LogiCast AWS News (Video)

In Season 4, Episode 16 Karl & Jon are joined by AWS Hero, Sathyajith Bhat. They discuss Amazon CloudFront Anycast static IPs for Apex domains, AWS simplifying VPC peering billing, AWS Backup restore testing, sustainability challenges with AI and hyperscale data centers, CMA probe into cloud provider dominance and licensing costs and the guys went off on a tangent about the carbon footprint of generating AI action figure dolls.
 
08:53 - Amazon CloudFront now supports Anycast static IPs for Apex domains 
This new feature allows users to point their Apex (naked) domains directly to CloudFront without using CNAME flattening or alias records. It simplifies DNS configuration and reduces the number of IPs needed for allowlisting. The feature is particularly useful for organizations still using basic DNS providers and those requiring IP whitelisting for CDNs.
15:08 - AWS simplifies VPC peering billing 
AWS has made changes to simplify billing for VPC peering by separating inter-availability zone data transfer charges from VPC-to-VPC traffic. This change makes it easier for customers to understand their costs related to VPC peering and inter-AZ data transfer. While it doesn't affect the actual charges, it provides more clarity in billing statements.
21:22 - AWS Backup restore testing and its importance
AWS Backup now offers automated restore testing, allowing users to validate their backups regularly. This feature is crucial for ensuring data recoverability and meeting various compliance standards. The article emphasizes the importance of testing backups and provides insights into how the restore testing process works within AWS Backup.
31:04 - Sustainability challenges with AI and hyperscale data centers 
The article discusses the growing concern over the massive energy consumption of AI and hyperscale data centers. It highlights the conflict between tech companies' sustainability pledges and the increasing power demands of AI workloads. The discussion touches on various potential solutions, including nuclear power and carbon capture technologies, while acknowledging the complexity of the issue.
40:04 - CMA probe into cloud provider dominance and licensing costs
The UK's Competition and Markets Authority (CMA) is investigating the dominance of major cloud providers. AWS and Google are claiming that Microsoft's licensing practices for running Windows servers on their clouds are unfair. The article discusses AWS's claim that 50% of Azure workloads would move to other clouds if licensing costs were more favorable, though this claim is met with skepticism by the podcast participants.
 

In Season 4, Episode 15 Karl & Jon are joined by AWS Community Builder and core member of the Armenia UG*, Tigran Gevorgyan. They discuss Meta's Llama 4 models on Amazon SageMaker, prompting for best price performance with AWS AI models, patched vulnerability in the Amazon EC2 SSM agent, using OpenSearch and Managed Grafana for telemetry data correlation, updates to the AWS Well-Architected Framework and then the guys started discussing the merits of different sports teams' merchandise, completely forgetting they were supposed to be talking about AWS news.
 
09:02 - Meta's Llama 4 models on Amazon SageMaker JumpStart 
The article discusses the availability of Meta's Llama 4 models on Amazon SageMaker JumpStart. The speakers highlight the importance of model naming conventions and note that SageMaker is getting new models, which is significant given the recent focus on Bedrock. They discuss the differences between Bedrock and SageMaker, with SageMaker offering more control and customization options.
15:26 -  Prompting for best price performance with AWS AI models 
This article from the AWS Machine Learning blog focuses on optimizing price performance through efficient prompting. The discussion compares the costs of OpenAI's GPT models with Amazon's Nova models, highlighting potential cost savings. The speakers also touch on the differences in prompting techniques between the two systems and the potential challenges of transitioning from GPT to Nova.
22:37 - Amazon EC2 SSM agent vulnerability patched 
The article discusses a recently patched vulnerability in the Amazon EC2 SSM agent. The speakers explain the nature of the vulnerability, which involved privilege escalation via path traversal. They emphasize the importance of keeping systems updated and note that while the vulnerability required multiple steps to exploit, it's crucial to address such issues promptly.
28:29 - Correlating telemetry data with Amazon OpenSearch Service and Amazon Managed Grafana
This article from the AWS Big Data blog discusses using OpenSearch and Managed Grafana for telemetry data correlation. The speakers debate the complexity and cost of this solution, particularly for Kubernetes environments. They suggest considering alternatives like AWS X-Ray or Datadog, depending on specific needs and budget constraints.
34:53 - New guidance in AWS Well-Architected Tool 
The podcast discusses recent updates to the AWS Well-Architected Framework, including 78 new best practices. The speakers emphasize the importance of staying updated with these best practices and encourage solution architects and DevOps professionals to utilize this resource. They also criticize the pricing structure of the Well-Architected Tool, which is tied to AWS support subscription levels.
 
