InfoQ Homepage AWS Content on InfoQ
-
Two Missing Characters: How a Regex Flaw Exposed AWS GitHub Repos to Supply-Chain Risk
AWS recently published a security bulletin acknowledging a configuration issue affecting some popular AWS-managed open-source GitHub repositories. Dubbed CodeBreach, the critical vulnerability could have resulted in the introduction of malicious code and hijacking of the repositories leveraging AWS CodeBuild.
-
AWS Launches European Sovereign Cloud amid Questions about U.S. Legal Jurisdiction
AWS has launched its European Sovereign Cloud with a €7.8 billion investment, designed to meet EU regulatory demands and address data privacy concerns amid geopolitical tensions. Despite its operational separation from global regions, questions linger about legal protections against U.S. data access. Competitors like Microsoft and local providers may present stronger sovereignty options.
-
Salesforce Migrates 1,000+ EKS Clusters to Karpenter to Improve Scaling Speed and Efficiency
Salesforce has completed a phased migration of more than 1,000 Amazon Elastic Kubernetes Service (EKS) clusters from the Kubernetes Cluster Autoscaler to Karpenter, AWS’s open-source node-provisioning and autoscaling solution.
-
AWS Hikes EC2 Capacity Block Rates by 15% in Uniform ML Pricing Adjustment
AWS has raised EC2 Capacity Block prices for ML by 15% across all regions, impacting GPU-based workloads. The uniform price hikes affect top-tier instances powered by NVIDIA GPUs, underscoring supply chain pressures and inflation. With limited alternatives, organizations face higher costs, emphasizing the need for effective workload optimization and cost management strategies.
-
AWS CloudWatch Evolves into Unified Observability Platform with Apache Iceberg Support
AWS has expanded Amazon CloudWatch to unify log management across operational and security use cases. By integrating native OCSF normalization and Apache Iceberg-compatible storage via S3 Tables, the update aims to eliminate data silos and enable Zero-ETL analytics across multiple AWS accounts and regions.
-
AWS Introduces VPC Encryption Controls to Enforce Encryption in Transit
AWS has recently introduced VPC Encryption Controls, allowing customers to validate whether traffic within and between VPCs is encrypted and to require encryption where supported. The feature provides visibility into unencrypted traffic, supports enforcement using compatible Nitro-based infrastructure, and allows exclusions for resources that cannot encrypt traffic.
-
AWS Previews Route 53 Global Resolver to Decouple DNS from Regional Failures
AWS previews Route 53 Global Resolver, using Anycast to decouple DNS from regional failures. It simplifies hybrid setups with unified public/private resolution, DoH/DoT, and Zero-Trust security.
-
Docker Kanvas Challenges Helm and Kustomize for Kubernetes Dominance
Docker has launched Kanvas, a new platform designed to bridge the gap between local development and cloud production. By automating the conversion of Docker Compose files into Kubernetes artefacts, the tool challenges established solutions like Helm and Kustomize. Developed with Layer5, it marks a shift toward Infrastructure as Code, offering visualisations to simplify cloud-native deployments.
-
AWS Adds Intelligent-Tiering and Replication for S3 Tables
AWS has introduced Intelligent-Tiering and cross-region replication for S3 Tables to automate cost optimization and data availability for Apache Iceberg workloads. These features allow data to transition to lower-cost storage tiers based on access patterns while maintaining consistent, read-only table replicas across regions and accounts without manual synchronization.
-
DuckDB's WebAssembly Client Allows Querying Iceberg Datasets in the Browser
DuckDB has recently introduced end-to-end interaction with Iceberg REST Catalogs directly within a browser tab, requiring no infrastructure setup. The new feature leverages DuckDB-Wasm, a WebAssembly port of DuckDB that runs in the browser, allowing users to query, read, and write Iceberg tables in a serverless manner.
-
AWS Introduces Fifth-Generation Graviton Processor with M9g Instances
AWS recently announced the new Graviton5 processor and the preview of the first EC2 instances running on it, the general-purpose M9g instances. According to the cloud provider, the latest chip delivers up to 25% higher performance than Graviton4, introduces the Nitro Isolation Engine, and provides a larger L3 cache, improving latency, memory bandwidth, and network throughput.
-
Amazon S3 Vectors Reaches GA, Introducing "Storage-First" Architecture for RAG
AWS has announced the general availability of Amazon S3 Vectors, increasing per-index capacity forty-fold to 2 billion vectors. By natively integrating vector search into the S3 storage engine, the service introduces a "Storage-First" architecture that decouples compute from storage, reducing total cost of ownership by up to 90% for large-scale RAG workloads.
-
AWS Announces New Amazon EKS Capabilities to Simplify Workload Orchestration
Amazon Web Services has launched Amazon EKS Capabilities, a set of fully managed, Kubernetes-native features designed to streamline workload orchestration, AWS cloud resource management, and Kubernetes resource composition and automation.
-
AWS Expands Well‑Architected Guidance with Data Residency and Hybrid Cloud Lens
Earlier this year, AWS launched the Well-Architected Data Residency with Hybrid Cloud Services Lens, providing guidance for hybrid cloud workloads. The lens covers data classification, operational practices, automation, and compliance, helping organizations manage data location while optimizing security, cost, and resilience.
-
MinIO GitHub Repository in Maintenance Mode: What's Next for the Open Source Object Storage?
After a contentious license change and the removal of administrator functionalities from the console, the company behind the popular open-source object storage server Minio recently announced that the project will now enter maintenance mode. The change has raised discussion in the community about the need for a fork, the challenges of open source projects, and the current alternatives.