June 2021

AWS CloudFormation now supports increased limits on the default number of stacks allowed per AWS account. The number of stacks that can be created in an account is now 2000 (previously 200).

Amazon Lightsail now provides you with the ability to store your static content such as images, videos or HTML files in an object storage that can be used for your websites and applications. Lightsail object storage can be associated to your Lightsail CDN distribution with a few simple clicks, making it quick and easy to accelerate the delivery of your content to a global audience. It can also be used as a low cost, secure backup solution. Lightsail object storage comes with the same predicable pricing as its other offerings with three different flat rate bundles starting at $1/month.

With Advance Pay, you can now pay for your AWS usage in advance, and pay your future invoices automatically. Once you add funds to Advance Pay, AWS will automatically use them to pay for your invoices when they become due for payment. 

Amazon Textract is a machine learning service that automatically extracts text, handwriting and data from scanned documents that goes beyond simple optical character recognition (OCR) to identify, understand, and extract data from forms and tables. We continuously improve the underlying machine learning models based on your feedback to provide even better accuracy. Today, we are pleased to announce an accuracy enhancement update to the handwriting extraction feature. Starting today, you will see improved accuracy of handwritten transcriptions, specifically for numerals, dates, phone numbers, and website address across many documents in finance, healthcare, legal, public sector, and others. Textract now more accurately detects handwriting within documents such as checks, medical forms, travel forms and more. 

You can now deploy Amazon AppStream 2.0 in the AWS Europe (London) Region. Deploying AppStream 2.0 in your local region provides users with a more responsive experience and helps support your local data residency obligations. With this launch, you can deploy General Purpose, Compute Optimized, Memory Optimized, Graphics Design, Graphics Pro and Graphics G4 instances to meet the needs of your users.

You can now share files directly with specific experts in AWS IQ chat interface. Experts can also share files in the chat, attach files to a proposal, or to a payment request after completing work.

We are delighted to announce the addition of Tag Tamer to the AWS Solutions Implementations portfolio. AWS Solutions Implementations help you solve common problems and build faster using the AWS platform.

When using AWS DataSync to copy data between Amazon FSx for Windows File Server file systems and Server Message Block (SMB) shares, you can now copy object metadata describing NTFS system access control lists typically used by administrators to define the operations on files and folders that generate audit logs. With this launch, DataSync can now copy all access control entries (ACEs) for files and folders between your SMB shares and FSx for Windows File Server file systems as well as between FSx for Windows File Server file systems.

AWS now supports three additional Amazon Elastic Block Store (Amazon EBS) volume types in the Los Angeles AWS Local Zones: General Purpose SSD (gp3), Throughput Optimized HDD (st1), and Cold HDD (sc1) volumes. With this expansion, you can now use gp3, st1, and sc1 volume types in addition to your existing gp2 and io1 volumes in the Los Angeles AWS Local Zones.

AWS Glue DataBrew now supports the ability to write datasets created from jobs that run your data preparation recipes directly to the AWS Glue Data Catalog. You can choose to store datasets in Amazon S3, Amazon Redshift, and Amazon RDS (Aurora, Oracle, SQL Server, MySQL, and PostgreSQL) tables in the Data Catalog.

AWS Storage Gateway is now available in the AWS Asia Pacific (Osaka) Region.

AWS Glue DataBrew adds support for creating datasets with .csv files that have the backslash or escape (\) delimiter. The full list of supported delimiters for .csv files can be found here.

We are excited to announce that AWS now offers new framework-specific Deep Learning AMI (DLAMI). Today we launched framework-specific DLAMIs for PyTorch 1.9.0 and TensorFlow 2.5.0, with support for Amazon Linux 2, Ubuntu 18.04, and Ubuntu 20.04. The AWS DLAMIs provide machine learning practitioners and researchers with the infrastructure and tools to accelerate deep learning in the cloud, at any scale. These optimized new images are up to 60% smaller in size, accelerating the time for machine learning practitioners to launch DLAMIs on AWS. We will continue to release and support DLAMI in the previous format that includes multiple frameworks and operating systems within a single AMI.

As you prepare your data, AWS Glue DataBrew adds support to automatically identify and mark advanced data types for columns, making it easy to normalize columns containing data of types: Social Security Number (SSN), Email Address, Phone Number, Gender, Credit Card, URL, IP Address, Date and Time, Currency, Zip Code, Country, Region, State, and City. Additionally, DataBrew visually marks columns containing Personally Identifiable Information (PII), allowing you to easily scan for all PII columns in your dataset and apply transformations. Learn more about all supported advanced datatypes.

AWS Glue Schema Registry now supports defining schemas in JSON Schema format in addition to Apache Avro, allowing customers who choose JSON Schema as the format for their streaming data to centrally control the evolution of data streams and avoid having to manage their own registries. Through Apache-licensed serializers and deserializers, Glue Schema Registry integrates with Java applications developed for Apache Kafka/Amazon Managed Streaming for Apache Kafka (Amazon MSK), Amazon Kinesis Data Streams, Apache Flink/Amazon Kinesis Data Analytics for Apache Flink, and AWS Lambda.

We are excited to announce an update to Amazon GameLift, an AWS managed service. Trusted by game companies from all over the world like Wargaming, Metalhead Software, and Illfonic, GameLift FlexMatch launched in 2017 as a feature that uses a powerful matchmaking algorithm and flexible developer-defined rules to create high-quality matches at AWS scale. 

Today, Amazon Web Services (AWS) announced the General Availability of the Amazon ECS-optimized Bottlerocket Amazon Machine Image (AMI). Bottlerocket is an open source Linux-based Operating System (OS) that is purpose-built to run containers. Bottlerocket includes only the software needed to run containers and comes with a single step update mechanism. This enables you to improve security posture and reduce maintenance overhead for your Amazon ECS clusters. With this release, Amazon ECS also helps you automate OS updates for Bottlerocket, helping you improve application availability and reduce disruption during updates.

Self-service features and trusted device support are now available on the WorkSpaces Android Client app on Google Play that runs on Android and Android-compatible Chrome OS devices. The new features are intended for customers who use Android or Android-compatible Chrome OS devices as primary WorkSpaces client endpoint devices.

