Introduction
AWS relentlessly advances cloud innovation. March 2026 delivered 12 major updates across compute, storage, security, and emerging technologies. Developers and cloud architects, here’s what you need to know.
Featured Updates
1. Amazon CloudWatch now supports multi-account and region log centralization based on data source
Released: March 30, 2026
Amazon CloudWatch now centralizes logs by data source name and type. This feature lets you copy log data from multiple AWS accounts and regions into one destination account using centralization rules. You can now target specific sources like VPC Flow Logs, EKS Audit Logs, and CloudTrail Logs—beyond just log group names.
CloudWatch automatically discovers data source names and types for AWS service logs, or uses log group tags for application logs. Central security teams, for instance, can pull all CloudTrail and VPC logs organization-wide without tracking individual log groups.
Start by creating or editing a centralization rule in the CloudWatch console, AWS CLI, or SDKs. Specify your data source criteria in the configuration. This works in all commercial regions supporting CloudWatch log centralization, with standard Logs pricing for ingestion, storage, and transfer. See the CloudWatch Logs Centralization documentation for details.
2. AWS Security Hub is now available in AWS GovCloud (US) Regions
Released: March 30, 2026
AWS Security Hub now launches in AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions. This unified security solution prioritizes critical issues, scales responses, cuts risks, and boosts team productivity.
Security Hub correlates signals from Amazon GuardDuty, Amazon Inspector, and its own CSPM (Cloud Security Posture Management) to highlight active risks. It provides near real-time analytics, trends, visualizations, and contextual insights. Enable it per account or organization-wide with centralized management. Key features include exposure findings, resource inventory, attack path visualization, and automated workflows. It maps potential adversary paths chaining threats, vulnerabilities, and misconfigurations. Pricing consolidates charges across services for predictability.
Get started via the AWS Security Hub console or product page. Check the AWS Regional Services List for availability.
3. AWS HealthOmics introduces VPC-connected workflows
Released: March 30, 2026
AWS HealthOmics now offers VPC-connected workflows. Run bioinformatics pipelines that access AWS resources across regions or public internet via your Virtual Private Cloud (VPC). Life sciences teams skip data migration to the workflow’s region. This HIPAA-eligible service scales managed bioinformatics for scientific breakthroughs.
Develop and test workflows faster by accessing public datasets or cross-region AWS resources without code changes or data moves. Use new Configuration APIs to link a VPC for public internet traffic. Tailor networks per use case and adjust public dependencies anytime. Apply settings per run to connect only select workflows.
Available in US East (N. Virginia), US West (Oregon), Europe (Frankfurt, Ireland, London), Israel (Tel Aviv), Asia Pacific (Singapore), and Asia Pacific (Seoul). Learn more in the HealthOmics documentation.
4. AWS Elemental MediaTailor now available in Europe (London)
Released: March 30, 2026
AWS Elemental MediaTailor expands to Europe (London). This service inserts personalized ads into live and on-demand streams using server-side ad insertion (SSAI) and Server Guided Ad Insertion (SGAI). It delivers broadcast-quality experiences, dodging client-side buffering and ad blockers.
Northern European viewers benefit from lower ad decisioning latency and higher fill rates. SSAI/SGAI users get faster stitching and tracking; those in Europe (Ireland) gain redundancy and capacity.
Explore the product page or User Guide. Launch via the console.
5. Access Cluster Insights through the Amazon OpenSearch Service Console and Amazon EventBridge events
Released: March 30, 2026
Amazon OpenSearch Service now surfaces Cluster Insights in the AWS Management Console—alongside OpenSearch UI Dashboards. Review performance and resilience recommendations, then adjust configurations seamlessly. Cluster Insights also publishes to Amazon EventBridge.
These curated insights track cluster health and offer preventive recommendations. Use Dashboards for deep metrics like index/shard data and top queries. EventBridge enables automated monitoring.
Free for OpenSearch 2.17+ in all supported regions. See the technical documentation.
6. Amazon SageMaker Data Agent is now available in the Amazon SageMaker Unified Studio Query Editor
Released: March 30, 2026
Amazon SageMaker Data Agent now powers the Query Editor in SageMaker Unified Studio—extending beyond notebooks. Generate SQL from natural language, debug failures, and explore data conversationally.
Ask “calculate quarterly revenue growth by product category for 2025,” and it plans steps, then crafts accurate SQL for Redshift or Athena. Skip manual joins and aggregations. “Fix with AI” analyzes errors and suggests fixes. It remembers your data sources and schema for contextual follow-ups.
