News For Dev-ops

If you use build service identities like Project Collection Build Service to call Advanced Security APIs, the Advanced Security permission changes in Sprint 269 broke that. We restricted API access for build identities as a security improvement but failed to provide an early notice for customers that relied upon this for various automations. We're rolling it back temporarily. The restriction will be re-enforced on April 15, 2026. What you should do Action is required. The recommended path is a service principal with Advanced Security: Read alerts permissions for your Advanced Security-enabled repositories. Scope it narrowly, and if the service principal isn't committing code, it won't consume an Advanced Security committer license. Status checks in Sprint 272 We're also shipping status checks soon, which give teams a native way to gate on security posture without API-driven alert mutations from pipeline identities. This won't replace every automation scen...

Amazon Neptune Database now includes comprehensive spatial data capabilities, addressing the growing need for location-aware insights in graph database applications. Spatial support provides 11 built-in spatial functions following the ISO 13249-3 standard, supporting GEOMETRY data types with seamless integration into existing GIS applications like Esri ArcGIS . With spatial support, customers no longer need to maintain separate spatial databases alongside their graph databases. Organizations can now perform proximity analysis, track asset locations and routes in network infrastructures, analyze geographic patterns in connected data, and build location-aware AI assistants that provide factual spatial answers without hallucinations. The feature particularly benefits mapping and navigation companies, ridesharing and transportation services, logistics providers, utilities, smart city planners, and emergency services organizations. Key capabilities include support for points, lines, and p...

Join us for Azure Cosmos DB Conf 2026 , a free global, virtual developer event focused on building modern applications with Azure Cosmos DB. Date : April 28, 2026 Time : 9:00 AM–2:00 PM PT Where: Streaming live on the Microsoft Developer YouTube channel , with additional sessions available on demand. Free Registration: aka.ms/cosmosconfreg Full details : aka.ms/azurecosmosdbconf Chat with the community: #nosql on Discord This year, Azure Cosmos DB Conf will feature 21 speakers from across the globe, bringing together Microsoft engineers, community leaders, architects, and developers to share how they are building modern applications with Azure Cosmos DB. Attendees will hear directly from experts using Azure Cosmos DB to power real systems—from AI agent memory architectures and retrieval-augmented generation pipelines to globally distributed event-driven microservices and cost-efficient high-scale workloads. You can also expect talks exploring Open Source DocumentDB and Azu...

Government agencies have an increased need for secure, verifiable, and compliant cloud environments that adhere to data sovereignty regulations, operate in a Zero Trust framework, and help reduce exposure to insider threats. Today, Microsoft marks a major milestone in secure cloud innovation with the general availability of Azure Confidential Computing (ACC) for Secure Encrypted Virtualization – Secure Nested Paging (AMD SEV-SNP) based virtual machines across all U.S. government data classification levels. ACC VMs help protect sensitive workloads by using hardware-backed Trusted Execution Environments (TEEs) to safeguard data while it is in use, along with attestation capabilities that help customers verify the environment their workloads are running in. This release follows the recent general availability of confidential VMs in commercial Azure and extends those capabilities to government customers. What is confidential computing? Confidential computing is a transformative approach...

Amazon Bedrock AgentCore Runtime now supports stateful Model Context Protocol (MCP) server features, enabling developers to build MCP servers that leverage elicitation, sampling, and progress notifications alongside existing support for resources, prompts, and tools. These capabilities allow MCP servers deployed to AgentCore Runtime to collect user input interactively during tool execution, request LLM-generated content from clients, and provide real-time progress updates for long-running operations. With stateful MCP sessions, each user session runs in a dedicated microVM with isolated resources, and the server maintains session context across multiple interactions using an Mcp-Session-Id header. Elicitation enables server-initiated, multi-turn conversations to gather information such as user preferences. Sampling allows servers to request AI-powered text generation from the client for tasks like personalized recommendations. Progress notifications keep clients informed during opera...

Amazon Bedrock is a fully managed service for building generative AI applications using high-performing foundation models from leading AI providers. It now supports two new CloudWatch metrics, TimeToFirstToken and EstimatedTPMQuotaUsage, giving you deeper visibility into inference performance and quota consumption. TimeToFirstToken measures the latency from when a request is sent to when the first token is received, for streaming APIs (ConverseStream and InvokeModelWithResponseStream). You can use this metric to set CloudWatch alarms which monitor latency degradation and establish SLA baselines, without any client-side instrumentation. EstimatedTPMQuotaUsage tracks your estimated Tokens Per Minute (TPM) quota consumption, including cache write tokens and output burndown multipliers , across all inference APIs (Converse, InvokeModel, ConverseStream, and InvokeModelWithResponseStream). You can use this metric to set proactive alarms before reaching your quota limit, track your quota con...