AWS AI News Hub

In this post, we walk through building a scalable, event-driven transcription pipeline that automatically processes audio files uploaded to Amazon Simple Storage Service (Amazon S3), and show you how to use Amazon EC2 Spot Instances and buffered streaming inference to further reduce costs.

Amazon SageMaker Unified Studio now lets data workers create and manage multiple code spaces (individually configured development environments) within a single project for IAM domains. Previously, projects were limited to one JupyterLab space and one Code Editor space embedded in the project. With this launch, you can now parallelly work on different workstreams or experiments with different compute and storage configuration needs, giving developers the flexibility they need as their workloads scale. For instance, data scientists can now work in parallel on any long running data transformation and model training workloads within the same project using separate spaces. With multiple spaces, each one maintains its own persistent Amazon EBS volume, ensuring that your files, data, and session state are preserved independently. You can scale compute and storage up or down per space, pause and resume them at any time, and customize the runtime environment for each specific task. Spaces can either be opened in dedicated browser tabs or connected to a local IDE if you prefer your own development environment, with full functionality including Amazon Q paid tier support. This is particularly beneficial for builders who need isolated environments for parallel workstreams while still working within a single collaborative project.  This feature is available in all AWS Regions where Amazon SageMaker Unified Studio is available. To learn more about code spaces in SageMaker Unified Studio projects, see Managing Code Spaces in the Amazon SageMaker User Guide.

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C8i-flex instances are available in the Europe (Ireland, London), and Asia Pacific (New Zealand) regions. These instances are powered by custom Intel Xeon 6 processors, available only on AWS, delivering the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. C8i-flex instances offer up to 15% better price-performance, and 2.5x more memory bandwidth compared to previous generation Intel-based instances. They deliver up to 20% higher performance than C7i-flex instances, with even higher gains for specific workloads. The C8i-flex are up to 60% faster for NGINX web applications, up to 40% faster for AI deep learning recommendation models, and 35% faster for Memcached stores compared to C7i-flex. C8i-flex are the easiest way to get price performance benefits for a majority of compute intensive workloads like web and application servers, databases, caches, Apache Kafka, Elasticsearch, and enterprise applications. They offer the most common sizes, from large to 16xlarge, and are a great first choice for applications that don't fully utilize all compute resources. To get started, sign in to the AWS Management Console. Customers can purchase these instances via Savings Plans, On-Demand instances, and Spot instances. For more information about the new C8i-flex instances visit the AWS News blog.

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C8i instances are available in the Europe (Ireland) and Asia Pacific (New Zealand) regions. These instances are powered by custom Intel Xeon 6 processors, available only on AWS, delivering the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. C8i instances offer up to 15% better price-performance, and 2.5x more memory bandwidth compared to previous generation Intel-based instances. They deliver up to 20% higher performance than C7i instances, with even higher gains for specific workloads. The C8i instances deliver up to 60% faster for NGINX web applications, up to 40% faster for AI deep learning recommendation models, and 35% faster for Memcached stores compared to C7i. C8i instances are a great choice for all memory-intensive workloads, especially for workloads that need the largest instance sizes or continuous high CPU usage. C8i instances offer 13 sizes including 2 bare metal sizes and the new 96xlarge size for the largest applications. To get started, sign in to the AWS Management Console. Customers can purchase these instances via Savings Plans, On-Demand instances, and Spot instances. For more information about the new C8i instances visit the AWS News blog.

Today, Amazon SageMaker AI  supports optimized generative AI inference recommendations. By delivering validated, optimal deployment configurations with performance metrics, Amazon SageMaker AI keeps your model developers focused on building accurate models, not managing infrastructure.

Today, we're introducing new capabilities that further streamline the agent building experience, removing the infrastructure barriers that slow teams down at every stage of agent development from the first prototype through production deployment.

AWS Network Firewall now supports expanded Managed Rules from AWS Marketplace partners, with new rule group optimizations through partners to include up to 10 million domain name indicators and up to 1 million IP addresses in their managed rule groups. Infoblox is expanding domain name indicators to protect your workloads from critical and high-risk domains. Lumen is introducing new rule groups to stop command and control attacks. ThreatSTOP is adding managed rules for Office of Foreign Assets Control (OFAC) sanctions and expanding global compliance protections with new European Union, Japan, and United Nations sanction coverage. These enhancements give you access to richer, more comprehensive threat intelligence directly within AWS Network Firewall, reducing the operational burden of managing threat feeds and enabling faster, more accurate protection against emerging threats. Whether you need to block malicious domains at scale, defend against command and control infrastructure, or enforce sanctions-based compliance policies, managed rules from AWS Marketplace partners provide ready-to-deploy, continuously updated protections for your cloud workloads. Managed rules for AWS Network Firewall are available from AWS Marketplace sellers of Check Point, Fortinet, Infoblox, Lumen, Rapid7, ThreatSTOP, and Trend Micro. AWS Marketplace rule groups are now available in 9 additional AWS Regions: Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Asia Pacific (Malaysia), Canada West (Calgary), Europe (Zurich), Europe (Spain), Israel (Tel Aviv), and Mexico (Central). For a full list of supported regions, visit the AWS Regional Services page. To get started, visit the AWS Network Firewall console or browse available managed rules in AWS Marketplace. For more information, see the AWS Network Firewall product page and the service documentation.

Amazon EC2 now lets you control whether resources provisioned by managed instance offerings appear in your Amazon EC2 console views and API list operations. Amazon EC2 Managed Instances are instances provisioned and managed by a designated service provider, such as Amazon EKS, Amazon ECS, AWS Lambda or Amazon Workspaces. AWS is responsible for the configuration, patching, and health of managed EC2 instances as well as other associated resources like EBS volumes, snapshots and Network Interfaces. Until today, by default these managed resources appeared alongside self-managed ones in API responses and respective resource consoles even though AWS is responsible for managing these resources. Now, with Managed resource visibility settings, any new managed resources are hidden by default from your resource console views and describe API responses such as EC2 console and describe-instances API responses, to align better with the shared responsibility model of these resources.   You can configure managed resource visibility through the Amazon EC2 console or by using the AWS CLI. To learn more, see Managed resource visibility settings the Amazon EC2 User Guide.

Amazon SageMaker AI now supports serverless model customization for Qwen3.5, enabling you to fine-tune Qwen3.5 4B, 9B, and 27B parameter models using supervised fine-tuning (SFT) and reinforcement fine-tuning (RFT). Qwen3.5 is a popular open-weight model family from Alibaba Cloud. Before this launch, you could deploy these base models on SageMaker AI and now, you can also adapt them to your specific domains and workflows.  Model customization enables you to tailor foundation models with your proprietary data so they more accurately reflect your domain knowledge, terminology, and quality standards. Rather than building models from scratch, fine-tuning lets you start from a capable base model and specialize it for your use cases, whether that's improving accuracy on domain-specific tasks, aligning outputs with your organization's tone, or improving performance on new tasks using your labeled data. With serverless customization, SageMaker AI handles all infrastructure provisioning and training orchestration, so you can focus on your data and evaluation rather than cluster management, and only pay for what you use. Serverless model customization for Qwen3.5 on SageMaker AI is available in US East (N. Virginia), US West (Oregon), Asia Pacific (Tokyo), and EU (Ireland). To get started, navigate to the Models page in Amazon SageMaker Studio to launch a customization job, or use the SageMaker Python SDK for programmatic access. To learn more, see the Amazon SageMaker AI model customization documentation.

Amazon Elastic Container Service (Amazon ECS) now offers NVIDIA GPU health monitoring and auto repair functionality for Amazon ECS Managed Instances. The new capability automatically detects critical NVIDIA GPU hardware failures and replaces impaired instances, helping customers improve the availability and reliability of their GPU-accelerated containerized workloads. Running GPU-accelerated workloads, such as GenAI inference, requires specialized hardware management to mitigate failures and minimize disruption. Amazon ECS Managed Instances now continuously monitor GPU health using NVIDIA Data Center GPU Manager (DCGM) and proactively replace impaired capacity when critical failures occur. You can monitor GPU health through the DescribeContainerInstances API and receive notifications through Amazon EventBridge when instances become impaired. For workloads where you prefer to manage instance lifecycle manually, you can opt out of auto repair at the capacity provider level and handle GPU error events with your own remediation logic. GPU health auto repair is enabled by default on all Amazon ECS Managed Instances running on supported NVIDIA GPU instance types at no additional cost. The capability is available in all AWS Commercial Regions. To learn more, visit the Amazon ECS Developer Guide.

AWS Secrets Manager now supports managed external secrets for MongoDB Atlas and Confluent Cloud. AWS Secrets Manager now supports managed external secrets for MongoDB Atlas and Confluent Cloud, enabling you to centrally manage and automatically rotate secrets for these third-party services directly from AWS Secrets Manager — without building or maintaining custom Lambda rotation functions. The MongoDB Atlas integration supports two secret types: database user secrets (username-password authentication via SCRAM) and service account secrets (OAuth client ID and secret). The Confluent Cloud integration supports API key rotation for service accounts, with support for both cluster-scoped and cloud resource management keys. All integrations include automatic rotation enabled by default, eliminating hardcoded secrets and reducing the operational overhead of managing secrets across multiple platforms. With managed external secrets, secret rotation is fully managed by AWS Secrets Manager using partner-provided rotation logic — no Lambda functions are deployed in your account. For example, a data pipeline using MongoDB Atlas and Confluent Kafka can now centralize secret management in AWS Secrets Manager, automatically rotating database and streaming platform secrets without modifying application code or managing separate rotation logic for each service. MongoDB Atlas and Confluent Cloud integrations for managed external secrets are available in all AWS Regions where managed external secrets is supported, joining existing integrations with Salesforce, Snowflake, and BigID. To learn more, visit the AWS Secrets Manager managed external secrets documentation.

Today, Amazon Bedrock AgentCore introduces new features to help developers go from an idea to working agent prototype faster and manage the full agent lifecycle from a single platform: a managed harness (in preview), the AgentCore CLI, and AgentCore skills for coding assistants. The managed harness (preview) lets developers define an agent by specifying a model, system prompt, and tools, then run it immediately with no orchestration code required. The harness manages the full agent loop: reasoning, tool selection, action execution, and response streaming. Each session gets its own microVM with filesystem and shell access. The harness is model agnostic with the ability to switch models mid-session. Any configuration set at create time can be overridden per invocation, so developers experiment without redeploying. When developers need full control, they can export the harness orchestration in Strands-based code. Filesystem persistence (preview) externalizes the local session state, allowing agents to suspend mid-task and resume exactly where they left off. As a prototype evolves, developers can easily add evaluations to measure quality, memory for personalization, or additional tools and skills. When it’s time to promote a validated concept, the AgentCore CLI deploys with the governance and audibility of infrastructure-as-code. AWS CDK is supported today as a resource manager, with Terraform coming soon. The AgentCore CLI has been optimized for coding assistant control, with pre-built skills that provide accurate, up-to-date AgentCore guidance. AgentCore skills are available today through Kiro Power, with support for Claude Code, Codex, and Cursor coming next week. The managed harness (preview) in AgentCore is available in four AWS Regions: US West (Oregon), US East (N. Virginia), Europe (Frankfurt), and Asia Pacific (Sydney). The AgentCore CLI is available in 14 AWS Regions where AgentCore is available. There is no additional charge for the harness, CLI, or skills. Learn more through the blog, and visit the documentation to get started.

Company-wise memory in Amazon Bedrock, powered by Amazon Neptune and Mem0, provides AI agents with persistent, company-specific context—enabling them to learn, adapt, and respond intelligently across multiple interactions. TrendMicro, one of the largest antivirus software companies in the world, developed the Trend’s Companion chatbot, so their customers can explore information through natural, conversational interactions

In this post, we explore how to use Apache Sedona with AWS Glue to process and analyze massive geospatial datasets.

In this post, we demonstrate how to use the metadata export capability in Amazon SageMaker Catalog and perform analytics such as historical changes, monitor asset growth and track metadata improvements.

This post explores how PACIFIC enables multi-tenant, sovereign PCF exchange on the Catena-X data space using Amazon Elastic Container Service (Amazon ECS) on AWS Fargate, Amazon Cognito, and AWS Identity and Access Management (IAM) to deliver measurable environmental impact and competitive advantage in a carbon-conscious marketplace.

Amazon Interactive Video Service (Amazon IVS) Low-Latency Streaming now supports server-side ad insertion (SSAI), enabling you to monetize your live streams with video ads. IVS SSAI integrates with AWS Elemental MediaTailor to stitch ads directly into the video stream on the server, delivering a seamless viewing experience while providing access to ad decisioning, audience targeting, and personalization capabilities.  IVS provides an API operation to insert ad breaks into your live stream, giving creators or operators control over when ads run. Ads are stitched into the stream on the server, reducing the impact of ad blockers and simplifying client-side integration. When a live stream is recorded to Amazon S3, IVS includes ad markers in the recording, enabling you to monetize on-demand content as well.  Amazon IVS is a managed live streaming solution designed to make low-latency or real-time video available to viewers around the world. Visit the AWS region table for a full list of AWS Regions where the Amazon IVS console and APIs for control and creation of video streams are available.  To learn more, please visit the Amazon IVS Server-Side Ad Insertion documentation page.

Today, AWS announced that you can now receive notifications through the AWS Health Dashboard when Amazon EC2 for SQL Server cannot detect a valid SQL Server High Availability (HA) status. This enhancement is particularly valuable for customers who register EC2 SQL HA clusters through AWS Console or CloudFormation automation to reduce license included costs. You can receive this notification through multiple channels, including AWS Health, Amazon EventBridge events, and email. These notifications will guide you to respond quickly, helping avoid unexpected billing costs or charges. To learn more, access the High Availability for SQL Server on Amazon EC2 user guide for additional details.  This feature is accessible in all AWS Regions where Amazon EC2 SQL HA is available and the AWS GovCloud (US) Regions.

On April 22, 2026 Amazon announced quarterly security and critical updates for Amazon Corretto Long-Term Supported (LTS) and Feature Release (FR) versions of OpenJDK. Corretto 26.0.1, 25.0.3, 21.0.11, 17.0.19, 11.0.31, and 8u492 are now available for download. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of OpenJDK. This is the last Corretto 8 release to include JavaFX binaries. JavaFX binaries will no longer be included starting from the next quarterly update in July 2026. You can learn more about the migration recommendations at Corretto 8 GitHub. Visit Corretto home page to download Corretto 26, Corretto 25, Corretto 21, Corretto 17, Corretto 11, or Corretto 8. You can also get the updates on your Linux system by configuring a Corretto Apt, Yum, or Apk repo. Feedback is welcomed!

AWS Lambda durable functions are now available in 16 additional AWS Regions. Lambda durable functions enable developers to build reliable multi-step applications and AI workflows within the Lambda developer experience, and with this expansion, you can now use durable functions in 16 additional AWS Regions: Africa (Cape Town), Asia Pacific (Hyderabad), Asia Pacific (Jakarta), Asia Pacific (Melbourne), Asia Pacific (Osaka), Asia Pacific (Seoul), Asia Pacific (Taipei), Canada (Central), Canada West (Calgary), Europe (London), Europe (Paris), Europe (Zurich), Israel (Tel Aviv), Mexico (Central), South America (São Paulo), and US West (N. California). Lambda durable functions extend the Lambda programming model with new primitives in your event handler, such as "steps" and "waits", allowing you to checkpoint progress, automatically recover from failures, and pause execution without incurring compute charges for on-demand functions. With this region expansion, you can orchestrate complex processes such as order workflows, user onboarding, and AI-assisted tasks closer to your users and data, helping you to meet low-latency and data residency requirements. You can activate durable functions for new Python (versions 3.13 and 3.14), Node.js (versions 22 and 24), or Java (17+) based Lambda functions using the AWS Lambda API, AWS Management Console, or AWS SDK. You can also use infrastructure as code tools such as AWS CloudFormation, AWS Serverless Application Model (AWS SAM), and the AWS Cloud Development Kit (AWS CDK). For more information on durable functions, visit the AWS Lambda durable functions product page or the AWS Lambda Developer Guide. To learn about pricing, visit AWS Lambda pricing. For region availability, visit the AWS Capabilities by Region page.

Amazon OpenSearch Service now supports rollback for service software updates, giving you greater control when managing updates to your Amazon OpenSearch Service domains. Previously, once a software update was applied, there was no self-service option to revert it to a previous version if you encountered an unexpected issue. Software update rollback uses a blue/green deployment. You can initiate a rollback within 15 days of a service software update being applied, using the new RollbackServiceSoftwareUpdate API, the AWS CLI, or the Amazon OpenSearch Service console. Rollback option for service software updates is now available in all AWS Regions where Amazon OpenSearch Service is available. To learn more about the software updates and rollback option, refer to the Amazon OpenSearch Service documentation.