AWS Lambda functions that are triggered from self-managed Apache Kafka topics can now access usernames and passwords secured by AWS Secrets Manager using SASL/PLAIN, a simple username/password authentication mechanism that is typically used with TLS for encryption to implement secure authentication. This is in addition to SASL/SCRAM, which is already supported on Lambda. To get started, customers who select Apache Kafka as the event source for their Lambda function can choose SASL/PLAIN as their authentication mechanism, and select their credentials from Secrets Manager on the AWS Management Console, AWS CLI or AWS SDK for Lambda. This feature requires no additional charge to use, and is available in all AWS Regions where self-managed Apache Kafka is supported as an event source for AWS Lambda. To learn more about using SASL/PLAIN authentication for your Lambda functions triggered from Amazon MSK topics, read the Lambda Developer Guide.

Session Manager, a capability of AWS Systems Manager, now supports free text search for nodes in the search bar of the Session Manager console. Customers can easily locate the node to connect to without knowing the exact value of a property such as Name or Instance ID. The free text search is supported for multiple properties of a managed node, including Instance ID, Name, Agent Version, Platform, Status, and many more.

AWS CloudFormation Modules are now available in AWS GovCloud (US). A Module encapsulates one or more AWS or Non-AWS resources and their configurations for reuse across your organization.

AWS Identity and Access Management (IAM) Access Analyzer makes it easier for customers to author secure and functional permissions by providing over 100 policy checks with actionable recommendations during policy authoring. Now, IAM Access Analyzer extended policy validation by adding new policy checks that validate conditions included in IAM policies. These checks analyze the condition block in your policy statement and report security warnings, errors, and suggestions along with actionable recommendations. These checks help you set fine-grained permissions by guiding you to apply conditions in a secure and functional way. For example, IAM Access Analyzer validates that policies that specify tagging conditions include the required tag information in the condition. 

AWS Elemental MediaConvert has added support for HDR10+ metadata analysis and insertion. HDR10+ is a technology that further enhances HDR video with dynamic color metadata for viewing devices to adjust automatically on a scene-by-scene basis. Using MediaConvert you now have the option to perform a HDR10+ analysis on your HDR10 content and then to insert the resulting metadata into the encoded outputs for consumption on HDR10+ enabled devices. This metadata is treated like an enhancement layer to the base HDR10 metadata and allows for backwards compatibility with HDR10 compliant devices.

AWS Elemental MediaConvert now supports creating AVC-Intra, VC3, and XAVC mezzanine formats carried in the MXF container. Often referred to as “intermediate” or “editing” file formats, these lightly compressed video codecs balance quality and performance by providing visually lossless compression, lightweight decoding requirements, and native editing and playback support in non-linear editing tools.

Starting today, AWS Firewall Manager is available in Asia Pacific (Osaka).

With the Apple Business Chat integration in Amazon Connect, your customers can interact with you using the Apple Messages application on their iPhone, iPad, or Mac. Your customers can now have an experience that is as familiar and convenient as chatting with a friend, while using rich customer service features like interactive messages to do things like schedule appointments. Apple Business Chat makes it easy for your customers to chat with you anytime they click on your registered phone number on an Apple device. The Apple Business Chat integration allows you to use the same configuration, analytics, routing, and agent UI that you're already using for Amazon Connect Voice and Chat.

AWS WAF now supports 15 additional text transformations, allowing you to reformat web requests to remove any unusual formatting, or sanitize input before rule evaluation. It can be used to identify threats that may be obscured by attackers in an effort to bypass detection. You can use these new text transformations with WAF rule statements, such as SQLi detection, string match, and regex pattern set. You can chain up to 10 text transformations together in a single rule statement. Once configured, AWS WAF will apply the transformations first before evaluating the rule statement.

Amazon Rekognition Custom Labels supports the ability to use an AWS Key Management Service (KMS) key, to encrypt the image data delivered to the Rekognition Custom Labels service to train your custom machine learning model. By default, Amazon Rekognition Custom Labels encrypts the image data at rest using server-side encryption. With this release, if you provide Amazon Rekognition Custom Labels with your KMS key or alias ARN, Amazon Rekognition Custom Labels will use that KMS key instead to encrypt your training and test images.

Amazon CloudWatch Metric Math now supports 14 new functions including RUNNING_SUM, TIME_SERIES, and DATAPOINT_COUNT. Two new FILL variants, two logarithmic functions, two functions for calculating the difference between each datapoint, and five time functions are also now supported. With CloudWatch Metric Math, you can aggregate and transform metrics to create custom visualizations of your health and performance metrics. The new functions announced today allow you to view the logarithmic values of your metric, better visualize the change in latency over time, and calculate the cumulative sales of a product.

Amazon EC2 Inf1 instances and AWS Neuron now support YOLOv5 and ResNext deep learning models as well as the latest open-source Hugging Face Transformers. We have also optimized the Neuron compiler to enhance performance and you can now achieve an out-of-the box 12X higher throughput than comparable GPU-based instances for pre-trained BERT base models. These enhancements enable you to effectively meet your high-performance inference requirements and deploy state of the art deep learning models at low cost. 

You can use Amazon Neptune resources tags to add metadata and apply access policies to your Amazon Neptune resources. Now, you can allow resource tags set on your Neptune clusters to be automatically copied to any automated or manual database snapshots that are created from your clusters. Tags can be used with AWS Identity and Access Management (IAM) policies to manage access to Neptune resources and control what actions can be applied to those resources.

Amazon Connect now provides an API to programmatically create and manage quick connects. Quick connects are a way for you to create preconfigured destinations for common transfers and make them available for agents to use. Using this API, you can programmatically configure thousands of quick connects to agents, queues, and phone numbers. Additionally, you can now delete quick connects that are no longer required using the delete API. To learn more, see the API documentation. The quick connects API also comes with support for AWS CloudFormation. For more information, see Amazon Connect Resource Type Reference in the AWS CloudFormation User Guide.

We recently updated AWS DevOps Monitoring Dashboard, a reference implementation that automates the setup of DevOps metrics dashboards so that customers developing on AWS can measure development activity and identify areas for continued improvement.

Database Activity Streams (DAS) for Amazon Relational Database Service (Amazon RDS) for Oracle provides a near real-time stream of all audited statements (SELECT, DML, DDL, DCL, TCL) executed in your DB instance. The audit data is collected from the unified database audit, while the storage and processing of database activity is managed outside your database. This prevents database users and administrators from modifying the audit stream.

