aws.amazon.com

AWS HealthOmics now supports workflow versioning, enabling customers to manage multiple versions of their bioinformatics workflows efficiently. AWS HealthOmics is a HIPAA-eligible service that helps healthcare and life sciences customers accelerate scientific breakthroughs with fully managed biological data stores and workflows. With this release, workflow developers can create and maintain multiple versions of their workflows while retaining consistent workflow IDs and base ARNs across versions. With workflow versioning, users can select specific workflow versions when starting a run, enabling better control and reproducibility of their analyses. This simplifies collaboration by automatically sharing new workflow versions with existing subscribers, eliminating the need for manual resharing and ensuring teams always have access to the latest workflow iterations. Workflow versioning is supported in al

AWS launches CloudWatch cross-account observability in the AWS GovCloud (US) Regions, enabling monitoring and troubleshooting of applications across multiple AWS accounts within an AWS GovCloud (US) Region. CloudWatch Cross-account observability allows seamless searching, visualization, and analysis of metrics, logs, and traces, removing account boundaries. Security teams, operations teams, and service owners can now easily explore cross-account telemetry and analyze them to drive powerful insights helping to efficiently monitor and troubleshoot application health issues. CloudWatch Cross-account observability enables searching log groups across multiple accounts, running cross-account Logs Insights queries, and creating Contributor Insights rules to identify top contributors generating log entries. You can now run Metrics Insights queries on your cross-account metrics for a consolidated view and create cross-account alarms. With cross-account observability, you can now use

Amazon Managed Service for Prometheus now supports label-based active series limits within your workspace. This feature helps you manage active series volume across different producers such as applications, services or teams that share a workspace. You can now allocate specific active series limits to different metric producers in your workspace, enabling you to protect your critical metrics. If a sub-set of metrics experience an unexpected surge, only the metrics sharing the same label-based active series limits are throttled. For example, you can set different limits for metrics from different applications using label sets like {app="payment-service", environment="prod"}. If the payment-service application produced an unexpected surge in metrics, only ingested metrics originating from the payment-service application are throttled. This experience is enabled by the new Workspace Configuration APIs. Us

AWS customers can now access Amazon Lightsail from within the AWS Console Mobile App to monitor and manage Lightsail instances, containers, databases, network, storage, snapshots, domains and DNS while on the go. Visit the Services tab in the AWS Console Mobile App and select Lightsail to get started. The AWS Console Mobile App enables AWS customers monitor and manage a select set of resources and receive push notifications to stay informed and connected with their AWS resources while on-the-go. The sign-in process supports biometrics authentication, making access to AWS resources simple, secure, and quick. Lightsail offers easy-to-use virtual private server (VPS) instances, storage, databases, and more for a cost-effective monthly price. For AWS services not available natively, customers can access the AWS Management Console via an in-app browser to access service pages without additional authentication, manual navigation, or need to switch from the app to a browser.

AWS Security Token Service (AWS STS) now automatically serves all requests to the global endpoint (sts.amazonaws.com) in the same AWS Region as your deployed workloads, enhancing resiliency and performance. Previously, all requests to the STS global endpoint were served from the US East (N. Virginia) Region. With this enhancement, your applications benefit from improved latency and fault isolation as requests are processed in the same Region as your workloads. For example, if your application runs in US West (Oregon) and calls the STS global endpoint, your requests are now served locally in US West (Oregon) instead of being routed to US East (N. Virginia). This update is available in all AWS Regions that are enabled by default. No action is required from customers to benefit from these improvements. Any requests to the STS global endpoint from Regions not enabled by default (i.e. opt-in Regions) will continue to be served in US East (N. Virginia). We conti

Amazon CloudWatch agent support for Red Hat OpenShift Service on AWS (ROSA) enables monitoring of applications and infrastructure using familiar CloudWatch tools such as Container Insights and Application Signals. ROSA is a fully-managed cloud service that helps customers to quickly deploy, operate, and scale containerized applications on AWS with the same consistent OpenShift experience they have on-premises. This new capability allows DevOps teams and application owners to gain deep visibility into their ROSA clusters' performance, health, and resource utilization leveraging AWS's native observability tools. CloudWatch agent on ROSA enables the collection and analysis of metrics, logs, and traces from containerized applications and underlying infrastructure components, helping customers to identify the impact of anomalies on end-user experience. This integration streamlines the troubleshooting process and allows teams to quickly identify issues across their ROSA clusters

AWS announces AWS Security Incident Response with AWS PrivateLink integration, enabling customers to manage their service membership directly from their Amazon Virtual Private Cloud (VPC). Now, together with AWS PrivateLink, customers can access AWS Security Incident Response APIs while keeping their traffic off the public internet, adding an extra layer of security when managing and recovering from sensitive security events. This integration offers several benefits to AWS customers. First, it can improve the security perimeter of incident response processes by keeping all traffic within AWS-supported private networks. Second, it simplifies network architecture by removing the requirement for internet gateways, NAT devices, or firewall rules. Lastly, it helps meet compliance requirements that mandate private connectivity for sensitive security response and recovery, making it easier for organizations in regulated industries to adopt and use AWS Security Incident Response.

Amazon Connect Cases now provides capabilities to help contact centers track and meet service level agreements (SLAs) on cases. Using the Amazon Connect UI, admins can set up SLA rules based on case attributes and configure target statuses and resolution times. Agents and managers can view the real-time SLA status directly in their case list view to prioritize urgent work, while admins can create rules to automatically escalate or route cases to another team when SLAs are not met. For example, a company can use this feature to monitor whether high-priority cases are reviewed within 4 hours and closed within 24 hours, making it easier to meet case handling service commitments. Amazon Connect Cases is available in the following AWS regions: US East (N. Virginia), US West (Oregon), Canada (Central), Europe (Frankfurt), Europe (London), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Tokyo) AWS regions. To learn more and get started, vis

Amazon EventBridge announces support for Amazon Key Management Service (KMS) Customer Managed Keys (CMK) in API destinations connections. This enhancement enables you to encrypt your HTTPS endpoint authentication credentials managed by API destinations with your own keys instead of an AWS owned key (which is used by default). With CMK support, you now have more granular security control over your authentication credentials used in API destinations, helping you meet your organization's security requirements and governance policies. Customer managed Keys (CMK) are KMS keys that you create and manage by yourself. You can also audit and track usage of your keys via CloudTrail. EventBridge API destinations are private and public HTTPS endpoints that you can invoke as the target of an event bus rule or pipe, similar to how you invoke an AWS service or resource as a target. API destinations provides flexible authentication options for HTTPS endpoints, such as API key and OAuth, st

AWS Application Migration Service is now authorized for Department of Defense Cloud Computing Security Requirements Guide Impact Levels 4 and 5 (DoD CC SRG IL4 and IL5) in the AWS GovCloud (US-East and US-West) Regions. This authorization builds on AWS Application Migration Service’s existing FedRAMP High categorization level in the AWS GovCloud (US-East and US-West) Regions as well as numerous compliance programs and standards, including HIPAA (Health Insurance Portability and Accountability Act), PCI DSS (Payment Card Industry – Data Security Standard), ISO (International Organization for Standardization), SOC 1, 2, and 3 (System and Organization Controls). To learn more about AWS Application Migration Service compliance validation, visit the documentation here. Application Migrat