# 342: Eight Minutes to Midnight: When AI Helps Hackers Speed Run Your AWS Account Duration: 85 minutes Speakers: Justin Brodley, Ryan Lucas, Matt Kohn Date: 2026-02-18 ## Chapters 1. [00:00] Cloud Pod hosts talk weekly about all things aws, GCP and Azure Episode 342, recorded for February 10, 2026, eight minutes to midnight, when AI helps hackers speedrun your AWS account. We talk weekly about all things aws, GCP and Azure. 2. [01:27] Seahawks beat Patriots to win Super Bowl XLVIII My favorite Seahawks won the championship. For those of you who are Niners fans like Ryan or Miami, slash Giants fans like Matt, you did not care about any of that. But, so I imagine you guys were maybe paying attention more to the commercials. 3. [02:08] OpenAI had an ad that was out that was, you know, tame OpenAI had an ad that was out that was kind of tame. Microsoft Copilot was the next one and this one was basically your best friend. I think this was an A plus effort for it got its message across. I feel personally affronted when there are commercials that I've seen before the super bowl played during the super Bowl. 4. [04:40] One ad premise is that everyone's making apps with our no code AI The ad premise is that everyone's making apps with our no code AI app builder. After this ad then I was like, this is a dumb ad. I don't think this was money well spent. There was a zapier commercial as well that was like this. But I didn't include that in this list. 5. [06:30] Next up was Gemini. I don't know who they were really targeting this at Next up was Gemini. Gemini was a cute little ad about these people moving to their new house. I felt like the target was like the general consumer that doesn't really understand how to use AI. Not a bad use of AI. 6. [07:40] Anthropic's ad is a direct attack against OpenAI The next one was Anthropic. They announced they were not going to put ads into Claude, which is a direct attack against OpenAI. I don't think it necessarily did what they hoped it would do if someone wasn't really fully paying attention to what the ad was. 7. [12:42] Google's new ad for AI.com is terrible AI.com's mission is to further AGI by creating a distributed network of AI agents. No one knows what it does, though, to be fair. This is the clearest sign that we're in a dot com bubble of anything I've ever seen. 8. [15:50] Microsoft's earnings show Azure Cloud growth slowing to 39% from 40% previously Microsoft's earnings show Azure Cloud growth slowing to 39% from 40% in the prior quarter. Company's gross margin hit a three year low at 68% due to substantial AI infrastructure investments. Only 3.3% penetration of Microsoft 365 copilot. A rough start to the earnings season for the cloud providers. 9. [19:19] Google Cloud revenue grew 48% year over year to 17.66 billion Google Cloud revenue did grow 48% year over year to 17.66 billion and beat analysts expectations with backlog reaching 240 billion. Gemini AI now has 750 million of the active users, up from 650 million last quarter. Alphabet plans to spend 175 billion to 185 billion on capital expenditures in 2026. 10. [21:39] Amazon plans to invest 200 billion in capital expenditure for 2026 primarily for AWS infrastructure Amazon plans to invest 200 billion in capital expenditure for 2026 primarily for AWS infrastructure. Most investments directed toward AI workloads rather than traditional cloud services. If there is an AI bubble, these huge expenditures on AI capacity is going to be huge problem for these companies. 11. [28:04] Salesforce is discontinuing its Heroku platform as a service Heroku is the original paas bought by Salesforce. Salesforce is redirecting engineering resources towards enterprise AI capabilities rather than continuing platforms of service innovation. Developers relying on Heroku for production workloads should evaluate long term platform viability. 12. [31:32] An attacker gained full AWS administrative access in just 8 minutes using Lambda code injection An attacker achieved full AWS administrative access in just 8 minutes by exploiting credentials found in a public S3 bucket. The attack demonstrates how AI tools are accelerating offensive operations. Organizations should implement least privilege IIM policies and enable bedrock model invocation logging to detect similar attacks. 13. [35:28] Anthropic has released a new Opus model with a 1 million token context window A new Opus model is generally available with a 1 million token context window in beta. Context compaction automatically summarizes older conversation history when approaching limits. Anthropic is using the model to find and patch vulnerabilities in open source software. 14. [44:15] OpenAI GPT5.3 Codex is their most capable agentic coding model OpenAI GPT5.3 Codex presents the first self improving model at OpenAI. Available to you via the paid ChatGPT plans using the Codex app, CLI, IDE extension and the web, with API access coming very soon. People are starting to use AI to improve AI. 15. [46:21] GPT has started testing ads for free and go tier users They have started testing ads as of Monday yesterday for the free and go tier users in the us. Ads are contextually matched to conversation topics and chat history, but do not influence chat. Users can dismiss ads, provide feedback, and delete ad data with one tap. 16. [47:18] We are getting Cloud Opus 4.6 on multiple other providers this week Next up, announcing Claude Opus 4.6 on Snowflake Snowflake Cortex AI. We are also Getting Cloud Opus. 6 on multiple other providers this week. We will save you all this week because we have much more news to get to. 17. [48:17] Databricks Supervisor Agent helps coordinate multiple specialized agents for Unity Catalog governance Databricks Agent Bricks Supervisor Agent is now generally available. It coordinates multiple specialized agents for Unity Catalog governance. System addresses Enterprise agent sprawl. Depending on who your provider is, this is the type of platform you're going to need. 18. [49:34] Hashicorp is launching Agent Skills, an open standard repository that packages domain expertise Hashicorp is launching Agent Skills, an open standard repository that packages domain expertise into portable instructions for AI assistants. Working with Terraform and Packer, these skills provide AI tools with specialized Hashicorp product knowledge. They're hoping to expand beyond Terraform to cover additional products. 19. [53:22] AWS has a new massively big instance that I don't know what to do with The C8ID maid and R8ID instances up to 22.8 TB of local MVV storage are GA. They're on the Intel Xeon 6 processor, exclusive to AWS, running at 3.9 GHz sustained all core Turbo frequency. I think the T series are getting pretty up there in age. 20. [55:49] AWS IAM Identity center now supports multi region replication AWS IAM Identity center now supports multi region replication. Organizations can replicate workforce identities, permission sets and metad data from a primary region to additional regions for improved resiliency and disaster recovery. ECS is now supporting Linear and Canary deployment strategies natively with network load balancers. 21. [59:00] Bedrock will enforce JSON schema compliance at the model level Bedrock will enforce JSON schema compliance at the model level. This reduces operational overhead by preventing malformed outputs before they reach application code. Available now for anthropic Claude 4.5 models and select open weight models across all commercial AWS regions where Bedrock operates. 22. [60:35] Redshift now allows database administrators to allocate dedicated compute resources for optimization Redshift now allows database administrators to allocate dedicated compute resources specifically for automatic optimization tasks. This prevents maintenance operations from competing with user queries during peak usage periods. enhancement is available across all AWS regions where Redshift operates. 23. [62:05] Google is launching the Developer Knowledge API and Model Context Protocol Server Google is launching the Developer Knowledge API and Model Context Protocol Server. It provides AI assistance with programmatic access to official Google developer documentation as machine readable markdown. Services are currently in public preview with free access through standard Google Cloud API quotas. 24. [66:27] Bolt uses Google Docs SDKs and has a lot of custom code Bolt uses Google Docs SDKs. I have a lot of custom code written in Python to handle all of the show note configuration stuff. There are some things that aren't perfect. To make it perfect would be so much more code and so much work for me. 25. [68:49] Google Cloud is expanding its sovereign cloud portfolio with three new tiers Google Cloud is expanding its sovereign cloud portfolio with three new tiers. Data Boundary, Dedicated and Air Gap. Designed to be varying data sovereignty requirements. Company announced substantial infrastructure investments across all contents. 