AWS Observability now available as a Kiro power Today, AWS announces AWS Observability as a Kiro power, enabling developers and operators to investigate infrastructure and application health issues faster with AI agent-assisted workflows in Kiro. Kiro Powers is a repository of curated and pre-packaged Model Context Protocol (MCP) servers, steering files, and hooks validated by Kiro partners to accelerate specialized software development and deployment use cases. The AWS Observability power packages four specialized MCP servers with targeted observability guidance: the CloudWatch MCP server for observability data; the Application Signals MCP server for application performance monitoring; the CloudTrail MCP server for security analysis and compliance; and the AWS Documentation MCP server for contextual reference access. This unified platform gives Kiro agents instant context for comprehensive workflows including alarm response, anomaly detection, distributed tracing, SLO compliance monitoring, and security investigation. Additionally, the power includes automated gap analysis that helps you identify and fix missing instrumentation. With the AWS Observability power, developers can now accelerate troubleshooting their distributed applications and infrastructure in minutes, directly in their IDE. The power addresses two critical needs: reducing mean time to resolution (MTTR) for active incidents and proactively improving your observability stack. For faster incident response, when investigating an active alarm, the power dynamically loads relevant guidance and operational signals so AI agents receive only the context needed for the specific troubleshooting task at hand. For stack improvement, the automated gap analysis examines your code to identify missing instrumentation patterns—such as unlogged errors, missing correlation IDs, or absent distributed tracing—and provides actionable recommendations. The power includes eight comprehensive steering guides covering incident response, alerting, performance monitoring, security auditing, and gap analysis. The AWS Observability power is available for one-click installation within Kiro IDE and Kiro powers webpage in all AWS Regions, with each underlying MCP server functional based on regional support of the corresponding AWS service. To learn more about AWS observability MCP servers, visit our documentation.

🆕 AWS Observability is a Kiro power for quicker issue investigation via AI workflows. It has four MCP servers for observability, performance, security, and docs. Easily installable in Kiro IDE, it cuts MTTR and boosts observability.

#AWS #AwsCloudtrail #AmazonCloudwatch

AWS Observability now available as a Kiro power Today, AWS announces AWS Observability as a Kiro power, enabling developers and operators to investigate infrastructure and application health issues faster with AI agent-assisted workflows in Kiro. Kiro Powers is a repository of curated and pre-packaged Model Context Protocol (MCP) servers, steering files, and hooks validated by Kiro partners to accelerate specialized software development and deployment use cases. The AWS Observability power packages four specialized MCP servers with targeted observability guidance: the CloudWatch MCP server for observability data; the Application Signals MCP server for application performance monitoring; the CloudTrail MCP server for security analysis and compliance; and the AWS Documentation MCP server for contextual reference access. This unified platform gives Kiro agents instant context for comprehensive workflows including alarm response, anomaly detection, distributed tracing, SLO compliance monitoring, and security investigation. Additionally, the power includes automated gap analysis that helps you identify and fix missing instrumentation. With the AWS Observability power, developers can now accelerate troubleshooting their distributed applications and infrastructure in minutes, directly in their IDE. The power addresses two critical needs: reducing mean time to resolution (MTTR) for active incidents and proactively improving your observability stack. For faster incident response, when investigating an active alarm, the power dynamically loads relevant guidance and operational signals so AI agents receive only the context needed for the specific troubleshooting task at hand. For stack improvement, the automated gap analysis examines your code to identify missing instrumentation patterns—such as unlogged errors, missing correlation IDs, or absent distributed tracing—and provides actionable recommendations. The power includes eight comprehensive steering guides covering incident response, alerting, performance monitoring, security auditing, and gap analysis. The AWS Observability power is available for https://kiro.dev/launch/powers/aws-observability within https://kiro.dev/powers/#how-do-i-install-powers and https://kiro.dev/powers/ in all AWS Regions, with each underlying MCP server functional based on regional support of the corresponding AWS service. To learn more about AWS observability MCP servers, visit our https://awslabs.github.io/mcp/. 

AWS Observability now available as a Kiro power

Today, AWS announces AWS Observability as a Kiro power, enabling developers and operators to investigate infrastructure and application health issues faster with AI agent-assisted workflows in Kiro. Kiro Pow...

