この日はセキュリティ、メッセージング、データベース/分析、ネットワークにわたる What's New が中心でした。AWS Shield Advanced が DDoS 攻撃フローログを導入し、攻撃中のパケットレベルの可視性を S3・CloudWatch Logs・Data Firehose へ 提供します。AWS End User Messaging の RCS for Business が新たに 20 か国へ拡大し、計 22 か国に対応。AWS Interconnect - multicloud には無料の 500 Mbps ティアが追加され、他クラウドとのプライベート接続を手軽に評価可能に なりました。Amazon Redshift Serverless は 7 リージョンで最小 4 RPU 構成に対応、Amazon SES は受信トレイ到達率 指標とブロックリスト監視を追加、AWS HealthLake は CMS-0057-F 準拠の FHIR API に対応。機械学習ブログでは SageMaker AI の LLM 推論に対する包括的なオブザーバビリティ手法が解説されました。
AWS Shield Advanced: DDoS 攻撃フローログでパケットレベルの可視性を提供
AWS End User Messaging: RCS for Business が 20 か国追加で計 22 か国に対応
AWS Interconnect - multicloud: 無料 500 Mbps ティアを追加
Amazon Redshift Serverless: 7 リージョンで最小 4 RPU 構成に対応
Amazon SES: 受信トレイ到達率指標とブロックリスト監視を追加
AWS HealthLake: CMS-0057-F 準拠の FHIR API に対応
AWS Interconnect - multicloud now offers a free 500 Mbps multicloud Interconnect, making it easier to privately connect your workloads on AWS and other public clouds.
Customers have been adopting multicloud strategies while migrating more applications to the cloud. With AWS Interconnect - multicloud, AWS simplified the way cloud services providers (CSPs) offer managed, highly-resilient, private connectivity for customers. The specification that powers Interconnect is open and already adopted by Google Cloud and Oracle Cloud Infrastructure (currently in Public Preview), with Microsoft Azure coming later in 2026.
Today we are making it easier for customers to evaluate, test, and operate workloads between AWS and another CSP. The new Free Tier Interconnect gives customers a fully managed, 500 Mbps Interconnect to another CSP at no charge on the AWS side, with the same network path, facility, and device resiliency as our paid offering. The other CSP determines their pricing and charges independently of AWS for their side of the infrastructure. Please review the other CSP's pricing before creating your Interconnect.
With a 500 Mbps Interconnect, you can transfer approximately 160 TB of data per month, enough to support significant multicloud workloads, data replication, or hybrid application architectures without incurring AWS Interconnect charges. To help customers monitor their network health and performance across clouds, each Free Tier multicloud Interconnect includes an Amazon CloudWatch Network Synthetic Monitor at no extra cost.
The Free Tier is limited to one local (Tier 1) Interconnect per customer, per AWS Region to each CSP that is Generally Available with AWS and is subject to the AWS Service Terms.
To get started, use the AWS Direct Connect Console and select AWS Interconnect from the navigation menu. To learn more, visit the AWS Interconnect User Guide.
Amazon Redshift now allows you to get started with Amazon Redshift Serverless with a lower data warehouse base capacity configuration of 4 Redshift Processing Units (RPUs) in the Asia Pacific (Hong Kong), Asia Pacific (Seoul), Canada (Central), Europe (London), South America (Sao Paulo), AWS GovCloud (US-East), and AWS GovCloud (US-West) regions. Amazon Redshift Serverless measures data warehouse capacity in RPUs. 1 RPU provides you 16 GB of memory. You pay only for the duration of workloads you run in RPU-hours on a per-second basis. Previously, the minimum base capacity required to run Amazon Redshift Serverless was 8 RPUs. You can start using Amazon Redshift Serverless for as low as $1.50 per hour and pay only for the compute capacity your data warehouse consumes when it is active. For predictable workloads, Amazon Redshift Serverless capacity reservations with 1-year and 3-year terms provide additional price-performance benefits.
Amazon Redshift Serverless enables users to run and scale analytics without managing data warehouse clusters. The new lower capacity configuration makes Amazon Redshift Serverless suitable for both production and development environments, particularly when workloads require minimal compute and memory resources. This entry-level configuration supports data warehouses with up to 32 TB of Redshift managed storage, offering a maximum of 100 columns per table and 64 GB of memory.
To get started, see the Amazon Redshift Serverless feature page, user documentation, and API Reference.
AWS Shield Advanced announces distributed denial-of-service (DDoS) attack flow logs, giving you packet-level visibility into traffic hitting Shield Advanced protected resources during a DDoS attack. The log data is published to Amazon S3, Amazon CloudWatch Logs, or Amazon Data Firehose, for forensic analysis and compliance purposes.
The DDoS attack flow logs, capture critical packet-level details, including source and destination IP addresses, ports, protocols, packet and byte counts, source country information, and others. The log data is automatically published to your chosen destination at 5-minute intervals during active attacks. Once published, you can retrieve and analyze your flow log data using your preferred analytics tools, enabling post-incident investigation, threat intelligence gathering, and compliance reporting. To enable flow logs, you must protect the resources with Shield Advanced, and configure log delivery based on your destination.
The feature is avaialble in all regions where AWS Shield Advanced is available. To learn more about configuring and using DDoS attack flow logs, visit the AWS Shield Advanced documentation.
Amazon Connect Customer now supports scheduling tasks up to 90 days in advance, helping organizations plan, route, and track long-running follow-up work. For example, an insurance team managing an auto repair claim can schedule future tasks for an adjuster visit, parts availability check, and repair completion follow-up, with each task routed to the right team at the right time with relevant claim context. You can schedule tasks using the StartTaskContact API, flows, or the agent workspace.
