AWS News Apr 13 - Apr 19

AWS News May 18 - May 24

This week: Aurora MySQL 8.4 reaches GA with stronger security defaults, ECS deployments gain pause-and-continue controls for approval workflows, and Security Hub now detects unused IAM access across your organization. Plus DocumentDB Serverless gets major performance boosts, SAM CLI supports CloudFormation Language Extensions, and a new Istanbul Local Zone brings single-digit millisecond latency to Türkiye. Secrets & Identity * Secrets Manager Agent: Pre-fetching for batch caching, IAM role assumption for cross-account * Secrets Manager: Managed rotation for Datadog API keys and Snowflake tokens * Security Hub: Detects unused IAM access across org, generates least-privilege policies Compute & Containers * ECS: Pause/continue deployment controls with 14-day timeouts, approval workflows * ECS + EBS: Now available in GovCloud regions * Elastic VMware Service: 32 ESXi hosts per environment (2x increase) * Lightsail CDN: IPv6-only instance origins supported Data & Analytics * Redshift: Direct writes to Iceberg tables, ALTER TABLE for partitioning * DocumentDB Serverless: v8.0 with 7x query latency, 30x faster vector index builds * Aurora MySQL 8.4: GA with TLS 1.2/1.3 enforced, automated upgrade prechecks * CloudWatch Logs Insights: 13 new commands (base64 decode, logfmt parse, geo distance) * Keyspaces: Expanded to new Asia Pacific regions ML & AI * SageMaker Studio: GPU reservation via Flexible Training Plans, up to 65% savings * SageMaker HyperPod: Inference payload capture to S3 for training/evaluation * SageMaker endpoints: OpenAI-compatible APIs (works with LangChain, Strands) * SageMaker Unified Studio: Glue Data Quality rules, auto connector provisioning, business metadata * Bedrock: Custom tagging for inference calls (team, project, environment) Infrastructure & Networking * Local Zones: Istanbul launch (C7i, M7i, R7i, S3, EKS, ALB) * Local Zones: Now in console region selector * Managed Grafana: Dual-stack IPv4/IPv6 connectivity * Transfer Family: Federated permissions with Identity Center multi-region Developer Tools * SAM CLI: CloudFormation Language Extensions support (Fn::ForEach) * ExtendDB: Open source DynamoDB adapter with PostgreSQL backend AWS News Feed: Whats new at AWS [https://aws.amazon.com/new/?whats-new-content-all.sort-by=item.additionalFields.postDateTime&whats-new-content-all.sort-order=desc&awsf.whats-new-categories=*all] For help with your AWS Infrastructure check out flomotlik.me [https://flomotlik.me] or email flo@flomotlik.me [flo@flomotlik.me] For detailed show notes check out awsnewsweekly.com [https://awsnewsweekly.com]

AWS News May 11 - May 17

This week: AWS Transform adds containerized migration and an agentic AI assistant for .NET developers, Claude Platform launches as GA making AWS the first cloud to offer Anthropic's native experience, and EC2 M3 Ultra Mac instances bring Mac Studio hardware to the cloud. Plus CloudFormation's new cross-account output references, major SageMaker GPU instance expansions, and Organizations doubles SCP limits. Migration & Modernization * Transform: Containerizes apps, generates Dockerfiles, Terraform, Helm charts * Transform: Agentic AI assistant for .NET modernization in VS Toolkit * Transform: Agent builder toolkit for custom modernization agents * Transform: BYOB S3 storage with KMS encryption AI/ML * Claude Platform: GA on AWS - first cloud with native Anthropic experience via IAM * SageMaker: P6b200 instances (8 Blackwell GPUs, 1400GB HBM), 2x perf vs P5en * SageMaker: Serverless fine-tuning for Qwen 3.6 (27B params) * SageMaker Data Agent: IAM Identity Center support, generates Python/SQL from English * SageMaker Feature Store: Python SDK v3 with Lake Formation access controls * Bedrock: Advanced Prompt Optimization - compare across 5 models, multimodal support * Security Agent: Full repo code review, reasons about architecture and trust boundaries Compute & Networking * EC2 M3 Ultra Mac: GA - M3 Ultra chip, 28-core CPU, 256GB unified memory * ENA Express: 25Gbps cross-AZ (was 5Gbps) * Karpenter: ARC zonal shift integration for EKS * Redshift RG: Graviton-powered, 2.4x faster, 30% lower cost, built-in data lake engine Database & Storage * Aurora D-sequel: CDC preview - streams changes to Kinesis * RDS Oracle: M8i/R8i with Standard Edition License Included * FSx OpenZFS: Multi-AZ in shared VPCs for participant accounts Serverless & Events * Lambda: Scheduled scaling via EventBridge Scheduler * EventBridge Scheduler: 13 new services, 600+ API actions, 270+ total * ARC Region Switch: Automates Lambda event source failover Networking & Security * CloudFront: Premium tiers now self-service (500M-6B requests) * CloudFront: OCSP revocation checking and mTLS passthrough mode * WAF: Dynamic label interpolation, synthetic labels for IP/JA3/JA4 * Organizations: 2x SCP limits (10 per node, 10K chars) * CloudFormation: Fn::GetStackOutput for cross-account/region refs AWS News Feed: Whats new at AWS [https://aws.amazon.com/new/?whats-new-content-all.sort-by=item.additionalFields.postDateTime&whats-new-content-all.sort-order=desc&awsf.whats-new-categories=*all] For help with your AWS Infrastructure check out flomotlik.me [https://flomotlik.me] or email flo@flomotlik.me [flo@flomotlik.me] For detailed show notes check out awsnewsweekly.com [https://awsnewsweekly.com]

