We are excited to announce the general availability of AWS Elastic Beanstalk in Asia Pacific (New Zealand) (Melbourne), (Malaysia), (Hyderabad), Canada West (Calgary), and Europe (Zurich).

AWS Elastic Beanstalk is a service that simplifies application deployment and management on AWS. The service automatically handles deployment, capacity provisioning, load balancing, auto-scaling, and application health monitoring, allowing developers to focus on writing code.

For a complete list of regions and service offerings, see AWS Regions.

To get started on AWS Elastic Beanstalk, see the AWS Elastic Beanstalk Developer Guide. To learn more about Elastic Beanstalk, visit the Elastic Beanstalk product page. 

​We are excited to announce the general availability of AWS Elastic Beanstalk in Asia Pacific (New Zealand) (Melbourne), (Malaysia), (Hyderabad), Canada West (Calgary), and Europe (Zurich). AWS Elastic Beanstalk is a service that simplifies application deployment and management on AWS. The service automatically handles deployment, capacity provisioning, load balancing, auto-scaling, and application health monitoring, allowing developers to focus on writing code. For a complete list of regions and service offerings, see AWS Regions. To get started on AWS Elastic Beanstalk, see the AWS Elastic Beanstalk Developer Guide. To learn more about Elastic Beanstalk, visit the Elastic Beanstalk product page.   

Starting today, memory-optimized Amazon Compute Cloud (Amazon EC2) X2iedn instances are available in AWS Asia Pacific (Thailand) region. These instances, powered by 3rd generation Intel Xeon Scalable Processors and built with AWS Nitro System, are designed for memory-intensive workloads. They deliver improvements in performance, price performance, and cost per GiB of memory compared to previous generation X1e instances. These instances are SAP-certified for running Business Suite on HANA, SAP S/4HANA, Data Mart Solutions on HANA, Business Warehouse on HANA, SAP BW/4HANA, and SAP NetWeaver workloads on any database.

To learn more, visit the EC2 X2i Instances Page, or connect with your AWS Support contacts.

​Starting today, memory-optimized Amazon Compute Cloud (Amazon EC2) X2iedn instances are available in AWS Asia Pacific (Thailand) region. These instances, powered by 3rd generation Intel Xeon Scalable Processors and built with AWS Nitro System, are designed for memory-intensive workloads. They deliver improvements in performance, price performance, and cost per GiB of memory compared to previous generation X1e instances. These instances are SAP-certified for running Business Suite on HANA, SAP S/4HANA, Data Mart Solutions on HANA, Business Warehouse on HANA, SAP BW/4HANA, and SAP NetWeaver workloads on any database.
To learn more, visit the EC2 X2i Instances Page, or connect with your AWS Support contacts.  

AWS Systems Manager (AWS SSM) Configuration Manager now allows you to automatically test SAP ABAP based applications on AWS against best practices defined in the AWS Well-Architected Framework SAP Lens.

Keeping SAP applications optimally configured requires SAP administrators to stay current with best practices from multiple sources including AWS, SAP, and operating system vendors and manually check their configurations to validate adherence. AWS SSM Configuration Manager automatically assesses SAP applications running on AWS against these standards, proactively identifying misconfigurations and recommending specific remediation steps, allowing you to make the necessary changes before potential impacts to business operations. With this launch, configuration checks can be scheduled or run on-demand for SAP HANA and ABAP applications.

SSM for SAP Configuration Manager is available in AWS Regions where SSMSAP is available.

To learn more, read the launch blog, or refer to the AWS Systems Manager for SAP documentation.

