# 340: Azure releases a new SQL AI Assistant… Jimmy Droptables
Duration: 73 minutes
Speakers: A, Ryan Lucas, Justin Brodley, Matt Kohn
Date: 2026-02-07

## Chapters

1. [00:07] Microsoft Azure releases a new SQL AI assistant, Jimmy Drop Tables
    Azure releases a new SQL AI assistant, Jimmy Drop Tables. Justin, Jonathan, Ryan, and Matthew talk about all things aws, gcp and Azure. Episode 340, recorded for January 27, 2026.

2. [01:16] With all the automation I've created for this podcast, you guys should be just fine
   With all the automation I've now created for this podcast, you guys should be just fine. You don't have to write the shoutouts anymore. And then I'm trying to force you guys to write more. If you're not a newsletter subscriber, do go to the website and enjoy our dispatches.

3. [03:20] Databricks is releasing Black Ice containerized toolkit for AI security testing
   Databricks is releasing Black Ice Fantastic Name, an open source containerized toolkit that bundles 14 AI security testing tools into a single Docker image. Black Ice integrates directly with Databricks model, allowing security teams to test for vulnerabilities like prompt injection.

4. [13:21] OpenAI is launching a free cloud based latex workspace for scientific writing
    Prism is a free cloud based latex workspace for scientific writing. Integrates GPT 552 directly into the research workflow. Offers unlimited projects and collaborators for anyone with a chat GPT personal account. Enterprise plans coming soon for business, enterprise and education customers.

5. [16:03] Route 53 is now supporting 10 new top level domains directly with AWS
   AWS is launching several new Graviton 4 powered instances. Route 53 is now supporting 10 new top level domains including AI nz, shop, bot, moi or moi spot. The timing aligns with increased demand for the AI related branding.

6. [21:54] Amazon Workspaces now supports advanced printer redirection for Windows users
   Amazon Workspaces is now supporting the cutting edge feature of advanced printer redirection for Windows users. It enables access to printer specific features like duplex printing, paper tray selection and finishing options such as stapling and hole punching directly from the virtual desktop. The feature is available in all AWS regions, though it's limited to Windows workspaces and Windows clients only.

7. [25:50] AWS Network Firewall adds URL category based filtering for Geni applications
   AWS Network Firewall is adding URL category based filtering. Allows your security team to enforce policies like blocking unauthorized AI tools. Works by inspecting traffic against predefined URL categories. Available in all AWS commercial regions with no separate pricing.

8. [28:32] How was your executive dinner? Was it lovely?
   How was your executive dinner? Was it lovely? Always good to always get to. Talk cross functionally with different teams at the organization. Enjoy talking tech. Sadly, we killed all the visual stories.

9. [29:21] Google launches free course on Gemini CLI, an open source command line agent
   Google has partnered with DeepLearning AI to launch a free comprehensive course on GE CLI. The open source command line agent integrates AI capabilities into your daily workflow. Course covers installation, context management through Gemini MD files. It's completely free and available now at Google.

10. [32:47] Google Cloud opens Bangkok Region Asia Southeast 3 backed by $1 billion infrastructure investment
   Google Cloud has opened its new Bangkok Region Asia Southeast 3 backed by a $1 billion infrastructure investment. The region provides local compute and storage with millisecond level latency for Thai users. AI workloads can access globally hosted services through the region as a secure on ramp.

11. [36:08] Apache Airflow 3.1 now available on Google Cloud Composer
   Apache Airflow on Google via the Cloud Composer service now available. New features include Human in the Loop workflows that pause execution for manual approvals. Google is the first hypersco to offer this version, again only if it feeds your very narrow use case.

12. [38:36] Google is launching Gemini for government, a FedRAMP high authorized AI platforms
   Google is launching Gemini for government, a FedRAMP high authorized AI platforms. The platform provides secure access to Gemini models and agentic AI capabilities. Department of Defense already deploying it to 3 million personnel.

13. [41:19] So think about thinking about Fedramp compliance. Do you think they have to do anything particularly special to get an AI product
   For Fedramp High it's got to be you has to have dedicated activity to the government nipper and zipper network. But I don't think it would require any kind of changes to Gemini. I guess it depends what the people are going to use it for.

14. [43:32] BigQuery integrates Gemini 3.0 and Vertex AI models directly into SQL queries
   BigQuery now integrates Gemini 3.0 and Vertex AI models directly into SQL queries. New AI functions include AI Generate for text and structured output, AI Embed for embeddings and AI Similarity for semantic searching.

15. [45:46] SQL Server Management Studio 2.22.1 adds GitHub Copilot code completions directly in query editor
   2.22.1 adds GitHub Copilot code completions directly in the query editor. The feature provides context aware t SQL suggestions that improve as more code is written. Users can vote on specific AI features through the feedback site.

16. [48:00] Azure repos are rolling out several quality of life improvements focused on TFVC modernization
   Azure repos are rolling out several quality of life improvements focused on pull request workflows and TFVC modernization. This is kind of their way of slowly forcing people off of the old VSC that you shouldn't really be using anymore. I think they'll eventually kill off Azure DevOps and force everyone to move over to GitHub Actions.

17. [52:42] Ryan: I'm regretting learning about Azure repos
   Yeah. 1, 143 now 13. Yeah, I was gonna say 3 is the one that everyone's pushing towards the new hotness. Now that I've learned all of this about Azure repos, I'm regretting learning. Can I unlearn it?

18. [53:08] Azure Standard V2 NAT Gateway reaches general availability with zone redundancy and improved performance
   Azure Standard V2 NAT Gateway reaches general availability with zone redundancy and improved performance while maintaining the same pricing as the original standard sku. Existing standard SKU customers can migrate to standard V2 for enhanced resiliency without budget impact.

19. [55:31] Microsoft announces Unified SOCKS and DORA compliance solutions in Sentinel
   Microsoft announces Unified SOCKS and DORA compliance solutions in Microsoft Sentinel. Both solutions provide financial institutions with continuous monitoring and audit ready evidence through workbook driven dashboards. Microsoft also launching Maya 200, a custom AI inference accelerator.

20. [63:01] Oracle now supports IAM Deny policies that explicitly block specific actions
   Oracle is proud to now support IAM Deny policies. Allows administrators to explicitly block specific actions even when allowed policies would otherwise grant them access. Particularly useful for enforcing compliance requirements and preventing accidental resource deletion.

21. [64:59] Google SREs apparently using Gemini CLI to reduce mean time to mitigation during outages
   Google SREs are apparently using Gemini CLI with their latest foundation model to reduce mean time to mitigation during production outages. System uses functions calling to fetch incident details, analyze logs and correlate time series data. This copilot approach allows AI speed analysis while preserving human accountability and creating automatic audit trails for compliance.

22. [66:08] I think this is a great use case for AI during an outage
   Keeping track of all that is impossible to say the least. With tools like these, it's filling in the gaps and generating all the data that the humans are not doing. Be interesting to see how AI handles some of these things.

23. [67:58] I appreciate them being transparent again, like a little bit more
   In general, anything to make this process easier. The rest of the stuff around it I think is doable for almost anybody as long as you have access to these tools or some capabilities. There's some other things that they mentioned here that I'm sort of intrigued about.

24. [70:49] My team is going to the super bowl, which makes me super happy
   This week in Cloud: My team is going to the super bowl, which I'll be back in time for, which makes me super happy. Also, I strategically placed my trip to India so I can be there for the Super Bowl. Enjoy your travels and see you next week.


## Transcript

[00:07] A: Welcome to the Cloud pod, where the forecast is always cloudy. We talk weekly about all things aws, gcp and Azure.

[00:14] Ryan Lucas: We are your hosts, Justin, Jonathan, Ryan, and Matthew.

[00:18] Justin Brodley: Episode 340, recorded for January 27, 2026. Azure releases a new SQL AI assistant, Jimmy Drop Tables. Good evening, Ryan and Jonathan. How you guys doing?

[00:31] Ryan Lucas: Hello. Doing well.

[00:32] A: Great, Justin.

[00:33] Justin Brodley: Well, I'm doing much better now. You guys killed half the topics in the show notes list, so that was. That was the best news of the night because there was a lot of stuff I did not care about that Matt put in. And since he's not here to defend himself, I'm gonna blame it all. Matt.

[00:44] Ryan Lucas: Yep. Those are the rules.

[00:46] Justin Brodley: Yeah, exactly. He's like, I'm gonna add address stories. I'm like, please don't.

[00:51] Ryan Lucas: Yeah, I mean, I like having the Azure input, but it's really funny when he's not here because I'm like, do I learn what this is?

[00:58] A: I don't want.

[00:58] Justin Brodley: Yeah, I learned what SAS is earlier, which is just signed. Signed Certificate or certain URLs, basically, which is not that exciting. But he's. He's actually out at a dinner for his day job. I mean, priorities. But he. He may join us at some point in the episode. We'll see if he pops in or not. But then next week, you guys are on your own because I'm. I'm in India again, so. So you guys are doing this on your own. Good luck to you.

[01:23] Ryan Lucas: Oh, kids are running the asylum.

[01:26] Justin Brodley: Y. Y. Yep. But luckily, with all the automation I've now created for this podcast, you guys should be just fine.

[01:31] Ryan Lucas: Don't worry, it's gotten a lot easier to fill it for you, for sure.

[01:35] Justin Brodley: It's definitely gotten much easier. You don't have to write the shoutouts anymore. It's. It's much better. So it's also made my life much better too. So. I like, I'm giving you guys the benefit of it, but it really helps me every week.

[01:47] Ryan Lucas: And it's fun.