26. [69:44] Google launches Gemini Enterprise Agent Ready to help developers build production ready AI agents Google launches Gemini Enterprise Agent Ready as a specialized learning program within the Google Developer program to help developers build production ready AI agents. Program provides 35 monthly learning credits on Google Skills platform for sandbox testing and lab access at no cost to the participant. 27. [71:43] Charlie Bell transitions from leading security to focusing on engineering quality as an individual contributor Charlie Bell transitions from leading security to focusing on engineering quality as an individual contributor. This organizational shift reflects Microsoft's continued emphasis on security as a top priority. No specific pricing or feature changes were announced as part of the change. 28. [77:40] Microsoft enhancing Azure database for postgres with native AI capabilities Microsoft is enhancing Azure database for postgres with native AI capabilities. Direct integration with Microsoft Foundry for in database LLM operations like embeddings and semantic search. Postgres 18 is now generally available on Azure with new v6 compute SKUs. 29. [79:55] Microsoft OneLake and Snowflake now offer bi directional Iceberg table interoperability Microsoft OneLake and Snowflake are now offering you a bi directional Iceberg table interoperability. Allows customers to store and access data across both platforms without duplicating the data. Changes made in one platform automatically reflect on the other. 30. [81:58] Azure container storage version 2.10 brings native elastic SAN integration for high performance persistent volumes Azure container storage version 2.10 brings native elastic SAN integration line kubernetes workloads to leverage Azure shared block storage service for high performance persistent volumes. This integration provides an alternative to existing Azure disk and ephemeral disk options. 31. [83:22] SQLCON is a new SQL focused conference collated with Favcon SQLCON is a new SQL focused conference collated with Favcon in Atlanta March 16th to 20th. Features 50 SQL sessions covering SQL Server, Azure, SQL and SQL Database in fabric. Early bird pricing and team discounts are available. But it's not a cheap conference. 32. [84:51] Sorry for the length tonight, but earnings, it's always lengthy Well, that is it for another fantastic week on the cloud. Sorry for the length tonight, but earnings, it's always lengthy. See you guys next week here in the Cloud. ## Transcript [00:00] Justin Brodley: Foreign. Welcome to the Cloud Pod, where the forecast is always cloudy. We talk weekly about all things aws, GCP and Azure. [00:14] Ryan Lucas: We are your hosts, Justin, Jonathan, Ryan and Matthew. [00:18] Justin Brodley: Episode 342, recorded for February 10, 2026, eight minutes to midnight, when AI helps hackers speedrun your AWS account. Good evening, Ryan and Matt. How you guys doing? [00:30] Ryan Lucas: Doing great till you read the title. [00:32] Matt Kohn: Speed running the podcast. [00:34] Justin Brodley: Speed run the podcast. I mean, I. I am actually impressed that it's February 10th. I was shocked cuz, like, January was 100 years long and now I feel like February is just running away like a blink. But I do appreciate both of you guys holding on the fort last week for the podcast. You guys did record it, so bravo. Congratulations. Always appreciate it. [00:52] Ryan Lucas: Made it. [00:53] Justin Brodley: And I. I also always enjoy reading the transcripts of it to hear you guys complain about how hard this job actually is. So, you know, I always love it when you guys appreciate me slightly more when I come back. [01:02] Ryan Lucas: You were definitely missed, though I will. [01:05] Matt Kohn: Say, when you and I tried to go back and forth at one time, you realized how hard it is to do the other side of this. [01:11] Justin Brodley: Yeah, because I'm so used to controlling the pace of the podcast, and so it's harder to do when I'm not the one driving it. And so that was more difficult for me. [01:20] Matt Kohn: But the. [01:20] Justin Brodley: The reading a back and forth part was not as terrible, other than catching the segue is important, so. But. Well, first of all, the super bowl was on Sunday, and I was mo. Mostly important to me because my favorite Seahawks won the championship. So, you know, congratulations to me. Yes, my. My football team is a Super bowl champion. For those of you who are Niners fans like Ryan or Miami, slash Giants fans like Matt, you did not care about any of that, what was going on the field other than that we beat the Patriots, which everyone hates the Patriots. That makes sense. [01:51] Matt Kohn: I cared. The Patriots lost. [01:52] Justin Brodley: Yeah, exactly. But, so I imagine you guys were maybe paying attention more to the commercials. And there was a lot of commercials for AI stuff. Now there's also a lot of commercials that use AI to generate them, and those are also bad. But I do. I do think we should talk about at least the ones that matter to us here at the Cloud Pod. And so there was a series of ads. OpenAI had an ad that was out that was, you know, it was kind of tame. Like it was all right, you know, like, it'll help you build things. It's a codex one. They have, you know, some AI generated content, and there's too because of course they made Sora, so that makes sense. But you know, I, I watch this ad and I'm just like I, if I didn't know open AI is I don't have a clue what this ad is. So all the, all my non technical friends who are watching this ad are just like I have no idea what this is. So that one I feel is a strike and a mission. What do you guys think? [02:44] Ryan Lucas: Yeah, I felt the same way. I was sort of underwhelmed by it. Especially as, as we talk about anthropics in a second. Like I knew that one was coming. That was sort of funny. [02:55] Matt Kohn: Yeah, I mean the open AI one, I was just confused by the, the perspective during it. The whole time I remember watching being like what is going on and why are there random arms on my screen? [03:04] Justin Brodley: Yeah, it was a little weird perspective. Like is this you doing something? I mean I think what they were trying to say is like you're building again. It's weird. Microsoft Copilot was the next one and this one was basically your best friend. Microsoft 365 Copilot helping you, helping NFL scout basically build the profile for the player they should draft with using Copilot which somehow Copilot knows all this stuff about the player and his background. And it was a little far fetched if you know how the pilot, how AI works in any way, shape or form. But I think it resonated with the audience and I think this one did not hurt them. I think this was an A plus effort for it got its message across. This is to help you inside of Microsoft products. They showed Excel, they showed Word, they showed you things that you would know what they are. And so I feel like a non technical layman person would know what this ad was for something called Copilot that does something but at least in their office product. [03:51] Ryan Lucas: Yeah, I feel personally affronted when there are commercials that I've seen before the super bowl played during the super bowl because I don't know like you're going to pay that much money, do something unique. And I've been running that ad for a little while. I've seen it in other, other places. [04:05] Justin Brodley: I mean I think it's been playing during the, the playoffs, but I don't think it was before that. Yeah, but yeah, during. [04:11] Ryan Lucas: I think it probably was during the playoffs. [04:13] Matt Kohn: Sounds right. But I read maybe a year or two ago they started to kind of ab test of a lot of the super bowl commercials like a couple weeks before. So you'll see them in different locations and then they kind of use that as real life a B testing, which I'm pretty sure there's a fancier term if you're not an engineer than a B testing, but that's the way my brain describes it. [04:32] Justin Brodley: A marketers call it a B testing too, so I don't know. They do it on websites. [04:36] Matt Kohn: I assume they called it something fancier than that. [04:38] Ryan Lucas: Maybe, I don't know. [04:40] Justin Brodley: So this next one, I have never heard of this company. It's apparently Bas 44. It's very expensive. So for free you get 25 message credits and a hundred integration credits and then they go all the way up to $160 per month. And basically the ad premise is that everyone's making apps with our no code AI app builder. And so basically the lady in the game ad shows it off and then everyone's like I'm go build my app. And they're all building all kinds of dumb, terrible vibe coded apps. Again, I've never heard of this company. I don't think this was money well spent. And then I had the question about this workplace, like how who's doing the actual jobs you guys have? Who's draw building toy apps and vibe coding all day long? So I