
Simon and Jillian keep you up to date with over 70 new releases and capabilities!
Loading summary
A
This is episode 740 of the AWS podcast released on October 6th, 2025.
B
Hello everyone and welcome back to the AWS Podcast. I'm Lish here with you. Great to have you back, joined by my co host, Gillian Ford. G', day, Gillian. How you doing?
A
It's always a good day when it's podcast day.
B
This is true, this is true. I think we can live by. In fact, that's a coffee mug right there.
A
That's right.
B
So we have lots of updates, I think over 70 updates today and a couple really caught our eye. I mean, it's always hard to choose a favourite. It's like having a favorite child. It can't be. If I had to choose. I think when we're looking through AWS announces EC2 instance attestation. Now this is really important and really, really cool. This is generally available and it basically makes it easier for you to validate that only trusted software is running on your EC2 instances, including instances with AI chips and GPUs. Now, before you could, you know, remove operator access, et cetera. But how do you verify that the target EC2 instance configuration is what it actually is? So now what it is is you can cryptographically verify that your EC2 instances are running your trusted configuration and your software. So this uses the Nitro trusted platform module and a testable Amazon machine images. And basically you can verify whether a target EC2 instance has the same measurement as the reference measurement generated by the ami. And the. This also integrates with kms, a whole bunch of other stuff. But. But what's really cool here is not only is this available, but it just is like it doesn't cost you anything to use. It's. This is pretty important, Julian.
A
This is. Yeah, I can imagine there's just like a lot of like important use cases where you'd want to be able to utilize this. So I'm very excited to see.
B
Yeah, and it's, it's, it's about proving, you know, one thing with security. It's one thing to say security, but it's the other thing to, to prove to it to an auditor or to an inspector, to yourself, to say, hey, am I confident that this is the thing? I think it is. And can I attest. And this is available in all AWS commercial regions, including the US GovCloud US regions as well. So you can get wrong.
A
Super excited.
B
Yeah. And I think there was Also one for S3 that caught our eye as well.
A
Oh yes. Because I think a lot of people have been afraid of deleting something just in case there might be another object that is lingering around before you delete it. And that's what this new launch is. This new feature is now supports conditional deletes for general S3 buckets. So this helps you prevent accidental deletions in high concurrency multiple writer scenarios. So Amazon S3 they're only going to allow your delete request to succeed if you have this etag that is provided that matches the object. So I know that would give someone like me just a lot more safety security. Be able to sleep at night.
B
Exactly. So it's basically saying am I deleting something that I think I'm deleting? As in is it the version that I think I'm deleting or did it get changed by someone else? So this is really useful when you got lots of people changing files over time and you think you're deleting the version that you wanted to delete and it's not. So this now lets you do that. You can also use the if match condition key on your S3 bucket policies to force that condition, which is pretty cool. And also it's available at no additional cost in all AWS regions. So again it's one of those nice quality of life things that pops up and makes life easier and you don't have to worry about it, it just happens. You often forget. So let's jump into some of the other updates. As I mentioned this a lot. Let's start with analytics. AWS Clean Rooms now supports incremental ID mapping with AWS entity resolution. So what this does is helps you perform real time data synchronization across your collaborators data sets with the privacy enhancing controls of AWS Clean Rooms. And now you can populate ID mapping tables in a clean rooms collaboration with only the new modified or deleted records since the analysis. So this just makes it easy to share data when you kind of don't trust each other, but you need to trust each other. Amazon OpenSearch Service now supports OpenSearch version 3.1 so improvements in areas like search, relevance and performance. It also introduces features to simplify development of vector driven applications for generative workloads. It also incorporates Lucene 10 that enables optimized vector field indexing resulting in faster indexing times and reduced indexing sizes and lots of other other benefits as Amazon OpenSearch ingestion now supports cross account ingestion and Amazon OpenSearch Service announces a derived source for storage optimization. So this is a new feature that can reduce the amount of storage required for your domain and it means you can skip storing source fields and dynamically derive them when required so you're getting the result rather than the working files. Amazon OpenSearch Serverless now supports disk optimized vectors. So this allows you to implement high quality vector search capabilities while significantly reducing costs. This is a big deal, so you can choose between Memory Optimized and Disk optimized vector storage options and Disk Optimized gives you the same accuracy and recall rates but it costs less. They make it slightly higher latency, so it's good when you don't need sort of a sub millisecond response times so things that are a little bit more