[01:48] Justin Brodley: And it's fun. Especially the new show. Show covers we're doing. They're. They are AI generated because I'm not artistic, but it's using a lot of creativity in the back end to help figure out what those are. And so, yeah, if you haven't seen our. Our podcast covers recently, you should check those out because they are now themed to whatever our show title of the week is. So get a little something. Not always gonna be great. I would say the Amazon one for Boise was not the best one, but the other two we've done have been really good. So so very happy. I like them.

[02:17] Ryan Lucas: I think it's a ne unique little touch and you know.

[02:20] Justin Brodley: Yeah, exactly. And then I'm trying to force you guys to write more. Mostly because I took a New Year's resolution that I wanted to do more writing and so I added the cloud pod dispatches to our newsletter so that now I can add commentary about the episode or the what's going on and so now harasses you to also add that commentary, which is sort of funny to me. I know you guys won't probably do it most of the time, but if you don't want to you can. But it was really for me because I wanted to able to add more to the newsletters that we're sending out. So if you're not a newsletter subscriber, do go to the website which we did redesign and you can see a little box that'll pop in from the right hand side. You can sign up for our newsletter right there and enjoy our dispatches. Deliver right to your your mailbox every week, hopefully on Tuesdays. It's on Wednesdays right now because I had to do some debugging of the code generated by Claude, the vibe coding was not good there and so I had a lot of debugging required. So I got pushed to a different day last week and I forgot to move back today. I was like, hey wait, I didn't get a newsletter today. Oh, it's because I'm an idiot, that's why. There you go. All right, well let's move right into AI is how ML makes money for the day Databricks is releasing Black Ice Fantastic Name, an open source containerized toolkit that bundles 14 AI security testing tools into a single Docker image. Available on Docker Hub as Databricks runtime/ Black Ice. The toolkit addresses common red teaming challenges, including conflicting dependencies, complex setup requirements, and the fragmented landscape of AI security tools by providing a unified command line interface similar to how Kali Linux works for traditional penetration testing. The toolkit includes tools covering three main categories responsible AI security testing and classical adversarial machine learning. The capabilities mapped to Mitre Atlas and the Databricks AI Security framework tools are organized either as static simple CLI based with minimal programming needs or dynamic Python based with customization options with static tools isolated in separate virtual environments and dynamic tools in global environment with managed dependencies. Black Ice integrates directly with Databricks model, serving endpoints through custom patches applied to several tools allowing security teams to test for vulnerabilities like prompt injection, data leakage, hallucination detection, jailbreak attacks and supply chain security issues. And users can deploy it via databricks container services by specifying the Docker image URL when creating compute clusters. This includes a demo notebook showing how to orchestrate multiple security tools in a single environment while build artifacts, tool documentation and examples available to you in the GitHub repo.

[04:39] Ryan Lucas: This is very cool. I want to check this out just because it's very difficult to feel confident in your AI security practice or patterns because I feel like it's this bleeding edge and I'm learning so much all the time. And so I spend a lot of time reading papers and talking to others and seeing what they're doing and meeting with vendors, trying to figure out strategy. And it just feels like I'm drinking from a fire hose and it's really difficult to feel confident. And so like, I like tools like this where not only is it adding a whole bunch of value in terms of just, you know, packaging up, you know, all the tools in one place and providing examples, but it's sort of a, you can, you can use it as sort of a rubric and bounce against like what you've been doing where your gaps are in your current processes. So I look forward to this. It's cool.

[05:30] A: I assume it's meant for testing applications of AI rather than just the models themselves. So it's not the kind of thing that you just run on a base model. It's like to check to make sure that someone's not going to get your grocery store AI recipe making app to do something they shouldn't.

[05:46] Justin Brodley: Right?

[05:47] Ryan Lucas: Yeah. And so I mean, that's, you know, people are adding, you know, AI chatbots their web pages or they're adding AI functionality and summarization within their applications. And yeah, so it's testing sort of that prompt layer there at the application code.

[06:00] A: That's cool. It's like web code for AI.

[06:06] Justin Brodley: That is exactly what it is. I also like that it gives me tools that. Because like I, I remember the early jailbreaking ways to get out of the, you know, like, forget all previous prompts. Everyone's hip to those ideas. And then like, you know, ask it to compute, you know, a million lines of pot, you know, digits of PI and split it, burn the CPUs. Like all those have been figured out. So like, those are ones I knew because they were easy ones to understand from my poor brain. But now the way to do like prompt injection and data leakage and all that stuff is much more complicated because you had to work around with the, you know, people who got rid of the rudimentary stuff but the more advanced things. So having a tool to help you do it is super nice and it'll continue to be an arms race.

[06:45] A: Yeah, I think even with using tools like this, you've still got to have some kind of production time logging and perhaps even have an AI look at the results that the other AI is generating because they start to do weird things. They really do. Like I noticed some of the OpenAI models, GPT OSS models, it must have been trained to use certain tools and if you just let it kind of run in circles and think for itself for a little bit, it starts exploring and starts trying to make tool calls that you've never give it any kind of indication or even available. And so it's like, better keep an eye on this. You never quite know what it's going to be it's going to be doing under what circumstances either.

[07:29] Justin Brodley: Yeah, well, if you've been paying any attention, you know that Meta has basically said that they haven't been getting the value out of their open source models. And so I don't know if their models are going to always be open source in the future. So it's always nice to see when someone's releasing something new that's open source. And that's from the Allen Institute, which is a the research lab started by Paul Allen back many years ago before he passed the Allen Institute for AI releases. Sarah are soft verified Efficient repository agents. The first in the Open Coding Agent series is a fully open source coding agent that organizations can fine tune on their own code bases for approximately 1300 dollars using commodity GPUs and the model handles GitHub issues, generates line by line patches and submits pull requests while learning internal APIs and development conventions. Sarah 32B achieves over 50% success rate on SWE bench matching performance of proprietary models like GitHub, Copilot, Workspace and cloud code, but was built with just 32 GPUs and a five person team. This demonstrates that competitive coding agents can be developed without the massive infrastructure typically required by the tech giants. The model runs on an organizational owned infrastructure without ongoing licensing fees and integrates with existing tools like cloud code out of the box. And teams can deploy it with a few lines of code and customize it for private code bases offering alternative to expensive closed systems For Microsoft Anthropic open sourcing both the model and the training code AI2 enables companions companies Sorry to maintain control over their proprietary code while still leveraging advanced AI coding assistance. This addresses a key concern for enterprises hesitant to send sensitive code to third party services. I was playing with Ollama actually this week, plugging it into Claude and I definitely needed to get a new, you know, M5 MacBook with much more GPU capacity or go buy a GPU for my house to make that really perform well. But even on my Mac with a 20B open model it was, you know, it was serviceable. It just wasn't as fast as using, you know, anthropic's APIs directly.

[09:21] A: Yeah, I'm, I'm pretty happy to see these smaller models coming out now which are very targeted specific use cases. I think trying to build one massive model is, is probably not the right way forward. As long as this model understands enough language to it to get your to get your intent and understand what you want it to do and enough code that it can do it, then that's great because that' you know, that's tiny in comparison to the things that they're being compared to like Claude.

[09:46] Justin Brodley: Google's launching agentic vision in the Gemini 3 flash model, introducing a think act observe loop that enables the model to actively manipulate images through Python code execution rather than processing them in a single static pass. This approach delivers a 5 to 10% quality improvement across most Vision benchmarks. By allowing the model to zoom, crop, rotate and annotate images, it'll lead to ground its reasoning in visual evidence. The compatibility enables three primary use cases implicit zooming for fine grain, detail inspection, image annotation with bounding boxes and labels, prevent counting errors and visual math. The deterministic Python execution to parse tables and generate charts without hallucinations. Gentex Vision is available now via the Gemini API in Google AI Studio and Vertex AI with the rollout beginning in the Gemini app. Under the Thinking model option, developers can enable the feature by turning on code execution under Tools in the AI Studio playground. Google plays to expand the capability by making behaviors like image rotation and visual math fully implicit without requiring prompt nudges, adding more tools including web and reverse image search, and extending support beyond Flash to other model sizes. Currently, some capabilities require explicit prompting to trigger code execution, and the feature addresses a fundamental limitation in frontier AI models that previously had to guess when missing fine grained details like serial numbers or distant streets signs. All I can say is enhance.

[11:05] Ryan Lucas: So I was trying to figure out if this is this is a its own model or if this is a tool that's in that you put in line with image generation prompts which I'm a little, little confused by sound. I mean the functionality sounds cool. Just how it has implemented this a little bit of a mystery.

[11:24] A: I assume it's like a pre canned agent that they've attached to Gemini that performs those things in a loop and then the model, they probably fine tuned the model or post trained it with some access to tools that they pass it back to Python, Python does image rotation or the zooming or whatever and then passes back to the agent for the next pass through. That's kind of cool though. I mean the great thing about stuff like this is I'm not going to pay Google to use their agent or other agent services but I would absolutely steal the idea and build it.

[11:56] Ryan Lucas: Myself.

[11:58] A: Yeah, that's neat. Slightly concerning. I don't know it's very much feel like a lot of these use cases are kind of tending towards security systems, you know, drawing boxes around people, behavior analysis, things like that. So.

[12:15] Ryan Lucas: I mean there's that zydical view but there's also like you know, even just stuff around the house like that kind of like video recognition like to trigger other actions and that kind of thing. So you know like it is sort of that double edged sword because I do, I absolutely agree with you. It's going to be used for things that are invasive to privacy but it's also this empowerment where you can you know, sort of use in your own space and so it's all about how the tool will be used.