AWS News May 04 - May 10

This week: ElastiCache adds built-in full-text and vector search with Valkey 9, SageMaker AI introduces agentic model customization that cuts deployment from months to days, and Bedrock AgentCore launches payment capabilities for autonomous AI agents. Plus major IAM quota increases, new M8 and R8 EC2 instances, and the AWS MCP Server goes GA. Compute * EC2 I8ge: 60% better compute, 55% better storage/TB, 120TB NVMe, 60% lower IO latency * EC2 R8idn/R8idb: 43% better compute/vCPU, 600Gbps network, 300Gbps EBS * EC2 M8idn/M8idb: 43% better compute/vCPU, 600Gbps network, 300Gbps EBS * RDS SQL Server: M8i/R8i (15% better price-perf), M8a/R8a (70% higher throughput) AI/ML * SageMaker AI: Agentic model customization - months to days with coding agents * Agent Toolkit: 40+ skills, managed MCP server with IAM guardrails (GA) * AWS MCP Server: GA - any AWS API, sandboxed Python, IAM/CloudTrail integration * Bedrock AgentCore: Autonomous payments (preview), file system mounts, memory metadata filtering Analytics * QuickSight: S3 table buckets direct connect, Dataset Q&A text-to-SQL, NL dashboard generation * ElastiCache Valkey 9: Full-text/vector hybrid search, 40% higher throughput * Entity Resolution: Incremental ML matching - 95% faster (1M records/hour vs 2 days) * OpenSearch: VPC egress for private connections, unused index insights Storage & Database * Aurora D-sequel: PostgreSQL JSON type with compression * RDS SQL Server: Readable replicas on multi-volume instances (256TiB) Networking * VPC Lattice: Private domain-name targets via in-VPC DNS resolution * Site-to-Site VPN: In-place bandwidth tier changes * Route 53 Resolver: IPv6 DNS64 synthesis, dynamic region management Security & Identity * IAM: Doubled quotas - 10K roles/policies/profiles, 700 OIDC providers * Payment Cryptography: Cross-account key sharing * JDBC Wrapper: Column-level KMS encryption plugin Operations * EventBridge: PutEvents now in CloudTrail * CloudWatch: Tag-based log group queries, mobile alarm investigation with AI * Backup for EKS: 10x faster cluster backups Developer Tools * SAM: WebSocket API support, BuildKit for container builds * Neptune: One-click CloudShell connect AWS News Feed: Whats new at AWS [https://aws.amazon.com/new/?whats-new-content-all.sort-by=item.additionalFields.postDateTime&whats-new-content-all.sort-order=desc&awsf.whats-new-categories=*all] For help with your AWS Infrastructure check out flomotlik.me [https://flomotlik.me] or email flo@flomotlik.me [flo@flomotlik.me] For detailed show notes check out awsnewsweekly.com [https://awsnewsweekly.com]

