AWS

Starting today, you can use Amazon Route 53 Resolver DNS Firewall and DNS Firewall Advanced in the Asia Pacific (Thailand) and Mexico (Central) Regions, to govern and filter outbound DNS traffic for your Amazon Virtual Private Cloud (VPC).

Route 53 Resolver DNS Firewall is a managed service that enables you to block DNS queries made for domains identified as low-reputation or suspected to be malicious, and to allow queries for trusted domains. In addition, Route 53 Resolver DNS Firewall Advanced is a capability of DNS Firewall that allows you to detect and block DNS traffic associated with Domain Generation Algorithms (DGA) and DNS Tunneling threats. DNS Firewall can be enabled only for Route 53 Resolver, which is a recursive DNS server that is available by default in all Amazon Virtual Private Clouds (VPCs). The Route 53 Resolver responds to DNS queries from AWS resources within a VPC for public DNS records, VPC-specific domain names, and Route 53 private hosted zones.

See here for the list of AWS Regions where Route 53 Resolver DNS Firewall is available. Visit our product page and documentation to learn more about Amazon Route 53 Resolver DNS Firewall and its pricing.

Read More for the details.

Today, AWS announced managed support for Energy Data Insights (EDI) on AWS – delivered through AWS Managed Service (AMS), which enables energy customers to easily deploy, manage, and operate their subsurface data management platform on AWS, in compliance with the (OSDU®) standard. Now, you can automatically deploy EDI on AWS and accelerate your data ingestion from weeks to hours, and intelligently process and organize your subsurface data with minimal manual effort. AWS extends your team with operational capabilities, allowing you to focus on innovation and accelerating time to value with your subsurface data.

With AWS-provided managed support, EDI on AWS removes the undifferentiated heavy-lifting and the complexities of deploying, operating, and maintaining an OSDU Data Platform on AWS, optimizing your EDI operations and security while ensuring round-the-clock availability and protection of the service. AWS handles critical operations on your behalf such as incident management, and backup and restore, significantly improving the resilience of your OSDU Data Platform on AWS. You also receive timely support for application upgrades and patches, allowing you to stay current with the latest features and improvements.

EDI on AWS is available with pay-as-you-go pricing in the following AWS Regions: US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Europe (Ireland), Europe (Paris), and South America (São Paulo).

To learn more about EDI, visit the Product Detail page.

Read More for the details.

Amazon Q Developer in chat applications now supports AWS Systems Manager just-in-time node access approvals from Microsoft Teams and Slack. AWS customers can now monitor node access requests and approvals from chat channels to enhance security posture and meet compliance requirements.

The Just-in-time node access provides customers policy-based time-bound access to nodes and helps them comply with zero-standing privileges operations model. This launch provides a seamless integration for managing Just-in-time access request approvals in chat applications.

When configuring Just-in-time approval policies, customers can designate Amazon SNS topics associated with Amazon Q Developer in chat applications configurations for managing node access approval requests. As operators make new node access requests, approvers are notified about the requests in the chat channels. They can then approve or reject access requests directly from the chat channel.

Systems Manager node access approval management in chat applications is available at no additional cost in AWS Regions where Amazon Q Developer and System Manager Just-in-time node access are offered. Visit the user guide and Systems Manager pricing to get started.

Read More for the details.

Model Distillation is the process of transferring knowledge from a more capable model (teacher) to a less capable one (student) with the goal to make the faster and cost-efficient student model as performant as the teacher for a specific use-case. With general availability, we now add support for the following new models: Amazon Nova Premier (teacher) and Nova Pro (student), Claude 3.5 Sonnet v2 (teacher), Llama 3.3 70B (teacher) and Llama 3.2 1B/3B (student). Amazon Bedrock Model Distillation now enables smaller models to accurately predict function calling for Agents use cases while helping to deliver substantially faster response times and lower operational costs. Distilled models in Amazon Bedrock are up to 500% faster and 75% less expensive than original models, with less than 2% accuracy loss for use cases like RAG. In addition to RAG use cases, Model Distillation also adds support for data augmentation for Agents use cases for function calling prediction.

