Kategorie: Amazon AWS

Amazon FSx now integrates with AWS Secrets Manager for enhanced management of Active Directory credentials

Amazon FSx now integrates with AWS Secrets Manager, enabling enhanced protection and management of the Active Directory domain service account credentials for your FSx for Windows File Server file systems and FSx for NetApp ONTAP Storage Virtual Machines (SVMs). Previously, if you wanted to join your FSx for Windows file system or FSx for ONTAP SVM to your Active Directory domain for user authentication and access control, you needed to specify the username and password for your service account in the Amazon FSx Console, Amazon FSx API, AWS CLI, or AWS CloudFormation. With this launch, you can now specify an AWS Secrets Manager secret containing the service account credentials, enabling you to strengthen your security posture by eliminating the need to store plain text credentials in application code or configuration files, and aligning with best practices for credential management. Additionally, you can use AWS Secrets Manager to rotate your Active Directory credentials and consume them when needed in FSx workloads. You can now use AWS Secrets Manager to store your domain join service credentials for all FSx for Windows file systems and FSx for ONTAP Storage Virtual Machines in all AWS Regions where they are available. For more information, see Amazon FSx for Windows File Server documentation and Amazon FSx for NetApp ONTAP documentation.
Quelle: aws.amazon.com

Amazon CloudWatch Database Insights expands anomaly detection in on-demand analysis

Amazon CloudWatch Database Insights now detects anomalies on additional metrics through its on-demand analysis experience. Database Insights is a monitoring and diagnostics solution that helps database administrators and application developers optimize database performance by providing comprehensive visibility into database metrics, query performance, and resource utilization patterns. The on-demand analysis feature utilizes machine learning to help identify anomalies and performance bottlenecks during the selected time period, and gives advice on what to do next. The Database Insights on-demand analysis feature now offers enhanced anomaly detection capabilities. Previously, database administrators could analyze database performance and correlate metrics based on database load. Now, the on-demand analysis report also identifies anomalies in database-level and operating system-level counter metrics for the database instance, as well as per-SQL metrics for the top SQL statements contributing to database load. The feature automatically compares your selected time period against normal baseline performance, identifies anomalies, and provides specific remediation advice while reducing mean time to diagnosis. Through intuitive visualizations and clear explanations, you can quickly identify performance issues and receive step-by-step guidance for resolution. You can get started with on-demand analysis by enabling the Advanced mode of CloudWatch Database Insights on your Amazon Aurora or RDS databases using the AWS management console, AWS APIs, or AWS CloudFormation. Please refer to RDS documentation and Aurora documentation for information regarding the availability of Database Insights across different regions, engines, and instance classes.
Quelle: aws.amazon.com

Announcing New EC2 R8a Memory-Optimized Instances

AWS is announcing the general availability of new memory-optimized Amazon EC2 R8a instances. R8a instances, feature 5th Gen AMD EPYC processors (formerly code named Turin) with a maximum frequency of 4.5 GHz, deliver up to 30% higher performance, and up to 19% better price-performance compared to R7a instances. R8a instances deliver 45% more memory bandwidth compared to R7a instances, making these instances ideal for latency sensitive workloads. Compared to Amazon EC2 R7a instances, R8a instances provide up to 60% faster performance for GroovyJVM, allowing higher request throughput and better response times for business-critical applications. Built on the AWS Nitro System using sixth generation Nitro Cards, R8a instances are ideal for high performance, memory-intensive workloads, such as SQL and NoSQL databases, distributed web scale in-memory caches, in-memory databases, real-time big data analytics, and Electronic Design Automation (EDA) applications. R8a instances offer 12 sizes including 2 bare metal sizes. Amazon EC2 R8a instances are SAP-certified, and providing 38% more SAPS compared to R7a instances. R8a instances are available in the following AWS Regions: US East (N. Virginia), US East (Ohio), and US West (Oregon) regions. To get started, sign in to the AWS Management Console. Customers can purchase these instances via Savings Plans, On-Demand instances, and Spot instances. For more information visit the Amazon EC2 R8a instance page.
Quelle: aws.amazon.com

Amazon CloudWatch Application Signals adds AI-powered Synthetics debugging

Amazon CloudWatch Application Signals Model Context Protocol or MCP Server for Application Performance Monitoring (APM) now integrates CloudWatch Synthetics canary monitoring directly into its audit framework, enabling automated, AI-powered debugging of synthetic monitoring failures. DevOps teams and developers can now use natural language questions like ‘Why is my checkout canary failing?’ in compatible AI assistants such as Amazon Q, Claude, or other supported assistants to utilize the new AI-powered debugged capabilities and quickly distinguish between canary infrastructure issues and actual service problems, addressing the significant challenge of extensive manual analysis in maintaining reliable synthetic monitoring. The integration extends Application Signals’ existing multi-signal (services, operations, SLOs, golden signals) analysis capabilities to include comprehensive canary diagnostics. The new feature automatically correlates canary failures with service health metrics, traces, and dependencies through an intelligent audit pipeline. Starting from natural language prompts from users, the system performs multi-layered diagnostic analysis across six major areas: Network Issues, Authentication Failures, Performance Problems, Script Errors, Infrastructure Issues, and Service Dependencies. This analysis includes automated comparison of HTTP Archive or HAR files, CloudWatch logs analysis, S3 artifact examination, and configuration validation, significantly reducing the time needed to identify and resolve synthetic monitoring issues. Customers can then access these insights through natural language interactions with supported AI assistants. This feature is available in all commercial AWS regions where Amazon CloudWatch Synthetics is offered. Customers will need access to a compatible AI agent such as Amazon Q, Claude, or other supported AI assistants to utilize the AI-powered debugging capabilities. To learn more about implementing AI-based debugging for your synthetic monitoring, visit the CloudWatch Application Signals MCP Server documentation.
Quelle: aws.amazon.com

