-
Leveling up Amazon RDS with AWS Graviton4: Benchmarksby Angel Duenas on June 27, 2025 at 5:44 pm
In November 2024, AWS introduced the latest evolution of its custom-designed ARM-based processors with Graviton4, delivering significant performance and efficiency improvements for Amazon RDS for PostgreSQL, MySQL, and MariaDB and Amazon Aurora. In this post, we focus on Amazon RDS for PostgreSQL and compare the performance of the new Graviton4 instances to both Graviton3 and Graviton2. Using benchmarks, we evaluate throughput, latency, and price-performance, showcasing the advantages of Graviton4 for modern database workloads.
-
Building secure multicloud access with AWS Client VPN and AWS Site-to-Site VPNby Saransh Burman on June 26, 2025 at 6:22 pm
In today’s rapidly evolving cloud landscape, organizations are increasingly adopting multicloud strategies for several compelling reasons. Following mergers and acquisitions, companies need to integrate and maintain existing cloud solutions from both organizations. Different business units within an organization often have varying technical requirements and expertise, leading them to prefer specific cloud providers. For highly regulated
-
Addressing private IPv4 exhaustion with AWS Cloud WAN service insertionby Mehdi Dahane on June 26, 2025 at 6:14 pm
In this post, we describe how you can use Amazon Web Services (AWS) Cloud WAN with service insertion to centralize your private NAT Gateways and PrivateLink to effectively and efficiently address private IPv4 exhaustion. We demonstrate how you can maximize the usage of available IP space while minimizing cost impact. Private IPv4 space, defined in
-
Use AWS FIS to test the resilience of self-managed Cassandraby Hans Nesbitt on June 25, 2025 at 10:29 pm
Database outages can have devastating effects on your applications and business operations. For teams running self-managed Apache Cassandra clusters, unexpected node failures or memory issues can lead to service degradation, data inconsistency, or even complete system outages. AWS Fault Injection Service (AWS FIS) is a managed service that you can use to perform fault injection experiments on your AWS workloads. In this post, we review how you can use AWS FIS to craft a chaos experiment to test the resilience of your self-managed Cassandra clusters running on Amazon EC2. This can help you understand your application’s ability to reestablish a connection to a healthy node.
-
Amazon FSx for OpenZFS now supports Amazon S3 access without any data movementby Elizabeth Fuentes on June 25, 2025 at 8:52 pm
You can now attach Amazon S3 Access Points to your Amazon FSx for OpenZFS file systems so that you can access your file data as if it were in S3. With this new capability, you can work with your file data using a broad range of applications that work with S3—all without any refactoring or data movement.
-
Building a job search engine with PostgreSQL’s advanced search featuresby Ezat Karimi on June 25, 2025 at 7:12 pm
In today’s employment landscape, job search platforms play a crucial role in connecting employers with potential candidates. Behind these platforms lie complex search engines that must process and analyze vast amounts of structured and unstructured data to deliver relevant results. This post explores how to use PostgreSQL’s search features to build an effective job search engine. We examine each search capability in detail, discuss how they can be combined in PostgreSQL, and offer strategies for optimizing performance as your search engine scales.
-
Optimize Amazon RDS Multi-AZ backups with incremental snapshotsby Katja-Maja Kroedel on June 24, 2025 at 10:49 pm
As your business grows and your databases expand into the terabyte range, optimizing your backup strategy becomes increasingly important for maintaining operational excellence. Modern backup solutions that implement incremental backups where possible, offer an elegant way to protect your valuable data while minimizing maintenance windows and ensuring consistent application performance. In this post, we discuss the aspects of maximizing the use of incremental backups in Amazon RDS, leading to backup times remaining steady even while the database grows.
-
Migrate io1 to io2 Block Express storage for Amazon RDS workloads using blue/green deploymentsby Praney Mahajan on June 24, 2025 at 10:41 pm
Amazon RDS provides two storage types: Provisioned IOPS SSD and General Purpose SSD. They differ in performance characteristics and price, which means that you can tailor your storage performance and cost to the needs of your database workload. In this post, we show how you can migrate from io1 to io2 Block Express Provisioned IOPS SSD storage.
-
New: Improve Apache Iceberg query performance in Amazon S3 with sort and z-order compactionby Sébastien Stormacq on June 24, 2025 at 8:27 pm
Amazon S3 now enables improved Apache Iceberg query performance through two new compaction strategies—sort and z-order—available for both S3 Tables and general purpose S3 buckets, helping organize data more efficiently by clustering similar values together and reducing file scanning during queries.