*AWS Armenia user group (https://www.linkedin.com/company/aws-user-group-armenia/), and community day (https://aws-community-day.am/) 

In Season 4, Episode 14 Karl & Jon are joined by Tangara Aymen. They discuss Amazon CloudWatch Application Signals, AWS Step Functions SDK Expanded Integrations, Amazon Bedrock Guardrails Image Content Filters, Australian Fintech Data Leak, AWS Commitment to Open Source and then the guys joked about writing horror films called "Attack of the Leaky Buckets" and "Attack of the Bad Internet" after experiencing connectivity issues during the podcast.
 
04:25 - Monitor service dependencies with Amazon CloudWatch Application Signals SLOs 
CloudWatch is getting more features, including application signals for monitoring service dependencies and Service Level Objectives (SLOs). This allows for more precise tracking of performance at the individual request level, improved error budgeting, and cross-account observability. The functionality is becoming comparable to third-party monitoring tools like Datadog or New Relic.
13:27 - AWS Step Functions expands SDK integrations with Amazon Backup Search and 137 additional APIs 
AWS has added 137 new API integrations to Step Functions, including Amazon Backup Search. This allows for easier orchestration of backup discovery and management without writing additional code. While it expands capabilities, it may make Step Functions less testable due to the complexity of testing around these integrations.
20:35 - Amazon Bedrock Guardrails announces the general availability of industry-leading image content filters 
Bedrock Guardrails has released generally available image content filters to detect and block harmful content. This can be useful for protecting sensitive audiences and reducing the need for manual content moderation. However, there are concerns about potential over-blocking of legitimate content.
28:52 - 27,000 records in Australian fintech database were exposed 
An Australian fintech company exposed approximately 27,000 records due to an unsecured S3 bucket. This highlights the ongoing issue of "leaky buckets" and the importance of proper security measures and monitoring for cloud storage.
33:06 - AWS Cloud Credits for Open Source Projects: Affirming Our Commitment
AWS has reaffirmed its commitment to open source projects by offering cloud credits, including $3 million annually to the Kubernetes project. While the credits are beneficial, there was discussion about whether direct financial support would be more valuable for open source communities.

In Season 4, Episode 13 Karl & Jon are joined by Sam Waweru They discuss Amazon Application Recovery Controller's new AWS FIS recovery action, AWS CloudFormation's targeted resource scans, Secrets Management, AWS's detailed geographic information, S3 bucket data leak and then the guys joked about Jon's ever-changing office furniture, wondering if he'd finally settle on a therapist's couch given how often he needs therapy after recording the podcast.
 
03:11 - Amazon Application Recovery Controller announces AWS FIS recovery action for zonal autoshift 
This new feature allows users to simulate the loss of an AWS availability zone, helping to validate multi-AZ architectures and disaster recovery plans. It's particularly useful for industries like finance and healthcare that require rigorous testing of failover scenarios. The feature can help identify overlooked issues in complex environments with multiple microservices.
 
09:43 - AWS CloudFormation now supports targeted resource scans in the IaC generator 
This update to the IAC generator allows users to specify which types of resources they want to include in their CloudFormation templates. This makes the tool more viable for real-world use, as it reduces the amount of unnecessary resources included in the generated templates. The feature is particularly useful for those working within the AWS ecosystem, though it may not sway users away from other tools like Terraform.
 
15:38 - Why Secrets Management Should Be A Central Pillar Of Cloud Security 
The article discusses the importance of proper secrets management in cloud security. It covers common ways secrets are exposed, such as hardcoded credentials and misconfigured cloud storage. The piece also outlines best practices, including centralizing secret storage, implementing least privilege access, and automated secret rotation. The discussion highlighted the ongoing challenges of secrets management and access control in cloud environments.
 
23:50 - Detailed geographic information for all AWS Regions and Availability Zones is now available 
AWS has released more explicit information about the geographic locations of its regions and availability zones. While much of this information could be inferred before, it's now clearly stated, potentially to appease regulators. The information includes specific countries and cities for regions and edge locations, which can help organizations select locations to reduce latency and meet compliance requirements.
 
