A

This is episode 744 of the AWS podcast released on November 3rd, 2025. Hello everyone and welcome back to Editors Podcast. Simon Shihu with you. Great to have you back with of course, my co host Gillian Ford. G', day Gillian. How you doing Simon?

B

It's always a wonderful day when it's podcast day.

A

These are facts. These are facts. So a couple of things that have popped up that we thought we'd highlight at the start. Before we get into all the updates, there's quite a few and they're getting cool. The first one is that Amazon Bedrock Agent Core is now so you may have heard of this before. This is an agentic platform to build, deploy and operate highly capable agents securely at scale using any framework model or protocol that's really important. So this means you can build your agents faster, you can run them securely, you can have extended runtimes and you can also monitor them in production. So it's taking away of our old friend the undifferentiated heavy lifting of managing all these agents because once you create them, you're like, oh, now how do I look after them? So what's happening with general availability? Well, all Agent Core services now have support for VPC. Adam is PrivateLink, AWS CloudFormation resource tagging. So you get all that good stuff now out of the box. And Agent Core Runtime builds on its preview capabilities of a industry leading eight hour execution window and complete session isolation by adding support for Agent to Agent protocol, which I know a lot of folks have been asking for and broader A2A supports coming across all Agent Core Core services. There's also now Agent Core Memory that offers a self managed strategy that gives you complete control over your memory extraction and consolidation pipelines. An Agent Core Gateway now connects to existing model Context Protocol or MCP servers in addition to transforming APIs and lambda functions into agent compatible tools. Plus there's more. There's IAM authentication so you can use that in addition to OAuth as well. Agent Core Identity now gives you identity aware authorization, secure vault storage for refresh tokens, native integration with additional OAuth enabled services. So lots of stuff there. And Agent Core Observability now delivers complete visibility into end to end agent execution with operational metrics across all Agent Core services through dashboards powered by of course Amazon cloudwatch and it is OTEL compatible so you can integrate it into external capability providers like Dynatrace, Datadog, Arise, Phoenix, Langsmith and Langfuse. Now this works. Agent Core works with any open source framework, so CrewAI, landgraph, llama index, Google, ADK, OpenAI agents, SDK and any model in or outside of Amazon Bedrock. So you can use whatever it is you want to use. This is a thing I need to get far more comfortable with because I think I've been doing things the hard way till this came along and now we don't have to do it the hard way anymore.

B

Joanne I agree. I'm really excited for this one as well and all the regions that it's now generally available in. I mean you've got us, East Virginia, Ohio, we've got Asia Pacific, Sydney, Tokyo, Frankfurt, Ireland, I mean Singapore, that's a lot. Mumbai.

A

It's there, it's there. Get into it, have a look at it. And it's nice because what's happened since the preview into the full release is of course lots of customer feedback and lots of work. And so now it's got all these features that I think a lot of folks looked at the site and said this sounds promising, but I need X. Well, X is there now, so have a try. Now. Something else that's really useful and interesting I think is the new Amazon EC2 capacity manager. So this is a new capability that enables customers to monitor, analyze and manage your EC2 capacity across all of your accounts and regions. So this is all about simplification. One interface and you get a comprehensive view of your on demand spot and capacity reservation usage across your accounts and regions. So this is really useful to understand trends because these details will give you all the historical trends you can see. Optimization opportunities. You know how much I pester everyone to check their EC2 usage and optimize appropriately. You have the user Interface, you have APIs and also you can download your data as well. So if you're using some other system to manage things, you can do this. It's available in all commercial AWS regions enabled by default at no additional cost. Why wouldn't you?

B

And I also love for all of those who are using multiple accounts, which I hope is everyone who's here. Once you've enabled AWS organizations, you can view and analyze your capacity across all of your member accounts in a single dashboard. How convenient.

