2/27/2026, 12:00:00 AM ~ 3/2/2026, 12:00:00 AM (UTC)
Recent Announcements
Amazon Lightsail expands blueprint selection with a new WordPress blueprint
Amazon Lightsail now offers a new WordPress blueprint, making it easier than ever to launch and manage a WordPress website on the cloud. With just a few clicks, you can create a Lightsail virtual private server (VPS) preinstalled with WordPress, and follow a guided setup wizard to get your site fully configured and running in minutes. This new blueprint has Instance Metadata Service Version 2 (IMDSv2) enforced by default.\n With Lightsail, you can easily get started on the cloud by choosing a blueprint and an instance bundle to build your web application. Lightsail instance bundles include instances preinstalled with your preferred operating system, storage, and monthly data transfer allowance, giving you everything you need to get up and running quickly. The new WordPress blueprint includes a step-by-step setup workflow that walks you through connecting a custom domain, configuring DNS, attaching a static IP address, and enabling HTTPS encryption using a free Let’s Encrypt SSL/TLS certificate — all from within the Lightsail console. This new blueprint is now available in all AWS Regions where Lightsail is available. For more information on blueprints supported on Lightsail, see Lightsail documentation. For more information on pricing, or to get started with your free trial, click here.
EC2 Image Builder enhances lifecycle policies with wildcard support and simplified IAM
EC2 Image Builder, a service that helps you automate the creation, distribution, and management of customized Amazon Machine Images, now supports wildcard patterns in lifecycle policies and simplifies IAM role creation. You can now use wildcard patterns to manage images from multiple recipes within a single lifecycle policy, and create IAM roles with pre-populated default permissions directly from the console.\n Previously, you had to create separate lifecycle policies for each new recipe or manually select individual recipes, making it difficult to scale as new recipes were added. Now with wildcard pattern support, you can specify patterns like my-recipe-1.x.x to automatically apply lifecycle policies to all matching recipes—including new recipes created in the future. Additionally, creating IAM roles for lifecycle management previously required manually configuring the required permissions. Now when creating a new role in the console, EC2 Image Builder automatically populates the required default permissions, reducing setup time and potential configuration errors. Together, these capabilities simplify onboarding and ongoing maintenance, enabling you to manage your image lifecycle at scale with less operational overhead. Lifecycle Policies are available in all commercial AWS regions. To learn more, refer to the documentation.
Amazon Application Recovery Controller (ARC) Region switch helps customers orchestrate the failover of their multi-Region applications to achieve a bounded recovery time in the event of a Regional impairment. It automates multi-Region disaster recovery, reducing engineering effort and eliminating operational overhead when recovering applications across multiple AWS accounts and Regions. Region switch now includes three new capabilities: post-recovery workflows, native RDS execution blocks, and AWS provider for Terraform support.\n Post-recovery workflows. Disaster recovery doesn’t end when customers failover to a standby Region. After orchestrating a failover or failback, customers must prepare the other Region for the next recovery event. Today, this requires manual coordination of scaling, recreating read replicas, and validating configurations. Post-recovery workflows help customers automate these preparation steps. With this launch, post-recovery workflows support the custom action Lambda execution block, Amazon RDS create read replica execution block, ARC Region switch plan execution block, and the manual approval execution block. Customers can create read replicas, run custom logic via Lambda functions, add manual approval gates, and embed child plans for complex orchestration as part of post-recovery. Post-recovery workflows are available for active/passive deployments and can be triggered manually. RDS execution blocks. Coordinating Amazon RDS database recovery during Regional failover requires manual steps to promote read replicas and recreate replication, introducing delays and errors. Region switch now natively supports two Amazon RDS execution blocks that automate RDS recovery orchestration. The RDS promote read replica execution block orchestrates promotion of a read replica to a standalone instance during failover. The RDS create read replica execution block orchestrates replica creation as part of post-recovery workflows. AWS provider for Terraform support. Region switch is now supported by the AWS provider for Terraform, enabling customers to manage disaster recovery plans as Infrastructure-as-Code and integrate them into CI/CD pipelines alongside application deployments.
To learn more, about AWS provider support for Terraform, visit Terraform provider documentation. To learn about post-recovery workflows in action, read the post-recovery workflow tutorial. To get started with Region switch, read our launch blog or documentation.