​AWS Systems Manager (AWS SSM) Configuration Manager now allows you to automatically test SAP ABAP based applications on AWS against best practices defined in the AWS Well-Architected Framework SAP Lens. Keeping SAP applications optimally configured requires SAP administrators to stay current with best practices from multiple sources including AWS, SAP, and operating system vendors and manually check their configurations to validate adherence. AWS SSM Configuration Manager automatically assesses SAP applications running on AWS against these standards, proactively identifying misconfigurations and recommending specific remediation steps, allowing you to make the necessary changes before potential impacts to business operations. With this launch, configuration checks can be scheduled or run on-demand for SAP HANA and ABAP applications. SSM for SAP Configuration Manager is available in AWS Regions where SSMSAP is available. To learn more, read the launch blog, or refer to the AWS Systems Manager for SAP documentation.  

AWS DataSync Enhanced mode now supports data transfers between on-premises file servers and Amazon S3, enabling customers to transfer datasets that scale to virtually unlimited numbers of files at higher levels of performance than DataSync Basic mode.

AWS DataSync is a secure, high-speed file transfer service that optimizes data movement over a network. Enhanced mode uses parallel processing to deliver higher performance and scalability for datasets of any size, while removing file count limitations and providing detailed transfer metrics for better monitoring and management. Previously, Enhanced mode was available for data transfers between Amazon S3 locations and for multicloud transfers. This launch extends the capabilities of Enhanced mode to support transfers between on-premises NFS or SMB file servers, and Amazon S3. Using Enhanced mode, customers can accelerate generative AI workloads by rapidly moving training datasets to AWS, power data lake analytics by synchronizing on-premises data with cloud-based pipelines, and drive large-scale migrations for archival and cloud modernization.

This new capability is available in all AWS Regions where AWS DataSync is offered. To get started, visit the AWS DataSync console. For more information, see the AWS DataSync documentation.

​AWS DataSync Enhanced mode now supports data transfers between on-premises file servers and Amazon S3, enabling customers to transfer datasets that scale to virtually unlimited numbers of files at higher levels of performance than DataSync Basic mode. AWS DataSync is a secure, high-speed file transfer service that optimizes data movement over a network. Enhanced mode uses parallel processing to deliver higher performance and scalability for datasets of any size, while removing file count limitations and providing detailed transfer metrics for better monitoring and management. Previously, Enhanced mode was available for data transfers between Amazon S3 locations and for multicloud transfers. This launch extends the capabilities of Enhanced mode to support transfers between on-premises NFS or SMB file servers, and Amazon S3. Using Enhanced mode, customers can accelerate generative AI workloads by rapidly moving training datasets to AWS, power data lake analytics by synchronizing on-premises data with cloud-based pipelines, and drive large-scale migrations for archival and cloud modernization. This new capability is available in all AWS Regions where AWS DataSync is offered. To get started, visit the AWS DataSync console. For more information, see the AWS DataSync documentation.  

The AWS DataSync Terraform module now supports Enhanced mode for transfers between S3 locations, making it easier for you to set up high-performance data transfers at scale.

AWS DataSync is a secure, high-speed file transfer service that optimizes data movement over a network. Enhanced mode uses parallel processing to deliver higher performance and scalability for datasets of any size, while removing file count limitations and providing detailed transfer metrics for better monitoring and management. You can now use Terraform to automatically provision DataSync tasks configured for Enhanced mode. This eliminates manual configuration steps that can be time-consuming and error-prone, while giving you a consistent, repeatable, version-controlled deployment process that can scale across your organization.

You can access the AWS DataSync Terraform module on GitHub or through the Terraform Registry.

To learn more about DataSync, see the AWS DataSync documentation. To see all Regions where DataSync is available, visit the AWS Region table.

​The AWS DataSync Terraform module now supports Enhanced mode for transfers between S3 locations, making it easier for you to set up high-performance data transfers at scale. AWS DataSync is a secure, high-speed file transfer service that optimizes data movement over a network. Enhanced mode uses parallel processing to deliver higher performance and scalability for datasets of any size, while removing file count limitations and providing detailed transfer metrics for better monitoring and management. You can now use Terraform to automatically provision DataSync tasks configured for Enhanced mode. This eliminates manual configuration steps that can be time-consuming and error-prone, while giving you a consistent, repeatable, version-controlled deployment process that can scale across your organization. You can access the AWS DataSync Terraform module on GitHub or through the Terraform Registry. To learn more about DataSync, see the AWS DataSync documentation. To see all Regions where DataSync is available, visit the AWS Region table.  

