AWS Recent Announcements

AWS announces an official source for AWS API Model definition files and service model packages, providing developers with access to API definitions for all AWS services. We now publish daily updates of these API models to an open-source GitHub repository in Smithy format and also publish these packages to Maven Central. AWS public service models enable developers to take advantage of the same service model definitions that AWS uses for live services. These API models can be pulled into integrated development environments using the new packages available in Maven and can be used for developer tools use cases like mock testing or evolving MCP server needs. By utilizing open source Smithy code generators, you can also generate purpose-built AWS SDKs. The AWS service API models can be found on GitHub and Maven. Learn more in our AWS News blog post.  

Today, AWS announces that AWS Control Tower supports seven new compliance frameworks in Control Catalog. Control Catalog is the central place in AWS for searching and enabling managed controls.In addition to existing frameworks, controls are now mapped to CIS-v8.0, FedRAMP-r4, ISO-IEC-27001:2013-Annex-A, NIST-CSF-v1.1, NIST-SP-800-171-r2, PCI-DSS-v4.0, SSAE-18-SOC-2-Oct-2023. To get started, navigate to the Control Catalog in AWS Control Tower and search for a framework like PCI-DSS-v4.0 to view related controls. This feature helps you meet your compliance requirements faster and with higher confidence. For programmatic access, utilize the new ListControlMappings API to search controls by frameworks, and take advantage of the updated ListControls and GetControl APIs, which now support GovernedResources, to understand the resource types governed by each control. We’ve also introduced a new classification system to help you better comprehend and manage controls. In addition to the new frameworks, controls in Control Catalog are now mapped to a domain (e.g., “Data Protection”), an objective (e.g., “Data Encryption”), and a common control (e.g., “Encrypt data at rest”). This clearer structure simplifies the process of understanding, searching, and deploying the controls you need. If you’re using AWS Config, now you’ll see the same comprehensive mapping of Config rules to compliance frameworks, domains, objectives, and common controls that you find in AWS Control Tower, ensuring a unified experience across your AWS environment. You can use Control Catalog with new mappings in all AWS Regions where AWS Control Tower is available, including AWS GovCloud (US). To learn more, visit AWS Control Tower User Guide.

AWS Key Management Service (KMS) now supports the FIPS 203 Module-Lattice Digital Signature Standard (MLDSA), a quantum-resistant digital signature algorithm designed to help organizations address emerging quantum computing threats. This post-quantum signature algorithm is one of the selected algorithms standardized by NIST to protect sensitive information well into the foreseeable future, including after the advent of cryptographically relevant quantum computers. ML-DSA is particularly valuable for manufacturers and developers who need to protect firmware and application code signing where cryptographic signatures cannot be easily updated after deployment and for organizations that require signatures on digital content to remain valid for several years. The ML-DSA keys integrate with the existing KMS CreateKey and Sign APIs, enabling customers to preserve their established automation processes, IAM and KMS key policies, auditing capabilities, and tagging workflows. AWS KMS support for ML-DSA introduces three new key specs (ML_DSA_44, ML_DSA_65, and ML_DSA_87) that work with the post-quantum SigningAlgorithm ML_DSA_SHAKE_256, with support for both raw signatures and the pre-hashed variant (External Mu). This new feature is generally available and you can use ML-DSA in the following AWS Regions: US West (N. California), and Europe (Milan) with the remaining commercial AWS Regions to follow in the coming days. To learn more, see the AWS Security Blog for how to create post-quantum signatures using AWS KMS and ML-DSA, and see the ML-DSA signing topic in the AWS KMS Developer Guide.

Today, Amazon Q Developer announced support for Model Context Protocol (MCP) in the integrated development environment (IDE) plugins, enabling developers to utilize external tools to support richer contextual, development workflows. MCP is an open protocol that standardizes how AI models can, in a secure and structured way, access external tools, data sources, and APIs. You can now augment the list of built-in tools with any MCP server that supports the stdio transport layer. MCP servers can be managed within the Q Developer user interface, making it easy to add or remove servers, and modify tool permissions. By extending your IDE, Q Developer is able to provide more customized responses by orchestrating tasks across native and MCP server-based tools. MCP support is available within the Visual Studio Code and JetBrains IDE plugins, and Amazon Q Developer CLI. To get started, visit the Amazon Q Developer documentation or read the blog to learn more.

