AWS Security Hub extends unified security management to Microsoft Azure

Today, AWS announces that AWS Security Hub now monitors Microsoft Azure resources, extending risk analytics, cloud security posture management, vulnerability management, and security response management across both clouds. Many AWS customers running workloads in AWS and Azure have had to operate separate security tools for each environment, making it difficult to prioritize risks holistically or respond consistently. Security Hub now provides a single, unified experience to detect and respond to risks across your AWS and Azure environments. Security Hub automatically discovers Azure resources, including Azure Virtual Machines (VMs), Azure Container Registry (ACR) container images, Azure Function Apps, and Azure identities, and evaluates them for misconfigurations, internet exposure, and software vulnerabilities. You receive posture checks against security standards including the CIS Benchmarks™ for Microsoft Azure Foundations, unified resource inventory, risk and exposure analysis, and automated response through existing EventBridge integrations. AWS and Azure findings appear in the same prioritized view with the same finding formats and automation workflows, so security teams can operate from one console rather than switching between tools. Security Hub includes an independent 30-day free trial to monitor Azure resources that begins once you create your integration with Microsoft Azure. After the trial, you pay the same price for monitoring Azure resources and equivalent AWS resources. You can create an integration to Azure from all AWS Regions where Security Hub is available except Middle East (UAE), Middle East (Bahrain), Asia Pacific (Taipei), and Asia Pacific (New Zealand). You can also create integrations to Microsoft Azure for AWS Security Hub CSPM for posture management checks and Amazon Inspector for vulnerability management independently from AWS Security Hub. To learn more, see AWS Security Hub Pricing and AWS Security Hub documentation.
Quelle: aws.amazon.com

Amazon S3 Vectors is now available in AWS GovCloud (US) Regions

Amazon S3 Vectors is now available in AWS GovCloud (US-East) and AWS GovCloud (US-West).
Amazon S3 Vectors is purpose-built vector storage for AI agents, inference, Retrieval Augmented Generation (RAG), and semantic search at billion-vector scale. S3 Vectors is designed to provide the same elasticity, durability, and availability as Amazon S3, with a dedicated set of APIs that let you store, access, and query vectors without provisioning any infrastructure.
For a full list of AWS Regions where Amazon S3 Vectors is available, see AWS Regions and endpoints. To learn more, visit the product page, documentation, and the Amazon S3 pricing page.
Quelle: aws.amazon.com

Amazon GameLift Streams introduces secure terminal access for stream sessions

Amazon GameLift Streams now supports Stream Session Admin Shell, a secure terminal connection to the live runtime environment of a stream session for real-time troubleshooting. You can inspect logs, query running processes, check GPU utilization, and examine application state — all without managing SSH keys, open ports, or infrastructure credentials. Stream Session Admin Shell provides a terminal connection with the same level of access as your Amazon GameLift Streams applications. To connect, call the new CreateStreamSessionAdminShell API with your stream group and stream session identifiers, then use the returned credentials with the SSM Session Manager plugin for the AWS CLI. The feature supports Linux (Ubuntu 22.04), Proton, and Windows Server 2022 runtimes. The terminal connection is scoped to your application environment and automatically closes when the stream session ends. Stream Session Admin Shell is available at no additional cost in all AWS Regions where Amazon GameLift Streams is offered. For a full list of supported Regions, see the AWS Region table. To get started, see the Stream Session Admin Shell developer guide and CreateStreamSessionAdminShell API reference.
Quelle: aws.amazon.com

AWS Security Hub adds impact analysis for exposure findings

Today, AWS Security Hub adds impact analysis to exposure findings, helping security teams understand the full scope of what an attacker could reach if an exposure is exploited. Impact analysis extends exposure findings by mapping the downstream resources that could be compromised beyond the initially exposed resource, giving teams deeper visibility into organizational risk. Security Hub analyzes the effective permissions of IAM principals associated with exposed resources to identify privilege escalation paths to other resources in your account. The resulting scope of impact is displayed in the potential attack path graph, and a new Impact Assessment tab shows the prioritized chains of resources an attacker could traverse along with the specific permissions at each step. Security Hub factors the scope of impact into its severity scoring for exposure findings, and adjusts existing exposures as their scope of impact is identified or changes, so that exposures with greater downstream reach are prioritized appropriately. To learn more, see Understanding exposure findings in the AWS Security Hub User Guide and the AWS Security Hub product page. For the full list of AWS Regions where Security Hub is available, see the AWS Regional Services List.
Quelle: aws.amazon.com

Amazon EKS Auto Mode reduces GPU management fees by up to 60%

Amazon Elastic Kubernetes Service (Amazon EKS) Auto Mode now offers significantly reduced management fees for GPU and accelerated instance types. Beginning July 1, 2026, G-series Auto Mode management fees are reduced by 35%, and P-series and AWS Trainium fees are reduced by 60%. These reductions apply automatically to all EKS Auto Mode clusters and no action is required from customers already using GPU instances with Auto Mode.
EKS Auto Mode simplifies Kubernetes operations by automatically provisioning and managing infrastructure for machine learning inference, fine-tuning, rendering, and batch processing workloads. It includes capabilities built for accelerated workloads: automatic parallel image pulling and unpacking on GPU instances with local NVMe storage, so large container and model images start faster, and accelerator-aware node repair that detects GPU hardware failures and automatically replaces unhealthy nodes. With today’s price reduction, customers can run GPU workloads on Auto Mode at lower management fees, making its fully managed infrastructure more cost-effective.
This pricing update is available in all AWS Regions where EKS Auto Mode is available. Amazon ECS is implementing identical management fee reductions for GPU instances on ECS Managed Instances. See the ECS What’s New post for details.
To get started with GPU workloads on EKS Auto Mode, see the EKS for AI/ML documentation. For the complete updated rate table, see Amazon EKS pricing.
Quelle: aws.amazon.com