Amazon SageMaker AI now supports inference recommendations, a new capability that eliminates manual optimization and benchmarking to deliver optimal inference performance. By delivering validated, optimal deployment configurations with performance metrics, SageMaker AI accelerates the path to production and keeps your model developers focused on building accurate models, not managing infrastructure. Customers bring their own generative AI models, define expected traffic patterns, and specify a performance goal (optimize for cost, minimize latency, or maximize throughput). SageMaker AI then analyzes the model's architecture and applies optimizations aligned to that goal across multiple instance types, benchmarking each configuration on real GPU infrastructure using NVIDIA AIPerf. By evaluating multiple instance types, customers can select the most price-performant option for their workload. The result is deployment-ready configurations with validated metrics including time to first token, inter-token latency, request latency percentiles, throughput, and cost projections.  The capability is available today in seven AWS Regions: US East (N. Virginia), US West (Oregon), US East (Ohio), Asia Pacific (Tokyo), Europe (Ireland), Asia Pacific (Singapore), and Europe (Frankfurt). To learn more, visit the SageMaker AI documentation.

Amazon SageMaker now supports multi-region replication from IAM Identity Center (IdC), enabling you to deploy SageMaker Unified Studio domains in different regions from your IdC instance. This new capability empowers enterprise customers, particularly those in regulated industries like financial services and healthcare, to maintain compliance while leveraging centralized workforce identity management. As an Amazon SageMaker Unified Studio administrator, you can deploy SageMaker domains closer to your workforce based on data residency needs while maintaining seamless single sign-on (SSO) access. Organizations can address use cases such as maintaining IdC in one region while processing sensitive data in compliance-required regions, supporting global operations with centralized identity management, and meeting data sovereignty requirements without compromising SSO capabilities. To get started see the SageMaker Unified Studio documentation and to learn about setting up IAM Identity Center multi-Region support see the IAM Identity Center User Guide.

Today, AWS announced the availability of Qwen3-Coder-Next, Qwen3-30B-A3B, Qwen3-30B-A3B-Thinking-2507, Qwen3-Coder-30B-A3B-Instruct, and Qwen3.5-4B in Amazon SageMaker JumpStart, expanding the portfolio of foundation models available to AWS customers. These five models from Qwen bring specialized capabilities spanning agentic coding, efficient reasoning, extended thinking, and multimodal understanding, enabling customers to build sophisticated AI applications across diverse use cases on AWS infrastructure. These models address different enterprise AI challenges with specialized capabilities: Qwen3-Coder-Next excels at long-horizon reasoning, complex tool use, and recovery from execution failures, making it ideal for powering coding agents in CLI/IDE platforms. Qwen3-30B-A3B uniquely supports seamless switching between thinking and non-thinking modes, making it well suited for general-purpose assistant tasks like multilingual dialogue, math reasoning, and tool calling. Qwen3-30B-A3B-Thinking-2507 delivers significantly improved performance on complex reasoning tasks in math, science, and coding, with enhanced long-context understanding. Qwen3-Coder-30B-A3B-Instruct is designed for agentic coding workflows with a custom function call format and repo-scale context understanding. Qwen3.5-4B supports unified vision-language training and  201 languages, making it ideal for lightweight multimodal deployments. With SageMaker JumpStart, customers can deploy any of these models with just a few clicks to address their specific AI use cases. To get started with these models, navigate to the Models section of SageMaker Studio or use the SageMaker Python SDK to deploy the models to your AWS account. For more information about deploying and using foundation models in SageMaker JumpStart, see the Amazon SageMaker JumpStart documentation.

Amazon Elastic Kubernetes Service (EKS) now offers the Amazon EKS Hybrid Nodes gateway, a feature that automates networking between your Amazon EKS cluster VPC and Kubernetes Pods running on Amazon EKS Hybrid Nodes. The Amazon EKS Hybrid Nodes gateway eliminates the need to make on-premises pod networks routable or coordinate network infrastructure changes when running in hybrid Kubernetes environments. Networking in hybrid Kubernetes environments can be complex, often requiring changes to on-premises routing configurations, coordination with network teams, and ongoing maintenance as workloads scale. The Amazon EKS Hybrid Nodes gateway addresses these challenges by automatically enabling Kubernetes control plane-to-webhook communication, pod-to-pod traffic across cloud and on-premises environments, and connectivity for AWS services such as Application Load Balancers, Network Load Balancers, and Amazon Managed Service for Prometheus. Customers deploy the Amazon EKS Hybrid Nodes gateway to Amazon EC2 instances using Helm, and the gateway automatically maintains VPC route tables as workloads scale. The Amazon EKS Hybrid Nodes gateway codebase is open source. The Amazon EKS Hybrid Nodes gateway is available in all AWS Regions where Amazon EKS Hybrid Nodes is available, except the China Regions. The Amazon EKS Hybrid Nodes gateway is offered at no additional charge. You pay for the underlying AWS infrastructure used to run the gateway, including Amazon EC2 instance charges and any associated data transfer fees. To get started, visit the Amazon EKS Hybrid Nodes gateway documentation.

Today, we're excited to announce Claude Cowork in Amazon Bedrock. You can now run Cowork and Claude Code Desktop through Amazon Bedrock, directly or using an LLM gateway. In this post, we walk through how Claude Cowork integrates with Amazon Bedrock and show an example of how knowledge workers use it in practice.

AWS Marketplace now offers sellers a streamlined self-service process to submit Value Added Tax (VAT) invoices and receive automated VAT disbursements for deemed supply of digital services in the European Union, Norway, and the United Kingdom. Under the European Union, United Kingdom, and Norwegian VAT laws, when AWS Marketplace facilitates digital service sales, the law creates a deemed supply arrangement between sellers and the marketplace. To receive VAT payment, sellers are required to invoice the relevant AWS Europe, Middle East, and Africa (EMEA) SARL branch facilitating their transaction. This new capability provides sellers a unified experience within AWS Marketplace to submit VAT invoices and receive VAT payments, simplifying tax compliance under deemed supply arrangements. Sellers can now access the new experience through AWS Marketplace Management portal or AWS Partner Central, submit VAT invoices, track invoice status in real-time, and receive automated VAT payments. The system automatically validates invoices against mandatory fields and disburses VAT amounts once buyer payment is received. Sellers can consolidate multiple deemed supply transactions into a single invoice per period, provided they relate to the same AWS EMEA branch and currency. Sellers can also submit invoices before buyer payment is received, with the system automatically processing disbursements when all conditions are met. Enhanced reporting capabilities through the Seller Reports help sellers identify eligible transactions and reconcile disbursements for audit and financial reporting purposes. This launch eliminates the previous manual process and separate platform onboarding while reducing the administrative burden of tracking VAT invoices and payments. This capability is available for transactions where both seller and buyer AWS accounts are located in the same country when transacting via the AWS EMEA branch across 20 jurisdictions: Austria, Belgium, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Ireland, Italy, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, and the United Kingdom. To learn more about VAT payment for deemed supply transactions and invoice submission requirements, visit the AWS Marketplace Seller Guide or VAT on Deemed Supply FAQs.

Amazon Athena Spark now supports AWS PrivateLink so that you can access APIs and endpoints from your Amazon Virtual Private Cloud (VPC) without traversing the public internet. This feature can help you meet compliance requirements by allowing you to access and use Athena Spark APIs and endpoints entirely within the AWS network. You can now create AWS PrivateLink interface endpoints to connect from clients in your VPC. The Athena VPC endpoint supports all Athena Spark APIs and endpoints, including the Spark Connect, Spark Live UI and Spark History Server endpoints. Communication between your VPC and Athena Spark APIs and endpoints is then conducted entirely within the AWS network, providing a secure pathway for your data. To get started, you can create an interface VPC endpoint to connect to Amazon Athena Spark using the AWS Management Console or AWS Command Line Interface (AWS CLI) commands or AWS CloudFormation. This new feature is available in all AWS Regions where Amazon Athena Spark and AWS PrivateLink are available. For more information, refer to the AWS PrivateLink documentation and Athena Spark documentation.

AWS Lambda now supports Amazon S3 Files, enabling your Lambda functions to mount Amazon S3 buckets as file systems and perform standard file operations without downloading data for processing. Built using Amazon EFS, S3 Files gives you the performance and simplicity of a file system with the scalability, durability, and cost-effectiveness of S3. Multiple Lambda functions can connect to the same S3 Files file system simultaneously, sharing data through a common workspace without building custom synchronization logic. The S3 Files integration simplifies stateful workloads in Lambda by eliminating the overhead of downloading objects, uploading results, and managing ephemeral storage limits. This is particularly valuable for AI and machine learning workloads where agents need to persist memory and share state across pipeline steps. Lambda durable functions make these multi-step AI workflows possible by orchestrating parallel execution with automatic checkpointing. For example, an orchestrator function can clone a repository to a shared workspace while multiple agent functions analyze the code in parallel. The durable function handles checkpointing of execution state while S3 Files provides seamless data sharing across all steps. To use S3 Files with Lambda, configure your function to mount an S3 bucket through the Lambda console, AWS CLI, AWS SDKs, AWS CloudFormation, or AWS Serverless Application Model (SAM). To learn more about how to use S3 Files with your Lambda function, visit the Lambda developer guide.  S3 Files is supported for Lambda functions not configured with a capacity provider, in all AWS Regions where both Lambda and S3 Files are available, at no additional charge beyond standard Lambda and S3 pricing.

In this post, we show how to combine DVC (Data Version Control), Amazon SageMaker AI, and Amazon SageMaker AI MLflow Apps to build end-to-end ML model lineage. We walk through two deployable patterns — dataset-level lineage and record-level lineage — that you can run in your own AWS account using the companion notebooks.

This post explores how Oldcastle used AWS services to transform their analytics and AI capabilities by integrating Infor ERP with Amazon Aurora and Amazon Quick Sight. We discuss how they overcame the limitations of traditional cloud ERP reporting to deploy real-time dashboards and build a scalable analytics system. This practical, enterprise-grade approach offers a blueprint that organizations can adapt when extending ERP capabilities with cloud-native analytics and AI.

In the first part of Configure a custom domain name for your Amazon MSK cluster, we discussed about why custom domain names are important and provided details on how to configure a custom domain name in Amazon MSK when using SASL_SCRAM authentication. In this post, we discuss how to configure a custom domain name in Amazon MSK when using IAM authentication.

Amazon CloudWatch pipelines now lets you configure log processors using natural language descriptions powered by generative AI. CloudWatch pipelines is a fully managed service that ingests, transforms, and routes log data to CloudWatch without requiring you to manage infrastructure. Setting up the right combination of processors to parse and enrich logs can be time-consuming, especially when working with complex log formats. With AI-assisted configuration, you can simply describe the processing you need in plain language and have the pipeline configuration generated for you automatically. When creating a pipeline in the CloudWatch console, toggle the AI-assisted option during the processing step and enter a natural language description of your desired transformations. The system generates the processor configuration along with a sample log event, so you can immediately verify the output before deploying. This reduces setup time and makes it easier to get your pipelines running correctly without needing deep familiarity with individual processor settings. AI-assisted processor configuration is available at no additional cost in all AWS Regions where CloudWatch pipelines is generally available. Standard CloudWatch Logs ingestion and storage rates still apply. To get started, open the Amazon CloudWatch console, navigate to pipelines under Ingestion, and follow the pipeline wizard. To learn more, see the CloudWatch pipelines documentation.

Starting today, AWS Glue supports OAuth 2.0 authorization and authentication for native Snowflake connectivity, enabling customers to read from and write to Snowflake without sharing user credentials. This makes it easier for enterprises to maintain security compliance while building data integration pipelines. With OAuth support, you can now securely access Snowflake data within AWS Glue using temporary token-based authorization. AWS Glue provides built-in connector to Snowflake, which helps you to integrate Snowflake data with other sources on a single platform while leveraging the scalability and performance of the AWS Glue Spark engine—all without installing or managing connector libraries. Previously, connecting to Snowflake required using persistent credentials or private keys. With OAuth 2.0 support, you can now eliminate credential management entirely, relying instead on secure, temporary tokens that enhance security and simplify access control. This approach enables granular access control, allowing you to define precise permissions for different users and applications. Additionally, token-based authentication provides improved auditability, making it easier to track and monitor data access patterns across your organization. OAuth 2.0 support for AWS Glue's Snowflake connector is available in all AWS commercial regions where AWS Glue is available. To get started with configuring your AWS Glue Snowflake connection with OAuth, visit the AWS Glue documentation.

AWS Transform custom is now available in six additional AWS Regions: Asia Pacific (Mumbai, Tokyo, Seoul, Sydney), Canada (Central), and Europe (London). AWS Transform custom enables organizations to modernize and transform code at scale using AWS-managed and custom transformations. You can upgrade language versions, migrate frameworks, optimize performance, and analyze code bases using transformations that are ready to use or can be customized to meet your organization's specific requirements. These transformations benefit from continuous improvement, learning from each engagement to deliver increasingly accurate and efficient results. With this expansion, AWS Transform custom is now available in a total of eight AWS Regions: US East (N. Virginia), Asia Pacific (Mumbai, Tokyo, Seoul, Sydney), Canada (Central), and Europe (Frankfurt, London). To learn more, visit the AWS Transform product page and user guide.

You can now connect your Apache Kafka applications to Amazon MSK Serverless in the Asia Pacific (Hong Kong), Asia Pacific (Hyderabad), Asia Pacific (Jakarta), Asia Pacific (Malaysia), Asia Pacific (Melbourne), Asia Pacific (New Zealand), Asia Pacific (Osaka), Asia Pacific (Thailand),  Europe (Milan), Europe (Spain),  Europe (Zurich), Israel (Tel Aviv), Mexico (Central) AWS Regions. Amazon MSK is a fully managed service that makes it easier for you to build and run applications that use Apache Kafka as a data store. Amazon MSK Serverless is a cluster type for Amazon MSK that allows you to run Apache Kafka without having to manage and scale cluster capacity. MSK Serverless automatically provisions and scales compute and storage resources, so you can use Apache Kafka on demand. To learn more about Amazon MSK Serverless, visit our Amazon MSK Developer Guide.

Today, AWS announces the general availability of Amazon Elastic Compute Cloud (Amazon EC2) G7e instances in AWS Local Zones in Los Angeles, California. G7e instances feature NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs and 5th generation Intel Xeon Scalable (Emerald Rapids) processors, bringing high-performance GPU compute closer to end users in Los Angeles.  For creative workloads, you can use G7e instances to run studio workstation workloads with low-latency access to local storage, and post-production workloads including visual effects (VFX) editorial, color correction, and VFX finishing. G7e instances support enhanced real-time rendering on graphics engines and 2D/3D VFX composition software. For AI workloads, you can also use G7e instances to deploy Large Language Models (LLMs), inference, and agentic AI at the edge.  To get started, opt-in to the Los Angeles Local Zone (us-west-2-lax-1b) from AWS Global View. You can enable G7e instances from the Amazon EC2 console, AWS Command Line Interface (AWS CLI), and AWS SDKs. G7e instances are available through On Demand and Savings Plans. To learn more, visit the AWS Local Zones Features page.

Amazon Location Service now offers bulk address validation for the United States, Canada, Australia, and the United Kingdom. Customers can now validate, correct, and standardize large volumes of addresses at scale, whether cleaning customer databases before a CRM migration, verifying shipping addresses to reduce failed deliveries, screening addresses for identity verification and fraud prevention, or improving direct mail targeting and insurance underwriting accuracy. This capability supports use cases across healthcare, financial services, transportation and logistics, retail, and more. Address validation checks addresses against authoritative postal data, corrects common errors like misspellings, missing postal codes, and non-standard abbreviations, and standardizes formatting to match regional postal rules. Each result includes a confidence score and deliverability indicators so applications know exactly what to trust and act on. Using the new Amazon Location Service Jobs API, customers upload their address records to their own Amazon S3 bucket, submit a validation job, and retrieve enriched, standardized results when processing is complete. For addresses in the United States, Canada, and Australia, customers can optionally request position (geocode) coordinates alongside validated address results in the same job. Address validation is available in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), Europe (Ireland), Europe (Stockholm), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai), Canada (Central), Europe (London), and South America (São Paulo). To learn more, visit the Amazon Location Service bulk address validation feature page.