• Categoría: Noticias de Microsoft

diciembre 12, 2025

Impulsar y empoderar a los jóvenes para un futuro con IA

Por: Courtney Gregoire – directora de seguridad digital.

Tuve el placer de unirme a una variedad de líderes para debates oportunos e impactantes sobre el bienestar infantil en la era de la IA en el Vaticano, basándose en conversaciones reflexivas mantenidas durante la Asamblea General de las Naciones Unidas. Estos temas están presentes en la mente a nivel mundial, desde padres hasta responsables políticos y médicos.

En Microsoft, seguimos centrados en nuestro objetivo de empoderar a los jóvenes para que utilicen la tecnología de forma segura, consciente y en busca de oportunidades sociales, educativas y económicas. Eso implica tomar nuevos pasos impulsados por la regulación, como nuevas medidas de verificación de edad para nuestros usuarios de Xbox en el Reino Unido, así como adaptar nuestros compromisos de larga data con la IA responsable y la seguridad y privacidad en línea de los niños para generar confianza en la era de la IA. En esta ocasión, compartimos nuevas investigaciones sobre perspectivas juveniles, anunciamos el AI Futures Youth Council para amplificar las voces adolescentes y ofrecemos recomendaciones de políticas para ayudar a las familias a navegar el mundo digital con confianza.

Centrar las voces de los jóvenes: Anunciamos el Consejo Juvenil de AI Futures y la investigación sobre la garantía de nueva era

En 2017, Microsoft lideró la industria con nuestro primer Council for Digital Good, un foro donde pudimos escuchar de manera directa a jóvenes sobre sus experiencias y percepciones del riesgo en línea. En 2025, con la IA que remodela nuestro mundo —y su futuro— necesitamos volver a centrar las voces de los jóvenes mientras pensamos en el diseño responsable de la IA y en cómo preparamos a los estudiantes para el futuro. Trabajamos de manera activa con adolescentes de la región Asia-Pacífico para desarrollar nuestra primera guía «para adolescentes, por adolescentes» sobre chatbots de IA. Hoy, me complace anunciar el próximo lanzamiento de nuestro primer «AI Futures Youth Council», que reúne a adolescentes de Estados Unidos y Europa para que den su opinión sobre su futuro. Pronto contaremos más sobre el proceso de solicitud.

Sabemos que un paso clave para ofrecer a los jóvenes experiencias online positivas y productivas es entender qué usuarios son jóvenes. En todo el mundo, el debate sobre cómo lograr la garantía de edad online continúa sin freno. Hemos estado agradecidos de trabajar con CIPL y la WeProtect Global Alliance durante el último año para explorar cómo lograr una mejora de la garantía de edad que sea coherente con los derechos fundamentales de privacidad y acceso a la información. Como con cualquier otra intervención de seguridad, nuestro objetivo es ser proporcionados y reflexivos al dar nuevos pasos, por eso nos hemos centrado en el gaming en primer lugar, para reflejar las responsabilidades que tenemos con nuestros usuarios más jóvenes y nuestro compromiso continuo con la seguridad de los jugadores.

Para informar nuestra estrategia y la conversación política más amplia, nos asociamos con Praesidio Safeguarding para comprender mejor las perspectivas juveniles sobre los enfoques de aseguramiento de la edad en Reino Unido, Ghana e Indonesia. Nos complace compartir esa investigación hoy. Los hallazgos refuerzan la importancia de la transparencia, la elección y la confianza: los adolescentes quieren explicaciones claras sobre cómo se utilizan sus datos, expresan preocupaciones sobre la exclusión cuando no hay pruebas formales de edad y muestran distintos niveles de comodidad con el uso de datos biométricos y conductuales. Cabe destacar que los jóvenes valoran la implicación de los padres, pero también destacan la necesidad de independencia y privacidad a medida que maduran. Los resultados también ponen de relieve algunas de las diferencias importantes entre geografías. Por ejemplo, los adolescentes en Ghana a menudo no solo comparten dispositivos con sus familias, sino que también pueden compartir una cuenta, lo que subraya la necesidad de enfoques globales matizados en múltiples capas de la pila tecnológica.