Amazon Bedrock Model Distillation offers a single workflow that automates the process needed to generate teacher responses, adds data synthesis to improve teacher responses, and then trains the student model. Amazon Bedrock Model Distillation may choose to apply different data synthesis methods that are best suited for your use-case to create a distilled model that approximately matches the advanced model for the specific use-case. 

Learn more in our documentation, website, and blog.

Read More for the details.

Amazon Connect outbound campaigns now offers reporting on recipients and campaign executions along with additional metrics for tracking progress and troubleshooting issues. These capabilities are available in the Contact Lens dashboards and allow you to easily monitor campaign engagement by tracking total outreach against the total number of recipients targeted. You can drill down into your campaign and examine performance data for each campaign execution – for example, if you run a campaign every week for a month, you can drill down to view campaign performance for each week. You can also identify and resolve any delivery issues against each campaign – for example, out of the 20 delivery issues, you now know 12 had ineligible timezones, and 8 reached communication limit thresholds. The real-time campaigns dashboard shows the journey of your campaign, from how many recipients you targeted to how many you reached. All new metrics are also available through the GetMetricDataV2 API and Zero-ETL data lake for custom reporting or integrations with other data sources.

These enhanced outbound campaign analytics are available in all AWS regions where Amazon Connect outbound campaigns is available. For more information about outbound campaign analytics, consult the Amazon Connect Administrator Guide and Amazon Connect API Reference. To learn more about Amazon Connect Outbound Campaigns, please visit the outbound campaigns webpage.

Read More for the details.

Amazon Connect Contact Lens now include a pre-configured agent adherence widget which supports filtering and sorting on agent adherence metrics, making day-to-day adherence management more efficient for supervisors. With this launch, supervisors can apply filters on adherence status, duration, and percentage; sort by duration or percentage; and apply conditional formatting within the agent adherence widget on the queue and agent performance dashboard. For example, a supervisor can highlight agents who have been falling behind schedule for more than 5 minutes, quickly identify breaches, and notify the agents accordingly. With this widget, supervisors can simplify the process of monitoring adherence, improving productivity, and enabling faster response times to adherence issues.

This feature is available in all AWS Regions where Amazon Connect agent scheduling is available. To learn more about this feature, see the Queue and agent performance dashboard in Amazon Connect.

Read More for the details.

AWS B2B Data Interchange now offers customers the option to use Internet Protocol version 6 (IPv6) while accessing the AWS B2B Data Interchange Service APIs.

More and more customers are adopting IPv6 to mitigate IPv4 address exhaustion in their private networks or to satisfy government mandates such as the US Office of Management and Budget (OMB) M-21-07 memorandum. With this launch, customers can standardize their applications and workflows for managing their AWS B2B Data Interchange resources on the new version of Internet Protocol by using the new dual-stack AWS B2B Data Interchange Service endpoints.

IPv6 support for AWS B2B Data Interchange Service APIs is available in all commercial regions where AWS B2B Data Interchange is available. To learn more, visit the AWS B2B Data Interchange user guide.

Read More for the details.

Today, AWS Resource Explorer has expanded the availability of resource search and discovery to 3 additional AWS Regions: Asia Pacific (Malaysia), Asia Pacific (Thailand), and Mexico (Central).

With AWS Resource Explorer you can search for and discover your AWS resources across AWS Regions and accounts in your organization, either using the AWS Resource Explorer console, the AWS Command Line Interface (AWS CLI), the AWS SDKs, or the unified search bar from wherever you are in the AWS Management Console.

For more information about the AWS Regions where AWS Resource Explorer is available, see the AWS Region table.

To turn on AWS Resource Explorer, visit the AWS Resource Explorer console. Read about getting started in our AWS Resource Explorer documentation, or explore the AWS Resource Explorer product page.

Read More for the details.