Amazon Virtual Private Cloud IP Address Manager (Amazon VPC IPAM) that makes it easier for you to plan, track, and monitor IP addresses for your AWS workloads, is now available in Asia Pacific (Taipei) Region. Amazon VPC IPAM allows you to easily organize your IP addresses based on your routing and security needs, and set simple business rules to govern IP address assignments. Using VPC IPAM, you can automate IP address assignment to Amazon VPCs and VPC Subnets, eliminating the need to use spreadsheet-based or homegrown IP address planning applications, which can be hard to maintain and time-consuming. With this expansion, Amazon VPC IPAM is available in all AWS Regions, including China (Beijing, operated by Sinnet), and China (Ningxia, operated by NWCD), and the AWS GovCloud (US) Regions. To learn more about IPAM, view the IPAM documentation. For details on pricing, refer to the IPAM tab on the Amazon VPC Pricing Page.

Amazon Connect Outbound Campaigns now offers new instance-level communication total limit control to give you greater flexibility in configuring how often you want to engage with your customers across multiple campaigns. It also provides the ability to opt out of limit controls for critical campaigns. These new capabilities enable more efficient and targeted customer engagement strategies. The new instance-level total limit setting allows businesses to manage overall outbound communication limits across all campaigns while ensuring compliance with regulations such as the U.S. Telephone Consumer Protection Act (TCPA). This feature provides a centralized approach to managing communication frequency, helping businesses avoid over-contacting customers and potentially improving customer satisfaction. The ability to opt out of these limits for specific campaigns enables critical communications, such as fraud alerts or support during inclement weather, to reach customers when needed most, enhancing overall outbound communication effectiveness. The feature is available in US East (N. Virginia), US West (Oregon), Africa (Cape Town), Asia Pacific (Sydney), Canada (Central), Europe (Frankfurt) and Europe (London) AWS regions. To learn more about Amazon Connect Outbound Campaigns, please visit the outbound campaigns webpage.

Following the announcement of the price reduction for Amazon EC2 NVIDIA GPU-accelerated instances, we are announcing up to 45% price reduction for Amazon SageMaker AI instances to enable more cost-efficient generative AI model development. The price reduction for SageMaker AI instances includes P4 (P4d and P4de) and P5 (P5, P5e and P5en) instance types. This price reduction to On-Demand and Savings Plan pricing applies to all Regions where these instances are available. The pricing reduction applies to On-Demand purchases beginning June 9 and to Savings Plan purchases effective after June 16. We also reduced the price on flexible training plans to help customers run cost-effective model training on Amazon SageMaker HyperPod. The price reduction for training plans is applicable to P5, P5e, P5en, and trn1 instance types in all non-US Regions. These pricing updates reflect the AWS commitment to making GPU computing more accessible while passing cost savings directly to customers. Learn more about the new pricing on the SageMaker AI pricing page.

Amazon EKS Pod Identity now provides a simplified experience for configuring application permissions to access AWS resources in separate accounts. With enhancements to EKS Pod Identity APIs, you can now seamlessly configure access to resources across AWS accounts by providing the resource account’s IAM details during the creation of the Pod Identity association. Your applications running in the EKS cluster automatically receive the required AWS credentials during runtime without requiring any code changes. EKS Pod Identity enables applications in your EKS cluster to access AWS resources across accounts through a process called IAM role chaining. When creating a Pod Identity association, you can provide two IAM roles — an EKS Pod Identity role in the same account as your EKS cluster and a target IAM role from the account containing your AWS resources (like S3 buckets or DynamoDB tables). When your application pod needs to access AWS resources, it requests credentials from the EKS Pod Identity, which automatically assumes the roles through IAM role chaining to provide your pod with the necessary cross-account temporary credentials. This feature is available in all AWS Regions where Amazon EKS is available. To learn more, see Access AWS Resources using EKS Pod Identity Target IAM Roles.