#AWS #AwsCloudtrail #AmazonCloudwatch

AWS launches simplified enablement of AWS CloudTrail events in Amazon CloudWatch Today, AWS launches simplified enablement of AWS CloudTrail events in Amazon CloudWatch, a monitoring and logging service that helps you collect, monitor, and analyze log data from your AWS resources and applications. With this launch, you can now centrally configure collection of CloudTrail events in https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/telemetry-config-cloudwatch.html alongside other popular AWS log sources such as Amazon VPC flow logs and Amazon EKS Control Plane Logs. CloudWatch's ingestion experience provides a consolidated view that simplifies collecting telemetry from different sources for accounts in your AWS Organization thus ensuring comprehensive monitoring and data collection across your AWS environment. This new integration leverages https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-service-linked-channels.html (SLCs) to receive events from CloudTrail without requiring trails, and also provides additional benefits such as safety-checks and termination protection. You incur both https://aws.amazon.com/cloudtrail/pricing/ and https://aws.amazon.com/cloudwatch/pricing/ based on custom logs pricing. To learn more about enablement of CloudTrail events in CloudWatch and supported AWS regions, visit the https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/telemetry-config-cloudwatch.html

AWS launches simplified enablement of AWS CloudTrail events in Amazon CloudWatch

Today, AWS launches simplified enablement of AWS CloudTrail events in Amazon CloudWatch, a monitoring and logging service that helps you collect, monitor, and analyze log dat...

#AWS #AwsCloudtrail #AmazonCloudwatch

AWS launches simplified enablement of AWS CloudTrail events in Amazon CloudWatch Today, AWS launches simplified enablement of AWS CloudTrail events in Amazon CloudWatch, a monitoring and logging service that helps you collect, monitor, and analyze log data from your AWS resources and applications. With this launch, you can now centrally configure collection of CloudTrail events in CloudWatch alongside other popular AWS log sources such as Amazon VPC flow logs and Amazon EKS Control Plane Logs. CloudWatch's ingestion experience provides a consolidated view that simplifies collecting telemetry from different sources for accounts in your AWS Organization thus ensuring comprehensive monitoring and data collection across your AWS environment. This new integration leverages service-linked channels (SLCs) to receive events from CloudTrail without requiring trails, and also provides additional benefits such as safety-checks and termination protection. You incur both CloudTrail event delivery charges and CloudWatch Logs ingestion fees based on custom logs pricing. To learn more about enablement of CloudTrail events in CloudWatch and supported AWS regions, visit the Amazon CloudWatch documentation.

🆕 AWS makes CloudTrail event enablement in CloudWatch easy for unified monitoring. It uses service-linked channels for event delivery without trails, with safety-checks and termination protection. CloudWatch Logs fees apply. See CloudWatch docs for details.

#AWS #AwsCloudtrail #AmazonCloudwatch

AWS CloudTrail launches Insights for data events to automatically detect anomalies in data access Today, AWS extends https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html to data events. CloudTrail Insights help you identify and respond to unusual activity associated with API call rates and API error rates in your AWS accounts. Until today, Insights worked by continuously analyzing only CloudTrail management events. Now, with today’s launch, Insights also analyzes data events, thereby strengthening your ability to quickly investigate and respond to potential security or operational issues. Available on CloudTrail https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-trails, Insights for data events automatically detects anomalies in data access activities, such as unexpected surges in delete Amazon S3 object API calls or increased error rates for AWS Lambda function invocations, enabling you to rapidly uncover potential security and operational issues, all without requiring you to build detection systems or export data to third-party tools. CloudTrail Insights for data events works by establishing normal baselines for data access patterns in your AWS accounts and creates a CloudTrail event when it detects anomalies. When an unusual pattern is detected, CloudTrail provides the relevant data events from the anomaly period - helping you precisely investigate what led to the anomaly. You can configure alerts to be automatically notified when potential issues occur, enabling rapid response to potential threats or issues. CloudTrail Insights for data events is available in all regions where https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html. To get started with CloudTrail Insights, see our https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html. Additional charges apply for Insights for data events. To learn more about pricing for this feature, visit the https://aws.amazon.com/cloudtrail/pricing/ page.

AWS CloudTrail launches Insights for data events to automatically detect anomalies in data access

Today, AWS extends docs.aws.amazon.com/awscloudtrail/latest/use... to data events. CloudTrail Insights help you identif...

#AWS #AwsCloudtrail

AWS CloudTrail launches Insights for data events to automatically detect anomalies in data access Today, AWS extends AWS CloudTrail Insights to data events. CloudTrail Insights help you identify and respond to unusual activity associated with API call rates and API error rates in your AWS accounts. Until today, Insights worked by continuously analyzing only CloudTrail management events. Now, with today’s launch, Insights also analyzes data events, thereby strengthening your ability to quickly investigate and respond to potential security or operational issues. Available on CloudTrail trails, Insights for data events automatically detects anomalies in data access activities, such as unexpected surges in delete Amazon S3 object API calls or increased error rates for AWS Lambda function invocations, enabling you to rapidly uncover potential security and operational issues, all without requiring you to build detection systems or export data to third-party tools. CloudTrail Insights for data events works by establishing normal baselines for data access patterns in your AWS accounts and creates a CloudTrail event when it detects anomalies. When an unusual pattern is detected, CloudTrail provides the relevant data events from the anomaly period - helping you precisely investigate what led to the anomaly. You can configure alerts to be automatically notified when potential issues occur, enabling rapid response to potential threats or issues. CloudTrail Insights for data events is available in all regions where AWS CloudTrail is available. To get started with CloudTrail Insights, see our documentation. Additional charges apply for Insights for data events. To learn more about pricing for this feature, visit the AWS CloudTrail pricing page.

