Amazon FSx for OpenZFS now allows you to create Multi-AZ file systems in shared VPCs within your AWS organization, making it easier for you to decentralize network and storage administration.
VPC sharing is a feature that allows resource owners ("owner accounts") to share one or more VPC subnets with other accounts ("participant accounts") in their AWS organization. Participant accounts can then view, create, modify, delete, and manage their application resources in the subnets shared with them. Previously, participant accounts could create Single-AZ OpenZFS file systems in VPCs shared with them, but could only create Multi-AZ file systems in VPCs they owned. Starting today, participant accounts can create any FSx for OpenZFS file system in a shared VPC, allowing organizations to run highly available file systems with centralized network management.
You can create Multi-AZ FSx for OpenZFS file systems from shared VPC participant accounts in all AWS Regions where Amazon FSx for OpenZFS is available. To learn more, visit the FSx for OpenZFS documentation and the FSx for OpenZFS product page.
Amazon SageMaker Data Agent is now available in SageMaker Unified Studio domains configured with IAM Identity Center. Data Agent extends its AI-powered capabilities to help data analysts and engineers streamline their analytics workflows across both SageMaker notebooks and Query Editor environments, eliminating the need to manually write complex SQL joins, aggregations, and Python code.
With Data Agent, you can describe your analysis goals in plain English and receive working Python or SQL code tailored to your connected data sources, including Amazon Athena, Amazon Redshift, Amazon S3, and AWS Glue Data Catalog. The agent maintains conversational context across notebook cells, selected tables, and query history, proposing step-by-step plans before generating code. Use it to calculate quarterly revenue growth rates, generate visualizations, transform DataFrames, or optimize query performance—all through natural language interaction. The "Fix with AI" feature provides intelligent debugging by analyzing execution errors and suggesting corrections, accelerating your development cycle.
This capability is available in all commercial AWS Regions where Amazon SageMaker Unified Studio is supported. To get started, navigate to a project in SageMaker Unified Studio, open a notebook or Query Editor, and select the Data Agent panel. To learn more, visit the Amazon SageMaker Unified Studio page and refer to "Use the SageMaker Data Agent" in the Amazon SageMaker Unified Studio User Guide.
AWS RTB Fabric now supports custom domains for real-time bidding transactions received through external links. This capability helps advertising technology (AdTech) companies preserve their public endpoints and use owned domains—without requiring their partners to update their endpoint configurations.
Endpoints (like bid.company.com/path) for real-time bidding workloads are typically representative of established, long-term traffic contracts. Modifying these endpoints requires coordination across multiple organizations, applications, and domains—which can slow set up between AdTech partners. With custom domains, AdTech companies can use their own domain name system (DNS) and configure canonical name (CNAME) public endpoints. They can also define routing rules to direct traffic to specific RTB Fabric links based on URL patterns. For example, a demand side platform (DSP) or supply side platform (SSP) can point their existing DNS server to RTB Fabric and define routing rules to map URL patterns to specific traffic sources. This allows them to seamlessly route all partner traffic through RTB Fabric without altering their own endpoint configurations. Supply partners also do not need to change their configurations.
AWS RTB Fabric helps you connect with your AdTech partners such as Amazon Ads, GumGum, Kargo, MobileFuse, Sovrn, TripleLift, Viant, Yieldmo, and more in three steps while delivering single-digit millisecond latency through a private, high-performance network environment. RTB Fabric reduces standard cloud networking costs by up to 80% and does not require upfront commitments. This capability is available in all AWS Regions where AWS RTB Fabric is supported: US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Tokyo), Europe (Frankfurt), and Europe (Ireland). To learn more, visit the documentation or AWS RTB Fabric product page.