Amazon Aurora serverless — the autoscaling database that scales up to support your most demanding workloads and down to zero when you don't need it — just got faster and smarter, with up to 30% better performance than the previous version and enhanced scaling that understands your workload. It's especially well-suited for agentic AI applications, which typically have bursts of activity, long idle windows, and unpredictable patterns. Aurora serverless handles all of it automatically, scaling capacity with your agents rather than against them, and you only pay for what you actually use. When not in use, the database automatically scales down to zero to save cost. With improved performance and scaling, you can now use serverless for even more demanding workloads. The enhanced scaling algorithm enables you to efficiently run workloads where multiple tasks compete for resources, such as busy web applications and API services. These improvements are available in platform version 4 at no additional cost. All new clusters, database restores, and new clones will automatically launch on platform version 4. Existing clusters on platform version 1, 2, or 3 can upgrade directly to platform version 4 by using pending maintenance action, stopping and restarting the cluster, or using blue/green deployments. You can verify your cluster's platform version in the AWS Console under instance configuration section or via the RDS API's ServerlessV2PlatformVersion parameter. To learn more, read the blog. Aurora serverless is an on-demand, automatic scaling configuration for Amazon Aurora. For pricing details and Region availability, visit Amazon Aurora Pricing. To learn more, read the documentation, and get started by creating an Aurora serverless database using only a few steps in the AWS Management Console.

AWS Backup now supports Amazon Redshift Serverless namespaces and Amazon Aurora DSQL clusters as resource types in AWS Organizations backup policies. Organization administrators can now define backup policy rules that directly target these resource types across member accounts. Previously, backing up Redshift Serverless namespaces and Aurora DSQL clusters through organization backup policies required using tag-based selections or backing up all resources in a member account. With this launch, administrators can specify these resource types directly in their backup policy selections, providing more precise control over which resources are included in or excluded from Organization-wide backup plans. This capability is available in all AWS Commercial and GovCloud Regions where AWS Backup and the respective services are available. To get started, visit the AWS Organizations backup policies documentation or the AWS Backup console.

Today, AWS announces the general availability of the AWS Lambda Durable Execution SDK for Java, empowering Java developers to build resilient, long-running workflows using Lambda durable functions. With this SDK, developers can create multi-step applications like order processing pipelines, AI agent orchestration, and human-in-the-loop approvals directly in their applications without implementing custom progress tracking or integrating external orchestration services. Lambda durable functions extend Lambda's event-driven programming model with operations that checkpoint progress automatically and pause execution for up to a year when waiting on external events. The AWS Lambda Durable Execution SDK for Java provides an idiomatic Java experience for building with Lambda durable functions. It includes steps for progress tracking, callback integration for human and agent-in-the-loop workflows, durable invocation for reliable function chaining, and waits for efficient suspension. The SDK is compatible with Java 17+ and can be deployed using Lambda managed runtimes or functions packaged as container images. The local testing emulator in the SDK enables developers to build and debug locally before deploying to production. To get started, see the Lambda durable functions developer guide and the AWS Lambda Durable Execution SDK for Java on GitHub. For Regional availability and pricing details, see the AWS Regional Services List and AWS Lambda Pricing.

Amazon Connect Outbound Campaigns now allows you to dial contacts in configurable priority order based on up to 10 profile attributes for voice campaigns and voice activities in journeys. This helps you focus agent time on the most valuable customers or time-sensitive opportunities, improving campaign effectiveness and conversion rates. With contact priority ordering, you can sort segments on attributes such as customer lifetime value, account tier, or appointment date. For example, a financial services team can prioritize outreach to high-value accounts nearing contract renewal, or a healthcare provider can ensure patients with the earliest upcoming appointments are contacted first. Initial dial attempts always take precedence over reattempts, ensuring your priority order is maintained throughout campaign execution.  This capability is available in all AWS Regions where Amazon Connect Outbound Campaigns is offered at no additional cost. To get started, configure sort attributes when building segments in Amazon Connect Customer Profiles. To learn more, see the Amazon Connect Outbound Campaigns best practice and how to build customer segments.

Amazon Elastic Block Store (Amazon EBS) now supports up to four Elastic Volumes modifications per volume within a rolling 24-hour window in AWS European Sovereign Cloud (Germany) Region. Elastic Volumes modifications allow you to increase the size, change the type, and adjust the performance of your EBS volumes. With this update, you can start a new modification immediately after the previous one completes, as long as you have initiated fewer than four modifications in the past 24 hours. This enhancement improves your operational agility to immediately scale storage capacity or adjust performance in response to sudden data growth or unanticipated workload spikes. With Elastic Volumes modifications, you can modify your volumes without detaching them or restarting your instances, allowing your application to continue running with minimal performance impact. The Elastic Volumes modifications enhancement is automatically available in the Region without requiring changes to your existing workflows. To learn more, see Modify an Amazon EBS volume using Elastic Volumes operations in the Amazon EBS User Guide.

Today, we're announcing that Amazon Elastic VMware Service (Amazon EVS) now offers Microsoft Windows Server licensing entitlements. You can now migrate or create new virtual machines (VMs) running Windows Server OS in EVS and obtain Windows Server licensing entitlements for those VMs from AWS. Amazon EVS lets you run VMware Cloud Foundation (VCF) directly within your Amazon Virtual Private Cloud (VPC) on EC2 bare-metal instances, powered by AWS Nitro. Using either our step-by-step configuration workflow or the AWS Command Line Interface (CLI), you can set up a complete VCF environment in just a few hours. This rapid deployment enables faster workload migration to AWS, helping you eliminate aging infrastructure, reduce operational risks, and meet critical timelines for exiting your data center. With this latest functionality, you can now entitle your Windows Server VMs on Amazon EVS with Microsoft Windows Server. You can configure an EVS connector to your VMware vCenter Server and provide the VM IDs for those Window Server VMs you want to entitle through the Amazon EVS console or AWS CLI. Pay for only what your VMs use, on a per vCPU-hour basis. Add or remove entitlement for your VMs at any time, giving you flexibility to manage costs as your environment evolves.  This newest release provides you with greater flexibility when migrating to AWS, helping meet critical data center exit timelines while maintaining your familiar VMware environment.  This feature is available in all AWS Regions where Amazon EVS is available. For more details, read the step-by-step walkthrough on the blog post. Visit the Amazon EVS product detail page and user guide. to learn more about Amazon EVS.

In this post, we walk you through how to replicate Apache Kafka data from your external Apache Kafka deployments to Amazon MSK Express brokers using MSK Replicator. You will learn how to configure authentication on your external cluster, establish network connectivity, set up bidirectional replication, and monitor replication health to achieve a low-downtime migration.

Today, we are thrilled to announce the availability of G7e instances powered by NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs on Amazon SageMaker AI. You can provision nodes with 1, 2, 4, and 8 RTX PRO 6000 GPU instances, with each GPU providing 96 GB of GDDR7 memory. This launch provides the capability to use a single-node GPU, G7e.2xlarge instance to host powerful open source foundation models (FMs) like GPT-OSS-120B, Nemotron-3-Super-120B-A12B (NVFP4 variant), and Qwen3.5-35B-A3B, offering organizations a cost-effective and high-performing option.

Amazon Connect now expands agentic voice speech-to-speech experiences to three additional AWS Regions: Asia Pacific (Seoul), Asia Pacific (Singapore), and Europe (Frankfurt), along with new locales including Australian English, British English, Singaporean English, Spanish, French, German, Italian, and Korean. With these updates, you can deliver natural, human-like voice AI experiences to a broader range of customers across more regions and languages. Amazon Connect's agentic self-service capabilities enable AI agents to understand, reason, and take action across voice and messaging channels to automate routine and complex service tasks. Connect's agentic speech-to-speech voice AI agents understand not only what your customers say but how they say it, adapting voice responses to match tone and sentiment while maintaining natural conversational pace. To learn more about this feature, see the Amazon Connect Administrator Guide. To learn more about Amazon Connect, AWS’s AI-native customer experience solution, visit the Amazon Connect website.

AWS IoT Greengrass v2.17 is now available, enabling you to run the edge runtime as a non-root user on Linux systems and deploy lighter-weight components that use significantly less memory. AWS IoT Greengrass is an Internet of Things (IoT) edge runtime and cloud service that helps customers build, deploy, and manage device software at the edge. With this release, you can install and run AWS IoT Greengrass v2.17 as a non-root user, making it easy for you to meet security requirements in enterprise and regulated environments where root access is prohibited. The release also adds an uninstall life cycle capability that automatically activates when you remove a component from a device, simplifying dependency management. Moreover, the release introduces the following new nucleus lite capabilities to reduce resource consumption at the edge: Secure Tunneling lite component that uses just 4MB of memory, down from 36MB in the standard component. Updated Fleet Provisioning component that supports Trusted Platform Module (TPM) 2.0 for cryptographic operations and secure device identity management. PKCS#11 (Public Key Cryptographic Standard) interface that enables AWS IoT Greengrass nucleus lite component to easily authenticate with AWS IoT Core using keys and certificates stored in a Hardware Security Module (HSM). AWS IoT Greengrass v2.17 is available in all AWS Regions where AWS IoT Greengrass is offered. To learn more about AWS IoT Greengrass v2.17 and its new features, visit the AWS IoT Greengrass documentation. Follow the Getting Started guide for a quick introduction to AWS IoT Greengrass.

Amazon DocumentDB (with MongoDB compatibility) supports in-place major version upgrade (MVU) from version 5.0 to 8.0. You can upgrade with just a few clicks in the AWS Management Console or via the AWS SDK or AWS CLI — no new clusters, no endpoint changes, and no index rebuilds required. Upgrading to version 8.0 delivers performance and cost improvements: query latency improves by up to 7x and storage compression improves by up to 5x, so your applications run faster on less storage, reducing your costs. Version 8.0 also adds new capabilities including collation, views, new aggregation stages and operators, enhanced text search with text index v2, and vector index builds that are up to 30x faster. In-place MVU from version 5.0 to 8.0 is available in all AWS Regions where Amazon DocumentDB 8.0 is available, at no additional cost. To get started, see the in-place MVU documentation. To learn more about Amazon DocumentDB 8.0, visit the documentation.

Amazon Elastic Kubernetes Service (EKS) now supports seven additional IAM condition keys for cluster creation and configuration APIs, enhancing the governance controls available through IAM policies and Service Control Policies (SCPs). Organizations managing multi-account environments require centralized mechanisms to enforce security and compliance requirements consistently across all clusters without relying on manual processes or post-deployment checks. This expansion of EKS IAM condition keys further enables proactive policy enforcement, providing organizations with more granular control to establish guardrails for cluster configurations. Organizations can now enforce private-only API endpoints (eks:endpointPublicAccess, eks:endpointPrivateAccess), require customer-managed AWS KMS keys for secrets encryption (eks:encryptionConfigProviderKeyArns), restrict clusters to approved Kubernetes versions (eks:kubernetesVersion), mandate deletion protection for production workloads (eks:deletionProtection), specify control plane scaling tiers (eks:controlPlaneScalingTier), and enable zonal shift capabilities for high availability (eks:zonalShiftEnabled). These condition keys apply to CreateCluster, UpdateClusterConfig, UpdateClusterVersion, and AssociateEncryptionConfig APIs, integrating seamlessly with AWS Organizations SCPs for centralized governance across accounts. The new IAM condition keys are available in all AWS Regions where Amazon EKS is available at no additional charge. To learn more about Amazon EKS IAM condition keys, see the Amazon EKS User Guide and the Service Authorization Reference for Amazon EKS. For information about implementing Service Control Policies, see the AWS Organizations documentation.

You can use ToolSimulator, an LLM-powered tool simulation framework within Strands Evals, to thoroughly and safely test AI agents that rely on external tools, at scale. Instead of risking live API calls that expose personally identifiable information (PII), trigger unintended actions, or settling for static mocks that break with multi-turn workflows, you can use ToolSimulator's large language model (LLM)-powered simulations to validate your agents. Available today as part of the Strands Evals Software Development Kit (SDK), ToolSimulator helps you catch integration bugs early, test edge cases comprehensively, and ship production-ready agents with confidence.

In this post, you build a unified pipeline using Apache Iceberg and Amazon Managed Service for Apache Flink that replaces the dual-pipeline approach. This walkthrough is for intermediate AWS users who are comfortable with Amazon Simple Storage Service (Amazon S3) and AWS Glue Data Catalog but new to streaming from Apache Iceberg tables.

Amazon Connect Outbound Campaigns now allows you to refresh campaign segments as frequently as every hour, reduced from the previous minimum of 24 hours. This enables campaigns to reach newly eligible customers throughout the day rather than waiting for the next daily run. With hourly segment refresh, your campaigns stay current with changing business conditions across all campaign types. A collections team can start outreach to newly delinquent accounts the same afternoon they are flagged. A healthcare provider can begin appointment reminder calls within an hour of a new booking. A multi-step journey, such as sending an SMS reminder followed by a voice call if the customer doesn't respond, can enroll new customers throughout the day instead of in a single daily batch.   This capability is available in all AWS Regions where Amazon Connect Outbound Campaigns is offered at no additional cost. To get started, enable the Refresh option in your campaign configuration in the Amazon Connect console or via the API. To learn more, see the Amazon Connect outbound campaign documentation.

Amazon CloudWatch Logs Insights introduces JOIN and sub-query commands to the Logs Insights query language to accelerate log analysis. Customers who need to analyze logs across multiple log groups or correlate data from different sources no longer need to run multiple queries and manually combine the results. With JOIN and sub-query commands, you can accelerate troubleshooting across scenarios such as correlating application and infrastructure errors across different services and log groups, analyzing security events across multiple services, or tracking user sessions across distributed systems. For example, you can use a sub-query to identify services with more than 20 errors in the last day, then use JOIN to correlate those results with performance data from a different log group to calculate average response times, helping you prioritize which high-error services also have the worst performance impact — all in a single query. JOIN and sub-query commands are available today in all commercial AWS Regions. To learn more, see the Amazon CloudWatch Logs documentation.

Claude Opus 4.7 arrives in Amazon Bedrock with improved agentic coding and a 1M token context window. AWS Interconnect reaches general availability with multicloud private connectivity and a new last-mile option. Plus, post-quantum TLS for Secrets Manager, new C8in/C8ib EC2 instances, and more.

In this post, we'll show you how to build a complete omnichannel ordering system using Amazon Bedrock AgentCore, an agentic platform, to build, deploy, and operate highly effective AI agents securely at scale using any framework and foundation model and Amazon Nova 2 Sonic.

Amazon MSK Replicator now delivers replicator logs to give you end-to-end visibility into replication health. Replicator logs surface critical replication events and errors along with guidance on how to resolve each issue, enabling you to troubleshoot faster without requiring AWS Support.  MSK Replicator is a feature of Amazon MSK that automates data replication between Kafka clusters, eliminating the need to manage custom replication infrastructure or configure open-source tools. Until now, you could use Amazon CloudWatch metrics to track replication progress and get visibility into replication health. With this launch, MSK Replicator further simplifies diagnosing issues during replication with actionable log entries that surface the most common replication errors including insufficient permissions on source topics, partition quota exhaustion on target clusters, and records exceeding size limits, along with prescriptive guidance on how to resolve each issue. MSK Replicator also logs steady-state replication activity including offset commits, topic discovery events, and any errors or warnings from Kafka clients used internally by the replicator, giving you end-to-end visibility into replication health. You can enable log delivery when creating or updating a Replicator using the Amazon MSK console, AWS CLI, or AWS CloudFormation and forward logs to Amazon CloudWatch, Amazon S3, or Amazon Data Firehose.  This capability is supported in all AWS Regions where MSK Replicator is available. Log delivery costs depend on the destination service you choose, refer to the pricing pages for Amazon CloudWatch, Amazon S3, and Amazon Data Firehose.  To learn more, visit the MSK Replicator documentation, and product page.

Amazon MSK Replicator now provides enhanced consumer offset synchronization for bidirectional replication, enabling applications to resume processing from the correct position when moving across Kafka clusters. This capability enables you to move producer and consumer applications between clusters independently, in any order, without the risk of data loss.   MSK Replicator is a feature of Amazon MSK that automates data replication between Kafka clusters, eliminating the need to manage custom replication infrastructure or configure open-source tools. Previously, while replicating bidirectionally with MSK Replicator, consumer group offsets were synchronized only when producers and consumers were active on the same cluster, requiring careful sequencing of application migrations between clusters and increasing the risk of duplicate message processing during rollbacks. With this launch, MSK Replicator synchronizes consumer group offsets across source and target clusters regardless of where producers are running, enabling applications to move between clusters without coordination constraints or data duplication risks. You can enable enhanced consumer offset synchronization when creating a Replicator using the Amazon MSK console, AWS CLI, or AWS CloudFormation. This capability is supported in all AWS Regions where MSK Replicator is available.  To learn more, visit the MSK Replicator documentation, product page, pricing page, and this AWS blog post.