Today, AWS announces enhanced application layer (L7) DDoS protection capabilities with faster automatic detection and mitigation, designed to respond to events within seconds. AWS WAF application layer (L7) DDoS protection is an AWS Managed Rule group that automatically detects and mitigates DDoS events of any duration to ensure your applications on Amazon CloudFront, Application Load Balancer (ALB) and other AWS services supported by WAF stay available and responsive to your users. This enhancement helps cloud security administrators and site reliability engineers protect applications while reducing the operational overhead of manually configuring and managing rules. This AWS Managed Rule group monitors traffic data to establish a baseline within minutes of activation, then leverages machine learning models to detect anomalies from normal traffic patterns. When traffic deviates from the established baseline, the system automatically applies rules designed to address suspicious requests. You can configure rules to suit the needs of your applications, such as presenting a challenge or blocking a request. AWS WAF application layer (L7) DDoS protection can be enabled by all AWS WAF and AWS Shield Advanced subscribers in all supported AWS Regions, except Asia Pacific (Thailand), Mexico (Central), and China (Beijing and Ningxia). You can deploy this AWS Managed Rule group for your Amazon CloudFront, ALB, and other supported AWS resources. See the Pricing page for more details. To learn more about AWS WAF application layer (L7) DDoS protection, visit the AWS WAF documentation or the AWS WAF console. To get started, refer to our technical documentation for detailed information about enabling this feature to protect your web applications.  

Amazon Nova Sonic, a state-of-the-art speech-to-speech foundation model, now supports Spanish language, bringing natural, real-time voice conversations to more users and developers worldwide. This expands on its original support for English, with expressive voices in American and British accents, to now include Spanish with two additional (masculine and feminine-sounding) expressive voices. Nova Sonic unifies speech understanding and speech generation into a single model, to enable human-like voice conversations in AI applications. The novel architecture enables the model to adapt the generated voice response to the acoustic context (e.g., tone, style) and the spoken input, resulting in more natural human-like dialogue. Additionally, Amazon Nova Sonic supports function calling, agentic workflows, and knowledge grounding with enterprise data. To learn more, read the AWS News Blog, Amazon Nova Sonic product page, and User Guide. To get started, visit the Amazon Bedrock Console.  

Amazon Elastic Container Services (Amazon ECS) now supports updating capacity providers for an existing ECS service. With this enhancement, customers can seamlessly update the underlying compute configuration for their ECS services, without incurring operational overhead or potential disruption from needing to recreate their services. Amazon ECS enables customers to update their service configurations programmatically via the UpdateService API or AWS Management console. Previously, customers could choose the underlying compute configuration during service creation by specifying capacity providers for AWS Fargate or EC2 Auto Scaling groups, or the EC2 launch type for self-managed EC2 instances. Modifying the underlying compute configuration of a service, such as transitioning from EC2 to Fargate (or vice versa), required recreating or replacing the ECS service with a new version containing the updated configuration. This process could lead to potential service disruption and incurred additional operational overhead for spinning up a new service and managing safely switching traffic to it. Starting today, customers can seamlessly switch compute configuration of their ECS services by updating capacity providers, without any operational overhead or service disruption. This capability is now available across all AWS Regions via the AWS Management Console, API, SDK, CLI, and CloudFormation. To learn more, visit the ECS Update Service documentation.  

Amazon Lex now offers a Large Language Model (LLMs) assisted Natural Language Understanding (NLU) to improve intent classification and slot resolution capabilities for English and Spanish locales. This feature allows you to leverage Large Language Models (LLMs) to enhance accuracy when the standard NLU encounters challenges, helping you deliver more natural, resilient conversational experiences, while maintaining complete control over your bot’s responses, defined intents, and slots. For example: interpreting complex or lengthy utterances, maintaining accuracy despite spelling errors, extracting slots from verbose inputs, delivering better results with minimal training data and does not require any changes to permissions or integration settings. This feature is available in all commercial AWS Regions where Amazon Lex operates except Canada (Central) and Europe (London). To learn more about the assisted NLU or how Amazon Connect and Amazon Lex deliver cloud-based conversational AI experiences for contact centers, please visit the Amazon Connect website.  

Today, Amazon Verified Permissions announces price reduction for single authorization requests by up to 97% to $5 per million API requests. This price reduction makes it substantially cost-effective for customers to implement fine-grained authorization across all their applications, enabling authorization checks for every user action. Amazon Verified Permissions is a scalable, fully managed authorization service that uses Cedar, an open-source policy language for access control. By decoupling permissions from application logic, Amazon Verified Permissions allows you to centrally manage authorization policies while improving your applications’ security posture and development efficiency. The price reduction applies to all AWS Regions where Amazon Verified Permissions is available starting June 12, 2025, at midnight UTC, and is enabled for all customers without any further action. The reduction applies to requests made to the isAuthorized and isAuthorizedWithToken APIs. The pricing for batch authorization requests and policy management operations remains unchanged. For more information about Amazon Verified Permissions pricing, visit the Verified Permissions pricing page or AWS Pricing calculator.  