🆕 AWS CloudTrail detects data event anomalies, spotting unusual S3 deletes or Lambda errors, aiding in quick security issue identification without extra setup. Available in all regions, with extra charges.

#AWS #AwsCloudtrail

AWS CloudTrail adds data event aggregation to simplify security monitoring AWS announces CloudTrail aggregated events, a new feature that simplifies how enterprises monitor and analyze their CloudTrail data events at scale. Aggregations are available for CloudTrail data events, which could generate thousands of events per minute as users access resources like Amazon S3 buckets or AWS Lambda functions. With this feature, security, compliance, and operations teams can efficiently monitor high-volume data access patterns without processing massive numbers of individual events. Aggregation for data events streamlines security monitoring by consolidating high-volume AWS API activity into 5-minute summaries. These summaries highlight key trends like access frequency, error rates, and most-used actions, allowing teams to quickly identify patterns while maintaining access to detailed events when needed. Security teams can easily answer questions like "How has this user's activity changed over the past week?" or "What are the top actions being performed on this critical resource?" without having to scan through voluminous CloudTrail data events. You can enable aggregation in your trails capturing data events through the AWS console or CLI, and choose from pre-built aggregation templates for API activity, resource access, and user activity summaries. For more information, see the CloudTrail trail documentation. You are charged for aggregations based on the number of CloudTrail data events that are analyzed to create the aggregation. For more information, visit the https://aws.amazon.com/cloudtrail/pricing/. You can use CloudTrail aggregations for data in all commercial AWS Regions. 

AWS CloudTrail adds data event aggregation to simplify security monitoring

AWS announces CloudTrail aggregated events, a new feature that simplifies how enterprises monitor and analyze their CloudTrail data events at scale. Aggregations are available for CloudTrail data ev...

#AWS #AwsCloudtrail

Tark Labs routine #67: AWS CloudFormation is pretty informative, not very clear, though. Deep dive to the CloudTrail and you will find the problem! 👍 #awsamplify #awscloudtrail #awscloudformation #techforbusiness #tarklabs #airontark

Amazon S3 now generates AWS CloudTrail events for S3 Tables maintenance operations Amazon S3 adds AWS CloudTrail events for table maintenance activities in Amazon S3 Tables. You can now use AWS CloudTrail to track compaction and snapshot expiration operations performed by S3 Tables on your tables. S3 Tables automatically performs maintenance to optimize query performance and lower costs of your tables stored in S3 table buckets. You can monitor and audit S3 Tables maintenance activities such as compaction and snapshot expiration as management events in AWS CloudTrail. To get started with monitoring, create a trail in the AWS CloudTrail console and filter for 'AwsServiceEvents' as the eventType and 'TablesMaintenanceEvent' as the eventName. AWS CloudTrail events for S3 Tables maintenance are now available in all https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-regions-quotas.html#s3-tables-regions. To learn more, visit Amazon S3 Tables https://aws.amazon.com/s3/features/tables/ and https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-tables-logging.html.

Amazon S3 now generates AWS CloudTrail events for S3 Tables maintenance operations

Amazon S3 adds AWS CloudTrail events for table maintenance activities in Amazon S3 Tables. You can now use AWS CloudTrail to track compaction and snapshot expiration operations per...

#AWS #AwsCloudtrail #AmazonS3

Amazon S3 now generates AWS CloudTrail events for S3 Tables maintenance operations Amazon S3 adds AWS CloudTrail events for table maintenance activities in Amazon S3 Tables. You can now use AWS CloudTrail to track compaction and snapshot expiration operations performed by S3 Tables on your tables. S3 Tables automatically performs maintenance to optimize query performance and lower costs of your tables stored in S3 table buckets. You can monitor and audit S3 Tables maintenance activities such as compaction and snapshot expiration as management events in AWS CloudTrail. To get started with monitoring, create a trail in the AWS CloudTrail console and filter for 'AwsServiceEvents' as the eventType and 'TablesMaintenanceEvent' as the eventName. AWS CloudTrail events for S3 Tables maintenance are now available in all AWS Regions where S3 Tables are available. To learn more, visit Amazon S3 Tables product page and documentation.

🆕 Amazon S3 now logs CloudTrail events for S3 Tables maintenance ops like compaction and snapshot expiration. Monitor and audit these activities in AWS CloudTrail. Available in all regions where S3 Tables operate. For more, visit the S3 Tables page.

#AWS #AwsCloudtrail #AmazonS3

AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025) Last week, Strands Agents, AWS open source for agentic AI SDK just hit 1 million downloads and earned 3,000+ GitHub Stars less than 4 months since launching as a preview in May 2025. With Strands Agents, you can build production-ready, multi-agent AI systems in a few lines of code. We’ve continuously improved features including support […]

AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025)

Last week, Strands Agen...

