AWS Cloud Map now supports service-level attributes, enabling you to store and access information directly at the service level. With AWS Cloud Map, you can define custom names for your application resources, such as Amazon Elastic Container Services (Amazon ECS) tasks, Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon DynamoDB tables, or other cloud resources. You can then use these custom names to discover the location of cloud resources from your applications using AWS SDK and authenticated API queries. With service-level attributes, your applications can store and retrieve important service-level information, such as traffic weights during deployments, through a simple API call to AWS Cloud Map. AWS Cloud Map service is a logical group of instances, enabling you to find and connect to resources.

With AWS Cloud Map support for service-level attributes, you can now register key value attributes directly at service level, which were previously stored at the instance level or retrieved through ad-hoc channels like static config files. This feature allows you to discover resources using service-level attributes for various use cases, such as complex traffic routing, setting timeout and retry values, and coordination between services and external integrations. This capability helps you avoid duplicating service level information across instances, simplifying retrieval, updates, and deletion without requiring changes to individual instances.

To learn more, please refer to the AWS Cloud Map documentation. To see all of the Regions where AWS Cloud Map is available, see the AWS Region table.

 

​AWS Cloud Map now supports service-level attributes, enabling you to store and access information directly at the service level. With AWS Cloud Map, you can define custom names for your application resources, such as Amazon Elastic Container Services (Amazon ECS) tasks, Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon DynamoDB tables, or other cloud resources. You can then use these custom names to discover the location of cloud resources from your applications using AWS SDK and authenticated API queries. With service-level attributes, your applications can store and retrieve important service-level information, such as traffic weights during deployments, through a simple API call to AWS Cloud Map. AWS Cloud Map service is a logical group of instances, enabling you to find and connect to resources. With AWS Cloud Map support for service-level attributes, you can now register key value attributes directly at service level, which were previously stored at the instance level or retrieved through ad-hoc channels like static config files. This feature allows you to discover resources using service-level attributes for various use cases, such as complex traffic routing, setting timeout and retry values, and coordination between services and external integrations. This capability helps you avoid duplicating service level information across instances, simplifying retrieval, updates, and deletion without requiring changes to individual instances. To learn more, please refer to the AWS Cloud Map documentation. To see all of the Regions where AWS Cloud Map is available, see the AWS Region table.  

Today, AWS announced the opening of a new AWS Direct Connect location within the Telehouse OS2 data center in Osaka, Japan. By connecting your network to AWS at the new Osaka location, you gain private, direct access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones. This is the second AWS Direct Connect site within the Osaka Metropolitan area and the fifth site in Japan.

The Direct Connect service enables you to establish a private, physical network connection between AWS and your data center, office, or colocation environment. These private connections can provide a more consistent network experience than those made over the public internet. The new Direct Connect location at Telehouse OS2 offers dedicated 1G, 10 Gbps and 100 Gbps connections with MACsec encryption available.

For more information on the over 145 Direct Connect locations worldwide, visit the locations section of the Direct Connect product detail pages. Or, visit our getting started page to learn more about how to purchase and deploy Direct Connect.

 

​Today, AWS announced the opening of a new AWS Direct Connect location within the Telehouse OS2 data center in Osaka, Japan. By connecting your network to AWS at the new Osaka location, you gain private, direct access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones. This is the second AWS Direct Connect site within the Osaka Metropolitan area and the fifth site in Japan. The Direct Connect service enables you to establish a private, physical network connection between AWS and your data center, office, or colocation environment. These private connections can provide a more consistent network experience than those made over the public internet. The new Direct Connect location at Telehouse OS2 offers dedicated 1G, 10 Gbps and 100 Gbps connections with MACsec encryption available. For more information on the over 145 Direct Connect locations worldwide, visit the locations section of the Direct Connect product detail pages. Or, visit our getting started page to learn more about how to purchase and deploy Direct Connect.  

Amazon DynamoDB is a serverless, NoSQL, fully managed database with single-digit millisecond performance at any scale. The Federal Information Processing Standard (FIPS) Publication 140-3 is a US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information. Today, we are announcing the general availability of FIPS 140-3 interface endpoint support for DynamoDB and FIPS 140-3 public endpoint support for DynamoDB Streams.

You can use AWS PrivateLink with DynamoDB for regulated workloads that require a secure connection using a FIPS 140-3 validated cryptographic module.

FIPS-compliant endpoints help companies contracting with the federal government meet the FIPS security requirement to encrypt sensitive data in supported Regions. The new capability is available in AWS Regions in the United States and Canada, and the AWS GovCloud (US) Regions. Learn more about AWS FIPS 140-3 at FIPS 140-3 Compliance.

