Cloud Computing Köln

AWS Direct Connect announces 100G expansion in Auckland, New Zealand

Today, AWS announced the expansion of 100 Gbps dedicated connections at the existing AWS Direct Connect location in the Datacom Orbit DH6 data center near Auckland, New Zealand. You can now establish private, direct network access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones from this location. This is the second AWS Direct Connect location in New Zealand to provide 100 Gbps connections with MACsec encryption capabilities.
The Direct Connect service enables you to establish a private, physical network connection between AWS and your data center, office, or colocation environment. These private connections can provide a more consistent network experience than those made over the public internet.
For more information on the over 150 Direct Connect locations worldwide, visit the locations section of the Direct Connect product detail pages. Or, visit our getting started page to learn more about how to purchase and deploy Direct Connect.
Quelle: aws.amazon.com

Amazon CloudWatch expands auto-enablement to Amazon CloudFront logs and 3 additional resource types

Amazon CloudWatch now supports automatic enablement of Amazon CloudFront Standard access logs, AWS Security Hub CSPM finding logs, and Amazon Bedrock AgentCore memory and gateway logs and traces to CloudWatch Logs. Customers can set up enablement rules that automatically configure telemetry for both existing and newly created resources, ensuring consistent monitoring coverage without manual setup.
Enablement rules can be scoped to the organization, specific accounts, or specific resources based on resource tags to standardize telemetry collection. For example, a central security team can create a single rule to automatically send CloudFront access logs and Security Hub findings for all resources across their organization to CloudWatch Logs.
CloudWatch’s auto-enablement capability is available in all AWS commercial regions. Log ingestion will be billed according to CloudWatch Pricing.
Amazon CloudFront access logs and AWS Security Hub CSPM findings support organization-wide enablement rules. Bedrock AgentCore memory and gateway telemetry support account-level enablement rules. To learn more about enablement rules in Amazon CloudWatch, visit the Amazon CloudWatch documentation.
Quelle: aws.amazon.com

Amazon SageMaker Data Agent now supports geo-specific inference for Japan and Australia

Amazon SageMaker Data Agent now supports cross-region inference profiles for Japan and Australia through Amazon Bedrock. With this update, inference requests from Data Agent in the Asia Pacific (Tokyo) and Asia Pacific (Sydney) regions are processed within their respective geographies, supporting data sovereignty requirements for customers in Japan and Australia.
Data Agent provides an AI-powered conversational experience for data exploration, Python and SQL code generation, troubleshooting, and analytics directly within Amazon SageMaker Unified Studio Notebook and Query Editor. With geo-specific inference through JP-CRIS (Japan Cross-Region Inference) and AU-CRIS (Australia Cross-Region Inference), you can use Data Agent with confidence that your inference requests are routed exclusively within your geography over the AWS Global Network. Customers in regulated industries such as financial services, healthcare, and the public sector can meet data residency requirements while using the full set of Data Agent capabilities.
To get started, open a project in SageMaker Unified Studio in a supported region and use Data Agent in notebooks or Query Editor. For more information, see SageMaker Data Agent in the Amazon SageMaker Unified Studio User Guide.
Quelle: aws.amazon.com

Amazon ECS announces Managed Daemons for ECS Managed Instances

Amazon ECS announces Managed Daemons for ECS Managed Instances, enabling organizations to centrally deploy and manage software agents such as security, observability, and networking across their container infrastructure independent of application deployments. By decoupling daemon lifecycle management from application operations, Managed Daemons helps guarantee reliable agent coverage across all workloads, simplifies deployments and version updates, and improves resource utilization by running a single daemon task per managed instance. With Managed Daemons, you can create a daemon for one or more Managed Instances capacity providers in your cluster. ECS places exactly one daemon task per managed instance and guarantees that daemons are running before any application tasks are placed, so cross-cutting functions such as logging, tracing, and metrics collection are always available. ECS orchestrates daemons as independent processes bound to the instance lifecycle rather than individual application tasks, allowing platform administrators to manage them independently from application teams. When you update daemon versions, ECS drains existing instances and provisions new instances with the updated daemon, automatically replacing service tasks with circuit breaker protection and rollback capabilities for reliable coverage across all your workloads. To get started, you can use AWS Console, CLI, CloudFormation, or AWS SDKs to register a daemon task definition specifying your container image, then create a daemon with associated capacity providers in your clusters. This feature is now available in all AWS Regions. For more details, refer to our documentation and launch blog post. There is no additional cost – you pay only for the standard compute resources consumed by your daemon tasks. 
Quelle: aws.amazon.com

Amazon SES Mail Manager adds new features for enhanced security and email processing

Amazon Simple Email Service (SES) Mail Manager now offers enhancements to email security and processing while simplifying email infrastructure migrations. These enhancements include optional TLS and certificate-based authentication (mTLS) support in Ingress Endpoint, and two new rule actions: Invoke Lambda function and Bounce. These enhancements benefit organizations seeking to maintain compatibility with legacy systems while implementing stronger security controls, and advanced email routing capabilities. For example customers can now configure STARTTLS as an optional TLS configuration, enabling legacy systems that don’t support STARTTLS to connect to Mail Manager. With Mutual TLS (mTLS) in Ingress Endpoint customers can now used certificate-based authentication for enhanced security. The Invoke Lambda function rule action allows direct invocation of AWS Lambda functions from rule sets, enabling custom email processing workflows and the Bounce rule action provides RFC-compliant SMTP responses to sending servers.
These new enhancements are available today in all AWS Regions where Amazon SES Mail Manager is offered, except for the Middle East (UAE) and Middle East (Bahrain) regions. To learn more about Amazon SES Mail Manager and how these features can help streamline your email operations, visit https://aws.amazon.com/ses/.
Quelle: aws.amazon.com