AWS Cloud WAN is now available in three more AWS Regions

Starting today, AWS Cloud WAN is available in the AWS Asia Pacific (Thailand), AWS Asia Pacific (Taipei) and AWS Asia Pacific (New Zealand) Regions. With AWS Cloud WAN, you can use a central dashboard and network policies to create a global network that spans multiple locations and networks, removing the need to configure and manage different networks using different technologies. You can use network policies to specify the Amazon Virtual Private Clouds, AWS Transit Gateways, and on-premises locations you want to connect to using an AWS Site-to-Site VPN, AWS Direct Connect, or third-party software-defined WAN (SD-WAN) products. The AWS Cloud WAN central dashboard generates a comprehensive view of the network to help you monitor network health, security, and performance. In addition, AWS Cloud WAN automatically creates a global network across AWS Regions by using Border Gateway Protocol (BGP) so that you can easily exchange routes worldwide. To learn more, please visit the AWS Cloud WAN product detail page.
Quelle: aws.amazon.com

Amazon OpenSearch Serverless now supports FIPS compliant endpoints

Amazon OpenSearch Serverless has added support for Federal Information Processing Standards (FIPS) compliant endpoints for Data Plane APIs in US East (N. Virginia), US East (Ohio), Canada (Central), AWS GovCloud (US-East), and AWS GovCloud (US-West). The service now meets the security requirements for cryptographic modules as outlined in Federal Information Processing Standard (FIPS) 140-3. Please refer to the AWS Regional Services List for more information about Amazon OpenSearch Service availability. To learn more about OpenSearch Serverless FIPS, see the documentation. 
Quelle: aws.amazon.com

AWS Config conformance packs now available in additional AWS Regions

AWS Config conformance packs and organization-level management capabilities for conformance packs are now available in additional AWS Regions. Conformance packs allow you to bundle AWS Config rules into a single package, simplifying deployment at scale. You can deploy and manage these conformance packs throughout your AWS environment. Conformance packs provide a general-purpose compliance framework designed to enable you to create security, operational, or cost-optimization governance checks using managed or custom AWS Config rules. This allows you to monitor compliance scores based on your own groupings. With this launch, you can also manage the AWS Config conformance packs and individual AWS Config rules at the organization level which simplifies the compliance management across your AWS Organization. With this expansion, AWS Config Conformance Packs are now also available in the following AWS Regions: Asia Pacific (Malaysia), Asia Pacific (New Zealand), Asia Pacific (Thailand), Asia Pacific (Taipei) and Mexico (Central). To get started, you can either use the provided sample conformance pack templates or craft a custom YAML file from scratch based on a custom conformance pack. Conformance pack deployment can be done through the AWS Config console, AWS CLI, or via AWS CloudFormation. You will be charged per conformance pack evaluation in your AWS account per AWS Region. Visit the AWS Config pricing page for more details. To learn more about AWS Config conformance packs, see our documentation.
Quelle: aws.amazon.com

Amazon Bedrock AgentCore Runtime now supports direct code deployment

Amazon Bedrock AgentCore Runtime now supports two deployment methods for AI agents: container-based deployment and direct code upload. Developers can now choose between direct code-zip file upload for rapid prototyping and iteration, or leverage advanced container-based options for complex use cases requiring custom configurations. AgentCore Runtime provides a serverless, framework and model agnostic runtime for running agents and tools at scale. This deployment option streamlines the prototyping workflow while maintaining enterprise security and scaling capabilities for production deployments. Developers can now deploy agents using direct code-zip upload with easy drag-and-drop functionality. This enables faster iteration cycles, empowering developers to prototype quickly and focus on building innovative agent capabilities. This feature is available in all nine AWS Regions where Amazon Bedrock AgentCore Runtime is available: US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Ireland). To learn more about AgentCore Runtime deployment options, see the AgentCore documentation and get started with the AgentCore Starter Toolkit. AgentCore offers consumption-based pricing with no upfront costs.
Quelle: aws.amazon.com

Amazon RDS for Oracle is now available with R7i memory-optimized instances offering up to 64:1 memory-to-vCPU ratio

Amazon Relational Database Service (RDS) for Oracle is now available with R7i memory-optimized preconfigured instances that offer additional memory and storage I/O per vCPU. Powered by custom 4th Gen Intel Xeon Scalable processors with AWS Nitro System and DDR5 memory for high performance, these instances provide up to 64:1 memory-to-vCPU ratio. Many Oracle database workloads require high memory, but can safely reduce the number of vCPUs without impacting application performance. By running such Oracle database workloads on R7i pre-configured instances, customers can lower their Oracle database licensing and support costs while meeting high performance application requirements. Memory optimized R7i pre-configured instances are available for Amazon RDS for Oracle with Bring Your Own License (BYOL) license model supporting both Oracle Database Enterprise Edition and Oracle Database Standard Edition 2. To learn more about Amazon RDS for Oracle R7i memory-optimized preconfigured instances, read RDS for Oracle User Guide and visit Amazon RDS for Oracle Pricing for available instance configurations, pricing details, and region availability.
Quelle: aws.amazon.com

AWS Service Reference Information now supports SDK Operation to Action mapping

AWS is expanding service reference information to include which operations are supported by AWS services and which IAM permissions are needed to call a given operation. This will help you answer questions such as “I want to call a specific AWS service operation, which IAM permissions do I need?” You can automate the retrieval of service reference information, eliminating manual effort and ensuring your policies align with the latest service updates. You can also incorporate this service reference information directly into your policy management tools and processes for a seamless integration. This feature is offered at no additional cost. To get started, refer to the documentation on programmatic service reference information.
Quelle: aws.amazon.com