In Season 4, Episode 29, Karl and Jon are joined by AWS Community Builder and Ambassador Niklas Westerstråhle to discuss the AWS Free Tier overhaul, the new Cloud Operations Engineer certification, the launch of the Amazon Kiro AI, and a security issue with misconfigured AWS Organizations policies. They wrap up with thoughts on the latest Amazon/AWS layoffs—and a fun debate over whether Niklas should keep wearing his gold AWS jacket after his certifications expire, like it's some kind of sacred relic that loses its powers.

04:15 - AWS Free Tier Overhaul

The AWS Free Tier has been significantly updated. New accounts now receive up to $200 in credits valid for 6 months instead of the previous 12-month free tier offerings. Users can earn additional credits by completing certain tasks. The new system aims to be more developer-friendly and reduce surprise bills. Accounts are automatically closed after 6 months unless upgraded to paid plans.

15:03 - New AWS Cloud Operations Engineer Certification

AWS is updating the SysOps Administrator certification to become the AWS Certified Cloud Ops Engineer. The exam will include new content on containers and other topics. Existing SysOps Administrator certificate holders will need to take the new exam to earn the Cloud Ops Engineer certification. The change has caused some debate about recertification requirements for those holding multiple AWS certifications.

28:58 - Amazon Kiro AI Coding Assistant

AWS launched Kiro, a new AI-powered coding assistant, currently in preview. It's based on Visual Studio Code and uses Anthropic's AI models. Kiro aims to assist with coding tasks and project setup. AWS is running a competition with $100,000 in prizes for developers to build applications using Kiro

28:23 - AWS Organizations Misconfigured Managed Policy

A security issue was discovered in the AmazonGuardDutyFullAccess managed policy, which could potentially allow attackers to gain full AWS organizational control. AWS has fixed the issue by creating a new version of the policy (with "_V2" appended). Users are advised to review and update their environments to use the new policy version.

34:15 - Amazon/AWS Layoffs

Reuters reported that AWS is cutting hundreds of jobs in its latest round of layoffs. The speakers discussed the scale of these layoffs in context of Amazon's overall workforce and debated the potential impact of AI on employment in the tech industry. They also critiqued the article's presentation of the information, noting that it seemed to conflate Amazon and AWS employee numbers.

In Season 4, Episode 28, Karl and Jon are joined by AWS Community Builder Mahendran Selvakumar. Together, they dive into topics including Amazon’s development of cooling equipment for NVIDIA GPUs to support AI acceleration, the launch of the new AWS Builder Center for the AWS Builder Community, and Amazon's massive AI supercluster—Project Rainier—built for Anthropic. They also explore the upcoming changes to the AWS Free Tier, which will introduce a new credit-based system. And in true Karl fashion, he deftly steers the conversation away from a tangent on uneven sun tans.

05:23 - AWS Transform for VMware

AWS has shifted its strategy from supporting VMware workloads to encouraging migration off VMware entirely. The new AWS Transform for VMware service helps migrate VMware workloads to native AWS services, potentially reducing licensing costs and manual efforts. It supports various migration tasks like network conversion and instance sizing.

12:08 - Amazon cooling equipment for Nvidia GPUs

As AI workloads increase power demands, Amazon is developing in-row heat exchangers to cool Nvidia GPUs more efficiently. This liquid cooling solution can be retrofitted into existing data centers and is designed to handle the extreme heat generated by high-density GPU racks used for AI applications.

17:50 - Amazon CloudWatch and Application Signals MCP servers for AI-assisted troubleshooting

AWS launched two open-source MCP servers for CloudWatch and Application Signals, enabling AI agents to troubleshoot issues via natural language—accessing metrics, logs, traces, and SLOs for faster root cause analysis.

22:23 - New AWS Builder Center

AWS has launched a new Builder Center to unify various community programs and resources. It provides a centralized platform for learning, building, and connecting within the AWS ecosystem. The center includes features like wishlists for suggesting ideas to AWS and supports multiple languages for broader accessibility.

29:17 - Amazon's AI supercluster for Anthropic (Project Rainier)

Amazon is building a massive AI supercomputer cluster for Anthropic, using custom-designed AI chips instead of traditional GPUs. This project demonstrates significant investment in AI capabilities and includes a custom network fabric for high-bandwidth communication between nodes.

34:39 - Changes to AWS Free Tier

AWS is replacing its traditional free tier with a new credit-based system. New accounts will receive $100 in credits valid for 6 months, with restrictions on certain high-usage services. This change aims to simplify the free tier and prevent unexpected charges for new users.