batchy can really fit in there. And the OpenSearch team has been very busy because Amazon OpenSearch service now supports AI powered forecasting. So this can allow you to power insights into trending infrastructure utilization and of events, applications and business metrics and more. And Amazon OpenSearch Service has announced Star Tree Index. This is a new feature that significantly improves aggregation performance for high cardinality and multidimensional queries. This index pre aggregates data across configured dimensions and metrics at ingestion time which enables sub second response times for frequent aggregations. Now startree Index is designed for real time analytics I should say, and requires no changes to query syntax. So this is good. OpenSearch automatically uses the optimized path when supported queries are detected and early benchmarks show faster aggregation performance on large data sets. So this is going to be a really interesting new capability. It works best with append only data and builds during segment refresh merge. Amazon Redshift also announces the general availability of Multi Dimensional Data Layouts or mddl. These dynamically sort data based on actual query filters, accelerating query performance. So unlike traditional sorting methods that sort data based on fixed columns, MDDL sorts data based on query filters. So like things like, you know, sales in the US for example, which can give you up to 10 times better end to end performance compared to using only optimal single column sort keys for query workloads with repetitive query filters. So this is a really interesting thing if you live in this world of data warehouses. That'll be interesting to you.
A
Up next we've got application integration. Amazon EventBridge now extends kms customer managed key support to event bus rule filter patterns and input transformers. This capability enables you to use your own encryption keys to protect sensitive information in your event filtering and transformation logic. To meet stringent security and compliance requirements, AWS X Ray introduces adaptive sampling for automatic optimized error detection. This helps development teams reduce mean time to resolution during incidents by providing comprehensive trace data for root cause analysis while maintaining cost efficient sampling rates during normal operations. Adaptive Sampling supports sampling boost and anomaly span capture. AWS Step Functions now supports additional data sources and new observability metrics for distributed map AWS Step Functions is definitely one of the most underrated I'm a huge fan of Step Functions. If you are not familiar with it, if you've got a workflow, there's a good chance that it is a good use case for Step functions. You can orchestrate over 14,000 API actions from over 220 AWS services to build distributed applications and data processing workloads. Like I said, if you have a workflow type of architecture, there's a good chance that Step Functions would be a really good fit.
B
And it's a lot easier to use than it used to be. And it has visual interface as well. And using LLMs it's even easier to build stuff. So I'm literally using it now and I haven't used it for a while. I'm like oh this is so easy because I don't have to know anything about it. It just does the thing.
A
Just does the thing. And speaking of Step functions, we've got IT now supports IPv6 with dual stack.
B
Endpoints, proving once again that 2025 is the year of IPv6. Let's talk about Artificial Intelligence. No updates in this, but not only joking, plenty of updates. Stability AI Image Services is now available in Amazon Bedrock. So this gives you a comprehensive suite of nine specialized imaging editing tools designed to accelerate your professional creative workflows. So this gives you granular control over image editing with a range of tools, which means you can go from concept to finished tool very quickly. So things like remove background, edit object search and replace search and recolor in paint. Whole bunch of stuff. So very powerful. We're happy to announce on demand deployment for custom Meta Llama models in Amazon Bedrock. So this is an on demand version of metal llama 3.3 that's been fine tuned or distilled in bedrock. Deepseek version 3.1 model is now available as a fully managed option within Amazon Bedrock. So again, if that's a flavor that you want to use, you can OpenAI open weight models have expanded to new regions on Amazon Bedrock. Now this expansion brings these really powerful AI models closer to customers in different parts of the world. Now this means that you can use state of the art AI models while keeping your data where you want them to be. And that means you get access to the OpenAI open weight models that also excel in certain spaces. And one of the things we're learning with foundation models and frontier models is that they all do different things slightly better or worse than each other. And so it's not kind of one model to rule them all, it's lots of models. And so that's why people like having choices. Speaking of which, Quin three models are now available fully managed in Amazon Bedrock. So this gives you Again access to 4qin3 Open Weight foundation models that are available as fully managed serverless offerings. Amazon Bedrock Agent, Core runtime, browser and code interpreter have added support for VPC, AWS, Private Link, CloudFormation and tagging, so this means you can integrate it into your automated infrastructure as code. Now, just as a reminder, Agent Core runtime enables you to deploy and scale dynamic AI agents securely using any framework protocol or