Kategorie: Amazon AWS

AWS Security Hub is now available in AWS GovCloud (US) Regions

AWS Security Hub is now available in the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions. Security Hub is a unified cloud security solution that prioritizes critical security issues and helps you respond at scale, reduce security risks, and improve team productivity. Security Hub detects critical risks by correlating and enriching security signals from Amazon GuardDuty, Amazon Inspector, and AWS Security Hub CSPM, enabling you to quickly surface and prioritize active risks in your cloud environment. The service delivers near real-time risk analytics and advanced trends, transforming correlated security signals into actionable insights through enhanced visualizations and contextual enrichment. You can enable Security Hub for individual accounts or across your entire organization with centralized deployment and management. Capabilities include exposure findings, security-focused resource inventory, attack path visualization, and automated response workflows. The service automatically visualizes potential attack paths by showing how adversaries could chain together threats, vulnerabilities, and misconfigurations to compromise critical resources. Streamlined pricing consolidates charges across multiple AWS security services for improved cost predictability. To get started, visit the AWS Security Hub console or the AWS Security Hub product page. For the full list of AWS Regions where Security Hub is available, see the AWS Regional Services List.
Quelle: aws.amazon.com

Amazon CloudWatch now supports multi-account and region log centralization based on data source

Amazon CloudWatch centralization now supports centralizing logs based on data source name and type. CloudWatch allows customers to copy log data from multiple AWS accounts and regions into a single destination account using centralization rules. With today’s launch, customers can now define rules that target data sources by name and type, such as VPC Flow Logs, EKS Audit Logs, and CloudTrail Logs, in addition to the existing log group name-based selection.
Data source name and type are discovered automatically by CloudWatch for AWS service logs and are based on log group tags for application logs.  Now, customers can specifically target which logs they want to centralize using these parameters. For example, a central security team can create a rule that centralizes all logs from CloudTrail and VPC data sources across their entire organization without needing to know or maintain a list of individual log group names.
To get started, create or modify a centralization rule in the Amazon CloudWatch console or through the AWS CLI and AWS SDKs, and specify your data source selection criteria in the centralization rule configuration.
Data source selection criteria is available in all AWS commercial regions where CloudWatch log centralization is available. Standard CloudWatch Logs pricing applies for log ingestion, storage, and data transfer. For more information, see the CloudWatch Logs Centralization documentation.
Quelle: aws.amazon.com

Access Cluster Insights through the Amazon OpenSearch Service Console and Amazon EventBridge events

Amazon OpenSearch Service extends access to Cluster Insights through the AWS Management Console, in addition to the existing OpenSearch UI Dashboards. This launch makes it easier to review performance and resilience recommendations and make necessary configuration changes, all within the same Console. In addition, Cluster Insights now publishes insights as events to Amazon EventBridge. Cluster insights presents curated insights of a cluster’s operational health along with actionable recommendations to help prevent issues before they affect the stability or performance of the cluster. You can continue to use OpenSearch UI Dashboards for more detailed metrics, including index and shard-level data and top-N query analysis. In addition, with this release, you can monitor insights through Amazon EventBridge events. Cluster Insights is available at no additional cost for OpenSearch versions 2.17 or later in all Regions where OpenSearch Service is available. View the complete list of supported Regions here. To learn more about Cluster Insights, refer to our technical documentation.
Quelle: aws.amazon.com

AWS Elemental MediaTailor now available in Europe (London)

AWS Elemental MediaTailor is now available in the Europe (London) AWS Region. MediaTailor is a personalized ad insertion and channel assembly service that enables video providers to serve targeted ads in live and on-demand video streams using server-side ad insertion (SSAI) and Server Guided Ad Insertion (SGAI), delivering a broadcast-quality viewing experience without the buffering or ad blockers associated with client-side ad insertion. With this expansion, customers serving viewers in Northern Europe can now run ad insertion workloads closer to their audience, reducing ad decisioning latency and improving ad fill rates. Customers using SSAI or SGAI workflows benefit from lower-latency ad stitching and ad tracking closer to their European viewers, and customers already using MediaTailor in Europe (Ireland) gain an additional region for redundancy and increased capacity.
To learn more, visit the AWS Elemental MediaTailor product page or the AWS Elemental MediaTailor User Guide. To get started, sign into the AWS Elemental MediaTailor console. 
Quelle: aws.amazon.com

