この日は次世代 Amazon OpenSearch Serverless の一般提供開始と Claude Opus 4.8 の AWS 提供が大きな話題でした。 次世代 OpenSearch Serverless はエージェント向けにゼロから再構築され、オートスケーリングが最大 20 倍高速化、 スケールトゥーゼロとピーク比最大 60% のコスト削減を実現します。Anthropic の Claude Opus 4.8 が Amazon Bedrock および Claude Platform on AWS で利用可能となりました。次世代 AWS Resilience Hub も GA となり、生成 AI による 障害モード分析や依存関係探索を提供。What's New では AWS Organizations の CloudTrail イベント、Oracle Database@AWS の 20 リージョン展開、S3 Tables のリージョン拡大、AWS IoT Core の MQTT 接続管理 API などが登場。日本語ブログでは Kiro アンバサダープログラムや AWS 初学者向け学習 7 ステップ、機械学習ブログでは AgentCore のデータセット管理や LangSmith での評価が紹介されました。
次世代 Amazon OpenSearch Serverless: エージェント向け GA、20 倍高速スケール・最大 60% コスト削減
Claude Opus 4.8: Amazon Bedrock と Claude Platform on AWS で提供開始
次世代 AWS Resilience Hub: 生成 AI による障害モード分析と依存関係探索を GA
Oracle Database@AWS: 8 リージョン追加で計 20 リージョンに拡大
AWS Organizations: アカウント参加/離脱の CloudTrail イベント発行
セキュリティ: Network Firewall の URL/ドメインカテゴリフィルタと Transit Gateway ネイティブ接続
Amazon DynamoDB Streams now supports AWS PrivateLink for FIPS (Federal Information Processing Standard) endpoints in AWS GovCloud (US) Regions. DynamoDB Streams captures time-ordered sequences of item-level modifications in DynamoDB tables, enabling real-time data processing and event-driven architectures. This enhancement allows government agencies and organizations with federal compliance requirements to establish private connectivity between their VPCs and DynamoDB Streams FIPS endpoints without exposing traffic to the public internet.
This capability helps customers meet strict federal compliance and regulatory requirements while simplifying their network architecture. By keeping all traffic within the AWS network infrastructure, organizations can securely process real-time data streams, implement compliant change data capture (CDC) solutions, and build event-driven architectures that adhere to federal security standards. Government agencies operating in GovCloud regions can now leverage DynamoDB Streams for secure data streaming applications while maintaining the enhanced security and privacy that AWS PrivateLink provides.
AWS PrivateLink support for DynamoDB Streams FIPS endpoints is available in AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions, as well as US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), and Canada West (Calgary).
To learn more, visit the Amazon DynamoDB Streams PrivateLink documentation and the AWS PrivateLink page.
Today, AWS announced the general availability of the next generation of Amazon OpenSearch Serverless, a fully managed search and vector engine designed for customers building agents. The next generation of OpenSearch Serverless auto scales 20x faster than its predecessor and provisions resources in seconds to meet the demands of even the most unpredictable agentic workflows. With scale-to-zero and pay-per-usage pricing, customers can now save up to 60% compared to the cost of provisioning Opensearch clusters for peak loads.
The next generation of OpenSearch Serverless introduces complete decoupling of compute and storage through a new shared storage layer. This means customers can scale compute up and down independently, reducing costs during low-traffic periods while maintaining instant readiness for traffic spikes. To simplify network connectivity, OpenSearch Serverless now offers two resource-based endpoints - a collection level endpoint and a regional endpoint which makes multi-VPC and on-premise connectivity straightforward using standard VPC APIs. The next generation of OpenSearch Serverless also launches with native integrations with AI development platforms including Vercel and Kiro, enabling developers to provision search infrastructure directly from their development environment using natural language commands. OpenSearch Serverless is now also part of OpenSearch Agent Skills that allows you to bring OpenSearch capabilities to your agents when using popular coding platfroms like Claude Code, Cursor and Codex.
