2025 - Week 17 (21 Apr - 27 Apr)

Amazon Bedrock Data Automation now supports modality controls, hyperlinks and larger documents

Published Date: 2025-04-25 18:20:00

Amazon Bedrock Data Automation (BDA) now supports modality enablement, modality routing by file type, extraction of embedded hyperlinks when processing documents in Standard Output, and an increased overall document page limit of 3,000 pages. These new features give you more control over how your multimodal content is processed and improve BDA’s overall document extraction capabilities. With Modality Enablement and Routing, you can configure which modalities (Document, Image, Audio, Video) should be enabled for a given project and manually specify the modality routing for specific file types. JPEG/JPG and PNG files can be processed as either Images or Documents based on your specific use case requirements. Similarly, MP4/M4V and MOV files can be processed as either video files or audio files, allowing you to choose the optimal processing path for your content. Embedded Hyperlink Support enables BDA to detect and return embedded hyperlinks found in PDFs as part of the BDA standard output. This feature enhances the information extraction capabilities from documents, preserving valuable link references for applications such as knowledge bases, research tools, and content indexing systems. Lastly, BDA now supports processing documents up to 3,000 pages per document, doubling the previous limit of 1,500 pages. This increased limit allows you to process larger documents without splitting them, simplifying workflows for enterprises dealing with long documents or document packets. Amazon Bedrock Data Automation is generally available in the US West (Oregon) and US East (N. Virginia) AWS Regions. To learn more, visit the Bedrock Data Automation page or view documentation.

Amazon EventBridge cross-account event delivery now in the AWS GovCloud (US) Regions

Published Date: 2025-04-25 18:00:00

Starting today, in the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions, you can now deliver events from an Amazon EventBridge Event Bus directly to AWS services in another account. Using multiple accounts can improve security and streamline business processes while reducing the overall cost and complexity of your architecture. Amazon EventBridge Event Bus is a serverless event broker that enables you to create scalable event-driven applications by routing events between your own applications, third-party SaaS applications, and other AWS services. This launch allows you to directly target services in another account, without the need for additional infrastructure such as an intermediary EventBridge Event Bus or Lambda function, simplifying your architecture and reducing cost. For example, you can now route events from your EventBridge Event Bus directly to a different team's SQS queue in a different account. The team receiving events does not need to learn about or maintain EventBridge resources and simply needs to grant IAM permissions to provide access to the queue. Events can be delivered cross-account to EventBridge targets that support resource-based IAM policies such as Amazon SQS, AWS Lambda, Amazon Kinesis Data Streams, Amazon SNS, and Amazon API Gateway. In addition to the AWS GovCloud (US) Regions, direct delivery to cross-account targets is available in all commercial AWS Regions. To learn more, please read our blog post or visit our documentation. Pricing information is available on the EventBridge pricing page.  

AWS Resource Groups now supports 160 more resource types

Published Date: 2025-04-25 17:00:00

Today, AWS Resource Groups is adding support for an additional 160 resource types for tag-based Resource Groups. Customers can now use Resource Groups to group and manage resources from services such as AWS Code Catalyst and AWS Chatbot. AWS Resource Groups enables you to model, manage and automate tasks on large numbers of AWS resources by using tags to logically group your resources. You can create logical collections of resources such as applications, projects, and cost centers, and manage them on dimensions such as cost, performance, and compliance in AWS services such as myApplications, AWS Systems Manager and Amazon CloudWatch. Resource Groups expanded resource type coverage is available in all AWS Regions, including the AWS GovCloud (US) Regions. You can access AWS Resource Groups through the AWS Management Console, the AWS SDK APIs, and the AWS CLI. For more information about grouping resources, see the AWS Resource Groups user guide and the list of supported resource types. To get started, visit AWS Resource Groups console.

Amazon Q Developer operational investigations (preview) now available in additional regions

Published Date: 2025-04-25 17:00:00

Starting today, Amazon Q Developer operational investigations is available in preview in 11 additional regions. With this launch, Amazon Q Developer operational investigations is now available in US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Ireland), Europe (Frankfurt), Europe (Stockholm), Europe (Spain), Asia Pacific (Tokyo), Asia Pacific (Hong Kong), Asia Pacific (Sydney), Asia Pacific (Singapore), and Asia Pacific (Mumbai). Amazon Q Developer helps you accelerate operational investigations across your AWS environment in just a fraction of the time. With a deep understanding of your AWS cloud environment and resources, Amazon Q Developer looks for anomalies in your environment, surfaces related signals for you to explore, identifies potential root-cause hypotheses, and suggests next steps to help you remediate issues faster. The new operational investigation capability within Amazon Q Developer is available at no additional cost during preview. To learn more, see getting started and best practices documentation.  

AWS Resource Explorer now supports AWS PrivateLink

Published Date: 2025-04-25 17:00:00

AWS Resource Explorer now supports AWS PrivateLink in all commercial AWS Regions, allowing you to search for and discover your AWS resources within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With AWS Resource Explorer you can search for and discover your AWS resources across AWS Regions and accounts in your organization, either using the AWS Resource Explorer console, the AWS Command Line Interface (AWS CLI), the AWS SDKs, or the unified search bar from wherever you are in the AWS Management Console. For more information about the AWS Regions where AWS Resource Explorer is available, see the AWS Region table. To turn on AWS Resource Explorer, visit the AWS Resource Explorer console. Read about getting started in our AWS Resource Explorer documentation, or explore the AWS Resource Explorer product page.  