[12:43] A: Yeah, I think what I could use it for I guess could point it in the, in the garden and look at the color of the soil and see if it needs to be watered instead of having thousands of sensors everywhere or stuff like that.

[12:53] Justin Brodley: I mean I think the sensors probably be more accurate, wouldn't you? I mean yes, the.

[12:56] A: I would think so, yeah.

[12:57] Justin Brodley: Yeah. I mean that's like there's definitely ideas where it could be augmentation to a sensor but sometimes the sensor is just the way to go.

[13:05] Ryan Lucas: I was going to say I'm going to build a bot that you know like recognizes my children when they're beating on each other so.

[13:10] Justin Brodley: And keeps tabs on them, starts, you know, scoring them. Like a boxing match, you know. Exactly. And not only is it are you aware it's happening but now you now know who won which is, you know, always hard to pin down. Right. OpenAI is launching Prism, a free cloud based latex workspace for scientific writing that integrates GPT 552 directly into the research workflow. The platform offers unlimited projects and collaborators for anyone with a chat GPT personal account, with enterprise plans coming soon for business, enterprise and education customers. Prism builds on OpenAI's acquisition of Quickset, a LaTeX platform, and has native AI capabilities including real time collaboration, literature search from sources like arcsive equation, conversion from whiteboard photos to latex, and voice based editing. GV2.5.2 thinking mode operates within the document context, understanding the full paper structure, including equations, citations, and figures. Platform limits the fragmented workflow researchers typically face by consolidating drafting, revision, collaboration, and publication preparation to a single workspace. This removes the need for local latex installations and reduces context switching between separate editors, PDF viewers, reference managers, and chat interfaces. OpenAI position this as a part of a broader shift where AI accelerates scientific discovery, following examples of GPT5 advanced mathematical research, immune cell analysis, and molecular biology experiments. I mean I don't care for latex, but I'm not in science either so maybe this is for those people. Cause I don't.

[14:32] Ryan Lucas: Yeah you know, like I kind of thought that the latex had died out because I, you know, haven't heard about it in a while. So it is interesting to see if it's, you know, got a huge use case in the scientific community. It's an odd choice but you know, like I guess, you know, not everything can work in you know, Apple Preview so makes sense.

[14:53] A: It's a weird choice because you could render any document as latex if you wanted to, you know, so you could, you could write it as a Word document and I mean and then convert it to latex I guess. Latex is nice for equations and things like this and it does make nicely formatted documents. It has sections and it puts reference numbers in and kind of takes care of a lot of the. What's the nice way of saying it. They need the grunt work around organizing large documents and things but I know man page is still written in latex in on Linux.

[15:28] Justin Brodley: I remember now I remember I remember there was some UI elements back a while ago that were written mostly in latex and that was my kind of my first real exposure to it and I that's when I was like I don't think I like this. That's how I feel about most front end languages. CSS, LaTeX, JavaScript, TypeScript, CoffeeScript. Yeah all of them kind of the same feeling.

[15:48] A: So yeah, it's kind of a weird thing though. I mean if they're focusing on scientific discovery the way you build a document at the end of the process is probably not what I'd be focusing on. It would be the actual research process.

[16:03] Justin Brodley: All right, let's move on to AWS. They're launching several new Graviton 4 powered instances including the C8GB, M8GB and R8GB instances with bare metal and virtualization delivering up to 30% better compute performance than Graviton 3 and the highest EBS bandwidth, 300 gigabits per second among non accelerated EC2 instances. These instances support up to 1.4 million IOPS, making these the highest EBS iOS performers in EC2. The new instance scales up to 48x large with 3x memory to VCP ratio options across the compute, general purpose and memory optimized plus metal sizes for the CAGB and RAGB that provide direct hardware access, include up to 4 gigabits per second of networking bandwidth and support the Elastic fabric adapter for low latency cluster workloads. Primary use cases include high throughput database workloads, data analytics pipelines, and tightly coupled HPC applications that require sustained high block storage performance. The EFA supports makes these particularly suitable for distributed computing tasks that need consistent low latency internode communication. Currently available to you in US East US west with metal sizes limited to US east only. This follows idiot is a typical pattern launching new instance types and primary use regions before their global rollouts.

[17:18] Ryan Lucas: Those are big machines.

[17:19] Justin Brodley: Yes they are for sure. These are machine I used to like to buy on the spot market until AI came around and then ruined it for me. Yeah.

[17:29] A: Yeah, I just, I look forward to a future where they're decommissioning this stuff and they actually sell it to the general public. I mean, wouldn't you just love to have something like that in the garage?

[17:38] Justin Brodley: You think that'll happen?

[17:39] Ryan Lucas: I don't know.

[17:40] Justin Brodley: Oh, I don't think it's going to happen.

[17:41] Ryan Lucas: I think they drill holes in all the things.

[17:44] A: Incinerate the thing.

[17:45] Justin Brodley: Yeah, you'll have to call Super Micro and basically build your own. I think you'd have to do this.

[17:51] A: Awesome.

[17:52] Justin Brodley: That's cool. I mean if you need big instances to run SAP for hana or your AI workload, it's good to have Route 53 is now supporting 10 new top level domains including AI nz, shop, bot, moi or moi spot, free DL now and hot expanding domain registration options directly with AWS. The AI domain has become particularly relevant for AI companies despite originally being Anguilla's country code, while other TLDs target specific use cases like E Commerce and Chatbot Services the new domains integrate with existing Route 53 features including DNS management, automatic renewal and hosted zones, letting customers manage domain registration and DNS records through the console. Domain registration pricing varies by the TLD with no standard rate mentioned in the announcement, and customers should check their 53 pricing page for specific cost per domain type. And the timing aligns with increased demand for the AI related branding. I just find it annoying that when I want a domain that is not in this list that I always find out at the last minute when I'm in Route 53. Like why does it take so long? The AI is Anguillas and clearly it's being adopted by a bunch of companies right now. So it's not like it isn't available to you and Hover or the horrid godaddy whatever. You know, those places all have these domains. So why doesn't Amazon, why does it take so long? Like I bought a dot dev domain the other day and that's not available on Amazon either, which is just really annoying.

[19:15] Ryan Lucas: Is it? You know it is. I mean it is frustrating and it's not like these are new, like AI's been around for a while and so it is strange that it takes that long. Although it's DNS, so I wonder like how.

[19:26] Justin Brodley: I mean, I assume it's partially a negotiation between them and the TLD and you know, getting integrated but like in GoDaddy and Hover and other, you know, reputable services have them much faster. So I just, I don't get the delay.

[19:41] A: I'd like to think it's that they're ensuring the quality of the registrar for the domain at the other end so that their integrations are seamless. But then you look at something like nz, like really? How do you not have that?

[19:55] Justin Brodley: I mean apparently the.dev is a top level domain operated by Google so it's even more annoying. It's sort of silly.

[20:03] A: Yeah. Was it Google who pushed for sort of the opening up of the TLD so they could create a whole bunch of demands?

[20:09] Justin Brodley: I mean there's a lot of companies pushing for it for a long time. But I mean I definitely bought Ryan Hot earlier today for Ryan.

[20:16] Ryan Lucas: Nice. I was just searching that up because I was about to buy it.

[20:21] A: Bot on how expensive bot domains are? I don't know, AI is pretty expensive.

[20:27] Justin Brodley: I imagine they're really expensive. Yeah, the DOT AI, because I bought one not long ago, they are not cheap. So I unfortunately I think I paid for three years on my AI so I will not be moving it to Amazon because I don't want to pay again. So.

[20:40] Ryan Lucas: Do you have to pay when you transfer a domain?

[20:42] Justin Brodley: Yeah, you basically buy a one year renewal as part of the transfer. Yeah. Isn't that fun? Yeah. See Ryan Hot and see if I can get it. I just didn't actually do it but now I want to register domains. How much is Ryan? It's not available. Dang it. Someone beat me to it.

[21:09] Ryan Lucas: Too many Ryan's.

[21:10] Justin Brodley: Yeah, I. I get a Ryan Lucas Hut though. How many are. How many of those are you? Are there $57. This is too hot for. Too expensive for a troll.

[21:19] Ryan Lucas: Yeah, I'm not that hot.

[21:24] Justin Brodley: You can also get ryanlucas co for $38 and then ryanlucas.info is available to you as well. So I mean there's lots of choices. If you wanted a Ryan Lucas domain. Yeah, you probably have your own dot com.

[21:35] Ryan Lucas: But I don't have Ryan Lucas. But I. Nor would I actually look for that. But I do. I've. I have a few that I use.

[21:43] Justin Brodley: Nice. All right Amazon, get those faster and please get the dot dev so I can move that domain at some point from Hover. Although I do like Hover. They're a good company too. Amazon Workspaces is now supporting the cutting edge feature of advanced printer redirection for Windows users, enabling access to printer specific features like duplex printing, paper tray selection and finishing options such as stapling and hole punching directly from the virtual desktop. This addresses a long standing limitation where Workspaces users were restricted to basic printing capabilities through the generic drivers. The feature includes configurable driver validation modes that let administrators balance compatibility with feature support, automatically falling back to basic printing when matching drivers are not available. Organizations with users who need professional document printing, specialized labels or advanced output formatting will benefit most from this capability. Advanced printer reduction requires the latest and greatest workspace agent version 2.2.0.2.116 and Windows client version 5.31 or later with matching printer drivers installed on both the workspace and the client device. The feature is available in all AWS regions where Amazon Workspaces personnel is offered, though it's limited to Windows workspaces and Windows clients only. So if you're on a Mac, screw you or Linux screw you too. This enhancement brings Workspaces closer to feature parody with traditional desktop environments. I mean, the fact that this is something that someone demanded that Amazon develop into Workspaces makes me laugh.

