AWS Parallel Computing Service (PCS) now supports rotation of cluster secret keys using AWS Secrets Manager, enabling you to update the secure credentials used for authentication between Slurm controller and compute nodes without creating a new cluster. Regularly rotating your Slurm cluster secret keys strengthens your security posture by reducing the risk of credential compromise and ensuring compliance with best practices. This helps keep your HPC workloads and accounting data safe from unauthorized access.

PCS is a managed service that makes it easier to run and scale high performance computing (HPC) workloads on AWS using Slurm. With the support of cluster secret rotation in PCS, you can strengthen your security controls and maintain operational efficiency. You can now implement secret rotation as part of your security best practices while maintaining cluster continuity.

This feature is available in all AWS Regions where PCS is available. You can rotate cluster secrets using either the AWS Secrets Manager console or API after preparing your cluster for the rotation process. Read more about PCS support for cluster secret rotation in the PCS User Guide.

 

​AWS Parallel Computing Service (PCS) now supports rotation of cluster secret keys using AWS Secrets Manager, enabling you to update the secure credentials used for authentication between Slurm controller and compute nodes without creating a new cluster. Regularly rotating your Slurm cluster secret keys strengthens your security posture by reducing the risk of credential compromise and ensuring compliance with best practices. This helps keep your HPC workloads and accounting data safe from unauthorized access. PCS is a managed service that makes it easier to run and scale high performance computing (HPC) workloads on AWS using Slurm. With the support of cluster secret rotation in PCS, you can strengthen your security controls and maintain operational efficiency. You can now implement secret rotation as part of your security best practices while maintaining cluster continuity. This feature is available in all AWS Regions where PCS is available. You can rotate cluster secrets using either the AWS Secrets Manager console or API after preparing your cluster for the rotation process. Read more about PCS support for cluster secret rotation in the PCS User Guide.  

Amazon CloudWatch agent has added support for configurable Windows Event log filters. This new feature allows customers to selectively collect and send system and application events to CloudWatch from Windows hosts running on Amazon EC2 or on-premises. The addition of customizable filters helps customers to focus on events that meet specific criteria, streamlining log management and analysis.

Using this new functionality of the CloudWatch agent, you can define filter criteria for each Windows Event log stream in the agent configuration file. The filtering options include event levels, event IDs, and regular expressions to either «include» or «exclude» text within events. The agent evaluates each log event against your defined filter criteria to determine whether it should be sent to CloudWatch. Events that don’t match your criteria are discarded. Windows event filters help you to manage your log ingestion by processing only the events you need, such as those containing specific error codes, while excluding verbose or unwanted log entries.

Amazon CloudWatch Agent is available in all commercial AWS Regions, and the AWS GovCloud (US) Regions.

To get started, see Create or Edit the CloudWatch Agent Configuration File in the Amazon CloudWatch User Guide.

 

​Amazon CloudWatch agent has added support for configurable Windows Event log filters. This new feature allows customers to selectively collect and send system and application events to CloudWatch from Windows hosts running on Amazon EC2 or on-premises. The addition of customizable filters helps customers to focus on events that meet specific criteria, streamlining log management and analysis. Using this new functionality of the CloudWatch agent, you can define filter criteria for each Windows Event log stream in the agent configuration file. The filtering options include event levels, event IDs, and regular expressions to either «include» or «exclude» text within events. The agent evaluates each log event against your defined filter criteria to determine whether it should be sent to CloudWatch. Events that don’t match your criteria are discarded. Windows event filters help you to manage your log ingestion by processing only the events you need, such as those containing specific error codes, while excluding verbose or unwanted log entries. Amazon CloudWatch Agent is available in all commercial AWS Regions, and the AWS GovCloud (US) Regions. To get started, see Create or Edit the CloudWatch Agent Configuration File in the Amazon CloudWatch User Guide.  

Amazon S3 adds AWS CloudTrail events for table maintenance activities in Amazon S3 Tables. You can now use AWS CloudTrail to track compaction and snapshot expiration operations performed by S3 Tables on your tables.

S3 Tables automatically performs maintenance to optimize query performance and lower costs of your tables stored in S3 table buckets. You can monitor and audit S3 Tables maintenance activities such as compaction and snapshot expiration as management events in AWS CloudTrail. To get started with monitoring, create a trail in the AWS CloudTrail console and filter for ‘AwsServiceEvents’ as the eventType and ‘TablesMaintenanceEvent’ as the eventName.

AWS CloudTrail events for S3 Tables maintenance are now available in all AWS Regions where S3 Tables are available. To learn more, visit Amazon S3 Tables product page and documentation.