AWS Network Firewall now supports firewall state change notifications through Amazon EventBridge
AWS Network Firewall now integrates with Amazon EventBridge to provide real-time notifications for firewall state changes and configuration updates. This new capability enables you to monitor critical firewall operations including firewall configuration updates and endpoint status modifications across your network security infrastructure. You gain immediate visibility into changes affecting AWS Managed Rules, Partner Managed Rules, and firewall configurations.\n With EventBridge integration, you gain enhanced visibility into your firewall operations in real-time. You can build automated workflows to send notifications through Amazon SNS, create tickets in your IT service management (ITSM) systems, or integrate with third-party security information and event management (SIEM) solutions. This integration helps you maintain better operational awareness of your network security infrastructure and respond quickly to configuration changes or potential issues. AWS Network Firewall state change notifications through Amazon EventBridge are available in all AWS Regions where AWS Network Firewall and Amazon EventBridge is currently available. To learn more about AWS Network Firewall EventBridge integration, visit the AWS Network Firewall documentation. For information about Amazon EventBridge, see the Amazon EventBridge documentation.
Amazon Bedrock batch inference now supports the Converse API format
Amazon Bedrock batch inference now supports the Converse API as a model invocation type, enabling you to use a consistent, model-agnostic input format for your batch workloads.\n Previously, batch inference required model-specific request formats using the InvokeModel API. Now, when creating a batch inference job, you can select Converse as the model invocation type and structure your input data using the standard Converse API request format. Output for Converse batch jobs follows the Converse API response format. With this feature, you can use the same unified request format for both real-time and batch inference, simplifying prompt management and reducing the effort needed to switch between models. You can configure the Converse model invocation type through both the Amazon Bedrock console and the API. This capability is available in all AWS Regions that support Amazon Bedrock batch inference. To get started, see Create a batch inference job and Format and upload your batch inference data in the Amazon Bedrock User Guide.
Amazon CloudWatch logs centralization rules now support customizable destination log group structure
Amazon CloudWatch now supports customizing destination log group names when creating CloudWatch log centralization rules. Organizations managing logs across multiple accounts can now use attributes to organize centralized logs into meaningful hierarchies — by account ID, region, organizational unit, or other AWS Organizations metadata — that match how their organization operates and what their compliance requirements demand.\n You can define a destination log group name structure using attributes that CloudWatch Logs automatically replaces with actual values when logs are copied. For example, using the pattern ${source.accountId}/${source.region}/${source.logGroup} creates destination log groups like 123456789012/us-east-1/cloudtrail/managementevent, making it easy to identify which account and region logs originated from. You can use attributes, including source account ID, region, log group name, organization ID, organizational unit ID, root ID, and the full organizational path.
Customizable destination log group names are available in all centralization rules supported regions.
Customers can use centralization rules to centralize one copy of logs for free (ingestion). Additional copies are charged at $0.05/GB of logs centralized (the backup region feature is considered an additional copy). Storage charges apply. To learn more, visit the CloudWatch Logs Centralization documentation.
AWS Resource Access Manager now supports maintaining shares when accounts change organizations
AWS Resource Access Manager (RAM) now supports a resource share configuration that allows you to maintain resource sharing continuity when accounts move between AWS Organizations. With the new RetainSharingOnAccountLeaveOrganization parameter and corresponding ram:RetainSharingOnAccountLeaveOrganization condition key, security administrators can configure resource shares to retain access when accounts leave the organization and enforce consistent policies across their organization using Service Control Policies (SCPs).\n This capability helps organizations undergoing mergers, acquisitions, or restructuring maintain access to shared resources like Route53 Resolver Rules, Transit Gateways, and IPAM pools without disruption. Security teams can use SCPs to enforce the RetainSharingOnAccountLeaveOrganization configuration organization-wide. When enabled, RAM treats organization accounts as external accounts, requiring explicit invitation acceptance and preserving resource access during account transitions between organizations. This feature is available in all AWS commercial Regions at no additional cost. To learn more about resource share configurations, see the AWS RAM documentation or visit the AWS RAM product page.
AWS now supports Bacs Direct Debit as a payment method for UK customers
Starting today, AWS customers based in the United Kingdom can use Bacs Direct Debit to pay for their AWS services. This new feature provides a convenient and automated way to manage your cloud spend directly from your GBP-based bank account.\n Customers can securely connect any personal or business bank account that supports the Bacs standard. Previously, AWS only accepted credit or debit cards and EUR-based bank accounts in the UK.
During sign-up, customers can choose “Bacs Direct Debit” from the AWS sign-up page, select their bank, and authenticate using their bank’s mobile app or online banking credentials. This securely verifies ownership and links the bank account to the AWS account. By default, this account will be used for future AWS invoices.
Existing customers can add Bacs Direct Debit by navigating to the Payment Preferences page in the AWS Billing console. They choose “Add payment method,” select “Bacs Direct Debit,” and follow the same bank selection and authentication flow. Once verified, the bank account is available as a payment method for future invoices.
Bacs Direct Debit is available to customers in UK regions at not additional cost. To learn more, see Managing your Bacs direct debit payment method.