At GA, search and vector are the two available collection types. The next generation of OpenSearch Serverless is available today in all commercial AWS regions where Amazon OpenSearch Serverless is currently available. For pricing details about the next generation of OpenSearch Serverless, visit the pricing page.
To learn more about the next generation of Amazon OpenSearch Serverless, see the marketing page, technical documentation and AWS News Blog. You can get started by visiting the technical launch blog that details all the new features launching in the next generation of Amazon OpenSearch Serverless.
Amazon WorkSpaces Applications now supports the ability to set up streaming resources powered by Windows Desktop operating systems using Bring Your Own License (BYOL). Customers can now bring their existing Windows Desktop licenses to support their eligible Microsoft 365 Apps for enterprise, delivering a consistent and familiar desktop experience as users move between on-premises and virtual desktop environments.
With BYOL support on WorkSpaces Applications, the operating system is hosted on hardware dedicated to the customer's AWS account, enabling customers to stream Windows desktop applications and full desktop experiences at scale. Customers benefit from cost savings by bringing their existing Windows Desktop OS licenses, eliminating OS fees so they only pay for compute and streaming infrastructure. When the local device and the streaming session both run the same Windows Desktop OS, users apply the same workflows, shortcuts, and navigation in both environments. This removes the cognitive overhead of adapting to a different desktop experience when switching between local and remote work, reducing onboarding time.
Windows Desktop for WorkSpaces Applications is available in multiple AWS Regions. For the list of supported regions, see Amazon WorkSpaces Applications BYOL documentation.
To take advantage of BYOL on WorkSpaces Applications, organizations must meet Microsoft's licensing requirements and commit to running a minimum number of streaming resources in a given AWS Region each month. To learn more about eligibility requirements and getting started, see the Amazon WorkSpaces Applications documentation and FAQs.
AWS now offers Claude Opus 4.8 -- Anthropic's most capable generally available model to date -- delivering meaningful advances across agentic coding, professional knowledge work, and long-running autonomous tasks for developers and enterprises building production AI applications.
Claude Opus 4.8 can perform longer autonomous runs, deeper reasoning, and consistency to be trusted with production work. For coding, the Opus 4.8 reads codebases like an engineer, plans before it edits, and holds context across long sessions in real repositories. For agentic tasks, it is better at finding paths around obstacles instead of stalling, recovering from its own errors, and knowing when to ask for help versus when to keep going. For knowledge work, it better synthesizes across long documents and complex sources, self-checks its output, and delivers structured deliverables that hold up to review.
Customers have two ways to access Claude Opus 4.8: Amazon Bedrock and Claude Platform on AWS.
Amazon Bedrock keeps your data within AWS infrastructure and provides access to Claude Opus 4.8 through a unified service with AWS-managed features like Guardrails, Knowledge Bases, and regional data residency. To learn more, see Amazon Bedrock documentation and regional availability..
Claude Platform on AWS gives you direct access to Anthropic's native platform experience and capabilities via the AWS Console. Build, test, and deploy with the same APIs, features, and console experience you'd get working with Anthropic directly, unified with AWS billing and authentication. To get started, see the Claude Platform on AWS documentation
Amazon Connect Customer now supports generative AI-powered post-contact summaries in eight additional language families: Portuguese, French, Italian, German, Spanish, Chinese, Japanese, and Korean. Post-contact summaries also now support non-US variations of English, including British English, Australian English, and other regional locales, ensuring summaries reflect locally appropriate spelling and terminology.
Generative AI-powered post-contact summaries provide agents and managers with concise, structured overviews of customer conversations across voice, chat, and email channels, eliminating the need to read full transcripts. With this expansion, organizations can automatically generate summaries in the language of the conversation, helping agents complete after-contact work faster and enabling managers to review contacts across languages. For example, a global support organization can now generate post-contact summaries for calls handled in French, German, or Japanese, giving supervisors visibility into service quality across all regions.