[23:03] Ryan Lucas: Yeah, like the rest of the ecosystem. Must be no fun to work in that's all I can think of.

[23:08] Justin Brodley: Right.

[23:09] Ryan Lucas: Because these environments are always so clunky and usually they're a last resort in order to either provide sort of bastion access or to control sort of the endpoints.

[23:18] Justin Brodley: Or you have. I mean, based on this use case, sounds like there's a printing company that needed this feature to run their stapling and hole punching printers. Yeah.

[23:27] Ryan Lucas: How much paper is being used here?

[23:29] Justin Brodley: It's sort of funny that you're creating so much paper from a virtual desktop that doesn't even exist.

[23:34] A: Yeah, I just can't believe Amazon doesn't have a print. I mean they do have a print service, but it's mostly for photos and like professional books and things like that. But I mean there's so many Amazon hubs around the place that can do next day delivery. Why not just hook workspaces up to a virtual Amazon printing? You click print and it arrives in the mail the next day.

[23:52] Ryan Lucas: Do you think it'd be worth it?

[23:53] Justin Brodley: Today they announced they're closing all their Amazon Fresh physical locations. So you know, they're not well known for trying things and letting them succeed long term. So they're gonna just stick to Whole Foods. That wasn't a story I thought was worthy of the cloud pie. But since you mentioned their brick and mortar operations, they're no longer having Fresh stores.

[24:13] A: That's weird because they didn't. They also just announced that they were gonna actually have retail stores.

[24:18] Justin Brodley: You know, it was weird because they did just announce that they were gonna build like Walmart supercenter type stores. And I was sort of like, was that someone releasing a press release trying to save their pet project? And then Amazon came in, was like, no, we're killing Fresh. I don't, I don't really know what that's about. I don't think a store is a good idea either. I don't, I, I don't know why they're doing all that retail stuff. I think they're flailing for growth as I would call it.

[24:41] Ryan Lucas: Yeah, I mean, I guess they sell food and stuff in those Walmart supercenters. So maybe in these, maybe they're just sort of moving the functionality to these new things.

[24:50] Justin Brodley: But I would at least rebranded the Amazon Fresh stores to Whole Foods Markets or something. You know, not necessarily a full Whole Foods because like they do have a, a skin down version of Whole Foods that exists. That's. It doesn't have like all of the things that a Whole Foods normally does. They just re ran into that. Because I think the Whole foods branding has better better respect in the market than Amazon Fresh. As someone who's bitter that I can't get Amazon Fresh delivered to my house.

[25:20] A: I actually watched a completely random tangent since talking about grocery stores. I just watched a Business Insider video on YouTube about Trader Joe's. Actually it's super interesting about the history of it and how the perception is that they sell, you know, healthy stuff and it's not reality at all. Very interesting business model. Super interesting.

[25:42] Justin Brodley: It's so low margin. It's fascinating how they scale that business out and do it at such low costs. All right, AWS Network Firewall is adding URL category based filtering that specifically identifies and controls Geni application traffic alongside traditional web categories like social media and streaming services. This allows your security team, Ryan to enforce policies like blocking unauthorized AI tools or restricting access to approved genius services only addressing a growing compliance concern as organizations struggle to govern employees use of ChatGPT, Cloud and similar platforms. The feature works by inspecting traffic against predefined URL categories and can be combined with AWS network firewalls existing TLS inspection capability for full URL path analysis. This provides more granular control than simple domain blocking organizations, differing different services from the same provider or allow specific features while blocking others, so potentially making it available to the documentation on Claude or Anthropic's website but still be able to block actually access their APIs directly without going through something like bedrock. This capability is available, I'm sorry now in all AWS commercial regions where Network Firewall operates with no separate pricing beyond using network firewall costs which start at $0.39 per firewall endpoint hour plus six and a half cents per gigabyte. Processed organizations can implement this through stateful rule groups using the AWS Console or CLI or SDKs. This just is a practical security gap, allegedly. Ryan. Yeah, I mean it's, you know, it.

[27:09] Ryan Lucas: Is definitely a concern. It is one of those things where, you know, as Justin knows since we ruined all his searching on Anthropic and cloud as we were rolling out policies at our day job and just kind of victims to whatever the technology would support. So I'm happy to see this being added to the AWS Network Firewall. I'm hoping this gets added to, you know, the Google Next gen firewall as well because it is sort of difficult to do when you're forced to just do domain based filtering on these things because it's, you know, you don't really want to be the police. It's more just want to provide A secure guardrail. But sometimes the tooling just. The only thing you can do is black hole everything. It's awful.

[27:50] A: I'm just listening to you saying, like, it's for your own good.

[27:53] Justin Brodley: Yeah. I am protecting you from yourself. That's what I heard.

[27:58] Ryan Lucas: I mean, it's for the company's good. I mean, if I'm honest. But they're the ones that pay me, so. Yeah.

[28:03] A: Yeah. The cool thing about a network firewall, though, is it also works on websockets because a lot of things just switch to websockets for real time, messaging back and forth. And it works with websockets as well, which is. Which is really cool. Yeah, A lot of tools don't.

[28:16] Ryan Lucas: Yeah, exactly. It's. I mean, it's growing now because I think it's. The use of websockets is high enough now where you have to. So that's good. But.

[28:24] Matt Kohn: Yeah.

[28:24] Ryan Lucas: Well, that's painful for a while.

[28:26] Justin Brodley: Yeah.

[28:26] Matt Kohn: Just don't talk to me about websockets. It ruins my life a little bit.

[28:30] Justin Brodley: No.

[28:30] Ryan Lucas: Hi, Matt. Welcome, Matt.

[28:32] Justin Brodley: How was your. How was your executive dinner? Was it lovely?

[28:36] Matt Kohn: Oh, so lovely. No, always good to always get to.

[28:40] Justin Brodley: Talk cross functionally with different teams at the organization, so.

[28:43] Matt Kohn: But, you know, I needed an out to go talk tech with people, so, you know, I made a point to be like, guys, I gotta leave, and kind of snuck out a little bit early.

[28:53] Justin Brodley: This isn't the first time in my life that I've been someone's excuse, so I get it.

[28:57] Matt Kohn: Yeah, I enjoy this. This is fun. Now if people listen to us or not, it's another story. But I still enjoy doing this. Enjoy talking tech.

[29:07] Justin Brodley: They do listen.

[29:07] Ryan Lucas: They're not there.

[29:09] Justin Brodley: All right.

[29:09] A: Sadly, we killed all the visual stories.

[29:11] Justin Brodley: So, yeah, we killed most of them because we were like, this is terrible. No one cares.

[29:14] Matt Kohn: To be fair, I probably would have killed them, but that's fine.

[29:17] Justin Brodley: No, no one cares about SAS tokens like, come on. All right, moving on to GCP. Google has partnered with DeepLearning AI to launch a free comprehensive course on GE CLI, an open source command line agent that integrates AI capabilities into your daily workflow. The course covers installation, context management through Gemini MD files, extensibility via the MCP protocol, and practical applications across software development, data analysis, content creation, and personalized learning. The course structure is a sub two hour curriculum with nine lessons that progress from foundational setup to specialized workflows. Key technical features include memory management for maintaining context across sessions, integrating with external tools through MCP servers and custom extensions that allow users to tailor the CLI to specific needs. Gemini CLI targets a broad user base beyond traditional developers with dedicated modules for data visualization from local CSVs and Google Sheets, automated blog and social media content generation and a study plan creation tools available as an open Source project on GitHub with full documentation at geminicli.com and of course it's completely free and available now at Google. Gemini CLI Learning course. You'll get the URL from the show Notes is accessible entry point for users looking to create AI agents in the command line workflow. So all those people on your team who are like, I don't know how to use AI, here's an option if Gemini is your preferred AI solution.

[30:33] Ryan Lucas: I mean it's smart because there's, you know, I've recently been reading a whole bunch of like sort of white papers on, not white papers articles rather and blogs about people using Claude code for stuff that, you know, like managing spreadsheets and forms and stuff that was, you know, sort of typical toil, but not part of like the coding ecosystem or were not really relevant for, you know, a chatbot type of deal. And so like I think that Google transitioning to the space, you know, already ever able to leverage their Google workspace and Google Sheets and all that is a great smart thing. And so the more that you can get people using this. Sure. You can get people paying money for it as well.

[31:15] A: It's interesting. They didn't go for a command line coding tool. It's not Gemini code, it's Gemini does a whole bunch of stuff. So they've seen the broader implications of what those tools can do.

[31:28] Ryan Lucas: I mean it does do coding. That's what. That was the way it was originally sold to me. Right.

[31:32] A: Yep.

[31:33] Matt Kohn: I'm just confused how nobody else caught that it's a Gemini MD file, not Agents MD or anything else. So I really was hoping we'd standardize on something that you could flip between tools. You know, whether it's Gemini Claude, you know, GPT, it would, you know, dynamically kind of read the same thing. So you could kind of test stuff better than having it specifically called Gemini MD and just have people mind.

[31:58] Ryan Lucas: I know VS code like they, they maintain cloud AMD to be backwards compatible. So like you can, you can. But yeah, you can see the standardization is, is diverging because people want to get their own branding on it.