model, so it gives you lots of choice. Amazon Lex provides generative AI based enhanced natural language understanding in eight new languages. So you get Chinese, Japanese, Korean, Portuguese, Catalan, French, Italian and German. So eight entire languages that I can't speak, so you've got a lot more capability there. And Amazon Lex has also provided enhanced confirmation and currency built in slots for 10 additional languages as well, so more understanding for Portuguese, Catalan, French, Italian, German, Spanish, Mandarin, Cantonese, Japanese and Korean. So this all helps with having more natural conversations with Lex. We're happy to announce AWS neuron SDK 2.26.0 this release introduces support for PyTorch 2.8 and JAX 0.6.2 as well as enhanced inference capabilities on trainium 2 instances. Now this is really important for deep learning workloads et cetera. This allows you to deploy optimizations, parallelism support, mixture of expert models, et cetera. You can Also now deploy Flux1Dev image generation models along with Llama for Scout and Maverick variants in beta on training 2 instances, so lots of options for those smaller, more nifty models. Amazon Nova act extension now has a build and test AI agents within your ide. So this is a tool that transforms how you build with Nova act by bringing the entire agent development experience directly into IDEs like Visual Studio, Code, Cairo and Cursor. And the Nova ACT extension consolidates natural language based script creation, granular scripting precision and robust browser testing into a single unified user interface so you don't have to switch between things. Now the Nova ACT extension is built on top of the Nova ACT SDK which has been available in Research Preview since March of 2025 and this really addresses feedback we've received from developers saying put it all in one place in the ide. So now it is Amazon Q Developer cli. Probably the place I spend most of my time these days on doing development because that's just. I was just thinking that this is this I bounce between Cairo and qcli. It now support for remote MCP servers. So remote MCP servers improve scalability and security of the tools you use within your development tasks. So it reduces the use of compute resources by moving it to a centralized server. And it also helps you manage access and security. So you can now integrate with Things like Atlassian, GitHub and others that support HTTP and support OAuth based authentication so you can plug it in and get going.
A
Simon I think this is the first time I've seen an update where I've really only thought about my own self interest. Usually I think about our customer when I get excited about interest. But usually with Q Developer cli, I mean if you talk to anyone at aws, they're probably using it for to hack around with their own internal productivity projects. So I'm sure a lot of people are going to be using this and just like super pumped for it.
B
It's almost become the operating system it really has. Yeah, sit there and do stuff there. And then when the team adds new stuff, I'm like, oh, it now does this, now it does that.
A
That's right.
B
Pretty cool. Amazon SageMaker Hyperpod now supports auto scaling using Carpenter. So that means you can automatically scale your clusters to meet dynamic inference and training demands. Amazon SageMaker Hyperpod also announces health monitoring agent support for Slurm clusters. So if that's the clusters you're using, you can use it. Still my favorite cluster name as well. You gotta love a cartoon reference in the name of a service.
A
I missed the cartoon restaurant. I just heard you talking about cartoons.
B
So Slurm comes from. From not the guy that created the Simpsons, then also created a follow on one where they're in space. Futurama. There we go.
A
Whoa. Oh wow. That one.
B
Yeah, yeah. I love a cartoon reference. So that was, you know, Futurama, they're drinking slum and someone thought that'd be a good name for clustering system. And there you go. Sloom is open source.
A
I like it. Speaking of other things that we like, let's talk about business applications. Amazon Connect Flow Designer now supports analytics mode With Amazon Connect Flows you can now create end to end self service and automated customer experiences such as interactive voice response. Step by step guides and back office process tasks tasks. So now with this flow designer you can view aggregate metrics on how customers move through each step in the flow, including where they run into errors or abandon the experience. For example, you can see how many conversational AI interactions result in transfers to agent queues or when customers end up in the wrong queue because an error in the flow configuration. That's super useful, especially as more companies are really thinking about how to integrate these conversational AI agents into their conversational workflow. So I think this one's definitely one to bookmark if you're using Amazon Connect Another one for Amazon Connect you can now use custom attributes with interaction segments, ensuring reporting and analytics always reflect the true customer journey Attributes such as business unit name, account type or contact reason can be centrally managed. Amazon Connect Contact Lens now provides sensitive data redaction from voice and chat conversational analytics in seven additional languages. Amazon Connect launches the ability to search contacts using agent hierarchy filters. Amazon Connect Cases now supports filtering by date ranges in the case list view, enabling contact center managers and agents to efficiently manage their case workloads.