Amazon Connect agent workspace expands capabilities for third-party applications, including contact-related actions

Published Date: 2025-04-24 21:40:00

The Amazon Connect agent workspace now supports additional capabilities for third-party applications including the ability make outbound calls, accept, transfer, and clear contacts, and update agent status. These enhancements allow you to integrate applications that give agents more intuitive workflows. For example, agents can now initiate one-click outbound calls from a custom-built call history interface that presents their most recent customer interactions. Third-party applications are available in the following AWS Regions: US East (N. Virginia), US-West (Oregon), Africa (Cape Town), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), and Europe (London). To learn more and get started, see our admin guide and developer guide.  

AWS AppSync Events now supports data source integrations for channel namespaces

Published Date: 2025-04-24 21:10:00

Starting today, AWS AppSync Events, a fully managed service for serverless WebSocket APIs with full connection management, now supports data source integrations for channel namespaces. This new feature enables developers to associate AWS Lambda functions, Amazon DynamoDB tables, Amazon Aurora databases, and other data sources with channel namespace handlers to process published events and subscription requests. Developers can now connect directly to Lambda functions without writing code and leverage both request/response and event modes for synchronous and asynchronous operations. With these new capabilities, developers can create sophisticated event processing workflows by transforming and filtering published events using Lambda functions, or save batches of events to DynamoDB using the new AppSyncJS batch utilities for DynamoDB. This integration enables complex interactive flows, making it easier for developers to build rich, real-time applications with features like data validation, event transformation, and persistent storage of events. By simplifying the architecture of real-time applications, this enhancement significantly reduces development time and operational overhead for front-end web and mobile development. This feature is now available in all AWS Regions where AWS AppSync is offered, providing developers worldwide with access to these powerful new integration capabilities. Powertools for AWS Lambda new AppSync Events integration are also now available to easily write your Lambda functions. To learn more about AWS AppSync Events and channel namespace integrations, visit the launch blog post, the AWS AppSync documentation, and the Powertools for Lambda documentation (TypeScript, Python, .NET). You can get started with these new features through the AWS AppSync console.

Amazon SageMaker Lakehouse now supports attribute based access control

Published Date: 2025-04-24 17:00:00

Amazon SageMaker Lakehouse now supports attribute-based access control (ABAC), using AWS Identity and Access Management (IAM) principal and session tags to simplify data access, grant creation, and maintenance. With ABAC, you can manage permissions using dynamic business attributes associated with user identities. Previously, SageMaker Lakehouse granted access to lakehouse databases and tables by directly assigning permissions to specific principals such as IAM users and IAM roles, a process that could quickly become unwieldy as the number of users grew. ABAC now allows administrators to grant permissions on a resource with conditions that specify user attribute keys and values. This means that any IAM principal or IAM role with matching principal or session tag keys and values will automatically have access to the resource making the experience more efficient. You can use ABAC though the AWS Lake Formation console to provide access to IAM users and IAM roles for both in-account and cross-account scenarios. For instance, rather than creating individual policies for each developer, administrators can now simply assign them an IAM tag with a key such as “team” and value "developers" and provide access to all developers with a single permission grant. As new developers join with the matching tag and value, no additional policy modifications are required. This feature is available in all AWS Regions where SageMaker Lakehouse is available. To get started, read the launch blog and read ABAC documentation.  

Amazon VPC Reachability Analyzer and Amazon VPC Network Access Analyzer are now available in Europe (Spain) Region

Published Date: 2025-04-24 17:00:00

With this launch, VPC Reachability Analyzer and VPC Network Access Analyzer are now available in Europe (Spain) Region. VPC Reachability Analyzer allows you to diagnose network reachability between a source resource and a destination resource in your virtual private clouds (VPCs) by analyzing your network configurations.For example, Reachability Analyzer can help you identify a missing route table entry in your VPC route table that could be blocking network reachability between an EC2 instance in Account A that is not able to connect to another EC2 instance in Account B in your AWS Organization. VPC Network Access Analyzer allows you to identify unintended network access to your resources on AWS. Using Network Access Analyzer, you can verify whether network access for your VPC resources meets your security and compliance guidelines. For example, you can create a scope to verify that the VPCs used by your Finance team are separate, distinct, and unreachable from the VPCs used by your Development team. For more information on features, visit documentation for VPC Reachability Analyzer and VPC Network Access Analyzer. For pricing details, refer to the Network Analysis tab on the Amazon VPC Pricing Page.  