AWS is announcing the general availability of Amazon EC2 Storage Optimized I8g instances in Europe (Ireland) region. I8g instances offer the best performance in Amazon EC2 for storage-intensive workloads. I8g instances are powered by AWS Graviton4 processors that deliver up to 60% better compute performance compared to previous generation I4g instances. I8g instances use the latest third generation AWS Nitro SSDs, local NVMe storage that deliver up to 65% better real-time storage performance per TB while offering up to 50% lower storage I/O latency and up to 60% lower storage I/O latency variability. These instances are built on the AWS Nitro System, which offloads CPU virtualization, storage, and networking functions to dedicated hardware and software enhancing the performance and security for your workloads. Amazon EC2 I8g instances are designed for I/O intensive workloads that require rapid data access and real-time latency from storage. These instances excel at handling transactional and real-time databases, including MySQL, PostgreSQL, and NoSQL solutions like ClickHouse, Apache Druid, and MongoDB. They’re also optimized for real-time analytics platforms such as Apache Spark. I8g instances are available in 10 different sizes with up to 48xlarge, 1,536 GiB of memory, and 45 TB local instance storage. They deliver up to 100 Gbps of network performance bandwidth, and 60 Gbps of dedicated bandwidth for Amazon Elastic Block Store (EBS). To learn more, visit EC2 I8g instances. To begin your Graviton journey, visit the Level up your compute with AWS Graviton page.

Today, we are excited to announce support for service-linked AWS Config rules in AWS Control Towers detective controls. A service-linked AWS Config rule is managed entirely by AWS services and cannot be edited or deleted by users. To maintain consistency, prevent configuration drift, and simplify user experience, you can only update these rules through AWS Control Tower. With this release, AWS Control Tower now deploys service-linked Config rules directly in managed accounts, replacing the previous AWS CloudFormation StackSets deployment method. This change delivers substantial improvements to deployment speed, significantly reducing the time required to enable service-linked Config rules across multiple AWS Control Tower managed accounts and regions. Additionally, these service-linked Config rules are designed to ensure consistent governance of your resources through detective controls by preventing unintentional configuration drift. AWS Control Towers Config rules detect resource noncompliance within your accounts, such as policy violations, and provide alerts through the dashboard. You can deploy AWS Control Tower controls via the console or using AWS Control Tower control APIs. For a complete list of supported AWS Regions, please refer to the AWS Region Table.

AWS Marketplace now provides streamlined Private Marketplace management within the AWS Marketplace console. Administrators can create and manage custom Private Marketplace experiences, controlling what products can be procured from AWS Marketplace by users in their organization. These customized Private Marketplace experiences can be tailored for an entire organization, specific organizational units (OUs), or individual accounts providing flexible control over software procurement. In addition to availability in the AWS Marketplace console, Private Marketplace has been updated to include an improved configuration and management experience that reduces setup time, improves visibility, and streamlines administration. Administrators can utilize a multi-step wizard for creating Private Marketplace experiences, and an enhanced wizard for bulk product approvals. All Private Marketplace management actions can be tracked through a new dedicated change sets page, providing real-time visibility and a comprehensive audit trail. With this launch, Private Marketplace also includes support for multiple languages. To learn more about Private Marketplace, visit the Private Marketplace overview page. To get started, access the Private Marketplace buyer guide.  

Today, AWS announces an enhancement to Amazon S3 DeleteObjects API logging in AWS CloudTrail, bringing additional visibility into the bulk delete operations to help you better protect and monitor the usage of your Amazon S3 buckets. Amazon S3’s DeleteObjects API enables bulk object deletion in a single operation and serves as the default method for console-based deletions. Earlier, when you deleted multiple S3 objects using the DeleteObjects API call, CloudTrail logged the DeleteObjects API call as a single event, giving you the visibility on who initiated the call and on which bucket. However, this event does not contain information on what objects were included or successfully deleted. With this update, CloudTrail will provide granular visibility by logging: The overall DeleteObjects API call event (as before) Individual DeleteObject events for each object included in the bulk delete request (new) This enhancement provides visibility into the individual S3 objects that were deleted as part of bulk delete request. These detailed records strengthen your security posture and support your compliance requirements with more complete information about deletion activities in your S3 buckets. You can also use advanced events selectors to log only the most relevant data events for your use case. To learn how to use advanced event selectors to exclude these additional DeleteObject data events, review our documentation.