2026/4/20 – 4/24 に世界最大規模の産業向け展示会ハノーバーメッセが開催されました。AWS は今年も "Built for Industrial AI" というテーマを掲げ、フィジカル AI を筆頭に、AI とクラウドを活用し製造業の業務を変革するアイディアを提供しました。AWS の製造のリーダーである Ozgur から、"産業 AI は大規模展開してこそ意味がある"というメッセージを基調講演で語りました。
Amazon Aurora DSQL はサーバーレスの分散 SQL データベースで、データ移行には COPY コマンドや dataloader スクリプトが利用できますが、テーブル単位の処理しかできず、データ変換の手段もありません。本記事では AWS Glue を使い、Aurora PostgreSQL のスナップショットから Aurora DSQL へ、データ型変換や主キーの UUID 化を含めて移行する手順を紹介します。
少子高齢化、人口減少、労働力不足、地方における過疎化と地域経済の空洞化、医療・介護リソースの構造的逼迫、そして […]
2013 年以来、Amazon Redshift はオンプレミスの数分の 1 のコストでクラウドデータウェアハ […]
SAPPHIRE 2026でのAWSとSAPの協業拡大を紹介。RISE with SAP System Transition Workbenchへのオーケストレーション統合によるマイグレーション自動化、SAP Business Data Cloud Connect for Amazon Athenaによるゼロコピーデータ統合、Kiro等のAIコーディングアシスタントとSAP ABAP MCPの連携など、両社共同で移行高速化とAIによるSAPデータ活用を推進する最新の取り組みを解説しています。
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) and PCI Point-to-Point Encryption (PCI P2PE) assessments for the AWS Payment Cryptography service. This assessment expands the AWS Payment Cryptography compliance portfolio, with AWS now validated as a component provider for Key Management (KMCP) and […]
The financial services industry (FSI) is using AI to transform how financial institutions serve their customers. AI solutions can help proactively manage portfolios, automatically refinance mortgages when rates decrease, and negotiate insurance premiums for customers. However, this adoption brings new governance, risk, and compliance (GRC) considerations that organizations need to address. To help FSI customers […]
This article guides you on how to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your Amazon Web Services (AWS) environment. You’ll learn about the specialized detection capabilities of GuardDuty and best practices to build a multi-layered defense strategy that protects your infrastructure costs and security posture. Understanding the crypto mining challenge […]
Bulletin ID: 2026-030-AWS
Scope: AWS
Content Type: Important (requires attention)
Publication Date: 05/13/2026 10:00 PM PDT
This is an ongoing issue. This bulletin will be updated as more information becomes available.
Description:
AWS is aware of the copy.fail or DirtyFrag class of issues - a set of privilege escalation issues affecting the Linux Kernel. We will update this bulletin as more information becomes available.
Please see below for current patching timelines for affected services related to the Copy.fail kernel issue and all its variants. AWS recommends that customers apply all updates addressing these issues as soon as they are available.
See more details at Security Bulletin (ID: 2026-030-AWS).
Bulletin ID: 2026-029-AWS
Scope: AWS
Content Type: Important (requires attention)
Publication Date: 05/13/2026 18:45 PM PDT
This is an ongoing issue. Information is subject to change. Please refer to our Security Bulletin (ID: 2026-030-AWS) for the most updated patching information.
Description:
Amazon is aware of CVE-2026-46300, a report of an additional privilege escalation issue in the Linux kernel related to the DirtyFrag, copy.fail class of issues (CVE-2026-43284). The proof of concept uses a vector via the loadable module espintcp. Amazon Linux does not provide this module, and is not affected.
As defense in depth we will include a correctness patch to the core networking code to harden against possible similar issues in network protocol implementations that rely on this behavior.
In this post, we demonstrate an approach we used to address this challenge for a customer by implementing an AWS Lambda transformation function that streams Amazon CloudWatch metrics directly to internal OpenTelemetry collectors running within a VPC.
In this post, we demonstrate how to build a secure, complete LLM fine-tuning workflow that integrates Unity Catalog with Amazon SageMaker AI using Amazon EMR Serverless for preprocessing. The solution shows how to securely access governed data, maintain lineage across services, fine-tune the Ministral-3-3B-Instruct model, and register trained artifacts back into Unity Catalog. With this approach, you can continue using your existing services while preserving central governance, tracking data lineage without compromising security or compliance requirements.
The Cisco and AWS partnership addresses three challenges enterprises face when scaling AI agents: visibility gaps, security bottlenecks, and compliance risks. In this post, we explore how you can overcome AI security challenges through automated scanning and unified governance.
Building end-to-end live streaming applications with real-time voice interaction presents several challenges. This post introduces a solution based on Amazon Nova 2 Sonic (Nova Sonic) and Amazon Kinesis Video Streams WebRTC (WebRTC) that addresses these challenges. In this post, we’ll walk through the solution architecture, implementation patterns, and two real-world scenario examples.
This post demonstrates how to build a documentation extraction and model fine-tuning pipeline that addresses challenges when processing the complex financial documents. By combining Pulse AI's advanced document understanding capabilities with the powerful AI services of Amazon Bedrock, organizations can achieve enterprise-grade accuracy and extract contextually relevant financial insights at scale.