Starting today, Amazon Quantum Ledger Database (QLDB) is available in the Europe (London) region. Amazon QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log. You can use QLDB to track all application data changes, and maintain a complete and verifiable history of changes to your data over time.

You now can further enhance the security of your applications by encrypting data in transit between your applications and your Amazon DynamoDB Accelerator (DAX) clusters, and between the nodes within a DAX cluster. To use this new feature, enable encryption in transit when creating a DAX cluster and use the latest version of any of the DAX clients. If you enable encryption in transit for a DAX cluster, all requests and responses between your applications and clusters are encrypted by Transport Layer Security (TLS), and connections to the cluster can be authenticated by verification of a cluster X.509 certificate. In addition, the data in transit between the nodes within a cluster also is encrypted. You can enable encryption in transit in the DynamoDB console, AWS CLI, AWS SDKs, and AWS CloudFormation. 

You can now use Tax Registration Numbers (TRN) as an additional filter for mapping your purchase orders to your invoices with AWS Purchase Order Management. AWS Purchase Order Management allows you to easily manage your purchase orders (POs) in a self-service manner, define PO-invoice association rules, track PO balance and expiration, and receive email alerts for POs approaching expiration or running out of balance.

You can now build serverless applications with new AWS-supported container images that simplify continuous integration tasks. Container images work natively with continuous integration systems such as CloudBees CI/Jenkins, GitLab CI/CD, GitHub Actions, CircleCI, and AWS CodeBuild. These make it easier to build and package serverless applications using Serverless Application Model CLI (AWS SAM CLI) – a developer tool that makes it easier to build, locally test, package, and deploy serverless applications.

Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. Amazon DocumentDB makes it easy and intuitive to store, query, and index JSON data.

You can now specify up to 30 EC2 instance types for each of your master, core, and task node groups when using EMR Instance Fleets with allocation strategy. Previously, this was limited to 15 for tasks nodes, and only 5 for master and core nodes. This increase allows you to specify a broader range of instance sizes, generations, and families that your workloads can operate across to improve your access to both Spot and On-Demand capacity.

Amazon Redshift, a fully-managed cloud data warehouse, now supports case-insensitive collation with column and expression level overrides. Starting today, you can use the COLLATE clause within a CREATE DATABASE statement to specify the default collation for all CHAR and VARCHAR columns in the database as case-sensitive or case-insensitive. You can also specify a COLLATE clause in a CREATE TABLE statement to specify collation for columns in that table. In addition, the COLLATE() function allows you to override the collation of a string column or an expression.

Amazon EMR on Amazon EKS announced support for Custom Images, a new capability that enables customers to customize the Docker container images used for running Apache Spark applications on Amazon EMR on EKS. Custom images enables you to install and configure packages specific to your workload that are not available in the public distribution of EMR’s Spark runtime into a single immutable container. An immutable container promotes portability and simplifies dependency management for each workload and enables you to integrate developing applications for EMR on EKS with your own continuous integration (CI) pipeline.

Amazon CodeGuru Reviewer is a developer tool that leverages automated reasoning and machine learning to detect potential defects that are difficult to find in your code and offers suggestions for improvements. Today, we are announcing a new CI/CD experience for CodeGuru Reviewer that allows you to trigger code quality and security analysis as a step within your CI workflow using GitHub Actions. Additionally, we are also introducing 20+ new detectors for CodeGuru Reviewer to help identify security vulnerabilities and check for security best practices in your Java code.  

AQUA (Advanced Query Accelerator) for Amazon Redshift is now generally available in three additional AWS regions: Europe (Frankfurt), Asia Pacific (Sydney), and Asia Pacific (Singapore).

You can now simplify the process of configuring GitHub Actions workflows for building serverless applications with a single line. The new AWS-supported setup-sam GitHub Action makes it easier to keep consistency across GitHub Actions runners, stay up-to-date with AWS Serverless Application Model CLI (AWS SAM CLI) tooling, and select its versions. The AWS SAM CLI is a developer tool that makes it easier to build, locally test, package, and deploy serverless applications. GitHub Actions is a service that helps automate tasks within the software development lifecycle. GitHub Actions runner is the application that runs a job from a GitHub Actions workflow.

AWS Network Firewall is now available in AWS GovCloud (US) Regions.

AWS Serverless Application Model (AWS SAM) framework launches four new templates for building machine learning inference-based applications on AWS Lambda. Now, customers can leverage these templates as a starting point to build, test, and deploy their container-based Serverless ML applications.

AWS Managed Services (AMS) now offers self-service reporting on key operational metrics. AWS Managed Services provides operational reports on your Managed Environment for both traditional and next generation workloads. You can access the rich set of operational reports in your managed accounts through AWS Managed Services console. You can also access the operational reporting data through a secure S3 bucket that AMS provides for your analytics and business intelligence needs.

AWS Training and Certification is excited to announce the updated one-day classroom course and new digital course, AWS Technical Essentials. These courses are ideal for technical learners who need to understand fundamental AWS Cloud concepts to make informed decisions about IT solutions based on business requirements.  

Amazon Translate – a fully managed neural machine translation service that delivers high-quality, affordable, and customizable language translation in 71 languages and variants –now supports translation of XML Localization Interchange File Format – XLIFF documents. Starting today, customers can submit their XLIFF documents for batch processing by Amazon Translate. Amazon Translate only translates sections where the target segment is empty. If the target section contains non-empty strings or pre-translated strings, Amazon Translate will not modify or overwrite the translation. You only pay for what you translate. This feature allows customers to continue using Translation Memory to translate content prior to machine translation and keep the machine translation costs low.

AWS Outposts is now supported in AWS Asia Pacific (Osaka) Region. AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any customer datacenter, co-location space, or on-premises facility. Outposts is ideal for workloads that require low latency access to on-premises systems, local data processing, data residency, and migration of applications with local system interdependencies.

AWS Lambda customers can now enable functions to access Amazon Elastic File System (Amazon EFS) in the Asia Pacific (Osaka) region. With AWS Lambda support for Amazon EFS, customers can easily share data across function invocations, read large reference data files, and write function output to a persistent and shared data store.

