Cloud Computing Köln

AWS VPC Encryption Controls now available in AWS GovCloud (US) Regions

AWS launches VPC Encryption Controls in AWS GovCloud (US) Regions to make it easy to audit and enforce encryption in transit within and across Amazon Virtual Private Clouds (VPC), and demonstrate compliance with encryption standards. You can turn it on your existing VPCs to monitor encryption status of traffic flows and identify VPC resources that are unintentionally allowing plaintext traffic. This feature also makes it easy to enforce encryption across different network paths by automatically (and transparently) turning on hardware-based AES-256 encryption on traffic between multiple VPC resources including AWS Fargate, Network Load Balancers, and Application Load Balancers.
To meet stringent compliance standards like HIPAA, PCI DSS, FedRAMP, and FIPS 140-2, government customers rely on both application layer encryption and the hardware-based encryption that AWS offers across different network paths. AWS provides hardware-based AES-256 encryption transparently between modern EC2 Nitro instances. AWS also encrypts all network traffic between AWS data centers in and across Availability Zones, and AWS Regions before the traffic leaves our secure facilities. All inter-region traffic that uses VPC Peering, Transit Gateway Peering, or AWS Cloud WAN receives an additional layer of transparent encryption before leaving AWS data centers. Prior to this release, customers had to track and confirm encryption across all network paths. With VPC Encryption Controls, customers can now monitor, enforce and demonstrate encryption within and across Virtual Private Clouds (VPCs) in just a few clicks. Your information security team can turn it on centrally to maintain a secure and compliant environment, and generate audit logs for compliance and reporting.
With this launch, VPC Encryption Controls is now available in AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions. To learn more about this feature and its use cases, please see our documentation.
Quelle: aws.amazon.com

Amazon Managed Service for Apache Flink now supports Apache Flink 2.2

Amazon Managed Service for Apache Flink now supports Apache Flink version 2.2. This is a major upgrade that brings runtime improvements such as Java 17 support, RocksDB 8.10.0 for better I/O performance, and serialization enhancements. Additionally, Dataset API and Scala APIs are now deprecated. You can create a new application on Apache Flink 2.2 or use in-place version upgrades to adopt the Flink 2.2 runtime for a simpler and faster upgrade to compatible applications. Amazon Managed Service for Apache Flink makes it easier to transform and analyze streaming data in real time across various use cases, including real-time analytics, anomaly detection, and complex event processing. Amazon Managed Service for Apache Flink simplifies the setup, operation, and scaling of Apache Flink applications, allowing developers and data engineers to focus on building and running their streaming applications without managing the underlying infrastructure. Apache Flink 2.2 is available across AWS regions where Amazon Managed Service for Apache Flink is offered. You can learn more about Apache Flink 2.2 in Amazon Managed Service for Apache Flink in our documentation. 
Quelle: aws.amazon.com

AWS IAM Identity Center is now available in AWS European Sovereign Cloud (Germany) Region

You can now deploy AWS IAM Identity Center in the AWS European Sovereign Cloud (Germany) Region. The AWS European Sovereign Cloud is a new independent cloud for Europe entirely located within the European Union (EU), designed to help customers meet their evolving sovereignty requirements.
IAM Identity Center is the recommended service for managing workforce access to AWS applications. It enables you to connect your existing source of workforce identities once and to offer your users a single sign-on experience across the AWS European Sovereign Cloud. It powers the personalized experiences provided by AWS applications, and the ability to define and audit user-aware access to data in AWS services. It can also help you manage access to multiple AWS accounts from a central place. IAM Identity Center is available at no additional cost.
To learn more about IAM Identity Center, visit the product detail page. To get started, see the IAM Identity Center user guide.
Quelle: aws.amazon.com

Amazon OpenSearch Service introduces agentic AI for log analytics

Amazon OpenSearch Service now offers agentic AI capabilities that enable engineering and support teams to analyze log data through an agentic conversational interface. These agentic AI features help simplify log querying and accelerate incident investigations by allowing teams to interact with data using natural language, plan and initiate autonomous root cause analysis, and persist conversation as they navigate through their Observability workspace in OpenSearch UI. This launch introduces three key capabilities available at no additional cost (token-based usage limits apply). Agentic chat enables you to ask questions in natural language to analyze data, generate and iterate Piped Processing Language (PPL) queries in Discover, and analyze visualizations for insights. When deeper root cause analysis is needed, you can trigger the investigation agent to autonomously and iteratively plan for the investigation, execute queries, reflect on results, and then deliver structured root cause hypotheses ranked by likelihood with full transparency into its reasoning. With agent memory, you can seamlessly continue your conversation across different feature pages or in a new web session. You can use the agentic AI features in the following AWS Regions: Asia Pacific (Tokyo), Asia Pacific (Sydney), Europe (Frankfurt), Europe (Stockholm), Europe (Spain), Europe (Ireland), US East (N. Virginia), US East (Ohio), and US West (Oregon). To learn more, see Agentic AI in Amazon OpenSearch Service. For more information about Amazon OpenSearch Service, see the Amazon OpenSearch Service product page.
Quelle: aws.amazon.com

AWS launches Sustainability console for carbon emissions tracking

AWS launches the AWS Sustainability console, a free, standalone service that shows customers their environmental impact associated with their AWS usage. Expanding on the features from the Customer Carbon Footprint Tool (CCFT) in the AWS Billing console, this new service addresses a critical access barrier by enabling sustainability professionals to view carbon emissions data without requiring billing permissions. Organizations can now ensure the right teams have access to the environmental data. Like the CCFT, the AWS Sustainability console provides customers their estimated carbon emissions from using AWS, calculated using both market-based (MBM) and location-based (LBM) methods and available by AWS Region, service, and emissions scope (1, 2, 3). The console also delivers additional capabilities including improved customizable visualizations, the ability to set which month your fiscal year starts, customizable CSV reports, and API/SDK access for seamless integration of emissions data into existing reporting workflows.
The AWS Sustainability service is now available in the US East (N. Virginia) region and provides carbon emissions data for all AWS commercial regions. Access the service globally through the AWS Management Console.
Quelle: aws.amazon.com