The newly supported languages are available in all AWS Regions where Amazon Connect Customer post-contact summaries are available. To learn more, refer to View generative AI-powered post-contact summaries in the Amazon Connect Customer Administrator Guide. To learn more about Amazon Connect Customer, visit the Amazon Connect Customer website.
AWS Organizations now automatically emits CloudTrail events to your management account whenever accounts join or leave your organization. These new events—AccountJoinedOrganization and AccountDepartedOrganization—provide security teams and cloud administrators with enhanced visibility into organizational membership changes, helping detect unauthorized activities and potential security incidents that previously could go unnoticed.
The AccountJoinedOrganization event captures how an account joined an organization (Created or Invited) and the join timestamp, while the AccountDepartedOrganization event records how an account departed —Left for accounts that departed voluntarily, Removed for accounts removed by the management account, or Cleaned for accounts that were permanently closed along with the departure timestamp.
You can leverage these events to create CloudWatch alarms or Amazon EventBridge rules for real-time notifications, enabling rapid response to suspicious organizational changes. This capability supports critical use cases including fraud detection, compliance auditing, security monitoring, and incident investigation across your AWS environment.
Today, AWS announces the general availability of the next generation of AWS Resilience Hub, a central location in the AWS console that helps platform engineering and site reliability teams assess and strengthen the resilience of their critical workloads running on AWS. This new update expands on AWS Resilience Hub’s existing experience for meeting resilience objectives by introducing a new application model, dependency discovery, generative AI-powered failure mode analysis, modular resilience policies, and organization-wide reporting.
With the next generation of Resilience Hub, teams model applications using a three-level hierarchy — systems, user journeys, and services — that reflects how these applications deliver business value. Through dependency discovery assessments, maintain up-to-date visibility into the AWS services, internal endpoints, and third-party endpoints that your services rely on. A generative AI-powered failure mode assessment analyzes your services against AWS Well-Architected best practices, the AWS Resilience Analysis Framework, and the organization's resilience policies, generating prioritized, actionable recommendations. AWS Organizations integration enables central teams to define resilience policies and monitor posture across all accounts and regions from a single dashboard.
The next generation of the AWS Resilience Hub is available in all AWS Regions where Resilience Hub is offered. For more information about the AWS Regions where AWS Resilience Hub is available, see the AWS Region table.
To get started, visit the AWS console. To learn more about the next generation of AWS Resilience Hub, see the product page, or visit the AWS News Blog.
Existing AWS Resilience Hub customers can continue using their current experience and adopt the next generation of AWS Resilience Hub at their own pace. For guidance, see the migration user guide.
Today, AWS IoT Core launches two new MQTT connection management APIs, GetConnection and ListSubscriptions, enabling you to easily access MQTT client connection and subscription information for your Internet of Things (IoT) devices. These APIs help you troubleshoot connectivity issues, monitor client behavior, and audit connection patterns across your device fleet.
The GetConnection API gives you visibility into an IoT device connection by retrieving detailed connection information, including connection status, MQTT session details, and optional socket-level data such as source and target IP addresses, ports, and client VPC endpoint ID, controlled via granular IAM policies. The ListSubscriptions API complements this by returning all topic subscriptions, including QoS levels for a client’s MQTT session, for connected and offline clients with persistent sessions. This enables you to validate and identify overlapping or unnecessary subscriptions that may impact solution performance. Together with the existing DeleteConnection API, these new APIs provide a comprehensive MQTT connection management experience.
These APIs are now available in all AWS regions where AWS IoT Core is supported. To learn more, visit the AWS IoT Core documentation and AWS IoT Core API reference guide.
Today, AWS Billing and Cost Management (BCM) announces support for Budgets widgets in BCM Dashboards, giving you the flexibility to customize your cost management console with the views that matter most to your organization. You can now monitor AWS Budgets alongside Cost Explorer reports and Savings Plans and Reserved Instance coverage and utilization reports, all in a single, tailored dashboard.