Amazon OpenSearch Service adds new insights for improved cluster stability
Amazon OpenSearch Service has enhanced Cluster Insights with two new insights — Cluster Overload and Suboptimal Sharding Strategy. Suboptimal Sharding Strategy provides instant visibility into shard imbalances that cause uneven workload distribution, while Cluster Overload surfaces elevated cluster resource utilization that can lead to request throttling or rejections. Both insights come with details of affected resources along with actionable mitigation recommendations.\n Previously, identifying resource constraints and shard imbalances required manually correlating multiple metrics and logs, making it difficult to detect issues early. With these new insights, you can proactively monitor cluster health and take timely action. Suboptimal Sharding Strategy detects shard imbalances caused by indices with too few shards relative to the number of data nodes, or by shards carrying disproportionately large amounts of data compared to others. It identifies the root cause of uneven workload distribution and provides recommendations to help you achieve optimal shard distribution for improved query performance and resource utilization. Similarly, Cluster Overload helps you identify elevated resource utilization, including CPU, memory, disk I/O, disk throughput, and disk utilization that can potentially lead to request throttling or rejections. It also provides scale-up recommendations so you can take timely action to protect your critical workloads. These new insights are available at no additional cost for OpenSearch version 2.17 or later in all Regions where the OpenSearch UI is available. See the complete list of supported Regions here. To learn more, visit the Cluster Insights documentation or view the complete catalog of available insights.
Oracle Database@AWS is now available in the Dublin AWS Region
Oracle Database@AWS is now available in EU-West-1 (Dublin), starting with one Availability Zone (AZ). Oracle Database@AWS enables customers to access database services on Oracle Cloud Infrastructure (OCI) managed Oracle Exadata systems within AWS data centers. As a result, customers can easily migrate their on-premises Oracle Exadata and Oracle Real Application Clusters (RAC) applications to a like-for-like environment on AWS, and also benefit from integrations with AWS services such as AWS Key Management Service (KMS) for data encryption and AWS CloudWatch for monitoring. With expansion to the Dublin region, customers with data residency requirements in that region can migrate their on-premises Oracle Exadata and RAC applications to AWS.\n With this expansion, Oracle Database@AWS services are now available in eight Regions: US-East-1 (N. Virginia), US-West-2 (Oregon), US-East-2 (Ohio), CA-Central-1 (Canada Central), EU-Central-1 (Frankfurt), EU-West-1 (Dublin), AP-Northeast-1 (Tokyo), and AP-Southeast-2 (Sydney). To use Oracle Database@AWS services, request a private offer from Oracle through the AWS Marketplace, and use AWS Management Console to setup and use your databases. To learn more, visit Oracle Database@AWS overview and documentation.
Amazon RDS for PostgreSQL supports minor versions 18.3, 17.9, 16.13, 15.17, and 14.22
Amazon Relational Database Service (RDS) for PostgreSQL now supports the latest minor versions 18.3, 17.9, 16.13, 15.17, and 14.22. These versions address the regression from the February 12, 2026 PostgreSQL community release. We recommend that you upgrade to the latest minor versions to fix known security vulnerabilities in prior versions of PostgreSQL, and to benefit from the bug fixes added by the PostgreSQL community.\n You can upgrade your databases during scheduled maintenance windows using automatic minor version upgrades. To simplify operations at scale, enable automatic minor version upgrades and use the AWS Organizations Upgrade Rollout Policy to orchestrate thousands of upgrades in phases, first to development environments before upgrading production systems. You can also use Amazon RDS Blue/Green deployments with physical replication to minimize downtime for minor version upgrades. Amazon RDS for PostgreSQL makes it simple to set up, operate, and scale PostgreSQL deployments in the cloud. See Amazon RDS for PostgreSQL Pricing for pricing details and regional availability. Create or update a fully managed Amazon RDS database in the Amazon RDS Management Console or by using the AWS Command Line Interface (CLI).
AWS Blogs
AWS Japan Blog (Japanese)
- Amazon ElastiCache Fault Tolerance Testing Using AWS Fault Injection Service
- Optimize data management with intelligent-tiering in S3 Tables
- SBI Sumishin Net Bank innovates customer experience with AI banking service “NEOBANK AI” utilizing Amazon Bedrock AgentCore
- Amazon’s efforts to maintain the accuracy of large-scale aggregations using Amazon DynamoDB
- Surprising Discovery: Automated Inference Improves System Efficiency and Maintainability
- Automatic inference enables faster “25519” elliptic curve cryptography and guarantees validity
- Accelerating RSA with Graviton: Prove legitimacy with formal verification and accelerate development
- Introducing Mitsuiwa Co., Ltd.’s AWS development example “Next Generation Infrastructure Automated Construction Solution Using Amazon Bedrock and AWS CloudFormation”
AWS Contact Center
AWS Developer Tools Blog
- Announcing new output formats in AWS CLI v2
- AWS Tools for PowerShell v4 Maintenance Mode Announcement