don't know that that company that was replicated to ad would actually survive. [05:25] Ryan Lucas: Well, obviously AI is doing all the real work, right? [05:29] Justin Brodley: Yeah. [05:29] Matt Kohn: Is it, is that the premise? AI is doing your work so you can go have side jobs? [05:33] Ryan Lucas: That's. That's what I assumed. [05:36] Matt Kohn: I think I'm doing my job wrong. [05:38] Justin Brodley: Yeah. So you know, it's a company I never heard of. You know, I assume this is some VC back company. I, I did not do any research on it. After this ad then I was like, this is a dumb ad. I don't. It's like very much in the no code story and all those things. [05:53] Ryan Lucas: So there was a zapier commercial as well that was like this. And then there was another one by another company that I had never heard of that was sort of a similar vein of like you can build whatever you want sort of. But heavy on the. [06:07] Justin Brodley: Your. [06:08] Ryan Lucas: Your new brand new idea turned into a nap made easy by AI. [06:12] Justin Brodley: Yeah, the zapier one. I didn't really feel like it was an AI one so I didn't include that in this list. But that was a good one. I probably should have. [06:19] Ryan Lucas: It literally said sapier powering your. [06:22] Justin Brodley: Yeah, I did. Okay, you're right. [06:26] Ryan Lucas: It's not an AI product. [06:27] Justin Brodley: I agree. It should be there. It's you're right. Next up was Gemini. Gemini was a cute little ad about these people moving to their new house and you know, the kid, you know, small kid clearly is talking to his mom and is like, oh I don't, where's my stuff gonna go? Then they use the AI Nano Banana to basically insert all of his furniture into the room and build a garden in the backyard so they can see what it's going to look like. Not a bad use of AI. I don't know who they were really targeting this at. I think I missed the point but it wasn't a bad ad other than I don't know what it was. [06:59] Matt Kohn: I thought it was kind of fun and I think I felt like the target was like the general consumer that doesn't really understand how to use AI. They're just sick of hearing it in the day to day world and they're like I should use it and like giving people real life kind of way to actually figure out how to use AI in a way that could actually help them. That's what I kind of thought it was. The target audience, like definitely not like consumer, like definitely not like professional or anything else or the workspace like Copilot or Base44, but just the general kind of consumer that doesn't know how to use it but wants to figure that. [07:35] Ryan Lucas: Out or still thinks it's just chatbots and nothing else. [07:39] Justin Brodley: Right? Yeah. The next one was Anthropic. So Anthropic was a little bit controversial because they basically announced before the super bowl that they were not going to put ads into Claude, which is a direct attack against OpenAI. And so basically they were saying, you know, we've after a lot of discussion decided that we're not. It's a trusted assistant and for work and deep thinking and so we don't want to clutter the experience with ads or you know, risk trust with you, our users. OpenAI of course took a little bit of offense to this because they're like, well we're not putting ads in the chat, it's just around the chat. And they did roll that out this week. We'll talk about that a little bit later today. But so Anthropic basically created an ad that, you know, it's basically you like I think one I, I think I to is the, the guy, he's lifting, you know, he's doing pull ups and he's like, hey, you know, OpenAI or ChatGPT or I don't remember who he calls which agent but he says, you Know, how do I get. [08:31] Ryan Lucas: I don't think I said it by name. [08:32] Justin Brodley: I don't think it did either. [08:33] Matt Kohn: Yeah. [08:33] Justin Brodley: How do you, how do I get a six pack ab? And so it gives you like answers like, well, you know, eat a calorie, lift weights, blah, blah, blah, whatever dumb thing. And then it's like, oh, you know, get testosterone from blah, blah, blah website. And it's in a very silted way, like AI's talk, you know, because again it's, it's GPUs and all that. And then it basically says we'll never put ads in your thing. Anthropic. And I, I get what they were trying to do and it makes sense to me because I've used these things and I know how they write responses back and I know the kind of stilted method they do, but I like, literally the person I was with was like, so, so is anthropic putting ads in the thing? I'm like, yeah, they didn't really make it very clear who's putting ads in the chat. And they kind of leave it with just, they're the only, only brand you see is theirs. So I don't know that it necessarily did what they hoped it would do if someone wasn't really fully paying attention to what the ad was. So I, I think this is a c. I don't know. [09:22] Matt Kohn: I don't think so. [09:22] Ryan Lucas: I had, I, I had the complete other view on this, which is like I've always known that they're going to have to monetize AI responses. And this is exactly what I envision like a doomsday SC where every sort of AI interaction is exactly how, how they depicted it in the commercial. [09:42] Justin Brodley: Yeah. [09:42] Ryan Lucas: And you know, like I was around my family who's. The rest of them aren't technical and they, they thought it was hilarious just because they've used AI. And so the, the blank face and then turning into the like the overly sweet smile in the answer. And then also, you know, what a great question. [09:58] Matt Kohn: Yeah. [09:58] Justin Brodley: The way. [09:59] Ryan Lucas: And you know, and then the, what they used in the advertisement was I, I definitely think it's underhanded and dirty because. But it was also hilarious with the, you know, like what was it? It was like insults for short kings or something like that. [10:11] Justin Brodley: Yeah, that's, that was what he's trying to do. [10:13] Ryan Lucas: Six pack abs. I was like, that's rough. [10:16] Matt Kohn: Yeah. [10:17] Justin Brodley: So it was definitely. I, I don't know. I, I felt it was, I mean, I don't. Maybe because I don't like the underhandedness of it. Because again, like, this is partially open AI's fault because they announced they're going to do ads and but they didn't explain how they were going to do them or give any mockups. And so it left it open to interpretation. Anthropic took it to the worst extre. Basically, we're not going to do that. So it's clever. It's a little bit of punching down, though I don't think they need to punch down. And it does. [10:42] Ryan Lucas: Reading OpenAI's sort of response to this, it does. Like, how they're going to display ads doesn't seem nearly as offensive as the. [10:50] Justin Brodley: As it's depicted. [10:51] Ryan Lucas: Like, it'll be a lot more like Google search results, I think. [10:54] Justin Brodley: Yeah. Where it'll be very clearly this is a sponsored response. And so, you know, it's not part of it or it's. [10:58] Ryan Lucas: Honestly, I don't think it's in the response at all. It's just. It's displaying it alongside the response. Like, you know, just. That's how the Internet works. So, you know, unless you're paying boatloads of money, which you can do to not see those ads. [11:12] Justin Brodley: And then the, the ad that I think is the worst of all the AI ads I saw. [11:17] Ryan Lucas: I agree. [11:19] Justin Brodley: So this is ad. As soon as it opens up, I know it's AI generated and it's literally like a low, you know, logo being carved into stone kind of type vibe. And I don't know exactly what it was because I haven't watched it again because I refuse to. And basically it. It pans out and you see that the logo is created is AI.com and that's the entire commercial. It's like 30 seconds. And I'm like, I don't know who AI.com is. I have no idea. But it's like, oh, but come claim your name now. Which I'm like, okay, well, I would love to be AI.com, justin. I don't really know what that is. And so, you know, I try to go to it, of course, as being hugged to death because they didn't scale their servers up properly for the Super Bowl. Bravo. And then finally, when I did get to it the next day, I was able to actually sign into it. My username was gone, which I was sad about. But worse, you. You put in your email address to it and then it says, choose your handles for yourself and your AI. And so you're supposed to put in AI.com, whatever my handle's gonna be which will be, of course, Jay Roadley, because that's what I always use when I can't get Justin. And then enter a handle for your AI AI.com blank. And like, literally, I'm sitting there looking like, I don't know what I want to call my AI. I don't even know what you're gonna do for me at this point. I don't even know what this product is to name it. And so I just think this is terrible. So. [12:31] Matt Kohn: So what did you end up naming it? That's