#AWS #AmazonCloudfront #AmazonEc2MacInstances #AwsCloudDevelopmentKit #AwsCloudtrail #AwsLambda #AwsTrainium #News #OpenSource #Startup #WeekInReview

AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025) Last week, Strands Agents, AWS open source for agentic AI SDK just hit 1 million downloads and earned 3,000+ GitHub Stars less than 4 months since launching as a preview in May 2025. With Strands Agents, you can build production-ready, multi-agent AI systems in a few lines of code. We’ve continuously improved features including support […]

AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025)

Last week, Strands Agen...

#AWS #AmazonCloudfront #AmazonEc2MacInstances #AwsCloudDevelopmentKit #AwsCloudtrail #AwsLambda #AwsTrainium #News #OpenSource #Startup #WeekInReview

AWS launches CloudTrail MCP Server for enhanced security analysis AWS adds a new Model Context Protocol (MCP) server for AWS CloudTrail in the https://github.com/awslabs/mcp/tree/main/src/cloudtrail-mcp-server. This server enables AI agents to leverage comprehensive security and compliance capabilities through simple conversational interfaces. The CloudTrail MCP server allows AI assistants to analyze API calls, track user activities, and perform advanced security analysis across your AWS environment through natural language interactions. The MCP server streamlines security investigation and compliance workflows by offering direct access to CloudTrail events and CloudTrail Lake analytics. AI agents can efficiently search 90-day management event histories and run Trino SQL queries on CloudTrail Lake data spanning up to 10 years. This natural language interface eliminates the need for custom API integrations, allowing AI agents to conduct security analyses and compliance checks seamlessly. Available in all AWS regions where CloudTrail LookupEvents API or CloudTrail Lake is supported. Refer to https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html to learn more about supported regions. Download CloudTrail MCP server from AWS Labs MCP open-source repository. To get started, visit: https://github.com/awslabs/mcp/tree/main/src/cloudtrail-mcp-server https://awslabs.github.io/mcp/servers/cloudtrail-mcp-server

AWS launches CloudTrail MCP Server for enhanced security analysis

AWS adds a new Model Context Protocol (MCP) server for AWS CloudTrail in the github.com/awslabs/mcp/tree/main/sr... This server enables AI agents to leverage comprehensive secur...

#AWS #AwsCloudtrail

AWS launches CloudTrail MCP Server for enhanced security analysis AWS adds a new Model Context Protocol (MCP) server for AWS CloudTrail in the AWS Labs MCP open-source repository. This server enables AI agents to leverage comprehensive security and compliance capabilities through simple conversational interfaces. The CloudTrail MCP server allows AI assistants to analyze API calls, track user activities, and perform advanced security analysis across your AWS environment through natural language interactions. The MCP server streamlines security investigation and compliance workflows by offering direct access to CloudTrail events and CloudTrail Lake analytics. AI agents can efficiently search 90-day management event histories and run Trino SQL queries on CloudTrail Lake data spanning up to 10 years. This natural language interface eliminates the need for custom API integrations, allowing AI agents to conduct security analyses and compliance checks seamlessly. Available in all AWS regions where CloudTrail LookupEvents API or CloudTrail Lake is supported. Refer to documentation to learn more about supported regions. Download CloudTrail MCP server from AWS Labs MCP open-source repository. To get started, visit: AWS Labs MCP repository on GitHub CloudTrail MCP server documentation

🆕 AWS introduces CloudTrail MCP Server for improved security, using AI to analyze API calls and user activities in natural language, simplifying investigations and compliance checks in AWS environments. Available in regions with CloudTrail LookupEvents API or CloudTrail Lake.

#AWS #AwsCloudtrail

AWS Backup adds new Multi-party approval for logically air-gapped vaults Multi-party approval for AWS Backup logically air-gapped vaults enables organizations to recover their backup data even when their AWS account is compromised, by creating approval teams of trusted individuals who can authorize vault sharing with a recovery account through a separate authentication path.

AWS Backup adds new Multi-party approval for logically air-gapped vaults

Multi-party approval for AWS Backup logically air-gapped vaults enab...