B
Let's talk Compute the AWS Compute Optimizer now supports 99 new Amazon EC2 instance types. So again this helps you identify additional savings opportunities across your EC2 instances without specialized knowledge or manual analysis. My reminder, if you're not checking every three months your EC2 fleet for opportunities, you're probably missing out. So you should take a look at that. Different to the old world where you bought a server and that was your server, not the case anymore. So obviously lots of chance to improve things. Speaking of improvement, now generally available Amazon EC2 R8 G N instances. These instances are powered by Graviton 4 processors. They give you up to 30% better compute performance than Graviton 3 and these feature the latest generation 6th generation AWS Nitro cards and they give you up to 600 gigabits per second network bandwidth this is the highest network bandwidth Amongst Network optimized EC2 instances instances. The other ones that are generally available are the R8GB instances and these are also available with up to 150 gig of EBS bandwidth. So again more of a disk based approach as well. Amazon EC2 supports detailed performance stats on all NVME local volumes. I like this one. This gives you real time visibility into the performance of your Nitro system based EC2 instance store NVMe models volumes I should say make it easier to monitor your storage health et cetera. So you get 11 comprehensive metrics at one second granularity so you can see what's going on, including things like Q depth, iops, throughput, detailed I O latency histograms. These are things that you're probably used to seeing for ebs. This helps you monitor stuff that's running on the machine itself. Amazon EC2 auto scaling now supports forced cancellation of instance refreshes, so this means you can cancel it without waiting for any in progress instance launches or terminations to complete. So again this is about greater control, especially during emergency situations where you go rapidly roll forward to a new application deployment. So this gives you even more control. Amazon EC2's allowed AMI setting adds new parameters and enhanced AMI governance There are now four new parameters, marketplace codes, deprecation, time creation date and AMI names. So this allows you to define criteria to reduce the risk of launching things that aren't compliant in your environment. We're happy to announce unlimited network burst duration on EC2I 8G and i7i instances. So these and this relates to sizes larger than 4x large. Basically it allows you to burst permanently so you can burst as much as you want within the limit that you've got. So you can deliver up to 100 gig of network performance bandwidth and 60 gig of dedicated bandwidth for EBS. So it's a honking great amount of throughput that you can get. And you can it's not bursting as in starts and stops. It now just goes Amazon EVs the Elastic VMware service now allows you to securely migrate and stretch your layer 2 networks from your on premises data center center to Amazon EVS environments over the public Internet. So this adds to the existing capability of doing that through private connectivity like AWS direct connect or VPNs. Now you can just use elastic IP addresses and have a stable endpoint. So this can be really useful if you've got to move fast. Maybe your licensing has run out, you need to upgrade, et cetera. You can move as quickly as you need. The research and engineering studio on AWS version 2025.09 is now available. So this gives you things like fractional GPUs, simplified AMI management and enhanced deployment flexibility. It also includes more regions as well. Basically this is an open source solution that gives you a web based portal for administrators to create and manage secure cloud based research and engineering environments. We're happy to announce the availability of second generation AWS outposts racks in 52 more countries. And no, I will not say what those countries are. You can look at that yourself. And AWS Parallel computing service PCs now supports Amazon EC2 capacity blocks for machine learning, so this means you can use that natively in your PCs clusters, and this makes it easy to get up and running.
A
Let's talk about databases. Amazon RDS for MySQL now supports Community MySQL Innovation Release 9.4 in the RDS Preview Environment. Amazon RDS for MySQL announces Extended Support Miner 5.7.4.4. Amazon RDS for Postgres 18 is now available in the RDS Database Preview Environment. Amazon RDS for DB2 now offers reserved instances Amazon RDS announces Cross Region and Cross Account Snapshot Copy this launch allows you to copy snapshots across regions and accounts directly without performing it sequentially as two separate copies. Customers use Cross region and cross account snapshot copies for managing the risk of incidents such as ransomware attacks and region outages affecting their production account or primary.