AWS AppConfig now supports Internet Protocol Version 6 (IPv6)

Published Date: 2025-04-24 17:00:00

AWS AppConfig now supports dual-stack endpoints, facilitating connectivity through Internet Protocol Version 6. The existing AWS AppConfig endpoints supporting IPv4 will remain available for backwards compatibility. The continuous growth of the internet has created an urgent need for IPv6 adoption, as IPv4 address space reaches its limits. Through AWS AppConfig's implementation of dual-stack endpoints, organizations can execute a strategic transition to IPv6 architecture on their own timeline. This approach enables companies to satisfy IPv6 regulatory standards while preserving IPv4 connectivity for systems that have not yet moved to IPv6 capabilities. IPv6 support for AWS AppConfig resources is available in all AWS Regions, including the AWS GovCloud (US) Regions. To get started, use the AWS AppConfig Getting Started Guide, or read more at Understanding IPv6 support for AWS AppConfig.  

Amazon Redshift adds history mode support to 8 third-party SaaS applications

Published Date: 2025-04-23 21:10:00

Amazon Redshift now supports history mode for zero-ETL integrations with eight third-party applications including Salesforce, ServiceNow, and SAP. This addition complements existing history mode support for Amazon Aurora PostgreSQL-compatible and MySQL-compatible, DynamoDB, and RDS for MySQL databases. The expansion enables you to track historical data changes without Extract, Transform, and Load (ETL) processes, simplifying data management across AWS and third-party applications. History Mode for zero-ETL integrations with third-party applications lets customers easily run advanced analytics on historical data from their applications, build comprehensive lookback reports, and perform trend analysis and data auditing across multiple zero-ETL data sources. This feature preserves the complete history of data changes without maintaining duplicate copies across various external data sources, allowing organizations to meet data retention requirements while significantly reducing storage needs and operational costs. Available for both existing and new integrations, history mode offers enhanced flexibility by allowing selective enabling of historical tracking for specific tables within third-party application integrations, giving businesses precise control over their data analysis and storage strategies. To learn more about history mode for zero-ETL integrations in Amazon Redshift and how it can benefit your data analytics workflows, visit the history mode documentation. To learn more about the supported third-party applications, visit the AWS Glue documentation. To get started with zero-ETL integrations, visit the getting started guides for Amazon Redshift.

Prompt Optimization in Amazon Bedrock now generally available

Published Date: 2025-04-23 21:05:00

In November 2024, we launched Prompt Optimization in Amazon Bedrock to accelerate prompt creation and engineering for foundation models (FMs). Today, we're announcing its general availability and pricing. Prompt engineering is the process of designing prompts to guide FMs to generate relevant responses. These prompts must be customized for each FM according to its best practices and guidelines, which is a time-consuming process that delays application development. With Prompt Optimization in Amazon Bedrock, you can now automatically rewrite prompts for better performance and more concise responses on Anthropic, Llama, Nova, DeepSeek, Mistral and Titan models. You can compare optimized prompts against original versions without deployment and save them in Amazon Bedrock Prompt Management for prompt lifecycle management. You can also use Prompt Optimization in Bedrock Playground, or directly via API. Prompt Optimization is now generally available in the following AWS Regions: US East (N. Virginia), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), South America (São Paulo). To get started, see the following resources:

• Blog

• Amazon Bedrock Pricing

• Amazon Bedrock user guide

• Amazon Bedrock API reference

Announcing AWS DMS Serverless automatic storage scaling

Published Date: 2025-04-23 18:00:00

AWS Database Migration Service Serverless (AWS DMS Serverless) now offers storage scaling. With this enhancement you never have to worry about exceeding the DMS Serverless 100GB default replication storage capacity limit when processing very large transaction volumes or using detailed logging. You can now use AWS DMS Serverless for replicating even the highest of transaction volumes since there is no longer any storage capacity limits. AWS DMS Severless will automatically increase the storage for your replications any time the existing capacity reaches it limits. To learn more, see the AWS DMS Serverless storage capacity documentation. For AWS DMS regional availability, please refer to the AWS Region Table.

AWS Account Management now supports IAM-based account name updates

Published Date: 2025-04-23 17:00:00

Today, we are introducing a new account management API that enables customers to update the account name via authorized IAM principals and more efficiently manage account names. This new API is added to the AWS account management APIs that enable AWS Organizations customers to centrally and programmatically manage primary email addresses, primary contact information, alternate contact information, and AWS Regions for their accounts. Using the new API, customers will no longer need root access to manage their account names, and they will be able to use authorized IAM principals within the account. Additionally, customers using AWS Organizations in all-features mode can now update member account names via authorized IAM principals in the management and delegated admin accounts, providing a centralized and secure way to manage account names across their organization at scale. Customers can also use the new API via the AWS Command Line Interface (CLI) and AWS Software Development Kit (SDK) to update account names. The ability to manage account names via authorized IAM principals is available at no additional charge in all commercial AWS Regions and the China Regions. To get started managing your account names via IAM principals, see the documentation.  