#AWS #Announcements #AwsBackup #AwsCloudtrail #AwsIamIdentityCenter #AwsOrganizations #Featured #Launch #News #Security #Identity #&Compliance #Storage

AWS CloudTrail enhances logging for Amazon S3 DeleteObjects API Today, AWS announces an enhancement to Amazon S3 DeleteObjects API logging in AWS CloudTrail, bringing additional visibility into the bulk delete operations to help you better protect and monitor the usage of your Amazon S3 buckets. Amazon S3's DeleteObjects API enables bulk object deletion in a single operation and serves as the default method for console-based deletions. Earlier, when you deleted multiple S3 objects using the DeleteObjects API call, CloudTrail logged the DeleteObjects API call as a single event, giving you the visibility on who initiated the call and on which bucket. However, this event does not contain information on what objects were included or successfully deleted. With this update, CloudTrail will provide granular visibility by logging: The overall DeleteObjects API call event (as before) Individual DeleteObject events for each object included in the bulk delete request (new) This enhancement provides visibility into the individual S3 objects that were deleted as part of bulk delete request. These detailed records strengthen your security posture and support your compliance requirements with more complete information about deletion activities in your S3 buckets. You can also use advanced events selectors to log only the most relevant data events for your use case. To learn how to use advanced event selectors to exclude these additional DeleteObject data events, review https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-deleteobjects.

AWS CloudTrail enhances logging for Amazon S3 DeleteObjects API

Today, AWS announces an enhancement to Amazon S3 DeleteObjects API logging in AWS CloudTrail, bringing additional visibility into the bulk delete operations to help you better protect and monitor the usage of ...

#AWS #AwsCloudtrail

AWS CloudTrail enhances logging for Amazon S3 DeleteObjects API Today, AWS announces an enhancement to Amazon S3 DeleteObjects API logging in AWS CloudTrail, bringing additional visibility into the bulk delete operations to help you better protect and monitor the usage of your Amazon S3 buckets. Amazon S3's DeleteObjects API enables bulk object deletion in a single operation and serves as the default method for console-based deletions. Earlier, when you deleted multiple S3 objects using the DeleteObjects API call, CloudTrail logged the DeleteObjects API call as a single event, giving you the visibility on who initiated the call and on which bucket. However, this event does not contain information on what objects were included or successfully deleted. With this update, CloudTrail will provide granular visibility by logging: The overall DeleteObjects API call event (as before) Individual DeleteObject events for each object included in the bulk delete request (new) This enhancement provides visibility into the individual S3 objects that were deleted as part of bulk delete request. These detailed records strengthen your security posture and support your compliance requirements with more complete information about deletion activities in your S3 buckets. You can also use advanced events selectors to log only the most relevant data events for your use case. To learn how to use advanced event selectors to exclude these additional DeleteObject data events, review our documentation.

🆕 AWS CloudTrail now logs individual DeleteObject events for each object in Amazon S3's DeleteObjects API, enhancing visibility into bulk delete operations for better security and compliance.

#AWS #AwsCloudtrail

CloudTrail Lake now supports event enrichment and expanded event size Today, AWS announces two enhancements to CloudTrail Lake: Event enrichment, which makes it easier to categorize, search, and analyze your AWS activity; and expanded event size, which improves visibility into API actions for more comprehensive security analysis. CloudTrail Lake is a managed data lake that enables you to aggregate, immutably store, and analyze your activity logs at scale. With event enrichment, you can enrich your CloudTrail management and data events with additional information relevant to your business context. You can append resource tags and select AWS global condition keys to your events, making it easy to categorize, search, and analyze your AWS activity. Using resource tags in your events, you can easily create application-specific activity reports, or view AWS API activity based on the properties of the IAM principal. For example, you can see all delete actions taken by principals with a specific Principal Tag. Event enrichment integrates with https://aws.amazon.com/blogs/mt/unlock-deeper-insights-and-faster-investigations-with-aws-cloudtrail-lake/, including AI-powered natural language query and summarization (Preview). With expanded event size, you can now expand events size to up to 1 MB, a significant increase from the 256 KB limit. This reduces the need for CloudTrail to truncate events, giving you higher visibility into API actions for a more comprehensive security analysis. To get started, enable event enrichment and expanded event size through the AWS Management Console or AWS APIs on your CloudTrail Lake event data stores. These features are available in AWS commercial regionshttps://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-supported-regions.html To learn more, see CloudTrail https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake.html.https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake.html  

CloudTrail Lake now supports event enrichment and expanded event size

Today, AWS announces two enhancements to CloudTrail Lake: Event enrichment, which makes it easier to categorize, search, and analyze your AWS activity; and expanded event size, which improves visibility ...

#AWS #AwsCloudtrail

CloudTrail Lake now supports event enrichment and expanded event size Today, AWS announces two enhancements to CloudTrail Lake: Event enrichment, which makes it easier to categorize, search, and analyze your AWS activity; and expanded event size, which improves visibility into API actions for more comprehensive security analysis. CloudTrail Lake is a managed data lake that enables you to aggregate, immutably store, and analyze your activity logs at scale. With event enrichment, you can enrich your CloudTrail management and data events with additional information relevant to your business context. You can append resource tags and select AWS global condition keys to your events, making it easy to categorize, search, and analyze your AWS activity. Using resource tags in your events, you can easily create application-specific activity reports, or view AWS API activity based on the properties of the IAM principal. For example, you can see all delete actions taken by principals with a specific Principal Tag. Event enrichment integrates with CloudTrail Lake's analytical capabilities, including AI-powered natural language query and summarization (Preview). With expanded event size, you can now expand events size to up to 1 MB, a significant increase from the 256 KB limit. This reduces the need for CloudTrail to truncate events, giving you higher visibility into API actions for a more comprehensive security analysis. To get started, enable event enrichment and expanded event size through the AWS Management Console or AWS APIs on your CloudTrail Lake event data stores. These features are available in AWS commercial regions where CloudTrail Lake is available. To learn more, see CloudTrail documentation.