Starting today, you can launch additional configurations of the R5 instance class when using Amazon Relational Database Service (RDS) for Oracle. Featuring up to 4x the RAM per vCPU of existing R5 instance classes, the new configurations are available in the following AWS Regions:

North America

• US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), AWS GovCloud (US East), AWS GovCloud (US
  West), Canada (Central)

South America

• South America (Sao Paulo)

Europe, Middle East and Africa

• EU (Frankfurt), EU (Ireland), EU (London), EU (Milan), EU (Paris), EU (Stockholm), Middle East (Bahrain), Africa (Cape Town)

Asia Pacific

• Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Osaka), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo)

AWS Client VPN now supports SAML based federated authentication for opening a VPN connection from a Linux Desktop Operating system (Ubuntu 64bit 18.04 and 20.04 LTS). The Linux Desktop client has feature parity with the existing Windows and macOS Desktop clients. AWS Client VPN Desktop Clients are available free of charge, and can be downloaded here.

Amazon CloudFront now provides a new security policy, TLSv1.2_2021 which removes the following CBC based ciphers:

• ECDHE-RSA-AES128-SHA256
• ECDHE-RSA-AES256-SHA384

AWS Control Tower announces enhancements to accessibility and improvements in both the console and overall performance of the service.

We are excited to announce that Amazon Lookout for Metrics now allows you to detect anomalies on your Amazon CloudWatch data. Amazon Lookout for Metrics uses machine learning (ML) to automatically detect and diagnose anomalies (outliers from the norm) without requiring any prior ML experience. Amazon CloudWatch provides you with actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

AWS Marketplace now enables customers to discover and subscribe to software from Hong Kong and Qatar Independent Software Vendors (ISVs), Consulting Partners and Data Providers, adding to the 10,000+ software listings and data products from 1,600+ sellers.

Amazon Connect now allows you to enable Amazon Connect Customer Profiles in Canada (Central) region, equipping contact center agents with the most up to date information about the incoming contact to provide faster and more personalized customer service. Customer Profiles automatically brings together customer information from multiple applications such as Salesforce, Amazon S3 and ServiceNow into a unified customer profile, delivered to agents at the beginning of the customer interaction. 

AWS Elemental MediaLive now supports converting Digital Video Broadcasting (DVB) bitmap and SCTE-27 image-based subtitles to WebVTT captions.

Amazon Aurora now allows you to create clones between Aurora Serverless v1 and provisioned Aurora DB clusters to enable quick sharing of data. 

Amazon Keyspaces (for Apache Cassandra), a scalable, highly available, and fully managed Apache Cassandra–compatible database service, now helps you monitor and improve application read/write performance and throughput by using new Amazon CloudWatch metrics.

The MariaDB audit plug-in is now available for Amazon Relational Database Service (Amazon RDS) for MySQL instances using MySQL major version 8.0. The MariaDB audit plug-in is also available for instances using MySQL major versions 5.6 and 5.7, and provides event logging for database activity to help customers meet compliance and audit requirements, and troubleshoot application issues. Some of the key details for implementing the plugin are:

• Enabling and disabling the audit plug-in – Users can enable audit plug-in by creating an option group, adding MARIADB_AUDIT_PLUGIN option to the group, and attaching the option group to an RDS instance. Audit logging can be disabled by removing the option group from the instance.
• SERVER_AUDIT_EVENTS variables – These variables allow users to specify the events they want to include in the logs (CONNECTION: users connecting and disconnecting, QUERY: queries and their result, and TABLE: which tables are affected by the queries).
• SERVER_AUDIT_EXCL_USERS and SERVER_AUDIT_INCL_USERS variables – These variables specify which users' activity should be excluded from or included in the audit. SERVER_AUDIT_INCL_USERS has higher priority and all users' activity is recorded by default.

AWS CloudFormation announces the launch of the CloudFormation Public Registry, a new searchable collection of extensions that allows you to discover, provision, and manage third-party extensions, which include resource types (provisioning logic) and modules published by AWS Partner Network (APN) Partners and the developer community. You can also create and publish your own extensions on the CloudFormation Public Registry, allowing anyone to use them. Today, you can centrally search and use over 35 extensions published on the Public Registry by APN Partners and AWS Quick Starts. You can view the identity verification for each extension publisher on the Public Registry. APN Partners who collaborated on this launch include MongoDB, Datadog, Atlassian Opsgenie, JFrog, Trend Micro, Splunk, Aqua Security, FireEye, Sysdig, Snyk, Check Point, Spot by NetApp, Gremlin, Stackery, and Iridium.

Starting today, Amazon EC2 D3 instances, the latest generation of the dense HDD-storage instances, are available in the AWS GovCloud (US-West) Region.

AWS Gateway Load Balancer is now available in both AWS GovCloud (US) Regions. The expansion into the AWS GovCloud (US) Regions enables U.S. government agencies and contractors to move more sensitive workloads into the cloud by helping them to address certain regulatory and compliance requirements. With this launch, AWS Gateway Load Balancer is now available in 25 regions.

Following the announcement of updates to the PostgreSQL database by the open source community, we have updated Amazon Aurora PostgreSQL-Compatible Edition to support PostgreSQL versions 12.6, 11.11, 10.16, and 9.6.21. These releases contain bug fixes and improvements by the PostgreSQL community. As a reminder, Amazon Aurora PostgreSQL 9.6 will reach end of life on January 31, 2022. 

Amazon Aurora PostgreSQL-Compatible Edition adds support for the pg_bigm extension. pg_bigm extension provides full text search capability in PostgreSQL. This extension allows a user to create 2-gram (bigram) index for faster full text search.

Amazon Aurora PostgreSQL-Compatible Edition adds support for the pg_cron extension. pg_cron allows you to use cron syntax to schedule PostgreSQL commands directly within your database. You can use pg_cron to schedule tasks such as periodically rolling up data for analytic reports, refreshing materialized views, and scheduling vacuum jobs to reclaim storage. pg_cron includes an AWS open source contribution that adds an audit table so that you can query the outcome of each scheduled job.  

Amazon Aurora PostgreSQL-Compatible Edition supports the Partition Manager (pg_partman) extension. pg_partman is a PostgreSQL extension that helps you to manage both time series and serial-based table partition sets, including automatic management of partition creation and runtime maintenance. pg_partman works with PostgreSQL native partitioning so users can benefit from significant performance enhancements.

