AWS Morning Brief for the week of May 11th , with Corey Quinn. 

Links:

• Announcing Agent Toolkit for AWS — help AI coding agents build effectively on AWS
• Amazon CloudFront Announces WebSocket Support for VPC Origins
• Amazon EventBridge supports data plane logging to AWS CloudTrail
• AWS IAM now provides higher maximum quotas for roles, role trust policies, instance profiles, managed policies, and identity providers
• AWS Marketplace now supports programmatic procurement with Agreements API
• The AWS MCP Server is now generally available
• Announcing Valkey 9.0 for Amazon ElastiCache
• Query billion-scale vectors with SQL: Integrating Amazon S3 Vectors and Aurora PostgreSQL
• You Wanted to Become AI-Native, and All You Got Was a Lousy Foundation
• CVE-2026-7461 - OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials
• CVE-2026-7791 - Local Privilege Escalation via TOCTOU Race Condition in Amazon WorkSpaces Skylight Agent
• CVE-2026-31431

AWS Morning Brief for the week of May 4th, with Corey Quinn. 

Links:

• AWS Management Console now supports settings to control service and Region visibility - AWS
• Amazon CloudWatch adds visual agent configuration to the EC2 console
• AWS Announces Amazon Connect Decisions
• Amazon Connect Talent for AI-powered hiring (now available in Preview)
• Introducing Amazon EC2 R8in and R8ib instances
• Amazon OpenSearch Service now supports index-level encryption
• Amazon Redshift Serverless AI-driven scaling is now the default for new workgroups
• AWS Cost Optimization Hub now supports CSV download
• AWS KMS now tracks last usage of all KMS keys
• AWS Lambda adds support for Ruby 4.0
• AWS Marketplace Management Portal now supports bank account deletion
• Amazon Bedrock now offers OpenAI models, Codex, and Managed Agents (Limited Preview)
• Amazon CloudFront now supports invalidation by cache tag
• Introducing Amazon EC2 C8ine and M8ine instances
• Identifying security risks using AWS Cost and Usage Report data
• Amazon Q Developer end-of-support announcement
• Issue with AWS Ops Wheel (CVE-2026-6911 and CVE-2026-6912
• Issues in tough library and tuftool CLI utility
• CVE-2026-7191- Arbitrary Code Execution via Sandbox Bypass in QnABot on AWS
• Issue with FreeRTOS-Plus-TCP - MAC Address Validation Bypass and ICMP Echo Reply Integer Underflow
• CVE-2026-7424 - Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP
• Issue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues

AWS Morning Brief for the week of April 27th, with Corey Quinn. 

Links:

• Amazon CloudWatch pipelines now supports configuration of processors via AI
• Introducing the Amazon EKS Hybrid Nodes gateway for hybrid Kubernetes networking
• Amazon EKS enhances cluster governance with new IAM condition keys
• Attributed Revenue Dashboard Now Available in AWS Partner Central
• AWS Lambda functions can now mount Amazon S3 buckets as file systems with S3 Files
• Amazon CloudWatch Logs Insights introduces JOIN and sub-query commands
• AWS Lambda Durable Execution SDK for Java GA
• Amazon S3 Express One Zone now supports S3 Inventory
• Amazon S3 now supports five additional checksum algorithms
• AWS Secrets Manager extends managed external secrets to MongoDB Atlas and Confluent Cloud
• Track Amazon Bedrock Costs by Caller Identity with IAM Principal-Based Cost Allocation
• Transforming FinOps with the Latest Amazon Q Cost Capabilities
• Aurora Serverless: Faster performance, enhanced scaling, and still scales down to zero
• From developer desks to the whole organization: Running Claude Cowork in Amazon Bedrock
• Get to your first working agent in minutes: Announcing new features in Amazon Bedrock AgentCore
• Automated network incident response with AWS DevOps Agent
• Accelerate development workflows with Amazon EBS Volume Clones
• Troubleshooting Amazon S3 access denied errors using Kiro CLI
• CVE-2026-6437 - Mount Option Injection in Amazon EFS CSI Driver
• CVE-2026-6550 - Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python

AWS Morning Brief for the week of April 20th, with Corey Quinn. 

