InfoQ Homepage AWS Content on InfoQ
-
AWS Drops Patent Infringement Protection for Video Encoding Services
AWS has removed its legal protections for customers using its video transcoding and streaming services, potentially exposing them to patent infringement claims from codec rights holders. The change affects six services, including the popular file-based video processing service MediaConvert and live video encoding service MediaLive.
-
AWS Enables Lambda Function Triggers from RDS for SQL Server Database Events
In a blog post, AWS recently described an event-driven pattern for Amazon RDS for SQL Server, allowing developers to trigger Lambda functions in response to database events via CloudWatch Logs and SQS.
-
Reducing Onboarding from 48 Hours to 4: inside Amazon Key’s Event-Driven Platform
Amazon Key modernized its event platform by adopting a centralized, event-driven architecture built on Amazon EventBridge. The redesign processes millions of daily events with millisecond latency, improves schema governance, automates cross-account routing, and reduces service onboarding time from 48 hours to four, while maintaining 99.99 percent reliability.
-
LocalStack for AWS Drops Community Edition Raising Developer Concerns
LocalStack has recently announced changes to the delivery of its AWS Cloud emulators, dropping the popular open source Community Edition, and creating a single image that requires registration. Projects that currently pull the latest community image will need to update their workflows.
-
CloudFront Adds Origin mTLS Authentication for End-to-End Zero Trust
Amazon CloudFront now supports mutual TLS authentication for origin servers, completing end-to-end zero-trust authentication from viewers to backends. The feature replaces IP allowlists and shared secrets with cryptographic verification, proving particularly valuable for multi-cloud deployments, where origins can verify that traffic originated from CloudFront without VPN tunnels.
-
Two Missing Characters: How a Regex Flaw Exposed AWS GitHub Repos to Supply-Chain Risk
AWS recently published a security bulletin acknowledging a configuration issue affecting some popular AWS-managed open-source GitHub repositories. Dubbed CodeBreach, the critical vulnerability could have resulted in the introduction of malicious code and hijacking of the repositories leveraging AWS CodeBuild.
-
AWS Launches European Sovereign Cloud amid Questions about U.S. Legal Jurisdiction
AWS has launched its European Sovereign Cloud with a €7.8 billion investment, designed to meet EU regulatory demands and address data privacy concerns amid geopolitical tensions. Despite its operational separation from global regions, questions linger about legal protections against U.S. data access. Competitors like Microsoft and local providers may present stronger sovereignty options.
-
Salesforce Migrates 1,000+ EKS Clusters to Karpenter to Improve Scaling Speed and Efficiency
Salesforce has completed a phased migration of more than 1,000 Amazon Elastic Kubernetes Service (EKS) clusters from the Kubernetes Cluster Autoscaler to Karpenter, AWS’s open-source node-provisioning and autoscaling solution.
-
AWS Hikes EC2 Capacity Block Rates by 15% in Uniform ML Pricing Adjustment
AWS has raised EC2 Capacity Block prices for ML by 15% across all regions, impacting GPU-based workloads. The uniform price hikes affect top-tier instances powered by NVIDIA GPUs, underscoring supply chain pressures and inflation. With limited alternatives, organizations face higher costs, emphasizing the need for effective workload optimization and cost management strategies.
-
AWS CloudWatch Evolves into Unified Observability Platform with Apache Iceberg Support
AWS has expanded Amazon CloudWatch to unify log management across operational and security use cases. By integrating native OCSF normalization and Apache Iceberg-compatible storage via S3 Tables, the update aims to eliminate data silos and enable Zero-ETL analytics across multiple AWS accounts and regions.
-
AWS Introduces VPC Encryption Controls to Enforce Encryption in Transit
AWS has recently introduced VPC Encryption Controls, allowing customers to validate whether traffic within and between VPCs is encrypted and to require encryption where supported. The feature provides visibility into unencrypted traffic, supports enforcement using compatible Nitro-based infrastructure, and allows exclusions for resources that cannot encrypt traffic.
-
AWS Previews Route 53 Global Resolver to Decouple DNS from Regional Failures
AWS previews Route 53 Global Resolver, using Anycast to decouple DNS from regional failures. It simplifies hybrid setups with unified public/private resolution, DoH/DoT, and Zero-Trust security.
-
Docker Kanvas Challenges Helm and Kustomize for Kubernetes Dominance
Docker has launched Kanvas, a new platform designed to bridge the gap between local development and cloud production. By automating the conversion of Docker Compose files into Kubernetes artefacts, the tool challenges established solutions like Helm and Kustomize. Developed with Layer5, it marks a shift toward Infrastructure as Code, offering visualisations to simplify cloud-native deployments.
-
AWS Adds Intelligent-Tiering and Replication for S3 Tables
AWS has introduced Intelligent-Tiering and cross-region replication for S3 Tables to automate cost optimization and data availability for Apache Iceberg workloads. These features allow data to transition to lower-cost storage tiers based on access patterns while maintaining consistent, read-only table replicas across regions and accounts without manual synchronization.
-
DuckDB's WebAssembly Client Allows Querying Iceberg Datasets in the Browser
DuckDB has recently introduced end-to-end interaction with Iceberg REST Catalogs directly within a browser tab, requiring no infrastructure setup. The new feature leverages DuckDB-Wasm, a WebAssembly port of DuckDB that runs in the browser, allowing users to query, read, and write Iceberg tables in a serverless manner.