Amazon Aurora PostgreSQL-Compatible Edition adds support for the pg_proctab extension. pg_proctab is a collection of stored functions that can access the operating systems process table so that system statistics can be queried through the database. pg_proctab functions make it easier to collect data on your PostgreSQL database including up-to-date information on processor and I/O statistics on SQL queries which makes troubleshooting easier. 

Starting today, AWS customers can use Amazon Kendra to build intelligent search applications in the Canada (Central) and US East (Ohio) AWS Regions.

Amazon MQ is now available in a total of 24 regions, with the addition of both AWS GovCloud (US) Regions. AWS GovCloud (US) Regions are isolated AWS Regions designed to host sensitive data and regulated workloads in the cloud, assisting customers who have United States federal, state, or local government compliance requirements.

AWS Key Management Service (AWS KMS) is introducing multi-Region keys, a new capability that lets you replicate keys from one AWS Region into another. With multi-Region keys, you can more easily move encrypted data between Regions without having to decrypt and re-encrypt with different keys in each Region. Multi-Region keys are supported for client-side encryption in the AWS Encryption SDK, AWS S3 Encryption Client, and AWS DynamoDB Encryption Client. They simplify any process that copies protected data into multiple Regions, such as disaster recovery/backup, DynamoDB global tables, or for digital signature applications that require the same signing key in multiple Regions.

We are excited to announce that Amazon Personalize now enables customers to unlock the information trapped in their product descriptions, reviews, movie synopses or other unstructured text to generate highly relevant recommendations for users. Product descriptions contain important information and insights about products. The investments made to create these narratives enable the creation of more relevant user recommendations for products, movies, TV shows, news articles and more. Customers provide unstructured text as part of their catalog and, using state-of-the-art natural language processing (NLP) techniques, Amazon Personalize automatically extracts key information about the items in your catalog to use when generating recommendations for your users.

Today, we are announcing the general availability of AWS Wavelength on the Vodafone 4G/5G network in London. Independent Software Vendors (ISVs), enterprises, and developers can now use the AWS Wavelength Zone in London to build ultra-low latency applications for mobile devices and users in the United Kingdom.

Amazon RDS for PostgreSQL adds support for extension allowlists to provide database administrators more control over usage of extensions.

Today, AWS Copilot announced the release of version 1.8. With this release, AWS Copilot now allows you to configure a friendly DNS name for your load balanced web services deployed with Amazon Elastic Container Service (Amazon ECS) Customers can now provide a friendly DNS name, such as api.example.com, directly in the manifest file and Copilot will provision and manage the necessary infrastructure to associate the domain name with the application load balancer.

AWS EC2 F1 instances have been used by customers to accelerate a growing set of applications from genomic processing, data analytics, security, image/video analytics, machine learning and more. Developers have taken advantage of the FPGA developer kit and current standard F1.X.1.4 shells to easily build and deploy their applications.

Amazon Lex is a service for building conversational interfaces into any application using voice and text. With Amazon Lex, you can quickly and easily build sophisticated, natural language, conversational bots (“chatbots”), virtual agents, and IVR systems. Today, Amazon Lex introduces multi-valued slots. A slot is used to capture user responses as the bot gathers information to fulfill a user request. In some cases, the information can be a list of multiple values. For example, when conversing with an insurance bot, a customer may request quotes for insurance premiums. When the bot requests them to specify which insurance type, the customer may respond with more than one type and say “I need quotes for home, auto, and boat premiums.” With multi-value slots, Amazon Lex can now capture the customer’s response in a single response with no special coding required.

AWS Amplify CLI now supports IAM permission boundaries to limit Amplify-generated IAM roles. The AWS Amplify CLI is a command line toolchain that helps frontend developers create app backends in the cloud that include IAM roles controlling access to AWS resources. With IAM permissions boundaries, Amplify-generated IAM roles can perform only the actions that are allowed by both the roles’ policies and permissions boundary.

AWS Certificate Manager (ACM) Private Certificate Authority (CA) has extended support for sharing CAs via Resource Access Manager (RAM). Customers can now share CAs across accounts to issue certificates defined as client only TLS and server only TLS, as well as fully customizable certificates. Customer’s can also choose to share a CA to allow issuance of CA certificates and provide the revocation function to other accounts.

Today we announced the general availability of AWS Elemental Link UHD, a High Efficiency Video Coding (HEVC) encoding device that connects a live ultra-high definition (UHD) video source, like a camera or other video production equipment, to AWS Elemental MediaLive for video processing in the AWS cloud. 

AWS Resource Access Manager (RAM) helps you securely share your resources across AWS accounts within your organization or organizational units (OUs) in AWS Organizations, and now also with IAM roles and IAM users for supported resource types. Also with this release, AWS RAM now provides additional managed permissions that you can use to define access to shared resources. In addition to the default managed permission defined for each shareable resource type, you now have more flexibility to choose which permissions to grant to whom for resource types that support additional managed permissions.  

Amazon Translate – a fully managed neural machine translation service that delivers high-quality, affordable, and customizable language translation in 71 languages and variants – is now integrated with Amazon CloudWatch Events and Amazon EventBridge. Starting today, you can use CloudWatch events to monitor the progress and completion of your Batch Translation jobs. 

Amazon Polly is a service that turns text into lifelike speech. Today, we are excited to announce the general availability of the Neural Text-to-Speech (NTTS) version of Vicki, a German Polly voice. Now, Amazon Polly customers can enjoy Vicki either as an NTTS or a Standard German voice.

AWS App Mesh Controller for Kubernetes v1.4.0 is now available and includes support for enhanced ingress traffic management capabilities. The AWS App Mesh Controller for Kubernetes provides a way to configure and manage AWS App Mesh using Kubernetes directly. AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and allowing high availability for your applications.

You will now be able to create crash-consistent Amazon Machine Images (AMIs) of your Amazon EBS-backed multi-volume instance without requiring a reboot. The AMI created will retain data from all completed I/O operations of each volume attached to the instance. This ensures that you can launch an instance from the AMI and return to the exact state prior to creation of the image.

Starting today, AWS Transit Gateway supports internet group management protocol (IGMP) multicast in AWS GovCloud (US) Regions.

AWS Backup, now, by default, creates crash-consistent backups of Amazon EBS volumes that are attached to an Amazon EC2 instance. Customers no longer have to stop their instance, or coordinate between multiple Amazon EBS volumes attached to the same Amazon EC2 instance to ensure crash-consistency of their application state.

