AWS

AWS WAF now supports matching incoming request against Autonomous System Numbers (ASNs). By monitoring and restricting traffic from specific ASNs, you can mitigate risks associated with malicious actors, comply with regulatory requirements, and optimize the performance and availability of your web applications. This new ASN Match Statement integrates seamlessly with existing WAF rules, making it easy for you to incorporate ASN based security controls into your overall web application defense strategy.

You can specify a list of ASNs to match against incoming request and take appropriate action such as block or allow the request. You can also use ASN in your rate-based rule statements. These rules aggregate requests according to your criteria, counts and rate limits the requests based on the rule’s evaluation window, request limit, and action settings.

ASN Match statement is available in all regions where AWS WAF is available. The rate-based rule support with ASN is available in regions where the enhanced rate-based rules are currently supported. There is no additional cost for using ASN in Match statement and rate-based rules, however standard AWS WAF charges still apply. For more information about the service, visit the AWS WAF page. For more information about pricing, visit the AWS WAF Pricing page

Read More for the details.

Today, AWS announces the general availability of the Invoice Summary API. This allows you to retrieve your AWS invoice summary details programmatically via SDK. You can retrieve multiple invoice summary details by making a single API call that accepts input parameters like AWS Account ID, AWS Invoice ID, billing period, or a date range as input.

The output of the Invoice Summary API will include data elements like Invoice Amount in base currency and tax currency, purchase order number and other meta data that can be found in this link. You can integrate the API to your accounts payable systems to automate invoice processing and improve efficiency. 

Invoice Summary API is available in all AWS Regions, except the AWS GovCloud (US) Regions and the China Regions.

Read More for the details.

Today, Amazon Q Developer announces support for the agentic coding experience within the JetBrains and Visual Studio IDEs. This experience, already available in Visual Studio Code and the Amazon Q Developer CLI, redefines how you write, modify, and maintain code by leveraging natural language understanding to seamlessly run complex workflows.

Agentic coding provides intelligent task execution, enabling Q Developer to perform actions beyond code suggestions, such as reading files, generating code diffs, and running command-line tasks. To get started, simply type in your prompt in your preferred spoken language. As Q Developer works through your tasks, it provides continuous status updates, instantly applying your changes and feedback along the way. This allows you to seamlessly complete tasks, while improving and streamlining the development process.

The agentic coding experience is available in all AWS regions where Q Developer is supported. To learn more about agentic coding in Visual Studio and JetBrains, read our blog.
 

Read More for the details.

Amazon EC2 now enables you to automatically delete underlying Amazon EBS snapshots when deregistering Amazon Machine Images (AMIs), allowing you to better manage your storage costs and simplify your AMI cleanup workflow.

Previously, when deregistering an AMI, you had to separately delete its associated EBS snapshots, which required additional steps. This process could lead to abandoned snapshots, resulting in unnecessary storage costs and resource management overhead. Now you can automatically delete EBS snapshots at the time of AMI deregistration.

This capability is available to all customers at no additional costs, and is enabled in all AWS commercial regions including AWS GovCloud (US), AWS China (Beijing) Region, operated by Sinnet, and in the AWS China (Ningxia) Region, operated by NWCD.

You can deregister AMIs from the EC2 Console, CLI, API, or SDK, and learn more in the AMI documentation.

Read More for the details.

Amazon Relational Database Service (Amazon RDS) for MariaDB now supports new community MariaDB minor versions 10.11.13 and 11.4.7. We recommend that you upgrade to the latest minor versions to fix known security vulnerabilities in prior versions of MariaDB, and to benefit from the bug fixes, performance improvements, and new functionality added by the MariaDB community.

You can leverage automatic minor version upgrades to automatically upgrade your databases to more recent minor versions during scheduled maintenance windows. You can also leverage Amazon RDS Managed Blue/Green deployments for safer, simpler, and faster updates to your MariaDB instances. Learn more about upgrading your database instances, including automatic minor version upgrades and Blue/Green Deployments, in the Amazon RDS User Guide.

Amazon RDS for MariaDB makes it straightforward to set up, operate, and scale MariaDB deployments in the cloud. Learn more about pricing details and regional availability at Amazon RDS for MariaDB. Create or update a fully managed Amazon RDS database in the Amazon RDS Management Console.

Read More for the details.

Amazon Managed Service for Prometheus is now available in Africa (Cape Town), Asia Pacific (Thailand), Asia Pacific (Hong Kong), Asia Pacific (Malaysia), Europe (Milan), Europe (Zurich), and Middle East (UAE). Amazon Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring service that makes it easy to monitor and alarm on operational metrics at scale.

The list of all supported regions where Amazon Managed Service for Prometheus is generally available can be found on the user guide. Customers can send up to 1 billion active metrics to a single workspace and can create many workspaces per account, where a workspace is a logical space dedicated to the storage and querying of Prometheus metrics.

