Welcome to episode 284 of The Cloud Pod – where the forecast is always cloudy! Everybody is in the house this week, and it’s a good thing because since we’ve last recorded re:Invent happened, and we have a LOT to talk about. So let’s jump right in!
Titles we almost went with this week:
- 🥷Amazon Steals from Azure…. We Are Doomed
- 🗑️The Cloud Pod Can Now Throw Away a lot of Code
- 🎮The Cloud Pod Controls the Future
- 🔍The Cloud Pod Observes More Insights
- 🏠We Are Simplicity
- ❌X None of the Above
- 🛑Stop Trying to Make Bedrock & Q Happen
- 💥My Head Went SuperNova over all the Q Announcements
- 🥸These are Not the Gadgets Bond Needed, Q!
A big thanks to this week’s sponsor:
We’re sponsorless! Want to get your brand, company, or service in front of a very enthusiastic group of cloud news seekers? You’ve come to the right place! Send us an email or hit us up on our slack channel for more info.
AWS
08:12 It’s the re:Invent recap!
Did you make any announcement predictions? Let’s see how our hosts’ predictions stacked up to reality.
Matt – 1
- Large Green Computing Reinvent
- LLM at the Edge
- Something new on S3✅
Ryan (AI) – 1
- Improved serverless observability tools
- Expansion of AI Driven workflows in datalakes✅
- Greater Focus on Multi-Account or Multi-region orchestration, centralized compliance management, or enhanced security services
Jonathan – 0
- New Edge Computing Capabilities better global application deployment type features. (Cloudflare competitor maybe)
- New automated cost optimization tools
- Automated RAG/vector to S3
Justin – 2
-
- Managed Backstage or platform like service
- New LLM multi-modal replacement or upgrade to Titan✅
- Competitor VM offering to Broadcom✅
Honorable Mentions:
Jonathan:
Deeper integration between serverless and container services
New region
Enhanced Observability with AI driven debugging tool✅
Justin:
Multicloud management – in a bigger way (Anthos competitor)
Agentic AI toolings
New ARM graviton chip
How many will AI or Artificial Intelligence be said: 45
Justin – 35✅
Jonathan – 72
Pre:Invent
There were over 180 announcements, and yes – we have them all listed here for you. You’re welcome.
17:12 Time-based snapshot copy for Amazon EBS
- Now you can specify a desired completion duration, from 15 minutes to 48 hours when you copy an Amazon EBS snapshot within or between Amazon regions or accounts.
- This will allow you to meet your time-based compliance and business requirements for critical workloads, mostly around DR capabilities.
- We’re just glad to see this one finally, because having it built in directly to the console to guarantee that EBS snapshots make it to the other region is a big quality of life enhancement.
Announcing future-dated Amazon EC2 On-Demand Capacity Reservations
Introducing a new experience for AWS Systems Manager
Improve your app authentication workflow with new Amazon Cognito features
Track performance of serverless applications built using AWS Lambda with Application Signals
Announcing a visual update to the AWS Management Console (preview)
Amazon CloudFront now accepts your applications’ gRPC calls
20:50 Amazon and Anthropic deepen strategic collaboration
- Amazon and Anthropic deepened their strategic collaboration with another $4 billion investment from Amazon to also use their Neutronium chips, which came up later on Mainstage at Monday Night Live and as well as on Matt’s presentation.
Container Insights with enhanced observability now available in Amazon ECS
AWS Clean Rooms now supports multiple clouds and data sources
21:34 New physical AWS Data Transfer Terminals let you upload to the cloud faster
- New physical AWS data transfer terminals let you upload to the cloud faster.
- So, we got rid of the trucks.
- We got rid of the disks that we send you in the mail.
- BUT If you have your own disks that you’d like to bring to a physical location in either Los Angeles or New York, you can connect them with the cable directly to the Amazon cloud through a public endpoint that is available. (We assume it’s in a secure building or something.)
- Basically you reserve a time slot to visit your nearest location and upload that data quickly to your AWS public endpoint.