Amazon Bedrock Custom Model Import now supports Qwen models. You can now import custom weights for Qwen-based architectures, including models like Qwen 2.5 Coder, Qwen 2.5 VL, and QwQ 32B. This enables you to bring your own customized Qwen models into Bedrock and deploy them in a fully managed, serverless environment—without having to manage infrastructure or model serving. Qwen models are known for their strong performance across a wide range of modalities and tasks. Qwen 2.5 Coder is optimized for code generation and understanding, making it well-suited for tasks like code completion, bug fixing, and code translation. Qwen 2.5 VL is a multimodal model capable of both text and vision tasks such as visual question answering, image captioning, and document analysis. QwQ 32B, excels in complex reasoning tasks and achieving performance comparable to larger models while being more efficient. You can get started by importing your custom Qwen model in the custom models page of the Amazon Bedrock console or by referring to this guide. To see what all architectures are supported visit the documentation page. Amazon Bedrock Custom Model Import is generally available in the US-East (N. Virginia), US-West (Oregon), and Europe (Frankfurt) AWS regions.

Amazon Q Developer now allows users with AWS Builder IDs to upgrade to the Pro Tier, giving them higher usage limits in their IDEs and on the command line interface. See here for Amazon Q Developer pricing and usage limit information. AWS Builder IDs enable developers using free tier to leverage Amazon Q Developer’s agentic capabilities for code generation, analysis, and problem-solving directly within their development environments. With this update, free tier users can now upgrade to the Amazon Q Developer Pro tier to get additional usage without requiring any additional configuration or management. As users reach free tier limits for Amazon Q Developer, they will be prompted to subscribe to the Pro tier by connecting their AWS account. Users can then connect their Builder ID in the Amazon Q Developer console, and sign up for Pro tier subscription. Amazon Q Developer Pro tier upgrades for Builder ID are currently available in all regions where Amazon Q Developer is supported. To learn more about using Builder IDs with Amazon Q Developer, including detailed information on limitations and upgrade options, visit the Amazon Q Developer documentation. Get started today by signing up for a free Builder ID and installing Amazon Q in your preferred IDE or command line interface.

Amazon Relational Database Service (RDS) for DB2 now supports cross-region standby replicas, a new feature that helps customers reduce database down time during disaster recovery. In situations where a database in a region becomes unavailable, customers can immediately promote a standby replica in a different region to resume operations, and do not have to wait until a database backup is restored. To use the feature, customers simply configure their RDS for DB2 database instance to maintain a standby replica in another AWS region. RDS automatically replicates changes asynchronously from the primary instance to the standby replica. In situations where the primary database instance becomes unavailable, customers can promote the standby replica to primary, and resume read and write operations. Customers can create up to three standby replicas for a database instance. Since standby replicas are not operable until promoted, customers need commercial database licenses for only two vCPUs per replica, regardless of the number of vCPUs on the instance. Customers can use either Bring Your Own License (BYOL) or Marketplace licensing models to use Amazon RDS for DB2 with standby replicas. To learn more, refer to Amazon RDS for Db2 documentation and pricing pages.

Today, AWS extended the availability of the AWS Financing program to help all US customers simplify and accelerate their AWS Marketplace software purchases directly through the AWS Billing and Cost Management console. US customers can now apply for, utilize, and manage financing within the console for AWS Marketplace software purchases. The AWS Marketplace Financing program provides customers with a seamless experience to search for and apply for financing, while buying third-party software on AWS Marketplace, all while managing billing and payment within the AWS Console. The AWS Financing program gives you the flexibility to better manage your cash flow by spreading payments over time, while only paying financing cost on what you use. With thousands of software products available in AWS Marketplace, this financing program enables you to finance purchases ranging from $10,000 – $100,000,000, subject to credit approval. With near real-time decisions for loans up to $350,000, approved customers can finance AWS Marketplace software purchases with contract terms of at least 12 months. Financing can be applied to a variety of purchases from multiple AWS Marketplace sellers, giving you more flexibility across your software portfolio. This financing program is available in the AWS Billing and Cost Management console for AWS Marketplace customers in the US, excluding NV, NC, ND, TN, & VT. To learn more about financing options for AWS Marketplace purchases and details about the AWS Financing program, visit the AWS Marketplace financing page.