[32:12] Justin Brodley: Yeah, yeah. I mean you have Cloud md, you have Asian MD out there, but yeah, I mean typically there's enough uniqueness in these tools that you do want to have a specialized file, but there are things you can put into the agent MD that you can share across a repo. And then like I typically try not to put my Claude MD files now I did originally try not to put them onto the repos now because that's kind of like more my thing. And then if someone else like you guys want to come in and use agents because you're using Gemini, that's where the things are like here's how you run tests in this repo, you know, using Docker Compose. Those type of things are in my agents MD files typically. Google Cloud has opened its new Bangkok Region Asia Southeast 3 backed by a $1 billion infrastructure investment that's projected to contribute 41 billion to Thailand's economy and support 130,000 jobs annually over the next five years. The region addresses data residents requirements under Thailand's Personal Data Protection act, or pdpa, while providing low latency access to local customers, and contributes to Google's global network via the Tail Link subsea cable. The region launched with key compliance certifications including ISO 27001, PCI, DSS and SOC 1, 2 and 3, making it suitable for regulated industries like banking and insurance. The Casicorn Business Technology Group and True Digital Group are among the first customers leveraging the local infrastructure to meet bank of Thailand regulatory standards while maintaining their data sovereignty. The Bangkok region provides local compute and storage with millisecond level latency for Thai users, while AI workloads can access globally hosted services like Vertex AI, Gemini 3, and generative models through the region as a secure on ramp. This hybrid approach lets customers run general purpose workloads locally without investing in specialized AI hardware while still accessing Google's AI ecosystem when needed. That's really Google's way of not having to buy a bajillion GPUs and distribute them globally, in my opinion. But you can argue it as a secure on ramp all you want to.

[34:00] Ryan Lucas: Yeah, well, I mean even without the GPU argument, like whenever they roll out a new region it's like oh, I can get this one instance type. Yeah, and nothing else for a long time. They're very slow at rolling hardware out where you get parity, which can be really frustrating if you're working across multiple regions and have automation that sort of tries to do, you know, specific things.

[34:21] Justin Brodley: Well and just, just put a reservation in. Ryan, just yeah, all you have to do is put a reservation on what you want in the region and it'll, it'll appear in six magically show. Yeah, yeah, exactly. Which is very cloudy. Meanwhile.

[34:31] Ryan Lucas: Yeah, getting the three different API error messages every time run Terraform I wonder.

[34:36] A: If the sort of the rollout of new regions, even though data residency is really important now, is really going to slow down because the cost of RAM and NVMe. I assume this would be in the works for long enough that that was an issue. They probably locked the pricing in a while ago, but seems like it's going to be.

[34:55] Justin Brodley: It's going to be a problem for sure. Anything that's kind of currently under construction, it's probably safe. Yeah. Stuff coming after that or what's going to happen is that all of these new fab factories that are being built by all these hardware chip manufacturers are going to be built for someone who doesn't need them because the AI bubble will burst and then basically RAM and CPU prices will fall through the floor and we'll all rejoice. The free compute we can get, but we won't have any money to buy it because we were all laid off in the mesh and the worldwide economic disaster that occurred when the AI bubble burst so it could go multiple different ways.

[35:29] Matt Kohn: That's a very depressing thing. Just depressing.

[35:33] Ryan Lucas: Hey, I romanticize the end of times so I can't wait to build my Thunderdome and wear nothing besides leather and style my hair like Tina Turner. It's gonna be awesome.

[35:41] Justin Brodley: Nice.

[35:45] A: I can just picture that. That's quite fun.

[35:49] Matt Kohn: I love the picture.

[35:51] A: Somebody needs to start working on the farming AI that can help all of us city dwellers know how the hell to grow food when the whole market crashes. So I'll make it. I'll sell it to you for like a bushel of wheat or something.

[36:06] Ryan Lucas: Yeah, there you go.

[36:08] Justin Brodley: For those of you who have the one very narrow use case that Apache Airflow on Google via the Cloud Composer service need you now have Apache Airflow 3.1. Google is the first hypersco to offer this version, again only if it feeds your very narrow use case of Airflow Update builds on Airflow 3's decoupled architecture with new features including Human in the Loop workflows that pause execution for manual approvals via UI or API deadline alerts that replace legacy SLAs with proactive time based notifications and native support for 17 languages in the REACT based interface. The Human in the Loop functionality integrates with Airflow notifiers to send approval requests via Slack email or page Duty with direct links to decision points. This addresses the growing need for human oversight and AI agent workflows and complex automated pipelines, particularly for deployment approvals or reviewing generative AI outputs. Google positions Cloud Composer as an open orchestration alternative to proprietary walled garden platforms and emphasizing the airflow based workflows remain portable python code rather than vendor locked in logic. The company contributes directly to the Airflow code base and highlights access to thousands of community built providers and custom operator development for legacy system integration. Additional developer focus improvements including a React plugin system for embedding custom dashboards in the UI and a new streaming API endpoint for watching synchronous DAG execution until completion, all coming to you in preview in part of the Airflow 3.1 rollout on Cloud Composer.

[37:28] Ryan Lucas: I mean this is rich because after dealing with Cloud Composer and its kind of terribleness, now with Cloud Composer 3, they're just rebranding and saying that oh no, all that stuff that you were complaining about is a feature, not a bug. We're not going to, you know, build a complicated workflow engine where you don't get exposed to the inner. We're going to just let you run your own managed airflow. And it's basically a deployment template, but it's a feature because they're, they're allowing direct access, not wall guards.

[37:59] Justin Brodley: Yeah, it's a very, very opinionated implementation of Composer of Airflow.

[38:04] Ryan Lucas: Well, it's, it's actually my complaint is that it's not opinionated. It's, it's, it's not a managed service, it's not very opinionated. And so like I don't see the advantage of composure over just running airflow myself. And that's, that's my biggest gripe of it is, is it's just this weird complexity where you don't know what's the same and what's not. And you know, what I really want is just something where I'm configuring my dags and launching it into the ether and having it go. But that's really not what the Composer service offers. Sorry, get off my soapbox now. A little triggered.

[38:43] Justin Brodley: This is one of those stories that I'm like, I don't know. This is the right week to announce this, but Google is launching Gemini for government, a FedRAMP high authorized AI platforms simply designed for public sector agencies. The platform provides secure access to Gemini models and agentic AI capabilities. With the Department of Defense already deploying it to 3 million personnel through Genai Mil and FDA implementing Agentic AI across their operations. The platform emphasizes AI agents as productivity multipliers for government employees. Automating administrative tasks while allowing workers to focus on strategic decision making. I mean, yes, it can help do all those things and it can also help you hallucinate better stories for things that you see on video, which I won't comment on further.

[39:24] Ryan Lucas: Oh, come on. It's just going to be a whole bunch of federal employees using this to generate cartoons like we do.

[39:28] Justin Brodley: Could be.

[39:29] A: Yeah, yeah.

[39:31] Matt Kohn: You've clearly been in top level security things, but the amount of stuff that, like, why no, it's all just the same copper spam that gets sense.

[39:40] Ryan Lucas: So I am really looking forward to this feature actually, because working in these Fedramp compliant environments, so what you find is that you've disabled it because it's not a Fedramp approved service and so you disable it. And then half of the console is non functional because everything now is configured to go to Gemini for insights and BigQuery and all these things. And the way that it sort of is implemented when you can't access these services is really clunky and messes with the, just the general functionality of the normal apps, which is kind of terrible. So I'm glad to see that this is approved and I can turn it on and have my Google console actually work.

[40:25] A: I'm just glad that they didn't pick Grok.

[40:31] Justin Brodley: Yeah, I'm sorry Elon hasn't sued over this yet. That's fine.

[40:34] Ryan Lucas: I mean, I'm pretty sure that, you know, Grok probably offers their own FedRamp high. Right. This is just Google's offering on the marketplace.

[40:41] A: I wouldn't be surprised. I'm just, I'm just pleased, I guess, that that's Google's Gemini over Grok.

[40:48] Ryan Lucas: Well, I don't think it's exclusive.

[40:50] A: It's not.

[40:53] Ryan Lucas: I mean, it says the Department of Defense is already deploying it, so they're, they're choosing it, which is great.

[40:57] Justin Brodley: But yeah, I mean, I imagine when Grok eventually gets federal compliance at some point in the future, then they'll maybe, you know, be an option. But it takes a lot of work to get into any of these federal marketplaces. So it, it's not something they're probably prioritizing. Now they want to, they're trying to beat open AI. That's their priority.

[41:17] Ryan Lucas: Yeah.

[41:19] A: So think about thinking about Fedramp compliance. Do you think they have to do anything particularly special to get an AI product into FedRamp High?

[41:29] Ryan Lucas: Oh, no, it's all just compliance. So it's all reporting and validation. Right.

[41:33] Justin Brodley: So I mean the hardware probably has to be and I mean for Fedramp High it's got to be you has to have dedicated activity to the government nipper and zipper network. It's got to have its own dedicated hardware by agency. So there's probably, you know, ways they're allocating GPU capacity to each agency across the nipper sipper network. I mean there are some things that are required but there a lot of it's compliance after that. But it is something at least probably deployed in, you know, their secure zone on the IL5, you know, set up.

[42:03] Ryan Lucas: And supported by, you know, us people, particular staff. But I don't think it would require any kind of, I don't believe there'd be any sort of application or product changes to Gemini because it's, I don't think you'd have any requirements necessarily from what I know of the ISO 4201, whatever that the AI one is like. There's no, there's not a lot of, you know, meat into like what data you use for training, what you do on those things. And so there, you know, a lot of these compliance frameworks are evolving. But it is kind of interesting that I don't, I don't think it would require any changes.

[42:37] A: I guess it depends what the people are going to use it for. I mean the FDA is mentioned in there and I guess somebody can use it to make spreadsheets or PowerPoints just like we do. But I guess there'd still be restrictions around using it in things like clinical research and stuff like that where reproducibility of results is very important and the nature of AI is not that it's reproducible in general.