Amazon MSK Replicator now supports data replication from external Apache Kafka clusters—including on-premises, self-managed on AWS, or other cloud providers—to Amazon MSK Express brokers. This capability simplifies workload migration to MSK Express Brokers, supports disaster recovery by using MSK Express-based clusters as a failover or backup target, and enables data distribution across hybrid and multi-cloud environments.  MSK Replicator is a feature of Amazon MSK that automates data replication between Kafka clusters, eliminating the need to manage custom replication infrastructure or configure open-source tools. MSK Express brokers are designed to deliver up to 3 times more throughput per broker, scale up to 20 times faster, and reduce recovery time by 90 percent as compared to Standard brokers running Apache Kafka. With this launch, you can now use MSK Replicator to replicate data from external Kafka clusters to Express brokers on Amazon MSK. You can also use MSK Replicator to replicate data from Amazon MSK Express to external Kafka clusters for reliable failback or multi-cloud data distribution. Unlike self-managed replication tools, MSK Replicator lets you retain your original Kafka topic names during replication while automatically avoiding infinite replication loops. It also synchronizes consumer group offsets bidirectionally, enabling you to move producers and consumers across clusters independently, in any order, without coordination constraints or the risk of data loss. This new capability is supported in all AWS Regions where MSK Express brokers are available.   Watch a demo on YouTube to see it in action, or visit the MSK Replicator documentation, product page, pricing page, and this AWS blog post to learn more.

Amazon S3 Express One Zone, a high-performance S3 storage class for latency-sensitive applications, now supports S3 Inventory. S3 Inventory provides a scheduled alternative to S3's synchronous List API. You can configure S3 Inventory to generate reports on a daily or weekly basis that list your stored objects within an S3 directory bucket or with a specific prefix, and their respective metadata and encryption status. You can simplify and speed up business workflows and big data jobs with S3 Inventory, and verify encryption status of your objects to meet business, compliance, and regulatory needs. You can use the AWS CLI, AWS SDKs, or S3 API to configure a daily or weekly inventory report for all the objects within your S3 directory bucket or a subset of the objects under a shared prefix. As part of the configuration, you can specify a destination S3 bucket for your S3 Inventory report, the output file format (CSV, ORC, or Parquet), and specific object metadata necessary for your business application, such as object name, size, last modified date, storage class, multipart upload flag, and encryption status. S3 Inventory for S3 Express One Zone is available in all AWS Regions where the storage class is available. For pricing information, visit the S3 pricing page. To learn more, visit the S3 Inventory documentation.

Amazon Connect now enables you to automatically pass customer context to personalize self-service experiences from the moment a call connects. When a customer initiates a call from a website, mobile app, or notification link, you can automatically pass context, such as customer IDs, session references, and campaign codes, into the call. AI agents use this context to recognize the caller, understand the reason for the call, take action, and resolve issues without requiring callers to re-identify themselves or repeat why they are calling. To learn more about these features, see the Amazon Connect Administrator Guide. These features are available in all AWS regions where Amazon Connect is available.

Starting today, all AWS Directory Service for Microsoft AD (AWS Managed Microsoft AD) directories run on Windows functional level 2016. The upgrade to Windows functional level 2016 has been applied automatically to all existing AWS Managed Microsoft AD directories. The functional level upgrade includes enhanced authentication mechanisms and improved security for privileged access management, helping you better protect your Active Directory infrastructure in the cloud.  This upgrade provides LAPS (Local Administrator Password Solution), which helps you manage local administrator passwords on domain-joined computers by automatically generating unique, complex passwords, and storing them securely in Active Directory. This is enabled in all AWS Regions where AWS Managed Microsoft AD is available, except in the Middle East (UAE) and Middle East (Bahrain) Regions. To learn more, see the AWS Directory Service Administration Guide.

Starting today, AWS Managed Microsoft AD supports forwarding Kerberos Encryption audit event logs (Event IDs 201–209) to Amazon CloudWatch Logs. These logs provide visibility into the encryption types used by your applications and services, helping you identify which resources are using RC4 encryption versus AES encryption. This visibility allows you to decide whether to upgrade clients to AES encryption (recommended for improved security) or maintain RC4 support based on your environment's compatibility requirements. To get started, navigate to your AWS Managed Microsoft AD directory Network and Security tab in the AWS Directory Service console and enable log forwarding to Amazon CloudWatch Logs. You can then review the Kerberos Encryption audit events to understand your current encryption settings. To learn more, see Enabling Amazon CloudWatch Logs log forwarding for AWS Managed Microsoft AD. This feature is available in all AWS Regions where AWS Managed Microsoft AD is available, except in the Middle East (UAE) and Middle East (Bahrain) Regions.

In this post, we share how Amazon Bedrock's granular cost attribution works and walk through example cost tracking scenarios.

Amazon EC2 High Memory U7i-8TB instances (u7i-8tb.112xlarge) and U7i-12TB instances (u7i-12tb.224xlarge) are now available in AWS Asia Pacific (Singapore) region. U7i instances are part of AWS 7th generation and are powered by custom fourth generation Intel Xeon Scalable Processors (Sapphire Rapids). U7i-8tb instances offer 8TiB of DDR5 memory, and U7i-12tb instances offer 12TiB of DDR5 memory, enabling customers to scale transaction processing throughput in a fast-growing data environment. U7i-8tb instances deliver 448 vCPUs; U7i-12tb instances deliver 896 vCPUs. Both instances support up to 100 Gbps of Amazon EBS bandwidth for faster data loading and backups, 100 Gbps of network bandwidth, and ENA Express. U7i instances are ideal for customers using mission-critical in-memory databases like SAP HANA, Oracle, and SQL Server. To learn more about U7i instances, visit the High Memory instances page.

Amazon SageMaker HyperPod now supports flexible instance groups, enabling customers to specify multiple instance types and multiple subnets within a single instance group. Customers running training and inference workloads on HyperPod often need to span multiple instance types and availability zones for capacity resilience, cost optimization, and subnet utilization, but previously had to create and manage a separate instance group for every instance type and availability zone combination, resulting in operational overhead across cluster configuration, scaling, patching, and monitoring. With flexible instance groups, you can define an ordered list of instance types using the new InstanceRequirements parameter and provide multiple subnets across availability zones in a single instance group. HyperPod provisions instances using the highest-priority type first and automatically falls back to lower-priority types when capacity is unavailable, eliminating the need for customers to manually retry across individual instance groups. Training customers benefit from multi-subnet distribution within an availability zone to avoid subnet exhaustion. Inference customers scaling manually get automatic priority-based fallback across instance types without needing to retry each instance group individually, while those using Karpenter autoscaling can reference a single flexible instance group. Karpenter automatically detects supported instance types from the flexible instance group and provisions the optimal type and availability zone based on pod requirements. You can create flexible instance groups using the CreateCluster and UpdateCluster APIs, the AWS CLI, or the AWS Management Console. Flexible instance groups are available for SageMaker HyperPod clusters using the EKS orchestrator in all AWS Regions where SageMaker HyperPod is supported. To learn more, see Flexible instance groups.

In this post, we show you how to use Model Distillation, a model customization technique on Amazon Bedrock, to transfer routing intelligence from a large teacher model (Amazon Nova Premier) into a much smaller student model (Amazon Nova Micro). This approach cuts inference cost by over 95% and reduces latency by 50% while maintaining the nuanced routing quality that the task demands.

In this post, we show you how to build a video semantic search solution on Amazon Bedrock using Nova Multimodal Embeddings that intelligently understands user intent and retrieves accurate video results across all signal types simultaneously. We also share a reference implementation you can deploy and explore with your own content.

In this release, AWS Neuron SDK 2.29.0 promotes the Neuron Kernel Interface (NKI) from Beta to Stable with version 0.3.0. NKI gives developers direct, low-level programming access to AWS Trainium and AWS Inferentia NeuronCores using a Python-based syntax. This release introduces the NKI Standard Library, which exposes developer-visible source code for all NKI APIs and native language objects. It also contains a new CPU Simulator that lets developers write, test, and debug NKI kernels locally on standard CPU, without requiring Trainium hardware, using standard Python debugging tools. NKI 0.3.0 also adds new ISA-level features including a dedicated exponential instruction, matmul accumulation control, DMA priority settings for Trn3, and variable-length all-to-all collectives. The NKI Library expands with 7 new experimental kernels covering Conv1D, a multi-layer Transformer token generation megakernel, fused communication-compute primitives for Trainium2, and dynamic tiling operations. Existing kernels also receive improvements. Attention CTE scales to larger batch sizes and sequence lengths, MLP adds mixed-precision quantization paths, and MoE TKG introduces a dynamic all-expert algorithm. For inference, NxD Inference improves vision language model support with optimizations for Qwen3 VL and Qwen2 VL, including text-model sequence parallelism and vision data parallelism. vLLM Neuron Plugin updated to version 0.5.0. Neuron Explorer, Neuron’s profiling and debugging suite of tools, also moves from Beta to Stable. The System Trace Viewer now supports the full set of Device widgets for multi-device profile analysis, and the tool is available on the VS Code Extension Marketplace for streamlined installation. For full release details, see the AWS Neuron SDK 2.29.0 release notes. The SDK is available in all AWS Regions supporting Inferentia and Trainium instances. Learn more: Neuron Kernel Interface (NKI) Documentation vLLM Neuron Plugin Documentation Neuron Explorer Documentation

Amazon Elastic Container Registry (Amazon ECR) now automatically discovers and syncs OCI referrers, such as image signatures, SBOMs, and attestations, from upstream registries into your Amazon ECR private repositories with its pull through cache feature. Previously, when you listed referrers on a repository with a matching pull through cache rule, Amazon ECR would not return or sync referrers from the upstream repository. This meant that you had to manually list and fetch the upstream referrers. With today's launch, Amazon ECR's pull through cache will now reach upstream during referrers API requests and automatically cache related referrer artifacts in your private repository. This enables end-to-end image signature verification, SBOM discovery, and attestation retrieval workflows to work seamlessly with pull through cache repositories without requiring any client-side workarounds. This feature is available today in all AWS Regions where Amazon ECR pull through cache is supported. To learn more, visit the Amazon ECR documentation.

Amazon SageMaker HyperPod now supports on-demand deep health checks for Amazon EKS and Slurm-orchestrated clusters, enabling you to proactively verify GPU accelerator health on running instances at any time. HyperPod Slurm-orchestrated clusters now also support deep health checks during node provisioning, at the time of cluster creation. This capability addresses a critical challenge where even a single unhealthy node can waste hours of compute time and delay critical workloads. With on-demand deep health checks, you can target entire instance groups or specific instances to run comprehensive hardware stress tests and connectivity tests before committing compute resources to a job. Progress and results are visible at both the instance group and instance level through the SageMaker console and APIs, providing complete visibility into GPU health, network connectivity, and multi-node communication performance. Instances undergoing checks are automatically isolated from workload scheduling and returned to service upon passing. When paired with HyperPod's automatic node recovery capability, instances that fail are automatically rebooted or replaced, ensuring cluster health. This capability is available in all regions where Amazon SageMaker HyperPod is available. To learn more about on-demand health checks, see the documentation.

This hands-on guide walks through every step of fine-tuning an Amazon Nova model with the Amazon Nova Forge SDK, from data preparation to training with data mixing to evaluation, giving you a repeatable playbook you can adapt to your own use case. This is the second part in our Nova Forge SDK series, building on the SDK introduction and first part, which covered kicking off customization experiments.

In this post, we share how AWS Marketing’s Technology, AI, and Analytics (TAA) team worked with Gradial to build an agentic AI solution on Amazon Bedrock for accelerating content publishing workflows.

Today, AWS Deadline Cloud announces an AI-powered troubleshooting assistant that helps you quickly diagnose and resolve render job failures. AWS Deadline Cloud is a fully managed service that simplifies render management for computer-generated 2D/3D graphics and visual effects for films, TV shows, commercials, games, and industrial design. Render job failures from missing assets, software errors, configuration mismatches, and resource constraints can stall production pipelines and waste compute resources. Previously, diagnosing these issues required specialized technical staff to manually parse logs and identify root causes — a process that is time-consuming, difficult to scale, and often unavailable to smaller studios. The new Deadline Cloud assistant investigates failed jobs you identify, analyzes logs and metrics, detects common issues, and provides troubleshooting recommendations based on industry best practices and a pre-trained knowledge base covering Deadline Cloud, common render farm issues, and popular digital content creation applications including Autodesk Maya, 3ds Max, VRED, Blender, SideFX Houdini, Maxon Cinema 4D, Foundry Nuke, and Adobe After Effects. The assistant runs within your AWS account using Amazon Bedrock, keeping all data and analysis within your control. The Deadline Cloud assistant is available today in all AWS Regions where AWS Deadline Cloud is supported. Watch a demo on YouTube to see it in action, or visit the AWS Deadline Cloud documentation to learn more.

Amazon Connect now supports the use of flow modules across all Connect flows, allowing you to reuse common logic and functionality beyond inbound customer experiences. Flow modules organize repeatable logic and create common reusable functions across the customer experiences you build with flows. For example, you can now use a module to share information about a customer’s recent transactions in an agent whisper flow, preparing the agent with relevant details and leveraging functionality that was previously only available as part of inbound flows. Additionally, you can now use flow modules within other modules, enabling you to build complex logic by stitching together pre-built intermediary steps under a single module. For example, a credit card eligibility module can invoke other modules that check credit scores, verify income, and review payment history before making a final determination. This modular approach allows you to build reusable components that can be combined and extended as your business requirements evolve. To learn more about these features, see the Amazon Connect Administrator Guide. To understand recent enhancements to flow module capabilities, see our AWS blog post. This feature is available in all AWS regions where Amazon Connect is offered. To learn more about Amazon Connect, the AWS cloud-based contact center, please visit the Amazon Connect website.

Amazon Managed Grafana now supports creating new workspaces with Grafana version 12.4.  This release includes features that were launched as a part of open source Grafana versions 11.0 to 12.4, including Drilldown apps, scenes powered dashboards, variables in transformations, visualization enhancements, and new features with the Amazon CloudWatch plugin. Queryless Drilldown apps enable customers to perform point-and-click exploration of Prometheus metrics, Loki logs, Tempo traces, and Pyroscope profiles. The Scenes-powered rendering engine boosts dashboard performance. Amazon CloudWatch Logs adds support for PPL and SQL queries, cross-account Metrics Insights, and log anomaly detection. The rebuilt table visualization improves performance with CSS cell styling and interactive Actions buttons, while trendline transformations and navigation bookmarks enhance data exploration. Grafana 12.4 is supported in all AWS regions where Amazon Managed Grafana is generally available. You can create a new Amazon Managed Grafana workspace from the AWS Console, SDK, or CLI. To explore the complete list of new features, please refer to the user documentation. Follow the instructions here to create workspaces with version 12.4. To learn more about Amazon Managed Grafana features and its pricing, visit the product page and pricing page.

AWS Clean Rooms now supports configurable Spark properties for PySpark jobs, offering customers the ability to optimize their workloads based on their performance and scale requirements. With this launch, customers can customize Spark settings such as memory overhead, task concurrency, and network timeouts for each analysis that uses PySpark, the Python API for Apache Spark. For example, a pharmaceutical research company collaborating with healthcare organizations for real-world clinical trial data can set specific memory tuning for large-scale workloads to improve performance and optimize costs.  AWS Clean Rooms helps companies and their partners easily analyze and collaborate on their collective datasets without revealing or copying one another’s underlying data. For more information about the AWS Regions where AWS Clean Rooms is available, see the AWS Regions table. To learn more about collaborating with AWS Clean Rooms, visit AWS Clean Rooms.

