AWS News Weekly

Flo Motlik - theserverlessway.com

Weekly Summaries of all AWS News and Releases

  1. 6d ago

    AWS News Jun 15 - Jun 21

    This week: AWS launches Continuum for autonomous security vulnerability management, Bedrock AgentCore reaches GA with built-in guardrails and optimization tools, and S3 Vectors slashes query costs by up to 80%. Plus WAF introduces AI bot monetization, CloudWatch adds cross-account metrics replication, and new Graviton 5-powered M9g database instances deliver 30% better performance. Compute EC2 G7: GA, NVIDIA RTX PRO 6000 Blackwell, 4.6x better AI inference vs G6 RDS: M9g instances (Graviton 5), 30% better perf, up to 192 vCPU RDS X2m: Memory-optimized SQL Server, 50%+ licensing savings, 4TB RAM Outposts: bmn-cx3a bare-metal, AMD EPYC + 800Gbps networking ECS: Auto scaling 4x faster with 20-second metric resolution Storage & Data S3 Vectors: 80% lower query costs for 10M+ vectors, 10K results/query (100x increase) S3 Annotations: Up to 1GB JSON/XML/YAML metadata per object RDS SQL Server: GP3 volumes to 64TiB, 80K IOPS, 2000MB/s (4-5x increase) AI/ML Bedrock AgentCore: GA - harness, memory, web search, guardrails integration Bedrock Managed Knowledge Base: GA, 6 connectors, hybrid search Bedrock Guardrails: InvokeGuardrailChecks API, Automated Reasoning in Sydney Glue Catalog: AI-enriched tables with glossary terms, semantic search API Security AWS Continuum: Security Agent with simulated exploit validation Security Agent: AI threat modeling (STRIDE), IDE integration WAF: Traffic monetization for AI bots via x402 protocol Route 53: Palo Alto DNS Security integration (preview) Console Sign-in: Resource-based policies for network restrictions Observability CloudWatch: Cross-account metric replication, OpenTelemetry support, Query Studio GA CloudWatch Log Analytics: Unified Insights/Live Tail/Contributor console CloudWatch Synthetics: Multi-region canaries from single config Developer Tools Blocks: Open-source TypeScript framework, local-to-prod with zero changes DevOps Agent: Custom SRE agents, headless mode, release management (preview) Transform: Continuous modernization, mainframe workflows, Bedrock migration assessment Database Aurora/RDS MySQL: Extended support through June 2029 Oracle DB@AWS: Autonomous AI Database Serverless on Exadata AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    32 min
  2. Jun 15

    AWS News Jun 08 - Jun 14

    This week: New Graviton5-powered M9g instances deliver 25% better compute with mathematically proven workload isolation, Claude Fable 5 brings autonomous AI agents to Bedrock, and Amazon Q now explains your cost anomalies and spending patterns in plain language. Plus Lambda Managed Instances hit most regions, CloudWatch Logs gets 23 new query commands, and VPC Flow Logs now captures resource tags directly. Analytics & Data Redshift: Snapshot billing now based on unique blocks, not total size Aurora DSequel: JSONB support with default compression DocumentDB 5.0.1: New aggregation operators, command-level CloudWatch metrics Aurora PostgreSQL 18.3: B-tree skip scans, parallel large transaction replication OpenSearch: MCP Apps for AI agents to query logs/traces/metrics Compute EC2 M9g/M9gd: Graviton5, 25% better performance, first Nitro Isolation Engine EC2 M8i/R8i: Bare metal sizes with 600Gbps network, 300Gbps EBS Lambda Managed Instances: EC2 pricing models for steady-state workloads ECS Managed Daemons: Inter-task visibility via pid/ipc mode settings AI/ML Bedrock: Claude Fable 5 (Mythos-class), Gemma 4 family (3 variants, 256K context) SageMaker: Serverless fine-tuning for Nemotron 3 Nano (30B params) EMR Serverless: Spark Connect interactive sessions QuickSight: Snowflake Cortex AI integration via MCP Cost & Observtic Cost Anomaly Detection: Amazon Q explains spending with CloudTrail correlation Cost Explorer: Q Developer integration for one-click spend analysis Compute Optimizer: Idle detection for 6 more services (DynamoDB, ElastiCache, etc.) Savings Plans Analyzer: Set coverage targets, compare scenarios CUR 2.0: Update table configs without recreating exports Observability CloudWatch Logs Insights: 23 new commands (hash, CSV/XML parsing, histograms) VPC Flow Logs: EC2 tags and next-hop metadata captured directly Application Signals: Health-ranked service maps, infra/logs/traces tabs Prometheus: Native histograms, out-of-order sample ingestion Migration & Management Application Migration Service: Renamed to Transform MGN Lake Formation: S3 file access using table permissions Workload Credentials Provider: Open source cert/secrets automation MWAA Serverless: EventBridge events for workflow state changes AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    14 min
  3. Jun 8