A

That's what we like. Convenience is good. So let's get into some of the other updates. Let's talk analytics. Amazon Kinesis Data Streams has announced new fault injection service actions for APIs, so you can now test your application's error handling and retry mechanisms. Things like exponential backoffs. Amazon MSK managed streaming for Apache Kafka now supports version 4.1 so this introduces queues as a preview feature, a new streams rebalance protocol in early access, and eligible leader replicas plus bug fixes and improvements. Amazon OpenSearch service now supports Graviton 4 based instances so these will often give you up to 30 better performance than Graviton 3 and give you the best price performance for what you're trying to do. My simple recommendation is if you're using something like the OpenSearch service or RDS et cetera, if you can switch to Graviton. If you can switch to the latest version of Graviton you'll get a price performance benefit with zero effort. And I like zero effort. Amazon QuickSight has announced the general availability of a new data preparation experience. So you can now clean transform and combine your data in multi step workflows. You can append table, you can aggregate data, you could do flexible joins and other advanced operations that you used to have to use custom programming or my very good friend SQL commands. Now you can do it a lot easier and you can even use data sets as a Source expanded from 3 to 10 levels. Now there's team functionality. You can have 20 times larger cross source joins so this moves from the previous capacity of one gig to 20 gig. Like it's getting big. You can do lots of stuff. Let's talk some quick updates for application integration. Amazon Corretto October 2025 Quarterly updates are out so if you're not familiar with it, this is a no cost multi platform production redistribution of OpenJDK. So if you're doing anything Java related this is a library you want to use. I have it running on my machine, I update it regularly when it comes to the updates and aws. Step Functions now supports Diagnosed with Amazon Q so if you're not familiar with step functions it's a visual workflow service that lets you build distributed applications and automate your IT and business processes. You can also build data and machine learning pipelines as well. And what this does is brings Amazon Q's intelligent error analysis directly into the console. So if you're in the console doing stuff and stuff ain't working, you just click diagnose with Amazon Q and it will go and give you some troubleshooting assistance. It's actually really useful. I used this the other day because I'm using step functions for something else and I don't use step functions that often in just the work that I do. But I was using it and because I'm not a step functions expert and things weren't working. I just diagnosed it with Q, Q told me what was wrong, Q fixed it and I moved on with my life.

B

And speaking of other really cool things with artificial intelligence, Claude Haiku 4.5 is now available in Amazon Bedrock Claude Haikue 4.5 delivers new frontier performance matching Cloudsonnet 4's capabilities, encoding, computer use, agent tasks, and at a substantially, substantially lower cost and faster speeds.

A

That's a big deal.

B

It really is, yeah. The model supports vision and it unlocks new use cases where customers previously had to choose between performance and cost. It enables economically viable agent experiences, supports multi agent systems, and Claude's unique character makes it really great for these for having like a performance efficiency, especially when you're looking at being able to take these proof of concepts and put them into production. So this is available in Bedrock via global cross region inference in multiple locations. Pretty exciting about that one. Amazon Bedrock now provides immediate access to all serverless foundation models by default for users in all commercial AWS regions.

A

This is a big deal, this one, because this is the old you used to have to go in and click a bunch of checkboxes and then the list got longer and longer and longer. There is no list anymore.

B

That's right, no more buttons. Just start going. I love it. Amazon Bedrock Data Automation now supports AVI, MKV and WebM file formats along with the AV1 and MPEG4 visual codecs, enabling you to generate insights across a broader range of video content. And BDA also delivers up to 50% faster image processing. Pretty cool. If you're not familiar with Bedrock Data Automation, it's definitely worth checking out, especially if you're processing documents or in this case, images. It allows you to automate the generation of insights from unstructured multimodal content such as documents, images, even audio and videos. So there's also expanded video and Kodak support. So it's definitely great, especially if you got these like larger volumes of images and you want to be able to process them in less time. So definitely recommend that Amazon Nova models now support the customization of content moderation settings for approved business use cases that require processing or generating sensitive content. Amazon SageMaker AI projects now supports custom template S3 provisioning. Amazon SageMaker Unified Studio supports Amazon Athena workgroups. Now we've got one update in the AWS Marketplace. AWS Marketplace now supports purchase order line numbers for AWS Marketplace purchases. Just going to make it a lot simpler with cost allocation and payment processing.

