Kategorie: Amazon AWS

AWS Site-to-Site VPN announces 5 Gbps bandwidth tunnels

AWS Site-to-Site VPN now supports VPN connections with up to 5 Gbps bandwidth per tunnel, a 4x improvement from existing limit of 1.25 Gbps. This increased bandwidth benefits customers who require high-capacity connections for bandwidth-intensive hybrid applications, big data migrations, and disaster recovery architectures while maintaining traffic encryption between AWS and their remote sites. Customers can also use 5 Gbps VPN connections as a backup or overlay for their high capacity AWS Direct Connect connections. AWS Site-to-Site VPN is a fully managed service that allows you to create a secure connection between your data center or branch office and your AWS resources using IP Security (IPSec) tunnels. Until now, Site-to-Site VPN supported a maximum of 1.25Gbps bandwidth per tunnel and customers had to rely on ECMP (Equal cost multi path) to logically bond multiple tunnels to achieve higher bandwidth. With this launch, customers can now configure their tunnel bandwidth to 5 Gbps, reducing the need to deploy complex protocols such as ECMP while ensuring consistent bandwidth performance. This capability is available in all AWS commercial Regions and AWS GovCloud (US) Regions where AWS Site-to-Site VPN is available, except Asia Pacific (Melbourne), Israel (Tel Aviv), Europe (Zurich), Canada West (Calgary), and Middle East (UAE) Regions. To learn more and get started, visit the AWS Site-to-Site VPN documentation.
Quelle: aws.amazon.com

Amazon Connect Cases adds conditional field visibility and dependent options

Amazon Connect Cases now supports conditional field visibility and dependent field options, so you can simplify case layouts and ensure agents capture the right information faster. For example, you can show a Return Reason field only when the case involves a return, and limit Issue Type choices to hardware-related options when Issue Category is set to Hardware. Amazon Connect Cases is available in the following AWS regions: US East (N. Virginia), US West (Oregon), Canada (Central), Europe (Frankfurt), Europe (London), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), and Africa (Cape Town) AWS regions. To learn more and get started, visit the Amazon Connect Cases webpage and documentation.
Quelle: aws.amazon.com

Amazon ElastiCache supports M7g and R7g Graviton3-based nodes in AWS GovCloud (US) Regions

Amazon ElastiCache now supports Graviton3-based M7g and R7g node families in the AWS GovCloud (US) Regions (US-East, US-West). ElastiCache Graviton3 nodes deliver improved price-performance compared to Graviton2. As an example, when running ElastiCache for Redis OSS on an R7g.4xlarge node, you can achieve up to 28% increased throughput (read and write operations per second) and up to 21% improved P99 latency, compared to running on R6g.4xlarge. In addition, these nodes deliver up to 25% higher networking bandwidth. For complete information on pricing and regional availability, please refer to the Amazon ElastiCache pricing page. To get started, create a new cluster or upgrade to Graviton3 using the AWS Management Console. For more information on supported node types, please refer to the documentation. 
Quelle: aws.amazon.com

Application loadbalancer support client credential flow with JWT verification

Amazon Web Services (AWS) announces JWT Verification for Application Load Balancer (ALB), enabling secure machine-to-machine (M2M) and service-to-service (S2S) communications. This feature allows ALB to verify JSON Web Tokens (JWTs) included in request headers, validating token signatures, expiration times, and claims without requiring modifications to application code. By offloading OAuth 2.0 token validation to ALB, customers can significantly reduce architectural complexity and streamline their security implementation. This capability is particularly valuable for microservices architectures, API security, and enterprise service integration scenarios where secure service-to-service communication is critical. The feature supports tokens issued through various OAuth 2.0 flows, including Client Credentials Flow, enabling centralized token validation with minimal operational overhead. The JWT Verification feature is now available in all AWS Regions where Application Load Balancer is supported.
To learn more, visit the ALB Documentation.
Quelle: aws.amazon.com

Amazon Managed Service for Prometheus collector integrates with Amazon Managed Streaming for Apache Kafka

Amazon Managed Service for Prometheus collector, a fully-managed agentless collector for Prometheus metrics, now enables you to discover and collect Prometheus metrics from your Amazon Managed Streaming for Apache Kafka cluster while ensuring high availability and scalability.
So far, customers who were seeking to benefit from open monitoring in an Amazon Managed Streaming for Apache Kafka cluster had to set up dedicated infrastructure and deploy, right-size, and scale agents to discover and scrape the Prometheus metrics in the cluster. With this launch, you can configure a Amazon Managed Service for Prometheus collector to scrape metrics from the JMX exporter and the Node exporter, covering metrics including host-level, JVM-level, as well as broker-related metrics to implement use cases such as message queue health and partition balancing.
Amazon Managed Service for Prometheus collector is available in all commercial regions where Amazon Managed Service for Prometheus is available. To learn more about Amazon Managed Service for Prometheus collector, visit the user guide or product page.
Quelle: aws.amazon.com