SageMaker JumpStart now offers optimized deployments, enabling customers to deploy foundation models with pre-configured settings tailored to specific use cases and performance constraints. SageMaker JumpStart optimized deployments simplify model deployment by offering task-aware configurations that optimize for cost, throughput, or latency based on your workload requirements - whether content generation, summarization, or Q&A. This launch includes support for 30+ popular models from Meta, Microsoft, Mistral AI, Qwen, Google, and TII, with visibility into key performance metrics like P50 latency, time-to-first token (TTFT), and throughput before deployment. With SageMaker JumpStart optimized deployments, customers can select from use case-specific configurations (such as generative writing or chat-style interactions) and choose optimization targets including cost-optimized, throughput-optimized, latency-optimized, or balanced performance. Models deploy to SageMaker AI Managed Inference endpoints or SageMaker HyperPod clusters with pre-set configurations that eliminate guesswork while maintaining full visibility into deployment details. Available models include Meta Llama 3.1 and 3.2 variants, Microsoft Phi-3, Mistral AI models including the new Mistral-Small-24B-Instruct-2501, Qwen 2 and 3 series including multimodal Qwen2-VL, Google Gemma, and TII Falcon3. All deployments leverage SageMaker's VPC deployment capabilities, ensuring data control and production-ready infrastructure with enterprise-grade security. The feature is available in all AWS regions where SageMaker JumpStart is curretly supported. To get started with optimized deployments, navigate to Models in SageMaker Studio, select your desired foundation model in the JumpStart Models tab, choose "Deploy," and select your use case and performance optimization target. For details, visit the SageMaker JumpStart documentation. AWS is actively expanding support to include additional models.

Amazon CloudWatch RUM (Real User Monitoring) is a feature of Amazon CloudWatch that enables developers and operations teams to collect, view, and analyze client-side performance data from real end-user sessions in web and mobile applications. With its expansion to the AWS European Sovereign Cloud, customers operating under strict European data residency and sovereignty requirements can now monitor their web application performance without data leaving the sovereign boundary. This capability is designed for enterprises, public sector organizations, and regulated industries in Europe that require full control over where their data is stored and processed. CloudWatch RUM helps teams proactively identify and resolve performance bottlenecks across both web and mobile applications by surfacing real-time metrics such as page load times, JavaScript errors, HTTP failures, and mobile-specific signals like crash rates and network latency — enabling faster root cause analysis and improved end-user experience. For example, a European public sector organization can use CloudWatch RUM within the AWS European Sovereign Cloud to monitor citizen-facing web portals and mobile apps while maintaining full data sovereignty compliance. CloudWatch RUM in the AWS European Sovereign Cloud is available today in the EU Sovereign (eusc-de-east-1) region — to get started, visit the Amazon CloudWatch RUM documentation.

Amazon CloudWatch now supports auditing telemetry configuration and enabling telemetry from AWS services such as Amazon EC2, Amazon VPC, and AWS CloudTrail across multiple AWS Regions from a single region. Customers can enable the telemetry auditing feature for their account or organization across all supported regions at once and create enablement rules that automatically apply to selected regions or all available regions. With today's launch, customers can scope enablement rules to specific regions or all supported regions. For example, a central security team can create a single organization-wide enablement rule for VPC Flow Logs that applies across all regions, ensuring consistent telemetry collection for every VPC across every account. Rules configured for all regions automatically expand to include new regions as they become available. CloudWatch's cross-region telemetry configuration and enablement rule is available in all AWS commercial regions. Standard CloudWatch pricing applies for telemetry ingestion. To learn more, visit the Amazon CloudWatch documentation.

AWS Elastic Disaster Recovery (AWS DRS) is now available in the AWS European Sovereign Cloud, enabling organizations with data sovereignty requirements to protect their mission-critical workloads with disaster recovery on AWS. AWS DRS minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications using affordable storage, minimal compute, and point-in-time recovery, with Recovery Point Objectives (RPOs) measured in seconds and Recovery Time Objectives (RTOs) typically in minutes. With AWS DRS, you can recover applications from physical infrastructure, VMware vSphere, Microsoft Hyper-V, and cloud infrastructure. AWS DRS uses a unified process for testing, recovery, and failback for a wide range of applications, including critical databases such as Oracle, MySQL, and SQL Server, and enterprise applications such as SAP. AWS Elastic Disaster Recovery is available in the AWS European Sovereign Cloud (Germany). See the AWS Regional Services List for the latest availability information. To learn more about AWS Elastic Disaster Recovery, visit our product page or documentation.

This post explores how combining Babel Street Match with OpenSearch Service provides a solution that helps your organization to handle large-scale, multilingual data.

In this post, we demonstrate two approaches to fine-tune Amazon Nova Micro for custom SQL dialect generation to deliver both cost efficiency and production ready performance.

Online retailers face a persistent challenge: shoppers struggle to determine the fit and look when ordering online, leading to increased returns and decreased purchase confidence. The cost? Lost revenue, operational overhead, and customer frustration. Meanwhile, consumers increasingly expect immersive, interactive shopping experiences that bridge the gap between online and in-store retail. Retailers implementing virtual try-on […]

Amazon WorkSpaces Personal and Amazon WorkSpaces Core are now available in US East (Ohio) and Asia Pacific (Malaysia) AWS Regions. You can now provision WorkSpaces closer to your users, helping to provide in-country data residency and a more responsive experience. In US East (Ohio), organizations can also now implement disaster recovery solutions, meet local data residency compliance mandates, and support regional workforces with consistent, low-latency access to their virtual desktop environments across varying network conditions. Amazon WorkSpaces Personal provides users with instant access to their desktops from anywhere. It allows users to stream desktops from AWS to their devices, and WorkSpaces Personal manages the AWS resources required to host and run your desktops, scales automatically, and provides access to your users on demand. Amazon WorkSpaces Core provides cloud-based, fully managed virtual desktop infrastructure (VDI) accessible to third-party VDI management solutions via API. To get started with Amazon WorkSpaces Personal or Amazon WorkSpaces Core, sign into the WorkSpaces management console and select the AWS Region of your choice. To learn more about Amazon WorkSpaces offerings, visit the product page and technical documentation.

In this post, you'll learn why probabilistic AI validation falls short in regulated industries and how Automated Reasoning checks use formal verification to deliver mathematically proven results. You'll also see how customers across six industries use this technology to produce formally verified, auditable AI outputs, and how to get started.

You can now create Amazon FSx for Lustre Persistent-2 file systems in four additional AWS Regions: Asia Pacific (Hyderabad, Jakarta), Europe (Zurich), and South America (São Paulo). Amazon FSx for Lustre Persistent-2 file systems are built on AWS Graviton processors and provide higher throughput per terabyte (up to 1 GB/s per terabyte) and lower cost of throughput compared to previous generation FSx for Lustre file systems. Using FSx for Lustre Persistent-2 file systems, you can accelerate execution of machine learning, high-performance computing, media & entertainment, and financial simulations workloads while reducing your cost of storage. To get started with Amazon FSx for Lustre Persistent-2 in these new regions, create a file system through the AWS Management Console. To learn more about Amazon FSx for Lustre, visit our product page, and see the AWS Region Table for complete regional availability information.

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) X8aedz instances are available in Europe (Stockholm) region. These instances are powered by 5th Gen AMD EPYC processors (formerly code named Turin). These instances offer the highest maximum CPU frequency, 5GHz in the cloud. X8aedz instances are built using the latest sixth generation AWS Nitro Cards and are ideal for electronic design automation (EDA) workloads such as physical layout and physical verification jobs, and relational databases that benefit from high single-threaded processor performance and a large memory footprint. The combination of 5 GHz processors and local NVMe storage enables faster processing of memory-intensive backend EDA workloads such as floor planning, logic placement, clock tree synthesis (CTS), routing, and power/signal integrity analysis. X8aedz instances feature a 32:1 ratio of memory to vCPU and are available in 8 sizes ranging from 2 to 96 vCPUs with 64 to 3,072 GiB of memory, including two bare metal variants, and up to 8 TB of local NVMe SSD storage. Customers can purchase X8aedz instances via Savings Plans, On-Demand instances, and Spot instances. To get started, sign in to the AWS Management Console. For more information visit the Amazon EC2 X8aedz instance page.

AWS is announcing the general availability of Amazon EC2 C8in and C8ib instances powered by custom, sixth generation Intel Xeon Scalable processors, available only on AWS. These instances feature the latest sixth generation AWS Nitro cards. C8in and C8ib instances deliver up to 43% higher performance compared to previous generation C6in instances. C8in and C8ib instances deliver larger sizes and scale up to 384 vCPUs. C8in instances deliver 600 Gbps network bandwidth—the highest among enhanced networking EC2 instances—making them ideal for network-intensive workloads like distributed compute and large-scale data analytics. C8ib instances deliver up to 300 Gbps EBS bandwidth, the highest among non-accelerated compute instances, making them ideal for high-performance commercial databases and file systems. C8in instances are available in US East (N. Virginia), US West (Oregon), Asia Pacific (Tokyo), and Europe (Spain) regions. C8ib instances are available in US East (N. Virginia) and US West (Oregon). Both, C8in and C8ib instances are available via Savings Plans, On-Demand, and Spot instances. For more information, visit the Amazon EC2 C8i instance page.

AWS launches Claude Opus 4.7 in Amazon Bedrock, Anthropic's most intelligent Opus model for advancing performance across coding, long-running agents, and professional work. Claude Opus 4.7 is powered by Amazon Bedrock's next generation inference engine, purpose-built for generative AI inferencing and fine-tuning workloads.

Today, AWS announces multi-session support for Amazon Quick, which enables customers to access up to five Amazon Quick accounts simultaneously within the same browser. The feature also includes the Amazon Quick account name in all URLs, enabling users to easily access the correct account when opening agents, spaces, flows, research reports, dashboards, and other assets. Customers use multiple accounts for different environments such as development, testing, and production, and compare insights and resource configurations across multiple accounts for troubleshooting and other application-related jobs. Using multi-session capability in Amazon Quick, customers can now sign in to multiple accounts and manage their resources in a single browser. You can sign in to another account by accessing the Amazon Quick top right menu and selecting the option to sign in to another account. For users accessing global URLs without an account name, Amazon Quick presents an account input page that pre-populates the accounts they are logged into, allowing them to select the desired account. You have the option to log out of the current session in the specific browser tab or log out of all sessions. Amazon Quick multi-account sign-in is available in all supported Amazon Quick regions. To learn more about this, visit Amazon Quick Signing In

Amazon Bedrock, the platform for building AI applications and agents at production scale, now offers Claude Opus 4.7-- Anthropic's most capable Opus model to date -- delivering meaningful improvements across agentic coding, professional work, and long-running tasks for developers and enterprises building production AI applications.  Claude Opus 4.7 is an upgrade from Claude Opus 4.6, with stronger performance across the workflows teams run in production. Opus 4.7 works better through ambiguity, is more thorough in its problem solving, and folllows instructions more precisely. For coding, the model extends agentic capabilities with improved long-horizon autonomy, systems engineering, and complex code reasoning. For knowledge work, Claude Opus 4.7 advances professional tasks such as slides and document creation, financial analysis, and data visualization. For long-running tasks, the model stays on track over longer horizons with improved reasoning and memory capabilities. Claude Opus 4.7 also advances visual capabilities with high-resolution image support improving accuracy on charts, dense documents, and screen UIs where fine detail matters.   Claude Opus 4.7 is served through Amazon Bedrock's next-generation inference engine, delivering enterprise-grade infrastructure for production workloads. It provides zero operator data access, meaning customer prompts and responses are never visible to Anthropic or AWS operators, keeping sensitive data private. It also enables enhanced availability through dynamic traffic routing with expanded in-region options, along with improved scalability. Claude Opus 4.7 is available in select AWS Regions. To learn more about Claude Opus 4.7 and other Anthropic models available in Amazon Bedrock, visit the Amazon Bedrock page. To get started, see the Amazon Bedrock documentation.

Amazon Redshift now supports DELETE, UPDATE, and MERGE operations for Apache Iceberg tables stored in Amazon S3 and Amazon S3 table buckets. With these operations, you can modify data at the row level, implement upsert patterns, and manage the data lifecycle while maintaining transactional consistency using familiar SQL syntax. You can run complex transformations in Amazon Redshift and write results to Apache Iceberg tables that other analytics engines like Amazon EMR or Amazon Athena can immediately query. In this post, you work with datasets to demonstrate these capabilities in a data synchronization scenario.

In this post, we demonstrate how Notebooks in Amazon SageMaker Unified Studio help you get to insights faster by simplifying infrastructure configuration. You'll see how to analyze housing price data, create scalable data tables, run distributed profiling, and train machine learning (ML) models within a single notebook environment.

AWS Payment Cryptography has expanded its global presence with availability in South America (São Paulo). This expansion enables customers with latency-sensitive payment applications to build, deploy or migrate into additional AWS Regions without depending on cross-region support. AWS Payment Cryptography is a fully managed service that simplifies payment-specific cryptographic operations and key management for cloud-hosted payment applications. The service scales elastically with your business needs and is assessed as compliant with PCI PIN and PCI P2PE requirements, eliminating the need to maintain dedicated payment HSM instances. Organizations performing payment functions - including acquirers, payment facilitators, networks, switches, processors, and banks can now position their payment cryptographic operations closer to their applications while reducing dependencies on auxiliary data centers with dedicated payment HSMs. AWS Payment Cryptography is available in the following AWS Regions: Canada (Montreal), US East (Ohio, N. Virginia), US West (Oregon), Europe (Ireland, Frankfurt, London, Paris), South America (São Paulo), Africa (Cape Town) and Asia Pacific (Singapore, Tokyo, Osaka, Mumbai, Hyderabad). To start using the service, please download the latest AWS CLI/SDK and see the AWS Payment Cryptography user guide for more information.

Today, we're announcing sheet tooltips in Amazon Quick Sight. Dashboard authors can now design custom tooltip layouts using free-form layout sheets. These layouts combine charts, key performance indicator (KPI) metrics, text, and other visuals into a single tooltip that renders dynamically when readers hover over data points.

In this post, you will learn how speculative decoding works and why it helps reduce cost per generated token on AWS Trainium2.

This post is cowritten by Renata Salvador Grande, Gabriel Bueno and Paulo Laurentys at Rede Mater Dei de Saúde. The growing adoption of multi-agent AI systems is redefining critical operations in healthcare. In large hospital networks, where thousands of decisions directly impact cash flow, service delivery times, and the risk of claim denials, the ability […]

Quick Sight in Amazon Quick now supports sheet tooltips, enabling authors to surface rich, contextual detail when viewers hover over data points — without disrupting their analysis flow. Sheet tooltips allow authors to create dedicated tooltip sheets containing visuals, text boxes, and images arranged in a free-form layout. When a viewer hovers over a data point, the tooltip sheet automatically inherits all filters from the source visual and applies an additional filter for the specific data point, delivering an instant, focused breakdown. This enhancement helps organizations build more intuitive dashboards that reduce the need for multiple sheets or manual navigation. For example, a bar chart showing sales by product category can surface a trend line of monthly sales, a year-over-year growth KPI, and a text box with the category name — all filtered to whichever category the viewer hovers over. Authors can assign one tooltip sheet to multiple visuals, switch between basic, detailed, and sheet tooltip types at any time, and tables and pivot tables are also supported. Sheet tooltips are available on interactive sheets only. This feature is now available in all Amazon Quick regions where Quick Sight is supported. Learn more about how to use sheet tooltips in Amazon Quick and read more about this new feature in our blog post.

Today, we’re announcing the general availability of AWS Interconnect – multicloud, a managed private connectivity service that connects your Amazon Virtual Private Cloud (Amazon VPC) directly to VPCs on other cloud providers. We’re also introducing AWS Interconnect – last mile, a new capability that simplifies how you establish high-speed, private connections to AWS from your […]

Starting today, Amazon Elastic Cloud Compute (Amazon EC2) P6-B300 instances are available in the AWS GovCloud (US-East) Region. P6-B300 instances provide 8x NVIDIA Blackwell Ultra GPUs with 2.1 TB high bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps dedicated ENA throughput, and 4 TB of system memory. P6-B300 instances deliver 2x networking bandwidth, 1.5x GPU memory size, and 1.5x GPU TFLOPS (at FP4, without sparsity) compared to P6-B200 instances, making them well suited to train and deploy large trillion-parameter foundation models (FMs) and large language models (LLMs) with sophisticated techniques. The higher networking and larger memory deliver faster training times and more token throughput for AI workloads. P6-B300 instances are now available in p6-b300.48xlarge size in the following AWS Regions: US West (Oregon) and AWS GovCloud (US-East). To learn more about P6-B300 instances, visit Amazon EC2 P6 instances.

