AWS Macie: Find PII in S3 Before Regulators Do
When a fintech company discovered in late 2023 that 14 months of customer transaction exports — including names, account numbers, and partial...
Latest Publications
AWS Lambda Cold Starts: Causes, Measurement, and Solutions
A Lambda cold start is a tax you pay every time AWS needs to create a new execution environment for your function....
AWS Kinesis: Real-Time Data Streaming with Data Streams, Firehose, and Flink
Kinesis is four distinct services that AWS bundles under one name, which creates genuine confusion. Kinesis Data Streams is a durable ordered...
AWS Inspector v2: Continuous Vulnerability Scanning for EC2, ECR, and Lambda
Inspector Classic (v1) required you to schedule scans, install an agent manually, and remember to run assessments after deployments. Inspector v2, launched...
AWS IAM Roles vs Policies: The Complete Guide
A tweet with 52,894 impressions last September put it plainly: “master IAM roles and policies” was the single skill that separated AWS...
AWS IAM Identity Center: The Right Way to Manage SSO and Multi-Account Access
AWS renamed AWS Single Sign-On to IAM Identity Center in 2022, which confused a lot of people who were still searching for...
AWS GuardDuty: Threat Detection That Actually Works
In 2022, a researcher at Lacework published an analysis of 500 AWS accounts across their customer base. The most common finding was...
AWS Glue ETL Guide: Data Catalog, Crawlers, and Spark-Based Transformations
AWS Glue is a managed ETL service built on Apache Spark, combined with a metadata catalog that integrates across Athena, EMR, Redshift...
AWS FinOps in 2026: Cost Optimization with the Well-Architected Framework
I’ve watched too many teams misunderstand FinOps. They think it means shutting down instances at night or buying bigger discounts. That’s not...
AWS EventBridge Pipes: Point-to-Point Event Integration Without the Glue Code
Before EventBridge Pipes launched in December 2022, connecting an SQS queue to a Step Functions state machine meant writing a Lambda function...
Amazon EFS vs EBS vs S3: Choosing the Right AWS Storage
Three AWS storage services cover most production workloads, and the wrong choice is expensive. EBS costs $0.08/GB-month for gp3, EFS costs $0.30/GB-month...
AWS DevOps Agent: Autonomous Incident Investigation on AWS
On March 31, 2026, AWS made the DevOps Agent generally available. The announcement tweet from @awscloud got 3.3 million views in a...