 

​Amazon S3 adds AWS CloudTrail events for table maintenance activities in Amazon S3 Tables. You can now use AWS CloudTrail to track compaction and snapshot expiration operations performed by S3 Tables on your tables. S3 Tables automatically performs maintenance to optimize query performance and lower costs of your tables stored in S3 table buckets. You can monitor and audit S3 Tables maintenance activities such as compaction and snapshot expiration as management events in AWS CloudTrail. To get started with monitoring, create a trail in the AWS CloudTrail console and filter for ‘AwsServiceEvents’ as the eventType and ‘TablesMaintenanceEvent’ as the eventName. AWS CloudTrail events for S3 Tables maintenance are now available in all AWS Regions where S3 Tables are available. To learn more, visit Amazon S3 Tables product page and documentation.  

Amazon Bedrock Data Automation (BDA) now supports AVI, MKV, and WEBM file formats along with the AV1 and MPEG-4 Visual (Part 2) codecs, enabling you to generate structured insights across a broader range of video content. Additionally, BDA delivers up to 50% faster image processing.

BDA automates the generation of insights from unstructured multimodal content such as documents, images, audio, and videos for your GenAI-powered applications. With support for AVI, MKV, and WEBM formats, you can now analyze content from archival footage, high-quality video archives with multiple audio tracks and subtitles, and web-based and open-source video content. This expanded video format and codec support enables you to process video content directly in the formats your organization uses, streamlining your workflows and accelerating time-to-insight. With faster image processing on BDA, you you can extract insights from visual content faster than ever before. You can now analyze larger volumes of images in less time, helping you scale your AI applications and deliver value to your customers more quickly.

Amazon Bedrock Data Automation is available in 8 AWS regions: Europe (Frankfurt), Europe (London), Europe (Ireland), Asia Pacific (Mumbai), Asia Pacific (Sydney), US West (Oregon) and US East (N. Virginia), and GovCloud (US-West) AWS Regions.

To learn more, see the Bedrock Data Automation User Guide and the Amazon Bedrock Pricing page. To get started with using Bedrock Data Automation, visit the Amazon Bedrock console.

 

​Amazon Bedrock Data Automation (BDA) now supports AVI, MKV, and WEBM file formats along with the AV1 and MPEG-4 Visual (Part 2) codecs, enabling you to generate structured insights across a broader range of video content. Additionally, BDA delivers up to 50% faster image processing. BDA automates the generation of insights from unstructured multimodal content such as documents, images, audio, and videos for your GenAI-powered applications. With support for AVI, MKV, and WEBM formats, you can now analyze content from archival footage, high-quality video archives with multiple audio tracks and subtitles, and web-based and open-source video content. This expanded video format and codec support enables you to process video content directly in the formats your organization uses, streamlining your workflows and accelerating time-to-insight. With faster image processing on BDA, you you can extract insights from visual content faster than ever before. You can now analyze larger volumes of images in less time, helping you scale your AI applications and deliver value to your customers more quickly. Amazon Bedrock Data Automation is available in 8 AWS regions: Europe (Frankfurt), Europe (London), Europe (Ireland), Asia Pacific (Mumbai), Asia Pacific (Sydney), US West (Oregon) and US East (N. Virginia), and GovCloud (US-West) AWS Regions. To learn more, see the Bedrock Data Automation User Guide and the Amazon Bedrock Pricing page. To get started with using Bedrock Data Automation, visit the Amazon Bedrock console.  

Amazon Nova models now support the customization of content moderation settings for approved business use cases that require processing or generating sensitive content.

Organizations with approved business use cases can adjust content moderation settings across four domains: safety, sensitive content, fairness, and security. These settings allow customers to adjust specific settings relevant to their business requirements. Amazon Nova enforces essential, non-configurable controls to ensure responsible use of AI, such as controls to prevent harm to children and preserve privacy.

Customization of content moderation settings is available for Amazon Nova Lite and Amazon Nova Pro in the US East (N. Virginia) region.

To learn more about Amazon Nova, visit the Amazon Nova product page and to learn about Amazon Nova responsible use of AI, visit the AWS AI Service Cards, or see the User Guide. To see if your business model is appropriate to customize content moderation settings, contact your AWS Account Manager.

 

​Amazon Nova models now support the customization of content moderation settings for approved business use cases that require processing or generating sensitive content. Organizations with approved business use cases can adjust content moderation settings across four domains: safety, sensitive content, fairness, and security. These settings allow customers to adjust specific settings relevant to their business requirements. Amazon Nova enforces essential, non-configurable controls to ensure responsible use of AI, such as controls to prevent harm to children and preserve privacy. Customization of content moderation settings is available for Amazon Nova Lite and Amazon Nova Pro in the US East (N. Virginia) region. To learn more about Amazon Nova, visit the Amazon Nova product page and to learn about Amazon Nova responsible use of AI, visit the AWS AI Service Cards, or see the User Guide. To see if your business model is appropriate to customize content moderation settings, contact your AWS Account Manager.  