29:52 - Juicy customer data’ leaked from Nine 
The article reports on a data leak from a misconfigured S3 bucket, exposing customer names, addresses, and contact information. While the leaked data wasn't as "juicy" as the headline suggested, it highlights the ongoing issue of misconfigured cloud storage. The incident emphasizes the importance of proper access controls, regular audits, and careful management of third-party contractors who may have access to sensitive data.

In Season 4, Episode 12 Karl & Jon are joined by AWS DevTools Hero and User Group Lead Johannes Koch. They discuss AWS CodePipeline new feature, AWS KMS CloudWatch metrics, Amazon Q Business browser extension upgrades, AWS SNS potential abuse, AI-powered features in Amazon Connect and then the guys started comparing their gym routines, completely forgetting they were supposed to be talking about AWS news.
 
03:55 - AWS CodePipeline supports invoking pipeline execution with a new action type 
The new feature allows direct execution of other CodePipelines within an existing pipeline. This enables better orchestration of complex deployments, especially in enterprise environments. The speakers discussed the evolution of CodePipeline and its positioning in the AWS ecosystem.
17:23 - AWS KMS CloudWatch metrics help you better track and understand how your KMS keys are being used 
This feature helps track and understand KMS key usage through CloudWatch metrics. The discussion touched on the importance of monitoring KMS usage for cost optimization and security purposes. The speakers noted that this feature should have been available earlier.
25:17 - AWS announces new upgrades to the Amazon Q Business browser extension 
The update allows users to access company knowledge bases and handle images/attachments within the browser extension. The speakers discussed the potential benefits for businesses but also raised concerns about data security and AWS's strategy in targeting end-users.
34:05 - AWS SNS Abused To Exfiltrate Data & Phishing Attack
The article discussed how AWS Simple Notification Service could potentially be used to exfiltrate data in certain scenarios. The speakers agreed that while possible, this requires multiple security failures and emphasized the importance of following security best practices.
41:01 - Introducing the next generation of Amazon Connect: AI-powered interactions that strengthen customer relationships and improve business outcomes 
AWS introduced new AI capabilities in their contact center solution, Amazon Connect. The speakers discussed the potential improvements in customer service, analytics, and efficiency that these features could bring to contact centers.

In Season 4, Episode 11 Karl & Jon are joined by AWS Community Builder, Joe Stech. They discuss Amazon EC2 allowing AMIs now integrating with AWS Config, Amazon DynamoDB on-demand capacity mode, long-term backup options for Amazon RDS and Amazon Aurora, DeepSeek R1 model, misconfigured AWS S3 bucket exposing US nurses' data and then the guys started debating whether to call it "Glacier Potato" or "Deep Freeze Fries" as the next AWS storage tier!
 
04:00 - Amazon EC2 Allowed AMIs now integrates with AWS Config 
This feature allows easier monitoring of the impact of enabling allowed AMIs in EC2. It's particularly useful for regulated and secure environments where only approved, hardened images can be used. The integration with AWS Config simplifies the process of tracking and auditing AMI usage across accounts.
 
07:52 - Demystifying Amazon DynamoDB on-demand capacity mode 
The article addresses 11 myths about DynamoDB's on-demand capacity mode, covering cost, performance, scaling, and implementation misconceptions. The discussion highlights that many of these "myths" are not widely held beliefs among experienced users, but may be helpful for those less familiar with the service or dealing with outdated information.
 
19:00 - Long-term backup options for Amazon RDS and Amazon Aurora 
The article outlines various options for long-term database backups beyond the standard 35-day retention period. These include manual snapshots, using AWS Database Migration Service, exporting snapshots to S3, and database-specific dump tools. The discussion emphasized that while long-term backups are rarely used for recovery, they may be necessary for compliance and auditing purposes.
 
27:26 - DeepSeek-R1 now available as a fully managed serverless model in Amazon Bedrock
The DeepSeek R1 model is now available as a fully managed serverless model in Amazon Bedrock. This means users don't need to run the model themselves, and it's now priced per token like other managed models. The discussion touched on potential concerns about the model's Chinese origins and data security.
 
34:26 - Misconfigured AWS S3 Bucket Exposes Us Nurses' Data 
A misconfigured S3 bucket led to the exposure of sensitive data belonging to 86,000 US nurses. The discussion highlighted that while such incidents have become less common due to AWS's improved security measures, there might be a potential increase in similar incidents due to the rise of AI-assisted coding by less experienced developers.
 