To learn more about Amazon Managed Service for Prometheus collector, visit the user guide or product page.
 

Read More for the details.

Amazon CloudWatch Logs Insights launches Query Results Summarization and OpenSearch PPL enhancements to help accelerate your logs analysis.

The new logs summarizer generates a natural language summary of the query results, providing users with clear, actionable insights. Interpreting log entries can be time-consuming and this natural language summarization capability transforms complex query results into clear, concise summaries that help you quickly identify issues and gain actionable insights from your log data.

With CloudWatch Logs Insights, you can interactively search and analyze your logs with Logs Insights query language, OpenSearch Service Piped Processing Language (PPL), and OpenSearch Service Structured Query Language (SQL). Customers using OpenSearch PPL can now analyze their logs more efficiently with new PPL commands and functions such as JOIN, SubQuery, Fillnull, Expand, Flatten, Cidrmatch and JSON functions. These new capabilities help accelerate your troubleshooting. For example, you can use subqueries to find those services which have more than 20 errors in the last day using an inner query, and then use the results of the inner query to get the average response times of those services from a different log group.

The logs summarizer is available in the US East (N. Virginia) region. OpenSearch PPL query enhancements are available in regions where OpenSearch Service direct query is available.

To learn about the log summarizer in CloudWatch Logs Insights, visit the Amazon CloudWatch Logs documentation. To learn about the new PPL commands and functions, visit the CloudWatch Logs documentation.

Read More for the details.

AWS Wickr announces the launch of Wickr File Previews. This new feature empowers organizations to protect sensitive files and lower the risk of data loss, by allowing network administrators to configure a “view-only” mode in the Security Groups section of the AWS Management Console for Wickr. Users within these security groups will be restricted to only viewing the supported files, and will be unable to download them.

AWS Wickr is a security-first messaging and collaboration service with features designed to help keep your communications secure, private, and compliant. AWS Wickr protects one-to-one and group messaging, voice and video calling, file sharing, screen sharing, and location sharing with end-to-end encryption. Customers have full administrative control over data, which includes addressing information governance polices, configuring ephemeral messaging options, and deleting credentials for lost or stolen devices. You can log internal and external conversations in an AWS Wickr network to a private data store that you manage for data retention and auditing purposes.

AWS Wickr is available in commercial AWS Regions that include US East (N. Virginia), AWS Canada (Central), AWS Asia Pacific (Malaysia, Singapore, Sydney, and Tokyo), and AWS Europe (London, Frankfurt, Stockholm, and Zurich). It is also available in AWS GovCloud (US-West) as FedRAMP High and Department of Defense Impact Level 5 (DoD IL5)-authorized AWS WickrGov.

To learn more and get started, see the following resources:

• AWS Wickr product detail page
• AWS Wickr user guide
• AWS Wickr administration guide

Read More for the details.

Today, AWS HealthOmics announces automatic parameter interpolation for Workflow Description Language (WDL) workflows to help streamline the workflow creation process. This new capability automatically identifies and extracts required and optional parameters along with their descriptions directly from WDL workflow definitions, eliminating the need for customers to manually create input parameter templates. AWS HealthOmics is a HIPAA-eligible service that helps healthcare and life sciences customers accelerate scientific breakthroughs with fully managed biological data stores and workflows.

Removing the need to define parameters simplifies and accelerates building and deploying bioinformatics workflows. Customers can now onboard new WDL workflows more rapidly while retaining complete flexibility through optional customization. For organizations with extensive WDL workflow libraries, this feature significantly reduces the time required to migrate or deploy new workflows. Additionally, HealthOmics customers still maintain full control by providing custom input parameter templates when needed to override the automatic interpolation.

Input parameter interpolation for WDL workflows is now supported in all regions where AWS HealthOmics is available: US East (N. Virginia), US West (Oregon), Europe (Frankfurt, Ireland, London), Asia Pacific (Singapore), and Israel (Tel Aviv).

To learn more about automatic parameter interpolation and how to implement WDL workflows, see the AWS HealthOmics documentation.
 

Read More for the details.

We are excited to announce that Amazon OpenSearch Serverless is now available in Asia Pacific (Hyderabad) and Asia Pacific (Osaka) regions. OpenSearch Serverless is a serverless deployment option for Amazon OpenSearch Service that makes it simple to run search and analytics workloads without the complexities of infrastructure management. OpenSearch Serverless’ compute capacity used for data ingestion, search, and query is measured in OpenSearch Compute Units (OCUs). To control costs, customers can configure the maximum number of OCUs per account.

Please refer to the AWS Regional Services List for more information about Amazon OpenSearch Service availability. To learn more about OpenSearch Serverless, see the documentation.

Read More for the details.