Previously, reviewing budget performance required navigating to a separate console page. Now, finance teams and cloud administrators can add one or more Budgets widgets to any BCM Dashboard, displaying budget name, budgeted amount, actual spend, and forecasted amount. You can filter budgets by name, threshold, and budget type, directly within the widget, and choose which budgets appear on each dashboard, reducing the time spent switching between console pages and enabling faster budget monitoring across teams. Budget widgets are fully integrated with dashboard export capabilities, allowing you to include budget data in scheduled email reports or download it as CSV or PDF, making it easier to share budget status with stakeholders without manual data gathering.
Budgets widgets for BCM Dashboards are available in all AWS commercial Regions at no additional charge. To learn more, visit our User Guide.
Amazon CloudWatch now allows you to query metrics data up to two weeks in the past using the Metrics Insights query source. CloudWatch Metrics Insights offers fast, flexible, SQL-based queries. This new capability allows you to display, aggregate, or slice and dice metrics data older than 3 hours, for enhanced visualization and investigation.
Previously, when creating dashboards and alarms to monitor dynamic groups of metrics over your resources and applications, you could visualize up to 3 hours of data when using Metrics Insights SQL queries. This enhancement helps you identify trends and investigate impact for a longer period of time, even days after an event. This extended query time range helps improve the operational health of teams and ensures impacts are never missed.
Querying metrics data up to two weeks old with Metrics Insights is now available in the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions.
The ability to query metrics data up to 2 weeks old is automatically available at no additional cost. Standard pricing applies for alarms, dashboards or API usage on Metrics Insights, see CloudWatch pricing for details. To learn more about metrics queries with Metrics Insights, visit the CloudWatch documentation.
Amazon S3 Tables are now available in the Asia Pacific (Taipei) and Asia Pacific (New Zealand) Regions.
Amazon S3 Tables deliver the first cloud object store with built-in Apache Iceberg support, streamlining tabular data storage at scale. S3 Tables automatically perform continual table maintenance to optimize query efficiency and reduce storage costs as your data lake grows and evolves. Because S3 Tables support the Apache Iceberg standard, your data is easily queryable by both AWS and third-party engines. With the Intelligent-Tiering storage class, S3 Tables automatically manage costs based on access patterns with no performance impact or operational overhead.
For more information about the AWS Regions where S3 Tables are available, see S3 Tables AWS Regions and endpoints.
To learn more, see the following resources:
Oracle Database@AWS is now generally available in eight additional AWS Regions: EU-Central-2 (Zurich), EU-South-1 (Milan), EU-South-2 (Spain), EU-West-3 (Paris), AP-Northeast-3 (Osaka), AP-Southeast-1 (Singapore), AP-Southeast-4 (Melbourne) and SA-East-1 (Sao Paulo). Oracle Database@AWS enables customers to access Oracle Cloud Infrastructure (OCI) managed Oracle Exadata systems within AWS data centers. With this launch, customers in Europe, South America, and Asia Pacific with in-region data residency requirements can migrate on-premises Oracle Exadata and Oracle Real Application Clusters (RAC) applications to AWS.
With this expansion, Oracle Database@AWS services are now available in twenty Regions: US-East-1 (N. Virginia), US-West-2 (Oregon), US-East-2 (Ohio), CA-Central-1 (Canada Central), SA-East-1 (Sao Paulo), EU-Central-1 (Frankfurt), EU-West-1 (Dublin), EU-West-2 (London), EU-Central-2 (Zurich), EU-South-1 (Milan), EU-South-2 (Spain), EU-West-3 (Paris), AP-Northeast-1 (Tokyo), AP-Northeast-3 (Osaka), AP-Southeast-1 (Singapore), AP-Southeast-2 (Sydney), AP-Southeast-4 (Melbourne), AP-South-1 (Mumbai), AP-South-2 (Hyderabad), and AP-Northeast-2 (Seoul). To use Oracle Database@AWS services, request a private offer from Oracle through the AWS Marketplace, and use AWS Management Console to setup your databases.
To learn more, visit Oracle Database@AWS overview and documentation.