    AWS News Jun 01 - Jun 07

    This week: OpenAI's GPT 5.5 and Codex land on Amazon Bedrock with full pricing parity, Cognito adds multi-region replication for resilient authentication, and ECS on Fargate scales up to 32 vCPUs for demanding workloads. Plus Bedrock AgentCore gets interactive terminal access for debugging AI agents, and the AWS MCP Server now supports multi-account workflows in a single session. Email & Messaging SES: Per-tenant suppression lists for bounce/complaint isolation AI/ML - Bedrock Bedrock: OpenAI GPT-5.5, GPT-5.4, Codex now GA Bedrock: CloudWatch metrics for OpenAI/Anthropic endpoints Bedrock: GPT-5.4 in GovCloud US West Bedrock AgentCore: BYOS from Secrets Manager with custom KMS/rotation Bedrock AgentCore: Interactive terminal access to agent sessions Bedrock Console: Redesigned with unified catalog, project-aware docs AI/ML - SageMaker HyperPod: EFA-only interfaces (no IP consumption for large clusters) HyperPod: AI coding assistant troubleshooting (Claude Code, Cursor, Kiro) Unified Studio: Custom IAM permissions boundaries for SCP compliance Unified Studio: 12 languages, quick setup under 20 seconds Unified Studio: Schedule notebook runs with AI troubleshooting Data Agent: Conversation history, Catalog business context integration SageMaker AI: Multi-turn RL for agentic fine-tuning (serverless) Compute & Containers ECS: Trainium/Inferentia support for Managed Instances ECS Fargate: 32 vCPU tasks with up to 244GB memory EKS: Kubernetes 1.36 (User Namespaces GA, in-place vertical scaling) EKS: CloudWatch Vended Logs for managed controllers PCS: Deep Learning AMI on Ubuntu 24.04 with NVIDIA/EFA/Lustre Networking & Storage Direct Connect: Per-VIF bandwidth limits (50Mbps-1.6Tbps) ElastiCache Valkey: Sync/async durability for data persistence Database RDS SQL Server: Bring Your Own Media for license mobility RDS DB2: Version 12.1 with free Community Edition Keyspaces: CDC iterator position for adaptive polling Analytics & BI QuickSight: Private VPC-hosted MCP server connections Q Research: Customer-managed KMS encryption CUR 2.0: Direct Athena/Redshift integration, no ETL AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    20 min
  4. Jun 1

    AWS News May 25 - May 31

    This week: Major GPU upgrades hit SageMaker with P6 Blackwell and P5e H200 instances for AI training, OpenSearch Serverless scales 20x faster with scale-to-zero pricing for agentic workloads, and Claude Opus 4 arrives on Bedrock for complex autonomous coding tasks. Plus Shield Advanced adds packet-level DDoS forensics and SES now shows inbox placement metrics. Security & Compliance GuardDuty: Malware scan for S3 continuous backups, verify clean recovery points Shield Advanced: Packet-level DDoS forensics (IPs, ports, protocols) to S3/CloudWatch Backup: OTP verification required for multi-party approval on air-gapped vaults Organizations: CloudTrail events for account join/leave with change method details DynamoDB Streams: PrivateLink FIPS endpoints in GovCloud AI/ML Bedrock: Claude Opus 4.8 for agentic coding, longer autonomous runs Neuron 2.30: NKI 0.4 with Trainium 3, 22 new kernels, agentic model porting SageMaker notebooks: P6 B200 (8x Blackwell GPUs), P5en, P5, P4de instances Elemental Inference: Smart Subtitles - AI real-time captions, multi-language Database & Analytics RDS Multi-AZ: ENA Express replication, 25Gbps single-flow, lower latency Aurora MySQL: Kiro integration for natural language DB operations EMR: Spark 4.0.2, VARIANT types, Iceberg v3 lineage, Lake Formation RBAC Redshift Serverless: 4 RPU minimum ($1.50/hr) in more regions Networking & Infrastructure Interconnect multicloud: Free 500Mbps tier (160TB/month) IPAM: Tags on pool allocations for IAM/SCP governance IoT Core: Direct messaging API with delivery acknowledgements OpenSearch & Search OpenSearch Serverless: 20x faster scaling, scale-to-zero, 60% cost savings Contact Center Connect Profiles: AI post-contact summaries in 8 language families Connect Profiles: GenAI self-service evaluation with custom criteria Connect: Task scheduling up to 90 days, tag-based agent report access Operations Resilience Hub: 3-level app model, AI failure assessment, Organizations integration SES: Inbox placement metrics, blocklist monitoring, pre-send testing Cost Management: Budgets widgets in dashboards AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    15 min
  5. May 25