Amazon S3 adds S3 Tables storage cost information for individual tables in AWS Cost Explorer and AWS Cost and Usage Reports (AWS CUR). You can now track and analyze all S3 Tables costs, including storage, API requests, and maintenance operations for each table in your data lake. This helps you to make decisions about resource optimization and to attribute costs to specific projects and business units. To view your S3 Tables storage cost at the table level, enable resource-level data in your cost management preferences, then access table-level cost data through AWS Cost Explorer. For more comprehensive cost and usage data, configure AWS CUR to show resource-level details, then set up daily reports to be sent to your specified S3 bucket. This enhanced cost visibility for S3 Tables is rolling out in the coming weeks in all AWS Regions where S3 Tables are available, at no additional charge. To learn more, visit the product page and documentation.  

Amazon DynamoDB Streams is a serverless data streaming feature that makes it straightforward to track, process, and react to item-level changes in DynamoDB tables in near real time. Today, DynamoDB has added support for KCL 3.0. With KCL 3.0, you can reduce compute costs to process streaming data by up to 33% compared to previous KCL versions. KCL 3.0 introduces an enhanced load balancing algorithm that continuously monitors resource utilization of the stream processing workers and automatically redistributes the load from over-utilized workers to other underutilized workers. Additionally, KCL 3.0 is built with the AWS SDK for Java 2.x for improved performance and security features, fully removing the dependency on the AWS SDK for Java 1.x. Kinesis Client Library (KCL) is an open-source library that simplifies the development of stream processing applications with Amazon DynamoDB Streams. It manages complex tasks associated with distributed computing such as load balancing streaming data, processing data with fault-tolerance, and coordinating distributed workers, allowing you to solely focus on your core business logic. You can upgrade your stream processing application running on KCL 1.x by simply replacing the current library to use KCL 3.0 without any changes in your data processing logic. For migration instructions, see Migrating from KCL 1.x to KCL 3.x. KCL 3.0 is available with Amazon DynamoDB Streams in all AWS Regions. To learn more, refer to Working with DynamoDB Streams in the DynamoDB Developer Guide.  

AWS announces the general availability for Security Group (SG) Referencing and enhanced Domain Name System (DNS) support across Amazon Virtual Private Clouds (VPCs) connected by AWS Cloud WAN. With SG Referencing, customers can simplify management of Security Groups and gain a better security posture for cross-VPC connectivity via Cloud WAN. With enhanced DNS support, customers can enable the resolution of public DNS hostnames to private IP addresses for DNS queries from VPCs attached to Cloud WAN. Customers can configure Security Groups by specifying a list of rules that allow network traffic based on criteria such as IP addresses, Prefix-Lists, Ports and SG references. Until now, customers were not able to use SG references for controlling traffic between VPCs connected via Cloud WAN. SG Referencing allows customers to specify other SGs as references, or matching criterion in inbound security rules to allow instance-to-instance traffic. With this capability, customers do not need to reconfigure security rules as applications scale up or down or if their IP addresses change. Rules with SG references also provide higher scale as a single rule can cover thousands of instances and prevents customers from over-running SG rule limits. Both SG Referencing and enhanced DNS support are regional features on Cloud WAN, meaning VPCs must be connected to the same Core network edge (CNE) for these features to work. Security Group Referencing and enhanced DNS support on Cloud WAN are available in all AWS Regions where Cloud WAN is available. You can enable these features using the AWS Management Console, AWS Command Line Interface (CLI) and the AWS Software Development Kit (SDK). There is no additional charge for enabling SG Referencing or DNS support on Cloud WAN. For more information, see the AWS Cloud WAN documentation pages.

AWS Deadline Cloud monitor now includes a worker dashboard that makes it easy to monitor the performance of your workers. AWS Deadline Cloud is a fully managed service that simplifies render management for teams creating computer-generated graphics and visual effects for films, television, broadcasting, web content, and design. Understanding the CPU and memory usage of workers in a render farm is critical to ensuring efficient resource usage and rapidly troubleshooting issues. When renders are taking longer than expected, the worker dashboard helps determine if your instances are adequately sized for your workloads. Even when tasks are completing successfully, there may be opportunities to optimize your costs. The worker dashboard can reveal if you’re using larger instances than your workloads require. Worker dashboard for AWS Deadline Cloud Monitor is available in all AWS Regions where the service is offered. To learn more about AWS Deadline Cloud worker dashboard see the AWS Deadline Cloud documentation.