Our guest's  blog: https://joeste.chand: https://learn.arm.com

In Season 4, Episode 10, Karl & Jon are joined once again by AWS Hero, Brian Tarbox. They discuss automating Amazon RDS credential rotation with AWS Secrets Manager, Microsoft Amazon Q Business integrations, an enhanced local IDE experience for AWS Step Functions, a new agentic coding experience within Amazon Q Developer, the ongoing UK Competition and Markets Authority probe, and the guys joke that Amazon Q Business is the new Clippy (or Qlippy!).04:08 - Automating Amazon RDS credential rotation with AWS Secrets Manager The article discusses a complex process for managing credential rotation for RDS instances with read replicas using Secret Manager. The hosts criticize the approach as overly complicated and question why this isn't a built-in feature, given that both read replicas and secret rotation are recommended best practices.
10:31 - Microsoft 365 for Word and Outlook integrations for Amazon Q BusinessThis integration is compared to Microsoft's old Clippy feature. The hosts question its usefulness, especially for those already using Microsoft's Copilot. They discuss the challenges of AI-generated content matching a user's tone and style.
18:15 - Enhanced local IDE experience for AWS Step FunctionsThe article introduces improvements to the Step Functions experience in VS Code. While the functionality is acknowledged as potentially useful, there's criticism about it being limited to VS Code and not available in other IDEs. The discussion touches on the complexity of large Step Functions workflows and the balance between visual and code-based approaches.
24:24 - Agentic coding experience within Amazon Q Developer CLIThis feature introduces AI-assisted coding within the command-line interface. The hosts express skepticism about its necessity and usefulness, with concerns raised about potential security risks of giving AI access to the shell environment.
31:18 - UK Competition and Markets Authority probe into AWS and Microsoft cloud market dominanceThe article discusses the ongoing investigation into cloud market competition in the UK. The hosts note that the major players (AWS and Microsoft) refute the concerns, while smaller providers endorse the findings. They discuss the complexity of fairly assessing the cloud market and the potential outcomes of such investigations.

In Season 4, Episode 9 Karl & Jon are joined by AWS Community Builder, Craig Johnson. They discuss Centralized Root Access Management for Organizations, Anthropic Claude 3.7 Sonnet, ways to grant cross-account access in AWS, Q Developer, AWS being named a leader in Gartner Magic Quadrant for data integration tools and the guys go off on a tangent about chainsaws!
 
04:43 - AWS Introduces Centralized Root Access Management for Organizations 
AWS has introduced centralized route access management for organizations, allowing easier management of root users across multiple accounts. While not entirely new, this feature consolidates existing capabilities and aligns with best practices for securing root accounts. It's particularly useful for large organizations managing numerous AWS accounts.
10:00 - Anthropic's Claude 3.7 Sonnet is now available in Amazon Bedrock 
The latest version of Anthropic's Claude AI model is now available in Amazon Bedrock. It offers improved capabilities, including extended thinking modes. However, its availability is still limited to certain US regions, which may be problematic for users concerned with data sovereignty or those outside the US.
16:48 - Four ways to grant cross-account access in AWS 
The AWS Security blog outlines four methods for granting cross-account access. The article provides insights into the nuances of each method, such as the differences between trusting an entire account versus a specific role. While informative, the article doesn't offer specific recommendations for which method to use in different scenarios.
20:08 - AWS Chatbot is now named Amazon Q Developer 
AWS has rebranded its Chatbot service as Amazon Q Developer, adding it to the growing Amazon Q product line. This change is seen as primarily a marketing move, with some concerns about potential confusion and the actual benefits of integrating generative AI features into what was previously a straightforward chatbot service.
26:24 - Amazon Web Services named a Leader in the 2024 Gartner Magic Quadrant for Data Integration Tools 
AWS has been positioned in the leaders' quadrant of Gartner's Magic Quadrant for data integration tools. While this recognition highlights AWS's growing presence in the data integration space, the discussion also touched on the limitations and potential biases of Gartner's Magic Quadrant methodology.