Amazon SageMaker now offers a unified scheduling experience for visual ETL flows and queries. The next generation of Amazon SageMaker is the center for all your data, analytics, and AI, and includes SageMaker Unified Studio, a single data and AI development environment. Visual ETL in Amazon SageMaker provides a drag-and-drop interface for building ETL flows and authoring flows with Amazon Q. The query editor tool provides a place to write and run queries, view results, and share your work with your team. This new scheduling experience simplifies the scheduling process for Visual ETL and Query editor users.

With unified scheduling you can now schedule your workloads with Amazon EventBridge Scheduler from the same visual interface you use to author your query or visual ETL flow. Previously, you needed to create a code-based workflow in order to run a single flow or query on schedule. You can also view, modify or pause/resume these schedules and monitor the runs they invoked.

This new feature is now available in all AWS regions where Amazon SageMaker is available. Access the supported region list for the most up-to-date availability information.

To learn more, visit our Amazon SageMaker Unified Studio documentation, blog post and Amazon EventBridge Scheduler pricing page.

Read More for the details.

Cross-Region Automated Backup replication for Amazon RDS is now available in five additional AWS Regions. This launch allows you to setup automated backup replication between Australia (Melbourne) and Australia (Sydney); between Asia Pacific (Hong Kong) and Asia Pacific (Singapore) or Asia Pacific (Tokyo); between Asia Pacific (Malaysia) and Asia Pacific (Singapore); between Canada (Central) and Canada West (Calgary); and between Europe (Zurich) and Europe (Frankfurt) or Europe (Ireland) Regions.

Automated Backups enable recovery capability for mission-critical databases by providing you the ability to restore your database to a specific point in time within your backup retention period. With Cross-Region Automated Backup replication, RDS will replicate snapshots and transaction logs to the chosen destination AWS Region. In the event that your primary AWS Region becomes unavailable, you can restore the automated backup to a point in time in the secondary AWS Region and quickly resume operations. As transaction logs are uploaded to the target AWS Region frequently, you can achieve a Recovery Point Objective (RPO) of within the last few minutes.

You can setup Cross-Region Automated Backup replication with just a few clicks on the Amazon RDS Management Console or using the AWS SDK or CLI. Cross-Region Automated Backup replication is available on Amazon RDS for PostgreSQL, Amazon RDS for MariaDB, Amazon RDS for MySQL, Amazon RDS for Oracle, and Amazon RDS for Microsoft SQL Server. For more information, including instructions on getting started, read the Amazon RDS documentation.

Read More for the details.

AWS Elastic Beanstalk now gives customers the option to use default security groups or their own custom security groups when deploying applications. This new feature provides greater control over network access and security configurations.

With this update, customers can use custom security groups instead of default security groups for both new and existing Elastic Beanstalk environments. This applies to the EC2 instances within the environment and, for load-balanced environments, to the load balancer as well. Previously, Elastic Beanstalk would automatically add a default security group. This enhancement enables customized security policies and simplifies security management.

This feature is available in all of the AWS Commercial Regions and AWS GovCloud (US) Regions that Elastic Beanstalk supports. For a complete list of regions and service offerings, see AWS Regions.

To learn more about using custom security groups with Elastic Beanstalk, see the AWS Elastic Beanstalk Developer Guide. For additional information about Elastic Beanstalk features, visit the AWS Elastic Beanstalk product page.
 

Read More for the details.

Amazon Connect now lets you grant administrator access to agent schedules, making it easier to address key operational needs with minimal configuration. With this launch, you can now give certain users access to all published agent schedules without being added as a supervisor to every staff group. For example, users such as centralized schedulers or auditors who require a broad view of agent schedules across the organization can now be granted this access in a few clicks, thus reducing time spent on access management and improving overall operational efficiency.

This feature is available in all AWS Regions where Amazon Connect agent scheduling is available. To learn more about Amazon Connect agent scheduling, click here.

Read More for the details.

You can now run OpenSearch version 2.19 in Amazon OpenSearch Service which introduces several improvements in the areas of Vector Search, Observability and OpenSearch Dashboards.