    AWS News May 18 - May 24

    This week: Aurora MySQL 8.4 reaches GA with stronger security defaults, ECS deployments gain pause-and-continue controls for approval workflows, and Security Hub now detects unused IAM access across your organization. Plus DocumentDB Serverless gets major performance boosts, SAM CLI supports CloudFormation Language Extensions, and a new Istanbul Local Zone brings single-digit millisecond latency to Türkiye. Secrets & Identity Secrets Manager Agent: Pre-fetching for batch caching, IAM role assumption for cross-account Secrets Manager: Managed rotation for Datadog API keys and Snowflake tokens Security Hub: Detects unused IAM access across org, generates least-privilege policies Compute & Containers ECS: Pause/continue deployment controls with 14-day timeouts, approval workflows ECS + EBS: Now available in GovCloud regions Elastic VMware Service: 32 ESXi hosts per environment (2x increase) Lightsail CDN: IPv6-only instance origins supported Data & Analytics Redshift: Direct writes to Iceberg tables, ALTER TABLE for partitioning DocumentDB Serverless: v8.0 with 7x query latency, 30x faster vector index builds Aurora MySQL 8.4: GA with TLS 1.2/1.3 enforced, automated upgrade prechecks CloudWatch Logs Insights: 13 new commands (base64 decode, logfmt parse, geo distance) Keyspaces: Expanded to new Asia Pacific regions ML & AI SageMaker Studio: GPU reservation via Flexible Training Plans, up to 65% savings SageMaker HyperPod: Inference payload capture to S3 for training/evaluation SageMaker endpoints: OpenAI-compatible APIs (works with LangChain, Strands) SageMaker Unified Studio: Glue Data Quality rules, auto connector provisioning, business metadata Bedrock: Custom tagging for inference calls (team, project, environment) Infrastructure & Networking Local Zones: Istanbul launch (C7i, M7i, R7i, S3, EKS, ALB) Local Zones: Now in console region selector Managed Grafana: Dual-stack IPv4/IPv6 connectivity Transfer Family: Federated permissions with Identity Center multi-region Developer Tools SAM CLI: CloudFormation Language Extensions support (Fn::ForEach) ExtendDB: Open source DynamoDB adapter with PostgreSQL backend AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    14 min
  6. May 18

    AWS News May 11 - May 17

    This week: AWS Transform adds containerized migration and an agentic AI assistant for .NET developers, Claude Platform launches as GA making AWS the first cloud to offer Anthropic's native experience, and EC2 M3 Ultra Mac instances bring Mac Studio hardware to the cloud. Plus CloudFormation's new cross-account output references, major SageMaker GPU instance expansions, and Organizations doubles SCP limits. Migration & Modernization Transform: Containerizes apps, generates Dockerfiles, Terraform, Helm charts Transform: Agentic AI assistant for .NET modernization in VS Toolkit Transform: Agent builder toolkit for custom modernization agents Transform: BYOB S3 storage with KMS encryption AI/ML Claude Platform: GA on AWS - first cloud with native Anthropic experience via IAM SageMaker: P6b200 instances (8 Blackwell GPUs, 1400GB HBM), 2x perf vs P5en SageMaker: Serverless fine-tuning for Qwen 3.6 (27B params) SageMaker Data Agent: IAM Identity Center support, generates Python/SQL from English SageMaker Feature Store: Python SDK v3 with Lake Formation access controls Bedrock: Advanced Prompt Optimization - compare across 5 models, multimodal support Security Agent: Full repo code review, reasons about architecture and trust boundaries Compute & Networking EC2 M3 Ultra Mac: GA - M3 Ultra chip, 28-core CPU, 256GB unified memory ENA Express: 25Gbps cross-AZ (was 5Gbps) Karpenter: ARC zonal shift integration for EKS Redshift RG: Graviton-powered, 2.4x faster, 30% lower cost, built-in data lake engine Database & Storage Aurora D-sequel: CDC preview - streams changes to Kinesis RDS Oracle: M8i/R8i with Standard Edition License Included FSx OpenZFS: Multi-AZ in shared VPCs for participant accounts Serverless & Events Lambda: Scheduled scaling via EventBridge Scheduler EventBridge Scheduler: 13 new services, 600+ API actions, 270+ total ARC Region Switch: Automates Lambda event source failover Networking & Security CloudFront: Premium tiers now self-service (500M-6B requests) CloudFront: OCSP revocation checking and mTLS passthrough mode WAF: Dynamic label interpolation, synthetic labels for IP/JA3/JA4 Organizations: 2x SCP limits (10 per node, 10K chars) CloudFormation: Fn::GetStackOutput for cross-account/region refs AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    19 min
  7. May 11