In Season 4, Episode 27, Karl and Jon are joined by AWS Community Member, Tim Dodd. They discuss Amazon DynamoDB Global Tables with multi-region strong consistency, Amazon ECS-optimized Windows Server 2025 AMIs, AWS Backup support for copying S3 backups across regions/accounts in GovCloud, a Chrome extension using AI to summarize web pages, and building a generative AI landing zone on AWS and then the guys realized they’d spent more time talking about the world’s weather than any of the AWS articles.

03:19 - Amazon DynamoDB Global Tables with multi-region strong consistency

This feature allows for strongly consistent multi-region DynamoDB tables, similar to Aurora DSQL. It's currently limited to major AWS regions but enables applications to have the same consistent data across multiple geographic locations. This is useful for disaster recovery, high availability, and serving users in different regions with the same synchronized dataset.

08:49 -Amazon ECS optimized Windows Server 2025 AMIs

AWS has released new Amazon ECS optimized Windows Server 2025 AMIs. While not groundbreaking, this update ensures Windows container users can run workloads on up-to-date host systems. It highlights the ongoing need to support Windows workloads in containerized environments, despite limitations compared to Linux containers.

13:30 - AWS Backup support for copying S3 backups across regions/accounts in GovCloud

This feature allows GovCloud users to copy S3 backups across regions and accounts, bringing capabilities already available in commercial AWS regions to GovCloud. It's particularly relevant for government agencies adopting cloud-first strategies and implementing best practices for data backup and disaster recovery.

20:12 - Chrome extension using AI to summarize web pages

A developer created a Chrome extension that uses AI to summarize web page content. This tool addresses short attention spans and language barriers by providing quick summaries of long articles or content in unfamiliar languages. It demonstrates a practical application of AI for improving web accessibility and information consumption.

26:59 - Building a generative AI landing zone on AWS

This article discusses how to build a generative AI landing zone on AWS, adapting traditional landing zone concepts to AI workloads. It covers foundational guardrails, development fast lanes, composable building blocks, observability, and governance specific to AI applications. The approach aims to provide a secure, compliant, and efficient foundation for deploying AI workloads on AWS.

In Season 4, Episode 25, Karl and Jon are joined by AWS Community Hero Stephen Sennett. They discuss recent AWS security enhancements and active defense measures, including the introduction of exportable public SSL/TLS certificates from AWS Certificate Manager, the enforcement of 100% MFA for AWS root users, and Amazon Inspector’s new code security feature. The conversation also covers AWS’s $20 billion investment in Australian data center infrastructure. The episode wraps up with a light-hearted segment where the hosts compare their sports tape collections, each trying to outdo the other with increasingly outrageous injury stories.

05:45 - AWS improves active defense to empower customers

This article discusses AWS's internal security tools like Madopt, Mythroat, and Sonaris, which help protect customers at scale. It highlights the decreasing trend in global malicious vulnerability exploit attempts and emphasizes AWS's ability to provide security measures that individual organizations cannot match.

16:40 - AWS Certificate Manager introduces exportable public SSL/TLS certificates

AWS now offers exportable public SSL/TLS certificates at competitive prices ($15 for single domain, $150 for wildcard). This new feature allows for end-to-end encryption within the AWS ecosystem and provides a more cost-effective and manageable solution compared to traditional certificate authorities.

26:14 - AWS enforces 100% MFA for root users

AWS has achieved 100% MFA enforcement for root users, addressing a long-standing security concern. This change alters the login flow for new accounts, requiring MFA setup before access is granted. The guys also discusse the importance of hardware MFA solutions for organizations.

35:48 - Amazon Inspector launches code security feature

Amazon Inspector now includes a code security feature that scans code for vulnerabilities and security issues. While not as comprehensive as some existing tools, it provides a convenient option for AWS customers who want to keep their security tooling within the AWS ecosystem.

42:32 - AWS invests $20 billion in Australian data center infrastructure

AWS is investing $20 billion AUD (about $12.8 billion USD) to expand its data center infrastructure in Australia. This investment aims to strengthen Australia's AI capabilities, improve renewable energy usage, and address data sovereignty concerns. The article also mentions AWS's commitment to training 400,000+ people in Australia in cloud skills since 2017.

