AWS Knowledge Hub

AWS Blog

|Source|Topic
AWS News

AWS Interconnect is now generally available, with a new option to simplify last-mile connectivity

AWS Interconnect – multicloud is a managed private connectivity service that connects your Amazon VPC directly to VPCs on other cloud providers. AWS also introduces an Interconnect – last mile capability that simplifies establishing high-speed, private connections to AWS.

Security

Secure AI agent access patterns to AWS resources using Model Context Protocol

AI agents and coding assistants interact with AWS resources through the Model Context Protocol (MCP). Unlike traditional applications with deterministic code paths, agents reason dynamically, choosing different tools or accessing different data depending on context.

Machine Learning

Navigating the generative AI journey: The Path-to-Value framework from AWS

This post introduces the Generative AI Path-to-Value (P2V) framework, a structured approach to help you move generative AI initiatives from concept to production and sustained value creation.

Machine Learning

Best practices to run inference on Amazon SageMaker HyperPod

Amazon SageMaker HyperPod provides a comprehensive solution for inference workloads with dynamic scaling, simplified deployment, and intelligent resource management. Reduce your total cost of ownership by up to 40% while accelerating generative AI deployments.

Machine Learning

Spring AI SDK for Amazon Bedrock AgentCore is now Generally Available

With the new Spring AI AgentCore SDK you can build production-ready AI agents and run them on the highly scalable AgentCore Runtime. Build an AI agent with a chat endpoint, streaming responses, conversation memory, and tools for web browsing and code execution.

AWS News

AWS Weekly Roundup: Claude Mythos Preview in Amazon Bedrock, AWS Agent Registry, and more

This week: Claude Mythos Preview in Amazon Bedrock, the launch of AWS Agent Registry, plus cost visibility improvements for AI workloads moving from experimentation to full production across teams worldwide.

DevOps

Troubleshooting environment with AI analysis in AWS Elastic Beanstalk

Elastic Beanstalk now offers AI Analysis to help troubleshoot environment health issues. When you request an analysis, Elastic Beanstalk triggers a script that collects environment telemetry and feeds it to an AI model to surface root causes faster.

Machine Learning

How to build effective reward functions with AWS Lambda for Amazon Nova model customization

This post demonstrates how Lambda enables scalable, cost-effective reward functions for Amazon Nova customization using RLVR for objectively verifiable tasks and RLAIF for subjective evaluation, with multi-dimensional reward systems to prevent reward hacking.

Architecture

Build a multi-tenant configuration system with tagged storage patterns

Learn how to build a scalable, multi-tenant configuration service using the tagged storage pattern—an architectural approach that uses key prefixes to automatically route configuration requests to the most appropriate storage service while maintaining strict tenant isolation.

Security

A framework for securely collecting forensic artifacts into S3 buckets

When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and validate remediation efforts. This post walks through a repeatable framework aligned with NIST 800-86.

Security

Building AI defenses at scale: Before the threats emerge

At AWS, we've spent decades developing processes and tools that enable us to defend millions of customers simultaneously. AI-powered log analysis, automated threat intelligence, and proactive defense patterns help teams stay ahead of emerging AI-specific threats.

AWS News

Launching S3 Files, making S3 buckets accessible as file systems

Amazon S3 Files makes S3 buckets accessible as high-performance file systems on AWS compute resources, eliminating the trade-off between object storage benefits and interactive file capabilities while enabling seamless data sharing with ~1ms latencies.

AWS News

AWS Weekly Roundup: AWS DevOps Agent & Security Agent GA, Product Lifecycle updates, and more

This week: AWS DevOps Agent and Security Agent reach general availability, Product Lifecycle management updates, and highlights from the AWS Hong Kong User Group events.

Architecture

Unlock efficient model deployment: Simplified Inference Operator setup on Amazon SageMaker HyperPod

This post walks through the new installation experience for SageMaker HyperPod, demonstrating three deployment methods (console, CLI, and Terraform) and shows how features like multi-instance-type deployment and native node affinity give fine-grained control over inference scheduling.

Security

Introducing the Landing Zone Accelerator on AWS Universal Configuration and LZA Compliance Workbook

AWS releases the latest security baseline from Landing Zone Accelerator—the Universal Configuration. Developed from real-world customer patterns, this workbook provides practical compliance guidance for organizations migrating critical workloads to the cloud.

DevOps

Streamlining Cloud Compliance at GoDaddy Using CDK Aspects

CDK Aspects are a powerful mechanism for applying organization-wide policies—security rules, tagging standards, compliance requirements—across your entire infrastructure as code. GoDaddy implemented this to enforce standards across hundreds of repositories.

Security

How AWS KMS and AWS Encryption SDK overcome symmetric encryption bounds

If you run high-scale applications that encrypt large volumes of data, this post explains how AWS KMS and the AWS Encryption SDK handle AES-GCM encryption limits automatically using derived key generation, removing the operational burden from your team.