    AWS News May 04 - May 10

    This week: ElastiCache adds built-in full-text and vector search with Valkey 9, SageMaker AI introduces agentic model customization that cuts deployment from months to days, and Bedrock AgentCore launches payment capabilities for autonomous AI agents. Plus major IAM quota increases, new M8 and R8 EC2 instances, and the AWS MCP Server goes GA. Compute EC2 I8ge: 60% better compute, 55% better storage/TB, 120TB NVMe, 60% lower IO latency EC2 R8idn/R8idb: 43% better compute/vCPU, 600Gbps network, 300Gbps EBS EC2 M8idn/M8idb: 43% better compute/vCPU, 600Gbps network, 300Gbps EBS RDS SQL Server: M8i/R8i (15% better price-perf), M8a/R8a (70% higher throughput) AI/ML SageMaker AI: Agentic model customization - months to days with coding agents Agent Toolkit: 40+ skills, managed MCP server with IAM guardrails (GA) AWS MCP Server: GA - any AWS API, sandboxed Python, IAM/CloudTrail integration Bedrock AgentCore: Autonomous payments (preview), file system mounts, memory metadata filtering Analytics QuickSight: S3 table buckets direct connect, Dataset Q&A text-to-SQL, NL dashboard generation ElastiCache Valkey 9: Full-text/vector hybrid search, 40% higher throughput Entity Resolution: Incremental ML matching - 95% faster (1M records/hour vs 2 days) OpenSearch: VPC egress for private connections, unused index insights Storage & Database Aurora D-sequel: PostgreSQL JSON type with compression RDS SQL Server: Readable replicas on multi-volume instances (256TiB) Networking VPC Lattice: Private domain-name targets via in-VPC DNS resolution Site-to-Site VPN: In-place bandwidth tier changes Route 53 Resolver: IPv6 DNS64 synthesis, dynamic region management Security & Identity IAM: Doubled quotas - 10K roles/policies/profiles, 700 OIDC providers Payment Cryptography: Cross-account key sharing JDBC Wrapper: Column-level KMS encryption plugin Operations EventBridge: PutEvents now in CloudTrail CloudWatch: Tag-based log group queries, mobile alarm investigation with AI Backup for EKS: 10x faster cluster backups Developer Tools SAM: WebSocket API support, BuildKit for container builds Neptune: One-click CloudShell connect AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    27 min
  8. Apr 27

    AWS News Apr 20 - Apr 26

    This week: Lambda Durable Execution SDK brings year-long workflow checkpointing to Java developers, S3 adds ten checksum algorithms for data integrity, and CloudWatch Logs Insights now supports JOIN queries across log groups. Plus MSK Replicator gains external cluster migration, Aurora Serverless v4 delivers 30% better performance, and Bedrock AgentCore lets you prototype agents without orchestration code. Identity & Directory Managed Microsoft AD: Auto-upgraded to Windows 2016, adds LAPS support Managed Microsoft AD: Kerberos encryption audit logs to CloudWatch Migration & Landing Zone Transform: Automates Control Tower/Organizations/IAM setup, exports as CFN/CDK/LZA Contact Center Connect: Pass customer context into calls for instant recognition Connect Outbound: Hourly segment refresh, priority dialing by 10 attributes Connect: Agentic voice AI expands to 10 locales Connect: 8 new AI agent metrics (goal success, faithfulness, tool accuracy) Storage S3 Express One Zone: S3 Inventory support for directory buckets S3: 10 checksum algorithms added, auto-validates on upload Streaming & Kafka MSK Replicator: Enhanced logs, bidirectional sync, external Kafka→Express Observability CloudWatch Logs Insights: JOIN and sub-query across log groups CloudWatch Pipelines: Natural language log processor config Containers & Kubernetes EKS: 7 new IAM condition keys (private endpoints, KMS, version, deletion) EKS Hybrid Nodes: Gateway automates VPC-to-pod networking Database DocumentDB: In-place upgrade v5→v8, 7x faster queries, 5x compression Aurora Serverless: 30% faster, smarter scaling, scales to zero Compute & Lambda Lambda Durable Execution SDK: GA - checkpointing, pause up to 1 year Lambda: Mount S3 buckets as file systems via S3 Files EC2: Hide managed service resources from console/API IoT & Edge IoT Greengrass 2.17: Non-root Linux, nucleus lite (36→4MB), TPM 2.0 VMware & Windows Elastic VMware Service: Includes Windows Server licensing Backup & Governance Backup Policies: Direct targeting for Redshift Serverless, Aurora DSQL Location & Address Location Service: Bulk address validation (US/CA/AU/UK) with geocoding AWS News Feed: Whats new at AWS For help with your AWS Infrastructure check out flomotlik.me or email flo@flomotlik.me For detailed show notes check out awsnewsweekly.com

    25 min

About

Weekly Summaries of all AWS News and Releases