AWS releases
Amazon Web Services releases and Terraform AWS provider. New features, breaking changes, security advisories and deprecations - each summarised in plain English and updated continuously.
Tracking 284 AWS releases · Updated
- AWS What's New securitygovernanceawshealthcarefinancegovernment ·
AWS Management Console Private Access enhances VPC connectivity without internet
AWS Management Console Private Access now allows customers to access the AWS Console from VPCs without internet connectivity, improving network security for air-gapped environments. This enhancement, which leverages AWS PrivateLink, is particularly beneficial for regulated industries like finance, government, and healthcare, and enterprises with stringent security needs. The capability is available in all AWS commercial regions, with costs based on PrivateLink VPC endpoint usage.
feature - AWS What's New governanceawsengineer ·
AWS Cost Explorer retains historical data for billed accounts
AWS Cost Explorer now retains historical billing data at original billable rates for accounts within billing groups, addressing a previous restriction. This change, enabled by AWS Billing Conductor and Billing Transfer, ensures reporting continuity for customers using these services. Accounts already onboarded will gain access automatically, with Billing Transfer available in most AWS Regions.
feature - AWS What's New governanceawsengineer ·
Amazon S3 Access Grants available in AWS European Sovereign Cloud (Germany)
Amazon S3 Access Grants can now be created in the AWS European Sovereign Cloud (Germany) Region, simplifying access management for S3 datasets. These grants map directory identities to S3 data, enabling scalable permission management by granting access based on corporate identities. This feature is now available in Germany and can be explored further on the S3 product page.
feature announcement - AWS What's New governanceawsgaarchitecthealthcare ·
AWS Glue Data Catalog adds IAM authorization for S3 Tables, Iceberg views in GovCloud
AWS Glue Data Catalog now supports IAM-based authorization for Amazon S3 Tables and Apache Iceberg materialized views, simplifying permission management for analytics services. This feature allows unified permissions across storage, catalog, and query engines, enhancing integration with services like Athena and EMR. It is now available in AWS GovCloud (US) Regions and offers optional integration with AWS Lake Formation for finer-grained access control.
feature - AWS What's New governanceawsengineergovernment ·
Amazon MQ for RabbitMQ now available in AWS European Sovereign Cloud (Germany)
Amazon MQ for RabbitMQ can now be deployed in the AWS European Sovereign Cloud (Germany), an independent EU-based cloud designed for regulated industries and public sector organizations. This managed message broker service allows customers to use familiar RabbitMQ APIs and protocols for migrating workloads without code rewrites. It supports RabbitMQ engine version 4.2 and Graviton3-based m7g instances for high-performance messaging.
feature announcement - AWS What's New securitygovernanceawsengineer ·
AWS Config supports internal service-linked rules
AWS Config now supports internal service-linked rules, allowing AWS services to evaluate resource configurations using managed rules. This feature enables integrated security and compliance capabilities by letting services like Security Hub deploy and manage rule evaluations, with results delivered at no charge to customers. These rules operate independently of customer-managed recorders, offering enhanced governance and auditing flexibility.
feature - AWS What's New securitygovernanceawsengineer ·
SageMaker Unified Studio supports IAM permissions boundaries
Amazon SageMaker Unified Studio now supports custom IAM permissions boundaries for roles provisioned with new projects. This allows organizations enforcing Service Control Policies (SCPs) to adopt SageMaker without altering security postures. Administrators can specify a permissions boundary in the Tooling blueprint, automatically applying it to all new project roles, enhancing control and simplifying compliance.
feature - AWS What's New governanceawsengineer ·
Amazon Connect improves scheduling for ad-hoc agent activities
Amazon Connect now automatically optimizes the placement of ad-hoc agent activities within schedules, minimizing impact on service levels. This feature allows supervisors to easily schedule non-productive events like training or meetings using flexible placement methods, reducing manual effort. The improved scheduling capability is now available in all AWS regions supporting Amazon Connect agent scheduling.
feature - AWS What's New governanceaws ·
Amazon Connect allows scheduling tasks up to 90 days in advance
Amazon Connect now supports scheduling tasks up to 90 days in the future, enabling better planning and tracking of long-running customer follow-up work. This feature allows organizations to proactively manage complex workflows, such as insurance claim processing, by ensuring tasks are routed to the appropriate teams with context at the right time. The capability is accessible via the StartTaskContact API, flows, or the agent workspace and is available in all commercial and AWS GovCloud (US) regions.
feature - AWS What's New governanceawsengineer ·
AWS Budgets widget added to Billing and Cost Management Dashboards
AWS Billing and Cost Management now offers a Budgets widget for its dashboards, allowing users to monitor budget performance alongside other cost reports in a single view. This enhancement reduces the need to navigate between separate pages, benefiting finance teams and cloud administrators by enabling faster budget monitoring and easier stakeholder reporting. The feature is available in all commercial AWS Regions at no extra cost.
feature - AWS What's New securitygovernanceinfraawsengineer ·
AWS Organizations adds CloudTrail events for account membership changes
AWS Organizations now automatically emits CloudTrail events for accounts joining or leaving the organization. These new events, AccountJoinedOrganization and AccountDepartedOrganization, enhance visibility for security teams and administrators, aiding in the detection of unauthorized activities. The events provide details on how accounts joined or departed, along with timestamps, enabling real-time notifications and supporting use cases like fraud detection and security monitoring.
feature - AWS What's New governanceawsengineer ·
Amazon Connect adds tag-based access to agent login/logout report
Amazon Connect now allows tag-based access controls for the agent login/logout report, enabling granular permissions for accessing this data. Contact center administrators can leverage resource tags to restrict who views login and logout information for specific agents. This feature is available in all commercial AWS regions and AWS GovCloud (US-West) where Amazon Connect is offered.
feature - AWS What's New securitygovernanceawsengineer ·
GuardDuty Malware Protection adds S3 continuous backup scanning
Amazon GuardDuty Malware Protection now supports S3 continuous backups, enabling malware scanning for recovery points. This feature allows users to identify clean points in time, verify recovery safety, and initiate restores with greater confidence. Support is available in all regions where GuardDuty Malware Protection is offered, accessible via the AWS Backup console, API, or CLI.
feature - AWS What's New governanceawsengineer ·
SageMaker Unified Studio adds business metadata and governance to IAM domains
Amazon SageMaker Unified Studio now supports business context, metadata, and data governance for IAM-based domains. This allows customers to enrich AWS Glue Data Catalog tables with business names, descriptions, and documentation, potentially using AI for automatic generation. The update aims to improve data discovery and access management for data engineers, analysts, and scientists across the organization. These capabilities are now available in all supported AWS Regions.
feature - AWS What's New governanceawsengineer ·
AWS Billing Conductor Adds Billing Transfer Inventory and Notifications
AWS Billing Conductor now provides a new Billing Transfer Inventory page in the console to help customers identify accounts that have accepted billing transfer invites but lack pro forma billing data access. This feature enhances visibility into billing data gaps, ensuring accounts are properly configured. Customers can also opt-in to daily notifications via AWS User Notifications and Amazon EventBridge for summaries of incomplete billing transfers, with notifications delivered through various channels.
feature