AWS IoT Analytics now supports custom partitioning on AWS IoT Analytics data stores, enabling customers to partition their data stores based on both timestamp and non-timestamp attributes. You can use this feature to create partitioned data stores so that your queries can run more efficiently as they will scan less data and hence run faster. The option to define a custom partition scheme on an AWS IoT Analytics data store will be made available at the time of creation for both customer managed and service managed data stores. Partitions can be created either on top of channel message attributes or data store attributes resulting from pipeline activities.

The AWS App Mesh introduces enhanced ingress traffic management capabilities. Now you can control how App Mesh rewrites external requests, so that they reach the correct destination within your mesh. You also have greater flexibility controlling how the requests are matched to the destinations in the Gateway and Virtual Router Routes. AWS App Mesh is a service mesh that provides application-level networking to standardize how your services communicate, giving you end-to-end visibility and options to tune for high-availability of your applications.

Effective Jun 11, 2021, AWS has extended per second billing to Windows Server and SQL Server instances running on Amazon EC2. Customers will only pay for Windows Server and SQL Server instances that are launched in On-Demand, Reserved, and Spot form running on Amazon EC2 in one second increments, with a minimum of 1 minute.

Today, Amazon Lex increased the default service limits for intents and slot types. With the increased limits, you can expand the bot to support additional conversation flows. You can now create up to 1,000 intents and 250 slot types for English locales, an increase from previous limits of 100 each.

AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, and AD Connector now enable you to use AD authentication with AWS Transfer Family, a fully managed service for transferring files over Secure File Transfer Protocol (SFTP), File Transfer Protocol over SSL (FTPS), and File Transfer Protocol (FTP) for Amazon Simple Storage Service (S3) and Amazon Elastic File System (EFS). This makes it easy for you to securely provide permissions for file transfers to users in your AD groups.

Today, we are excited to announce increased customer control of AWS Elemental MediaConnect input source selection and failover behavior.

Amazon SageMaker Feature Store is a fully managed, purpose-built repository to store, update, retrieve, and share machine learning (ML) features. Customers can retrieve features from SageMaker Feature Store at low millisecond latencies for real-time use-cases using the GetRecord API. This API allows customers to retrieve features from a single feature group and access one record per API call. Until now, to read multiple records at a time from SageMaker Feature Store, customers needed to call the GetRecord API multiple times and manage parallelization of the API calls to achieve lower latency, which increased operational complexity.

AWS Client VPN is now available in AWS GovCloud (US). You can now provide VPN access to your remote workforce to securely access resources in AWS GovCloud (US) regions. 

You can now specify a new property called ‘DeprecationTime’ on your Amazon Machine Images (AMIs) to indicate when the AMI will become outdated.

Amazon SageMaker Pipelines, the first purpose-built continuous integration and continuous delivery (CI/CD) service for machine learning (ML), now supports a new callback step that allows customers to integrate any task or job outside Amazon SageMaker as a step in the model building pipeline. When a callback step is invoked, the current execution of a SageMaker model building pipeline will pause and wait for an external task or job to return a task token that was generated by SageMaker at the start of call back step execution. You can use the call back step to include processing jobs external to SageMaker such a Spark job running on an Amazon EMR cluster or an extract-transform-load (ETL) task in AWS Glue as part of the SageMaker model building pipeline.

The latest query engine for Amazon Athena is generally available in all 24 AWS Regions where Athena is available. Customers who use Athena engine version 2 benefit from new features and performance enhancements that make analyzing data easier and more cost-effective than before. 

By default, Amazon Cognito refresh tokens expire 30 days after a user signs in to a user pool. When you create an app, you can set the app's refresh token expiration to any value between 60 minutes and 10 years. Amazon Cognito now enables you to revoke refresh tokens in real time so that those refresh tokens cannot be used to generate additional access tokens.

Starting today AWS Transit Gateway supports internet group management protocol (IGMP) multicast in the Africa (Cape Town), EU (Milan), Middle East (Bahrain), and Asia Pacific (Hong Kong) AWS Regions.

You can now launch NAT Gateways in your Amazon Virtual Private Cloud (VPC) without associating an internet gateway to your VPC. Internet Gateway is required to provide internet access to the NAT Gateway. However, some customers use their NAT Gateways with Transit Gateway or virtual private gateway to communicate privately with other VPCs or on-premises environments and thus, do not need an internet gateway attached to their VPCs.

Amazon AppFlow, a fully managed integration service that helps customers securely transfer data between AWS services and cloud applications expands its features with Veeva. Customers can now export documents from Veeva Vault into Amazon Simple Storage Service (Amazon S3). When choosing the document option for the Veeva connector in AppFlow, customers can choose to bring just the latest version (default) or all versions of documents, along with document metadata.

Amazon Managed Blockchain now supports customer-managed customer master keys (CMKs) for Hyperledger Fabric networks. Customers can encrypt new member-specific resources using their own CMK. These CMKs are declared in AWS Key Management Service (KMS) and used by Amazon Managed Blockchain. Each member can use their own CMK and manage it according to their security policy.

Amazon Cognito is now available in the Middle East (Bahrain) Region. Amazon Cognito makes it easy to add authentication, authorization, and user management to your web and mobile apps. Amazon Cognito scales to millions of users and supports sign-in with social identity providers such as Apple, Facebook, Google, and Amazon, and enterprise identity providers via standards such as SAML 2.0 and OpenID Connect. 

Today, AWS announces the general availability of AWS Proton, the first fully managed delivery service for container and serverless applications. It is designed to provide platform teams the management tools, governance, and visibility needed to provide consistent standards and best practices when managing deployments, while helping to increase developer productivity and innovation.

Today, AWS Systems Manager Quick Setup announces support for Amazon Elastic File System (Amazon EFS), enabling you to set up Amazon EFS client (amazon-efs-utils) across all the Amazon EC2 instances in your organization with a few clicks. In addition to installing and configuring the Amazon EFS client, Quick Setup also supports periodically updating the client to the latest available version.