AWS News

Amazon Bedrock Guardrails supports cross-account safeguards with centralized control and management

Organizational safeguards are now generally available in Amazon Bedrock Guardrails, enabling centralized enforcement and management of safety controls across multiple AWS accounts within an AWS Organization—without per-account configuration overhead.

Security

Four security principles for agentic AI systems

Agentic AI represents a qualitative shift in how software operates. Unlike deterministic code or generative AI, agents connect to APIs and use LLMs as reasoning engines. This post defines four foundational security principles every team must apply when deploying AI agents.

DevOps

Securely connect AWS DevOps Agent to private services in your VPCs

AWS DevOps Agent is your always-available operations teammate that resolves and proactively prevents incidents, optimizing application reliability and performance across AWS, multicloud, and on-premises environments. Learn how to connect it securely to private VPC services.

Architecture

Automate safety monitoring with computer vision and generative AI

This post describes a solution that uses fixed camera networks to monitor operational environments in near real-time, detecting safety hazards while capturing object floor projections. The architecture scales to hundreds of sites using synthetic data generation with generative AI tools like GLIGEN.

AWS News

Announcing managed daemon support for Amazon ECS Managed Instances

Amazon ECS Managed Daemons gives platform engineers independent control over monitoring, logging, and tracing agents without application team coordination, ensuring consistent daemon deployment and comprehensive host-level observability at scale.

Machine Learning

AWS launches frontier agents for security testing and cloud operations

AWS Security Agent on-demand penetration testing and AWS DevOps Agent are now generally available, representing a new class of AI capabilities called frontier agents. In preview, AWS Security Agent compressed penetration testing timelines from weeks to hours.

Architecture

Streamlining access to powerful disaster recovery capabilities of AWS

Starting with AWS Backup to protect your data, then adding EC2 protection using AWS Elastic Disaster Recovery, this post shows how to use the full capabilities of AWS to restore your entire workload—data, infrastructure, networking, and configuration—using Arpio automation.

Security

New compliance guide available: ISO/IEC 27001:2022 on AWS

AWS releases a practical compliance guide for organizations designing and operating an Information Security Management System (ISMS) using AWS services, aligned with the globally recognized ISO/IEC 27001:2022 standard.

Security

AWS Security Agent on-demand penetration testing now generally available

AWS Security Agent on-demand penetration testing is now generally available, enabling comprehensive security tests across all your applications, transforming penetration testing from a periodic bottleneck into an on-demand capability that scales with your development velocity.

DevOps

Leverage Agentic AI for Autonomous Incident Response with AWS DevOps Agent

When distributed workloads break, the information needed to resolve incidents is scattered across logs, pipelines, and monitoring tools. Learn how AWS DevOps Agent correlates telemetry from multiple sources to accelerate root cause analysis after hours.

AWS News

Announcing the AWS Sustainability console: Programmatic access, configurable CSV reports, and Scope 1–3 reporting in one place

AWS launches a new standalone Sustainability console that consolidates carbon emissions reporting and resources, giving sustainability teams independent access to Scope 1, 2, and 3 emissions data without requiring billing permissions.

Architecture

How Aigen transformed agricultural robotics for sustainable farming with Amazon SageMaker AI

Learn how Aigen modernized its ML pipeline with Amazon SageMaker AI to scale sustainable farming across hundreds of distributed edge solar robots. Automated data labeling and human-in-the-loop validation increased image labeling throughput by 20x while reducing costs by 22.5x.

Architecture

Architecting for agentic AI development on AWS

This post demonstrates how to architect AWS systems that enable AI agents to iterate rapidly through design patterns for both system architecture and codebase structure. Covers architectural problems that limit agentic development and codebase patterns that help AI agents understand and modify applications.

Security

Preparing for agentic AI: A financial services approach

Deploying agentic AI in financial services requires additional security controls addressing AI-specific risks. This post walks through comprehensive observability and fine-grained access controls, with seven design principles for meeting regulatory requirements while deploying secure AI solutions.

AWS News

Customize your AWS Management Console experience with visual settings including account color, region and service visibility

AWS introduces visual customization in the Management Console that enables selective display of relevant AWS Regions and services for team members. By hiding unused Regions and services, you can reduce cognitive load and eliminate unnecessary clicks and scrolling.

Architecture

How Generali Malaysia optimizes operations with Amazon EKS

Generali Malaysia uses Amazon EKS Auto Mode and its integration with other AWS services to enhance performance while reducing operational overhead, optimizing costs, and enhancing security through a centralized security posture management approach.