This feature is available in all commercial and AWS GovCloud (US) regions where Amazon Connect Customer is offered. To learn more, see our documentation. To learn more about Connect Customer, visit the Amazon Connect Customer website.
AWS HealthLake now provides native support for healthcare payers to comply with the CMS Interoperability and Prior Authorization Final Rule (CMS-0057-F). This rule requires Medicare Advantage organizations, Medicaid managed care plans, CHIP managed care entities, and Qualified Health Plan (QHP) issuers to implement four standardized FHIR-based APIs by January 1, 2027.
Patient Access API
CARIN IG for Blue Button® 2.1.0 — enables patients to access their claims, encounter data, and prior authorization information through third-party applications
SMART App Launch 2.0.0 — provides secure, standards-based authorization for patient-facing applications
DaVinci PDex Drug Formulary 2.1.0 — allows patients to query drug coverage information
API use metrics collection — supports the annual reporting requirement for aggregated, de-identified Patient Access API usage data
Provider Access API
CARIN IG for Blue Button® 2.1.0 — enables sharing of patient claims and encounter data with in-network providers
DaVinci PDex 2.1.0 — supports payer-to-provider clinical data exchange
DaVinci PDex Drug Formulary 2.1.0 — provides drug formulary information to treating providers
Consent management integration — supports patient opt-out workflows and provider attribution through integration with AWS services
Payer-to-Payer API
CARIN IG for Blue Button® 2.1.0 — facilitates claims and encounter data exchange between payers
DaVinci PDex 2.1.0 — supports clinical data exchange across payer boundaries
$bulk-member-match operation — enables payers to identify shared members at scale for data exchange, supporting the requirement to request patient data from previous payers within one week of coverage start
$bulk-member-match status tracking — provides asynchronous status polling for large-scale member matching operations
DaVinci Data Export — supports bulk FHIR data export aligned with the DaVinci implementation guide for efficient payer-to-payer data transfer
Group Discovery APIs — enables auto-discovery of resource types available for export, streamlining payer-to-payer integration
Consent management integration — supports patient opt-in workflows required for payer-to-payer data exchange
Prior Authorization API
DaVinci Coverage Requirements Discovery (CRD) 2.1.0 — allows providers to query whether prior authorization is required and discover documentation requirements for items and services
DaVinci Documentation Templates and Rules (DTR) 2.1.0 — supports compilation of necessary documentation to accompany prior authorization requests
DaVinci Prior Authorization Support (PAS) 2.1.0 — enables end-to-end electronic prior authorization including submission, status tracking, and decision communication via FHIR APIs
SMART App Launch 2.0.0 — provides secure authorization for prior authorization workflow applications
Prior authorization metrics support — enables payers to collect and expose required metrics including approval rates, denial rates, appeal outcomes, and average decision timeframes
AWS HealthLake is a HIPAA-eligible service. Customers are responsible for determining their own compliance obligations under CMS-0057-F and should consult with legal and compliance counsel regarding their specific requirements.
AWS HealthLake is available in the US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Europe West (London), Europe (Ireland), and Asia Pacific SouthEast (Sydney) Regions. Visit the AWS Region Table to see all the regions.
To learn more, see the AWS HealthLake product page and AWS HealthLake Developer Guide.
AWS End User Messaging now supports RCS for Business messaging in 20 additional countries, bringing the total to 22. Businesses can now send verified, branded RCS messages to customers in Austria, Brazil, Colombia, Czech Republic, Denmark, Dominican Republic, France, Germany, Guatemala, Italy, Mexico, Netherlands, Norway, Peru, Poland, Singapore, Slovakia, Spain, Sweden, and the United Kingdom, in addition to the United States and Canada.
Customers can use the existing SendTextMessage API to send RCS messages to these countries with no application changes. Messages are delivered from a recognized
business identity, and when a recipient's device does not support RCS, they automatically fall back to SMS for reliable delivery.
RCS for Business is available in all AWS Regions where AWS End User Messaging is available. Pricing varies by destination country; see the AWS End User Messaging pricing page for details.
To learn more, see RCS for Business in the AWS End User Messaging User Guide.
Today, Amazon Simple Email Service (SES) launched a new set of deliverability features that help customers get more information about their outbound sending deliverability performance and reputation. Customers can now see the percentage of messages that are placed in recipient spam folders based on samples of industry data, as well as see when their domains and IPs are listed on public email sender block lists. This makes it easier for customers to optimize their sending content to maximize customer engagement.
Previously, customers could use SES' Virtual Deliverability Manager to visualize the full end-to-end journey of email deliverability metrics. This included delivery rates, bounce rates of various types, as well as complaint, open and click rates. Customers did not have visibility into how many emails were placed in the spam folder, making it difficult to estimate how many emails were actually seen by recipients. Now, based on representative data sampled from the industry, customers can see inbox placement rates by sending domain and campaign. Customers can also pro-actively test candidate email content to estimate inbox placement rates at top mailbox providers before sending to any of their target recipients. Finally, customers get peripheral awareness and passive monitoring of industry blocklist activity, helping to identify when a reputation change may affect their ability to send emails to mailbox providers.
SES supports inbox placement rates and blocklist monitoring in all AWS commercial regions where SES is available.
For more information, see the documentation for the Virtual Deliverability Manager global deliverability.
This post demonstrates a comprehensive observability solution using Amazon Managed Grafana dashboards that provides a holistic view of both quality and quantity for LLMs served on Amazon SageMaker AI endpoints with inference components.