-
CISPE Data Protection Code of Conduct Public Register now certifies 122 AWS services as adherentby Gokhan Akyuz on June 23, 2025 at 6:55 pm
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that 122 services are now certified as adherent to the Cloud Infrastructure Services Providers in Europe (CISPE) Data Protection Code of Conduct. This alignment with the CISPE requirements demonstrates our ongoing commitment to adhere to the heightened expectations for
-
Securing Service Communications: Combining VPC Lattice with Network Firewallby SaiJeevan Devireddy on June 23, 2025 at 6:47 pm
Introduction: Organizations building modern applications in AWS often need different security controls for various types of service communications. While centralized inspection using AWS Network Firewall has been the traditional approach for securing service-to-service traffic, it presents challenges as applications scale. Managing static firewall rules is operationally complex, especially for Layer 7 traffic, and troubleshooting becomes
-
Use Graph Machine Learning to detect fraud with Amazon Neptune Analytics and GraphStormby Theodore Vasiloudis on June 23, 2025 at 6:44 pm
Every year, businesses and consumers lose billions of dollars to fraud, with consumers reporting $12.5 billion lost to fraud in 2024, a 25% increase year over year. People who commit fraud often work together in organized fraud networks, running many different schemes that companies struggle to detect and stop. In this post, we discuss how to use Amazon Neptune Analytics, a memory-optimized graph database engine for analytics, and GraphStorm, a scalable open source graph machine learning (ML) library, to build a fraud analysis pipeline with AWS services.
-
Introducing security group referencing and enhanced DNS support for AWS Cloud WANby Nicola Arnoldi on June 23, 2025 at 6:33 pm
In this post we cover the recently launched feature of security group referencing and enhanced DNS support on AWS Cloud WAN. This new feature allows you to create inbound security rules referencing security groups defined in other Amazon Virtual Private Clouds (Amazon VPCs) attached to an AWS Cloud WAN within the same AWS Region and
-
Migrate a self-managed MySQL database to Amazon Aurora MySQL using AWS DMS homogeneous data migrationsby Alok Srivastava on June 23, 2025 at 5:28 pm
In this post, we provide a comprehensive, step-by-step guide for migrating an on-premises self-managed encrypted MySQL database to Amazon Aurora MySQL using AWS DMS homogeneous data migrations over a private network. We show a complete end-to-end example of setting up and executing an AWS DMS homogeneous migration, consolidating all necessary configuration steps and best practices.
-
AWS Weekly Roundup: re:Inforce re:Cap, Valkey GLIDE 2.0, Avro and Protobuf or MCP Servers on Lambda, and more (June 23, 2025)by Sébastien Stormacq on June 23, 2025 at 4:16 pm
Last week’s hallmark event was the security-focused AWS re:Inforce conference. Now a tradition, the blog team wrote a re:Cap post to summarize the announcements and link to some of the top blog posts. To further summarize, several new security innovations were announced, including enhanced IAM Access Analyzer capabilities, MFA enforcement for root users, and threat
-
Things to consider when choosing between Oracle TDE and AWS KMS for encryption of data at rest for Amazon RDS for Oracleby Alok Srivastava on June 23, 2025 at 3:58 pm
For encrypting data at rest, Amazon RDS for Oracle offers two choices: AWS KMS and Oracle TDE. Although both AWS KMS and Oracle TDE provide encryption at rest capabilities, there are various factors to consider when choosing between them, such as licensing, edition dependency, encryption granularity, and feature restrictions. In this post, we provide guidance on choosing between the AWS KMS and Oracle TDE options for encrypting data at rest in RDS for Oracle, focusing on these key aspects.
-
Implement a rollback strategy for Amazon Aurora PostgreSQL upgrades using Amazon RDS Blue/Green deploymentsby Chirag Dave on June 20, 2025 at 8:33 pm
Amazon Aurora PostgreSQL-Compatible Edition supports managed blue/green deployments to help reduce downtime and minimize risk during updates. Even with thorough planning and testing in non-production environments, unexpected issues can emerge after a version upgrade. In these cases, having a rollback plan is essential to quickly restore service stability. While the managed Blue/Green deployment feature doesn’t currently include built-in rollback functionality, you can implement alternative solutions for version management. In this post, we show how you can manually set up a rollback cluster using self-managed logical replication to maintain synchronization with the newer version after an Amazon RDS Blue/Green deployment switchover.
-
Streamline Operational Troubleshooting with Amazon Q Developer CLIby Kirankumar Chandrashekar on June 19, 2025 at 10:11 pm
Amazon Q Developer is the most capable generative AI–powered assistant for software development, helping developers perform complex workflows. Amazon Q Developer command-line interface (CLI) combines conversational AI with direct access to AWS services, helping you understand, build, and operate applications more effectively. The Amazon Q Developer CLI executes commands, analyzes outputs, and provides contextual recommendations
-
Announcing the new AWS CDK EKS v2 L2 Constructsby Matteo Luigi Restelli on June 19, 2025 at 9:07 pm
Introduction Today, we’re announcing the release of aws-eks-v2 construct, a new alpha version of AWS Cloud Development Kit (CDK) L2 construct for Amazon Elastic Kubernetes Service (EKS). This construct represents a significant change in how developers can define and manage their EKS environments using infrastructure as code. While maintaining the powerful capabilities of its predecessor
-
Accelerate development with secure access to Amazon Q Developer using PingIdentityby Sid Vantair on June 19, 2025 at 9:03 pm
Overview Customers adopting Amazon Q Developer, a generative AI-powered coding companion, often need authentication through existing identity providers like PingIdentity. By leveraging AWS IAM Identity Center, organizations can enable their developers to access Amazon Q Developer with their existing PingIdentity credentials, streamlining authentication and removing the need for separate login procedures. Amazon Q Developer can