Thinkbox Deadline 10.4.1 release

Published Date: 2025-04-23 17:00:00

AWS Thinkbox Deadline 10.4.1 is now generally available with support for managing Deadline Cloud Usage-Based Licensing (UBL) together with your existing floating licenses. This release also brings support for Cinema4D 2025, After Effects 2025, Nuke 16, 3ds Max 2026, and Maya 2026. This release enhances how you can manage license limits when using a combination of floating licenses and Deadline Cloud Usage-Based Licensing (UBL) for third party software. By configuring limits for Deadline Cloud License Endpoints, you can now better control license usage across your render farm, helping teams scale more effectively while maintaining their existing license infrastructure. New updates in third-party integrations include support for Autodesk Maya 2026, Autodesk 3ds Max 2026, Maxon Cinema 4D 2025, Adobe After Effects 2025, and Foundry Nuke 16. These updates ensure compatibility with the latest versions of major content creation tools. To get started, download the latest version of Deadline 10 from here. For details on configuring Deadline Cloud License Endpoints, read our documentation.  

Amazon EC2 I4g instances are now available in AWS Asia Pacific (Sydney) Region

Published Date: 2025-04-23 17:00:00

Starting today, storage optimized Amazon Elastic Compute Cloud (EC2) I4g instances powered by AWS Graviton2 processors and 2nd generation AWS Nitro SSDs are now available in the AWS Asia Pacific (Sydney) Region. I4g instances are optimized for workloads performing a high mix of random read/write operations and requiring very low I/O latency and high compute performance, such as transactional databases (MySQL, and PostgreSQL), real-time databases including in-memory databases, NoSQL databases, time-series databases (Clickhouse, Apache Druid, MongoDB) and real-time analytics such as Apache Spark. Get started with I4g instances by visiting the AWS Management Console, AWS Command Line Interface (CLI), or AWS SDKs. To learn more, visit the I4g instances page.

Customer Carbon Footprint Tool has new features and an updated methodology

Published Date: 2025-04-23 17:00:00

Today, AWS announced three updates to enhance your experience with the Customer Carbon Footprint Tool (CCFT). These updates include easier access to carbon emissions data, visibility into emissions by AWS Region, and an updated, independently-verified methodology (v2.0). You can now export your monthly data through AWS's Billing and Cost Management Data Exports service. This feature delivers carbon emissions estimates for all member accounts linked to their management account when using AWS Organizations. Additionally, you can now see your carbon emissions broken down by AWS Region (e.g., US East (Ohio)), so you can identify the Regions where your usage contributes the most to your carbon footprint to help you re-assess the regional distribution of your workloads. Lastly, the methodology v2.0 addresses the challenge of tracking and apportioning carbon emissions for customers using a wide array of AWS services across multiple regions. This methodology update leverages globally recognized standards to support the CCFT, including the GHG Protocol Corporate Standard, GHG Protocol Product Standard, ISO 14040/44 (LCA), ISO 14067, and ICT Sector Guidance. The CCFT provides an overview of the estimated carbon emissions associated with your usage of AWS products and services. Use easy-to-understand data visualizations to help measure the emissions from your AWS usage. For detailed information on the updates, please refer to the CCFT user guide, and the Data Exports user guide. Current AWS customers can visit the AWS Billing console to start using this tool now.  

Amazon EC2 M8g instances now available in AWS US West (N. California) Region

Published Date: 2025-04-23 17:00:00

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) M8g instances are available in AWS US West (N. California). These instances are powered by AWS Graviton4 processors and deliver up to 30% better performance compared to AWS Graviton3-based instances. Amazon EC2 M8g instances are built for general-purpose workloads, such as application servers, microservices, gaming servers, midsize data stores, and caching fleets. These instances are built on the AWS Nitro System, which offloads CPU virtualization, storage, and networking functions to dedicated hardware and software to enhance the performance and security of your workloads. AWS Graviton4-based Amazon EC2 instances deliver the best performance and energy efficiency for a broad range of workloads running on Amazon EC2. These instances offer larger instance sizes with up to 3x more vCPUs and memory compared to Graviton3-based Amazon M7g instances. AWS Graviton4 processors are up to 40% faster for databases, 30% faster for web applications, and 45% faster for large Java applications than AWS Graviton3 processors. M8g instances are available in 12 different instance sizes, including two bare metal sizes. They offer up to 50 Gbps enhanced networking bandwidth and up to 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS). To learn more, see Amazon EC2 M8g Instances. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS Management Console.

AWS CodeBuild adds support for specifying EC2 instance type and configurable storage size

Published Date: 2025-04-23 17:00:00

AWS CodeBuild now supports selecting an EC2 instance by name when using reserved capacity fleets. This enhancement also allows you to configure the amount of storage attached to each instance. AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces ready-to-deploy software packages. You can select a compute type that is most suitable for your workload. Customize your build environment to match specific resource needs - whether that's more CPU, memory, storage, faster network speed, or GPU support. This allows you to optimize cost and feedback cycle, resulting in improved developer productivity. The feature is now available in US East (N. Virginia), US East (Ohio), US West (Oregon), South America (Sao Paulo), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Mumbai), Europe (Ireland), and Europe (Frankfurt) where reserved capacity fleets are supported. To learn more about the instance types supported by reserved capacity fleets, please visit our documentation. To learn more about how to get started with CodeBuild, visit the AWS CodeBuild product page.  