In Season 4, Episode 24, Karl and Jon are joined by Randall Hunt, CTO of Caylent, for a dynamic and insightful conversation that blends cutting-edge cloud developments with a dash of humor. They dive into some of the latest updates from AWS, including the launch of on-demand key rotation for imported keys via AWS Key Management Service, new application layer 7 DDoS protection for customers using AWS Web Application Firewall and AWS Shield Advanced, and enhanced CloudTrail logging for Amazon S3’s delete objects API, which offers improved auditability and operational visibility. The discussion also explores Amazon’s ambitious investment plans in global data center infrastructure and the introduction of AWS’s new liquid cooling technology designed for next-generation AI data centers. As always, the episode takes an entertaining turn when the conversation veers into a lighthearted tangent about IKEA meatballs and flat-pack furniture.

04:04 - AWS Key Management Service (KMS) on-demand key rotation

This new feature allows users to rotate imported keys, which was previously not possible. It improves key management and security while maintaining backwards compatibility. The pricing model includes additional charges for the first two rotations, with a cap after that.

08:44 - New application layer 7 DOS protection

AWS introduced enhanced DDoS protection for Web Application Firewall and Shield Advanced customers. This feature uses machine learning to quickly learn normal traffic patterns and protect against complex layer 7 attacks, especially with the challenges posed by HTTP/3 and newer protocols.

14:17 - AWS CloudTrail enhanced logging for S3 delete objects API

CloudTrail now provides more detailed logging for S3 delete operations, including bulk deletes. This closes a gap in logging capabilities, making it easier to track and audit object deletions without relying on expensive bucket-level logging.

19:22 - Amazon's data center infrastructure investments

AWS announced significant investments in data center infrastructure globally, including $20 billion in Pennsylvania, $10 billion in North Carolina, and $5 billion in Taiwan. These investments demonstrate AWS's commitment to expanding its cloud infrastructure despite recent reports of AI data center project delays.

26:58 - AWS liquid cooling technology for AI data centers

AWS introduced a new liquid cooling system for its next-generation AI data centers. This closed-loop system allows for more efficient cooling of high-density racks, particularly for GPU workloads. The technology provides flexibility in deployment and doesn't significantly increase water consumption.

In Season 4, Episode 23, Karl and Jon are joined by Cloud Security Consultant, Deep Shankar Yadav for a wide-ranging discussion on recent cloud updates and innovations. They cover the latest enhancements to the AWS Pricing Calculator, including support for discounts and purchase commitments, making it easier for users to estimate and plan costs more accurately. The conversation moves to Amazon EC2's new feature that allows for the deletion of underlying EBS snapshots when deregistering AMIs, helping users streamline storage management. They also explore how Amazon GuardDuty and Amazon Detective can be used together to detect and investigate EC2 malware, providing stronger security insights. The episode highlights how developers can boost productivity with Claude Code and take advantage of prompt caching in Amazon Bedrock. They also reflect on AWS’s launch of a new sovereign cloud in Europe, aimed at addressing data residency and regulatory requirements. To cap it all off, the trio dives into a fun debate over whether karate is fundamentally more offensive or defensive in nature.

04:26 - AWS Pricing Calculator

The AWS Pricing Calculator now supports discounts and purchase commitments, allowing users to get more accurate cost estimates. This update is particularly useful for product businesses and internal teams, but may add complexity for consulting businesses when explaining costs to clients. The tool's effectiveness still depends on accurately knowing usage patterns.

13:25 - Amazon EC2 and EBS snapshots

Amazon EC2 now allows users to delete underlying EBS snapshots when deregistering AMIs. This feature helps clean up orphaned snapshots and reduces storage costs. Users need to enable this option manually, and it won't delete snapshots associated with multiple AMIs.

20:37 - Detecting EC2 malware

The article discusses using Amazon GuardDuty and Amazon Detective together to detect and investigate EC2 malware. While this combination provides a good workflow for security investigations, it requires manual setup and lacks some features found in commercial malware protection offerings, such as automatic quarantine.

27:22 - Claude Code and Bedrock prompt caching

Anthropic's Claude Code is entering the AI coding assistant market, competing with GitHub Copilot and Amazon's Q Developer. The article highlights the benefits of using Claude Code through AWS Bedrock, including data privacy and prompt caching for improved efficiency.

33:24 -AWS sovereign cloud in Europe

AWS is launching a sovereign cloud in Europe, starting in Germany, to address data sovereignty concerns. This separate entity will be governed independently from Amazon Inc. and AWS. The move is seen as a response to growing demands for data localization and sovereignty, particularly in regions like the Middle East.