what I want to know. [12:34] Justin Brodley: I don't remember what I named it. I threw something stupid into it just to get through. And then he says, oh, you're on a wait list because our beta is super packed. I'm like, okay, go after yourselves. So I don't know how many months it'll take me to actually get an AI.com thing. And I did see just now that they're going to have Twitter verification. So if it's somehow attached to Grok, I'm going to be super pissed. [12:53] Ryan Lucas: I. I was actually put off more by, you know, how bad that is that. Well, it's a terrible ad. But all, you know, like this. This weird, like, ominous tone of a AGI is coming. [13:04] Justin Brodley: Oh, yeah, that too. I forgot about that. [13:05] Ryan Lucas: And then. And then, you know, claim your handle. And I was like, I don't understand what that has to do with AI or AGI, AGI or anything. It's just like. It's this weird, you know, like, marketing trick, right? Which is this, you know, imposed sort of feature, you know, the. Make it seem like there's a limited resource, you know, and so, like, it was very odd and I didn't understand what they were selling or what they did, like, create my handle at this thing. Like, it was. I thought it was a miss. [13:36] Justin Brodley: And then they showed three examples, and one is Mark, one is Sam, and one is Elon. I'm just like, hmm, okay, that's weird. [13:46] Matt Kohn: Yeah. [13:46] Justin Brodley: And I find it funny to me that, you know, going to this ad now, I see that they have turned off comments for this because apparently people thought this ad was so dumb and they wanted. Must have been commenting terrible things as well. And they were like, yeah, we gotta turn that off. So anyways, definitely more ads this year. [14:01] Matt Kohn: I remember seeing recently, I think it was in the last day or so that they spent $70 million on the domain alone. [14:08] Justin Brodley: I mean, had. They had to have. [14:09] Matt Kohn: It was. Yeah, right. And then like 80 million, 8 million on the ad. So, like, before they Even have done anything they spent. Let's just round it to $80 billion out the door. Like that's where they're at as a business that they've. They're 88 million, $80 million in the hole before they've done anything. And no one knows what it does, though, to be fair. We're talking about it. So it's good, you know, buzz marketing. [14:33] Ryan Lucas: Yeah, that's true. [14:34] Matt Kohn: But at the same point I'm like, I don't understand. [14:37] Ryan Lucas: I mean, I went to the website right now. Well, just to see. And it's, it's even worse than I thought. Which is like they're. They say there's very little on the website like that. There's, there's one page. Oh, no comment. Except for one paragraph that says that AI.com's mission is to further AGI by creating a distributed network of AI agents. Yeah. [15:02] Justin Brodley: Again, it has. It's just buzz. Like, I don't even know it exists. Like, I mean. [15:07] Ryan Lucas: Yeah, I don't think it does. [15:08] Matt Kohn: Yeah, I don't think it does either. [15:10] Justin Brodley: I mean, this is, this is, this is the clearest sign that we're in a dot com bubble of anything I've ever seen. Yep. It's like. Yeah. [15:17] Ryan Lucas: So this is going to blow up. [15:19] Matt Kohn: Yeah. [15:20] Ryan Lucas: Any moment. [15:21] Justin Brodley: Yeah. [15:22] Ryan Lucas: Because this is like the, the peak of the bubble where it's just getting stupid. [15:25] Justin Brodley: Yeah, it definitely feels like again. And then this is also. Remember from the dot com era was a ton of like really dumb web dot com, you know, webvan and other dot com dot com. All these egg dot com. Yeah, egg dot com. I mean so many. So, yeah, I was like, if you ever want to know if there's a bubble, spending dumb money at the super bowl on an ad that makes no sense is probably your number one clue. So. All right, gentlemen, it is now time to talk about earnings. Was a little delayed. Sorry. It's really funny. [16:08] Matt Kohn: As soon as you said earnings, I muted my headphones. I was watching Ryan's face to know when it was over. I was ready. [16:16] Justin Brodley: You were prepared. So actually earnings been going on for a few weeks, but Microsoft has decided to separate itself from Amazon and Alphabet and report earnings like two weeks before. So this is a little bit of a data article and I don't know where they're at today, but. So take that a grain of salt. But Microsoft was First up with Q2 20, 26 because they have weird calendar year with their earnings showing Azure Cloud growth slowing to 39% from 40% in the prior quarter missing analyst expectations of 39.4% and causing shares to drop 7% in after hour trading. Company's gross margin hit a three year low at 68% due to substantial AI infrastructure investments totaling $37.5 billion in capital ventures. Up 66% year over year. OpenAI now represents 45% of Microsoft's $625 billion commercial remaining performance obligation out of committing to a 250 billion cloud services deal. During the quarter, Microsoft copilot adoption reached 15 million seats out of 450 million total paid commercial seats representing only 3.3% penetration. So that's what they knew that super bowl had. The company plans to raise prices on commercial office subscriptions in July to help offset the AI infrastructure costs. Thanks, appreciate that. Q3 guidance projected Azure growth at 37 to 38% at constant currency. The personal compute segment declined 3% with gain revenue down 9.5% due to unspecified impairment charge reflecting ongoing challenges in the Xbox division which is basically make better games. So Microsoft, a rough start to the earnings season for the cloud providers. [17:42] Ryan Lucas: Yeah, I mean I think that Microsoft 365 copilot is doomed. They might get it just because of their integration with their other products, which, you know, like that kind of thing. But like it's already ridiculously expensive and then once you use it to see what it does, like it does awful things like it's. I continue to just be mad at. [18:03] Matt Kohn: It when, wait till you use it on PowerPoint, then you'll really hate it. [18:08] Ryan Lucas: So I, I did, I tried in PowerPoint, I tried Excel and I tried Word because, you know, I figured just try these things and. But it's, it has, it's none of the features of any of the other, you know, ecosystems. So it's, you know, answered a question or how to do a formula, you know, to compute data in Excel. And it's like upload the Excel document. [18:29] Justin Brodley: And I'm like, you're in the, you. [18:30] Ryan Lucas: Are the Excel document in the document. [18:36] Justin Brodley: It's like when Claude asked me to run a command line tool. Sometimes I do that gets confused. I'm like, you are the command line. [18:42] Matt Kohn: Yeah. [18:44] Ryan Lucas: And so it's, I think that that just goes, you know, there's 3% penetration and given how much of that's already integrated into, you know, products that people have anyway, I'm like, that's rough. [18:56] Matt Kohn: Now the real question is whether you get sued by the EU for some sort of antitrust because Copilot is integrated in with all these tools they already. [19:06] Justin Brodley: Separated out, they already had that problem and they basically had a skew. The hat does not include it. So they've already preemptively avoided that problem. I think you weren't here that episode. We talked about it. All right, well, so that was bad. We started out bad. So can Google and Amazon pull us out of this terrible tailspin and maybe Alphabet plans in their Q4 earnings plan spends 175 billion to 185 billion on capital expenditures in 2026, more than double what it spent last year. Primarily of course, targeting AI compute capacity for DeepMind and Meeting Cloud customer demand. I mean, you could also build capacity into other clouds for just compute, that'd be great, but that's fine. This is one of the largest interest investments in tech history and signals the scale of resources required to compete in enterprise AI. Google Cloud revenue did grow 48% year over year to 17.66 billion and beat analysts expectations with backlog reaching 240 billion after increasing 55% sequentially. Cloud division's performance demonstrated strong enterprise adoption of Google's AI services and positioned itself as a more competitive alternative to AWS and Azure. Gemini AI now has 750 million of the active users, up from 650 million last quarter. And I wonder if they count the people using just Google search. That includes the smart AI in that number. [20:15] Ryan Lucas: That's what I wonder too. [20:16] Justin Brodley: Yeah, but anyways, they did reduce serving costs by 78% throughout 2025 through model optimizations and efficiency improvements as well as adoption of the tpu. And this construction is critical for maintaining profitability as AI services scale to hundreds of millions of users. Uh, Yahoo YouTube advertising revenue missed