 

​Amazon DynamoDB is a serverless, NoSQL, fully managed database with single-digit millisecond performance at any scale. The Federal Information Processing Standard (FIPS) Publication 140-3 is a US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information. Today, we are announcing the general availability of FIPS 140-3 interface endpoint support for DynamoDB and FIPS 140-3 public endpoint support for DynamoDB Streams. You can use AWS PrivateLink with DynamoDB for regulated workloads that require a secure connection using a FIPS 140-3 validated cryptographic module. FIPS-compliant endpoints help companies contracting with the federal government meet the FIPS security requirement to encrypt sensitive data in supported Regions. The new capability is available in AWS Regions in the United States and Canada, and the AWS GovCloud (US) Regions. Learn more about AWS FIPS 140-3 at FIPS 140-3 Compliance.  

Today, Amazon Redshift announced the support for automatically and incrementally refreshable materialized views (MVs) on tables in a zero-ETL integration. This new feature eliminates the need for full refreshes, which previously required re-executing underlying select statements and rewriting all data in the MV.

With this launch, you can leverage the power of zero-ETL integrations with automatically and incrementally refreshable MVs, enabling more efficient data updates and faster query responses. This feature automatically keeps MVs up-to-date as the underlying data changes, eliminating the need for manual refresh operations or complex ETL processes. Organizations handling high-volume, dynamic datasets can now access near real-time insights while significantly reducing their operational workload.

To learn more and get started with zero-ETL integration, visit the getting started guides for Amazon Redshift. To learn more about refreshing a materialized view, visit the documentation.
 

 

​Today, Amazon Redshift announced the support for automatically and incrementally refreshable materialized views (MVs) on tables in a zero-ETL integration. This new feature eliminates the need for full refreshes, which previously required re-executing underlying select statements and rewriting all data in the MV. With this launch, you can leverage the power of zero-ETL integrations with automatically and incrementally refreshable MVs, enabling more efficient data updates and faster query responses. This feature automatically keeps MVs up-to-date as the underlying data changes, eliminating the need for manual refresh operations or complex ETL processes. Organizations handling high-volume, dynamic datasets can now access near real-time insights while significantly reducing their operational workload. To learn more and get started with zero-ETL integration, visit the getting started guides for Amazon Redshift. To learn more about refreshing a materialized view, visit the documentation.    

Amazon Bedrock Guardrails enable you to implement safeguards for your generative AI applications based on your use cases and responsible AI policies. Starting today, we are excited to announce that Amazon Bedrock Guardrails adds multilingual capabilities with support for Spanish and French languages.

Amazon Bedrock Guardrails help you implement safeguards for building safe, generative AI applications by filtering undesirable content, redacting personally identifiable information (PII), and enhancing content safety and privacy. You can configure policies for content filters, denied topics, word filters, PII redaction, and contextual grounding checks to tailor safeguards to your specific use cases and responsible AI policies.

With support for Spanish and French languages, a wider set of users in multiple geographies can now use Bedrock Guardrails to build safer generative AI applications based on their use cases and responsible AI policies.

To learn more about Amazon Bedrock Guardrails, see the product page and the technical documentation.

 

​Amazon Bedrock Guardrails enable you to implement safeguards for your generative AI applications based on your use cases and responsible AI policies. Starting today, we are excited to announce that Amazon Bedrock Guardrails adds multilingual capabilities with support for Spanish and French languages. Amazon Bedrock Guardrails help you implement safeguards for building safe, generative AI applications by filtering undesirable content, redacting personally identifiable information (PII), and enhancing content safety and privacy. You can configure policies for content filters, denied topics, word filters, PII redaction, and contextual grounding checks to tailor safeguards to your specific use cases and responsible AI policies. With support for Spanish and French languages, a wider set of users in multiple geographies can now use Bedrock Guardrails to build safer generative AI applications based on their use cases and responsible AI policies. To learn more about Amazon Bedrock Guardrails, see the product page and the technical documentation.  

Today, AWS Backup is announcing expanded regional coverage for cross-account management in opt-in Regions (Regions that are disabled by default). Cross-account management helps customers manage and monitor backups across their AWS accounts with AWS Organizations.

With cross-account management in AWS Backup, customers can deploy an organization-wide backup policy using their AWS Organizations’ management account or delegated administrator account, and help maintain compliance across all organizational accounts while reducing account management overhead. Cross-account monitoring allows you to monitor backup activity across all the accounts in your organization from the management account.