Amazon Connect external voice transfer is now available in the Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), and Europe (London) AWS Regions.

Amazon Connect external voice transfer enables Amazon Connect to directly transfer voice calls and metadata to other voice systems without using the public telephone network. You can use Amazon Connect telephony and Interactive Voice Response (IVR) with your existing voice systems to help improve customer experience and reduce costs.

For the list of AWS Regions where Amazon Connect external voice transfer is available, refer to Availability of Amazon Connect features by Region in the Amazon Connect Administrator Guide.

To learn more about Amazon Connect and other voice systems, review the following resources:

• Amazon Connect website and pricing
• External voice transfer – Amazon Connect Administrator Guide

Read More for the details.

AWS announces two updates to Amazon EC2 instances accelerated by NVIDIA GPUs.

Availability of savings plans for Amazon EC2 P6-B200 instances which were available at launch only through EC2 Capacity Blocks for ML.

Reduced pricing for Amazon EC2 P5 and P5en instances and Amazon EC2 P4d and P4de instances: The following pricing reductions apply to On Demand pricing beginning June 1, 2025 and to Savings Plan purchases effective after June 4, 2025: P5 – up to 45% reduction, P5en – up to 26% reduction, and P4d and P4de – up to 33% reduction. The percentages apply to instances running Amazon Linux, slightly smaller reductions apply to instances running other operating systems. To provide increased accessibility to reduced pricing, we are also making at-scale, On-Demand capacity available for:

• P4d in Asia Pacific (Seoul), Asia Pacific (Sydney), Canada (Central), Europe (London) Regions
• P4de in US East (N. Virginia) Region
• P5 in Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Jakarta), South America (São Paulo) Regions
• P5en in Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Jakarta) Regions

The new pricing reflects AWS’s commitment to making advanced GPU computing more accessible while passing cost savings directly to customers. To learn more about the updated pricing please consult the EC2 pricing page.

Read More for the details.

Amazon Q Developer plugin for the Eclipse IDE is now generally available. With this launch, developers can leverage the power of Amazon Q Developer, the most capable generative AI-powered assistant for software development, within the Eclipse IDE.

Within the Eclipse IDE, you’ll now be able to utilize Amazon Q Developer’s agentic coding experience to seamlessly execute complex workflows. With this coding experience, Q Developer can intelligently take actions on your behalf. It can read your project files to intelligently build the context it needs, suggest code diffs, and run shell commands. As Q Developer works through your tasks, it provides continuous status updates, instantly applying your changes and feedback along the way. This helps Q Developer create code, generate unit tests, and perform code reviews significantly faster, streamlining development workflows across the entire software development lifecycle.

The Amazon Q Developer plugin for the Eclipse IDE is available in all AWS regions where Q Developer is supported. Learn more and download the free Amazon Q Developer plugin for Eclipse to get started.

Read More for the details.

Amazon Managed Workflows for Apache Airflow (MWAA) is now available in AWS Region Asia Pacific (Malaysia).

Amazon MWAA is a managed service for Apache Airflow that lets you use the same familiar Apache Airflow platform as you do today to orchestrate your workflows and enjoy improved scalability, availability, and security without the operational burden of having to manage the underlying infrastructure. Learn more about using Amazon MWAA on the product page.
Please visit the AWS region table for more information on AWS regions and services. To learn more about Amazon MWAA visit the Amazon MWAA documentation.

Apache, Apache Airflow, and Airflow are either registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries.
 

Read More for the details.

Today, AWS announced the opening of a new AWS Direct Connect location within the Chief Telecom HD data center near Taipei, ROC. By connecting your network to AWS at the new location, you gain private, direct access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones. This site is the third AWS Direct Connect location within ROC. This Direct Connect location offers dedicated 10 Gbps and 100 Gbps connections with MACsec encryption available.

AWS also announced the addition of 10Gbps and 100Gbps MACsec services in the existing Chunghwa Telecom data center near Taipei, ROC.

The Direct Connect service enables you to establish a private, physical network connection between AWS and your data center, office, or colocation environment. These private connections can provide a more consistent network experience than those made over the public internet.

For more information on the Direct Connect locations worldwide, visit the locations section of the Direct Connect product detail pages. Or, visit our getting started page to learn more about how to purchase and deploy Direct Connect.

Read More for the details.

Today, AWS announces the launch of a new monitoring dashboard in the AWS Network Firewall console, enhancing customers ability to monitor their network traffic. This new feature provides visibility into network activities, allowing for more effective management and troubleshooting of firewall configurations.

The new dashboard offers valuable insights into traffic patterns, including top traffic flows, TLS Server Name Indication (SNI), and HTTP Host headers. This level of detail allows customers to quickly identify and analyze their most significant network interactions. Additionally, the dashboard provides visibility into long-lived TCP flows and traffic flows where TCP handshake failed, which is particularly useful for troubleshooting network issues and identifying potential security concerns.

