS CLI, and CloudWatch API at the table bucket, namespace, and individual table level. CloudWatch metrics for S3 Tables are now available in all AWS Regions where S3 Tables are available. To learn more, visit the S3 Tables product page and documentation.

Amazon DCV now supports Amazon EC2 Mac instances

AWS announces Amazon DCV support for Amazon EC2 Mac instances powered by Apple silicon, bringing high-performance remote desktop capabilities to macOS workloads in the cloud. You can now access your EC2 Mac instances with the same security and performance that Amazon DCV provides across other platforms. This integration is specifically designed for EC2 Mac instances running on Apple silicon processors.\n With Amazon DCV, you can connect to your EC2 Mac instances from Windows, Linux, macOS, or web clients with support for 4K resolution, multiple monitors, and smooth 60 FPS performance. The support includes essential productivity features like time zone redirection and audio output, making remote Mac development seamless. Amazon DCV’s proven security architecture and optimized streaming protocols ensure your macOS applications run efficiently while maintaining data protection standards. Amazon DCV support for EC2 Mac instances is available in all AWS Regions where EC2 Mac instances are offered. To get started, see the Amazon DCV documentation for installing and configuring DCV server on EC2 Mac instances.

Announcing communication preferences for Security Incident Response

AWS Security Incident Response now provides customizable communication preferences so you can focus on the updates that matter most to your role.\n You can choose from various notification types including case changes, membership updates, and organizational announcements. This granular control reduces the previous one-size-fits-all approach where every team member received every update regardless of relevance. You can easily adjust these settings as your role evolves, with smart defaults that work effectively out of the box. This feature is available to all Security Incident Response customers at no additional cost. To configure your communication preferences, visit the Security Incident Response console and select any team member to customize their notification settings.

AWS Site-to-Site VPN announces 5 Gbps bandwidth tunnels

AWS Site-to-Site VPN now supports VPN connections with up to 5 Gbps bandwidth per tunnel, a 4x improvement from existing limit of 1.25 Gbps. This increased bandwidth benefits customers who require high-capacity connections for bandwidth-intensive hybrid applications, big data migrations, and disaster recovery architectures while maintaining traffic encryption between AWS and their remote sites. Customers can also use 5 Gbps VPN connections as a backup or overlay for their high capacity AWS Direct Connect connections.\n AWS Site-to-Site VPN is a fully managed service that allows you to create a secure connection between your data center or branch office and your AWS resources using IP Security (IPSec) tunnels. Until now, Site-to-Site VPN supported a maximum of 1.25Gbps bandwidth per tunnel and customers had to rely on ECMP (Equal cost multi path) to logically bond multiple tunnels to achieve higher bandwidth. With this launch, customers can now configure their tunnel bandwidth to 5 Gbps, reducing the need to deploy complex protocols such as ECMP while ensuring consistent bandwidth performance. This capability is available in all AWS commercial Regions and AWS GovCloud (US) Regions where AWS Site-to-Site VPN is available, except Asia Pacific (Melbourne), Israel (Tel Aviv), Europe (Zurich), Canada West (Calgary), and Middle East (UAE) Regions. To learn more and get started, visit the AWS Site-to-Site VPN documentation.

Spaces now available in AWS Builder Center

AWS Builder Center now offers Spaces, a community collaboration tool that enables builders to create and join groups around specific AWS topics, use cases, and interests. With Spaces, you can connect with peers, share knowledge, and collaborate with other builders to build applications and discuss solutions to common AWS challenges.\n Spaces provides three distinct space types to match different community needs - Public, Private and Invite-Only spaces. Public spaces allow any signed-in builder to join instantly and view all content. Private spaces require builders to request membership and receive approval from space admins or owners. Invite-only spaces remain hidden from discovery and are accessible only through direct invitation.

Within any space, you can create posts with text and images, engage through comments and reactions, and search for relevant discussions. All spaces benefit from robust content moderation and multi-language support across 16 languages. Space owners and admins can manage membership through invites and approval workflows and self-moderate content published by other users to maintain focused discussions.

Spaces helps you find answers faster, share best practices, and build meaningful connections within the AWS community. To get started with Spaces, visit AWS Builder Center.

New AWS CUR 2.0 features: EC2 ODCR and Capacity Blocks for ML monitoring

AWS announces addition of new columns and granularity in CUR 2.0 that provide customers better visibility into the cost and usage of their capacity reservations, such as EC2 On-Demand Capacity Reservation (ODCR) and EC2 Capacity Blocks for ML. This enables customers to easily calculate the utilization and coverage of their capacity reservations, identify unused capacity reservations for cost optimization, and attribute the cost of capacity reservations to the resource owners.\n With this new feature, customers can easily calculate which portion of EC2 instance cost and usage is covered by which capacity reservation, down to hourly resource-level granularity. Customers can also easily calculate the coverage and utilization of each capacity reservation as CUR 2.0 labels capacity reservation-related line items as Reserved, Used, or Unused. This feature is available in all commercial AWS Regions, except the AWS GovCloud (US) Regions and the China Regions. To learn more about this feature, see AWS Data Exports and AWS Billing and Cost Management in the AWS Cost Management User Guide.

Amazon Managed Service for Prometheus collector integrates with Amazon Managed Streaming for Apache Kafka

Amazon Managed Service for Prometheus collector, a fully-managed agentless collector for Prometheus metrics, now enables you to discover and collect Prometheus metrics from your Amazon Managed Streaming for Apache Kafka cluster while ensuring high availability and scalability.\n So far, customers who were seeking to benefit from open monitoring in an Amazon Managed Streaming for Apache Kafka cluster had to set up dedicated infrastructure and deploy, right-size, and scale agents to discover and scrape the Prometheus metrics in the cluster. With this launch, you can configure a Amazon Managed Service for Prometheus collector to scrape metrics from the JMX exporter and the Node exporter, covering metrics including host-level, JVM-level, as well as broker-related metrics to implement use cases such as message queue health and partition balancing.

Amazon Managed Service for Prometheus collector is available in all commercial regions where Amazon Managed Service for Prometheus is available. To learn more about Amazon Managed Service for Prometheus collector, visit the user guide or product page.

Amazon EC2 F2 instances are now generally available in four additional AWS regions

Starting today, the FPGA-powered Amazon EC2 F2 instances are now available in the Europe (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), and Canada (Central) regions. F2 instances are the second generation of FPGA powered instances and are the first to feature an FPGA with 16 GB of high bandwidth memory (HBM). Compared to F1 instances, the F2 instances have up to 3x vCPUs (192 vCPUS), 2x system memory (2 TB), 2x SSD space (7.6 TiB), and 4x networking bandwidth (100 Gbps). Amazon EC2 F2 instances are ideal for FPGA-accelerated solutions in genomics, multimedia processing, big data, network acceleration, and more.\n With these additional regions, F2 instances are now available in eight regions: US East (N. Virginia), US West (Oregon), Canada (Central), Europe (Frankfurt), Europe (London), Asia Pacific (Sydney), Asia Pacific (Tokyo), and Asia Pacific (Seoul). These instances can be purchased as either Savings Plans or On-Demand instances. To learn more, visit the Amazon EC2 F2 Instances page and F2 FPGA development kit GitHub page.

AWS Blogs

AWS Japan Blog (Japanese)

AWS News Blog

AWS Big Data Blog

AWS Compute Blog

AWS Contact Center

AWS Database Blog

AWS for Industries

AWS for M&E Blog

Networking & Content Delivery

AWS Quantum Technologies Blog

AWS Security Blog

Open Source Project

AWS CLI

Amplify for iOS

Amplify for Android

Amplify for Flutter