A

Let's talk business applications. Of course the Amazon Connect team have been busy because they always are. Amazon Connect now provides granular permissions for conversation recordings and transcripts. So now you can separately configure access to recordings and transcripts so you can allow users to listen to calls while preventing any unauthorized copying of transcripts. Amazon Connect now supports threaded views and includes conversation history in agent replies. It also now supports automated follow up evaluations triggered by initial evaluation results. And it now provides configurable thresholds for schedule adherence. So you can, you know, maybe say that you can define how early or late agents will start or end their shifts. So you may say that they can start 5 minutes early or end 10 minutes late or in their breaks 3 minutes late without it sort of affecting their adherence scores. You know, there's a bit of flexibility there. Now some more updates. It now supports agent schedule adherence notifications so you can understand if people are following what they should be following. It supports copy and bulk editing of agent scheduling configuration and Amazon Connect outbound campaigns support preview dialing for greater agent control. So this means you can see as an agent you can see key customer information like name, account balance, prior interactions and choose the right moment to call so that you're getting the right context before you make that phone call. Amazon Quicksight now supports font customizations for data labels and axes so you can make it look even more pretty. And something brand new that's generally available is Amazon RTB fabric. This is a fully managed service that allows you to connect with your ad tech partners such as Amazon Ads, Gumgum, Cargo Mobile, Fuse, Sorvin, Triple Lift, Viant, Yieldmo, et cetera in just three steps while giving single digit millisecond latency through a private high performance network environment. RTB fabric reduces the standard networking cloud costs by up to 80% and doesn't require any commitments. Now this is all about real time bidding for advertising type stuff which is a really interesting domain. I remember speaking to folks early, early, early early on in my time at Amazon who were building on on AWS for exactly this use case and latency was always a maximum consideration. So this is a really interesting offering that's available now. And Amazon ses, the simple email service has added visibility into the IP addresses used by dedicated IP address managed pools. So you can now find the exact addresses in use when sending emails through DIPM pools to mailbox providers. And this gives you more transparency and allows you to have more control.

B

Let's talk about compute. Amazon EC2 now allows customers to modify an instance's CPU options to optimize the licensing costs of Microsoft Windows License included workloads. This is a big one. You can now customize the number of VCPUs and or disable Hyper threading on Windows Server and SQL Server license included instances to save on VCPU based licensing costs.

A

That's a really big deal because it really is. If you spend much time of your life working on licensing, it's not fun. Spoiler alert. But cutting back on CPUs that you're not using, et cetera, can have a huge effect in terms of cost. So this is, this is messy.

B

It really is. I mean, just to put it into perspective, so let's take an R7i 8x large instance and this is running a Windows and SQL Server license. So now you can turn off hyper threading to reduce the default 32 VCPU count to 16. And then what that's going to do for you is this is actually going to save you 50% on the licensing costs. I mean, that's pretty significant.

A

And you're still getting the same memory that you had before in the same iops as well. So you're not cutting back on those for sure.

B

Yeah, this is really cool. Amazon ECS now publishes AWS Cloudtrail Data Events for insights into API activities. This new capability enables customers to monitor, audit and troubleshoot container instance operations. With CloudTrail data event support, security and operations teams can now maintain comprehensive audit trails of ECS agent API activity, detect unusual access patterns and troubleshoot agent communication issues more effectively. Amazon ECS now allows you to run firelens containers as a non root user by specifying a user ID in your task definition. AWS Lambda increases maximum payload size from 256 kilobytes to 1 megabyte for asynchronous invocations. This is also a big one if you are like a serious serverless user.

A

Yeah, so it really helps people streamline their architectures. I can really have another look at things.

B

Oh, for sure. All right, next up we've got AWS parallel computing service. This now supports rotation of cluster secret keys using AWS Secrets Manager, enabling you to update the secure credentials used for authentication between Slurm controller and compute nodes without creating a new cluster. AWS parallel computing service now supports slurm version 25.05 AWS serverless application model Command line interface now supports FINCH as an alternative to Docker for local development and testing of serverless applications. AWS Fluent bit announces version 3.0.0 based on fluent bit version 4.1.0 so we.