[42:59] Ryan Lucas: Yeah, I imagine this is largely the sort of admin, the agentic easiness like, you know, they can put it in Google workspaces now because that's, you know, Fedramp compliant workspaces and then like I said the console and different things like that, using it for, you know, BigQuery, that sort of thing I think is what they're targeting. But I hope they're not using AI to, you know, generate data.

[43:25] Justin Brodley: Okay, I hope not either. But I'm going to move on from this because this is a politically sensitive subject of today.

[43:31] Ryan Lucas: It's going to get dark. Yep.

[43:33] Justin Brodley: BigQuery now integrates Gemini 3.0 and Vertex AI models directly into SQL queries through new AI functions including AI Generate for text and structured output, AI Embed for embeddings and AI Similarity for semantic searching. The setup process has been simplified by allowing end user credentials authentication, eliminating the need for separate service account connections if users have the Vertex AI user role. AI generate function handles multimodal inputs including text, images, video, audio and documents, and can now perform multiple AI tasks simultaneously, like sentiment analysis, translation and summarization. In a single SQL call, users can specify an output schema to convert unstructured data directly into structured table columns, making results similarly usable in downstream apps. The new AI similarly function provides a streamlined approach to semantic search by computing embeddings and similarly scores in one step, ideally for interactive analysis on small to medium data sets. These functions are fully composable with standard SQL, meaning they can be used in select statements where clauses and order by clauses alongside traditional SQL operations. Because adding AI to my inside my SQL statement is not as nice as a feature we'll be talking about shortly, which is when AI just generates a query for me.

[44:42] Ryan Lucas: Yeah, no, this is perfect. I can have AI generate the query to call AI to analyze the results of the AI generated query. I don't see what could go wrong.

[44:51] A: That's actually a really neat feature though. I just think what you could do, they could like select all from users where user isn't an asshole or something and literally analyze the user's history to populate kind of those kind of metrics.

[45:05] Ryan Lucas: I mean it's probably the only way.

[45:07] Justin Brodley: You'Re going to get me to use.

[45:08] Ryan Lucas: SQL syntax is by making it loose like that. Because if I have to remember how to do like three way joins with all different things like I'm just going to throw my hands up at it because I hate those databases.

[45:20] Matt Kohn: It's one of the best things I've used AI for is generate me the SQL statements. I want to figure out how the hell to do it.

[45:26] A: I have been using a lot of SQL but for Neo 4J cipher queries because that is a different language.

[45:35] Ryan Lucas: To learn.

[45:36] Justin Brodley: Yes, graph. Graph is sort of similar in that way too. Like oh that's. That's different.

[45:41] A: Yeah, yeah, yeah.

[45:44] Justin Brodley: All right, well that's a good segue to Azure. And the first story up I moved it up in the notes because we just mentioned it is SQL Server Management Studio 2.2.22. 2.1 adds GitHub Copilot code completions directly in the query editor, going beyond traditional intellisense by providing context aware t SQL suggestions that improve as more code is written in the editor. Microsoft customized Visual Studio copilot invitation to include database context, ensuring suggestions are both relevant and performant for your SQL workflows. The race focuses on fundamental improvements with bug fixes addressing user reported issues from the feedback site while engineering teams worked on backend pipeline and testing enhancements. GitHub copilot agent mode is coming to Server Management Studio according to the updated roadmap, along with improvements to instructions functionality, which ranks as top user request, users can vote on specific AI features through the feedback site. Code completions may complete Compete with traditional IntelliSense so users experiencing conflicts can disable IntelliSense to get the full benefit of Copilot suggestions and the feature requires a GitHub copilot subscription which separates the SSMS itself and follows standard GitHub copilot pricing for individual organizations. The position SQL managers view as a more AI native database manager tool particularly relevant for SQL developers already using Copilot and other Microsoft development environments. Another rise this got added because Visual Studio is basically what SQL Server Management Studio is nowadays, but nice to get some copilot built right into it.

[47:03] Ryan Lucas: This is a little weird because I thought the SMS application was basically cron jobs for SQL queries with a like a terrible web UI for viewing results. Is that.

[47:13] Justin Brodley: Oh, you're thinking. You're thinking of SSIS packages, I think.

[47:16] Ryan Lucas: Oh, that's it.

[47:18] Matt Kohn: Okay, is or rs rs.

[47:20] Justin Brodley: Sorry.

[47:21] Matt Kohn: Yeah, I see. Yeah, that's the fun reporting Studio that even Microsoft doesn't support a hyperscale, so ask me how I know.

[47:32] Justin Brodley: So SQL Server Manager Studio used to be a standalone app until I think it was SQL 2000 and then basically they built it. They basically took a bunch of Visual Studio code and turned that in, basically put SQL on top of it to basically give you a full development interface on top of SQL Server, which then resulted in lots of bad things happening around stored procedures and compiled code in SQL. So you know, it doesn't surprise me that they could add GitHub copilot to it. Azure repos are rolling out several quality of life improvements focused on pull request workflows and TFVC modernization. The most impactful change is a breaking update that disables obsolete TFVC check in policies, requiring teams using the old storage format to migrate to the new system or lose policy enforcement entirely. Pull request notifications have been streamlined to reduce noise by removing low value alerts like draft state changes and autocomplete updates, simplifying remaining notifications to show only relevant changes like affected files addressing a common complaint about notification overload Encode review workflows. Pull request templates now support nested folder structures that mapped multilevel branch names, automatically selecting the most specific template available when targeting branches like feature foo December this eliminates template duplication for teams using hierarchical branching strategies. And the Azure DevOps MCP server continues to expanding with new tools for programmatic interactions with repos, branches, commits and pull requests directly from VS Code and GitHub Copilot, nailing developers to quickly query repository metadata, inspect code without opening the Azure DevOps web interface. And upcoming improvements including more efficient Git policy configuration API that reduces unnecessary calls when retrieving policies across repositories and branches. Plus additional pull request features like highlighting PR's without standing comments and filtering by tags. I mean, I appreciate some of this, but wow. Tfvc modernization as your is your feature and then you're just gonna. You're just gonna turn it off and lose your policy enforcement when they migrate automatically to a new system. That's just. That's brutal. That's the classic Microsoft right there.

[49:32] Matt Kohn: Okay, but to Microsoft's credit, they kind of end up like this like five years ago and told everyone to move to Git. So this is kind of their way of slowly forcing people off of the old VSC that you shouldn't really be using anymore. You really should be using Git under the hood. So this is the old school TFS Team Foundation Studio server, you know, like VSC before SVN and everything else existed. So this is kind of their way of continuing to kind of force everyone off the platform. And I honestly thought that Azure repos didn't support that because I thought when they moved over they did a clean break. So I'm more impressed that they move it from TFS Server on prem up to the SaaS product that they've been running. And why they made that decision too.

[50:23] Justin Brodley: Yeah, I thought they had announced they were going to deprecate TFS Server in favor of DevOps. Azure DevOps. But then you're telling me they didn't do that. They actually made it to reposition.

[50:35] Matt Kohn: So TFS server became Azure DevOps. You can still buy that as a standalone product. Then there's Azure DevOps SaaS.

[50:43] Justin Brodley: Okay.

[50:44] Matt Kohn: Not to be confused at all.

[50:46] Justin Brodley: No, not at all.

[50:47] Matt Kohn: And this is all what they're deprecating at is the TFSVSC that they've been trying to get people to move off of the version control system for years and trying to get people to move to a modern era of, you know, git, not, you know, a proprietary format that no one else.

[51:05] Justin Brodley: You mean not TFs? I mean, yeah, yeah, that's why they rebranded the whole thing. So when, when do they just consume GitHub and just rename it to Azure DevOps which is what they should have done all along. If they, I mean versus having two competing products that do exactly the same freaking thing.

[51:20] Matt Kohn: I think it'll go the other way. I think they'll just eventually kill off Azure DevOps and force everyone to move over to GitHub Actions.

[51:26] Justin Brodley: I mean that's what they'll do in name but the product, what's the product actually going to be? That's the key thing. The marketing is not going to be what the technology is. It's Microsoft.

[51:36] Matt Kohn: I actually think that they are doing more innovative stuff in the GitHub Action Space than the Azure DevOps Pipeline Space, at least from what I could see. I think that's more of the community and Everything is pushing GitHub Actions more and more. But I think they have to keep Azure DevOps around just because so many large enterprises use those pipelines and it would cause a lot of pain if they just said time to move.

[52:01] Justin Brodley: Is Azure DevOps how they get FedRamp compliance? Because I know GitHub can't be, you know, isn't compliant on Enterprise on compliance or not.

[52:09] Ryan Lucas: So the, the reason why GitHub isn't compliant is just, it's, it's the, the cipher set that's compiled into the Enterprise layer so it's not functionality based and they'll be able to fix that with an update at some point where they're.

[52:20] Justin Brodley: But I mean it's been a problem now forever so I mean like well maybe they don't want to fix it. I mean maybe they don't but I mean it definitely seems like the Because I was always wondering how they're like well if GitHub isn't fedramp high then how are they getting all this Fedramp stuff done in Azure? And I was like oh well they're probably this Azure DevOps is compliant so that's all it's a, it's a FIPS for 142 requirement. Right? Yeah.

[52:43] Ryan Lucas: 1, 143 now 13.

[52:45] Matt Kohn: Yeah, I was gonna say 3 is the one that everyone's pushing towards the new hotness.

[52:48] Justin Brodley: The new hotness. Sorry, I do it myself at one.