Amazon Relational Database Service (Amazon RDS) for Oracle now supports the Oracle April 2026 Release Update (RU) for Oracle Database versions 19c and 21c, and the corresponding Supplemental Patch Bundle for Oracle Database version 19c. We recommend upgrading to the April 2026 RU as it includes security updates for Oracle database products.
Starting with April 2026 releases, the Oracle Spatial Patch Bundle has been renamed to Supplemental Patch Bundle (SPB). The SPB includes additional database patches recommended by Oracle for specific use cases, such as Oracle Spatial, Oracle Data Pump, and Oracle GoldenGate.
You can apply the April 2026 RU from the Amazon RDS Management Console, or by using the AWS SDK or CLI. To automatically apply updates to your database instance during your maintenance window, enable Automatic Minor Version Upgrade. You can apply the Supplemental Patch Bundle update for new database instances, or upgrade existing instances to engine version '19.0.0.0.ru-2026-04.spb-1.r1' by selecting the "Supplemental Patch Bundle Engine Versions" checkbox in the AWS Console.
You can also use AWS Organizations upgrade rollout policy to stagger automatic minor version upgrades for your Amazon RDS database instances. This feature allows you to automatically apply updates to non-production environments, validate the updates, and then automatically apply the same update to production environments. For additional details about using AWS Organizations upgrade rollout policy for automatic minor version upgrades, refer to Amazon RDS for Oracle documentation .
AWS rebuilt Amazon OpenSearch Serverless from the ground up for agentic AI and dynamic workloads. Get instant autoscaling and up to 60% cost savings.
AWS launches the next generation of AWS Resilience Hub with a significantly expanded experience that brings together a new application model, dependency discovery assessment, generative AI-powered failure mode analysis, modular resilience policies, and organization-wide reporting.
Amazon OpenSearch Serverless のアーキテクチャをゼロから刷新し、オートスケーリングが従来比で最大 20 倍に高速化、コンピューティングをゼロまでスケール可能、ピーク負荷に合わせたプロビジョニングと比べて最大 60% のコスト削減を実現した次世代アーキテクチャ NextGen を発表します。コンピューティングとストレージを完全に分離し、エージェントワークロードに最適化されました。本記事ではアーキテクチャの仕組みと、ハンズオンチュートリアルでの使い始め方を解説します。
AI エージェント向けにフルマネージドの検索およびベクトルエンジン、次世代 Amazon OpenSearch Serverless を発表します。コンピューティングリソースをゼロから 1 秒あたり数千リクエストを処理できる規模までスケールアップし、アイドル時はゼロまでスケールダウン。ピーク容量にプロビジョニングしたクラスターと比べて最大 60% のコスト削減を実現します。
先日、開発者コミュニティが互いに発見し、つながり、よりよいものを作るための場として Kiro コミュニティハブと Kiro Labs をローンチしました。すでにギャラリーにプロジェクトを投稿したり、これから開催するイベントをシェアしたりする動きが始まっています。今日はそこからもう一歩踏み込みます。Kiro Ambassadors は、フィードバックを寄せ、コンテンツを発信し、他のビルダーを支えてくれる、最もアクティブな開発者のみなさんとの関係を公式なプログラムにしたものです。すでに Kiro を前に進めてくれていて、これからの方向性にも直接関わりたいと考えている開発者のための仕組みです。Kiro を実際のワークフローの一部として使っている開発者の影響力とインパクトを、さらに広げていきたいと考えています。
みなさん、もしくはみなさんの周りで「AWS を勉強したいんだけど何から勉強すればよいだろう。どこかに勉強方法がまとまってないかな ?」「同僚や部下に AWS の勉強を促しているけど、ちょうど良い教材とか無いかな ?」という悩みを抱えている方はいませんか ? このブログはそういった AWS を勉強する際の悩みを抱えた AWS 初学者の方や、AWS 初学者を育成する立場にある方を対象にしています。 どのような段取りで知識を深めていけばよいのか、この勉強方法がなぜおすすめなのか、疑問点やハマりどころに直面した際にどこのサイトをチェックすればいいのか、など納得しながら勉強を進められるように具体的な情報を含めながら 7 ステップで紹介していきます。
みなさん、こんにちは。ソリューションアーキテクトの田村です。 サイバー攻撃の脅威は質的に変化しています。AI […]
本記事は、2025 年 6 月 20 日に公開された Implement a rollback strateg […]
AWS Sustainability Insights Framework(SIF)は、組織がAWS上で炭素排出量を自動的に追跡し、気候関連レポートを作成するためのスケーラブルなソフトウェアプラットフォームです。従来の手動プロセスに代わり、モジュラーアーキテクチャを通じてデータ収集・計算・報告を自動化します。人的エラーの削減、動的なスケーリング、進化する規制への適応という3つの利点を提供し、あらゆる規模の組織のサステナビリティ報告を支援します。
アマゾン ウェブ サービス ジャパンのソリューションアーキテクト、齋藤です。 NHN テコラス様が主催する「は […]