Open a project in Unified Studio, launch Query Editor, and activate the agent. Available in IAM domains across supported regions. Details in the User Guide.
7. AWS Direct Connect adds CloudWatch metrics for BGP monitoring
Released: March 30, 2026
AWS Direct Connect introduces three CloudWatch metrics for virtual interfaces (VIFs): BGP session health and route counts. Network teams monitor hybrid connectivity natively—no custom Lambda or API polling needed.
VirtualInterfaceBgpStatus flags session failures. VirtualInterfaceBgpPrefixesAccepted tracks on-premises prefixes to avoid limits. VirtualInterfaceBgpPrefixesAdvertised validates AWS routes and spots withdrawals.
Supports private, public, and transit VIFs in all commercial regions. Integrate with alarms, dashboards, and SNS. Visit AWS Direct Connect.
8. Amazon CloudWatch Logs now supports data protection, OpenSearch PPL and OpenSearch SQL for the Infrequent Access ingestion class
Released: March 27, 2026
Amazon CloudWatch Logs enhances Infrequent Access (IA) class with data protection, OpenSearch PPL, and OpenSearch SQL. Analyze rarely queried logs cost-effectively for troubleshooting and forensics.
IA suits occasional use like investigations, with Logs Insights, S3 export, encryption, and lower GB ingestion costs. Now add advanced analytics and automatic sensitive data masking for compliance.
Check pricing and user guide. See Builder Center for regions.
9. AWS Lambda supports up to 32 GB of memory and 16 vCPUs for Lambda Managed Instances
Released: March 27, 2026
AWS Lambda on Managed Instances now scales to 32 GB memory and 16 vCPUs for compute-heavy tasks like data processing or simulations—no infrastructure management. Choose 2:1, 4:1, or 8:1 memory-to-vCPU ratios.
Managed Instances provide EC2 with routing, balancing, and scaling, plus premium processors and networking. Prior limits capped at 10 GB/6 vCPUs without ratio tweaks. At 32 GB, select 16, 8, or 4 vCPUs to fit CPU- or memory-bound workloads.
Available everywhere Lambda Managed Instances are. Configure via Console, CLI, CloudFormation, CDK, or SAM. See the product page.
10. Research and Engineering Studio on AWS 2026.03 is now available
Released: March 26, 2026
Research and Engineering Studio (RES) on AWS 2026.03 adds admin controls, filesystem support, and session management.
This open-source portal lets admins spin up secure cloud environments for scientists and engineers to visualize data and run apps—without cloud expertise.
Admins now attach multiple FSx for ONTAP volumes, set DCV token expiration, and add three custom login links. Sessions improve: restart errored VDIs, reset schedules easily. Includes fixes and performance boosts.
Available across RES regions. Check documentation or GitHub.
11. AWS Firewall Manager launches in AWS Asia Pacific (New Zealand) Region
Released: March 25, 2026
AWS Firewall Manager now serves AWS Asia Pacific (New Zealand). It simplifies protecting apps by automating rules across AWS security services.
Create defense-in-depth policies for WAF and more, cutting manual work for admins and SREs.
See documentation, Region Table, and product page.
12. AWS Transfer Family AS2 now supports receipts of MDNs asynchronously
Released: March 25, 2026
AWS Transfer Family now handles asynchronous Message Disposition Notifications (MDNs) for AS2 messages. Migrate workflows seamlessly, matching partner processing times and networks.
Healthcare, retail, and supply chain teams exchange data securely. Request MDNs over separate TLS connections for long-processing or high-latency partners. Supports sync/async modes.
Available in most Transfer Family regions—check AWS Capabilities. See user guide and product page.
Key Insights
Update Distribution
March’s 12 updates cover 5 categories, underscoring AWS priorities:
Enhanced Performance: Faster compute, throughput, lower latency
Security First: Advanced controls, compliance
Developer Productivity: Streamlined tools, integrations
Cost Optimization: Efficient pricing, resources
AI/ML Capabilities: Broader ML and gen AI
Business Impact
These changes drive:
- Faster Time-to-Market: Less development complexity
- Improved Reliability: Better monitoring, auto-recovery
- Better Security Posture: Threat detection, compliance automation
- Cost Efficiency: Optimized utilization, flexible pricing
Looking Ahead
March 2026 advances accessible, secure, powerful cloud infrastructure for microservices, pipelines, and AI.
Follow AWS What’s New and service announcements to stay ahead.
This post was compiled on April 2, 2026 from official AWS announcements.