AWS Transform is now available through two additional developer tools — including Kiro and VS Code. AWS Transform is an agentic migration and modernization factory designed to compress enterprise transformation timelines from years to months — handling everything from large-scale infrastructure migrations to continuous tech debt reduction, without the manual handoffs and lost context that commonly stall these programs.. With today’s launch, you can get started with AWS Transform custom transformations from wherever you already work: install the AWS Transform Power in Kiro, or install the AWS Transform extension in VS Code . AWS Transform custom transformations help you crush tech debt at scale — choose from AWS-managed transformations for common patterns like Java, Python, and Node.js version upgrades, AWS SDK migrations (boto2 to boto3, Java SDK v1 to v2, JS SDK v2 to v3), or define your own. These new surfaces make it easier to discover additional capabilities as they become available, build and iterate on your own custom transformations, and run any agent repeatedly or across thousands of repositories at once. The custom transformations are the first in a growing library of playbooks coming to developer tools, complementing the existing AWS Transform web console and CLI so you can start a job in your IDE, track progress in the web console, and finish transformations wherever it makes sense — with job state and context shared across every surface. AWS Transform supports deploying to all AWS commercial regions,and AWS Transform custom is available in US East (N. Virginia) and Europe (Frankfurt). To learn more, visit the AWS Transform product page and user guide.

AWS Secrets Manager now supports hybrid post-quantum key exchange using ML-KEM (Module-Lattice-based Key-Encapsulation Mechanism) to secure TLS connections for retrieving and managing secrets. This protection is automatically enabled in Secrets Manager Agent (version 2.0.0+), AWS Lambda Extension (version 19+), and Secrets Manager CSI Driver (version 2.0.0+). For SDK-based clients, hybrid post-quantum key exchange is available in supported AWS SDKs including Rust, Go, Node.js, Kotlin, Python (with OpenSSL 3.5+), and Java v2 (v2.35.11+). With this launch, your applications retrieve secrets over TLS connections that combine classical key exchange with post-quantum cryptography, helping protect against both traditional cryptographic attacks and future quantum computing threats known as "harvest now, decrypt later" (HNDL). No code changes, configuration updates, or migration effort are required for customers using the latest client versions except for Java v2. For example, a microservice requiring multiple secrets at startup can now retrieve them over quantum-resistant TLS connections by simply upgrading to the latest Secrets Manager Agent version. You can verify hybrid post-quantum key exchange is active by checking CloudTrail logs for the "X25519MLKEM768" key exchange algorithm in the tlsDetails field of GetSecretValue API calls. Hybrid post-quantum key exchange using ML-KEM for AWS Secrets Manager is available in all AWS Regions where AWS Secrets Manager is supported. To learn more, visit the AWS Secrets Manager documentation and the AWS Post-Quantum Cryptography migration page.

Organizations using AWS Outposts racks commonly manage capacity from a single AWS account and share resources through AWS Resource Access Manager (AWS RAM) with other AWS accounts (consumer accounts) within AWS Organizations. In this post, we demonstrate one approach to create a multi-account serverless solution to surface costs in shared AWS Outposts environments using Amazon […]

AWS today announced a new delivery option for AWS Data Exports, enabling FinOps teams to send Standard exports—including Cost and Usage Report 2.0 (CUR 2.0), FOCUS, Cost Optimization Recommendations, and Carbon Emissions reports—directly to any authorized AWS account's Amazon S3 bucket. This capability eliminates the need for for customers to replicate the data across accounts or pay for duplicate storage. With this launch, customers can now specify the destination S3 bucket in any AWS account when creating an export. The destination account owner controls which source accounts can deliver data through S3 bucket policies, so both accounts explicitly authorize where billing data flows. For example, a FinOps team can configure CUR 2.0 exports from their management account to flow directly into a centralized analytics account within their organization where their cost optimization tools reside, without building custom replication processes. This also supports the security best practice of keeping non-administrative workloads out of management accounts. This feature is available in all commercial AWS Regions, except the AWS GovCloud (US) Regions and the China Regions. To learn more about this feature, see AWS Data Exports and AWS Billing and Cost Management in the AWS Cost Management User Guide.

AWS announces general availability (GA) of AWS Interconnect - multicloud, providing simple, resilient, high-speed private connections to other cloud service providers (CSPs). With GA comes Google Cloud as the first launch partner, with Microsoft Azure and Oracle Cloud Infrastructure (OCI) coming later in 2026. Customers have been adopting multicloud strategies while migrating more applications to the cloud. They do so for many reasons including interoperability requirements, the freedom to choose technology that best suits their needs, and the ability to build and deploy applications on any environment with greater ease and speed. Previously, when interconnecting workloads across multiple cloud providers, customers had to go the route of a ‘do-it-yourself’ multicloud approach, leading to complexities of managing global multi-layered networks at scale. AWS Interconnect - multicloud is the first purpose-built product of its kind and a new way of how clouds connect and talk to each other. Simplifying connectivity into AWS, Interconnect - multicloud enables customers to quickly establish private, secure, high-speed network connections with dedicated bandwidth and built-in resiliency between their Amazon VPCs and other cloud environments. Interconnect - multicloud makes it easy to connect AWS resources or VPCs to other CSPs. Customers can also quickly scale connectivity to multiple VPCs or Regions via associating Interconnect with other networking services such as AWS Transit Gateway and AWS Cloud WAN, instead of taking weeks or months. Interconnect - multicloud introduces a new, single-fee pricing structure based on the customer’s selected bandwidth and the geographical scope of the connectivity to other CSPs. Customers can also use one free, local 500Mbps interconnect per Region starting in May. To learn more please see the Interconnect - multicloud Pricing documentation page. Interconnect - multicloud is available in five AWS Regions. You can enable this capability using the AWS Management Console, Command Line Interface (CLI), or API, and CSPs can also adopt via a published open API package on GitHub. For more information, see the AWS Interconnect - multicloud documentation and pricing pages.

Today, AWS announces increased Amazon Elastic Block Store (Amazon EBS) performance for Amazon EC2 C8gn, M8gn, and R8gn instances in 48xlarge and metal-48xl sizes. EC2 C8gn, M8gn, and R8gn instances are network optimized instances powered by AWS Graviton4 processors and latest 6th generation AWS Nitro Cards. With the latest enhancements to AWS Nitro System, we have doubled the maximum EBS performance on these instances in 48xlarge and metal-48xl sizes, from 60 Gbps of EBS bandwidth and 240,000 IOPS to 120 Gbps of EBS bandwidth and 480,000 IOPS. Customers running network-intensive workloads while requiring additional block storage performance such as data analytics and high-performance file systems can benefit from the improved EBS performance. All existing and new C8gn, M8gn, and R8gn instances in 48xlarge and metal-48xl sizes launched starting today will benefit from this performance increase at no additional cost. For running instances, customers can stop and start instances to enable this performance increase. The higher EBS performance is available in all AWS regions where these instance types are generally available today. To learn more, see Amazon C8gn, M8gn, and R8gn Instances and EBS-optimized instance types.

NVIDIA’s Nemotron-3-Super-120B, Qwen3.5-9B, and Qwen3.5-27B models are now available on Amazon SageMaker JumpStart, expanding the portfolio of foundation models available to AWS customers. These three models bring specialized capabilities spanning agentic reasoning, multilingual coding, and advanced instruction following, enabling customers to deploy high-performance, scalable AI solutions on AWS infrastructure. These models address different enterprise AI challenges with specialized capabilities: Nemotron-3-Super-120B is optimized for collaborative agents and high-volume workloads such as IT ticket automation. It employs a hybrid Latent Mixture-of-Experts (LatentMoE) architecture with Mamba-2 and MoE layers, enabling strong agentic, reasoning, and conversational capabilities useful for multi-agent applications like software development and cybersecurity triaging. Qwen 3.5 9B excels in multilingual coding, instruction following, and long-horizon planning, automating software development workflows and executing complex, multi-step office tasks. Its compact design balances efficiency and performance for resource-constrained environments. Qwen 3.5 27B provides deeper contextual understanding, extended reasoning capabilities, and enhanced spatial/complex scenario comprehension, ideal for advanced multimodal reasoning and large-scale document processing. With SageMaker JumpStart, customers can deploy any of these models with just a few clicks to address their specific AI use cases. To get started with these models, navigate to the SageMaker JumpStart model catalog in the SageMaker console or use the SageMaker Python SDK to deploy the models to your AWS account. For more information about deploying and using foundation models in SageMaker JumpStart, see the Amazon SageMaker JumpStart documentation.

Amazon OpenSearch Serverless introduces support for Derived Source, a new feature that can help reduce the amount of storage required for your OpenSearch Service collections. With derived source support, you can skip storing source fields and dynamically derive them when required.  With Derived Source, OpenSearch Serverless reconstructs the _source field on the fly using the values already stored in the index, eliminating the need to maintain a separate copy of the original document. This can significantly reduce storage consumption, particularly for time-series and log analytics collections where documents contain many indexed fields. You can enable derived source at the index level when creating or updating index mappings. Derived Source support is available today in all AWS Regions where Amazon OpenSearch Serverless is supported. For more information, see the Amazon OpenSearch Serverless documentation.

Amazon Redshift further optimizes the processing of top-k queries (queries with ORDER BY and LIMIT clauses) by intelligently skipping irrelevant data blocks to return results faster, dramatically reducing the amount of data processed. This optimization reorders and efficiently adjusts the data blocks to be read based on the ORDER BY column's min/max values, maintaining only the K most qualifying rows in memory. When the ORDER BY column is sorted or partially sorted, Amazon Redshift now processes only the minimal data blocks needed rather than scanning entire tables, eliminating unnecessary I/O and compute overhead. This enhancement particularly benefits top-k queries when the data permanently stores in descending order (ORDER BY ... DESC LIMIT K) on large tables where qualifying rows are appended at the end of the data storage. Common examples include: Finding the k most recent orders from millions or billions of transactions Retrieving top-k best performing products or k worst performing products (top-k in descending order) from your sales catalog containing hundreds of thousands stock keeping units (SKUs) and millions or billions of sales transactions associated with all product SKUs in your sales catalog Finding the top-k most recent or top-k oldest (top k in descending order) prompts inferred by a foundational large language model (LLM) out of billions of prompts. With this new optimization, top-k query performance improves dramatically. This optimization for top-k queries is now available in Amazon Redshift at no additional cost starting with patch release P199 across all AWS regions where Amazon Redshift is available. This optimization automatically applies to eligible queries without requiring any query rewrites or configuration changes.

Amazon Quick now supports document-level access controls (ACLs) for Google Drive knowledge bases, enabling organizations to maintain native Google Drive permissions when indexing content. Quick combines ACL replication for efficient pre-retrieval filtering with an additional layer of real-time permission checks directly with Google Drive at query time. This dual approach means you get the performance benefits of indexed ACLs while also guarding against stale or incorrectly mapped permission data. When a user submits a query, Quick verifies their current permissions with Google Drive before generating a response—ensuring answers are based on live access rights. With document-level access controls, Amazon Quick now respects individual file and folder permissions from Google Drive. This feature is available in all AWS Regions where Amazon Quick is available. To get started, create or update a Google Drive knowledge base in the Amazon Quick console and configure document-level access controls in your integration settings. For more information, see Google Drive integration in the Amazon Quick User Guide.

Starting today, Amazon EC2 M8i and M8i-flex instances are now available in AWS GovCloud (US-West) Region. These instances are powered by custom Intel Xeon 6 processors, available only on AWS, delivering the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. The M8i and M8i-flex instances offer up to 15% better price-performance, and 2.5x more memory bandwidth compared to previous generation Intel-based instances. They deliver up to 20% better performance than M7i and M7i-flex instances, with even higher gains for specific workloads. The M8i and M8i-flex instances are up to 30% faster for PostgreSQL databases, up to 60% faster for NGINX web applications, and up to 40% faster for AI deep learning recommendation models compared to M7i and M7i-flex instances. M8i-flex are the easiest way to get price performance benefits for a majority of general-purpose workloads like web and application servers, microservices, small and medium data stores, virtual desktops, and enterprise applications. They offer the most common sizes, from large to 16xlarge, and are a great first choice for applications that don't fully utilize all compute resources. M8i instances are a great choice for all general purpose workloads, especially for workloads that need the largest instance sizes or continuous high CPU usage. The SAP-certified M8i instances offer 13 sizes including 2 bare metal sizes and the new 96xlarge size for the largest applications. To get started, sign in to the AWS Management Console. For more information about the new instances, visit the M8i and M8i-flex instance page or visit the AWS News blog.

Amazon CloudWatch Logs Insights saved queries now support parameters, allowing you to pass values to reusable query templates with placeholders. This eliminates the need to maintain multiple copies of nearly identical queries that differ only in specific values such as log levels, service names, or time intervals. You can define up to 20 parameters in a query, with each parameter supporting optional default values. For example, you can create a single template to query logs by severity level (such as ERROR or WARN) and pass different service names each time you run it. To execute a query with parameters, invoke it using the query name prefixed with $ and pass your parameter values, such as $ErrorsByService(logLevel="ERROR", serviceName="OrderEntry"). You can also use multiple saved queries with parameters together for complex log analysis, significantly reducing query maintenance overhead while improving reusability. Saved queries with parameters are available in all commercial AWS regions. You can create and use saved queries with parameters using the Amazon CloudWatch console, AWS Command Line Interface (AWS CLI), AWS Cloud Development Kit (AWS CDK), and AWS SDKs. To learn more, see the Amazon CloudWatch Logs documentation.

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R8i and R8i-flex instances are available in the AWS GovCloud (US-West) Region. These instances are powered by custom Intel Xeon 6 processors, available only on AWS, delivering the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. The R8i and R8i-flex instances offer up to 15% better price-performance, and 2.5x more memory bandwidth compared to previous generation Intel-based instances. They deliver 20% higher performance than R7i instances, with even higher gains for specific workloads. They are up to 30% faster for PostgreSQL databases, up to 60% faster for NGINX web applications, and up to 40% faster for AI deep learning recommendation models compared to R7i. R8i-flex, our first memory-optimized Flex instances, are the easiest way to get price performance benefits for a majority of memory-intensive workloads. They offer the most common sizes, from large to 16xlarge, and are a great first choice for applications that don't fully utilize all compute resources. R8i instances are a great choice for all memory-intensive workloads, especially for workloads that need the largest instance sizes or continuous high CPU usage. R8i instances offer 13 sizes including 2 bare metal sizes and the new 96xlarge size for the largest applications. R8i instances are SAP-certified and deliver 142,100 aSAPS, delivering exceptional performance for mission-critical SAP workloads. To get started, sign in to the AWS Management Console. For more information about the R8i and R8i-flex instances visit the AWS News blog.

In my last Week in Review post, I mentioned how much time I’ve been spending on AI-Driven Development Lifecycle (AI-DLC) workshops with customers this year. A common theme in those sessions is the need for better cost visibility. Teams are moving fast with AI, but as they go from experimenting to full production, finance and […]

AWS IoT Core and AWS IoT Device Management services are now available in the Israel (Tel Aviv) and Europe (Milan) AWS Regions. With this expansion, organizations operating in these regions can better serve their local customers and unlock multiple benefits, including faster response times, stronger data residency controls, and reduced data transfer expenses. AWS IoT Core is a managed cloud service that lets you securely connect billions of Internet of Things (IoT) devices to the cloud and manage them at scale. It routes trillions of messages to IoT devices and AWS endpoints, through bi-directional industry standard protocols, such as MQTT, HTTPS, LoRaWAN (select regions). AWS IoT Device Management allows customers to search, organize, monitor and remotely manage connected devices at scale. With the expansion to these regions, AWS IoT is now available in 27 AWS Regions worldwide. To get started and to learn more, refer to the technical documentation for AWS IoT Core and AWS IoT Device Management.

Amazon FSx now supports copying file system backups across opt-in Regions (AWS Regions that are disabled by default) for Amazon FSx for Windows File Server, Amazon FSx for Lustre, and Amazon FSx for OpenZFS. This launch makes it easier for customers to meet business continuity, disaster recovery, and compliance requirements by extending cross-Region, cross-account backup and recovery capabilities beyond AWS Regions that are enabled by default. Amazon FSx is a fully managed service that makes it easy and cost-effective to launch, run, and scale feature-rich, high-performance file systems in the AWS Cloud. Opt-in Regions are AWS Regions that are disabled by default, in contrast to regions that are enabled by default. Previously, customers could copy Amazon FSx file system backups across regions enabled by default, within the same AWS account or across AWS accounts in the same AWS Organization. Starting today, you can copy backups into and out of opt-in Regions within the same AWS account using the Amazon FSx console, API, or CLI, or across AWS accounts in the same AWS Organization using AWS Backup. This allows you to design resilient, multi-account, cross-Region backup and recovery architectures across a broader set of AWS Regions. To get started, visit the Amazon FSx console or the AWS Backup console. For more details, see the Amazon FSx product page and the AWS Backup product page.

In this blog post, we use Athena and Amazon SageMaker Unified Studio to explore Parquet Column Indexes and demonstrate how they can improve Iceberg query performance. We explain what Parquet Column Indexes are, demonstrate their performance benefits, and show you how to use them in your applications.