We have introduced four key capabilities for vector search applications. The Faiss engine now supports AVX512 SIMD instructions, to accelerate vector similarity computations. The ML inference search response processor can now rank search hits and update scores based on model predictions, enabling sophisticated and context-aware document ranking and result augmentation. Lucene binary vectors, now complement existing Faiss engine binary vector support offering greater flexibility for vector search applications. Hybrid search now includes pagination support , reciprocal rank fusion to improve result ranking along with a debugging tool for score and rank normalization process.

The launch also introduces query insights dashboards that lets users monitor and analyze the top queries collected by the query Insights plugin. Anomaly detection now offers two key improvements. First, enhanced anomaly definition capabilities allow users to specify multiple criteria to identify both spikes and dips in data patterns. Second, a new dedicated index for flattened results improves query performance and dashboard visualization experience. Finally, you can now use template query to create search queries that contain placeholder variables allowing for more flexible, efficient, and secure search operations.

For information on upgrading to OpenSearch 2.19, please see the documentation. OpenSearch 2.19 is now available in all AWS Regions where Amazon OpenSearch Service is available.
 

Read More for the details.

Amazon Simple Email Service (SES) announces that its Mail Manager email modernization and infrastructure features now have a rule action which enables messages to be published using an Amazon Simple Notification Service (SNS) notification. The notification includes the complete email content, and has options for SNS Topic and Encoding.

Amazon SNS is a fully managed service that provides message delivery from publishers (producers) to subscribers (consumers). Publishers communicate asynchornously with subscribers by sending messages to a topic, which is a logical access point and communication channel. Subscribers can choose to receive these notifications through a variety of endpoints, including email, SMS, and Lambda. By centralizing notification preferences within SNS, customers enhance messaging between applications and users while gaining advantages of high availability, durability, and flexibility. Using the Publish to SNS rule action within Mail Manager increases the number and type of delivery destinations available to customers as part of their larger ruleset configuration.

Mail Manager’s Publish to SNS rule action is available in all 17 AWS Regions where Mail Manager is launched. There is no additional fee from SES to make use of this feature, though charges from AWS for SNS and destination channel activity may apply. Customers can learn more about SES Mail Manager by clicking here.

Read More for the details.

Amazon Connect now provides bulk removal of agent schedules, making day-to-day management of agent schedules more efficient. With this launch, you can now remove schedules for up to 400 agents for a single day, or up to 30 days for a single agent. For example, remove all schedules for next Monday as the contact center is going to be closed, or remove future shifts for an agent who is no longer with the organization. With bulk remove, managers no longer have to remove agent shifts one agent and one day at a time, thus improving manager productivity by reducing time spent on managing agent schedules.

This feature is available in all AWS Regions where Amazon Connect agent scheduling is available. To learn more about Amazon Connect agent scheduling, click here.

Read More for the details.

Today, AWS Clean Rooms announces support for multiple collaboration members to receive analysis results from queries using Spark SQL. This streamlined capability enhances usability and transparency by eliminating the need for additional audit mechanisms outside of the collaboration. With this feature, multiple members can receive and validate analysis results from queries across collective datasets directly from the collaboration.

You can designate multiple collaborators as result receivers when executing a Spark SQL query. Results are automatically delivered to all selected collaborators who are configured in both the collaboration settings and table controls. For example, in a collaboration between a media publisher and an advertiser, the publisher can run a query across their collective datasets; the query results are sent to both parties’ chosen Amazon S3 location for validation.

AWS Clean Rooms helps companies and their partners to easily analyze and collaborate on their collective datasets without revealing or copying one another’s underlying data. For more information about the AWS Regions where AWS Clean Rooms is available, see the AWS Regions table. To learn more about collaborating with AWS Clean Rooms, visit AWS Clean Rooms.

Read More for the details.