A

Talked about processing stuff. Where do we put it? We put it in databases so let's talk about databases. Amazon CloudWatch Database Insights now provides on demand analysis for RDs in SQL Server. So this uses machine learning models to identify performance bottlenecks during time periods and gives you advice on what to do next. So this really helps process your data faster because you figure out where those bottlenecks are and you fix them. Amazon DocumentDB with MongoDB compatibility now supports Graviton 4 based R8G database instances. Refer back to my earlier comment if you can move to Graviton 4, do it. You'll thank me later. And Amazon DocumentDB with MongoDB now supports Internet Protocol version 6 because of course it is the year of IPv6. Wouldn't be an episode without one of those and we're also happy to announce Vector Search for Amazon elasticache is now generally available so you can use elasticache to index search and update billions of high dimensional vector embeddings with popular providers like Amazon Bedrock, SageMaker, Anthropic and OpenAI with latency as low as microseconds and up to 99% recall. So when would you use this semantic caching for large language models? Multi turn conversational agents which need that very quick response time to give you relevant information back to people who are waiting on those answers. CloudWatch database insights now supports tag based access controls, so this includes database and per query metrics as well. So this means you can logically group together and stop people seeing things they shouldn't see. Aurora DSQL now supports resource based policies again simplifying access control and it means you can specify IAM principles and the specific IAM actions they can perform against your Aurora D SQL Resources Amazon RDS now supports the latest CU and GDR updates for Microsoft SQL Server, which is my regular reminder for you to patch your stuff. And Amazon RDS for SQL Server now supports retaining CDC configurations when restoring your backups, so this makes it easier for you to get up and running quickly and making sure that you have your restoration set up properly. Amazon RDS for SQL Server enables encrypting native backups using server side encryption using AWS KMS keys. So this means you can now encrypt your files using your own KMS key or the AMS the AWS ones as well. Amazon Aurora PostgreSQL 0ETL integration with Amazon SageMaker is now available, so this means you can have near real time availability for analytics workloads. So this integration automatically extracts and loads data from PostgreSQL tables into your lakehouse where it's immediately accessible through various analytics engines and machine learning tools. Now the data synced into the Lakehouse is compatible with Apache Iceberg open standards, which means you can use things like SQL, Apache, Spark BI and AI ML tools. No code interface. Away you go. This is a really cool thing. I love anything that avoids me having to do any ETL. Amazon Timestream for InfluxDB now offers support for InfluxDB 3. So this is a new architecture for the InfluxDB database engine built on Apache Arrow for in memory data processing, Apache Data Fusion for query execution and column note parquet storage format with persistence in Amazon S3 to give you fast performance for high cardinality data and large scale data processing for large analytical workloads.

B

We've got two updates in end user computing. Amazon AppStream 2.0 now offers Microsoft applications with licenses included. Amazon DCV releases version 20.25.0 with enhanced keyboard handling and web auth and support.