Enhance your productivity with new extensions and integrations in Amazon Q Business
Announcing Amazon FSx Intelligent-Tiering, a new storage class for FSx for OpenZFS
New RAG evaluation and LLM-as-a-judge capabilities in Amazon Bedrock
23: 52 New AWS Security Incident Response helps organizations respond to and
- AWS announced that the new AWS Security Incident Response Service designed to help organizations manage security events quickly and effectively, services purpose-built to help customers prepare for, respond to, and recover from various security events, including account takeovers, data breaches, and ransomware is now available. It essentially automates the triage, and there’s 24 hour customer service for assistance.
- Your security response team will appreciate this one.
- We approve.
New APIs in Amazon Bedrock to enhance RAG applications, now available
Connect users to data through your apps with Storage Browser for Amazon S3
Introducing new PartyRock capabilities and free daily usage
Amazon MemoryDB Multi-Region is now generally available
Introducing default data integrity protections for new objects in Amazon S3
Simplify governance with declarative policies
AWS Verified Access now supports secure access to resources over non-HTTP(S) protocols (in preview)
Announcing AWS Transfer Family web apps for fully managed Amazon S3 file transfers
Use your on-premises infrastructure in Amazon EKS clusters with Amazon EKS Hybrid Nodes
Streamline Kubernetes cluster management with new Amazon EKS Auto Mode
Now available: Storage optimized Amazon EC2 I7ie instances
New Amazon CloudWatch and Amazon OpenSearch Service launch an integrated analytics experience
Amazon FSx for Lustre increases throughput to GPU instances by up to 12x
Networking
AWS announces Block Public Access for Amazon Virtual Private Cloud
25:39 AWS PrivateLink now supports cross-region connectivity
- PrivateLink now supports cross-region connectivity.
- Until now, interface VPC endpoints only support connectivity to VPC endpoint services in the same region.
- This allows neighboring customers to connect to VPC endpoint services hosted in other AWS regions in the same AWS partition over interface endpoints.
- We like this one, because some of the limitations of being restricted to specific regional targets was a bit difficult.
AWS Cloud WAN simplifies on-premises connectivity via AWS Direct Connect
Cross-zone enabled Application Load Balancer now supports zonal shift and zonal autoshift
Amazon VPC IPAM now supports enabling IPAM for organizational units within AWS Organizations
26:23 Amazon CloudFront announces VPC origins
- Amazon CloudFront now announces VPC Origins.
- This is a feature Justin especially has wanted forever. It basically allows a customer to use CloudFront to deliver content from applications hosted in VPC private subnets, and with the VPC Origins, customers can have their ALB, NLB, or EC2 instance in that private subnet that’s accessible only through their CloudFront distribution.
- Now you don’t have to do the dance where you go from CloudFront to a public endpoint to go to your private endpoint anymore. Woohoo!
Load Balancer Capacity Unit Reservation for Application and Network Load Balancers
Amazon CloudFront now supports gRPC delivery
Compute
Amazon EC2 Auto Scaling introduces highly responsive scaling policies
Amazon EC2 introduces provisioning control to launch instances on On-Demand Capacity
AWS Resilience Hub introduces a summary view
Amazon EC2 added New CPU-Performance Attribute for Instance Type Selection
27:36 Amazon EC2 now provides lineage information for your AMIs
- Amazon EC2 has taken the great container lineage capabilities you have there, where you can see where the container got created and then how many times people added or modified it.
- They brought that to you AMIs.
- So if you want AMI lineage, you can now get that.
- You can easily trace and copy or find the derived AMI back to the original AMI source through the records, which is important for some organizations who have heavy duty FOM requirements and/or they have image factory type solutions that basically create golden images of AMIs and they need to be able to see if it’s the one.
37:14 📢 Matthew – “…this solves a Lambda that they posted, I think, probably like five, seven years ago, which was just a Lambda that watches the public endpoints, IP addresses for CloudFront, and just would update your security group rules so that you could only have that accessing it. I think I’ve deployed like 30 times, and every time you have to do a security group expansion, because it’s over 50 IP ranges, it’s always fun.”