Estas ideas subrayan nuestra convicción de que la proporcionalidad —ajustar las salvaguardas a los riesgos reales— es esencial para generar confianza y empoderar a los jóvenes en línea. También destacan la necesidad de modelos de aseguramiento de la edad que sean inclusivos, flexibles y respetuosos con la autonomía juvenil, en especial en contextos globales donde el intercambio de dispositivos y cuentas es común. Seguimos comprometidos con el diálogo y la innovación continuos, para asegurar que nuestras soluciones evolucionen junto con las necesidades y expectativas de los niños, las familias y la sociedad en general.

Nuestras recomendaciones políticas: Empoderar a los jóvenes para que utilicen la tecnología de forma segura

Creemos que la tecnología debe empoderar a los jóvenes, no ponerlos en riesgo. Dada la diversidad de servicios online, es importante recordar que no existe un único «cinturón de seguridad digital» que proteja y empodere a los jóvenes en Internet.

Por ello, ofrecemos las siguientes recomendaciones mientras responsables políticos, reguladores y expertos continúan el debate estos temas, ampliamos nuestro blog de 2024:

• Evitar restricciones generales de acceso. Los requisitos de garantía de edad que bloquean el acceso total a un servicio—salvo en casos limitados como sitios dedicados a contenido restringido por edad (por ejemplo, pornografía)—pueden limitar de manera involuntaria los derechos de los niños, como el acceso a la información. En su lugar, la garantía de edad debe aplicarse a nivel de servicio, centrarse en características específicas de diseño que supongan mayores riesgos y permitir experiencias personalizadas para los niños.
• Centrarse en los mayores riesgos de impacto, como el contenido y características asociadas con daños documentados a niños, y según se determine mediante procesos democráticos. Los proveedores deben tomar medidas para evaluar y mitigar los riesgos para los niños en sus servicios, asegurándose al tiempo que los requisitos de documentación o las obligaciones de cumplimiento no comprometan inadvertidamente la seguridad. Un enfoque basado en el riesgo y proporcionado—fundamentado en criterios claros y respaldado por estándares interoperables—también puede ayudar a garantizar que la garantía de edad se aplique donde más se necesite, sin introducir fricciones innecesarias. Los proveedores de servicios de alto riesgo deben asumir la responsabilidad de la garantía de edad.