Starting today, we’re enhancing the AWS Migration Acceleration Program (MAP) with two key capabilities to help you accelerate your modernization efforts and drive customers’ adoption of AI:

• New “Move to AI” Modernization Pathway, featuring Amazon Bedrock and Amazon SageMaker. This pathway enables you to help customers transform their existing applications and business processes with proven AI patterns that deliver measurable business value.
• Amazon Connect is now a qualifying service in the MAP Modernization Strategic Partner Incentive (SPI). This enables you to help customers transform their contact centers with AI-powered features that increase agent productivity and enhance customer experiences.

These enhancements strengthen your ability to lead customers’ AI transformation and drive contact center modernization.

Learn more:

• AWS Partner Funding Benefits Program Guide
• MAP Modernization SPI Eligible Services

Read More for the details.

Today, we are excited to announce the general availability of anonymous user access for Amazon Q Business. This feature allows customers to create Q Business applications for anonymous users using publicly accessible content. Q Business applications created in this anonymous mode are billed on a API consumption basis.

Customers can now create anonymous Q Business applications to power use cases such as public web site Q&A, documentation portals, and customer self-service experiences, where user authentication is not required and content is publicly available. For example, AnyCompany wants to improve their website’s visitor support experience by providing a genAI assistant over their publicly available help/product pages. The customer would create an anonymous Q Business application and index all the public product help/documentation to power their Q Business genAI assistant. To deploy the anonymous application, customers can implement the anonymous Chat/ChatSync APIs for higher UX control or embed the built-in anonymous web experience via an iFrame. Anonymous applications are billed on API consumption basis, offering a scalable way to deploy Q Business generative AI experiences to large anonymous audiences.

The anonymous chat APIs and web experience are available in the US East (N. Virginia), US West (Oregon), Europe (Ireland), and Asia Pacific (Sydney) AWS Regions. For more information, please consult our documentation.
 

Read More for the details.

Today AWS Elemental MediaTailor launched recurring prefetch schedules, enhancing server-side ad prefetch capabilities for live streaming content. This feature helps content providers and broadcasters efficiently manage ad insertion for live events where exact ad break timing is unpredictable, while maintaining high-quality viewer experiences. Content providers can benefit from this during major sporting events, live concerts, or news broadcasts where ad break timing may vary.

The new mode enables you to create a single schedule for an entire live event or linear channel. After every ad break, MediaTailor will automatically create the prefetch schedule for the next ad break while ensuring that any new playback sessions that join the stream are provisioned with ads. This automation reduces operational overhead while ensuring optimal ad delivery performance and pre-transcoding of ads to improve ad monetization. The feature also includes ad request traffic shaping settings to prevent ad server overload for viewing events with large audiences and to maintain low latency for manifest delivery.

To learn more about AWS Elemental MediaTailor, visit the AWS Elemental MediaTailor page. For detailed implementation guidance on the new Recurring Prefetch Schedule feature, see the MediaTailor documentation.

Read More for the details.

Amazon VPC Lattice introduces dual stack support for management API, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual stack support is also available when the Amazon VPC Lattice management API endpoint is privately accessed from your Amazon Virtual Private Cloud (VPC) using AWS PrivateLink. Dual stack endpoints are made available on a new AWS DNS domain name. The existing Amazon VPC Lattice management API endpoints are maintained for backwards compatibility reasons.

Amazon VPC Lattice, an application networking service that simplifies connecting, securing, and monitoring service-to-service communication. You can use Amazon VPC Lattice to facilitate cross-account and cross-VPC connectivity, as well as application layer load balancing for your workloads. Whether the underlying compute types are instances, containers, or serverless, with Amazon VPC Lattice developers can work with native integration on the compute platform of their choice. With simultaneous support for both IPv4 and IPv6 clients on VPC Lattice endpoints, you are able to gradually transition from IPv4 to IPv6 based systems and applications, without needing to switch all over at once. This enables you to meet IPv6 compliance requirements and removes the need for expensive networking equipment to handle the address translation between IPv4 and IPv6.

To learn more, see the VPC Lattice user guide and IPv6 on AWS.

Read More for the details.