B
Regions and let's do a quick update in the topic of developer tools, Amazon Credo 25 is now generally available. Now if you don't know what this is, Amazon CREDO is a no cost multi platform production ready distribution of OpenJDK. So if you're using Java this is a thing you want because it gives you support for Linux, Windows and Mac os and this is a long term support version as well. So it means that you get get long term support. So this is a good thing for you to use. If you live in that world. It's always good to stay up to date. So version 25 is now available A.
A
Few updates in end user computing Amazon AppStream 2.0 is enhancing the end user experience by introducing support for local files redirection on multi session fleets. Amazon AppStream 2.0 announces support for graphics G6 instances with fractionalized GPU sizes. AWS end user messaging now supports Cloudformation for SMS.
B
Let's do a little update on the Internet of Things. AWS launches sitewise MCP server for simplified modeling. It's available in the AWS Labs MCP Open Source repository. This MCP server simplifies industrial data modeling by providing built in domain validation and automated modeling capabilities, which means you don't need to have extensive API knowledge. The server supports existing AWS IoT sitewise functionality through familiar tools while adding new conversational interfaces for enhanced user interaction.
A
The year of IPv6 and the MCP ification of things Ification.
B
I like it.
A
Next topic we've got is management and governance. AWS budgets now supports custom time periods and I think this is also a good service announcement that if you are not using AWS budgets, it is so simple to set and forget. And if it's one of those things where hopefully you don't need to use it, but if you do need to utilize it, you will be thankful that you'll be notified that you are close to your budget. Amazon CloudWatch now supports resource tags when monitoring vended metrics DevOps engineers and cloud administrators can now create dynamic monitoring views that align with their organizational structure. Using their existing AWS resource tags, Amazon cloudwatch launches Cross Account and Cross Region Log Centralization. This is a good one. I'm really excited about this. This capability seamlessly integrates with AWS organizations, enabling efficient aggregation of logs from workloads that span multiple accounts and regions into a single account without the need to manage custom solutions. The log centralization feature provides the ability to scope the centralization rules to copy log data from their entire organization, specific organizational units, or selected accounts into a single account. So for those of you are thinking, oh my gosh, that could be a ton of logs if we're all centralizing them, no, this is a way that you can be strategic of which logs do centralize in one place, so you might not necessarily need to retain all of those logs. AWS announces the general availability of new capabilities within AWS billing and cost management that enables customers to manage their AWS spend across multiple organizations through a single AWS account. Customers can now share custom billing views containing cost management data with other AWS accounts outside their organization. AWS License Manager announces support for shared AWS managed active directory across multiple accounts, simplifying Microsoft license management on aws. AWS organizations now provides account state information for member accounts. This launch allows you to have a more granular account state information such as suspended for AWS enforced suspension pending closure for in process closure requests and close for accounts in their 90 day reinstatement window. And AWS Organizations now offers full IAM Policy language support for service control policies, enabling you to write service control policies with the same flexibility as IAM managed policies. With this launch, Service control policies now support use of conditions, individual resource arms, and the Not Action element and allow statements. Next topic is Security Identity and compliance. IAM Identity center now supports customer managed KMS keys for encrypting workforce identity data including user and group attributes. AWS Network Firewall now offers enhancements to its console monitoring dashboard and security controls. AWS Network Firewall enhances the application layer traffic controls. These enhancements help customers implement robust security policies without writing complex custom rules. So this can be like effectively Inspecting and filtering traffic where key information is segmented across multiple packets.