In this post, we show how to configure Kerberos authentication for Spark jobs on Amazon EMR on EKS, authenticating against a Kerberos-enabled HMS so you can run both Amazon EMR on EC2 and Amazon EMR on EKS workloads against a single, secure HMS deployment.

AWS Elastic Disaster Recovery (AWS DRS) now supports IPv6 for both data replication and control plane connections. Customers operating in IPv6-only or dual-stack network environments can now configure AWS DRS to replicate using IPv6, eliminating the need for IPv4 addresses in their disaster recovery setup. AWS DRS minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications using affordable storage, minimal compute, and point-in-time recovery. Previously, AWS DRS required IPv4 connectivity for all replication and service communication. Now, customers can set the internet protocol to IPv6 in their replication configuration to use dual-stack endpoints for agent-to-service communication and data replication. This helps customers meet network modernization requirements and enables disaster recovery in environments where IPv4 addresses are unavailable or restricted. Existing replication configurations are not affected and continue to use IPv4 by default. This capability is available in all AWS Regions where AWS DRS is available and where Amazon EC2 supports IPv6. See the AWS Regional Services List for the latest availability information. To learn more about AWS DRS, visit our product page or documentation. To get started, sign in to the AWS Elastic Disaster Recovery Console.

AWS launches AWS Interconnect - last mile, a fully managed connectivity offering that allows customers to connect their branch offices, data centers, and remote locations to AWS with just a few clicks, eliminating the friction and complexity of network setup. As a milestone collaboration between AWS and Lumen, AWS Interconnect - last mile combines AWS cloud innovation with Lumen’s extensive network footprint to redefine how businesses connect to the cloud. Through the AWS Console, customers can now instantly establish private, high-speed connections to AWS by simply choosing their preferred AWS Region, bandwidth speed, Direct Connect Gateway ID and partner subscriber ID. Once initiated, AWS generates an activation key to complete provisioning with Lumen. The launch simplifies the connectivity experience by pre-provisioning capacity and automating complex network configuration including BGP peering, VLAN configuration, and ASN assignment. Customers can dynamically scale bandwidth from 1 Gbps to 100 Gbps through the AWS Console and benefit from zero down-time maintenance. The service is designed for high availability and backed by SLA. MACsec encryption is enabled by default for enhanced security between AWS and partner devices. AWS Interconnect - last mile is available in the US through our launch partner Lumen. Partners can also easily adopt via a published open API package on GitHub. For more information, see the AWS Interconnect - last mile documentation and pricing pages.

Amazon Web Services (AWS) is announcing the general availability of Amazon EC2 X8i instances, next-generation memory optimized instances powered by custom Intel Xeon 6 processors available only on AWS. X8i instances are SAP-certified and deliver the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. They deliver up to 43% higher performance, 1.5x more memory capacity (up to 6TB), and 3.3x more memory bandwidth compared to previous generation X2i instances. X8i instances are designed for memory-intensive workloads like SAP HANA, large databases, data analytics, and Electronic Design Automation (EDA). Compared to X2i instances, X8i instances offer up to 50% higher SAPS performance, up to 47% faster PostgreSQL performance, 88% faster Memcached performance, and 46% faster AI inference performance. X8i instances come in 14 sizes, from large to 96xlarge, including two bare metal options. X8i instances are available in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), Europe (Stockholm) and Europe (Paris). To get started, visit the AWS Management Console. X8i instances can be purchased via Savings Plans, On-Demand instances, and Spot instances. For more information visit X8i instances page.

Amazon CloudWatch pipelines now supports conditional processing and a new drop events processor, giving you more control over how your log data is transformed. CloudWatch pipelines is a fully managed service that ingests, transforms, and routes log data to CloudWatch without requiring you to manage infrastructure. Until now, processors applied to all log entries uniformly. With conditional processing, you can define rules that determine when a processor runs and which individual log entries it acts on, so you only transform the data that matters. Conditional processing is available across 21 processors including Add Entries, Delete Entries, Copy Values, Grok, Rename Key, and more. For each processor, you can set a "run when" condition to skip the entire processor if the condition is not met, or an entry-level condition to control whether each individual action within the processor is applied. The new Drop Events processor lets you filter out unwanted log entries from third-party pipeline connectors based on conditions you define, helping reduce noise and lower costs. Conditional processing and the Drop Events processor are available at no additional cost in all AWS Regions where CloudWatch pipelines is generally available. Standard CloudWatch Logs ingestion and storage rates still apply. To get started, visit the CloudWatch pipelines page in the Amazon CloudWatch console. To learn more, see the CloudWatch pipelines documentation.

Building memory-intensive applications with AWS Lambda just got easier. AWS Lambda Managed Instances gives you up to 32 GB of memory—3x more than standard AWS Lambda—while maintaining the serverless experience you know. Modern applications increasingly require substantial memory resources to process large datasets, perform complex analytics, and deliver real-time insights for use cases such as […]

Amazon CloudWatch pipelines now includes new compliance and governance capabilities to help you maintain data integrity and control access when processing logs. CloudWatch pipelines is a fully managed service that ingests, transforms, and routes log data to CloudWatch without requiring you to manage infrastructure. Because pipeline processors modify log events during transformation, organizations with audit or regulatory requirements need ways to preserve original data and track what has been changed. These new tools address those needs directly. You can now enable a "keep original" toggle to automatically store a copy of your raw logs before any transformation takes place, ensuring the unmodified data is always available when needed. Pipelines also adds new metadata to processed log entries indicating that the log has been transformed, making it easy to distinguish between original and processed data during audits or investigations. Additionally, new IAM condition keys let administrators restrict who can create pipelines based on log source name and type, giving operators fine-grained control over pipeline creation across their organization. These compliance and governance features are available at no additional cost. Standard CloudWatch Logs storage rates apply to both the original and transformed copies of your log data when the keep original log option is enabled. You can use these features in all AWS Regions where CloudWatch pipelines is generally available. To get started, visit the CloudWatch Ingestion page in the Amazon CloudWatch console. To learn more, see the CloudWatch pipelines documentation.

Amazon FSx for NetApp ONTAP second-generation file systems are now available in 4 additional AWS Regions: Europe (London), Asia Pacific (Hyderabad), South America (Sao Paulo), and AWS GovCloud (US-West).  Amazon FSx makes it easier and more cost effective to launch, run, and scale feature-rich, high-performance file systems in the cloud. Second-generation FSx for ONTAP file systems give you more performance scalability and flexibility over first-generation file systems by allowing you to create or expand file systems with up to 12 highly-available (HA) pairs of file servers, providing your workloads with up to 72 GBps of throughput and 1 PiB of provisioned SSD storage. With this regional expansion, second-generation FSx for ONTAP file systems are available in the following AWS Regions: US East (N. Virginia, Ohio), US West (N. California, Oregon), Canada (Central), Europe (Frankfurt, Ireland, London, Spain, Stockholm, Zurich), South America (Sao Paulo), Asia Pacific (Hyderabad, Mumbai, Seoul, Singapore, Sydney, Tokyo), and AWS GovCloud (US-West). You can create second-generation Multi-AZ file systems with a single HA pair, and Single-AZ file systems with up to 12 HA pairs. To learn more, visit the FSx for ONTAP user guide.

Amazon Quick now supports document-level access control lists (ACLs) for Amazon S3 knowledge bases, enabling you to manage granular permissions for documents stored in S3. With this feature, you can control which users and groups can access specific documents or folders within your knowledge base, ensuring that sensitive information is only available to authorized personnel. You can configure document-level ACLs using two methods optimized for different use cases. The global ACL configuration file provides centralized permission management at the folder level, ideal for organizations with stable permission structures. Alternatively, document-level metadata files enable faster permission updates by allowing you to define access controls for individual documents, requiring reindexing only for affected documents rather than entire folder structures. Document-level ACL configuration is permanent and must be set when creating a new knowledge base. For ACL-enabled knowledge bases, documents without an associated ACL entry are not ingested, ensuring comprehensive access control across your document repository. This Feature is available in all AWS Regions where Amazon Quick is available.  To get started with document-level ACLs for Amazon S3 knowledge bases, visit the Amazon Quick User Guide.

AWS Billing and Cost Management Dashboards now support scheduled email delivery for your reports. You can now automate report distribution on flexible recurring schedules, eliminating manual compilation work and ensuring financial insights reach decision-makers without requiring console access." Scheduled email reports enable you to configure daily, weekly, or monthly delivery schedules for your dashboards. Recipients receive emails containing secure links to password-protected PDF reports optimized for offline viewing. Manage recipients through AWS User Notifications, and once configured, reports generate and distribute automatically on your chosen schedule. You can also access these capabilities programmatically through AWS SDKs and CLI tools. This feature is available at no additional cost in all commercial AWS Regions, excluding AWS China Regions. To get started, open the AWS Billing and Cost Management console, navigate to Dashboards, select a dashboard, and choose 'Manage email reports' from the Actions menu. For more information, see the Dashboards user guide and announcement blog post.

AWS RTB Fabric now supports health checks for real-time bidding workloads that use EC2 Auto Scaling groups (AGS). Health checks in AWS RTB Fabric continuously monitors and automatically routes traffic to healthy instances with configurable settings in RTB responder gateways. This helps eliminate failed real-time bidding transactions from bootstrapping, draining, or failed instances. With this launch, AWS RTB Fabric helps advertising technology (AdTech) companies improve uptime, reduce error rates, and prevent revenue loss from failed auctions. AWS RTB Fabric helps you connect with your AdTech partners such as Amazon Ads, GumGum, Kargo, MobileFuse, Sovrn, TripleLift, Viant, Yieldmo, and more in three steps while delivering single-digit millisecond latency through a private, high-performance network environment. RTB Fabric reduces standard cloud networking costs by up to 80% and does not require upfront commitments. AWS RTB Fabric is generally available in the following AWS Regions: US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Ireland). To learn more, visit the AWS RTB Fabric documentation or product page.

AWS Backup is expanding support for Amazon FSx for Windows File Server, Amazon FSx for OpenZFS, and Amazon FSx for Lustre with two regional enhancements. First, AWS Backup now supports backup and restore of these FSx file systems in 5 additional AWS Regions: Asia Pacific (Malaysia, Taipei, Thailand), Canada West (Calgary), and Mexico (Central). You can now centrally manage FSx backup policies, automate backup schedules, and monitor backup activity through AWS Backup in these Regions. Second, AWS Backup now supports cross-Region and cross-account copy of FSx backups in 14 Regions: Africa (Cape Town), Asia Pacific (Hong Kong, Hyderabad, Jakarta, Malaysia, Melbourne, Taipei, Thailand), Canada West (Calgary), Europe (Milan, Spain, Zurich), Israel (Tel Aviv), and Mexico (Central). This capability is available for both on-demand copies and scheduled backup plans with copy rules. With support in opt-in Regions, you can also store FSx backups in AWS Backup logically air-gapped vaults, providing additional defense against inadvertent or malicious deletions and helping you recover from ransomware events. You can now configure cross-Region and cross-account copy rules to meet your compliance and business continuity requirements. To learn more, visit the AWS Backup feature availability page.

Amazon Bedrock now supports cost allocation by IAM principal, such as IAM users and IAM roles, in AWS Cost and Usage Report 2.0 (CUR 2.0) and Cost Explorer. This enables customers to understand and attribute Bedrock model inference costs across users, teams, projects, and applications. With this launch, customers can tag their IAM users and roles with attributes like team, project, or cost center, activate them as cost allocation tags, and analyze Bedrock model inference costs by the tags in Cost Explorer or at the line-item level in CUR 2.0. To get started, tag your IAM users and roles and activate them as cost allocation tags in the Billing and Cost Management console. Then create a CUR 2.0 data export and select "Include caller identity (IAM principal) allocation data" or filter by tags in Cost Explorer. This feature is available in all AWS commercial Regions where Amazon Bedrock is available. To learn more, see Using IAM principal for Cost Allocation documentation. To get started with Amazon Bedrock, visit Amazon Bedrock documentation.

Amazon OpenSearch Service now provides a unified observability experience that brings together metrics, logs, traces, and AI agent tracing in a single interface. This release introduces native integration with Amazon Managed Service for Prometheus and comprehensive agent tracing capabilities, addressing the dual challenges of prohibitive costs from premium observability platforms and operational complexity from fragmented tooling. Site Reliability Engineers, DevOps Engineers, and Platform Engineering teams can now consolidate their observability stack without costly data duplication or constant context switching between multiple tools. You can now query Prometheus metrics directly using native PromQL syntax alongside logs and traces in OpenSearch UI's observability workspace—without duplicating data. Combined with new application monitoring workflows powered by RED metrics (Rate, Errors, Duration) and AI agent tracing using OpenTelemetry GenAI semantic conventions, operations teams can correlate slow traces to application logs, overlay Prometheus metrics on service dashboards, and trace LLM agent execution—all without switching tools. This live query architecture delivers significant cost reduction compared to premium platforms while maintaining operational excellence. The new unified observability experience is available on OpenSearch UI in 20 AWS regions: US East (N. Virginia, Ohio), US West (N. California, Oregon), Asia Pacific (Hong Kong, Mumbai, Osaka, Seoul, Singapore, Sydney, Tokyo), Europe (Frankfurt, Ireland, London, Milan, Paris, Spain, Stockholm), Canada (Central), and South America (São Paulo). To learn more, visit the OpenSearch Service observability documentation and direct query documentation.

Amazon S3 Lifecycle now prevents expiration and transition actions on objects that failed replication, helping you to coordinate replication configuration or permissions changes with actions defined in your lifecycle rules. Incorrect permissions or replication configuration can prevent objects from being replicated. With this change, S3 Lifecycle no longer expires or transitions objects that have failed replication, even if they match one of the lifecycle rules that you have defined. Once you have corrected your replication configuration or permissions, you can use S3 Batch Replication to replicate objects that previously failed. After successful replication, S3 Lifecycle will automatically process these objects according to your configured rules. This change applies automatically to all existing and new S3 Lifecycle configurations, across 37 AWS Regions, including the AWS China and AWS GovCloud (US) Regions. We are in the process of deploying this change and plan to complete the deployment in the coming days. To learn more, visit S3 Lifecycle documentation and S3 Replication troubleshooting documentation.

In this post, we'll show you how to use Kiro powers, a new capability that equips Kiro with contextual knowledge and tooling. You can simplify your MSK cluster management, from initial setup to diagnosing common issues, all through natural language conversations.

In this post, we demonstrate how you can build a scalable, multi-tenant configuration service using the tagged storage pattern, an architectural approach that uses key prefixes (like tenant_config_ or param_config_) to automatically route configuration requests to the most appropriate AWS storage service. This pattern maintains strict tenant isolation and supports real-time, zero-downtime configuration updates through event-driven architecture, alleviating the cache staleness problem.

Amazon S3 Files makes S3 buckets accessible as high-performance file systems on AWS compute resources, eliminating the tradeoff between object storage benefits and interactive file capabilities while enabling seamless data sharing with ~1ms latencies.

In this post, we introduce the workload simulation workbench for Amazon Managed Streaming for Apache Kafka (Amazon MSK) Express Broker. The simulation workbench is a tool that you can use to safely validate your streaming configurations through realistic testing scenarios.

In this post, we show you how to build a serverless, low-cost monitoring solution for Amazon Redshift Serverless that proactively detects performance anomalies and sends actionable alerts directly to your selected Slack channels.

In this post, we walk through the new installation experience, demonstrate three deployment methods (console, CLI, and Terraform), and show how features like multi-instance-type deployment and native node affinity give you fine-grained control over inference scheduling

In this post, we provide implementation guidance for building integrated analytics solutions that combine the generative BI features of Amazon Quick with Amazon Redshift and Amazon Athena SQL analytics capabilities.

Smithy Java client code generation is now generally available. You can use it to build type-safe, protocol-agnostic Java clients directly from Smithy models. With Smithy Java, serialization, protocol handling, and request/response lifecycles are all generated automatically from your model. This removes the need to write or maintain any of this code by hand. In this […]

Last week, I visited AWS Hong Kong User Group with my team. Hong Kong has a small but strong community, and their energy and passion are high. They recently started a new AI user group, and we hope more people will join. I was able to strengthen my bond with the community through great food […]

Organizational safeguards are now generally available in Amazon Bedrock Guardrails, enabling centralized enforcement and management of safety controls across multiple AWS accounts within an AWS Organization.

Now, Amazon OpenSearch Service brings three new agentic AI features to OpenSearch UI. In this post, we show how these capabilities work together to help engineers go from alert to root cause in minutes. We also walk through a sample scenario where the Investigation Agent automatically correlates data across multiple indices to surface a root cause hypothesis.