Amazon GameLift Servers expands instance support with next-generation EC2 instance families

Amazon GameLift Servers now supports Amazon EC2 5th through 8th generation instances, offering enhanced price-performance, efficiency, and flexibility for game server hosting. This update allows developers to leverage the latest advancements in EC2 compute, memory, and networking across three main instance families:

General Purpose (M-series): Balanced CPU, memory, and networking for a wide range of game workloads.
Compute Optimized (C-series): High-performance compute instances with a 2:1 memory ratio, ideal for CPU-intensive game servers.
Memory Optimized (R-Series): Optimized for high-memory workloads with an 8:1 memory ratio, supporting complex simulations and large player sessions.

Each new EC2 generation brings significant improvements:

5th Gen: Proven reliability with Intel processors with balanced performance
6th Gen: Includes AWS Graviton2 ARM-based options alongside Intel and AMD variants offering enhanced price-performance efficiency.
7th Gen: The latest evolution featuring DDR5 memory, enhanced networking, and offering significant performance gains over previous generations.
8th Gen: Cutting-edge AWS Graviton4 and Intel Xeon-based instances for demanding workloads

Customers can also choose variants with local storage (d), enhanced networking (n), and different processor architectures (Intel, AMD, Graviton – i/a/g). This update empowers developers with greater flexibility, scalability, and cost efficiency to optimize game server performance. Customers can now seamlessly transition workloads to newer EC2 generations, leveraging AWS’s continuous innovation for building, scaling, and operating multiplayer games globally. These next-generation instances are available in Amazon GameLift Servers supported regions, except AWS China. For more information on launching fleets with next-generation EC2 instances, visit the Amazon GameLift Servers documentation and EC2 Instance Types overview.
Quelle: aws.amazon.com

Amazon CloudWatch Logs now supports data protection, OpenSearch PPL and OpenSearch SQL for the Infrequent Access ingestion class

Amazon CloudWatch Logs now supports expanded analytics and data protection capabilities for the Infrequent Access (Logs IA) ingestion class, including support for data protection, OpenSearch’s Piped Processing Language (PPL) and OpenSearch SQL. These enhancements make it easier for customers to perform flexible analytics and protect sensitive data while cost-effectively consolidating all your logs natively on AWS, making Logs IA ideal for ad-hoc troubleshooting and forensic analysis on infrequently accessed logs.
Logs IA is a cost-effective ingestion class for consolidating logs that are queried occasionally, such as forensic investigations. Logs IA currently offers log analytics with Logs Insights Query Language, export to S3, and encryption with a lower ingestion price per GB compared to the Standard log class. With today’s launch, customers can now use OpenSearch SQL and OpenSearch PPL queries to perform advanced analytics. In addition, data protection allows customers to automatically detect and mask sensitive information in logs, helping organizations meet security and compliance requirements.
Learn more about CloudWatch Logs IA pricing and read the user guide here. For Regional availability, visit the AWS Builder Center.
Quelle: aws.amazon.com