🆕 AWS CloudTrail Lake now supports event enrichment and expanded event size, making it easier to categorize and analyze activity logs, and offering up to 1 MB event size for better security analysis. Available in commercial regions.

#AWS #AwsCloudtrail

AWS Weekly Roundup: Strands Agents, AWS Transform, Amazon Bedrock Guardrails, AWS CodeBuild, and more (May 19, 2025) Many events are taking place in this period! Last week I was at the AI Week in Italy. This week I’ll be in Zurich for the AWS Community Day – Switzerland. On May 22, you can join us remotely for AWS Cloud Infrastructure Day to learn about cutting-edge advances across compute, AI/ML, storage, networking, serverless […]

AWS Weekly Roundup: Strands Agents, AWS Transform, Amazon Bedrock Guardrails, AWS CodeBuild, and more (May 19, 2025)

Many events are taking p...

#AWS #AmazonBedrock #AmazonBedrockGuardrails #AmazonVpc #Announcements #AwsAppsync #AwsCloudtrail #AwsTransform #GenerativeAi #OpenSource #WeekInReview

AWS CloudTrail network activity events for VPC endpoints are now generally available With the launch of AWS CloudTrail network activity for VPC endpoints, you now have additional visibility into AWS API activity that traverses your VPC endpoints, enabling you to strengthen your data perimeter and implement better detective controls. You can enable network activity events for VPC endpoints for five AWS Services: Amazon S3, Amazon EC2, AWS Key Management Service (AWS KMS), AWS Secrets Manager, and AWS CloudTrail. With network activity events for VPC endpoints, you can view details of who is accessing resources within your network giving you greater ability to identify and respond to malicious or unauthorized actions in your data perimeter. For example, as the VPC endpoint owner, you can view logs of actions that were denied due to VPC endpoint policies or determine if an actor outside of your data perimeter is trying to access the data in your S3 buckets. You can enable logging for network activity events logging for your VPC endpoints using the AWS CloudTrail console, AWS CLI, and SDKs. When creating a new trail or event data store or editing an existing one, you can select network activity events for supported services that you wish to monitor; you can configure to log all API calls, or log only the accessDenied calls, and you can use advanced event selectors for additional filtering controls. Network activity events for VPC endpoints are available in all commercial AWS Regions. Refer to https://aws.amazon.com/cloudtrail/pricing/ to learn more about network activity events pricing and the https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html to get started.

AWS CloudTrail network activity events for VPC endpoints are now generally available

With the launch of AWS CloudTrail network activity for VPC endpoints, you now have additional visibility into AWS API activity that traverses your VPC endpoints, enabling you to strengthen...

#AWS #AwsCloudtrail

AWS CloudTrail network activity events for VPC endpoints are now generally available With the launch of AWS CloudTrail network activity for VPC endpoints, you now have additional visibility into AWS API activity that traverses your VPC endpoints, enabling you to strengthen your data perimeter and implement better detective controls. You can enable network activity events for VPC endpoints for five AWS Services: Amazon S3, Amazon EC2, AWS Key Management Service (AWS KMS), AWS Secrets Manager, and AWS CloudTrail. With network activity events for VPC endpoints, you can view details of who is accessing resources within your network giving you greater ability to identify and respond to malicious or unauthorized actions in your data perimeter. For example, as the VPC endpoint owner, you can view logs of actions that were denied due to VPC endpoint policies or determine if an actor outside of your data perimeter is trying to access the data in your S3 buckets. You can enable logging for network activity events logging for your VPC endpoints using the AWS CloudTrail console, AWS CLI, and SDKs. When creating a new trail or event data store or editing an existing one, you can select network activity events for supported services that you wish to monitor; you can configure to log all API calls, or log only the accessDenied calls, and you can use advanced event selectors for additional filtering controls. Network activity events for VPC endpoints are available in all commercial AWS Regions. Refer to CloudTrail pricing to learn more about network activity events pricing and the documentation to get started.

🆕 AWS CloudTrail network activity events for VPC endpoints are now generally available

#AWS #AwsCloudtrail

AWS CloudTrail network activity events for VPC endpoints now generally available AWS CloudTrail now offers network activity events for VPC endpoint logging, enabling comprehensive monitoring and recording of AWS API activity through VPC endpoints to enhance security visibility, detect unauthorized access, and prevent data exfiltration without requiring custom TLS traffic inspection solutions.