In this post, we show you how to use the new topic management capabilities of Amazon MSK to streamline your Apache Kafka operations. We demonstrate how to manage topics through the console, control access with AWS Identity and Access Management (IAM), and bring topic provisioning into your continuous integration and continuous delivery (CI/CD) pipelines.

In this post, we explore scenarios where customers need more control over their network infrastructure when building their unified data and analytics strategic layer. We’ll show how you can bring your own Amazon Virtual Private Cloud (Amazon VPC) and set up Amazon SageMaker Unified Studio for strict network control.

Smithy Kotlin client code generation is now generally available. With Smithy Kotlin, you can keep client libraries in sync with evolving service APIs. By using client code generation, you can reduce repetitive work and instead, automatically create type-safe Kotlin clients from your service models. In this post, you will learn what Smithy Kotlin client generation is, how it works, and how you can use it.

Amazon ECS Managed Daemons gives platform engineers independent control over monitoring, logging, and tracing agents without application team coordination, ensuring consistent daemon deployment and comprehensive host-level observability at scale.

In this post, we explore SageMaker Unified Studio multi-account deployments in depth: what they entail, why they matter, and how to implement them effectively. We examine architecture patterns, evaluate trade-offs across security boundaries, operational overhead, and team autonomy. We also provide practical guidance to help you design a deployment that balances centralized control with distributed ownership across your organization.

This is a two-part series post. In the first part, we walk you through how to set up the automated processing for unstructured documents, extract and enrich metadata using AI, and make your data discoverable through SageMaker Catalog. The second part is currently in the works and will show you how to discover and access the enriched unstructured data assets as a data consumer. By the end of this post, you will understand how to combine Amazon Textract and Anthropic Claude through Amazon Bedrock to extract key business terms and enrich metadata using Amazon SageMaker Catalog to transform unstructured data into a governed, discoverable asset.

This post describes a solution that uses fixed camera networks to monitor operational environments in near real-time, detecting potential safety hazards while capturing object floor projections and their relationships to floor markings. While we illustrate the approach through distribution center deployment examples, the underlying architecture applies broadly across industries. We explore the architectural decisions, strategies for scaling to hundreds of sites, reducing site onboarding time, synthetic data generation using generative AI tools like GLIGEN, and other critical technical hurdles we overcame.

In this blog post, we take a building blocks approach. Starting with the tools like AWS Backup to protect your data, we then add protection for Amazon Elastic Compute Cloud (Amazon EC2) compute using AWS Elastic Disaster Recovery (AWS DRS). Finally, we show how to use the full capabilities of AWS to restore your entire workload—data, infrastructure, networking, and configuration, using Arpio disaster recovery automation.

This post shows you how to accelerate your AI inference workloads by up to 76% using Intel Advanced Matrix Extensions (AMX) – an accelerator that uses specialized hardware and instructions to perform matrix operations directly on processor cores – on Amazon Elastic Compute Cloud (Amazon EC2) 8th generation instances. You'll learn when CPU-based inference is cost-effective, how to enable AMX with minimal code changes, and which configurations deliver optimal performance for your models.

Last week, what excited me most was the launch of the 2026 AWS AI & ML Scholars program by Swami Sivasubramanian, VP of AWS Agentic AI, to provide free AI education to up to 100,000 learners worldwide. The program has two phases: a Challenge phase where you’ll learn foundational generative AI skills, followed by a […]

In this post, you will learn how Aigen modernized its machine learning (ML) pipeline with Amazon SageMaker AI to overcome industry-wide agricultural robotics challenges and scale sustainable farming. This post focuses on the strategies and architecture patterns that enabled Aigen to modernize its pipeline across hundreds of distributed edge solar robots and showcase the significant business outcomes unlocked through this transformation. By adopting automated data labeling and human-in-the-loop validation, Aigen increased image labeling throughput by 20x while reducing image labeling costs by 22.5x.

In this post, you will learn how to configure AWS Lambda Managed Instances by creating a Capacity Provider that defines your compute infrastructure, associating your Lambda function with that provider, and publishing a function version to provision the execution environments. We will conclude with production best practices including scaling strategies, thread safety, and observability for reliable performance.

In this post, we demonstrate how to architect AWS systems that enable AI agents to iterate rapidly through design patterns for both system architecture and code base structure. We first examine the architectural problems that limit agentic development today. We then walk through system architecture patterns that support rapid experimentation, followed by codebase patterns that help AI agents understand, modify, and validate your applications with confidence.

AWS introduces a new express configuration for Amazon Aurora PostgreSQL, a streamlined database creation experience with preconfigured defaults designed to help you get started in seconds. With Aurora PostgreSQL, start building quickly from the RDS Console or your preferred developer tool—with the ability to modify configurations anytime. Plus, Aurora PostgreSQL is now available with AWS Free Tier.

In this post, we look at how Generali is using Amazon EKS Auto Mode and its integration with other AWS services to enhance performance while reducing operational overhead, optimizing costs, and enhancing security.

This post walks through a fraud detection system built with durable functions. It also highlights the best practices that you can apply to your own production workflows, from approval processes to data pipelines to AI agent orchestration.

Hello! I’m Daniel Abib, and this is my first AWS Weekly Roundup. I’m a Senior Specialist Solutions Architect at AWS, focused on the generative AI and Amazon Bedrock. With over 28 years of experience in solution architecture, software development, and cloud architecture, I help Startups & Enterprises harness the power of generative AI with Amazon […]

Celebrating twenty years of innovation in ML and AI technology at AWS. Countless developers—myself included—have embraced cloud computing and actively used its capabilities to accomplish what was previously impossible.

In this post, you'll learn how AWS DevOps Agent integrates with your existing observability stack to provide intelligent, automated responses to system events.

Twenty years ago this past week, Amazon S3 launched publicly on March 14, 2006. While Amazon Simple Storage Service is often considered the foundational storage service that defined cloud infrastructure, what began as a simple object storage service has grown into something far larger in scope and scale. As of March 2026, S3 stores more […]

Some reflections on 20 years of innovations in Amazon S3 including S3 Tables, S3 Vectors and S3 Metadata.

AWS launches a new feature of Amazon S3 that lets you create general purpose buckets in your own account regional namespace simplifying bucket creation and management as your data storage needs grow in size and scope.

Fiti AWS Student Community Kenya! Last week was an incredible whirlwind: a round of meetups, hands-on workshops, and career discussions across Kenya that culminated with the AWS Student Community Day at Meru University of Science and Technology, with keynotes from my colleagues Veliswa and Tiffany, and sessions on everything from GitOps to cloud-native engineering, and […]

This post is part 3 of the three-part series ‘Enabling high availability of Amazon EC2 instances on AWS Outposts servers’. We provide you with code samples and considerations for implementing custom logic to automate Amazon Elastic Compute Cloud (EC2) relaunch on Outposts servers. This post focuses on guidance for using Outposts servers with third party storage for boot […]

AWS launches OpenClaw on Amazon Lightsail to run OpenClaw instance, pairing your browser, enabling AI capabilities, and optionally connecting messaging channels. Your Lightsail OpenClaw instance is pre-configured with Amazon Bedrock for starting with your AI assistant immediately — no additional configuration required.

In alignment with our V4.0 GA announcement and SDKs and Tools Maintenance Policy, version 3 of the AWS SDK for .NET will enter maintenance mode on March 1, 2026, and reach end-of-support on June 1, 2026. Starting March 1, 2026 we will stop adding regular updates to V3 and will only provide security updates until end-of-support begins.

In this post, we discuss how following the AWS Cloud Adoption Framework (AWS CAF) and AWS Well-Architected Framework can help reduce these risks through proper implementation of AWS guidance and best practices while taking into consideration the practical challenges organizations face in implementing these best practices, including resource constraints, evaluating trade-offs and competing business priorities.

In this post, you'll learn how to add the Apache 5 HTTP client to your project, configure it for your needs, and migrate from the 4.5.x version.

Amazon Web Services (AWS) is announcing two new features for the AWS Command Line Interface (AWS CLI) v2: structured error output and the “off” output format.

Santander faced a significant technical challenge in managing an infrastructure that processes billions of daily transactions across more than 200 critical systems. The solution emerged through an innovative platform engineering initiative called Catalyst, which transformed the bank's cloud infrastructure and development management. This post analyzes the main cases, benefits, and results obtained with this initiative.

This post describes why ProGlove chose a account-per-tenant approach for our serverless SaaS architecture and how it changes the operational model. It covers the challenges you need to anticipate around automation, observability and cost. We will also discuss how the approach can affect other operational models in different environments like an enterprise context.

Customers use AWS Lambda to build Serverless applications for a wide variety of use cases, from simple API backends to complex data processing pipelines. Lambda's flexibility makes it an excellent choice for many workloads, and with support for up to 10,240 MB of memory, you can now tackle compute-intensive tasks that were previously challenging in a Serverless environment. When you configure a Lambda function's memory size, you allocate RAM and Lambda automatically provides proportional CPU power. When you configure 10,240 MB, your Lambda function has access to up to 6 vCPUs.

This blog post shows you how to extend LZA with continuous integration and continuous deployment (CI/CD) pipelines that maintain your governance controls and accelerate workload deployments, offering rapid deployment of both Terraform and AWS CloudFormation across multiple accounts. You'll build automated infrastructure deployment workflows that run in parallel with LZA's baseline orchestration to help maintain your enterprise governance and compliance control requirements. You will implement built-in validation, security scanning, and cross-account deployment capabilities to help address Public Sector use cases that demand strict compliance and security requirements.

This post is co-written with Neel Patel, Abdullahi Olaoye, Kristopher Kersten, Aniket Deshpande from NVIDIA. Today, we’re excited to announce that the NVIDIA Evo-2 NVIDIA NIM microservice are now listed in Amazon SageMaker JumpStart. You can use this launch to deploy accelerated and specialized NIM microservices to build, experiment, and responsibly scale your drug discovery […]

Deploying applications to AWS typically involves researching service options, estimating costs, and writing infrastructure-as-code tasks that can slow down development workflows. Agent plugins extend coding agents with specialized skills, enabling them to handle these AWS-specific tasks directly within your development environment. Today, we’re announcing Agent Plugins for AWS (Agent Plugins), an open source repository of […]

We are excited to offer a preview of AWS Tools Installer V2 which addresses customer feedback for faster and more reliable bulk installation of AWS Tools for PowerShell modules.

The new multipart download support in AWS SDK for .NET Transfer Manager improves the performance of downloading large objects from Amazon Simple Storage Service (Amazon S3). Customers are looking for better performance and parallelization of their downloads, especially when working with large files or datasets. The AWS SDK for .NET Transfer Manager (version 4 only) […]

Business applications often coordinate multiple steps that need to run reliably or wait for extended periods, such as customer onboarding, payment processing, or orchestrating large language model inference. These critical processes require completion despite temporary disruptions or system failures. Developers currently spend significant time implementing mechanisms to track progress, handle failures, and manage resources when […]

In this post, we explore how the Amazon Key team used Amazon EventBridge to modernize their architecture, transforming a tightly coupled monolithic system into a resilient, event-driven solution. We explore the technical challenges we faced, our implementation approach, and the architectural patterns that helped us achieve improved reliability and scalability. The post covers our solutions for managing event schemas at scale, handling multiple service integrations efficiently, and building an extensible architecture that accommodates future growth.

This post explores the architectural patterns, challenges, and best practices for building cross-partition failover, covering network connectivity, authentication, and governance. By understanding these constraints, you can design resilient cloud-native applications that balance regulatory compliance with operational continuity.

Stay current with the latest serverless innovations that can transform your applications. In this 31st quarterly recap, discover the most impactful AWS serverless launches, features, and resources from Q4 2025 that you might have missed.

To support cloud applications that increasingly depend on rich contextual data, AWS is raising the maximum payload size from 256 KB to 1 MB for asynchronous AWS Lambda function invocations, Amazon Amazon SQS, and Amazon EventBridge. Developers can use this enhancement to build and maintain context-rich event-driven systems and reduce the need for complex workarounds such as data chunking or external large object storage.

In this post, we explore how Artera used Amazon Web Services (AWS) to develop and scale their AI-powered prostate cancer test, accelerating time to results and enabling personalized treatment recommendations for patients.

AWS now supports multiple local gateway (LGW) routing domains on AWS Outposts racks to simplify network segmentation. Network segmentation is the practice of splitting a computer network into isolated subnetworks, or network segments. This reduces the attack surface so that if a host on one network segment is compromised, the hosts on the other network segments are not affected. Many customers in regulated industries such as manufacturing, health care and life sciences, banking, and others implement network segmentation as part of their on-premises network security standards to reduce the impact of a breach and help address compliance requirements.

Amazon Elastic Kubernetes Service (Amazon EKS) on AWS Outposts brings the power of managed Kubernetes to your on-premises infrastructure. Use Amazon EKS on Outposts rack to create hybrid cloud deployments that maintain consistent AWS experiences across environments. As organizations increasingly adopt edge computing and hybrid architectures, storage optimization and performance tuning become critical for successful workload deployment.

This blog post examines how Salesforce, operating one of the world's largest Kubernetes deployments, successfully migrated from Cluster Autoscaler to Karpenter across their fleet of 1,000 plus Amazon Elastic Kubernetes Service (Amazon EKS) clusters.

Amazon Web Services (AWS) Lambda now supports .NET 10 as both a managed runtime and base container image. .NET is a popular language for building serverless applications. Developers can now use the new features and enhancements in .NET when creating serverless applications on Lambda. This includes support for file-based apps to streamline your projects by implementing functions using just a single file.

In healthcare, generative AI is transforming how medical professionals analyze data, summarize clinical notes, and generate insights to improve patient outcomes. From automating medical documentation to assisting in diagnostic reasoning, large language models (LLMs) have the potential to augment clinical workflows and accelerate research. However, these innovations also introduce significant privacy, security, and intellectual property challenges.

In this post, we walk through building a generative AI–powered troubleshooting assistant for Kubernetes. The goal is to give engineers a faster, self-service way to diagnose and resolve cluster issues, cut down Mean Time to Recovery (MTTR), and reduce the cycles experts spend finding the root cause of issues in complex distributed systems.

BASF Agricultural Solutions combines innovative products and digital tools with practical farmer knowledge. This post explores how Amazon Managed Blockchain can drive a positive change in the agricultural industry by tokenizing food and cotton value chains for traceability, climate action, and circularity.

This post is about AWS SDK for JavaScript v3 announcing end of support for Node.js versions based on Node.js release schedule, and it is not about AWS Lambda. For the latter, refer to the Lambda runtime deprecation policy. In the second week of January 2026, the AWS SDK for JavaScript v3 (JS SDK) will start […]

Organizations often have large volumes of documents containing valuable information that remains locked away and unsearchable. This solution addresses the need for a scalable, automated text extraction and knowledge base pipeline that transforms static document collections into intelligent, searchable repositories for generative AI applications.

You can now develop AWS Lambda functions using Node.js 24, either as a managed runtime or using the container base image. Node.js 24 is in active LTS status and ready for production use. It is expected to be supported with security patches and bugfixes until April 2028. The Lambda runtime for Node.js 24 includes a new implementation of the […]

e are pleased to announce the Developer Preview release of the Amazon S3 Transfer Manager for Swift —a high-level file and directory transfer utility for Amazon Simple Storage Service (Amazon S3) built with the AWS SDK for Swift.

Version 2.0 of the AWS Deploy Tool for .NET is now available. This new major version introduces several foundational upgrades to improve the deployment experience for .NET applications on AWS. The tool comes with new minimum runtime requirements. We have upgraded it to require .NET 8 because the predecessor, .NET 6, is now out of […]

The AWS SDK for Java 1.x (v1) entered maintenance mode on July 31, 2024, and will reach end-of-support on December 31, 2025. We recommend that you migrate to the AWS SDK for Java 2.x (v2) to access new features, enhanced performance, and continued support from AWS. To help you migrate efficiently, we’ve created a migration […]

The AWS SDK for Java 2.x introduces the Apache 5 SDK HTTP client which is built on Apache HttpClient 5.5.x. This new SDK HTTP client is available alongside our existing SDK HTTP clients: Apache HttpClient 4.5.x, Netty, URL Connection, and AWS CRT HttpClient. To differentiate the use of Apache HttpClient 4.5.x and Apache HttpClient 5.5.x, […]

Today, we are excited to announce the general availability of the AWS .NET Distributed Cache Provider for Amazon DynamoDB. This is a seamless, serverless caching solution that enables .NET developers to efficiently manage their caching needs across distributed systems. Consistent caching is a difficult problem in distributed architectures, where maintaining data integrity and performance across […]