analyst expectations. No one cares. And Waymo recorded a $2.1 billion stock compensation charge following its 16 billion valuation fundraising round, which also impacted the earnings. But in general, the market was very happy with Google. So even though they said they're going to spend bajillions of dollars to buy more AI stuff, now that they are showing adoption growth and lowering unit economic costs all made the street very happy with Google's answer to this. And you know the thing that's interesting, you know, Gemini adoption must be ramping up much faster than I realized because the fact that, you know, Microsoft is missing on earnings and they're the OpenAI provider for the most part. I mean, Oracle starting to provide it, some others trying to provide it. The fact that, you know, Azure didn't see that boost that Google saw from Gemini makes me question how well OpenAI is actually doing in the market. [21:20] Ryan Lucas: Yeah, I mean it's hard to use these days, right? Like it just doesn't perform the way. [21:26] Justin Brodley: I want it to. [21:27] Ryan Lucas: I keep trying it out, you know, as I make improvements and release new models. [21:31] Justin Brodley: Yeah, I mean, I don't think it's terrible. I mean I get value out of it for what I do with it, but I'm not trying to do the same things we're trying to do with it. So, but, and so then Amazon wraps us up here at the end of it with their Q4 2025 revenue reaching 35.58 billion with a 24% year over year growth, maintaining its market leadership position while operating margins improved to 35%. The cloud unit represents 17% of Amazon's total revenue, but generates the majority of company profits at 12.47 billion. Amazon plans to invest 200 billion in capital expenditure for 2026 primarily for AWS infrastructure which exceeds analyst expectations of 148.6. 48.8 sorry. Billion company added 4 gigawatts of computing capacity in 25 and plans to double that by end of 2027. With most investments directed toward AI workloads rather than traditional cloud services. I mean if I associate that to that's the cloud infrastructure, then cool. If I associate that to Nova and to the other BS that they're trying to do with Bedrock, I don't know that's a good investment. AWS growth rate of 20% trails competitors at Google Cloud and Azure, but that's been the way that's been around for a while, suggesting potential market share for shifts in AI driven cloud services. Both competitors report strong growth attributed as Talked about coming security. $38 billion spending commitment from OpenAI and launched Nova Forge for advanced AI model customization at $100,000 annually. And these moves demonstrates AI strategy to compete in generative AI training. Market capital guidance reveals that non AI workloads are growing faster than anticipated requiring additional infrastructure investments beyond just AI. That could be things like other cloud compute units or potentially Amazon Store infrastructure. They also took a major write off on Amazon Fresh as they're shutting that down as well. So overall bad. Bad all the way around for Amazon. They also had a weak sales quarter which is not mentioned in this article. But revenues from Q4 Christmas sales were not where analysts expected them to be. So they got punished by the market as usual. [23:26] Ryan Lucas: Yeah, I mean if, if there is an AI bubble, these, these huge expenditures on AI capacity is going to be huge problem for these companies. [23:34] Justin Brodley: Right. [23:34] Ryan Lucas: Because it's just, it's a Ginormous. Ginormous investment and it's, it, you know I, I don't think it's just for you know like their own built in models. I do think it's for you know, offering AI workloads to customers on AWS and you know like as, as you said there the, they're a lot of, that is a profitable side of the business. So that's, that's good news. [23:54] Justin Brodley: But if you, if you wanted any more reason to assume that we are in a bubble, I have put into the show notes a chart that shows CapEx growth by quarter and basically if you look at Meta Alphabet, Microsoft and Amazon, they have all gone hockey stick up and to the right in their overall spend and capex which is massive investments. The only one who's being smart in this family chart is Apple who's still at 19% because they don't have any AI story. [24:23] Matt Kohn: Are they just using ChatGPT? [24:25] Justin Brodley: They may be the one that survives all of these other companies because these other ones are all going to be way over leveraged if there's a bubble. And I think these guys are in danger potentially in the future if this goes bad. [24:36] Matt Kohn: I mean some of them compute and things like that is if they're not, I mean the problem is they're all straight GPUs but you know, could be used for other things. You know, if they have general infrastructure and everything else, you know, maybe we'll get some nice new really cheap, really fast networking that we can leverage in the future for our workloads, you know, so you know there's some long term growth here that can be nice that you know, looking forward to maybe if it doesn't burst so big the bubble, but all the GPUs and everything are just going to definitely sit a little bit more idle than they want them to. [25:10] Justin Brodley: Well, I mean the bigger issue is that so not only do you have these companies at risk but then you have entire manufacturing supply chain because Micron for example is building out RAM fabs for the first time probably in decades. And they're so they're building all this capacity based on all this future potential capital that these companies are committing to spend. And so if they all of a sudden disappear, all of a sudden RAM prices are going to fall through the floor and just normal CPU prices can fall to the floor. So I mean like there's a potential that if there's a bubble and these come because the reality is once you start a fab, you're going to finish the fab. Like it's a big capital investment to build one. And so, you know, most likely if this bubble bursts, let's say in the second half of this year, you're going to be too far along to cancel it. So you're going to build that capacity and so then sometime in 2028, you're going to have a ton of capacity available if there, if AI doesn't need it. So there's two risks that you're running. One is that this is a bubble, which is one risk. And the second risk is that you are assuming inference doesn't get faster, cheaper and less compute intensive, which there's a lot of people working on right now. So there's a lot of speculation in the economy right now on this, which is I think a danger in some ways. [26:15] Ryan Lucas: Well, and I, I see the same, you know, behavior as we did Dot com, which is like, you know, all of this crazy expenditure risk like had a huge impact on the economy way outside of the tech sector. And I think with the amount of numbers and infrastructure and businesses that utilize these cloud providers, I think we're at the same amount of risk where it's not just going to be companies making silly financial decisions. It's going to take down the market and it's going to take down investments overall, which is going to have a huge impact on everything from pensions and mortgage rates and everything. It's going to be awful. [26:53] Matt Kohn: Well, there's the doom and gloom of the episode. [26:55] Justin Brodley: Yeah, no, I mean it's, I mean, I, I, I don't disagree. Yeah, I mean, I see why the market is very apprehensive about these capital commitments. I mean when you see a chart like that, you just have to say like that's not sustainable, like show, show sustainable revenue growth. And if you're, right now, even with the, if you look at 2024 and 2025 capital investments you've already made and now you're Amazon or your Microsoft saying, well, we're not seeing growth in revenue tied to that. Like that's a big risk. Like it's, you know, and what's the amortization on a gpu? I mean most hardware is three years, maybe the cloud providers can push it out to 5 on amortization schedule. But like it's, it's, it's a big anchor if it blows up. [27:36] Ryan Lucas: Well, and so much of these AI workloads are very, you know, tied to hardware performance. Right. [27:41] Justin Brodley: Well, and that's the thing is like is it really a five year amortization schedule for a gpu like. I mean I don't think so. [27:47] Ryan Lucas: I don't think it is not like CPU. [27:49] Justin Brodley: Yeah, maybe. Maybe 18 months is realistic. I. Yeah. [27:53] Matt Kohn: Again, I just saying I'm still going to go run my M1 medium still spot market for. That's great. [28:01] Justin Brodley: Let's go from doom and gloom to doom and gloom. [28:04] Ryan Lucas: Excellent. [28:07] Justin Brodley: So we don't talk about Heroku very much, but for those of you who've been in the web interface or web world for a long time, Heroku is the original paas bought by Salesforce, which is when I lost all