Amazon SageMaker HyperPod now supports AMI versioning and auto-patching

Amazon SageMaker HyperPod now gives you visibility into the Amazon Machine Image (AMI) versions running across your clusters and automatically applies security patches without disrupting your workloads. SageMaker HyperPod is purpose-built infrastructure for training and deploying foundation models at scale. Cluster administrators previously had limited insight into which AMI versions were running, making drift hard to detect and security patching a manual, reactive process that was difficult to run on long multi-day training jobs and that risked changing bundled software in the AMI such as NVIDIA drivers or CUDA. These new capabilities on HyperPod help you keep clusters secure and consistent while removing the operational burden of manual patching.
With AMI versioning, you can see the exact AMI version on every instance group and node in the semantic versioning (major.minor.patch) format, quickly detect version drift, and roll back to a previous version—including the prior NVIDIA driver, CUDA, and other software stack—using the UpdateClusterSoftware API. Auto-patching is an opt-in, per-instance-group capability that applies only backward-compatible security patches as nodes become idle, so your running workloads stay undisrupted and critical AI/ML packages such as NVIDIA driver, CUDA version, and operating system kernels are never upgraded to a different major or minor version; you can enable it through the CreateCluster or UpdateCluster API. A new AMI support policy also publishes support timelines for different AMI versions after which HyperPod stops publishing security patches.
Both AMI versioning and auto-patching are available for HyperPod clusters orchestrated by Amazon EKS, in all AWS Regions where SageMaker HyperPod is supported. To learn more, see the HyperPod AMI management documentation and the new HyperPod AMI support policy.
Quelle: aws.amazon.com

Amazon EC2 X8i instances are now available in additional regions

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) X8i instances are available in the Asia Pacific (Seoul), Asia Pacific (Malaysia) and Asia Pacific (Tokyo) regions. These instances are powered by custom Intel Xeon 6 processors available only on AWS. X8i instances are SAP-certified and deliver the highest performance and fastest memory bandwidth among comparable Intel processors in the cloud. They deliver up to 43% higher performance, 1.5x more memory capacity (up to 6TB), and 3.3x more memory bandwidth compared to previous generation X2i instances. X8i instances are designed for memory-intensive workloads like SAP HANA, large databases, data analytics, and Electronic Design Automation (EDA). Compared to X2i instances, X8i instances offer up to 50% higher SAPS performance, up to 47% faster PostgreSQL performance, 88% faster Memcached performance, and 46% faster AI inference performance. X8i instances come in 14 sizes, from large to 96xlarge, including two bare metal options. To get started, visit the AWS Management Console. X8i instances can be purchased via Savings Plans, On-Demand instances, and Spot instances. For more information visit X8i instances page.
Quelle: aws.amazon.com

Amazon SageMaker Unified Studio now supports Terraform for provisioning

Amazon SageMaker Unified Studio now supports Terraform for provisioning. Customers can use the open-source terraform-aws-sagemaker-unified-studio module to deploy a SageMaker Unified Studio domain through version-controlled templates. With this launch, platform teams can bring SageMaker Unified Studio into their existing infrastructure-as-code pipelines, maintaining consistency across development, staging, and production accounts.
Amazon SageMaker Unified Studio is a unified development environment where data teams can build end-to-end data and AI workflows using familiar tools—from data integration and analytics to machine learning and generative AI—all governed by a shared catalog. Administrators provision domains to give their organization a single, managed workspace with built-in access control, data governance, and cross-service connectivity. With this launch, the Terraform module handles the infrastructure of SageMaker Unified Studio domain with provisioned IAM roles. Sub-modules let teams enable blueprints, compose blueprints into project profiles, and create projects independently. Customers can also create projects with existing IAM roles. This integration is enabled through the Terraform AWS Cloud Control Provider.
This feature is available in all AWS Regions where Amazon SageMaker Unified Studio is available. To get started, see examples provided in terraform-aws-sagemaker-unified-studio module on GitHub and the Amazon SageMaker Unified Studio documentation.
Quelle: aws.amazon.com

AWS Config now supports 8 new resource types

AWS Config now supports 8 additional AWS resource types across key services including Amazon API Gateway, Amazon EC2, and Amazon S3 Vectors. This expansion provides greater coverage over your AWS environment, enabling you to more effectively discover, assess, audit, and remediate an even broader range of resources.
With this launch, if you have enabled recording for all resource types, then AWS Config will automatically track these new additions. The newly supported resource types are also available in Config rules and Config aggregators.
You can now use AWS Config to monitor the following newly supported resource types in all AWS Regions where the resources are available:
Resource Types:

AWS::ApiGateway::DomainNameV2
AWS::ApiGatewayV2::VpcLink
AWS::EC2::VPCEncryptionControl
AWS::NetworkFirewall::ContainerAssociation
AWS::OpenSearchServerless::SecurityPolicy
AWS::OSIS::Pipeline
AWS::S3Vectors::VectorBucket
AWS::S3Vectors::VectorBucketPolicy

Quelle: aws.amazon.com

Amazon EC2 Dedicated Hosts now support AMD SEV-SNP

Amazon EC2 is announcing support for AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) on Dedicated Hosts, enabling customers to run their confidential computing workloads on physical servers fully dedicated to their use. Customers can allocate a Dedicated Host with SEV-SNP enabled and launch SEV-SNP instances on it. This gives customers the benefits of Dedicated Hosts for confidential computing workloads, including control over instance placement, and host affinity that allows customers to deploy instances to the same physical server over time. The physical host is provisioned with AMD security firmware during allocation, ensuring a customer’s confidential computing environment is up to date. Dedicated Host SEV-SNP is available in all AWS commercial Regions with AMD instances. To learn more, visit our documentation.
Quelle: aws.amazon.com