Databases
Announcing Provisioned Timestream Compute Units (TCUs) for Amazon Timestream for LiveAnalytics
Amazon Redshift multi-data warehouse writes through data sharing is now generally available
28:25 AWS DMS now supports Data Masking
- Amazon database migration service now supports data masking, allowing you to automatically remove sensitive data at the column level during migrations to help comply with GDPR, et cetera.
- This makes DMS now even more interesting if you’re trying to keep a dev environment replicated with somewhat accurate production data without having actual customer data there.
- DMS is more than just migrations; it can also keep things in sync, so this is a nice capability, that you don’t have to build in glue or some other terrible ETL process.
AWS DMS now delivers improved performance for data validation
Amazon RDS Blue/Green Deployments Green storage fully performant prior to switchover
Amazon ElastiCache version 8.0 for Valkey brings faster scaling and improved memory efficiency
Amazon RDS Blue/Green Deployments support storage volume shrink
Amazon Aurora Serverless v2 supports scaling to zero capacity
Storage
Amazon EBS announces Time-based Copy for EBS Snapshots
29:01 Amazon S3 now supports enforcement of conditional write operations for S3 general purpose buckets
- Amazon S3 now supports enforcement of conditional write operations for S3 general purpose buckets.
- Using bucket policies, this enforcement of conditional writes, you can mandate the S3 check the existence of an object before creating it in your bucket.
- Then you can also mandate the S3 check the state of the object content before updating your bucket.
- This will help you simplify distributed apps for preventing unintentional data overwrites, especially in high concurrency and multi-writer scenarios.
- So… it only took them how many years to fix this problem? Thanks.
Amazon S3 adds new functionality for conditional writes
Mountpoint for Amazon S3 now supports a high performance shared cache
AWS Backup for Amazon S3 adds new restore parameter
Announcing customized delete protection for Amazon EBS Snapshots and EBS-backed AMIs
Containers
AWS announces support for predictive scaling for Amazon ECS services
Devops/System Management
30:03 The new AWS Systems Manager experience: Simplifying node management
- They now streamline your node management, and now provide you access to see if it’s an EC2 instance, if it’s an on-prem instance, or if it’s a hybrid instance on top of Outpost or something else.
- This wasn’t quite what we were looking for in the systems manager improvement camp, but that’s what they gave us. Wop wop.
AWS CloudFormation Hooks now allows AWS Cloud Control API resource configurations evaluation
Announcing AWS CloudFormation support for Recycle Bin rules
Observability
Application Signals provides OTEL support via X-Ray OTLP endpoint for traces
Announcing new Amazon CloudWatch Metrics for AWS Lambda Event Source Mappings (ESMs)
Amazon CloudWatch launches full visibility into application transactions
Amazon CloudWatch Internet Monitor adds AWS Local Zones support for VPC subnets
Amazon CloudWatch Application Signals launches support for Runtime Metrics
AI/Machine Learning
Amazon Bedrock Agents now supports custom orchestration
Introducing Advanced Scaling in Amazon EMR Managed Scaling
Announcing InlineAgents for Agents for Amazon Bedrock
Amazon EC2 Capacity Blocks now supports instant start times and extensions
Amazon Bedrock Flows is now generally available with two new capabilities
Introducing Prompt Optimization in Preview in Amazon Bedrock
Q
Amazon Q Business now available as browser extension
Amazon Q Developer Pro tier introduces a new, improved dashboard for user activity
Amazon Q Developer can now provide more personalized chat answers based on console context
Introducing Amazon Q Apps with private sharing
Amazon Q Apps introduces data collection (Preview)
Amazon Q Developer Chat Customizations is now generally available
Smartsheet connector for Amazon Q Business is now generally available
SES Mail Manager adds delivery of email to Amazon Q Business applications
AWS Announces Amazon Q account resources chat in the AWS Console Mobile App
Amazon Q Business now supports answers from tables embedded in documents
Finops
Amazon Q Developer now provides natural language cost analysis
31:51 AWS delivers enhanced root cause insights to help explain cost anomalies AWS Billing and Cost Management announces Savings Plans Purchase Analyzer
AWS Compute Optimizer now supports idle resource recommendation
- New enhanced root cause insights are available to help explain cost anomalies.
