Kategorie: Amazon AWS

AWS Marketplace now supports multiple purchases of SaaS and Professional Services products

AWS Marketplace now supports Concurrent Agreements for SaaS and Professional Services products, enabling buyers to make multiple purchases for the same product within a single AWS account. Previously, buyers could only maintain one active agreement per product per AWS account, requiring sellers to use workarounds to support expansion deals. Concurrent Agreements removes this constraint, allowing different business units to procure independently with their own negotiated terms and pricing.
Both buyers and sellers benefit from the flexibility Concurrent Agreements provides. Buyers can accept multiple offers for the same product without disrupting existing agreements, supporting multi-team procurement within centralized AWS accounts, mid-term expansions, and repeat purchases. Sellers can close multi-business unit deals that couldn’t happen before, transact expansions immediately instead of waiting for renewal cycles, and eliminate the operational overhead of managing workarounds. 
Concurrent Agreements is enabled by default for all Professional Services listings starting today, with no seller action required. For SaaS listings, sellers must update their AWS Marketplace integration to handle multiple active subscriptions, including updating subscription notifications to use EventBridge and updating entitlement and metering APIs. Starting June 1, 2026, support for Concurrent Agreements will be required for new SaaS products. Sellers who have completed the integration work can opt in to enable Concurrent Agreements for their SaaS products now. 
This capability is available in all AWS Regions where AWS Marketplace is supported. Concurrent Agreements purchasing is available on SaaS products where sellers have completed the integration, and is enabled by default for all Professional Services listings. To learn more about enabling Concurrent Agreements as a seller of SaaS products, review the Concurrent Agreements integration lab.
Quelle: aws.amazon.com

Amazon ECS Managed Instances now integrates with Amazon EC2 Capacity Reservations

Amazon Elastic Container Service (Amazon ECS) Managed Instances now integrates with Amazon EC2 Capacity Reservations, enabling you to leverage your reserved capacity for predictable workload availability, while ECS handles all infrastructure management. This integration helps you balance reliable capacity scaling with cost efficiency, helping achieve high availability for mission‑critical workloads. Amazon ECS Managed Instances is a fully managed compute option designed to eliminate infrastructure management overhead, dynamically scale EC2 instances to match your workload requirements, and continuously optimize task placement to reduce infrastructure costs. With today’s launch, you can configure your ECS Managed Instances capacity providers to use capacity reservations by setting the capacityOptionType parameter to reserved, in addition to the existing spot and on-demand options. You can also specify reservation preferences to optimize cost and availability: use reservations-only to launch EC2 instances exclusively in reserved capacity for maximum predictability, reservations-first to prefer reservations while maintaining flexibility to fall back to on-demand capacity when needed, or reservations-excluded to prevent your capacity provider from using reservations altogether. To get started, you can use the AWS Management Console, AWS CLI, AWS CloudFormation, or AWS SDKs to configure your ECS Managed Instances capacity provider by choosing capacityOptionType=reserved and providing a capacity reservation group and reservation strategy. This feature is now available in all AWS Regions. For more details, refer to the documentation.
Quelle: aws.amazon.com

AWS Lambda Durable Execution SDK for Java now available in Developer Preview

Today, AWS announces the developer preview of the AWS Lambda Durable Execution SDK for Java. With this SDK, developers can build resilient multi-step applications like order processing pipelines, AI-assisted workflows, and human-in-the-loop approvals using Lambda durable functions, without implementing custom progress tracking or integrating external orchestration services.
Lambda durable functions extend Lambda’s event-driven programming model with operations that checkpoint progress automatically and pause execution for up to a year when waiting on external events. The new Durable Execution SDK for Java provides an idiomatic experience for building with durable functions and is compatible with Java 17+. This preview includes steps for progress tracking, waits for efficient suspension, and durable futures for callback-based workflows.
To get started, see the Lambda durable functions developer guide and the AWS Lambda Durable Execution SDK for Java on GitHub. To learn more about Lambda durable functions, visit the product page.
On-demand functions are not billed for duration while paused. For pricing details, see AWS Lambda Pricing. For information about AWS Regions where Lambda durable functions are available, see the AWS Regional Services List.
Quelle: aws.amazon.com

Amazon Cognito enhances client secret management with secret rotation and custom secrets