Amazon Managed Streaming for Apache Kafka (Amazon MSK) now supports Apache Kafka version 3.8 on Express Brokers, introducing new features, bug fixes, and performance improvements for Kafka workloads running on Express Brokers. The update brings enhancements in data compression capabilities. You can now configure compression levels for lz4, zstd, and gzip formats, allowing precise control over the balance between compression efficiency and resource usage. The transition to version 3.8 is straightforward – you can either create new clusters or upgrade your existing ones. For a detailed understanding of the specific improvements and bug fixes included in this release, see the Apache Kafka release notes for version 3.8.

Launching today, travel and hospitality organizations can now more seamlessly ingest and map data from their industry-specific source systems to Amazon Connect Customer Profiles to create a unified and comprehensive view of their end customers. Travel and hospitality organizations often have multiple source systems, including booking systems, loyalty programs, and customer service platforms with rich customer information, but it is difficult to integrate and analyze customer data because the schemas are complex and not standardized. Amazon Connect Customer Profiles now has industry-specific mapping to help unify customer data from over 75+ source systems with Amazon Connect data and other industry-specific systems like Amadeus. With Amazon Connect Customer Profiles, and other new features like profile explorer, organizations can easily access instant insights on individuals and groups of customers. Organizations can empower their staff across all touchpoints—from check-in desks to customer service activation within channels in Amazon Connect – to access the information they need to deliver personalized service. Amazon Connect Customer Profiles for travel and hospitality is available in 10 AWS Regions located here. Pricing is based on pay-as-you-go profile utilization. To learn more, visit the Amazon Connect Customer Profiles blog.  

AWS AppSync is a fully managed service that simplifies the development and deployment of GraphQL APIs. Starting today, AWS AppSync automatically enables encryption at-rest and in-transit for all new API caching configurations. This security enhancement applies to newly created caches, while existing caches maintain their current encryption settings. AWS AppSync SDKs have been updated to enforce encryption for new caches, ignoring any manual encryption configuration attributes. This default encryption strengthens your GraphQL APIs’ security posture by ensuring comprehensive protection of cached data without requiring additional configuration. The change aligns with AWS security best practices and simplifies the implementation of secure caching for your APIs. Customers can continue using their existing cache configurations without disruption while benefiting from enhanced security for new deployments. This update is available in all AWS Regions where AWS AppSync is offered. To learn more about AWS AppSync caching, visit our documentation or explore the full range of AWS AppSync features in our Developer Guide.

Amazon Relational Database Service (Amazon RDS) Custom for SQL Server now supports Cumulative Update (CU) 18 for Microsoft SQL Server 2022. This update is available for SQL Server Developer, Web, Standard, and Enterprise editions, and includes performance improvements and bug fixes. For more details about the improvements in this update, please review Microsoft KB5050771 release notes. You can upgrade with just a few clicks in the Amazon RDS Management Console or by using the AWS SDK or CLI. Learn more about upgrading your database instances from the Amazon RDS Custom User Guide. This CU is available in all AWS Regions where Amazon RDS Custom for SQL Server is available. RDS Custom is a managed database service that allows customization of the underlying operating system and database environment. RDS Custom for SQL Server supports two licensing models: License Included (LI) and Bring Your Own Media (BYOM). By using Bring Your Own Media (BYOM), customers can use their existing SQL Server licenses with Amazon RDS Custom for SQL Server. See Amazon RDS Custom Pricing for pricing details and regional availability.  

Amazon Q Developer transformation capabilities now support customization of Java upgrades in Java upgrade transformation CLI (command line interface) with a new selective transformation feature. Using this feature, you can use natural language chat and/or an input file to tailor transformation plans and exercise greater control over Java upgrades. The following options are supported: Selection of steps from a transformation plan and breakdown of a transformation job for granular code reviews For first-party and third-party dependencies, the libraries and their versions you would like Q Developer to upgrade during JDK version upgrades Amazon Q Developer Java upgrade capabilities now have been tested to offer enhanced transformation success rates, reducing the manual effort needed to complete your software modernization tasks. The selective transformation feature for Java upgrades is available in the command line, on Linux and MacOS. To learn more and get started, please visit the documentation page.