Amazon Bedrock Cost Allocation by IAM User and Role
When three teams share a single AWS account and all call Bedrock, figuring out who spent what requires more than just looking...
Latest Publications
Bedrock Agents vs Direct Nova Pro API: Cost and Latency at Scale
At 1,000 multi-step requests per day, Bedrock Agents costs roughly $864/month. Running the same workload against Nova Pro directly with a custom...
Bedrock AgentCore Gateway Server-Side Tool Execution: Cleaner Than Client Tool Loops
On February 24, 2026, AWS announced server-side tool execution for Amazon Bedrock through Amazon Bedrock AgentCore Gateway integration with the Responses API....
Bedrock AgentCore AG-UI: Real-Time Agent Frontends Without Custom Event Plumbing
On March 13, 2026, AWS announced that Amazon Bedrock AgentCore Runtime now supports the Agent-User Interaction protocol, better known as AG-UI. That...
AWS X-Ray: Distributed Tracing for Debugging Microservices
X-Ray answers the question that CloudWatch logs and metrics can’t: why is this specific request slow? Logs tell you something happened. Metrics...
AWS WAF v2: Rate Limiting, Bot Control, and Custom Rules
AWS WAF v2 launched in 2019 and the original WAF Classic is end-of-life — migration ended November 2024. If you’re still on...
AWS Transit Gateway: Hub-and-Spoke Networking at Scale
At five VPCs, full-mesh VPC peering starts to feel manageable. At ten it’s annoying. At twenty, you have 190 peering connections to...
AWS Step Functions Deep Dive: States, Integrations, and Workflows
Step Functions launched in 2016 as a way to sequence Lambda functions without writing glue code. Seven years later, it has grown...
AWS SSM Session Manager: Kill Your Bastion Hosts
Every bastion host in your architecture is a maintenance burden and an attack surface. You need to keep the AMI patched, manage...
AWS Security Hub: Unified Security Posture Management
The average AWS account running production workloads generates findings from at least four different security services: GuardDuty for threat detection, Inspector for...
AWS Secrets Manager Auto-Rotation with Lambda in 2026
I learned the hard way that static credentials are ticking time bombs. A contractor leaves, a key leaks through a misconfigured S3...
AWS Savings Plans vs Reserved Instances: Which Saves More in 2026
The biggest bill shock teams get on AWS isn’t from accidental services left running or an exposed S3 bucket. It’s from paying...