Why Your SSH Is Yelling About Quantum Computers (And How to Fix It)
You SSH into your server and see this: Scary. Let’s break it down. The Threat: Store Now, Decrypt Later Today’s SSH encryption is mathematically strong; breaking it would take a classical computer millions of years. But quantum computers play by different rules. A sufficiently powerful quantum computer running Shor’s algorithm can break the math that…
IaC-First: Why I am Never Touch the AWS Console in Production
“Never touch the AWS console in production” sounds like an extreme rule. It is not. It is the most important operational discipline in a cloud-native team, and the cost of violating it accumulates silently until it causes a major incident. This post explains why, and how to enforce IaC-first development in a real team. The…
Cutting Amazon Bedrock Knowledge Base Costs by ~90%: Migrating from OpenSearch Serverless to Aurora Serverless v2 with pgvector
TL;DR If you are running an Amazon Bedrock Knowledge Base backed by OpenSearch Serverless (AOSS), you are paying a ~$700/month floor before you ingest a single document. For most small and mid-sized RAG workloads, swapping AOSS for Aurora PostgreSQL Serverless v2 with the pgvector extension drops that floor to under $50/month a ~90% cost reduction;…
AWS S3 New Feature: Re-encryption without Movement
The recent release of the UpdateObjectEncryption API marks a significant shift in how we manage data security at scale. Historically, changing the encryption of an S3 object was a “physical” operation; you had to move the bits. Now, it’s a “logical” metadata operation. Technical Deep Dive: Re-encryption without Movement The “magic” behind this update lies…
AWS Monthly (Dec ’25): The Kiro Era Begins
We ended the year with the General Availability of Kiro (Frontier Agents). Kiro is not just a chatbot; it’s a Virtual Software Development Team. Technically, Kiro is an Autonomous Coding Agent. You can assign it a ticket from Jira, and it will: It understands the context of your entire codebase, not just a single file.…
AWS re:Invent 2025: The “Agentic” Era
If 2024 was about talking to LLMs, re:Invent 2025 was about letting them actually do the work. Here is the comprehensive breakdown of the most significant announcements. 1. The Amazon Nova 2 Model Family AWS didn’t just update their models; they built a specialized fleet for different agentic roles: 2. Custom Silicon: Graviton5 & Trainium3…
AWS Monthly (Nov ’25) The Stateful Serverless Revolution
November and re:Invent 2025 brought us the “holy grail” of serverless: AWS Lambda Durable Functions. This feature introduces “Stateful Serverless” directly into the Lambda runtime. By using the new withDurableExecution wrapper, you can now write long-running workflows that persist for up to one year. When your function hits a context.wait() call, the compute is suspended…
AWS Monthly (Oct ’25): Industrializing AI Training
October was the “Quiet before the re:Invent storm,” but it brought the unveiling of Project Rainier. Project Rainier is a massive AI compute cluster featuring over 500,000 Trainium2 chips. Technically, this is one of the largest dedicated AI training environments on the planet. For us, it means the “Industrialization of AI.” The price-to-performance ratio of…
When the Cloud Sneezes, the World Catches a Cold – Lessons from the us-east-1 Meltdown
Today, once again, half the internet went dark not because of a global power failure or a cyber-attack, but because a single AWS region, us-east-1 (N. Virginia), had a bad day. Perplexity went down. Amazon itself stumbled. Substack, Signal, Fortnite, and countless others vanished into the ether. Even services like Statuspage.io, used by companies to…