This new monitoring dashboard is available in all AWS Regions where AWS Network Firewall is supported, see AWS Region table. There are no additional charges on AWS Network Firewall to use this dashboard. Please check Amazon CloudWatch pricing or Amazon Athena pricing to understand charges related to Logs and Queries.

To take advantage of this new feature, customers need to configure Flow logs and Alert logs in their AWS Network Firewall, and enable the monitoring dashboard. For more information on how to set up and use the new monitoring dashboard, please visit the AWS Network Firewall documentation or log in to the AWS Management Console.
 

Read More for the details.

120 EC2 instances now support ENA Express, including network optimized, storage, high-memory, and accelerated computing. With this launch, ENA Express is adding support for 35 network optimized instances, 6 storage instances, 7 high-memory instances, and 5 accelerated computing instances. Additionally, ENA Express has added support for 67 different compute, general purpose, and memory optimized EC2 instances.

ENA Express is a networking feature that uses the AWS Scalable Reliable Datagram (SRD) protocol to improve network performance in two key ways: higher single flow bandwidth and lower tail latency for network traffic between EC2 instances. SRD is a proprietary protocol that delivers these improvements through advanced congestion control, multi-pathing, and packet reordering directly from the Nitro card. ENA Express works transparently to your applications with TCP and UDP protocols.

ENA Express with network optimized instances is great for file systems and media encoding workloads that need higher single flow bandwidth and consistent tail latency. ENA Express coupled with storage instances improves performance for large object transactions to and from databases. ENA Express on high-memory instances is great for single flow performance for in memory databases transactions like with SAP HANA. Finally, for accelerated computing instances ENA Express provides better single flow performance for file system access to services like FSx Lustre.

ENA Express is available in all AWS Commercial Regions and AWS GovCloud (US) Regions and comes at no additional cost. For a complete list of supported instances, please review the latest EC2 Documentation.

Read More for the details.

Amazon RDS for PostgreSQL introduces Extended Support minor versions 11.22-rds.20250508 and 12.22-rds.20250508, which include important security updates and bug fixes for PostgreSQL databases.. We recommend upgrading your RDS instances to these latest versions to maintain optimal security and performance of your PostgreSQL deployments.

Amazon RDS Extended Support provides you more time, up to three years, to upgrade to a new major version to help you meet your business requirements. During Extended Support, Amazon RDS will provide critical security and bug fixes for your RDS for PostgreSQL databases after the community ends support for a major version. You can run your PostgreSQL databases on Amazon RDS with Extended Support for up to three years beyond a major version’s end of standard support date.

You can use automatic minor version upgrades to automatically upgrade your databases to more recent minor versions during scheduled maintenance windows. You can also use Amazon RDS Blue/Green deployments for RDS for PostgreSQL using physical replication for your minor version upgrades. Learn more about upgrading your database instances, including automatic minor version upgrades and Blue/Green Deployments in the Amazon RDS User Guide.

Amazon RDS for PostgreSQL makes it simple to set up, operate, and scale PostgreSQL deployments in the cloud. See Amazon RDS for PostgreSQL Pricing for pricing details and regional availability. Create or update a fully managed Amazon RDS database in the Amazon RDS Management Console.

Read More for the details.

Starting today, Amazon Elastic Compute Cloud (Amazon EC2) M7g instances are available in the AWS GovCloud (US-West) Region. These instances are powered by AWS Graviton3 processors that provide up to 25% better compute performance compared to AWS Graviton2 processors, and built on top of the the AWS Nitro System, a collection of AWS designed innovations that deliver efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage.

Amazon EC2 Graviton3 instances also use up to 60% less energy to reduce your cloud carbon footprint for the same performance than comparable EC2 instances. For increased scalability, these instances are available in 9 different instance sizes, including bare metal, and offer up to 30 Gbps networking bandwidth and up to 20 Gbps of bandwidth to the Amazon Elastic Block Store (EBS).

To learn more, see Amazon EC2 M7g. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS GovCloud (US) Console.

Read More for the details.

AWS Resource Group APIs now supports IPv6 for dual stack subnets so you can filter IPv4 and IPv6 traffic flows to and from the public internet, on-premises network, or any endpoint in your Amazon Virtual Private Cloud (VPC).

AWS Resource Groups enables you to model, manage and automate tasks on large numbers of AWS resources by using tags to logically group your resources. You can create logical collections of resources such as applications, projects, and cost centers, and manage them on dimensions such as cost, performance, and compliance in AWS services such as myApplications, AWS Systems Manager and Amazon CloudWatch.

IPv6 support is available in all AWS Regions where AWS Resource Groups is available today. To get started, learn how to configure IPv6 support or learn more about AWS Resource Groups.

Read More for the details.