AWS Nitro Enclaves is an Amazon EC2 capability that enables customers to create isolated compute environments (enclaves) to further protect and securely process highly sensitive data within their EC2 instances. Nitro Enclaves helps customers reduce the attack surface area for their most sensitive data processing applications.

There is no additional cost other than the cost for the using Amazon EC2 instances and any other AWS services that are used with Nitro Enclaves.

Nitro Enclaves is now available across all AWS Regions, expanding to include new regions in Asia Pacific (New Zealand, Thailand, Jakarta, Hyderabad, Malaysia, Melbourne, and Taipei), Europe (Spain and Zurich), Middle East (UAE and Tel Aviv), and North America (Central Mexico and Calgary).

To learn more about AWS Nitro Enclaves and how to get started, visit the AWS Nitro Enclaves page.

 

​AWS Nitro Enclaves is an Amazon EC2 capability that enables customers to create isolated compute environments (enclaves) to further protect and securely process highly sensitive data within their EC2 instances. Nitro Enclaves helps customers reduce the attack surface area for their most sensitive data processing applications. There is no additional cost other than the cost for the using Amazon EC2 instances and any other AWS services that are used with Nitro Enclaves. Nitro Enclaves is now available across all AWS Regions, expanding to include new regions in Asia Pacific (New Zealand, Thailand, Jakarta, Hyderabad, Malaysia, Melbourne, and Taipei), Europe (Spain and Zurich), Middle East (UAE and Tel Aviv), and North America (Central Mexico and Calgary). To learn more about AWS Nitro Enclaves and how to get started, visit the AWS Nitro Enclaves page.  

Amazon Connect can now automatically initiate follow-up evaluations to analyze specific situations identified during initial evaluations. For example, when an initial customer service evaluation detects customer interest in a product, Amazon Connect can automatically trigger a follow-up evaluation focused on the agent’s sales performance. This enables managers to maintain consistent evaluation standards across agent cohorts and over time, while capturing deeper insights on specific scenarios such as sales opportunities, escalations, and other critical interaction moments.

This feature is available in all regions where Amazon Connect is offered. To learn more, please visit our documentation and our webpage. 

 

​Amazon Connect can now automatically initiate follow-up evaluations to analyze specific situations identified during initial evaluations. For example, when an initial customer service evaluation detects customer interest in a product, Amazon Connect can automatically trigger a follow-up evaluation focused on the agent’s sales performance. This enables managers to maintain consistent evaluation standards across agent cohorts and over time, while capturing deeper insights on specific scenarios such as sales opportunities, escalations, and other critical interaction moments. This feature is available in all regions where Amazon Connect is offered. To learn more, please visit our documentation and our webpage.   

Amazon CloudWatch Database Insights expands the availability of its on-demand analysis experience to the RDS for SQL Server database engine. CloudWatch Database Insights is a monitoring and diagnostics solution that helps database administrators and developers optimize database performance by providing comprehensive visibility into database metrics, query analysis, and resource utilization patterns. This feature leverages machine learning models to help identify performance bottlenecks during the selected time period, and gives advice on what to do next.

Previously, database administrators had to manually analyze performance data, correlate metrics, and investigate root cause. This process is time-consuming and requires deep database expertise. With this launch, you can now analyze database performance monitoring data for any time period with automated intelligence. The feature automatically compares your selected time period against normal baseline performance, identifies anomalies, and provides specific remediation advice. Through intuitive visualizations and clear explanations, you can quickly identify performance issues and receive step-by-step guidance for resolution. This automated analysis and recommendation system reduces mean-time-to-diagnosis from hours to minutes.

You can get started with this feature by enabling the Advanced mode of CloudWatch Database Insights on your RDS for SQL Server databases using the RDS service console, AWS APIs, the AWS SDK, or AWS CloudFormation. Please refer to RDS documentation and Aurora documentation for information regarding the availability of Database Insights across different regions, engines and instance classes. 