Links:

• Amazon CloudWatch now supports cross-region telemetry auditing and enablement rules
• Introducing Amazon EC2 C8in and C8ib instances
• Amazon Quick now supports multi-account sign-in within the same browser
• Amazon WorkSpaces Personal and Amazon WorkSpaces Core are now available in two additional AWS Regions
• AWS announces general availability of AWS Interconnect - multicloud
• Automate AWS Cost Reporting with Scheduled Dashboard Email Delivery
• Introducing Anthropic’s Claude Opus 4.7 model in Amazon Bedrock
• Introducing Amazon Bio Discovery
• CVE-2026-5429 - Kiro IDE Webview Cross-Site Scripting via Workspace Color Theme
• Issues with Amazon Athena ODBC Driver
• Issues with AWS Research and Engineering Studio (RES)
• CVE-2026-5747 - Out-of-bounds Write in Firecracker virtio-pci Transport

AWS Morning Brief for the week of April, 13th with Corey Quinn. 

Links:

• AWS Certificate Manager now supports native certificate search
• Amazon S3 Lifecycle pauses actions on objects that are unable to replicate
• Amazon Bedrock now offers Claude Mythos Preview (Gated Research Preview)
• Amazon OpenSearch Serverless now supports Zstandard (zstd) codec for index compression
• AWS Secrets Manager console now supports custom input for AWS KMS keys
• Amazon Bedrock now supports cost allocation by IAM user and role
• Amazon S3 starts rolling out new security best practice to new and existing buckets by default
• Introducing AI-Powered Cost Analysis in AWS Cost Explorer
• Launching S3 Files, making S3 buckets accessible as file systems
• The future of managing agents at scale: AWS Agent Registry now in preview
• Understanding Amazon Bedrock model lifecycle
• Introducing OpenTelemetry & PromQL support in Amazon CloudWatch

AWS Morning Brief for the week of April 6th, with Corey Quinn.

Links: 

• Announcing Amazon RDS for Oracle on AWS Outposts
• AWS Direct Connect now supports AWS CloudFormation
• AWS Service Availability Updates
• Amazon S3 Vectors expands to 17 additional AWS Regions
• Amazon CloudFront now supports SHA-256 for signed URLs and signed cookies
• Amazon CloudWatch now supports OpenTelemetry metrics in public preview
• Announcing compute-optimized instance bundles for Amazon Lightsail
• Announcing managed daemon support for Amazon ECS Managed Instances
• Leverage Agentic AI for Autonomous Incident Response with AWS DevOps Agent
• Navigating the NGINX Ingress retirement: A practical guide to migration on AWS
• Optimizing data transfer costs when using AWS Network Load Balancer
• AWS Security Agent on-demand penetration testing now generally available
  
  

AWS Morning Brief for the week of March 30th, with Corey Quinn.

Links:

• Amazon Aurora PostgreSQL now available with the AWS Free Tier
• Amazon EKS announces 99.99% Service Level Agreement and new 8XL scaling tier for Provisioned Control Plane clusters
• AWS Lambda increases the file descriptor limit to 4,096 for functions running on Lambda Managed Instances
• The AWS Advanced JDBC Wrapper now supports automatic query caching with Valkey
• Announcing Amazon Aurora PostgreSQL serverless database creation in seconds
• Enhancing auto scaling resilience by tracking worker utilization metrics
• Amazon CloudFront flat-rate pricing plans: new features and expanded capabilities
• IAM policy types: How and when to use them
• Preparing for agentic AI: A financial services approach

AWS Morning Brief for the week of March 23rd, with Corey Quinn.