- They’ll tell you why your cost has ballooned three or four thousand dollars, without you having to go figure it out yourself, which is handy.
- They also gave you a new savings plan purchase analyzer, which allows you to quickly estimate the cost, coverage, and utilization impact of your plan savings plan purchase.
- That’s sort of the opposite of giving you the prediction – or like giving you the recommender is now saying, okay, if you bought the recommendation, here’s what it actually would do. So now you get both directions of modeling, which is good.
- AWS compute optimizer now supports idle resource recommendations for you as well.
- So three nice Finops improvements.
AWS announces Invoice Configuration
Quicksight
Amazon QuickSight now supports import visual capability (preview)
Amazon QuickSight launches Highcharts visual (preview)
Amazon QuickSight launches Image component
Amazon QuickSight launches Layer Map
Serverless
AWS Lambda announces Provisioned Mode for Kafka event source mappings (ESMs)
34:25 AWS Lambda supports application performance monitoring (APM) via CloudWatch Application Signals
- Amazon Lambda now supports application performance monitoring or APM via CloudWatch application signals.
- This gives you the ability to see the health and performance of the service application built using Lambda, and makes it easy for you to identify and troubleshoot performance issues to minimize the MTTR and operational costs of running your service app, which you only wanted for a thousand years to have better telemetry inside of Lambda.
- We’ve only wanted this for a thousand years, so thank you for finally delivering that.
Security
Announcing new feature tiers: Essentials and Plus for Amazon Cognito
AWS Amplify introduces passwordless authentication with Amazon Cognito
Amazon Cognito now supports passwordless authentication for low-friction and secure logins
Amazon EC2 introduces Allowed AMIs to enhance AMI governance
Other
Amazon WorkSpaces introduces support for Rocky Linux
RE:INVENT
36:07 Monday Night Live – Said AI or Artificial Intelligence – 10
- Only one announcement during MNL.
- If you’re a hardware nerd, this is definitely the talk to watch.
- Introducing latency-optimized inference for foundation models in Amazon Bedrock
37:14 📢 Jonathan – “It’s hard to connect to as a consumer or a user because it’s not off the shelf stuff. You don’t read about it in PC Magazine and then think, wow, Amazon’s deployed 10,000 of these things. It’s like, no, they built this thing. They designed this thing for this very specific purpose and it’s absolutely amazing and you’re never going to get your hands on it.”
38:02 Tuesday – Matt Garman – Said AI or Artificial Intelligence – 19
- Probably the worst “what is AWS” intro, but we’ll forgive him for that.
- Introducing Amazon Nova: Frontier intelligence and industry leading price performance
- Amazon Nova – replacement for Titan.
- Has 4 models; will be a complex reasoning model.
- Nova also understands rag functions, and has multiple additional components, including:
- Nova Canvas – image generating function
- Nova Reel – state of the art video generation model (Hello, Amazon Prime content.)
43:39 S3 Tables
- Introducing queryable object metadata for Amazon S3 buckets (preview)
- New Amazon S3 Tables: Storage optimized for analytics workloads
- This is their new native Apache iceberg format support inside of S3.
- It comes as a competitor to Parquet files, and allows you to have basically table buckets that can act as iceberg tables, which can be handy for your AI ML use cases and training models.
- They also announced inquirable object metadata for Amazon S3 buckets, which the guys kind of mocked earlier.
- This is basically providing a rich metadata service that’ll allow you to store 20 elements, including the bucket name, object key, creation, modification time, storage class, encryption status, tags, and user metadata that you can define.
- They showed on stage an example of this using a hike image and basically showed several of the parameters of an image, including the image size, et cetera.
44:51 📢 Ryan – “Yeah, I can’t remember if we were actually making fun of this during the show or when we were just preparing for the show, but it’s definitely a feature for Amazon themselves because it was… I’ve abused Amazon as three queries for this exact purpose. I’m sure I wasn’t alone.”