Security

IAM policy types: How and when to use them

You manage access in AWS by creating policies and attaching them to IAM principals or AWS resources. This comprehensive guide (updated March 2026) covers all IAM policy types including the recently added resource control policies, with clear guidance on when to apply each type.

AWS News

Announcing Amazon Aurora PostgreSQL serverless database creation in seconds

AWS introduces a new express configuration for Amazon Aurora PostgreSQL—a streamlined database creation experience with preconfigured defaults to get started in seconds. Now available with AWS Free Tier for developers to start building immediately.

Architecture

AI-powered event response for Amazon EKS

Learn how AWS DevOps Agent integrates with your existing observability stack to provide intelligent, automated responses to system events across Amazon EKS clusters, reducing mean time to recovery and enabling autonomous incident resolution.

AWS News

Our First 2026 AWS Heroes Cohort Is Here!

We're thrilled to celebrate three exceptional developer community leaders as AWS Heroes. These individuals represent the heart of what makes the AWS community so vibrant—building connections, forging genuine relationships, and creating pathways for others to grow.

AWS News

20 years in the AWS Cloud – how time flies!

Celebrating twenty years of innovation in ML and AI technology at AWS. Countless developers have embraced cloud computing and actively used its capabilities to accomplish what was previously impossible—a reflection on two decades of AWS.

AWS News

Twenty years of Amazon S3 and building what's next

Some reflections on 20 years of innovations in Amazon S3, including S3 Tables for structured data, S3 Vectors for semantic search, and S3 Metadata—the latest developments in the foundational storage service that defined cloud infrastructure.

AWS News

Introducing account regional namespaces for Amazon S3 general purpose buckets

AWS launches a new feature that lets you create general purpose S3 buckets in your own account regional namespace, simplifying bucket creation and management as your data storage needs grow in size and scope across accounts and regions.

DevOps

Automate AWS Lambda Runtime Upgrades with AWS Transform custom

Organizations carry a growing burden of technical debt—aging codebases, outdated runtimes, and legacy frameworks. AWS Transform custom uses agentic AI to perform large-scale modernization of Lambda functions, runtime migrations, and framework transitions at scale.

DevOps

Standardizing construct properties with AWS CDK Property Injection

Standardizing CDK construct properties across a large organization requires repetitive manual effort that scales poorly as teams and repositories grow. CDK Property Injection lets you declare defaults once and enforce them automatically across similar resource types.

AWS News

Introducing OpenClaw on Amazon Lightsail to run your autonomous private AI agents

AWS launches OpenClaw on Amazon Lightsail—your Lightsail OpenClaw instance is pre-configured with Amazon Bedrock, pairing your browser and enabling AI capabilities with optional messaging channel connections, no additional configuration required.

Architecture

The Hidden Price Tag: Uncovering Hidden Costs in Cloud Architectures with the AWS Well-Architected Framework

Following the AWS Cloud Adoption Framework and AWS Well-Architected Framework can help reduce cost risks through proper implementation of AWS guidance and best practices, while taking into consideration the practical challenges organizations face including resource constraints and competing priorities.

AWS News

AWS Security Hub Extended offers full-stack enterprise security with curated partner solutions

AWS announces general availability of AWS Security Hub Extended, a unified, full-stack enterprise security solution that brings together AWS detection services and curated partner solutions through a single, simplified experience.

Architecture

Digital Transformation at Santander: How Platform Engineering is Revolutionizing Cloud Infrastructure

Santander faced a significant technical challenge managing infrastructure that processes billions of daily transactions across 200+ critical systems. The Catalyst platform engineering initiative transformed their cloud infrastructure and development management at scale.

Architecture

6,000 AWS accounts, three people, one platform: Lessons learned

ProGlove chose an account-per-tenant approach for their serverless SaaS architecture and this changes the operational model significantly. This post covers the challenges around automation, observability, and cost management when running thousands of isolated accounts.

AWS News

Transform live video for mobile audiences with AWS Elemental Inference

AWS Elemental Inference is a fully managed AI service that automatically transforms live and on-demand video broadcasts into vertical formats optimized for mobile and social platforms in real time, enabling broadcasters to reach audiences on TikTok, Instagram Reels, and YouTube Shorts.

Architecture

How Salesforce migrated from Cluster Autoscaler to Karpenter across their fleet of 1,000 EKS clusters

Salesforce, operating one of the world's largest Kubernetes deployments, successfully migrated from Cluster Autoscaler to Karpenter across their fleet of 1,000+ Amazon EKS clusters. Learn the migration strategy, key challenges, and outcomes achieved at scale.

DevOps

Best Practices for Deploying AWS DevOps Agent in Production

Root cause analysis during incidents is one of the most time-consuming parts of operating cloud applications. Engineers must quickly correlate telemetry data across services and review deployment history under pressure. AWS DevOps Agent brings autonomous investigation capabilities to reduce this burden.