Amazon SageMaker Data Wrangler reduces the time it takes to aggregate and prepare data for machine learning (ML) from weeks to minutes. With SageMaker Data Wrangler, you can simplify the process of data preparation and feature engineering, and complete each step of the data preparation workflow, including data selection, cleansing, exploration, and visualization from a single visual interface. Starting today, you can now use Snowflake as a data source in Amazon SageMaker Data Wrangler to easily prepare data in Snowflake for machine learning.

Amazon FSx for Windows File Server now supports auditing end-user access to files, folders, and file shares. You can publish logs to Amazon CloudWatch Logs or stream logs to Amazon Kinesis Data Firehose, enabling you to query, process, store, and archive logs and trigger actions to further advance your security and compliance goals.

AWS Systems Manager is now compliant with the Federal Risk and Authorization Management Program (FedRAMP) High baseline. With FedRAMP-High compliance, you can use AWS Systems Manager to gain operational insights and safely take actions on your workloads in the AWS GovCloud (US) Region’s authorization boundary.

AWS Graviton2-based database instances are now generally available for Amazon Aurora with PostgreSQL compatibility and Amazon Aurora with MySQL compatibility in GovCloud regions. Graviton2 instances are already generally available for Amazon RDS for MySQL, Amazon RDS for PostgreSQL, and Amazon RDS for MariaDB.

Amazon Relational Database Service (Amazon RDS) now supports AWS Graviton2-based database (DB) instances in the regions of AWS GovCloud (US), Asia Pacific (Seoul), and Europe (Stockholm). Depending on DB engine, version, and workload, Graviton2 instances provide up to 35% performance improvement and up to 52% price/performance improvement over comparable current generation x86-based instances for Amazon RDS for MySQL, MariaDB, and PostgreSQL.

You can now launch Apache ActiveMQ 5.16.2 brokers on Amazon MQ. This version update to ActiveMQ contains several fixes, improvements, and new features compared to the previously supported version, ActiveMQ 5.15.15.

Financial Services Security and Compliance Framework is an AWS Solutions Consulting Offer delivered via a consulting engagement from Airwalk Reply, an AWS Financial Services Competency Partner. Financial Services Security and Compliance Framework helps customers establish continuous compliance through the use of cloud-native tools, market-leading products, and Airwalk Reply's own Continuous Compliance Framework (CCF). Customers that request this consulting offer will participate in an engagement that delivers assessment, control framework implementation, customization, and deployment and operational handover.

Amazon Relational Database Service (Amazon RDS) on AWS Outposts now supports PostgreSQL 13.2, 13.1, and 12.6 for production deployment. Amazon RDS on Outposts allows you to deploy fully managed database instances in your on-premises environments. AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. You can deploy Amazon RDS on Outposts to set up, operate, and scale MySQL, Microsoft SQL Server and PostgreSQL relational databases on-premises, just as you would in the cloud.

Today, AWS China (Beijing) Region* has added a third Availability Zone (AZ) to support the high demand of our growing customer base. An Availability Zone (AZ) is one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region. AZs give customers the ability to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.

AWS Glue Studio now includes a code editor for customizing the extract-transform-and-load (ETL) code it generates from your input in its visual ETL job editor. Previously, you needed to download and modify scripts themselves if you needed to customize the code. Now, you can use AWS Glue Studio’s visual editor to get started quickly and then write code only for the unique components of your ETL job.

AWS Audit Manager is now available in the Asia Pacific (Mumbai) and Canada (Central) Regions.

Starting today, you can launch your RDF/SPARQL or Apache TinkerPop graph application using R5d instances on Amazon Neptune. The R5d instance type is based on the Amazon EC2 Nitro System and includes local NVMe-based SSD block level storage. Neptune R5d instances introduce a lookup cache that leverages the low-latency NVMe SSD storage to improve read query performance and reduce data retrievals from storage.

Amazon Relational Database Service (Amazon RDS) for SQL Server now supports the Microsoft Business Intelligence suite on SQL Server 2016, 2017, and 2019 in the AWS GovCloud (US) Regions. You can now run SQL Server Integration, Analysis, and Reporting Services on DB instances using the latest major versions.

AWS Backint Agent version 1.04 is now available in all commercial regions, including AWS GovCloud (US) Regions.

Amazon Neptune has simplified the console experience for creating Neptune clusters and Neptune notebooks. The new experience allows you to provision a new cluster and a new notebook instance at the same time. Now, customers only need to take one step to get started with Amazon Neptune.

CloudWatch Embedded Metric Format enables you to ingest complex high-cardinality application data in the form of logs and easily generate actionable metrics from them. It has traditionally been hard to generate actionable custom metrics from your ephemeral resources such as Lambda functions, and containers. By sending your logs in the Embedded Metric Format, you can now easily create custom metrics without having to instrument or maintain separate code, while gaining powerful analytical capabilities on your log data.

AWS Security Hub has released 16 new controls for its Foundational Security Best Practice standard to enhance customers’ cloud security posture monitoring. These controls conduct fully automatic checks against security best practices for Amazon API Gateway (APIGateway.2, APIGateway.3), AWS Elastic Beanstalk (ElasticBeanstalk.1, ElasticBeanstalk.2), Amazon RDS (RDS.12, RDS.13, RDS.14), Amazon EC2 (EC2.15, EC2.16), AWS CloudTrail (CloudTrail.4, CloudTrail.5), Amazon Redshift (Redshift.7), AWS Lambda (Lambda.4), AWS Secrets Manager (SecretsManager.3, SecretsManager.4), and AWS Web Application Firewall (WAF.1). If you have Security Hub set to automatically enable new controls and are already using AWS Foundational Security Best Practices, these controls are enabled by default. Security Hub now supports 131 security controls to automatically check your security posture in AWS.

AWS has updated its service level agreement (SLA) for AWS Transit Gateway  to 99.99%.

The AWS Systems Manager Session Manager plugin for the AWS Command Line Interface (AWS CLI) is now open source. Customers can access the source code for the Session Manager plugin for the AWS CLI on GitHub, contribute to its development, and use it as a building block to embed Session Manager capabilities into their own applications.

We are excited to announce that Amazon Rekognition Custom Labels now makes it easier and faster to deploy your trained models in Rekognition Custom Labels with a simple button click. Once your model is trained and ready, navigate to the model details page under your project, select the use model tab, and then click the Start button. No coding is required for model hosting.