interest in them. Because anything that gets bought by Salesforce just starts to suck. Even slack. Sometimes I feel that way. [28:23] Ryan Lucas: Slack has just stopped getting. Getting better. They've fortunately not killed it. [28:26] Justin Brodley: Yeah, I mean that's really the problem. Yeah, they haven't killed it yet. I keep waiting for them to screw that up somehow. But. So Heroku has been around for a long time and for those of you in the Ruby days, it was a very popular platform. I used it and it's. It's always been kind of out there and I always kind of know about it and I've used it for different workloads here or there over the years. But you know, I am. This announcer came out and they basically announced that they're moving to a sustaining engineering model, meaning no new features will be developed while the platform teams receive security patches, stability updates and operational support. And this represents a shift from active element to maintenance mode for the 15 year old platform. As a service, existing customers can continue to use Heroku with no changes to pricing, billing or service levels. And all core functionality, including applications, pipelines, teams and add ons, remains fully operational. Salesforce is ending new enterprise account contracts while honoring existing enterprise subscriptions and port agreements through the renewal periods. And the signal strategic pivot way for enterprise sales expansion while maintaining commitments to current large customers. The parent company, which is Salesforce, is redirecting engineering resources towards enterprise AI capabilities rather than continuing platforms of service innovation. This follows a pattern of Salesforce deprioritizing Heroku since acquisition, including the 2022 elimination of free tiers and reduced feature velocity in recent years, which I think I actually got rid of Heroku when they killed the free tier. [29:34] Matt Kohn: Yep. [29:34] Justin Brodley: Developers relying on Heroku for production workloads should evaluate long term platform viability. And I was thinking about this and I was like, well, they probably didn't do anything on AI and that's why they're, you know, no one's using anymore. Then I went to Go look at their website because I hadn't been there in forever and like they have Heroku managed inference and agents, they have model context protocol hosting for Heroku, they've got PG vectors for Heroku. So like they weren't not innovating in AI. I just don't think anybody was using it. I think it's probably the bigger problem. [29:57] Ryan Lucas: And this is the first I've been hearing about Heroku managing any of that. [30:01] Justin Brodley: Right, yeah, maybe that's our fault. Maybe we should have been covering here at the Cloud bot. I apologize then if that's our fault for not letting our listeners. [30:08] Matt Kohn: It's all your fault that they failed. Justin. Just saying it's a great platform as a service. I'm kind of sad to see it go because there's a lot of companies I've worked with in the past that started there because it was just so easy. Their problem for them at least back in the day was scaling and supporting which meant I helped and having a lot of other features which meant I helped a lot of customers moved from Heroko to AWS to gain other aspects platform that they needed. So it doesn't really surprise me. But at the same point, like it was a really good starting point for a lot of companies. [30:41] Justin Brodley: I mean I did, I do think like certain things like Netlify for example, have kind of taken some of their thunder. I do think there's some other up and coming startups like Render and Fly IO that have been making you slightly newer capabilities that aren't quite as flexible as Heroku. But again, Heroku was really for the Ruby H in many ways, which has been dead for a long time, as you guys have to remind me quite often. But you know, even Dropbox or sorry, Digital Ocean has a solution to run apps in a simple way. But yeah, I'm kind of sad about it because again it is. It has been a part of my technology career for pretty much half of it and have some fun memories. So you know, condolences to the team at Heroku, although it sounds like the developers just moving over to other AI Salesforce projects so that's good for them and hopefully this doesn't also befet the Slack team. So keep developing Slack please. Right, yeah. In today's terrifying news, an attacker achieved full AWS administrative access in just 8 minutes by exploiting credentials found in a public S3 bucket then use Lambda code injection to escalate privileges. The attack shows strong evidence of LLM assistance, including Serbian language code. Comments hallucinated AWS account IDs and references to non existing GitHub repositories. The threat actor compromised 19 different AWS principles through role chaining and KARAS account access attempts, making detection difficult by distributed operations across multiple identities. They specifically targeted AI infrastructure by invoking nine different bedrock models and attempting to launch expensive GPU instances for potential model training or compute resale. The attack demonstrates how AI tools are accelerating offensive operations with the attacker completing reconnaissance, privilege escalation and resource abuse in under two hours. Organizations should implement least privilege IIM policies, restrict lambda update function code permissions and enable bedrock model invocation logging to detect similar attacks. Critical security gaps included overly permissive lambda execution roles with administrative access and the read only access policy on the compromised user which enables extensive reconnaissance across all AWS services. The attacker also attempts to deploy a terraform based backdoor that would create a publicly accessible lambda function for generating persistent bedrock credentials. And the use of IP rotation, role chaining and distributed operations across multiple principles show sophisticated evasion techniques. Detection required behavioral analytics that can identify patterns like rapid enumeration across services, unusual bedrock model indications and lambda code modifications rather than relying on single event alert. That's. [32:58] Ryan Lucas: Yeah. These are the types of examples I use when trying to talk to people about least privileged, you know, development and how it's. Even in your lower environments where you think you're safe and you're trying to develop things. It's, it's, it's really not okay to start not using least privileged access because there's very creative ways in which you can do privilege escalation. This, this lambda attack is a very good example. And now it's going to be so easy because AI will just do it for you very. And this, this really demonstrates it. And so it's, you know, like I know it's a pain in the ass for sure. I hate developing those policies too. And it's, you know there's, especially when you're in this higher iterations where it's like oh, next failure, next failure, next failure. But this is why you do it because there's you know, like it. It's easy to pretend that no one's going to get into your account or your environment and but one slip up and you put the wrong thing in an S3 bucket or you commit the wrong thing in GitHub, which is easier to do than people like to admit you're done. Like it's crazy. [34:03] Matt Kohn: Yeah. I mean the way they did the chaining of the attack and like you said, it's. I felt like when I first started aws, it was like just do list Star and describe Star. You know, it's not that big of a deal and nowadays it's like don't, don't do that. Like actually specify down and getting to that. True least privilege like while Ryan said is a big pain in the ass but whatever you want to call it, you know, it's still, it has a lot of value but it's one of those things that's hard to prove the value because you're essentially trying to prove a negative, which is Ryan's whole job. So you know, like you know, but if you could do it, you can truly say, look, I have least privilege. And I mean I've had some fun. I ran Claude a long time ago. I should do it again on some code I wrote for a customer and I found a couple of these of things of mine that were like describe Star. At least it was locked down to EC2 and other things, but it still was kind of set up a little bit too broad and leveraging AI. I was able to really lock it down even more to the point when I do the reverse iteration. Ryan said try it, you know, watch the app fail and kind of work through the the error logs a few times. But it did make a much more secure environment and to stop something like this because lateral movement in the in your AWS account is going to be something that's easy, you know, and you got to make it hard for people. [35:28] Justin Brodley: All right, let's move on to AI is how ML makes money. If you want to check out more about the anthropic commitment to keeping cloud ad free, we