AWS announces upgrades to Amazon Q Business integrations for M365 Word and Outlook

Published Date: 2025-04-23 17:00:00

Today, AWS announced upgrades to the Amazon Q Business integrations for M365 Word and Outlook to enhance their utility when performing document and email centered tasks. The upgrades include company knowledge access, image file attachment support, and an expanded prompt context window. With company knowledge support, users can now ask questions about their company’s indexed data directly through the Word and Outlook integrations allowing them to instantly find relevant information when drafting their documents and emails without needing to switch context. With image attachment support and an expanded context window, users can incorporate richer context through larger file attachments, images, and more detailed prompts to enhance the helpfulness of responses they receive from Amazon Q. These new features are available on the Amazon Q Business integrations for M365 Word and Outlook in all regions where Amazon Q Business is available. To learn more, visit the Amazon Q Business product page or review the documentation for detailed setup instructions and feature descriptions.  

AWS Backup adds support for search and item-level recovery in 4 additional AWS Regions

Published Date: 2025-04-22 21:40:00

Today, AWS Backup announces support for search and item-level recovery for Amazon EBS Snapshots and Amazon S3 backups in 4 additional Regions. This capability allows you to search the metadata of your backups for specific files or objects across your backups and recover up to 5 items at a time, allowing for faster recovery times. AWS Backup support for search and item-level recovery for Amazon EBS Snapshots and Amazon S3 backups is added in the following Regions: Asia Pacific (Thailand), Mexico (Central), and AWS GovCloud (US-East, US-West). To learn more about AWS Backup support for search and item-level recovery, visit the AWS Backup product page, technical documentation, launch blog, and pricing page. For more information on the AWS Backup features available across AWS Regions, see AWS Backup documentation. To get started, visit the AWS Backup console.

Announcing Serverless Reservations, a new discounted pricing option for Amazon Redshift Serverless

Published Date: 2025-04-22 21:25:00

Amazon Redshift now offers Serverless Reservations for Amazon Redshift Serverless, a new discounted pricing option that helps you save up to 24% and gain greater cost predictability for your analytics workloads. With Serverless Reservations, you can commit to a specific number of Redshift Processing Units (RPUs) for a one-year term, and choose between two payment options: a no-upfront option that provides a 20% discount off on-demand rates, or an all-upfront option that provides a 24% discount. Amazon Redshift Serverless allows you to run and scale analytics without having to provision and manage clusters with a pay-as-you-go pricing model. Now with Serverless Reservations, you can further optimize your compute costs and improve cost predictability of existing and new workloads on Amazon Redshift Serverless. Serverless Reservations are managed at the AWS payer account level and can be shared between multiple AWS accounts, and lets you reduce your compute costs by up to 24% on all Amazon Redshift Serverless workloads in your AWS account. Serverless Reservations are billed hourly and metered per second, offering a consistent billing model (24 hours a day, seven days a week) while maintaining flexibility offered by Amazon Redshift Serverless. Any usage exceeding the specified RPU level is charged at standard on-demand rates. You can purchase Serverless Reservations via the Amazon Redshift console or by invoking the Serverless Reservations API “create-reservation”. Serverless reservations are available in all regions where Amazon Redshift Serverless is currently available. To learn more about the Amazon Redshift Serverless pricing options, please refer to the Serverless feature page, Redshift Pricing Site, or documentation.

AWS Deadline Cloud now provides a macOS installer for submitters

Published Date: 2025-04-22 20:58:00

AWS Deadline Cloud now provides a macOS installer for integrated submitters for Autodesk Maya, Blender, Keyshot, Maxon Cinema 4D, and SideFx Houdini. AWS Deadline Cloud is a fully managed service that simplifies render management for teams creating computer-generated graphics and visual effects, for films, television and broadcasting, web content, and design. The new installer makes it easy to get all your artists, across Linux, Windows, and macOS, submitting to your Deadline Cloud farm from within their favorite digital content creation tools. The Deadline Cloud installer also allows you to script silent installations to simplify workstation setup and maintenance. For more information, please visit the Deadline Cloud product page and our AWS Deadline Cloud documentation.

Amazon EBS now supports additional resource-level permissions for copying EBS snapshots

Published Date: 2025-04-22 19:15:00

Amazon Elastic Block Store (Amazon EBS) now supports additional resource-level permissions for copying EBS snapshots. When moving your data across Regions, accounts, and Availability Zones, you can copy any snapshot accessible to you to another Region or account, including snapshots created by you or shared with you. With this launch, you have more granular controls to set resource-level permissions for the snapshot copy and selection of the source snapshot. This allows you to control the IAM identities that can copy EBS snapshot from source snapshots, and the conditions that they can use these source snapshots for the snapshot copy operation. To meet your specific permission needs on the source snapshots, you can also specify any of 6 EC2-specific condition keys for your CopySnapshot action in your IAM policy: ec2:Encrypted, ec2:VolumeSize, ec2:Owner, ec2:ParentVolume, ec2:SnapshotTime, and ec2:ParentSnapshot. Additionally, you can use global condition keys for the source snapshot. This new resource-level permission model is available in all AWS Regions where EBS snapshots are available. To learn more about using resource-level permissions to copy EBS snapshot, or transitioning to the new resource-level permission model from previous permission model, please visit the launch blog. For more information about Amazon EBS, please visit the product page.