A

One update in the world of front end web and mobile. Amazon Location Service introduces new map styling features for enhanced customization. So it means you can now customize your maps with terrain visualization, contour lines, real time traffic data and transport specific routing information. And it can be tailored for different use cases so you know you might have something that's different for outdoor navigation versus logistic planning, et cetera. Helps you do overlays, all those kinds of visual things you want to do. Now let's talk about management and governance. Generative AI observability is now generally available in Amazon CloudWatch. So this allows you to monitor all components of AI applications and workloads. So this includes of course agents deployed and operated with Amazon Bedrock. Agent Core. This release expands beyond runtime monitoring to include complete observability across Agent Core's built in tools, gateways, memory and identity capabilities. So with this new capability, CloudWatch enables developers to analyze telemetry data across components of a generative AI application. You can monitor code execution patterns in built in tools. You can track API transformation success rates through gateways, you can analyze memory storage and retrieval patterns and you could ensure secure agent behavior through identity observability. Now this is really useful because you know as we're building out these systems they get complex pretty quickly and they're doing lots of stuff. This lets you do things like identify gaps in vector DB to authentication failures to end to end prompt tracing. You know when people are saying why is it doing this? You can give them a good answer. Amazon cloudwatch now also offers interactive incident report generation, which means you can create comprehensive post incident analysis reports in just minutes. So what this will do is automatically gather and correlate all your telemetry data as well as your input and any actions taken during an investigation and give you a streamlined report. This is really cool. Amazon CloudWatch agent has added support for Windows event log filters. So this means you can selectively collect and send system and application events to CloudWatch from Windows hosts running on EC2 or on premises. So this allows you to focus on events that meet specific criteria and it means you're reducing the amount of logging you might be doing. Amazon cloudwatch Synthetics now supports bundled multi check canaries. No, these are not actual birds. Canaries are tests that you use to try and see if something might be going wrong. It's sort of the analogy is the canary in the coal mine from the old days. And so now there are multi check blueprints which means you can have comprehensive tests with just some simple JSON configuration files so you don't have to sort of figure everything out. You can Bundle up to 10 different monitoring steps in a single canary and get up and running. AWS config now supports three new resource types. Make sure using config it stops things happening that you don't want to have happen and AWS Customer Carbon Footprint tool now includes Scope three emissions data. This is really important because this is relevant to folks who are working in sort of environments or areas that need industry reporting. So we have scope 3 emissions data and scope 1 natural gas and refrigerants which means you have visibility into your cloud carbon footprint and this allows you to have full visibility into the lifecycle carbon impact of your usage, including emissions from manufacturing, the servers that run the workloads, powering the AWS facilities and transporting equipment to data centers. Historical data is available back to January 2022 so you can also see your trend data as well. AWS Systems Manager Patch Manager has launched Security Updates notification for Windows, so this allows you to identify security updates that are available but not approved by your patch Baseline configuration and AWS now supports immediate resource discovery within a region. So this provides immediate access to research search in all accounts through AWS Resource Explorer. So you don't have to activate it to get it, you just get it. If that makes any sense. Let's talk about migration and transfer. AWS Transfer family now supports changing identity provider type on a server so you can change it without service disruption. So this is really useful if you need to make a change and AWS Transfer family SFTP connectors now support VPC based connectivity.

B

Next up is networking and content delivery. AWS Application Load Balancer launches URL and Host Header Rewrite this feature enables customers to modify request URLs and host headers using Regex based pattern matching before routing requests to targets. With URL and Host Header rewrites, You can transform URLs using regex patterns, standardize URL patterns across different applications, modify host headers for internal service routing, remove or add URL path prefixes, and redirect legacy URL structures to new formats. AWS Client VPN is now supporting macOS Tahoe. Amazon Route 53 profiles now supports AWS PrivateLink. Next up we've got Security Identity and Compliance. AWS announces support for customer managed KMS keys and automated reasoning checks in Amazon Bedrock Guardrails. This enhancement enables you to use your own encryption keys to protect policy content and tests, giving you full control over key management. AWS Security Hub Security Posture Management now supports the center for Internet Security AWS foundations benchmark version 5.0.