• Reforzar las salvaguardas para los compañeros controlados por la IA. Los recientes trágicos acontecimientos han puesto de manifiesto la necesidad de continuar con el cuidado en el desarrollo de compañeros de IA, en especial cuando estos pueden ser utilizados por los jóvenes. En Microsoft, desarrollamos servicios de IA para el empoderamiento y queremos las barreras adecuadas para proteger a todos los usuarios, pero damos la bienvenida a nuevas medidas de sentido común, como las implementadas en California y Australia para reducir los posibles daños relacionados con los riesgos de suicidio y autolesión, así como con contenido sexualizado o violento. Seguiremos con el trabajo cercano con investigadores y expertos para comprender y mitigar los riesgos potenciales para los jóvenes en este campo en rápida evolución.
• Incentivar el diseño adecuado a la edad. Prohibir a los niños acceder a servicios online no es la solución, pero lo que constituye una experiencia «adecuada a la edad» variará. Hemos apoyado un enfoque de deber de cuidado para la seguridad infantil, donde el deber puede implementarse de forma flexible, guiado por una guía regulatoria reflexiva y basada en la evidencia. Se necesita investigación continua y la participación de expertos para entender cómo avanzar en la seguridad y los derechos de los niños en diversos servicios, no solo en las redes sociales.
• Proteger la privacidad y la seguridad de todos los usuarios. Adaptar los requisitos de garantía de edad ayudará a permitir enfoques proporcionados en el procesamiento de datos. Las propuestas actuales de verificación de edad por parte de las tiendas de aplicaciones corren el riesgo de crear riesgos significativos para la privacidad al recopilar información sensible y compartir datos de edad innecesarios con una amplia variedad de servicios, sin resolver los desafíos que los legisladores quieren abordar. Seguimos con el apoyo a la legislación federal de privacidad en Estados Unidos y fomentamos los esfuerzos globales para desarrollar estándares y certificaciones para los proveedores de garantía de edad. El intercambio de credenciales de confianza también puede ser cada vez más posible gracias a los ecosistemas emergentes de identidad digital —incluidos los documentos de identidad emitidos por el gobierno y modelos basados en carteras— que preservan la privacidad mutua entre emisores y partes de confianza.
• Apoyar, no abrumar. Los resultados de nuestra Encuesta Global de Seguridad en Internet muestran que, aunque los padres puedan subestimar los riesgos que enfrentan los adolescentes en Internet, los adolescentes son los que con más probabilidad acuden a un padre en busca de ayuda. Los padres no deberían recibir una avalancha de notificaciones ni asumir la responsabilidad exclusiva de la seguridad, sino tener acceso, concienciación y educación sobre herramientas de seguridad familiar que les ayuden a tomar decisiones informadas adecuadas para su familia y sus valores.
• Fomentar la colaboración multiactor. Creemos que es esencial dar voz y perspectivas a los jóvenes, así como que los reguladores y la industria se comprometan con la sociedad civil y colaboren para avanzar en soluciones prácticas. A medida que entren en vigor las normativas de seguridad infantil, también será importante obtener opiniones de las comunidades afectadas sobre dónde la regulación puede tener impactos adversos en los derechos, así como entender dónde se pudo evitar el daño. La educación pública será necesaria para ayudar a todos los usuarios a entender por qué sus experiencias online podrían estar cambiando.

Vamos a continuar con el aprendizaje, la escucha y la colaboración, en especial con nuestro nuevo Consejo, y esperamos compartir nuestras ideas.

Etiquetas:

• IA
• On the Issues
• Seguridad

The post Impulsar y empoderar a los jóvenes para un futuro con IA appeared first on Source LATAM.

​The post Impulsar y empoderar a los jóvenes para un futuro con IA appeared first on Source LATAM.  

Today, AWS announces Amazon Aurora PostgreSQL-Compatible Edition integration with Kiro powers, enabling developers to build Aurora PostgreSQL backed applications faster with AI agent-assisted development using Kiro. Kiro powers is a repository of curated and pre-packaged Model Context Protocol (MCP) servers, steering files, and hooks validated by Kiro partners to accelerate specialized software development and deployment use cases. Kiro power for Aurora PostgreSQL packages the MCP server with targeted database development guidance, giving the Kiro agent instant expertise in Aurora PostgreSQL operations and schema design.

Kiro power for Aurora PostgreSQL bundles direct database connectivity through the Aurora PostgreSQL MCP server for data plane operations (queries, table creation, schema management), and control plane operations (cluster creation) and the steering file with Aurora PostgreSQL–specific best practices. When developers work on database tasks, the power dynamically loads relevant guidance – whether creating new Aurora clusters, designing schemas, or optimizing queries – so AI agents receive only the context needed for the specific task at hand.

Aurora PostgreSQL power is available within Kiro IDE and Kiro powers webpage for one-click installation and can create and manage Aurora PostgreSQL clusters in all AWS Regions. For more information about development use cases, read this blog post. To learn more about Aurora PostgreSQL MCP server, visit our documentation.