For more information on AWS Backup cross-account management, visit the documentation. Get started with AWS Backup today.
 

 

​Today, AWS Backup is announcing expanded regional coverage for cross-account management in opt-in Regions (Regions that are disabled by default). Cross-account management helps customers manage and monitor backups across their AWS accounts with AWS Organizations. With cross-account management in AWS Backup, customers can deploy an organization-wide backup policy using their AWS Organizations’ management account or delegated administrator account, and help maintain compliance across all organizational accounts while reducing account management overhead. Cross-account monitoring allows you to monitor backup activity across all the accounts in your organization from the management account. For more information on AWS Backup cross-account management, visit the documentation. Get started with AWS Backup today.    

Today we’re excited to announce Research and Engineering Studio (RES) on AWS Version 2024.12. This release makes it possible to configure your Active Directory (AD) dynamically at runtime, allows Amazon Cognito users to launch Linux virtual desktops, and gives administrators the option to configure SSH access to virtual desktop infrastructure (VDI).

RES administrators can now manage AD parameters and enable Cognito users through the RES UI in the new Identity Management page. AD parameters that were once required when deploying RES are now optional and can be changed at any time after deployment. Admins can also add LDAP filters for users and groups to be more targeted about what AD identities get synced to RES. Cognito can now be used as an identity source and login method to either augment or replace the existing Active Directory and Single Sign-On (SSO) authentication. Cognito users can access Linux VDI sessions in the RES environment just like users that access the environment through SSO. Add Cognito users to RES by manually adding them to the RES Cognito User Pool or activating user self registration from the RES UI.

This release also gives administrators control over SSH access in the RES environment. SSH access to VDI sessions is now deactivated by default and can be reactivated at any time from the Permission Policy page.

See the regional availability page for the list of regions where RES is available.

Check out additional release notes on Github to get started and deploy RES 2024.12.

 

​Today we’re excited to announce Research and Engineering Studio (RES) on AWS Version 2024.12. This release makes it possible to configure your Active Directory (AD) dynamically at runtime, allows Amazon Cognito users to launch Linux virtual desktops, and gives administrators the option to configure SSH access to virtual desktop infrastructure (VDI). RES administrators can now manage AD parameters and enable Cognito users through the RES UI in the new Identity Management page. AD parameters that were once required when deploying RES are now optional and can be changed at any time after deployment. Admins can also add LDAP filters for users and groups to be more targeted about what AD identities get synced to RES. Cognito can now be used as an identity source and login method to either augment or replace the existing Active Directory and Single Sign-On (SSO) authentication. Cognito users can access Linux VDI sessions in the RES environment just like users that access the environment through SSO. Add Cognito users to RES by manually adding them to the RES Cognito User Pool or activating user self registration from the RES UI. This release also gives administrators control over SSH access in the RES environment. SSH access to VDI sessions is now deactivated by default and can be reactivated at any time from the Permission Policy page. See the regional availability page for the list of regions where RES is available. Check out additional release notes on Github to get started and deploy RES 2024.12.  

AWS Toolkit for Visual Studio Code now includes Amazon CloudWatch Logs Live Tail, an interactive log streaming and analytics capability which provides real-time visibility into your logs, making it easier to develop and troubleshoot your serverless applications.

The Toolkit for VS Code is an open-source extension for the Visual Studio Code (VS Code) editor. This extension makes it easier for developers to develop, debug locally, and deploy serverless applications that use AWS. This new integration brings the power of Live Tail directly into the VS Code Command Palette. CloudWatch log events can now be streamed in the VS Code Editor as they are ingested in real-time. You can search, filter, and highlight log events of interest, to aid and accelerate troubleshooting, investigations, and root cause analysis.

Amazon CloudWatch Logs Live Tail for AWS Toolkit for Visual Studio Code is available in all AWS Commercial regions.

To learn more, please visit the documentation. For pricing details, check Amazon CloudWatch Pricing.
 

 

​AWS Toolkit for Visual Studio Code now includes Amazon CloudWatch Logs Live Tail, an interactive log streaming and analytics capability which provides real-time visibility into your logs, making it easier to develop and troubleshoot your serverless applications. The Toolkit for VS Code is an open-source extension for the Visual Studio Code (VS Code) editor. This extension makes it easier for developers to develop, debug locally, and deploy serverless applications that use AWS. This new integration brings the power of Live Tail directly into the VS Code Command Palette. CloudWatch log events can now be streamed in the VS Code Editor as they are ingested in real-time. You can search, filter, and highlight log events of interest, to aid and accelerate troubleshooting, investigations, and root cause analysis. Amazon CloudWatch Logs Live Tail for AWS Toolkit for Visual Studio Code is available in all AWS Commercial regions. To learn more, please visit the documentation. For pricing details, check Amazon CloudWatch Pricing.    

