InfoQ Homepage AWS Content on InfoQ
-
LocalStack for AWS Drops Community Edition Raising Developer Concerns
LocalStack has recently announced changes to the delivery of its AWS Cloud emulators, dropping the popular open source Community Edition, and creating a single image that requires registration. Projects that currently pull the latest community image will need to update their workflows.
-
CloudFront Adds Origin mTLS Authentication for End-to-End Zero Trust
Amazon CloudFront now supports mutual TLS authentication for origin servers, completing end-to-end zero-trust authentication from viewers to backends. The feature replaces IP allowlists and shared secrets with cryptographic verification, proving particularly valuable for multi-cloud deployments, where origins can verify that traffic originated from CloudFront without VPN tunnels.
-
Two Missing Characters: How a Regex Flaw Exposed AWS GitHub Repos to Supply-Chain Risk
AWS recently published a security bulletin acknowledging a configuration issue affecting some popular AWS-managed open-source GitHub repositories. Dubbed CodeBreach, the critical vulnerability could have resulted in the introduction of malicious code and hijacking of the repositories leveraging AWS CodeBuild.
-
AWS Launches European Sovereign Cloud amid Questions about U.S. Legal Jurisdiction
AWS has launched its European Sovereign Cloud with a €7.8 billion investment, designed to meet EU regulatory demands and address data privacy concerns amid geopolitical tensions. Despite its operational separation from global regions, questions linger about legal protections against U.S. data access. Competitors like Microsoft and local providers may present stronger sovereignty options.
-
Salesforce Migrates 1,000+ EKS Clusters to Karpenter to Improve Scaling Speed and Efficiency
Salesforce has completed a phased migration of more than 1,000 Amazon Elastic Kubernetes Service (EKS) clusters from the Kubernetes Cluster Autoscaler to Karpenter, AWS’s open-source node-provisioning and autoscaling solution.
-
AWS Hikes EC2 Capacity Block Rates by 15% in Uniform ML Pricing Adjustment
AWS has raised EC2 Capacity Block prices for ML by 15% across all regions, impacting GPU-based workloads. The uniform price hikes affect top-tier instances powered by NVIDIA GPUs, underscoring supply chain pressures and inflation. With limited alternatives, organizations face higher costs, emphasizing the need for effective workload optimization and cost management strategies.
-
AWS CloudWatch Evolves into Unified Observability Platform with Apache Iceberg Support
AWS has expanded Amazon CloudWatch to unify log management across operational and security use cases. By integrating native OCSF normalization and Apache Iceberg-compatible storage via S3 Tables, the update aims to eliminate data silos and enable Zero-ETL analytics across multiple AWS accounts and regions.
-
AWS Introduces VPC Encryption Controls to Enforce Encryption in Transit
AWS has recently introduced VPC Encryption Controls, allowing customers to validate whether traffic within and between VPCs is encrypted and to require encryption where supported. The feature provides visibility into unencrypted traffic, supports enforcement using compatible Nitro-based infrastructure, and allows exclusions for resources that cannot encrypt traffic.
-
AWS Previews Route 53 Global Resolver to Decouple DNS from Regional Failures
AWS previews Route 53 Global Resolver, using Anycast to decouple DNS from regional failures. It simplifies hybrid setups with unified public/private resolution, DoH/DoT, and Zero-Trust security.
-
Docker Kanvas Challenges Helm and Kustomize for Kubernetes Dominance
Docker has launched Kanvas, a new platform designed to bridge the gap between local development and cloud production. By automating the conversion of Docker Compose files into Kubernetes artefacts, the tool challenges established solutions like Helm and Kustomize. Developed with Layer5, it marks a shift toward Infrastructure as Code, offering visualisations to simplify cloud-native deployments.
-
AWS Adds Intelligent-Tiering and Replication for S3 Tables
AWS has introduced Intelligent-Tiering and cross-region replication for S3 Tables to automate cost optimization and data availability for Apache Iceberg workloads. These features allow data to transition to lower-cost storage tiers based on access patterns while maintaining consistent, read-only table replicas across regions and accounts without manual synchronization.
-
DuckDB's WebAssembly Client Allows Querying Iceberg Datasets in the Browser
DuckDB has recently introduced end-to-end interaction with Iceberg REST Catalogs directly within a browser tab, requiring no infrastructure setup. The new feature leverages DuckDB-Wasm, a WebAssembly port of DuckDB that runs in the browser, allowing users to query, read, and write Iceberg tables in a serverless manner.
-
AWS Introduces Fifth-Generation Graviton Processor with M9g Instances
AWS recently announced the new Graviton5 processor and the preview of the first EC2 instances running on it, the general-purpose M9g instances. According to the cloud provider, the latest chip delivers up to 25% higher performance than Graviton4, introduces the Nitro Isolation Engine, and provides a larger L3 cache, improving latency, memory bandwidth, and network throughput.
-
Amazon S3 Vectors Reaches GA, Introducing "Storage-First" Architecture for RAG
AWS has announced the general availability of Amazon S3 Vectors, increasing per-index capacity forty-fold to 2 billion vectors. By natively integrating vector search into the S3 storage engine, the service introduces a "Storage-First" architecture that decouples compute from storage, reducing total cost of ownership by up to 90% for large-scale RAG workloads.
-
AWS Announces New Amazon EKS Capabilities to Simplify Workload Orchestration
Amazon Web Services has launched Amazon EKS Capabilities, a set of fully managed, Kubernetes-native features designed to streamline workload orchestration, AWS cloud resource management, and Kubernetes resource composition and automation.