 

​Amazon CloudWatch Database Insights expands the availability of its on-demand analysis experience to the RDS for SQL Server database engine. CloudWatch Database Insights is a monitoring and diagnostics solution that helps database administrators and developers optimize database performance by providing comprehensive visibility into database metrics, query analysis, and resource utilization patterns. This feature leverages machine learning models to help identify performance bottlenecks during the selected time period, and gives advice on what to do next. Previously, database administrators had to manually analyze performance data, correlate metrics, and investigate root cause. This process is time-consuming and requires deep database expertise. With this launch, you can now analyze database performance monitoring data for any time period with automated intelligence. The feature automatically compares your selected time period against normal baseline performance, identifies anomalies, and provides specific remediation advice. Through intuitive visualizations and clear explanations, you can quickly identify performance issues and receive step-by-step guidance for resolution. This automated analysis and recommendation system reduces mean-time-to-diagnosis from hours to minutes. You can get started with this feature by enabling the Advanced mode of CloudWatch Database Insights on your RDS for SQL Server databases using the RDS service console, AWS APIs, the AWS SDK, or AWS CloudFormation. Please refer to RDS documentation and Aurora documentation for information regarding the availability of Database Insights across different regions, engines and instance classes.   

On October 21, 2025 Amazon announced quarterly security and critical updates for Amazon Corretto Long-Term Supported (LTS) versions of OpenJDK. Corretto 25.0.1, 21.0.9, 17.0.17, 11.0.29, 8u472 are now available for download. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of OpenJDK.

This release of Corretto JDK binaries for Generic Linux, Alpine and macOS will include Async-Profiler, a low overhead sampling profiler for Java supported by the Amazon Corretto team. Async-Profiler is designed to provide profiling data for CPU time, allocations in Java Heap, native memory allocations and leaks, contended locks, hardware and software performance counters like cache misses, page faults, context switches, Java method profiling, and much more.

Click on the Corretto home page to download Corretto 25, Corretto 21, Corretto 17, Corretto 11, or Corretto 8. You can also get the updates on your Linux system by configuring a Corretto Apt, Yum, or Apk repo.

Feedback is welcomed!

 

​On October 21, 2025 Amazon announced quarterly security and critical updates for Amazon Corretto Long-Term Supported (LTS) versions of OpenJDK. Corretto 25.0.1, 21.0.9, 17.0.17, 11.0.29, 8u472 are now available for download. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of OpenJDK. This release of Corretto JDK binaries for Generic Linux, Alpine and macOS will include Async-Profiler, a low overhead sampling profiler for Java supported by the Amazon Corretto team. Async-Profiler is designed to provide profiling data for CPU time, allocations in Java Heap, native memory allocations and leaks, contended locks, hardware and software performance counters like cache misses, page faults, context switches, Java method profiling, and much more. Click on the Corretto home page to download Corretto 25, Corretto 21, Corretto 17, Corretto 11, or Corretto 8. You can also get the updates on your Linux system by configuring a Corretto Apt, Yum, or Apk repo. Feedback is welcomed!  

Today, Amazon Simple Email Service (SES) added visibility into the IP addresses used by Dedicated IP Addresses – Managed (DIP-M) pools. Customers can now find out the exact addresses in use when sending emails through DIP-M pools to mailbox providers. Customers can also see Microsoft Smart Network Data Services (SNDS) metrics for these IP addresses, giving them more insight into their sending reputation with Microsoft mailbox providers. This gives customers more transparency into the IP activities in DIP-M pools.

Previously, customers could configure DIP-M pools to perform automatic IP allocation and warm-up in response to changes in email sending volumes. This reduced the operational overhead of managing dedicated sending channels, but customers could not easily see which IP addresses were in use by DIP-M pools. This also made it difficult to find SNDS feedback, which customers use to improve their reputation. Now, customers can see the IPs in DIP-M pools through the console, CLI, or SES API. SES also automatically creates CloudWatch Metrics for SNDS information on each IP address, which customers can access through the CloudWatch console or APIs. This gives customers more tools to monitor their sending reputation.

SES supports DIP-M IP observability in all AWS Regions where SES is available.

For more information, see the documentation for information about DIP-M pools.

 

​Today, Amazon Simple Email Service (SES) added visibility into the IP addresses used by Dedicated IP Addresses – Managed (DIP-M) pools. Customers can now find out the exact addresses in use when sending emails through DIP-M pools to mailbox providers. Customers can also see Microsoft Smart Network Data Services (SNDS) metrics for these IP addresses, giving them more insight into their sending reputation with Microsoft mailbox providers. This gives customers more transparency into the IP activities in DIP-M pools. Previously, customers could configure DIP-M pools to perform automatic IP allocation and warm-up in response to changes in email sending volumes. This reduced the operational overhead of managing dedicated sending channels, but customers could not easily see which IP addresses were in use by DIP-M pools. This also made it difficult to find SNDS feedback, which customers use to improve their reputation. Now, customers can see the IPs in DIP-M pools through the console, CLI, or SES API. SES also automatically creates CloudWatch Metrics for SNDS information on each IP address, which customers can access through the CloudWatch console or APIs. This gives customers more tools to monitor their sending reputation. SES supports DIP-M IP observability in all AWS Regions where SES is available. For more information, see the documentation for information about DIP-M pools.