A

Let's talk storage AWS backup expands information in job APIs and backup audit Manager reports so you can now get more information. You can also verify your backup policies with a single API call, so this gives you more control. And AWS Backup has also enhanced backup plan management with Schedule Preview. You can see when each backup occurs across all backup rules, along with settings like Lifecycle to Cold Storage, Point in Time recovery and indexing. So this lets you identify any conflicts or gaps that you may want to address. And there are new Amazon CloudWatch metrics to monitor EC2 instances exceeding I O performance. So these two new metrics instance EBS IOPS exceeded check and Instance EBS Throughput Exceeded Check monitor if the driven IOPS or throughput is exceeding the maximum EBS IOPS or throughput that your instance can support. This is really useful like am I trying to do what I just am not going to be successful in? Doing this can make fixing things a lot quicker. And Amazon EBS now supports volume clones for instance volume copies. So this new capability allows you to instantly create and access point in time copies of EBS volumes within the same az, accelerating software development workflows and being more agile. So with Amazon EBS Volume clone you can instantly create copies of volumes and access those copied volumes with single digit millisecond latency. So the difference here is it's really fast once you start to use them, which is a really cool improvement. Amazon S3 now generates AWS CloudTrail events for S3 table maintenance operations. So anytime S3 tables automatically performs maintenance. It will tell you and some other cool things to share so we're going to talk about another new thing. This is a little Easter egg. If you stayed with us all the way through. I know we talk about some of the cool stuff at the start. There's another cool thing to talk about as well. And this is a new launch of a capability that I think a lot of folks will use. I know I've been using this myself. This is Amazon QuickSuite. This is an agentic AI powered workspace. So you can think of it as like a whole bunch of teammates that can get you the answers you need around your business data. And you can do things like reporting. You can get insight from your own documents, the public Internet, third party applications, databases, et cetera. Whether you need a single data point or it's a PhD level research project or entire strategy or anything in between, this gets you up and running quickly. You can automate tasks like responding to RFPs or preparing for customer meetings. You can create spaces so that only folks in your team can use the data that you're talking about or accessing. It's really powerful. One of the really nice things when you're doing the reporting, it will show you it's a report plan. You can give it insights into how you might want to change that plan. Then when it produces a report, you can go through and do some edits or comments like you do when someone gives you a report, because it'll take those comments and then redo the report for you as many times as you want. And then you can tell it how to summarize a report. It's got lots of cool stuff, so have a look at Amazon Quick Suite. After careful consideration, we're announcing some availability changes for a select group of AWS services and features. Amazon Cloud Directory Amazon Code Catalyst Amazon Cloud Guru Reviewer Amazon Fraud Detector Amazon Glacier Amazon S3 object Lambda Amazon Workspaces Web Access Client for PCIOP AWS Application discovery Service and AWS Healthomics Variant and annotation store AWS IoT sitewise edge data processing pack AWS IT sitewise monitor AWS Mainframe Modernization Service AWS Migration Hub AWS Snowball Edge Compute Optimized AWS Snowball Edge Storage Optimized AWS Systems Manager Change Manager AWS Systems Manager Incident Manager AWS Thinkbox Deadline 10 Net modernization tool services are all entering sunset and we are announcing the date upon which we will end operations for those services. Go and look in the on the website you'll see information about that customers using these services should click on the links to understand the subset timeline. Typically it's about 12 months so you can start planning your migration to alternatives that are recommended in the updated service web pages and documentation. In terms of Amazon FinSpace, Amazon Lookout for Equipment, Amazon IoT Greengrass v1 and AWS Proton services are all reaching end of support and they are no longer available as of October 7, 2025. So with all of these things you can visit the AWS Product Lifecycle page to learn more. This will give you the list of services that are being re categorized and are not going to be available anymore so that you can understand what the next steps would be, what the alternatives are. All of them do tell you about alternatives. In many cases they're services we also have. These are just different versions of that same capability. In other cases it'll use open source or third party alternatives. So just good to keep across that if you if it's something you're using. In most cases you would have already received an email anyway for your AWS account. Jillian so many updates today. A lot of stuff.

B

Yes, Agent Core is still hands down my pick of this episode. Yeah, I think it's just really cool.

A

I would agree, although I got to say quicksuite is becoming a fast favorite for me. I'm using it a lot to figure stuff out so I'll use all the help I can get.

B

Yeah, it was a good call out that you made about QuickSuite, explaining it to people because there's just so much that you can be able to do with it. I'm still learning a lot with it as well, but I'm excited for customers to use it.

A

Absolutely. Jillian how to folks reach out to you?

B

Jillian Ford on LinkedIn and old style.

A

AWS podcast at Amazon.com and of course until next time, keep on building.