In Season 4, Episode 22, Karl and Jon are joined by AWS Community Builder Mohit Saxena to unpack the latest in AWS news. They kick things off with the general availability of Amazon Aurora DSQL, followed by updates to Amazon ECS, which now provides more detailed exit reason messages. The conversation moves into developer tools, highlighting how Amazon Q’s Developer CLI agents can be used to automatically generate architecture diagrams. They also explore a new cost comparison feature in AWS Cost Explorer and improvements to the Cost Optimization Hub, which now supports preferences for savings plans and reserved instances. The episode also touches on a recent survey reflecting growing dissatisfaction with the rising costs of cloud computing. Just as the discussion hits full technical stride, things take an unexpected (and hilarious) turn when the trio dives into a spirited debate over the best way to fold a wrap—completely derailing the AWS updates in favor of culinary strategy.

04:58 - Aurora DSQL General Availability

Aurora DSQL, announced at re:Invent 2023, is now generally available. It offers a globally distributed database service with millisecond-level time synchronization, solving distributed time issues. It provides active-active distributed architectures with high availability (99.99% within a single region, 99.999% multi-region) and no single point of failure.

10:54 - ECS Exit Reason Message Increase Amazon ECS has increased the exit reason message character limit from 255 to 1,024 characters. This change makes debugging failed container starts significantly easier by providing more detailed information. The extended message can be accessed through both the management console and the describe tasks API.

14:28 - Architecture Diagrams with Amazon Q

Faye Ellis wrote about creating architecture diagrams using the Amazon Q developer CLI agent. This tool can generate mermaid diagrams or Draw.io compatible diagrams from YAML templates or CloudFormation code. It's a useful feature for visualizing and understanding complex architectures quickly.

20:32 - Cost Explorer and Cost Optimisation Hub

AWS Cost Explorer now offers a new cost comparison feature allowing users to overlay and compare costs from different time periods more easily. It also includes a new widget on the cost management home page showing the top 10 cost variations in the previous two months, making it easier to identify and analyze cost trends.The Cost Optimization Hub now supports savings plans and reservations preferences. Users can set their preferences for upfront payments and commitment terms, allowing for more realistic and aligned cost-saving recommendations based on their financial situation and needs.

30:35 - Cloud Cost Dissatisfaction Survey

A Gartner survey revealed growing dissatisfaction with cloud computing costs. The article suggests that many organizations moved to the cloud without proper planning or workload analysis, leading to higher than expected costs. It highlights the importance of due diligence and proper cloud migration strategies to realize the full benefits of cloud computing.

In Season 4, Episode 21, Karl and Jon are joined by Community Builder Ayhan Setirekli to discuss a range of AWS updates and industry news. Topics include the new EC2 feature: customer-initiated reboot migrations for scheduled events, enhancements to Amazon Inspector for container security, the launch of the AWS Product Lifecycle page, and updates on service availability. They also cover a report revealing that generative AI spending is now surpassing security spending in some organizations, and a widespread misconfiguration in cloud storage buckets exposing over 200 billion files and then the conversation shifted to plumbing—almost as if they were trying to fix a leaky S3 bucket!

06:09 -EC2 Customer-initiated reboot migrations

This feature simplifies the process of rebooting EC2 instances for scheduled maintenance events. Previously, users had to manually stop and start instances, which could be time-consuming. The new feature allows for a simpler reboot process, making it easier for users to manage their instances during maintenance windows.

09:36 - Amazon Inspector container security enhancement

Amazon Inspector now maps Amazon ECR images to running containers, improving visibility and security for containerized workloads. This feature helps users identify vulnerabilities in container images and track where these images are running, making it easier to manage and secure container deployments across ECS and EKS environments.

17:22 - AWS Product Lifecycle page and service availability updates

AWS has introduced a new page that provides information on service deprecations and end-of-life announcements. This addresses previous criticism about lack of communication regarding service discontinuations. The page includes details on end of support dates, migration plans, and access restrictions for new customers, improving transparency for AWS users

24:01 - Generative AI spending overtaking security

A report suggests that some organizations are prioritizing generative AI spending over security budgets. This trend raises concerns about potential security risks, especially as AI adoption introduces new vulnerabilities. The shift in spending priorities is more pronounced in larger companies, while smaller businesses still tend to focus on security investments.

29:15 - Cloud storage bucket misconfiguration

A study revealed that 660,000 misconfigured cloud storage buckets have exposed 200 billion files across multiple cloud providers. This highlights ongoing issues with cloud security practices, despite efforts by providers to improve default security settings. The problem appears to be worsening, with a 30% increase in exposed buckets compared to the previous year.