AWS Podcast Episode #709: AWS News – GuardDuty Malware Protection, CloudTrail Network Activity Events

Release Date: February 24, 2025

In Episode #709 of the AWS Podcast, hosted by Amazon Web Services, Simon Elisha and Hawn Nguyen-Loughren delve deep into the latest updates and innovations across AWS services. This episode focuses on significant enhancements in security, analytics, artificial intelligence, compute, and more, providing valuable insights for developers and IT professionals alike.

1. Major Announcements

a. Amazon GuardDuty Malware Protection for S3 Price Reductions

The episode kicks off with a major update on Amazon GuardDuty, AWS’s threat detection service. Shruti highlights a substantial price reduction, stating:

“We are lowering the price for the data scanned dimension by up to 85%” [00:21].

Key Details:

• Price Reduction: Data scanned for GuardDuty malware protection in S3 is reduced from $0.60 to $0.09 per gigabyte in the US East region.
• Unchanged Pricing: The cost for objects evaluated remains the same.
• Impact: This reduction offers significant savings, especially for organizations handling large-scale file uploads or extensive data processing.
• Efficiency Improvements: AWS achieved these savings by enhancing their scanning infrastructure and data processing efficiencies.

This price cut not only makes GuardDuty more accessible but also reinforces AWS’s commitment to providing cost-effective security solutions.

b. CloudTrail Network Activity Events for VPC Now Generally Available

Next, the podcast covers the general availability of CloudTrail Network Activity Events for VPC.

“This helps you strengthen your data security measures and implement detective controls for your private network” – Shruti [01:53].

Key Features:

• Enhanced Security: Logs API call activities traversing VPC endpoints, aiding in tracking denied actions and detecting unauthorized external credentials usage.
• Compliance: Facilitates meeting compliance requirements by providing detailed audit trails.
• Advanced Event Selectors: Allows for sophisticated filtering and monitoring of user activity related to VPCs.
• Integration: Combines the functionalities of CloudTrail and VPC to offer a unified view of user activities within virtual networks.

This development is crucial for organizations aiming to bolster their network security and maintain rigorous compliance standards.

2. Additional AWS Updates

a. AWS Marketplace Enhancements

• Custom Payment Schedules: AWS Marketplace now supports customized payment plans for private offers, enabling channel partners to add margins and offer installment plans to their customers. This flexibility aids in better financial management and scalability for businesses.

b. Analytics Improvements

• Amazon OpenSearch Serverless: Expanded support for time series workloads up to 100 terabytes, catering to large-scale data analysis needs.
• Amazon Redshift Serverless: Reduced IP address requirements to 3 per subnet, simplifying network configurations.
• QuickSight Dashboard Q&A: Introduced to allow authors to add data Q&A features to dashboards with a single click, enhancing data interaction and visualization.
• AWS Glue: Now boasts 14 new native connectors for applications like Salesforce Commerce Cloud, Microsoft Teams, and DocuSign, broadening data ingestion capabilities.

c. Application Integration Enhancements

• AWS AppSync:

  • Resolver Testing: Enhanced with comprehensive context object mocking for more robust testing.
  • Operation-Level Caching: Enables caching of entire GraphQL query responses, improving performance.
  • CDK L2 Constructs: Simplifies the creation of WebSocket APIs.

• AWS Step Functions:

  • Additional Data Sources: Supports more flexible data handling for distributed workflows.
  • Increased Quotas: Raises the default quota to 100,000 state machines and activities per AWS account.

• Amazon EventBridge: Now displays source and detail types of all AWS service events within the console, streamlining rule creation.

d. Artificial Intelligence Advancements

• Amazon Q Developer:

  • Java 21 Support: Facilitates leveraging the latest Java features for enhanced performance and security.
  • Simplified Setup: Redesigned workflow for Pro tier subscriptions, making it more user-friendly.
  • Enhanced Troubleshooting: Diagnoses AWS console errors across all commercial regions.
  • Real-Time Code Validation: The Developer Agent now builds and tests generated code on the fly, ensuring higher quality outputs.

• Amazon Personalize: Now supports IPv6, addressing modern networking requirements.

• Amazon Polly: Launched a new voice in Singaporean English, catering to regional customer bases.