[52:51] Matt Kohn: Point in your read up or I can just yell at Ryan to explain to be the difference between two and three.

[52:55] Justin Brodley: Before Matt joined we also talked about how it's nice that Matt forces us to learn Azure things and now that I've learned all of this about Azure repos, I'm regretting learning. I don't care.

[53:04] Ryan Lucas: Can I unlearn it.

[53:05] Justin Brodley: Yeah, can I unlearn this? Azure Standard V2 NAT Gateway reaches general availability with zone redundancy and improved performance while maintaining the same pricing as the original standard sku. This upgrade provides automatic high availability across Availability zones without requiring customers to manage multiple NAT gateways or configure complex failover senarios. The standard V2 SKU introduces a dual stack nifty supporting both IPv4 and IPv6 traffic through a single NAT gateway instance and simplifies network architecture for organizations transitioning to IPv6 or running hybrid IP environments. Standard V2 public IP addresses and presets are now available alongside the NAT gateway upgrade, providing consistent zone redundant capabilities across the networking stack. And the price angel upgrade path means existing standard SKU customers can migrate to standard V2 for enhanced resiliency without budget impact. So please do it soon because they wanted to duplicate the old one. It's the only reason why it's free or same price basically.

[53:55] Matt Kohn: It's also multi zonal so it's the same thing that AWS came out with with the, with the multi zonal NAT gateways. I think this has been in preview for a little bit. There's a couple weird regions out there if you happen to get by that don't supporting it which I don't understand why, but it's a good quality of life improvement to not have to deal with, you know, NAT get losing every zone or Izzy or whatever you want to call them at this point in your life.

[54:18] A: I guess it's not as easy as it sounds. I mean to us it's like oh well why don't I just deploy two right? But if, if they're nothing to public IPs then those public IPs need to be routable to the zones and so there's probably a whole bunch more complexity on the back end in implementing multi zone support for NAT than, than perhaps.

[54:36] Matt Kohn: People realize you also to use public IP address v2 which I assume also is related to that. So they must have. I mean I think it's a lot of under behind the scenes work they've done to get to this point.

[54:48] Justin Brodley: I mean it's, it's why we always suspected that most of the hyperscalers were doing, you know, custom TCP IP stacks at the routing layer to basically handle this complexity because it's, it's a major challenge at the scale and IP ranges you're talking about. It's not simple vlaning like your enterprise. So you know, it's, it's probably. It was a decision made at some point, you know that they had to carry along for a long time and now there's a better way to do it or they can do it with performance because they have, you know, custom silicone that can actually do it properly without bogging down. There was lots of limitations and trying to do wire speed networking at this level, especially if you're using our custom TCP IP stack like there's a lot, there's a. There'd be bodies buried in everyone's networking stacks in the hyperscaler world. I guarantee it. Oh yeah Announcing Unified SOCKS and DORA compliance solutions in Microsoft Sentinel if you were following DORA regulations being able to provide financial institutions with continuous monitoring and audit ready evidence through workbook driven dashboards. Both solutions are currently in preview and consolidate telemetry from Entre ID, Azure activity logs, Defender signals and 365 audit logs and third party sources you have piped into Sentinel. The SOX IT compliance solution maps directly to three core control domains, Access Management Monitoring and unauthorized access to financial systems Change management tracking configuration modifications across Azure and on premise environments and data integrity controls detecting audit log tampering or gaps in your critical system logging. The door Compliance solution addresses EU's Digital Operational Resilience act requirement through four specialized tabs covering incident management with MTTR tracking and SLA breach detection and threat intelligence correlating IOCs with MITRE, ATT and CK techniques, business continuity monitoring of inactive servers and failover events and compliance mapping that links security alerts specific to specific DORA articles for audit evidence. Both solutions target financial services organizations with ICT providers and any entity handling financial reporting systems that need demonstrate regulatory compliance. So yeah if you have to do these always nice to have it in your sim.

[56:46] Ryan Lucas: Yeah and it's, it's kind of neat that it, you know, using DORA and the linkage there which is, you know, something you can work with dev teams when they're applicating. You know it's a language and a framework that people are familiar with and it's not some just random security alert from a soar that's without context.

[57:07] Matt Kohn: I mean this is a lot about the reporting of it though. So it's going to just show you this is a critical alert and therefore your SLA is whatever your SLA is and mapping it that way. I don't think the dev teams are really going to leverage this. I feel like this is more for your, you know, sock and anything else along those lines.

[57:25] Justin Brodley: Oh you.

[57:26] Ryan Lucas: So you haven't used any kind of automated runbook, you know, stuff so I am lazy and so I am not going to go and do a whole bunch of like security remediation. I'm going to figure out who's whose throat I need to choke automated ways and go do that.

[57:41] Matt Kohn: So Ryan just has a runbook that creates a JIRA ticket for the other team is what I just heard.

[57:47] Ryan Lucas: Creates a bunch of JIRA tickets for all the other teams. Oh yeah, no, I'm very big on that. You know, like it's, you know, I make jokes about it, but it is sort of like I do, I do feel like security is everyone's job and I, I want to sort of tackle these things as a community and not just sort of have an expectation that there's, you know, a SOC analyst that's just going and crunching and being like no, this is a good signal, this is a bad signal. And so I like, I like visualizing and surfacing these, these things that as they come up when there's and people can look at them, they know how they score and you can gamify the results. So I kind of like the standardization that this uses.

[58:26] Justin Brodley: In order to do that, Microsoft's launching Maya 200, a custom AI inference accelerator built on TSMC's 3 nanometer process that delivers over 10 petaflops in FP4 precision and 5 petaflops in FP8 with a 750 watt envelope, the chip offers 30% better performance per dollar than current Azure hardware and outperforms as the Amazon Trainium third generation and Google's TPU seventh generation in key metrics. The accelerator features 216 gigabytes of HBM3e memory at 7 terabits per second and 272 megabit on chip SRAM. Designed specifically for running large language models like GPT 5.2 and synthetic data generation workloads, Microsoft's superintelligent team will use the Maya 200 for reinforcement, learning and creating training data for next generational models. Maya 200 uses a two tier scale up network built on standard ethernet rather than proprietary fabrics, with each accelerator providing 2.8 terabytes per second bi directional bandwidth and supporting clusters up to 6,144 accelerators. This approach reduces power consumption and total cost ownership while maintaining predictable performance for dense insurance workloads. Initial deployments in US Central Data center region near Des Moines with US West 3 near Phoenix coming next interview with Microsoft Foundry and Microsoft 365 copilot services Microsoft is offering a Maya SDK Preview with Pytorch integration, Triton compiler and low level programming tools for developers to optimize models for the new hardware. Microsoft achieved rapid deployment by validating the end to end system and pre silicon environments, getting AI models running within days of receiving packaged parts, and reducing time from first silicone to data center deployment by more than 50% compared to similar programs.

[59:57] Matt Kohn: I think I only understood about half those metrics, but they sound really good. Like I'm not entirely sure what I can quantify in my brain what 10 petaflops of FP FP4 Precision honestly means in my life or versus the FP8 Precision. So sounds impressive, I'll give them that.

[60:18] Ryan Lucas: Yeah, it's a blessing and a curse that you know that I don't have these types of workloads right? I'm not using these types of things for building models and serving large amounts of inference, but I'm sort of jealous because it'd be kind of cool to have a use case where I could use this.

[60:37] Justin Brodley: I'm now looking forward to seeing all the cloud providers now rush out their next TPU and trainium because trainium 4 is already inbound. I think the next version of TPU v7 is coming out too, so you know it's arms race.

[60:51] Ryan Lucas: Definitely.

[60:53] Justin Brodley: Azure Storage is positioning itself as the foundational platform for AI workloads across the entire lifecycle from frontier model training to large scale inference and agent cape applications with key capabilities including blob scaled accounts that handle millions of objects across hundreds of scale units and Azure Managed Luster delivering up to 512 gigabits of throughput with 25 petabits namespaces for keeping GPU fleets continuously fed during training and inference operations. The platform is adapting to handle agent workloads that generate an order of magnitude more queries than traditional user driven systems with Elastic SAN is becoming the core building block for building cloud native applications offering fully managed block storage pools with multi tenant capabilities, while Azure Container Storage has been open source and now delivers 7x faster performance for kubernetes based stateful applications. Mission critical workload performance has reached new levels of M series VMs pushing disk storage to 780,000 IOPS and 16 gigabits a second throughput for SAP HANA deployments. Ultra disk paired with EBS v6vms can achieve 800,000 IOPS and 14 gigabits per seconds of throughput. The sub 500 microsecond latency while Azure NetApp files is addressing elastic ZRS for zone redundant high availability without operational components complexity. Microsoft is addressing power and supply chain strengths through Azure boost data processing units that offload storage operations to dedicated hardware, reducing per unit energy consumption while improving the overall performance. The partner ecosystem is expanding with co engineering solutions from Commvault, Dell, Pure Storage and Cumulo and others integrate deeply within the Azure storage service capabilities.

[62:22] Matt Kohn: I just got concerned when the Elastic San became the core building blocks of cloud native apps.

[62:29] Justin Brodley: It's becoming the core building block. I mean it's because you know blob, you know blobs are hard to use if you are used to whack whack Seth shares so yeah, I mean the.

[62:40] Matt Kohn: Stats here are impressive and you know, especially you know, if you go to the ultra premium discs and everything else like that, you really do get that performance. It's a pay for play model here and you can really get these high iops, high, low latency, you know, setups. Just get ready to pay out the notice for you as you do.

