AWS Weekly Brief By Laroy Shtotland

← Home

Week 13 · 2 min read

March 23 – March 30, 2026

  • Route 53
  • CloudWatch Logs
  • OpenSearch
  • Lambda
  • Serverless
  • Step Functions

Amazon Route 53 Profiles now supports granular IAM permissions for resource and VPC associations. Security teams can now apply fine-grained controls over who can attach resources and VPCs to profiles, which improves separation of duties and enables tighter policy enforcement. In multi-account environments, this helps reduce the risk of overly broad DNS access and strengthens governance around centralized Route 53 management.

Amazon CloudWatch Logs now supports data protection, OpenSearch PPL, and OpenSearch SQL for the Infrequent Access log class. This extends sensitive-data protection capabilities to lower-cost log storage, which is relevant for organizations retaining large log volumes for compliance, audit, and forensic purposes. At the same time, broader query support improves how teams investigate older logs without needing separate tooling or additional infrastructure.

AWS Management Console now supports settings to control service and Region visibility. Administrators can customize which services and Regions are shown in the console based on internal policy and compliance requirements. This helps reinforce governance at the user interface level, reduces the chance of accidental use of non-approved resources, and supports organizations operating under strict regional or regulatory constraints.

AWS Lambda increases the file descriptor limit to 4,096 for functions running on Lambda Managed Instances, alongside support for up to 32 GB of memory and 16 vCPUs. This expands the range of workloads that fit serverless execution, especially resource-intensive applications that need higher concurrency, more parallel processing, or large numbers of open connections and files. It is another step toward heavier enterprise and data-processing scenarios that previously pushed against runtime limits.

Agent Plugin for AWS Serverless integrates AI capabilities directly into serverless development workflows. This helps teams build and deploy AI-assisted features faster while maintaining the scaling and operational characteristics of serverless architectures.

AWS Step Functions adds 28 new service integrations, including Amazon Bedrock AgentCore. This further reduces the need for custom glue code and expands what can be orchestrated natively inside workflows. The Bedrock AgentCore integration is particularly notable because it supports more advanced AI-driven execution paths, enabling state machines to coordinate agent-style logic and external service interactions with less custom orchestration code.

AWS MCP Server now adds enhanced monitoring and semantic search. Enhanced monitoring improves visibility into server activity and performance, making it easier to detect issues and understand behavior during operations. Semantic search adds a more intuitive way to explore configurations and logs, which can speed up troubleshooting and make the preview more practical for early adopters evaluating operational usability.