In Season 4, Episode 8 Karl & Jon are joined by AWS User Group Lead for "Leeds User Group, Edmund Craske. They discuss Amazon SES Virtual Deliverability Manager tiered pricing, AWS CloudFormation 2024 year in review, free automated tool to hunt for exposed AWS secrets in public repos, AWS Fargate on a budget, best practices to respond to security risks across AWS organizations and Jon shows off his AWS swag blanket that keeps him warm while he waits for his CloudFormation stacks to deploy.
 
08:05 - Amazon SES now offers tiered pricing for Virtual Deliverability Manager
Amazon SES now offers tiered pricing for its Virtual Deliverability Manager (VDM) feature. The new pricing structure makes it cheaper for high-volume email senders, with rates decreasing as the number of emails sent increases. While this change benefits large-scale users, the hosts suggest that for small to medium businesses, other email services might be more suitable due to SES's complexity and stringent requirements.
15:14 - AWS CloudFormation: 2024 Year in Review 
AWS CloudFormation saw numerous improvements in 2024, including faster deployments (up to 40% quicker), improved error handling, and streamlined troubleshooting. The discussion compared CloudFormation to Terraform, with the hosts noting that while CloudFormation has made progress, Terraform still has advantages in certain areas. They highlighted CloudFormation's strengths in handling rate limits and its deployment graph visualization.
23:47 - Check out this free automated tool that hunts for exposed AWS secrets in public repos 
A new open-source tool has been released to scan public repositories for exposed AWS secrets. The hosts discussed the tool's educational purpose and compared it to existing solutions like GitHub's built-in secret scanning. They emphasized the importance of avoiding long-lived credentials and implementing proper security measures to prevent accidental exposure of secrets.
29:48 - AWS Fargate on a Budget
Exploreing cost-saving strategies for running AWS Fargate. The hosts praised the article for its practical approach to reducing Fargate costs by up to 70% for short-lived tasks. They discussed the use of Fargate Spot instances and best practices for handling task interruptions and deregistration delays.
34:10 - Best practices to respond to security risks across your AWS Organizations 
This article, which mysteriously disappeared from the AWS blog, covered security best practices for AWS organizations. The hosts speculated on reasons for its removal but noted that the content seemed valuable and not controversial. They discussed the importance of automating security responses, the AWS Solutions Library for security guidance, and the potential benefits of AWS's security incident response services for organizations with high security requirements.

In Season 4, Episode 7 Karl & Jon are joined by AWS Community Builder, Ryan Cormack. They discuss AWS Step Functions, reshaping AWS CloudFormation stacks with stack refactoring, AWS Verified Access support for non-HTTP resources, AWS's full-year profit and revenue growth, AWS documentation updates and future plans and the guys think Mark Zuckerberg's AI predictions are about as accurate as his metaverse hype – both seem to exist in a virtual reality!
 
05:43 - AWS Step Functions expands data source and output options for Distributed Map 
This update allows Step Functions to process different file formats from S3, including JSONL and delimited files (semicolon and tab). It improves the ability to handle large datasets and reduces the need for data manipulation before processing. The distributed map feature can now handle up to 10,000 concurrent executions, making it powerful for big data processing.
10:45 - Reshape your AWS CloudFormation stacks seamlessly with stack refactoring
This new feature allows users to more easily break down large CloudFormation stacks into smaller, more manageable stacks. It addresses the issues of slow updates and potential errors in large stacks. While not entirely seamless, it provides a much-needed solution for those stuck with large CloudFormation stacks and offers a way to improve infrastructure management.
16:19 - AWS Verified Access support for non-HTTP resources is now generally available 
This feature allows users to connect to private resources like databases without needing bastion hosts or jump boxes. It provides a more secure, token-scoped access method integrated with single sign-on providers. While it requires a client on the user's machine and currently lacks Windows support, it's a step towards simplifying secure access to private resources in AWS.
23:25 - AWS sees full-year profit and revenue growth as AI and public cloud demand soars 
AWS reported significant growth in revenue (19% to $28.8 billion) and profits (up to $10.6 billion) compared to the previous year. The growth is attributed to increased demand for AI and public cloud services. While the exact contribution of AI services to this growth is unclear, the company plans to invest heavily in infrastructure to support AI and related technologies.
31:59 - AWS Documentation update — progress, challenges, and what’s next for 2025 
AWS is improving its documentation with new features like decision guides to help users choose the right services. The company is also exploring AI integration to enhance documentation searchability and summarization. While AWS documentation is generally considered good, there's room for improvement in areas like search functionality and providing more comprehensive examples.