Amazon Cognito enhances client secret lifecycle management for app clients of Cognito user pools by adding client secret rotation and support for custom client secrets. Cognito helps you implement secure sign-in and access control for users, AI agents, and microservices in minutes, and a Cognito app client is a configuration that interacts with one mobile or web application that authenticates with Cognito. Previously, Cognito automatically generated all app client secrets. With this launch, in addition to the automatically generated secrets, you have the option to bring your own custom client secrets for new or existing app clients. Additionally, you can now rotate client secrets on-demand and maintain up to two active client secrets per app client.
The new client secret lifecycle management capabilities address needs for organizations with periodic credential rotation requirements, companies improving security posture, and enterprises migrating from other authentication systems to Cognito. Maintaining two active secrets per app client allows gradual transition to the new secret without application downtime.
Client secret rotation and custom client secrets are available in all AWS Regions where Amazon Cognito user pools are available. To learn more, see the Amazon Cognito Developer Guide. You can get started using the new capabilities through the AWS Management Console, AWS Command Line Interface (CLI), AWS Software Development Kits (SDKs), or AWS CloudFormation.
Quelle: aws.amazon.com

AWS Security Hub launches Extended plan for pay-as-you-go partner solutions

Today, we’re announcing the general availability of AWS Security Hub Extended, a new plan that extends unified security operations across your enterprise through a single-vendor experience. This plan helps address the complexity of managing multiple vendor relationships and lengthy procurement cycles by bringing together the best of AWS detection services and curated partner security solutions. The Security Hub Extended plan delivers three critical advantages. First, it helps streamline procurement by consolidating solution usage into one bill—thereby reducing procurement complexity while preserving direct access to each provider’s domain expertise. AWS Enterprise Support Customers also benefit from unified Level 1 support from AWS. Second, it enables you to establish more comprehensive protection by bringing together the best of AWS detection services with curated partner solutions across endpoint, identity, email, network, data, browser, cloud, AI, and security operations. Third, it helps enhance operational efficiency by streamlining security findings in a standard format, providing centralized visibility across your security environment while reducing the burden of manual integration work. You can access and review partner solutions across security categories through the Security Hub console, selecting only the solutions you need with flexible pay-as-you-go or flat-rate pricing—no upfront investments or long-term commitments required. With AWS as the seller of record, the Extended plan may be eligible for AWS Private Pricing opportunities. This gives you the flexibility to add or remove security categories as your business needs evolve, while enabling you to streamline vendor contract negotiations and consolidate billing. For a list of AWS commercial Regions where Security Hub is available, see the AWS Region table. For more information about pricing, visit the AWS Security Hub pricing page. To get started, visit the AWS Security Hub console or product page.
Quelle: aws.amazon.com

Amazon Aurora DSQL launches Playground for interactive database exploration

Today, AWS announces Amazon Aurora DSQL Playground, a browser-based interactive environment that enables developers to explore and experiment with Aurora DSQL without requiring an AWS account. Developers can write and execute SQL queries, test schema designs, and experience Aurora DSQL’s PostgreSQL-compatible distributed SQL capabilities directly in their browser with no setup or configuration required. Aurora DSQL Playground provides an instant sandbox environment with temporary clusters where developers can learn Aurora DSQL concepts, prototype application schemas, and validate query patterns before deploying to production. The playground includes sample datasets that enable developers to get started faster, understand how Aurora DSQL handles common database operations, and explore best practices for designing schemas optimized for distributed workloads. To get started, visit the Aurora DSQL Playground. For production workloads, get started with Aurora DSQL for free with the AWS Free Tier. To learn more about Amazon Aurora DSQL, visit the webpage.
Quelle: aws.amazon.com