AWS News Apr 20 - Apr 26

This week: Lambda Durable Execution SDK brings year-long workflow checkpointing to Java developers, S3 adds ten checksum algorithms for data integrity, and CloudWatch Logs Insights now supports JOIN queries across log groups. Plus MSK Replicator gains external cluster migration, Aurora Serverless v4 delivers 30% better performance, and Bedrock AgentCore lets you prototype agents without orchestration code. Identity & Directory * Managed Microsoft AD: Auto-upgraded to Windows 2016, adds LAPS support * Managed Microsoft AD: Kerberos encryption audit logs to CloudWatch Migration & Landing Zone * Transform: Automates Control Tower/Organizations/IAM setup, exports as CFN/CDK/LZA Contact Center * Connect: Pass customer context into calls for instant recognition * Connect Outbound: Hourly segment refresh, priority dialing by 10 attributes * Connect: Agentic voice AI expands to 10 locales * Connect: 8 new AI agent metrics (goal success, faithfulness, tool accuracy) Storage * S3 Express One Zone: S3 Inventory support for directory buckets * S3: 10 checksum algorithms added, auto-validates on upload Streaming & Kafka * MSK Replicator: Enhanced logs, bidirectional sync, external Kafka→Express Observability * CloudWatch Logs Insights: JOIN and sub-query across log groups * CloudWatch Pipelines: Natural language log processor config Containers & Kubernetes * EKS: 7 new IAM condition keys (private endpoints, KMS, version, deletion) * EKS Hybrid Nodes: Gateway automates VPC-to-pod networking Database * DocumentDB: In-place upgrade v5→v8, 7x faster queries, 5x compression * Aurora Serverless: 30% faster, smarter scaling, scales to zero Compute & Lambda * Lambda Durable Execution SDK: GA - checkpointing, pause up to 1 year * Lambda: Mount S3 buckets as file systems via S3 Files * EC2: Hide managed service resources from console/API IoT & Edge * IoT Greengrass 2.17: Non-root Linux, nucleus lite (36→4MB), TPM 2.0 VMware & Windows * Elastic VMware Service: Includes Windows Server licensing Backup & Governance * Backup Policies: Direct targeting for Redshift Serverless, Aurora DSQL Location & Address * Location Service: Bulk address validation (US/CA/AU/UK) with geocoding AWS News Feed: Whats new at AWS [https://aws.amazon.com/new/?whats-new-content-all.sort-by=item.additionalFields.postDateTime&whats-new-content-all.sort-order=desc&awsf.whats-new-categories=*all] For help with your AWS Infrastructure check out flomotlik.me [https://flomotlik.me] or email flo@flomotlik.me [flo@flomotlik.me] For detailed show notes check out awsnewsweekly.com [https://awsnewsweekly.com]

AWS News Apr 13 - Apr 19

This week: AWS Interconnect goes multicloud with Google Cloud support and Azure coming in 2026, Secrets Manager adds post-quantum encryption to protect against future threats, and new C8in instances deliver 600 Gbps networking. Plus CloudWatch gets cross-region telemetry management and Aurora D-sequel launches a dedicated PHP connector. Networking * Interconnect Last Mile: Branch/DC to cloud via Lumen, 1-100 Gbps dynamic scaling, MACsec default * Interconnect Multicloud: GA - private links to GCP now, Azure/Oracle in 2026, free 500Mbps/region * Elastic DR: IPv6 support for replication and control plane Compute * EC2 C8in/C8ib: GA - 6th-gen Intel, 600Gbps network (C8in), 300Gbps EBS (C8ib), 43% faster than C6in * EC2 C8gn/M8gn/R8gn: 48xlarge/metal now 120Gbps EBS, 480K IOPS (2x previous) Storage * FSx: Cross-region backup copy now supports opt-in regions * ECR Pull Through Cache: Auto-syncs OCI referrers (signatures, SBOMs, attestations) Analytics * Redshift: Top-K query optimization via min/max block skipping, no config needed * OpenSearch Serverless: Derived Source reduces storage by reconstructing _source on-the-fly * CloudWatch Logs Insights: Parameterized saved queries, up to 20 params, chainable AI/ML * SageMaker JumpStart: 3 models - Nemotron 120B, Qwen 3.5 9B/27B * SageMaker JumpStart: Optimized deployments - pick cost/throughput/latency targets, 30+ models * SageMaker HyperPod: Multi-instance-type groups with priority fallback * Deadline Cloud: AI troubleshooting for render failures (Maya, Blender, Houdini, Nuke) Database * Aurora dsql: PHP connector with IAM token gen, connection pooling, retry logic Security * Secrets Manager: Hybrid post-quantum TLS (ML-KEM) against harvest-now attacks Observtic * CloudWatch: Multi-region telemetry audit/enablement, org-wide rules * Managed Grafana: v12.4 - drilldown apps, CloudWatch PPL/SQL, Scenes engine Enterprise Apps * Q Business: Google Drive ACL enforcement with real-time permission checks * QuickSight: Sheet tooltips for hover context; multi-account login (up to 5) * Amazon Q: 5 simultaneous account sessions in browser AWS News Feed: Whats new at AWS [https://aws.amazon.com/new/?whats-new-content-all.sort-by=item.additionalFields.postDateTime&whats-new-content-all.sort-order=desc&awsf.whats-new-categories=*all] For help with your AWS Infrastructure check out flomotlik.me [https://flomotlik.me] or email flo@flomotlik.me [flo@flomotlik.me] For detailed show notes check out awsnewsweekly.com [https://awsnewsweekly.com]