Amazon Aurora is designed for unparalleled high performance and availability at global scale with full PostgreSQL compatibility. It provides built-in security, continuous backups, serverless compute, up to 15 read replicas, and automated multi-Region replication. To get started with Amazon Aurora, visit our getting started page.

​Today, AWS announces Amazon Aurora PostgreSQL-Compatible Edition integration with Kiro powers, enabling developers to build Aurora PostgreSQL backed applications faster with AI agent-assisted development using Kiro. Kiro powers is a repository of curated and pre-packaged Model Context Protocol (MCP) servers, steering files, and hooks validated by Kiro partners to accelerate specialized software development and deployment use cases. Kiro power for Aurora PostgreSQL packages the MCP server with targeted database development guidance, giving the Kiro agent instant expertise in Aurora PostgreSQL operations and schema design. Kiro power for Aurora PostgreSQL bundles direct database connectivity through the Aurora PostgreSQL MCP server for data plane operations (queries, table creation, schema management), and control plane operations (cluster creation) and the steering file with Aurora PostgreSQL–specific best practices. When developers work on database tasks, the power dynamically loads relevant guidance – whether creating new Aurora clusters, designing schemas, or optimizing queries – so AI agents receive only the context needed for the specific task at hand. Aurora PostgreSQL power is available within Kiro IDE and Kiro powers webpage for one-click installation and can create and manage Aurora PostgreSQL clusters in all AWS Regions. For more information about development use cases, read this blog post. To learn more about Aurora PostgreSQL MCP server, visit our documentation. Amazon Aurora is designed for unparalleled high performance and availability at global scale with full PostgreSQL compatibility. It provides built-in security, continuous backups, serverless compute, up to 15 read replicas, and automated multi-Region replication. To get started with Amazon Aurora, visit our getting started page.  

Amazon Aurora DSQL now supports faster cluster creation, reducing setup time from minutes to seconds.

With cluster creation now in seconds, developers can instantly provision Aurora DSQL databases to rapidly prototype new ideas. Developers can use the integrated query editor in the AWS console to immediately start building without needing to configure external clients or connect through the Aurora DSQL Model Context Protocol (MCP) server to enable AI-powered development tools. Whether prototyping or running production workloads, Aurora DSQL delivers virtually unlimited scalability, active-active high availability, zero infrastructure management, and pay-for-what-you-use pricing, ensuring your database effortlessly scales alongside your application needs.

This enhancement is available in all Regions where Aurora DSQL is offered. Get started with Aurora DSQL for free with the AWS Free Tier. To learn more, visit the Aurora DSQL webpage and documentation.

​Amazon Aurora DSQL now supports faster cluster creation, reducing setup time from minutes to seconds. With cluster creation now in seconds, developers can instantly provision Aurora DSQL databases to rapidly prototype new ideas. Developers can use the integrated query editor in the AWS console to immediately start building without needing to configure external clients or connect through the Aurora DSQL Model Context Protocol (MCP) server to enable AI-powered development tools. Whether prototyping or running production workloads, Aurora DSQL delivers virtually unlimited scalability, active-active high availability, zero infrastructure management, and pay-for-what-you-use pricing, ensuring your database effortlessly scales alongside your application needs. This enhancement is available in all Regions where Aurora DSQL is offered. Get started with Aurora DSQL for free with the AWS Free Tier. To learn more, visit the Aurora DSQL webpage and documentation.  

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C7i instances powered by custom 4th Gen Intel Xeon Scalable processors (code-named Sapphire Rapids) are available in the Asia Pacific (Hyderabad) Region. C7i instances are supported by custom Intel processors, available only on AWS.

C7i instances deliver up to 15% better price-performance versus C6i instances and are a great choice for all compute-intensive workloads, such as batch processing, distributed analytics, ad-serving, and video encoding. C7i instances offer larger instance sizes, up to 48xlarge, and two bare metal sizes (metal-24xl, metal-48xl). These bare-metal sizes support built-in Intel accelerators: Data Streaming Accelerator, In-Memory Analytics Accelerator, and QuickAssist Technology that are used to facilitate efficient offload and acceleration of data operations and optimize performance for workloads.