Links:

• Amazon Corretto 26 is now generally available
• Amazon SimpleDB now supports exporting domain data to Amazon S3
• AWS CDK Mixins is now generally available
• AWS Lambda Managed Instances now supports Rust
• Amazon CloudWatch Logs now supports log ingestion using HTTP-based protocol
• AWS Lambda now supports Availability Zone metadata
• Expanding the BOX Program to Business Consulting and Advisory Partners
• Twenty years of Amazon S3 and building what’s next
• Synchronizing a Backup on-premises Db2 Server with Amazon RDS for Db2
• AWS and NVIDIA deepen strategic collaboration to accelerate AI from pilot to production
• Migrate from Amazon Nova 1 to Amazon Nova 2 on Amazon Bedrock
• Essential security controls to prevent unauthorized account removal in AWS Organizations
• Demystifying Amazon VPC peering charges
• AWS and Others Invest $12.5M to Defend the Open Source Ecosystem from AI Threats
• Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls
• 20 years of Amazon S3: A storage professional’s journey to AWS Hero
• CVE-2026-4270 - AWS API MCP File Access Restriction Bypass
• CVE-2026-4269 - Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit
• Arbitrary code execution via crafted project files in Kiro IDE
• CVE-2026-4428: Issues with AWS-LC - CRL Distribution Point Scope Check Logic Error

AWS Morning Brief for the week of March 16th, with Corey Quinn.

Links:

• Amazon CloudWatch Logs announces increased query concurrency and API limits
• Introducing Amazon Connect Health, Agentic AI Built for Healthcare
• Amazon Route 53 Global Resolver is now generally available
• AWS simplifies IAM role creation and setup in service workflows
• Database Savings Plans now supports Amazon OpenSearch Service and Amazon Neptune Analytics
• AWS Elastic Beanstalk now offers AI-powered environment analysis
• AWS Elastic Beanstalk launches Deployments tab with in-progress deployment logs
• Multi-party approval now supports approval team baselining
• AWS announces pricing for VPC Encryption Controls
• The Hidden Price Tag: Uncovering Hidden Costs in Cloud Architectures with the AWS Well-Architected Framework

AWS Morning Brief for the week of March 2nd, with Corey Quinn.

Links:

• Amazon Aurora DSQL launches Playground for interactive database exploration
•  Amazon Redshift Serverless introduces 3-year Serverless Reservations
• Amazon S3 now provides AWS source region information in server access logs
•  AWS Compute Optimizer now applies AWS-generated tags to EBS snapshots created during automation
• AWS Lambda Durable Execution SDK for Java now available in Developer Preview
• AWS Trusted Advisor now delivers more accurate unused NAT Gateway checks powered by AWS Compute Optimizer
• 6,000 AWS accounts, three people, one platform: Lessons learned
• Petabyte-Scale Cost Optimization: How a Video Hosting Platform Saved 70% on S3
• Transform live video for mobile audiences with AWS Elemental Inference
•  Migrate Amazon EC2 to ECS Express Mode using Kiro CLI and MCP servers
•  AI-augmented threat actor accesses FortiGate devices at scale
• AWS posts “correct the record” piece on AI bot outage

AWS Morning Brief for the week of February 23rd, with Corey Quinn.

Links:

• Amazon Bedrock expands support for AWS PrivateLink
• AWS CloudWatch Alarm Mute Rules eliminate alert fatigue
• Amazon EC2 supports nested virtualization on virtual Amazon EC2 instances
• Announcing Amazon DocumentDB long-term support (LTS) on 5.0
• AWS Certificate Manager updates default certificate validity to comply with new guidelines
• Claude Sonnet 4.6 now available in Amazon Bedrock
• Kiro is now available in AWS GovCloud (US) Regions
• Amazon EC2 Hpc8a Instances powered by 5th Gen AMD EPYC processors are now available
• Introducing VPC encryption controls: Enforce encryption in transit within and across VPCs in a Region
• Migrating from AWS App Runner to Amazon ECS Express Mode
• Introducing Agent Plugins for AWS
• Build unified intelligence with Amazon Bedrock AgentCore
• Reduce unexpected AWS costs: Tracing AWS billing charges with log correlation techniques