AWS IoT Core for LoRaWAN enables customers to set up a private LoRaWAN network without operating a LoRaWAN Network Server (LNS) by connecting their own LoRaWAN devices and gateways directly to the AWS Cloud. AWS IoT Core for LoRaWAN now supports three new features to help manage LoRaWAN gateways at scale. These new features enable you to query gateway connection status, customize gateway configuration with the desired frequency sub-bands for devices-to-gateway (uplink) communication, and filter messages at the gateway locally to control gateway backhaul connectivity costs.

AWS Solutions has updated the AWS MLOps Framework, an AWS Solutions Implementation that streamlines the pipeline deployment process and enforces architecture best practices for machine learning (ML) model productionization. This solution addresses common operational pain points that customers face when adopting multiple ML workflow automation tools.

AWS Lambda Extensions are a new way to integrate your favorite operational tools for monitoring, observability, security, and governance with AWS Lambda. Starting today, extensions are generally available in all commercial regions, with new performance improvements and an expanded set of partners including Imperva, Instana, Sentry, Site24x7, and the AWS Distro for OpenTelemetry.

We are excited to announce the update to Amazon GameLift Server SDK. An AWS managed service that is trusted by some of the most successful game companies in the world like Wargaming, Ubisoft, and IllFonic, GameLift deploys, operates, and scales dedicated servers in the cloud for multiplayer games. You as a mobile game developer expect to be able to develop iOS and Android games for Realtime-servers (RTS) using IL2CPP, so we have provided that support. This update allows you to expand the audience your games can reach by building RTS clients for the latest mobile devices.

S3 Inventory and S3 Batch Operations add support to identify and copy objects to use S3 Bucket Keys, reducing the costs of Server-Side Encryption (SSE) with AWS Key Management Service (KMS). S3 Bucket Keys reduce the request costs of SSE-KMS by decreasing the request traffic from S3 to KMS. You can configure your bucket to use an S3 Bucket Key for AWS KMS-based encryption on new objects. With this update, you can use S3 Inventory and S3 Batch Operations to configure S3 Bucket Keys while creating encrypted copies of millions or billions of existing objects, reducing the cost of server-side encryption requests with AWS KMS.

Amazon Keyspaces (for Apache Cassandra), a scalable, highly available, and fully managed Apache Cassandra–compatible database service, is now in scope for AWS System and Organization Controls (SOC) Reports to help you run highly regulated Cassandra workloads more easily.

Learn how to leverage the power of machine learning to automatically identify critical issues, security vulnerabilities, and hard-to-find bugs during application development with our new digital course, Improve Code Quality with Amazon CodeGuru Reviewer. In this course, you’ll learn how to use Amazon CodeGuru Reviewer to identify recommendations to improve the quality and security of your code.

We recently updated Amazon WorkSpaces Cost Optimizer, a reference implementation that monitors Amazon WorkSpaces usage patterns and automatically updates the billing mode to the most cost-efficient option (hourly or monthly) depending on usage. The Amazon WorkSpaces Cost Optimizer solution saves customers time and money by autonomously managing Amazon WorkSpaces billing so customers can focus on their core business.

Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. As a document database, Amazon DocumentDB makes it easy to store, query, and index JSON data at scale.

Amazon Elastic Kubernetes Service (EKS) now allows you to specify custom Amazon Elastic Compute Cloud (Amazon EC2) security groups for pods running on AWS Fargate, enabling fine grained control over incoming and outgoing network traffic.

Following the announcement of updates to the PostgreSQL database, we have updated Amazon RDS for PostgreSQL to support PostgreSQL minor versions 13.2, 12.6, 11.11, 10.16, 9.6.21, and 9.5.25. This release closes security vulnerabilities in PostgreSQL and contains bug fixes and improvements done by the PostgreSQL community. This also includes the final release of PostgreSQL 9.5.

Amazon Cognito now supports SMS Sandbox in Amazon SNS. Amazon Cognito makes it easy to add authentication, authorization, and user management to your web and mobile apps. Amazon Cognito scales to millions of users and supports sign-in with social identity providers, such as Apple, Facebook, Google, and Amazon, and enterprise identity providers via standards such as SAML 2.0 and OpenID Connect.

We are delighted to announce the addition of Disaster Recovery for AWS IoT to the AWS Solutions Implementations portfolio. AWS Solutions Implementations help you solve common problems and build faster using the AWS platform.

Today, we are excited to announce the general availability of Gabrielle, Amazon Polly’s first Canadian French Neural Text-to-Speech (NTTS) voice. Amazon Polly is a service that turns text into lifelike speech. Customers can now enjoy a selection of two female Canadian French voices: Chantal, a Standard TTS voice and the just launched Gabrielle.

Amazon Keyspaces (for Apache Cassandra), a scalable, highly available, and fully managed Cassandra-compatible database service, now supports customer managed AWS KMS keys for encryption of data at rest to help you meet your compliance and regulatory requirements.

NICE DCV is a high-performance remote display protocol that helps customers securely access remote desktop or application sessions, including 3D graphics applications hosted on servers with high-performance GPUs.

Today, AWS announces Amazon Location Service, a fully managed service that helps developers easily and securely add maps, points of interest, geocoding, routing, tracking, and geofencing to their applications without compromising on data security, user privacy, or cost. With Amazon Location Service, you retain control of your location data, protecting your privacy and reducing enterprise security risks. Amazon Location Service provides a consistent API across high-quality LBS data providers (Esri and HERE), all managed through one AWS console.

Amazon Simple Notification Service (Amazon SNS) is a fully-managed messaging service that supports application-to-person (A2P) workloads, including mobile text messaging (SMS). Now, when you start using Amazon SNS to send SMS, your SMS workloads start in an isolated testing environment, called the SMS sandbox. 

NICE DCV is a high-performance remote display protocol that helps customers securely access remote desktop or application sessions, including 3D graphics applications hosted on servers with high-performance GPUs.

Starting today, AWS WAF and AWS Shield Advanced are available in Asia Pacific (Osaka).

Amazon Quantum Ledger Database (Amazon QLDB) now supports enhanced Amazon Identity Access Management (IAM) based permissions for QLDB authentication, query, and data access. This release builds on the existing Amazon QLDB permissions model, adding separation of access by PartiQL command and ledger table. With this feature, QLDB customers will now be able to implement more granular database authorization and access policy that meets strict security requirements.