B
Let's talk about storage. There is a new latency injection action in the AWS fault injection service FIS for Amazon ebs. This allows you to run fault injection experiments. So with this new action you can introduce I latency into your volumes as part of a control testing experiment. This is pretty cool because you can see what happens if my EBS volumes aren't working at the speed that I thought they should work at. So you know, as with everything, test and you will find out. Amazon EBS increases the maximum size and provision performance of GP3 general purpose volumes, so we now support higher volume level limits for these. So GP3 volumes can now scale up to 64 terabytes in size, which is four times the previous 16 terabyte limit and up to 80,000 IOPS, which is five times the previous 16,000 limit and up to 2,000 MIB of throughput, which is twice the previous limits. That's pretty cool. Like I used to work in storage hardware and I can tell you to get that upgrade happening yourself would be a lot of work. There is no work here. The pricing model remains unchanged. You pay for the storage plus any additional iops and throughput provisioned beyond the baseline performance. And there you go. Gotta love that. Amazon S3 batch operations now supports managing buckets or prefixes in a single step in the AWS Management console. So now you can do lots more in one place if you're a console kind of person. And you can now preview Amazon S3 tables in the S3 console as well so you don't have to write a SQL query, you can view the schema, you can sample rows of your tables stored in there to better understand and gather key information about your data quickly without any setup. Super useful for development. And it's only appropriate that our last item today continues the celebration of the year of IPv6 because AWS Storage Gateway now supports IPv6. So this, this supports your AWS Storage Gateway endpoints, APIs and Gateway appliance interfaces. So you now have both IPv6 and IPv4 to our new dual stack endpoints. The existing AWS Storage gateway endpoints supporting IPv4 will only remain available for backwards compatibility. Wow. There was a lot today, Jillian. I feel like a lot of quality of life improvements. There were things that you may use in terms of how you do your day to day development. There's a lot of management stuff, there was security stuff, there was a lot going on on.
A
There really was. I mean it's always hard to pick favorites. But Simon, I'd love to know, is there one that stood out to you?
B
It's got to. For me, it's got to be the attestation one. Like, I just think that is. I. I love when super complicated, difficult things get done for me and I don't have to pay for them. I'm lazy. It's okay, you know?
A
Totally.
B
What about you?
A
Ah, the remote mcp. I. I mean, I. I should. Should be requesting one that I know most of my customers would be like, really excited about, and I'm sure they will because everyone loves MCP servers, I think, nowadays. But this one's totally for selfish reasons.
B
No, that's. It's a viable reason. It's a viable reason. How do folks reach out to you if they want to suggest the MCP server they want?
A
Oh, please do. I am Jillian Floord on LinkedIn, and.
B
If you want to go old school AWS, podcast.com is also the place to do it. And until next time, keep on building.
Release Date: October 6, 2025
Hosts: Simon Elisha & Jillian Ford
This episode features a jam-packed roundup of over 70 fresh AWS updates across security, storage, analytics, AI, compute, developer tools, databases, IoT, and more. Simon and Jillian dive deep into standout launches such as EC2 Instance Attestation, S3 Conditional Deletes, and the latest in analytics, AI model support, and cloud management improvements. The tone stays upbeat, inquisitive, and often personal, as the hosts share both the technical implications and their own favorite announcements.
[00:23]
"It's about proving...one thing to say security, but it's the other thing to prove to an auditor or to an inspector, to yourself, to say, hey, am I confident that this is the thing I think it is."
— Simon ([01:50])
[02:13]
"I know that would give someone like me just a lot more safety and security. Be able to sleep at night."
— Jillian ([02:19])
[03:22]
[07:17]
"Step Functions is definitely one of the most underrated—I'm a huge fan...if you have a workflow, there's a good chance it's a good use case."
— Jillian ([07:37])
[09:22]
"It's almost become the operating system...I sit there and do stuff there. And then when the team adds new stuff, I'm like, oh, it now does this, now it does that."
— Simon ([14:45])
[15:58]
[17:51]
[22:01]
[22:54]
[23:32]
[23:59]
[24:39]
[27:48]
[28:19]
"I used to work in storage hardware and I can tell you to get that upgrade happening yourself would be a lot of work. There is no work here."
— Simon ([29:33])
Episode #740 showcases a vast array of AWS launches and enhancements, from foundational security (EC2 Attestation), reliability (S3 Conditional Deletes), and analytics speed-ups (OpenSearch Star Tree Index, Redshift MDDL) to new AI models and dev workflow boosts. The hosts highlight how many of these quality-of-life improvements enable developers and IT teams to work faster, safer, and with more confidence—all with the signature mix of practicality and wit. If you’re building in AWS or managing infrastructure, this episode delivers a must-have cheat sheet for the very latest capabilities.
Contact:
Closing Note:
"Until next time, keep on building." — Simon ([31:38])