45:35 Q Continuum
Matt went a little off the deep end t walking about Q and Bedrock stuff, including:
- Amazon Q Business is adding new workflow automation capability and 50+ action integrations
- New capabilities from Amazon Q Business enable ISVs to enhance generative AI experiences
- New Amazon Q Developer agent capabilities include generating documentation, code reviews, and unit tests
- Announcing Amazon Q Developer transformation capabilities for .NET (preview)
- Announcing Amazon Q Developer transformation capabilities for .NET, mainframe, and VMware workloads (preview)
- Investigate and remediate operational issues with Amazon Q Developer (in preview)
- Introducing GitLab Duo with Amazon Q
Bedrock
- Introducing multi-agent collaboration capability for Amazon Bedrock (preview)
- Prevent factual errors from LLM hallucinations with mathematically sound Automated Reasoning checks (preview)
- Build faster, more cost-efficient, highly accurate models with Amazon Bedrock Model Distillation (preview)
50:39 Sagemaker – the next kitchen sink! It’s going to be really confusing; don’t say we didn’t warn you.
- Introducing the next generation of Amazon SageMaker: The center for all your data, analytics, and AI
- Amazon SageMaker Lakehouse and Amazon Redshift supports zero-ETL integrations from applications
- Amazon SageMaker Lakehouse integrated access controls now available in Amazon Athena federated queries
- Simplify analytics and AI/ML with new Amazon SageMaker Lakehouse
- New Amazon DynamoDB zero-ETL integration with Amazon SageMaker Lakehouse
- Discover, govern, and collaborate on data and AI securely with Amazon SageMaker Data and AI Governance
- Announcing the general availability of data lineage in the next generation of Amazon SageMaker and Amazon DataZone
52:21 📢 Ryan- “I mean SageMaker was already a kitchen sink for ML solutions, right? Like all the different things that and it made it really difficult to sort of summarize what it was useful for. And now it’s so much worse.”
54:12 EC2 (Matt Garman’s favorite service)
- Matt mentioned that this was his favorite service, since he was the head of it for a while.
- Amazon EC2 Trn2 Instances and Trn2 UltraServers for AI/ML training and inference are now available
- New Amazon EC2 P5en instances with NVIDIA H200 Tensor Core GPUs and EFAv3 networking
56:48 Wednesday (Swamy) – 15 Times
- Accelerate foundation model training and fine-tuning with new Amazon SageMaker HyperPod recipes
- AWS announces Amazon SageMaker Partner AI Apps
- Amazon Bedrock Marketplace: Access over 100 foundation models in one place
- Reduce costs and latency with Amazon Bedrock Intelligent Prompt Routing and prompt caching (preview)
- Announcing GenAI Index in Amazon Kendra
- New Amazon Bedrock capabilities enhance data processing and retrieval
- Amazon Bedrock Guardrails now supports multimodal toxicity detection with image support (preview)
- Use Amazon Q Developer to build ML models in Amazon SageMaker Canvas
- Solve complex problems with new scenario analysis capability in Amazon Q in QuickSight
59:04 Non Keynote or at Partner Keynote
- Introducing Buy with AWS: an accelerated procurement experience on AWS Partner sites, powered by AWS Marketplace
- AWS Education Equity Initiative: Applying generative AI to educate the next wave of innovators
1:00:09 Thursday (Werner) – 1
Complexity isn’t bad.
No announcements
AI or Artificial Intelligence was said 45 times
1:00:25 📢 Jonathan – “…complexity is weird though, because complexity kind of emerges from what he builds. Like, you never go out to build a complex system. It’s just something that naturally happens. And so I appreciated him calling it out and saying that it’s not inherently bad unless it’s something that becomes unreliable or unmanageable.”
Closing
And that is the week in the cloud! Visit our website, the home of the Cloud Pod where you can join our newsletter, slack team, send feedback or ask questions at theCloud Pod.net or tweet at us with hashtag #theCloudPod
Apple Podcasts
Google Podcasts
Stitcher
Spotify
Overcast