Amazon Timestream for InfluxDB Now Supports Advanced Metrics

Amazon Timestream for InfluxDB now offers Advanced Metrics, providing comprehensive visibility into your database performance and health. This new capability automatically publishes detailed operational metrics from your Timestream for InfluxDB 2 instances directly to Amazon CloudWatch, enabling real-time monitoring and alerting without requiring additional configuration or instrumentation for both Single-AZ and Multi-AZ Timestream for InfluxDB 2 databases. With Advanced Metrics, customers can track critical database performance indicators, set up custom dashboards, and configure automated alerts based on predefined thresholds. This enhanced observability helps DevOps teams quickly identify potential issues, optimize database performance, and ensure high availability for time-series applications by providing deeper insights into resource utilization, query performance, and system health across their InfluxDB 2 environments. Amazon Timestream for InfluxDB Advanced Metrics is available in all Regions where Timestream for InfluxDB is offered. To get started with Amazon Timestream for InfluxDB, visit the Amazon Timestream for InfluxDB console. For more information, see the Amazon Timestream for InfluxDB documentation and pricing page.
Quelle: aws.amazon.com

AWS Step Functions adds 28 new service integrations, including Amazon Bedrock AgentCore

AWS Step Functions expands its AWS SDK integrations with 28 additional services and over 1,100 new API actions across new and existing AWS services, including Amazon Bedrock AgentCore and Amazon S3 Vectors. This expansion enables you to orchestrate a broader set of AWS services directly from your workflows without writing integration code. AWS Step Functions is a visual workflow service capable of orchestrating over 220 AWS services to help customers build distributed applications at scale. With the Amazon Bedrock AgentCore service integration, you can invoke AI agent runtimes with built-in retries, run multiple agents in parallel using Map states, and automate agent provisioning workflows that create, update, and tear down agent infrastructure as workflow steps. This expansion also includes Amazon S3 Vectors for automating document ingestion pipelines that populate knowledge bases for AI applications. It also adds support for AWS Lambda durable execution APIs, allowing you to pass an execution name for idempotent invocations of Lambda durable functions and manage durable executions directly from your workflows. These enhancements are now generally available in all AWS Regions where AWS Step Functions is available. Specific services and API actions are subject to the availability of the target service in the AWS Region. To learn more about AWS Step Functions SDK integrations, visit the Developer Guide, or see the full list of supported services at AWS SDK service integrations.
Quelle: aws.amazon.com

AWS HealthImaging announces study-level fine-grained access control

AWS HealthImaging now supports fine-grained access control, enabling organizations to securely manage access to medical imaging data at the DICOM study and series levels. Medical imaging workflows are typically organized around DICOM studies, which are stored in AWS HealthImaging as one or more image set resources. Now customers can easily grant users access to all image sets for a set of DICOM Studies or Series with easy-to-maintain IAM policies.
Customers can now grant permissions for DICOMweb APIs using DICOM Study Instance UIDs and Series Instance UIDs directly in their IAM policies, eliminating the need to list individual image set ARNs. Customers can now create dynamic, temporary access grants using AWS Security Token Service (STS) session policies with low-latency authentication. This capability provides enhanced protection for Protected Health Information (PHI) by scoping access grants to specific Studies or Series rather than entire data stores. This launch better supports use cases such as pathologist case-level access, radiology study sharing with external partners, and controlled research data distribution. To learn more, see the AWS HealthImaging Developer Guide.
AWS HealthImaging is a HIPAA-eligible service that empowers healthcare providers, life sciences organizations, and their software partners to store, analyze, and share medical images. AWS HealthImaging is generally available in the following AWS Regions: US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), Europe (Ireland), and Europe (London). 
Quelle: aws.amazon.com

AWS Management Console now supports settings to control service and Region visibility

Today, AWS announces the general availability of Visible services and Visible Regions account settings in the AWS Management Console. These settings allow you to customize which services and regions appear in the Management Console for authorized users in your account, helping your users easily identify what is available to them and simplifying navigation. You can configure these settings in the AWS Management Console under Unified Settings in the Account Settings tab. You can also configure these setting programmatically via User Experience Customization (UXC) in AWS Command Line Interface (CLI), AWS Software Development Kits (SDKs), AWS Cloud Development Kit (CDK), or AWS CloudFormation. The Visible services and Visible Regions settings are available in AWS Commercial Regions at no additional cost. Visit the AWS User Experience Customization documentation page and API guide to learn more.
Quelle: aws.amazon.com