[63:01] Justin Brodley: I have an Oracle story for you this week. Oracle is proud to now support IAM Deny policies, allowing administrators to explicitly block specific actions even when allowed policies would otherwise grant them access. This addresses a common security gap and capability of other collaborators where overly permissive policies could inadvertently grant unwanted access. Particularly useful for enforcing compliance requirements and preventing accidental resource deletion in a production environment. The Deny policy works alongside existing allow policies using a deny by default model where explicit denies always override allows. Following standard IAM best practices seen in AWS and other cloud providers, organizations can now create guardrails that prevent even highly privileged users from performing certain actions like deleting critical resources or accessing sensitive compartments. Feature integrates with Oracle's existing IAM infrastructure, including compartment groups and dynamic groups, without requiring architectural changes. And customers can implement dynamic policies immediately through the OCI console, CLI or API. Welcome to the party. Yeah, I mean, how many years has that been missing?

[64:01] Ryan Lucas: I was trying to think it was relatively late to Google too.

[64:04] Justin Brodley: Like it's.

[64:05] Ryan Lucas: I want to say it was like four years ago. Like it wasn't that long ago where they got denied policies, but because that was one of the rough edges that I learned when having to adopt Google. But yeah, it's a. I'm glad they have it because this is a neat tool. I mean it seems like a kind of a negative statement, but the reality is it makes managing permissions really simple. Because if there's one permission that you are worried about in a managed role that you don't have to maintain, you can just tailor it towards that one and alleviate your concerns by either add conditions or what have you. So it is a powerful tool. I like it. So I'm sure there are Oracle admins that are very happy about this.

[64:46] Matt Kohn: There's tens of them.

[64:47] A: Tens of them.

[64:48] Justin Brodley: There's dozens of us. Dozens of us. All right, well, congratulations OCI users. You now have deny by default, as you always should have. All right, moving on to a cloud journey. Google SREs are apparently using Gemini CLI with their latest foundation model to reduce mean time to mitigation during production outages, targeting a 5 minute slo just to acknowledge incidents. The system uses functions calling to fetch incident details, analyze logs, correlate time series data and recommend specific migration playbooks like task restarts. Rather than generating arbitrary bash scripts. The invitation maintains human and loop control through multi layer safety, including strictly typed tools via model context, protocol, risk assessment, metadata, policy enforcement and required confirmation tests before executing any production change. This copilot approach allows AI speed analysis while preserving human accountability and creating automatic audit trails for compliance. Compliance the Gemini CLI integrates directly with Google's Monorepo to analyze code changes, generate patches as change lists and automate the entire incident lifecycle from initial triage through postmortem generation. System can populate timelines, create action items, file bugs and issue trackers and export documentation automatically. Workflow creates a feedback loop where generated postmortems become training data for future incident responses and the pattern is reproducible outside Google using open source Gemini CLI with MCP servers connecting to tools like Grafana, Prometheus, Pagerduty and Kubernetes. They didn't of course open source that, that I saw in here, which would have been nice, but yeah, I thought no, no, we should talk about this because I think it's a cool concept and it's a great use case for AI. I think that makes sense.

[66:22] Ryan Lucas: I mean a lot of this is funny because I read it and all this stuff with postmortems and the, you know, documentation and issue tracking like kind of after the incident, just like I read this as like AI is going to solve all, all the areas where humans just suck. Because this is an area that's very hard right when you're dealing with an outage. You just want to restore the service. And then when you get to the end and doing postmortems and documenting it, you realize that some of the data gathering that you did while the incident was ongoing, it was a little loose. When did this get executed? When did this happen? Why did we do this? Can get a little vague and so with tools like these, it's sort of filling in the gaps and, and, and generating all the data that the humans are not doing. So it's kind of interesting.

[67:06] Matt Kohn: Yeah, I mean, wherever you're in a. Keeping track of all that is impossible to say the least.

[67:12] Justin Brodley: You know, I think a ton of vendors who have tried to make it better, you know, like Fire Hydrant and others that help kind of bring some order to the chaos. But you know, a lot of times in incidents, if you don't have enough telemetry, you don't have things that comes human instinct and that's always hard to train. So be interesting to see how AI handles some of these things. When you have a, you know, a lesser data set like that makes sense for me at Google, at Google Scale and how they do things and you know, they're much more robust, mature, you know, software development process versus a startup. I'd be curious how it works there.

[67:44] Ryan Lucas: Yeah, nothing's going to be as, you know, if you don't have the data or access to data or don't have it organized in a way where a machine can, you know, quickly sort of figure out what's what within the context of Window, which has got its own limits, you're going to struggle. Right. So it sounds like, you know, this is one of the things I read the article and I was like, I want to know the workflow. I want to know which, you know, tools they put in place, the MCP servers. Because it's, it's, you know, it's like having the model take action or analyze stuff is the least important part for me. Right. Like getting things to where it can actually do something in, you know, you know, like the chat ops model of execution during these things. Like that's awesome. But it takes so much work to get that in place.

[68:27] Justin Brodley: Yeah, like they're like, it publishes automatically to, to Google Docs. I'm like, does it, does it do that with an mcp? Because you don't have a public MCP that I know for Google Docs because I would have moved to it already because I'm still using your terrible API.

[68:42] Matt Kohn: I assume they have an internal mcp.

[68:45] Justin Brodley: I mean, I think maybe they did official MCP works for some Google services. Maybe in December they finally release it. I'll struggle it out, I think.

[68:51] Ryan Lucas: Yeah, I think we talked about. We have, but it hasn't been, it's very recent.

[68:55] Justin Brodley: Yeah, but I mean even, even here, just looking at it doesn't mention, it doesn't mention specifically Google Docs. So it's, you know, like, that's a tough one anyways.

[69:07] Ryan Lucas: Yeah.

[69:08] Justin Brodley: But yeah, I mean, I think in general, anything to make this process easier and the fact that just, you know, like doing a really thorough postmortem where you go and grab all the logs and you go grab the timeline and you construct it from the chat messages and the, you know, the phone call logs and. And you know, if you're recording all that stuff, which is great, it just takes so much time and like, AI can do all that so much better than I can.

[69:28] Ryan Lucas: So much.

[69:29] Justin Brodley: Yeah. Yeah. So I mean, like just, you know, even if it can't mitigate the issue, which I do talk about quite a bit here in this article about, you know, bad customer minutes and burning down SLOs. Because of that, I. Which I think is great. I mean, I love everything about that, but, you know, implementing that is probably tricky if you don't have the maturity. But the rest of the stuff around it I think is doable for almost anybody as long as you have access to these tools or some capabilities. And there's some other things that they mentioned here that I'm sort of intrigued about. I might do some more follow up reading on. They've got generic mitigations as a concept from the Google SREs, a philosophy of duct tape outage resolution. And it's the whole O'Reilly paper from 2020 that I haven't seen before. So I got some reading to do.

[70:13] Ryan Lucas: But I'll check that out. Sounds interesting.

[70:15] Justin Brodley: I'm super intrigued by it. But yeah, it just. It's always cool to see a little glimpse inside of some of these big organizations like AWS and gcp of how they handle incidents because everyone's. No one's immune. Just about how you respond to things when they go wrong or how do you mitigate it. And so that's great. I appreciate them being a little bit transparent again, like a little bit more. Yeah. But again, I still appreciate the effort, so it's nice. Definitely. Check this out. If you're running an S3 team and you're working through a bunch of things around this particular topic. All right, gentlemen, that is it for another fantastic week here in the Cloud. All right, see you guys. Well, I won't see you next week. You guys will have fun with me.

[70:57] Ryan Lucas: Yeah.

[70:58] Justin Brodley: I will have some curry for you in India. And thank you. As I enjoy. I'll go to sleep right as you guys are trying to record is typically how that works. So best of luck. Oh, actually, no, I'll be. I'll be going. Waking up. Yeah. Time zones, they're hard. Yeah. And I'll be waking up by the time you guys are recording. And we're trying to get to an office and very busy traffic. So you guys enjoy safe travels and.

[71:24] Matt Kohn: Enjoy the long flight.

[71:25] Justin Brodley: I'll see you in two weeks. Yeah. And I don't look forward to the flight. The flight's never great. But I will see if I can recover quickly and then get back. So then my other big news was that, so not only did my. My team beat Ryan's team in the divisional round, then they. They beat the Rams, which I had a bunch of other friends who were Rams fans. And now my team is going to the super bowl, which I'll be back in time for, which makes me super happy.

[71:49] Ryan Lucas: Nice.

[71:49] Justin Brodley: So that's. That's the most important part.

[71:52] Ryan Lucas: I. Yeah, I mean, I'm surprised because knowing you and, you know, how average of a fan you are, like, I figured that would have canceled an India trip if that. I know.

[71:59] Justin Brodley: I. I strategically placed it. When I booked this trip, I was like, when is the bye week between the super bowl and the playoffs? Because if my team is involved, I'd like to be there. But also, I just. I. We always have fun at the Super Bowl. We, you know, we make food and we do stuff. So it's a big family thing as well, and I didn't want to miss that out either. So, yeah, it was definitely like, I need to be back in time for a Super Bowl. So I was strategically placed by myself. So. All right, gentlemen, we'll see you next. Well, see you guys in a couple weeks and see you guys next week here at the Club Pod.

[72:29] Ryan Lucas: All right, bye, everybody.

[72:30] Matt Kohn: Bye, everyone.

[72:34] A: And that's all for this week in Cloud. Head over to our website@thecloudpod.net where you can subscribe to our newsletter, join our Slack community, send us your feedback and ask any questions you might have. Thanks for listening and we'll catch you on the next episode.

[72:51] Justin Brodley: Sa.