Amazon Bedrock Intelligent Prompt Routing is now generally available

Published Date: 2025-04-22 17:25:00

Amazon Bedrock Intelligent Prompt Routing routes prompts to different foundation models within a model family, helping you optimize for quality of responses and cost. Beginning today, Intelligent Prompt routing is generally available and adds increased configurability, allowing you to configure your router by choosing any two models from a model family and setting the routing criteria for your router. Intelligent Prompt Routing also adds support for new models and now supports the following models:

• Anthropic’s Claude family: Haiku, Haiku 3.5, Claude Sonnet 3.5 v1, Claude Sonnet 3.5 v2Meta Llama family: Llama 3.1 8B, 70B, 3.2 11B, 90B and 3.3 70BAmazon Nova family: Nova Pro and Nova Lite

Learn more in our documentation, blog, and pricing page. Amazon Bedrock is a fully managed service that offers a choice of high-performing foundation models from leading AI companies via a single API. Amazon Bedrock also provides a broad set of capabilities customers need to build generative AI applications with security, privacy, and responsible AI capabilities built in.

Amazon Cognito now supports refresh token rotation

Published Date: 2025-04-22 17:00:00

Amazon Cognito announces support for OAuth 2.0 refresh token rotation for user pool clients. Refresh tokens are long-lived tokens that allow applications to obtain new access tokens without requiring users to sign in again. With refresh token rotation, you can now configure your user pool clients to automatically replace existing refresh tokens with new ones at regular intervals, which in turn can strengthen your application's security posture. Instead of previously relying on tokens that remain valid for long periods of time, refresh token rotation reduces the window a compromised refresh token could be used. In addition, refresh token rotates automatically in the background allowing your users maintain uninterrupted access without needing to re-authenticate. In absence of refresh token rotation, customers previously had to choose between long-lived tokens for minimizing user friction caused by re-authentication or short-lived tokens for better protection against risks from compromised tokens. Now, with refresh token rotation, customers can achieve seamless user experience while strengthening their application's security posture by automatically updating user's refresh tokens. For example, in a collaboration app, while users remain logged in for their 30-day session, their refresh tokens can be updated every few hours upon exchanging for new access and ID tokens, limiting the exposure window of any single token. This feature is available to Amazon Cognito customers using the Essentials or Plus tiers in AWS Regions where Cognito is available, including the AWS GovCloud (US) Regions. To learn more, visit the Cognito Refresh Token Developer Guide.  

Amazon EC2 R7gd instances are now available in additional AWS Regions

Published Date: 2025-04-22 17:00:00

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R7gd instances with up to 3.8 TB of local NVMe-based SSD block-level storage are available in Europe (London) and Asia Pacific (Hyderabad, Osaka) Regions. R7gd are powered by AWS Graviton3 processors with DDR5 memory are built on the AWS Nitro System. They are ideal for memory-intensive workloads such as open-source databases, in-memory caches, and real-time big data analytics and are a great fit for applications that need access to high-speed, low latency local storage, including those that need temporary storage of data for scratch space, temporary files, and caches. They have up to 45% improved real-time NVMe storage performance than comparable Graviton2-based instances. Graviton3-based instances also use up to 60% less energy for the same performance than comparable EC2 instances, enabling you to reduce your carbon footprint in the cloud. To learn more, see Amazon R7gd Instances. To get started, see the AWS Management Console.

AWS Transfer Family introduces Terraform module for deploying SFTP server endpoints

Published Date: 2025-04-22 17:00:00

AWS Transfer Family introduces a Terraform module for deploying managed file transfer (MFT) server endpoints backed by Amazon S3. This enables you to leverage Infrastructure as Code (IaC) to automate and streamline centralized provisioning of MFT servers and users at scale. AWS Transfer Family provides fully-managed file transfers over SFTP, AS2, FTPS, FTP, and web browser-based interfaces directly into and out of AWS storage services. Using the Terraform module, you can programmatically provision your Transfer Family server endpoints, associated dependencies and customizations in a single deployment. This eliminates time-consuming manual configurations and ensures you maintain consistent, secure implementations that can rapidly scale across departments. The new module provides end-to-end examples to create an SFTP endpoint, integrate with AWS CloudWatch for logging and monitoring, manage user identities for endpoint access, and configure IAM roles for access to S3 buckets where files are stored. Customers can get started by downloading the Terraform module source code on GitHub. To learn more about Transfer Family, visit the product page and user-guide. To see all the regions where Transfer Family is available, visit the AWS Region table.  

Amazon EC2 C7gd instances are now available in additional AWS Regions

Published Date: 2025-04-22 17:00:00

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C7gd instances with up to 3.8 TB of local NVMe-based SSD block-level storage are available in the AWS GovCloud (US-West), Canada (Central), and Europe (London) Regions. These Graviton3-based instances with DDR5 memory are built on the AWS Nitro System and are a great fit for applications that need access to high-speed, low latency local storage, including those that need temporary storage of data for scratch space, temporary files, and caches. They have up to 45% improved real-time NVMe storage performance than comparable Graviton2-based instances. Graviton3-based instances also use up to 60% less energy for the same performance than comparable EC2 instances, enabling you to reduce your carbon footprint in the cloud. To learn more, see Amazon C7gd Instances. To get started, see the AWS Management Console.  