Aurora DSQL launches new support for Tortoise, Flyway, and Prisma

Today we are announcing the release of Aurora DSQL integrations for popular ORM and database migration tools: an adapter for Tortoise (Python ORM), a dialect for Flyway (schema management tool), and CLI tools for Prisma (Node.js ORM). These integrations help developers use their preferred frameworks with Aurora DSQL while automatically handling IAM authentication and Aurora DSQL-specific compatibility requirements. The Aurora DSQL Adapter for Tortoise enables Python developers to build applications using Tortoise without writing custom authentication code. The adapter supports both asyncpg and psycopg drivers, integrates with the Aurora DSQL Connector for Python for automatic IAM token generation, and includes compatibility patches for rich migrations. The Flyway dialect adapts Flyway for Aurora DSQL’s distributed architecture by automatically handling Aurora DSQL-specific behaviors such as IAM-based authentication. The Prisma CLI tools help Node.js developers validate their Prisma schemas for Aurora DSQL compatibility and generate Aurora DSQL-compatible migrations, streamlining the path from development to production. To get started, visit the GitHub repositories for Tortoise ORM, Flyway, and Prisma. Get started with Aurora DSQL for free with the AWS Free Tier. To learn more about Aurora DSQL, visit the webpage.
Quelle: aws.amazon.com

Aurora DSQL launches new integrations for Visual Studio Code SQLTools and DBeaver

Today we are announcing the release of the Aurora DSQL Driver for SQLTools and the Aurora DSQL Plugin for DBeaver Community Edition. These integrations allow customers to leverage popular database tools to run queries against Aurora DSQL clusters, explore database schemas, and manage their data. Both integrations simplify database connectivity by automatically handling IAM authentication and transparently managing access tokens, eliminating the need to write token generation code or manually supply IAM tokens. The SQLTools driver integrates Aurora DSQL with Visual Studio Code and is also available on Open VSX Registry for use with VS Code-compatible editors such as Cursor and Kiro. The DBeaver plugin is built on top of the Aurora DSQL Connector for JDBC. Both integrations eliminate security risks associated with traditional user-generated passwords by using AWS IAM credentials for secure, password-free authentication. To get started, visit the Aurora DSQL documentation page for VSCode and DBeaver. Get started with Aurora DSQL for free with the AWS Free Tier. To learn more about Aurora DSQL, visit the webpage.
Quelle: aws.amazon.com

AWS Security Agent adds support for penetration tests on shared VPCs across AWS accounts

AWS Security Agent now enables customers to run penetration tests against Virtual Private Cloud (VPC) resources shared from other AWS accounts within the same organization. This new capability allows security teams to perform comprehensive security assessments across their multi-account environments using AWS Security Agent. By leveraging AWS Resource Access Manager (RAM), customers can securely share VPC resources from sub-accounts to a central AWS account where penetration testing is conducted. This feature addresses the challenge of testing distributed architectures spanning multiple AWS accounts. Security professionals can now create an Agent Space in a central account and use RAM to access VPC resources from connected sub-accounts for testing. This streamlines security assessments for organizations with complex multi-account setups. The ability to comprehensively test shared VPC resources enhances an organization’s overall security posture. To get started, ensure your accounts are part of the same AWS Organization and configure resource sharing using RAM. Then launch AWS Security Agent in your central account to begin penetration testing across the shared VPC resources. For more information on AWS Security Agent and its penetration testing capabilities, visit the AWS Security Agent documentation. 
Quelle: aws.amazon.com

AWS Outposts racks now support additional Amazon CloudWatch metrics in AWS GovCloud (US) Regions

AWS Outposts racks now support VifConnectionStatus and VifBgpSessionState Amazon CloudWatch metrics in AWS GovCloud (US) Regions. These metrics provide visibility into the connectivity status of your Outposts racks’ Local Gateway (LGW) and Service Link Virtual Interfaces (VIFs) with your on-premises devices. These metrics provide you with the ability to monitor Outposts VIF connectivity status directly within the CloudWatch console, without having to rely on external networking tools or coordination with other teams. You can use these metrics to set alarms, troubleshoot connectivity issues, and ensure your Outposts racks are properly integrated with your on-premises infrastructure. The VifConnectionStatus metric indicates whether an Outposts VIF is successfully connected, configured, and ready to forward traffic. A value of “1” means that the VIF is operational, while “0” means that it is not ready. The VifBgpSessionState metric shows the current state of the BGP session between the Outposts VIF and the on-premises device, with values ranging from 1 (IDLE) to 6 (ESTABLISHED). The VifConnectionStatus and VifBgpSessionState metrics are now available for all Outposts VIFs in AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions where Outposts racks are available. To get started, read this blog post and access the metrics in the CloudWatch console. To learn more, check out the CloudWatch metrics for Outposts documentation for first-generation Outposts racks.
Quelle: aws.amazon.com