Network administrators face a persistent challenge: maintaining domain blocklists and allowlists that keep pace with the internet. New websites and services emerge daily, and keeping these lists current requires constant manual updates that leave gaps in coverage. This challenge intensifies when managing access to rapidly evolving categories like AI services, where new tools launch on […]
AWS Network Firewall now supports native attachment to AWS Transit Gateway. Customers commonly use Transit Gateway to route traffic from Amazon Virtual Private Cloud (Amazon VPC) networks to a centralized inspection VPC (a VPC dedicated to hosting firewall endpoints for traffic inspection) where their network firewall endpoints are deployed. This centralized deployment model reduces the […]
This post demonstrates that integration in action by automating one of the most labor-intensive workflows in financial services: anti-money laundering (AML) alert triage. You will build a triage workflow using Amazon Quick Flows and Snowflake Cortex, connected through the Amazon Quick Model Context Protocol (MCP) integration. In our testing environment, automated workflows built using Amazon Quick reduced alert investigation time from 30-90 minutes to under 5 minutes. Actual results may vary based on alert complexity and data volume.
This post covers Opus 4.8's improvements and practical guidance for AI engineers integrating the model into agentic systems and production inference workloads on Amazon Bedrock.
Agent evaluation is most powerful when you combine fast-moving online signals with stable offline baselines. To understand whether your agent is truly improving over time, you need a fixed benchmark alongside your changing real-world traffic. Managing test cases for evaluation baselines as a dataset in Amazon Bedrock AgentCore brings the discipline of versioned test fixtures […]
This post combines learnings from LangChain’s work on evaluating deep agents and Anthropic’s guide to demystifying evals for AI agents into a practical guide. In this post, you will learn how to: 1) apply five evaluation patterns for deep agents, 2) build offline evaluations using pytest and LangSmith, and 3) configure online monitoring for production. The walkthrough uses a text-to-SQL deep agent with Amazon Bedrock for the full development to production lifecycle.
In this post, we demonstrate how to build a secure Flask-based MLflow proxy service that provides HTTPS access to Amazon SageMaker MLflow without requiring the MLflow SDK. This solution is for organizations undergoing cloud transformation who want to preserve their existing ML workflows while adopting cloud-native services.
In this post, you learn how to build a custom portal with embedded SageMaker AI MLflow Apps UI. You walk through the architecture pattern behind a React front end paired with a Flask reverse proxy that handles AWS Signature Version 4 (SigV4) authentication, deploy the entire stack through the AWS Cloud Development Kit (AWS CDK), validate the deployment, and review security considerations and cleanup procedures.
Azercell Telecom LLC, Azerbaijan's leading telecommunications provider, wanted to build an Azerbaijani large language model (LLM) on Amazon SageMaker AI for telecom use cases and a customer-facing chatbot. The challenge: adapting foundation models (FMs) to a morphologically rich language with limited training data and no existing blueprint for efficient LLM training in Azerbaijani. In a six-week collaboration, Azercell worked with the AWS Generative AI Innovation Center to establish a production-ready framework on Amazon SageMaker AI.