Introducing a guided visual pipeline builder for Amazon OpenSearch Ingestion

Published Date: 2025-04-22 17:00:00

Today, we're announcing a new visual user interface for creating and editing Amazon OpenSearch Ingestion pipelines on the AWS console. This enhancement introduces a guided visual workflow, automatic permission creation, and enhanced real-time validations to streamline the pipeline development process. The new workflow simplifies pipeline development, reducing setup time and minimizing errors, making it easier to ingest, transform, and route data to Amazon OpenSearch Service. 

The guided visual workflow enables customers to quickly build and modify Amazon OpenSearch Ingestion pipelines without manually writing pipeline configurations. The new UI auto-discovers sources and sinks to eliminate context switching and streamlines the construction of intricate processor chains in a pipeline. With automatic permission creation, customers no longer need to manually create separate IAM policies and can use the automatically created unified IAM role for all their sources and sinks. Finally, with enhanced real-time validations, customers can detect runtime errors ahead of time, reducing debugging efforts and improving operational efficiency for smoother deployments.

This feature is available in all the 16 AWS commercial regions where Amazon OpenSearch Ingestion is currently available: US East (Ohio), US East (N. Virginia), US West (Oregon), US West (N. California), Europe (Ireland), Europe (London), Europe (Frankfurt), Europe (Spain), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Mumbai), Asia Pacific (Seoul), Canada (Central), South America (Sao Paulo), and Europe (Stockholm).

To learn more about this feature, see the Amazon OpenSearch Service Developer Guide and the launch blog.

Amazon RDS Proxy is now available in 3 additional AWS regions

Published Date: 2025-04-21 21:20:00

Amazon Relational Database Service (RDS) Proxy is now available in the Asia Pacific (Malaysia), Asia Pacific (Thailand), and Mexico (Central) Regions. RDS Proxy is a fully managed and a highly available database proxy for RDS and Amazon Aurora databases. RDS Proxy helps improve application scalability, resiliency, and security. Many applications, including those built on modern architectures capable of horizontal scaling based on ebb and flow of active users, can open a large number of database connections or open and close connections frequently. This can stress the database’s memory and compute, leading to slower performance and limited application scalability. Amazon RDS Proxy sits between your application and database to pool and share established database connections, improving database efficiency and application scalability. In case of a failure, Amazon RDS Proxy automatically connects to a standby database instance within a region. With Amazon RDS Proxy, database credentials and access can be managed through AWS Secrets Manager and AWS Identity and Access Management (IAM), eliminating the need to embed database credentials in application code. For information on supported database engine versions and regional availability of RDS Proxy, refer to the RDS Proxy RDS and Aurora documentation.

Amazon Kinesis Data Streams increases default shard limits to up to 20,000 per AWS account

Published Date: 2025-04-21 18:25:00

Amazon Kinesis Data Streams now offers significantly higher default shard limits for data streams in Provisioned capacity mode, increasing from 500 to 20,000 shards per AWS account in the US East (N. Virginia), US West (Oregon), and Europe (Ireland) regions. You can also see an account’s utilization of the shards limit in any region via the AWS Service Quotas console, so you can grow streaming workloads easily and quickly to bring real-time insights to more use cases. Amazon Kinesis Data Streams is a serverless data streaming service that allows customers to build de-coupled applications that publish and consume real-time data streams at any scale. A data stream is composed of shards, and each shard provides 1 MB/sec ingress and 2 MB/sec egress throughput capacity. You can easily change a stream’s throughput capacity by specifying its number of shards via the console, an API call, or the CLI. With the increased limits, customers using Provisioned mode can now process up to 10 GB/sec of ingress and 20 GB/sec of egress per account by default, and they can always request further increases to this limit. The default shard limits have also been increased from 200 to 1,000 shards or 6,000 shards per account for all other regions. You can view the new defaults for all regions and request further increases via the Service Quotas console. For more information about how shard limits affect your data streams, see the Quotas and Limits documentation.

Amazon Q Developer releases state of the art agent for feature development

Published Date: 2025-04-21 17:00:00

Today, AWS announces the update of Amazon Q Developer’s software development agent. This new agent achieves state-of-the-art performance on industry benchmark SWTBench Verified (49%) and sits among the top ranking models on SWEBench Verified (66%). The agent has access to tools for planning and reasoning that use the capacity of advanced models to their fullest. By running in a dedicated environment with built-in access to all the functionalities of a modern IDE, the agent is now able to generate multiple candidate solutions for a given problem, select the most promising one, and return higher quality code to the developer. With this new agent, developers can further accelerate their development team velocity. The update to the agent translates to more reliable suggestions and reduced debugging time for developers. This allows developers to focus on higher-level design and innovation, while the agent handles more routine coding tasks with increased accuracy. The new software development agent for Amazon Q Developer is available in all AWS Regions where Amazon Q is supported. Getting started with the software development agent is simple. Developers can begin using it immediately by typing '/dev' in the Q chat window in Visual Studio Code or JetBrains integrated development environment (IDE) where the Amazon Q Developer plugin is installed. To learn more about Amazon Q, visit the Amazon Q product page or refer to the agent documentation.