• AWS HealthScribe: Supports the GIRPP format for behavioral health, improving data handling in healthcare applications.

e. Compute Innovations

• AWS Lambda: Introduces application performance monitoring for Java and .NET runtimes via application signals.
• Amazon EC2:
  • New Instance Sizes: General availability of smaller F2.6xlarge instances.
  • Automated Recovery: Supports automated recovery of Microsoft SQL Server databases using EBS snapshots.
• AWS Batch: Enhances access control and management for workloads on EKS.
• Amazon ECS: Allows updating services using both short and long Amazon Resource Names (ARNs) without recreating the service.

f. Customer Engagement Tools

• Amazon SES: Offers tiered pricing for the Virtual Deliverability Manager, optimizing email deliverability management costs.

• Amazon Connect Contact Lens:

  • Automated Actions: Create rules based on customer hold time and agent interactions.
  • Performance Dashboards: Aggregated insights on agent performance.
  • Automated Emails: Notifies agents about completed performance evaluations.

• Amazon Connect Cases:

  • Conditionally Required Fields: Ensures necessary information is captured based on case status or type.
  • Granular Search: Enhances search capabilities and customizable case list views.

g. Database Enhancements

• Amazon DynamoDB: Now supports auto-approval of quota adjustments, streamlining scalability.
• Amazon CloudWatch: Introduces lock contention diagnostics for Aurora PostgreSQL, assisting in pinpointing performance issues.
• Amazon DocumentDB: Offers one-click connectivity with Cloud Shell, simplifying database management.
• Amazon RDS:
  • MySQL & PostgreSQL: Extended support for minor versions, emphasizing security and bug fixes.
  • SQL Server & Oracle: New minor versions support and enhancements like extended storage options in RDS Custom for SQL Server.

h. Developer Tools Upgrades

• AWS Toolkit for Visual Studio Code: Now supports Amazon DocumentDB with MongoDB compatibility, enhancing developer workflows.
• AWS CodePipeline: Adds CloudWatch metrics support for better pipeline monitoring.
• AWS CodeBuild: Integrates with BuildKite, facilitating continuous integration processes.

i. End User Computing Enhancements

• Amazon AppStream 2.0: Adds administrative control over OneDrive for Business linking, improving data management.
• AWS Wickr: Introduces a dedicated space for organizing and accessing files, enhancing user collaboration.

j. Management and Governance

• CloudWatch Application Signals: Now supports runtime metrics for .NET applications without source code changes, enabling better performance monitoring.

• AWS CloudFormation:

  • Stack Refactoring: Simplifies reorganizing cloud resources across stacks.
  • Support for AWS Transfer Family Web Apps: Broadens the scope of resources manageable via CloudFormation.

• AWS Config: Adds support for four new resource types, enhancing auditing and remediation capabilities.

• Cost Optimization Hub: Introduces recommendations for idle EC2 auto-scaling groups and right-sizing strategies.

k. Media Services

• AWS Elemental MediaTailor: Expands log delivery destinations, improving media monitoring.
• AWS Deadline Cloud: Now supports Adobe After Effects and configurable resource limits, optimizing media production workflows.

l. Networking and Content Delivery

• AWS Network Load Balancer: Enables removal of Availability Zones, providing greater flexibility in application stack management.

m. Security, Identity, and Compliance

• AWS Secrets and Configuration Provider: Integrates with POD Identity for Amazon EKS, enhancing secret management.
• Amazon Inspector: Enhances container image scanning security.
• AWS IAM:
  • Encrypted SAML Assertions: Adds support for secure identity federation.
  • Improved Error Messages: Offers better clarity in provisioning issues.
• AWS Verified Access: Launches zero trust access for resources over non-HTTP protocols, strengthening security postures.

3. Storage Innovations

• Amazon EBS:

  • Snapshot Size Information: Now fully visible in the console and API.
  • Resource-Level Permissions: Offers granular controls for volume creation from snapshots.

• Amazon FSx:

  • Lustre Version Upgrades: Allows file systems to benefit from the latest enhancements.
  • IPv6 Support: Standardizes applications using IPv6 with dual-stack endpoints, addressing modern networking requirements.

• Amazon EFS: Supports up to 10,000 access points per file system, a tenfold increase from previous limits, facilitating large-scale access management.

• Amazon Data Lifecycle Manager: Now supports IPv6, aligning with contemporary network standards.

Conclusion

Episode #709 of the AWS Podcast provides a comprehensive overview of the latest AWS service updates, emphasizing security enhancements, cost optimizations, and expanded capabilities across various domains. With significant price reductions in GuardDuty, enhanced monitoring in CloudTrail, and numerous advancements in analytics, AI, compute, and storage, AWS continues to empower developers and IT professionals to build robust, scalable, and secure cloud solutions.

Stay tuned for more in-depth discussions and updates in future episodes, and keep building with AWS!