did have the article in this section, but we won't talk about it because we talked about it earlier in the Super. But Claude has released a new Opus model very fast after 4.5 came out. And the new 4.6 model is generally available with a 1 million token context window in beta making the first time an Opus class model has offered this extended context capability. The model maintains the $5 for input and $25 per million token output pricing with premium pricing of $10.3750 for prompts exceeding 200,000 tokens. So yes, you get a million tokens, but it's going to cost you a pretty penny and don't do it. Yeah, don't do it. Model introduces adaptive thinking and for effort levels low, medium, high and max that let developers control how deeply Claude reasons through the problems, balancing intelligence against speed and cost. Context compaction automatically summarizes older conversation history when approaching limits enabling longer running agentic tasks about hitting context Windows OVA4.6 achieves state of the art performance on Terminal Bench 2.0 for agentic coding and outperforms GPT 5.2 by 144 Elo points on imaginary scales people made up apparently an evaluation of economically valuable knowledge work tasks. New product features included agent teams and cloud code that work in parallel and coordinate autonomously plus cloud and PowerPoint which is a research preview and upgraded cloud and Excel for handling multi step data processing and presentation tasks. The Model also supports 128,000 output tokens and US only inference at 1.1x pricing for compliance sensitive workloads. Safety evaluations show Opus 4.6 maintains alignment comparable to its predecessor while exhibiting the lowest over overall refusal rate of any recent cloud model. Anthropic developed six new cybersecurity probes to monitor potential misuse given the model's enhanced security capabilities and is using the model to find and patch vulnerabilities in open source software. [37:18] Ryan Lucas: Yeah, one of the things that I'm constantly sort of battling with is the context windows and so I'm not so sure that the context compaction actually works the way they it advertised because every time I go through a process like that you lose so much during that compaction. And so it's like especially I've, I spent a lot of time like personalizing workflows and adding instructions for, for repetitive actions and that summarization often will remove all of that. You know, so it's, it's kind of rough when that happens. [37:51] Justin Brodley: But yeah, so there's, I mean there's some things that people do. Like you can have your chat history, you know, stored into a text file and the repo that it can go back and check and there's other things you can do, but I have noticed the same thing you have. So like typically that's why I like to have a task list always or a to do list that I'm always monitoring because it will lose its place when it does a compaction sometimes. And then the other problem is if you're doing like debugging or you're doing logging, you'll run out of context and it'll, it'll pass the threshold. So you can't, you now can't compact, which is the worst. So I am happy about the 1 million tokens for that one use case where I'm like okay, fine, I'm willing to pay the slightly higher price to get this compacted so I don't lose everything but you do lose some value. And then apparently there's a new feature in this version of cloud code that also does automatic ongoing compaction. So instead of waiting until it gets to 200,000, it's compacting like the prior 550,000 tokens as it goes through. So to help avoid some of that. So I'm curious to see how that stuff works. It's only been in place for about a week, and so I haven't had enough coding time with it to really see how that's working, but I'm intrigued. But, yeah, context loss is definitely a definite issue. But even at a million tokens, its ability to actually scan across a million tokens and make decisions is also difficult. And you see that in Gemini quite a bit, because context drift happens pretty fast. [39:10] Matt Kohn: I mean, I treat AI like a junior developer as much as I can. Like you said, like, give it a very specific task where you can. My problem comes down wherever I hit large. You know, context is when I'm debugging an issue. Earlier today, I was debugging a Java app that, with nginx and, you know, working through it, I was like, oh, wow, okay, you're now telling me to go completely right on this. I was like, but we already tested there. And that's where, like, I looked up. And I was like, okay. I realized it lost the context and the. And the token was too long. I saw it auto because I was doing it in the middle of 16 other things. I saw it auto compressed. I was like, okay, this is where, you know, even at the million, even at, you know, the current limits, you know, you. Loses too much to be valuable almost. [39:58] Justin Brodley: So, yeah, we'll see how it goes. The one thing that they added in cloud code that I'm kind of excited about is they added the memory feature, which has been in the Claude chat app for a while. So, like, when I, when I go to Claude, I just start talking to it. It'll remember things that were in our prior chats, which is a pretty neat feature. And so if Claude code can make that possible with a smart way where it's aware of things, like I tell it all the time, like how to properly test my app using Docker Compose. And then like, finally I put it in cloud md. But then, you know, cloud MD is impacted by the context issues. But, like, I'm wondering if the memories feature combined with the cloud md, maybe they'll get better. So there's definitely some. Some tbd. So I'm excited to see. And then I definitely want to play with this cloud in PowerPoint because the Claude or the sorry we talked about copilot is in PowerPoint. If Claude is any better, I'll be happy because what that's that's my number one use case. Like, please make PowerPoint creation better. [40:48] Matt Kohn: Yeah, I kind of want to use the Excel plugin. [40:53] Justin Brodley: The Excel plugin's cool. I have used that one so that. [40:56] Matt Kohn: I haven't used that one. I didn't realize that was out there. So yeah, the PowerPoint one. I avoid PowerPoints, but yeah, it's part of my day job. [41:03] Justin Brodley: I'm an executive, so you get to do it all the time. And so there's also rumor that they were going to release a new version of Sonnet Sonnet 5, and there was rumblings on the Internet that it was going going to be crazy good and all that. And then apparently OpenAI dropped GPT3.5 Codex as well as this new OpenAI Frontier product and they, they pulled it back. It's the rumor, at least. I don't know if it's true, but that was the rumors I was seeing. And that's because OpenAI, like I said, launched Frontier, which is an enterprise platform for building, deploying and managing AI agents across existing infrastructure without requiring replatforming. The platform provides agents with shared business context by connecting silo data warehouses, CRM systems and internal apps, plus includes identity management, permissions and governance controls for regulated environments. Frontier includes an agent execution environment where AI coworkers can reason over data, work with files, run code, and use tools while building memory from past interactions to improve performance. The platform works across local environments, enterprise cloud infrastructure and OpenAI hosted runtimes with built in evaluation and optimization capabilities. OpenAI pairs forward deployed engineers or customer teams to help develop best practices for production agent deployments, creating a feedback loop between business problems, deployment and OpenAI research. Early adopters have included HP, Intuit, Oracle, State Farm, Thermo, Fisher and Uber, all the dinosaurs with existing customers like bbva, Cisco and T Mobile. The platform uses OVIN standards to integrate with existing systems and applications, allowing third party agent apps to access shared business contacts without lengthy custom integrations. And Frontier is currently available to limited set of customers with broad availability planned over the next few months, which made me very sad because I wanted to go play with this. I tried and I hit the dreaded contact sales button. [42:37] Ryan Lucas: Yeah, I think they're extremely late to the market with this. Like I think it's, it's a AWS was too too early and they botched it. Gemini Seems to be right in the sweet spot. And then OpenAI like it's still not ready yet. These are crucial for large enterprises. There's too much data, there's too many people trying to work together. And so it's. You're either all developing the same agent over and over and over again and all requesting access to the same data, data warehouse or data stores and it just doesn't scale. And so having these sort of platforms that allow people to come adopt, you know, not just the AI bits but