Starting today, you can use Amazon Route 53 Resolver DNS Firewall and DNS Firewall Advanced in the Asia Pacific (Malaysia) Region.

Route 53 Resolver DNS Firewall is a managed service that enables you to block DNS queries made for domains identified as low-reputation or suspected to be malicious, and to allow queries for trusted domains. In addition, Route 53 Resolver DNS Firewall Advanced is a capability of DNS Firewall that allows you to detect and block DNS traffic associated with Domain Generation Algorithms (DGA) and DNS Tunneling threats. DNS Firewall can be enabled only for Route 53 Resolver, which is a recursive DNS server that is available by default in all Amazon Virtual Private Clouds (VPCs) and that responds to DNS queries from AWS resources within a VPC for public DNS records, VPC-specific domain names, and Route 53 private hosted zones. DNS Firewall provides more granular control over the DNS querying behavior of resources within your VPCs by letting you create “blocklists” for domains you don’t want your VPC resources to communicate with via DNS, or take a stricter, “walled-garden” approach by creating “allowlists” that permit outbound DNS queries only to domains you specify. With DNS Firewall Advanced, you can also configure rules to alert on or block DNS traffic associated with more advanced DNS threats.

Visit the AWS Region Table to see all AWS Regions where Amazon Route 53 is available. Please visit our product page and documentation to learn more about Amazon Route 53 Resolver DNS Firewall and its pricing.

 

​Starting today, you can use Amazon Route 53 Resolver DNS Firewall and DNS Firewall Advanced in the Asia Pacific (Malaysia) Region. Route 53 Resolver DNS Firewall is a managed service that enables you to block DNS queries made for domains identified as low-reputation or suspected to be malicious, and to allow queries for trusted domains. In addition, Route 53 Resolver DNS Firewall Advanced is a capability of DNS Firewall that allows you to detect and block DNS traffic associated with Domain Generation Algorithms (DGA) and DNS Tunneling threats. DNS Firewall can be enabled only for Route 53 Resolver, which is a recursive DNS server that is available by default in all Amazon Virtual Private Clouds (VPCs) and that responds to DNS queries from AWS resources within a VPC for public DNS records, VPC-specific domain names, and Route 53 private hosted zones. DNS Firewall provides more granular control over the DNS querying behavior of resources within your VPCs by letting you create “blocklists” for domains you don’t want your VPC resources to communicate with via DNS, or take a stricter, “walled-garden” approach by creating “allowlists” that permit outbound DNS queries only to domains you specify. With DNS Firewall Advanced, you can also configure rules to alert on or block DNS traffic associated with more advanced DNS threats. Visit the AWS Region Table to see all AWS Regions where Amazon Route 53 is available. Please visit our product page and documentation to learn more about Amazon Route 53 Resolver DNS Firewall and its pricing.  

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C7g instances are available in the AWS GovCloud (US-East, US-West) Regions. These instances are powered by AWS Graviton3 processors that provide up to 25% better compute performance compared to AWS Graviton2 processors, and built on top of the the AWS Nitro System, a collection of AWS designed innovations that deliver efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage.

Amazon EC2 Graviton3 instances also use up to 60% less energy to reduce your cloud carbon footprint for the same performance than comparable EC2 instances. For increased scalability, these instances are available in 9 different instance sizes, including bare metal, and offer up to 30 Gbps networking bandwidth and up to 20 Gbps of bandwidth to the Amazon Elastic Block Store (EBS).

To learn more, see Amazon EC2 C7g. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS GovCloud (US) Console.

 

​Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C7g instances are available in the AWS GovCloud (US-East, US-West) Regions. These instances are powered by AWS Graviton3 processors that provide up to 25% better compute performance compared to AWS Graviton2 processors, and built on top of the the AWS Nitro System, a collection of AWS designed innovations that deliver efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage. Amazon EC2 Graviton3 instances also use up to 60% less energy to reduce your cloud carbon footprint for the same performance than comparable EC2 instances. For increased scalability, these instances are available in 9 different instance sizes, including bare metal, and offer up to 30 Gbps networking bandwidth and up to 20 Gbps of bandwidth to the Amazon Elastic Block Store (EBS). To learn more, see Amazon EC2 C7g. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS GovCloud (US) Console.