C7i instances support new Intel Advanced Matrix Extensions (AMX) that accelerate matrix multiplication operations for applications such as CPU-based ML. Customers can attach up to 128 EBS volumes to a C7i instance vs. up to 28 EBS volumes to a C6i instance. This allows processing of larger amounts of data, scale workloads, and improved performance over C6i instances.

To learn more, visit Amazon EC2 C7i Instances. To get started, see the AWS Management Console.

​Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C7i instances powered by custom 4th Gen Intel Xeon Scalable processors (code-named Sapphire Rapids) are available in the Asia Pacific (Hyderabad) Region. C7i instances are supported by custom Intel processors, available only on AWS. C7i instances deliver up to 15% better price-performance versus C6i instances and are a great choice for all compute-intensive workloads, such as batch processing, distributed analytics, ad-serving, and video encoding. C7i instances offer larger instance sizes, up to 48xlarge, and two bare metal sizes (metal-24xl, metal-48xl). These bare-metal sizes support built-in Intel accelerators: Data Streaming Accelerator, In-Memory Analytics Accelerator, and QuickAssist Technology that are used to facilitate efficient offload and acceleration of data operations and optimize performance for workloads. C7i instances support new Intel Advanced Matrix Extensions (AMX) that accelerate matrix multiplication operations for applications such as CPU-based ML. Customers can attach up to 128 EBS volumes to a C7i instance vs. up to 28 EBS volumes to a C6i instance. This allows processing of larger amounts of data, scale workloads, and improved performance over C6i instances. To learn more, visit Amazon EC2 C7i Instances. To get started, see the AWS Management Console.  

Amazon Cognito identity pools now support AWS PrivateLink, enabling you to securely exchange federated identities for AWS credentials through private connectivity between your virtual private cloud (VPC) and Cognito. This eliminates the need to route authentication traffic over the public internet, providing enhanced security for your workloads. Identity pools map authenticated and guest identities to your AWS Identity and Access Management (IAM) roles and provide temporary AWS credentials, with this new feature, through a secure and private connection.

You can use PrivateLink connections in all AWS Regions where Amazon Cognito identity pools are available, except AWS China (Beijing) Region, operated by Sinnet, and AWS GovCloud (US) Regions. Creating VPC endpoints on AWS PrivateLink will incur additional charges; refer to AWS PrivateLink pricing page for details. You can get started by creating an AWS PrivateLink VPC interface endpoint for Amazon Cognito identity pools using the AWS Management Console, AWS Command Line Interface (CLI), AWS Software Development Kits (SDKs), AWS Cloud Development Kit (CDK), or AWS CloudFormation. To learn more, refer to the documentation on creating a VPC interface endpoint and Amazon Cognito’s developer guide. 

​Amazon Cognito identity pools now support AWS PrivateLink, enabling you to securely exchange federated identities for AWS credentials through private connectivity between your virtual private cloud (VPC) and Cognito. This eliminates the need to route authentication traffic over the public internet, providing enhanced security for your workloads. Identity pools map authenticated and guest identities to your AWS Identity and Access Management (IAM) roles and provide temporary AWS credentials, with this new feature, through a secure and private connection. You can use PrivateLink connections in all AWS Regions where Amazon Cognito identity pools are available, except AWS China (Beijing) Region, operated by Sinnet, and AWS GovCloud (US) Regions. Creating VPC endpoints on AWS PrivateLink will incur additional charges; refer to AWS PrivateLink pricing page for details. You can get started by creating an AWS PrivateLink VPC interface endpoint for Amazon Cognito identity pools using the AWS Management Console, AWS Command Line Interface (CLI), AWS Software Development Kits (SDKs), AWS Cloud Development Kit (CDK), or AWS CloudFormation. To learn more, refer to the documentation on creating a VPC interface endpoint and Amazon Cognito’s developer guide.