AWS CloudTrail network activity events for VPC endpoints now generally available

AWS CloudTrail now offers network activity events for VPC endpoint logging, enabling comprehensive monitoring and recording o...

#AWS #AmazonVpc #Announcements #AwsCloudtrail #Featured #Launch #ManagementTools #News

AWS CloudTrail now supports Internet Protocol Version 6 (IPv6) AWS CloudTrail introduces dual stack support for the CloudTrail API endpoints, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual stack support is also available when you privately access the CloudTrail API endpoint from your Amazon Virtual Private Cloud (VPC) using AWS https://docs.aws.amazon.com/vpc/latest/privatelink/what-is-privatelink.html. The urgency to transition to Internet Protocol version 6 (IPv6) is driven by the continued growth of internet, which is exhausting available Internet Protocol version 4 (IPv4) addresses. With simultaneous support for both IPv4 and IPv6 clients on CloudTrail endpoints, you are able to gradually transition from IPv4 to IPv6 based systems and applications, without needing to switch all over at once. This enables you to meet IPv6 compliance requirements and removes the need for expensive networking equipment to handle the address translation between IPv4 and IPv6 To learn more on best practices for configuring IPv6 in your environment, visit the whitepaper on https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/internet-protocol-version-6.html in AWS. Support for IPv6 on AWS CloudTrail is available in all commercial regions and the AWS GovCloud (US) Regions.

AWS CloudTrail now supports Internet Protocol Version 6 (IPv6)

AWS CloudTrail introduces dual stack support for the CloudTrail API endpoints, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual s...

#AWS #AwsCloudtrail

AWS CloudTrail now supports Internet Protocol Version 6 (IPv6) AWS CloudTrail introduces dual stack support for the CloudTrail API endpoints, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual stack support is also available when you privately access the CloudTrail API endpoint from your Amazon Virtual Private Cloud (VPC) using AWS https://docs.aws.amazon.com/vpc/latest/privatelink/what-is-privatelink.html. The urgency to transition to Internet Protocol version 6 (IPv6) is driven by the continued growth of internet, which is exhausting available Internet Protocol version 4 (IPv4) addresses. With simultaneous support for both IPv4 and IPv6 clients on CloudTrail endpoints, you are able to gradually transition from IPv4 to IPv6 based systems and applications, without needing to switch all over at once. This enables you to meet IPv6 compliance requirements and removes the need for expensive networking equipment to handle the address translation between IPv4 and IPv6 To learn more on best practices for configuring IPv6 in your environment, visit the whitepaper on https://docs.aws.amazon.com/whitepapers/latest/ipv6-on-aws/internet-protocol-version-6.html in AWS. Support for IPv6 on AWS CloudTrail is available in all commercial regions and the AWS GovCloud (US) Regions.

AWS CloudTrail now supports Internet Protocol Version 6 (IPv6)

AWS CloudTrail introduces dual stack support for the CloudTrail API endpoints, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual s...

#AWS #AwsCloudtrail

AWS CloudTrail now supports Internet Protocol Version 6 (IPv6) AWS CloudTrail introduces dual stack support for the CloudTrail API endpoints, enabling you to connect using Internet Protocol Version 6 (IPv6), Internet Protocol Version 4 (IPv4), or dual stack clients. Dual stack support is also available when you privately access the CloudTrail API endpoint from your Amazon Virtual Private Cloud (VPC) using AWS PrivateLink. The urgency to transition to Internet Protocol version 6 (IPv6) is driven by the continued growth of internet, which is exhausting available Internet Protocol version 4 (IPv4) addresses. With simultaneous support for both IPv4 and IPv6 clients on CloudTrail endpoints, you are able to gradually transition from IPv4 to IPv6 based systems and applications, without needing to switch all over at once. This enables you to meet IPv6 compliance requirements and removes the need for expensive networking equipment to handle the address translation between IPv4 and IPv6 To learn more on best practices for configuring IPv6 in your environment, visit the whitepaper on IPv6 in AWS. Support for IPv6 on AWS CloudTrail is available in all commercial regions and the AWS GovCloud (US) Regions.

🆕 AWS CloudTrail now supports Internet Protocol Version 6 (IPv6)