Amazon EC2 C6id instances are now available in AWS Europe (Paris) region

Published Date: 2025-04-21 17:00:00

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C6id instances are available in Europe (Paris) Region. These instances are powered by 3rd generation Intel Xeon Scalable Ice Lake processors with an all-core turbo frequency of 3.5 GHz and up to 7.6 TB of local NVMe-based SSD block-level storage. C6id instances are built on AWS Nitro System, a combination of dedicated hardware and lightweight hypervisor, which delivers practically all of the compute and memory resources of the host hardware to your instances for better overall performance and security. Customers can take advantage of access to high-speed, low-latency local storage to scale performance of applications such data logging, distributed web-scale in-memory caches, in-memory databases, and real-time big data analytics. These instances are generally available today in the US West (Oregon), US East (Ohio, N. Virginia), Canada (Central), Canada West (Calgary), AWS GovCloud (US-West), Mexico (Central), South America (Sao Paulo), Asia Pacific (Thailand, Seoul, Malaysia, Tokyo, Singapore, Sydney), Europe (Paris, Ireland, Frankfurt, London), Israel (Tel Aviv) Regions. Customers can purchase the new instances via Savings Plans, Reserved, On-Demand, and Spot instances. To learn more, visit our product page for Amazon C6id instances. To get started, visit AWS Command Line Interface (CLI), and AWS SDKs.

Introducing Amazon EC2 C8gd, M8gd, and R8gd instances

Published Date: 2025-04-21 17:00:00

AWS announces the general availability of Amazon Elastic Compute Cloud (Amazon EC2) C8gd instances, Amazon EC2 M8gd instances, and Amazon EC2 R8gd instances with up to 11.4 TB of local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton4 processors, delivering up to 30% better performance over Graviton3-based instances. They have up to 40% higher performance for I/O intensive database workloads, and up to 20% faster query results for I/O intensive real-time data analytics than comparable AWS Graviton3-based instances. These instances are built on the AWS Nitro System and are great fit for applications that need access to high-speed, low latency local storage. Each instance is available in 12 different sizes. They provide up to 50 Gbps of network bandwidth and up to 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS). Additionally, customers can now adjust the network and Amazon EBS bandwidth on these instances by 25% using EC2 instance bandwidth weighting configuration, providing greater flexibility with the allocation of bandwidth resources to better optimize workloads. These instances offer Elastic Fabric Adapter (EFA) networking on 24xlarge, 48xlarge, metal-24xl, and metal-48xl sizes. All of these instances are available in the following AWS Regions: US East (Ohio, N. Virginia), and US West (Oregon). To learn more, see Amazon C8gd instances, Amazon M8gd Instances, and Amazon R8gd Instances. To learn how to migrate your workloads to AWS Graviton-based instances, see the Getting started with Graviton.  

Amazon SQS now supports Internet Protocol Version 6 (IPv6)

Published Date: 2025-04-21 17:00:00

Amazon SQS now supports Internet Protocol version 6 (IPv6) for API requests enabling you to communicate with Amazon SQS using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients using public endpoints. Amazon SQS is a fully managed message queuing service that enables decoupling and scaling of distributed systems, microservices, and serverless applications. The addition of IPv6 support provides customers with a vastly expanded address space, eliminating concerns about address exhaustion and simplifying network architecture for IPv6-native applications. With simultaneous support for both IPv4 and IPv6 clients on SQS public endpoints, customers can gradually transition from IPv4 to IPv6-based systems and applications without needing to switch all systems at once. This enhancement is particularly valuable for modern cloud-native applications and organizations transitioning to IPv6 as part of their modernization efforts. To learn more on best practices for configuring IPv6 in your environment, visit the whitepaper on IPv6 in AWS. This feature is now available in all AWS commercial Regions, including AWS China Regions, and can be used at no additional cost. See here for a full listing of our Regions. To learn more about Amazon SQS, please refer to our Developer Guide.  

Amazon MSK adds support for Apache Kafka version 3.9

Published Date: 2025-04-21 17:00:00

Amazon Managed Streaming for Apache Kafka (Amazon MSK) now supports Apache Kafka version 3.9, which allows users to retain tiered data when disabling Tiered Storage at the topic level. Consumer applications can continue to read historical data from the remote log start offset (Rx) while maintaining continuous log offsets across both local and remote storage. Along with this feature, Apache Kafka version 3.9 includes various bug fixes and improvements. For more details, please refer to the Apache Kafka release notes for version 3.9. Amazon MSK is a fully managed service for Apache Kafka and Kafka Connect that makes it easier for you to build and run applications that use Apache Kafka as a data store. Amazon MSK is compatible with Apache Kafka, which enables you to quickly migrate your existing Apache Kafka workloads to Amazon MSK with confidence or build new ones from scratch. With Amazon MSK, you can spend more time innovating on streaming applications and less time managing Apache Kafka clusters. To learn how to get started, see the Amazon MSK Developer Guide. Support for Apache Kafka version 3.9 is available in all AWS regions where Amazon MSK is available.