Amazon CloudWatch Logs now supports Network Load Balancer access logs

Amazon CloudWatch Logs now supports Network Load Balancer (NLB) access logs as vended logs, improving observability and simplifying debugging for network traffic patterns. You can now analyze NLB access logs directly in CloudWatch to gain insights into client connections, traffic distribution, and connection status, helping you identify and troubleshoot network issues faster. With this CloudWatch Logs integration, you can track detailed access patterns using CloudWatch Logs Insights queries, create metric filters for monitoring, and review traffic patterns in real time using Live Tail. NLB access logs can be configured through the integrations tab of your network load balancer in AWS Management Console, AWS CLI, or SDKs. You can also configure delivery of NLB access logs to Amazon Data Firehose or Amazon S3 with support for Apache Parquet format. NLB access logs delivery to CloudWatch is available in all AWS Commercial and GovCloud regions where Network Load Balancer and CloudWatch are available. NLB access logs are charged as vended logs when delivered to CloudWatch Logs and Data Firehose, while delivery to Amazon S3 is free (Parquet conversion is charged at $0.035/GB – N. Virginia). 
To learn more about configuring NLB access logs in CloudWatch Logs, please visit our documentation. For pricing information, see CloudWatch pricing page.
Quelle: aws.amazon.com

Amazon DCV now supports Amazon EC2 Mac instances

AWS announces Amazon DCV support for Amazon EC2 Mac instances powered by Apple silicon, bringing high-performance remote desktop capabilities to macOS workloads in the cloud. You can now access your EC2 Mac instances with the same security and performance that Amazon DCV provides across other platforms. This integration is specifically designed for EC2 Mac instances running on Apple silicon processors. With Amazon DCV, you can connect to your EC2 Mac instances from Windows, Linux, macOS, or web clients with support for 4K resolution, multiple monitors, and smooth 60 FPS performance. The support includes essential productivity features like time zone redirection and audio output, making remote Mac development seamless. Amazon DCV’s proven security architecture and optimized streaming protocols ensure your macOS applications run efficiently while maintaining data protection standards. Amazon DCV support for EC2 Mac instances is available in all AWS Regions where EC2 Mac instances are offered. To get started, see the Amazon DCV documentation for installing and configuring DCV server on EC2 Mac instances.
Quelle: aws.amazon.com

Announcing communication preferences for Security Incident Response

AWS Security Incident Response now provides customizable communication preferences so you can focus on the updates that matter most to your role. You can choose from various notification types including case changes, membership updates, and organizational announcements. This granular control reduces the previous one-size-fits-all approach where every team member received every update regardless of relevance. You can easily adjust these settings as your role evolves, with smart defaults that work effectively out of the box. This feature is available to all Security Incident Response customers at no additional cost. To configure your communication preferences, visit the Security Incident Response console and select any team member to customize their notification settings.
Quelle: aws.amazon.com

AWS Fault Injection Service (FIS) launches new test scenarios for partial failures

AWS Fault Injection Service (FIS) now offers two new scenarios that help you proactively test how your applications handle partial disruptions within and across Availability Zones (AZs). These disruptions, often called gray failures, are more common than complete outages and can be particularly challenging to detect and mitigate. The FIS scenario library provides AWS-created, pre-defined experiment templates that minimize the heavy lifting of designing tests. The new scenarios expand the testing capabilities for partial disruptions. “AZ: Application Slowdown” lets you test for increased latency and degraded performance for resources, dependencies, and connections within a single AZ. This helps validate observability setups, tune alarm thresholds, and practice critical operational decisions like AZ evacuation. The scenario works with both single and multi-AZ applications. “Cross-AZ: Traffic Slowdown” enables testing of how multi-AZ applications handle traffic disruptions between AZs. With both scenarios, you can target specific portions of your application traffic for more realistic testing of partial disruptions. These scenarios are particularly valuable for testing application sensitivity to these more subtle disruptions that often manifest as traffic and application slowdowns. For instance, you can test how your application responds to degraded network paths causing packet loss for some traffic flows, or misconfigured connection pools that slow down specific requests. To get started, access these new scenarios through the FIS scenario library in the AWS Management Console. These new scenarios are available in all AWS Regions where AWS FIS is available, including AWS GovCloud (US) Regions. To learn more, visit the FIS scenario library user guide. For pricing information, visit the FIS pricing page.
Quelle: aws.amazon.com

Amazon EC2 C8gd, M8gd, and R8gd instances are now available in additional AWS Regions

Amazon Elastic Compute Cloud (Amazon EC2) C8gd instances are now available in Europe (London), and Canada (Central) AWS Regions. Additionally, M8gd instances are available in South America (Sao Paulo) and R8gd instances are available in Europe (London) AWS Region. These instances feature up to 11.4 TB of local NVMe-based SSD block-level storage and are powered by AWS Graviton4 processors, delivering up to 30% better performance over Graviton3-based instances. They have up to 40% higher performance for I/O intensive database workloads, and up to 20% faster query results for I/O intensive real-time data analytics than comparable AWS Graviton3-based instances. These instances are built on the AWS Nitro System and are a great fit for applications that need access to high-speed, low latency local storage. Each instance is available in 12 different sizes. They provide up to 50 Gbps of network bandwidth and up to 40 Gbps of bandwidth to the Amazon Elastic Block Store (Amazon EBS). Additionally, customers can now adjust the network and Amazon EBS bandwidth on these instances by 25% using EC2 instance bandwidth weighting configuration, providing greater flexibility with the allocation of bandwidth resources to better optimize workloads. These instances offer Elastic Fabric Adapter (EFA) networking on 24xlarge, 48xlarge, metal-24xl, and metal-48xl sizes. To learn more, see Amazon C8gd instances, M8gd instances, R8gd instances. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS Management Console.
Quelle: aws.amazon.com