#AWS #AwsCloudtrail

AWS CloudTrail Lake launches enhanced analytics and cross-account data access AWS announces two significant enhancements to CloudTrail Lake, a managed data lake that enables you to aggregate, immutably store, and analyze your activity logs at scale: Comprehensive dashboard capabilities: A new "Highlights" dashboard provides an at-a-glance overview of your AWS activity logs including AI-powered insights (AI-powered insights is in preview). Additionally, we have added 14 new pre-built dashboards catering to various use cases such as security and operational monitoring. These dashboards provide a starting point to analyze trends, detect anomalies, and conduct efficient investigations across your AWS environments. For example, the security dashboard displays top access denied events, failed console login attempts, and more. You can also create custom dashboards with scheduled refreshes, tailoring your monitoring to specific needs. Cross-account sharing of event data stores: This feature allows you to securely share your event data stores with select IAM identities using Resource-Based Policies (RBP). These identities can then query the shared event data store within the same AWS Region where the event data store was created, facilitating more comprehensive analysis across your organization while maintaining security. These features are available in all AWS Regions where AWS CloudTrail Lake is supported, except AI-powered insights on the “Highlights" dashboard, which is in preview in N. Virginia, Oregon, and Tokyo Regions. While these enhancements are available at no additional cost, standard https://aws.amazon.com/cloudtrail/pricing/ apply when running queries to generate results or create visualizations for the CloudTrail Lake dashboards. To learn more, visit the https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-dashboard.html or read our https://aws.amazon.com/blogs/aws/introducing-new-capabilities-to-aws-cloudtrail-lake-to-enhance-your-cloud-visibility-and-investigations.

AWS CloudTrail Lake launches enhanced analytics and cross-account data access

AWS announces two significant enhancements to CloudTrail Lake, a managed data lake that enables you to aggregate, immutably store, and analyze your activity logs at scale:


Co...

#AWS #AwsGovcloudUs #AwsCloudtrail

AWS CloudTrail Lake launches enhanced analytics and cross-account data access AWS announces two significant enhancements to CloudTrail Lake, a managed data lake that enables you to aggregate, immutably store, and analyze your activity logs at scale: Comprehensive dashboard capabilities: A new "Highlights" dashboard provides an at-a-glance overview of your AWS activity logs including AI-powered insights (AI-powered insights is in preview). Additionally, we have added 14 new pre-built dashboards catering to various use cases such as security and operational monitoring. These dashboards provide a starting point to analyze trends, detect anomalies, and conduct efficient investigations across your AWS environments. For example, the security dashboard displays top access denied events, failed console login attempts, and more. You can also create custom dashboards with scheduled refreshes, tailoring your monitoring to specific needs. Cross-account sharing of event data stores: This feature allows you to securely share your event data stores with select IAM identities using Resource-Based Policies (RBP). These identities can then query the shared event data store within the same AWS Region where the event data store was created, facilitating more comprehensive analysis across your organization while maintaining security. These features are available in all AWS Regions where AWS CloudTrail Lake is supported, except AI-powered insights on the “Highlights" dashboard, which is in preview in N. Virginia, Oregon, and Tokyo Regions. While these enhancements are available at no additional cost, standard CloudTrail Lake query charges apply when running queries to generate results or create visualizations for the CloudTrail Lake dashboards. To learn more, visit the AWS CloudTrail documentation or read our News Blog.

🆕 AWS CloudTrail Lake launches enhanced analytics and cross-account data access

#AWS #AwsGovcloudUs #AwsCloudtrail

Introducing new capabilities to AWS CloudTrail Lake to enhance your cloud visibility and investigations CloudTrail Lake updates simplify auditing with AI-powered queries, summarization, and enhanced dashboards for deeper AWS activity insights.

Introducing new capabilities to AWS CloudTrail Lake to enhance your cloud visibility and investigations

CloudTrail Lake updates simplify auditing with AI-powered queries, summarization, and enhanced dashboards for deeper AWS activity insights.

#AWS #Announcements #AwsCloudtrail #Launch #News

AWS CloudTrail Lake enhances log analysis with AI-powered features AWS announces two AI-powered enhancements to AWS CloudTrail Lake, a managed data lake that helps you capture, immutably store, access, and analyze your activity logs, as well as AWS Config configuration items. These new capabilities simplify log analysis, enabling deeper insights and quicker investigations across your AWS environments: AI-powered natural language query generation in CloudTrail Lake is now generally available in seven AWS Regions: Mumbai, N. Virginia, London, Tokyo, Oregon, Sydney, and Canada (Central). This feature allows you to ask questions about your AWS activity in plain English, without writing complex SQL queries. For example, you can ask, "Which API events failed in the last week due to missing permissions?" CloudTrail Lake then generates the corresponding SQL query, streamlining your analysis of AWS activity logs (management and data events). AI-powered query result summarization is now available in preview in the N. Virginia, Oregon, and Tokyo Regions. This feature provides natural language summaries of your query results, regardless of whether the query was generated through the natural language query generation feature or manually written in SQL. This capability significantly reduces the time and effort required to extract meaningful insights from your AWS activity logs (management, data, and network activity events). For example, after running a query to find users with the most access denied requests, you can click "Summarize" to get a concise overview of the key findings. Please note that running queries will incur CloudTrail Lake query charges. Refer to CloudTrail pricing for details. To learn more, visit the AWS CloudTrail documentation.

🆕 AWS CloudTrail Lake enhances log analysis with AI-powered features

#AWS #AwsCloudtrail