the, all the things that the AI bits need is great. And you know, the, it's tricky when you think about all the permissions and data systems when you unify stuff like this. And so it's hard to do, but it's completely crucial. [43:32] Matt Kohn: I feel like there's going to be a thousand tools that kind of try to solve this same problem and I feel like it's going to be up to your business to figure out which tools work best and which ones they want to implement. Because otherwise, you know, if 15 people are using or 500 people are using your Azure, you know, sorry, OpenAI and 500 people are using Claude, you know, you're not going to be able to kind of support that your enterprise. So as an enterprise, in order for this really to be useful, you really need to decide as an enterprise what you're doing. Because you said otherwise, it's setting up the permissions 15 times and everything else and you're not going to get that continuous, you know, all everyone at the company having that same platform support. [44:15] Justin Brodley: Well, the other release from OpenAI is OpenAI GPT5.3 Codex. They really don't worry his name is. They're just, they don't roll off the tongue. Their most capable agentic coding model that combines the frontier coding performance we just talked about of GPT 5.2 codecs with the reasoning capabilities of GPT 5.2. While running 25% faster, the model achieves state of the art results on SWE Bench Pro and Terminal Bench 2.0 benchmarks using fewer tokens than previous models and can automatically autonomously iterate on complex projects over millions of tokens spanning days. GPT 5.3 Codex presents the first self improving model at OpenAI where the Codex team uses early versions to debug its own training, manage deployments and diagnose test results. So it turtles all the way down and the model extends beyond code generation to full computer operation, showing strong performance on OS World Imaging GPT 502 on GDPVAL which measures knowledge work across 44 occupations, including presentations, spreadsheets and other professional deliverables. OpenAI classifies GPT 503 Codex has high capability for cybersecurity under their Preparedness framework Mark the first model directly trained to identify software vulnerabilities. And they're deploying trusted access for cyber, expanding the Aardvark Security Research Agent beta, and committing $10 million in API credits through the Cybersecurity Grant Program for Open Source and Critical Infrastructure Defense. It's available to you via the paid ChatGPT plans using the Codex app, CLI, IDE extension and the web, with API access coming very soon. [45:35] Ryan Lucas: Surprised this is the first self improving model like as a consumer, it's been a while that I've been using AI to make AI do stuff, and with all the agentic workflows and pipelines people are setting up, it seems like this is a, that would be a natural transition to me. [45:51] Matt Kohn: But I mean Kiro, when they had a story at one point, I think we even talked about it here, where they were using CURO to help develop new CURO features. I understand it's not foundational models, but I think people are starting to use AI to improve AI and I feel like Kiros kind of was the starting point of it. And here, like you said, like it wouldn't surprise me if other vendors are doing it, they're just not saying it. [46:19] Justin Brodley: Yeah, I'd agree. And then our final open AI story. They have started testing ads as of Monday yesterday for the free and go tier users in the us if you're paying for Plus Pro, business, enterprise or education, you'll remain ad. Free users can opt out of ads on the free tier exchange for reduced daily message limits, which makes it useless. Ads are contextually matched to conversation topics and chat history, but do not influence chat. GPT responses are remaining independent. Ad program excludes users under 18 and blocks as new sensitive topics including health, mental health and politics. Users can dismiss ads, provide feedback, and delete ad data with one tap. If you look at the little video they provide you, they show you how the ads are basically inserted into the mobile app. And like we talked about earlier, it's not terribly intrusive. It does show up sponsored, it's very clear. But it is still an ad right there. [47:08] Matt Kohn: Yay, ads. I feel like we talked about that a little bit with the the start of the show too. [47:16] Justin Brodley: Yeah, we did, just a little bit. So. All right, next up, announcing Claude Opus 4.6 on Snowflake Snowflake Cortex AI. And just because we are already 46 minutes into this. I will tell you that we are also Getting Cloud Opus 4.6 on multiple other providers this week, including Cloud Opus 4.6 on Bedrock. We're getting it in Kiro, we're getting it on Vertex AI and we're getting it in Azure. Imagine that on the on the Microsoft fabric platform. Correct, sorry, the Foundry Foundry platform. Too many Fs, Cloud Opus 4.6 and Foundry as well as we are seeing it in some of the smaller cloud providers as well like Databricks and DigitalOcean and our friends at Snowflake. So yes, lots of Claude Opus 4.6 love this week. We will save you all this week because we have much more news to get to. Next up is Databricks Agent Bricks Supervisor Agent is now generally available, providing a managed orchestration layer that coordinates multiple specialized agents for Unity Catalog governance. Supervisor uses dynamic routing to analyze user intent and delegate tasks between genie spaces for structured data queries and knowledges, and agents for Ushered data and MCP servers for tools. Tool execution the platform implements on behalf of authentication, where the supervisor acts as a transparent proxy, validating every data fetch and tool execution against the end user's existing Unity Catalog permissions. This eliminates the common security gap where agents access data through broad service accounts that users themselves aren't authorized to see. Like your payroll data agent, learning on human feedback is built directly into the supervisor agent, allowing teams to add questions and guidelines that improve routing decisions and response quality over time, and system addresses Enterprise agent sprawl, where teams toggle between dozens of specialized bots and duplicate work by creating agents that already exist. Shots fired at OpenAI. [49:13] Ryan Lucas: Well, I mean, it's, you know, it's. It just goes to show you, depending on who your provider is, this is the type of platform you're going to need, right? So if you already are using a whole bunch of, you know, AI execution on Snowflake, or if you're only using it on, you know, OpenAI's platform, you're just going to need to sign on to the platform that's already there. [49:34] Matt Kohn: Another way for vendors to make themselves sticky with your enterprise too? [49:38] Justin Brodley: Yep, in our Cloud Tools section, Hashicorp is launching Agent Skills, an open standard repository that packages domain expertise into portable instructions for AI assistants. Working with Terraform and Packer, these skills provide AI tools like Claude with specialized Hashicorp product knowledge, schema definitions and best practices to reduce hallucinations and ensure code follows proper conventions. The initial Skills pack addresses common DevOps challenges, including building and maintaining Terraform providers, generating style compliant Terraform code, refactoring monolithic configurations to modules and creating machine images with Packer across AWS, Azure and Windows. HashiCorp partnered with Tessel to evaluate skill effectiveness using review and task based evaluations against Anthropic's best practices. The agent skill differs from a traditional model context protocol as complementary technologies. MTP is a data pipeline connecting information to the AI, while the agent skills are the knowledge textbooks. Installation takes seconds to using mpx, Tesla CI or cloud code to plug Marketplace with simple one line commands. Skill solves a fundamental problem where AI assistants lack specific technical context for complex tasks, particularly around HashiCorp's plugin framework architectures and coding conventions. They're hoping to expand beyond Terraform and Packer to cover additional products and welcomes community contributions through their GitHub repo. And I love this because how many times I pointed Claude or others to the documentations I was like, I'm, I'm pretty sure you're wrong. This is, this is how it's supposed to be done. Here's the document and it comes back, goes, oh, you're right, Justin, because you're a genius, as it always tells me. Builds my ego. [51:03] Ryan Lucas: Yeah, no, I mean it's, you know, these models are trained from data that goes back many, many, many different terraform versions and there's a lot of different ways to do things. And I haven't used AI to generate terraform code recently because back when I tried, which wasn't. Feels like a million years ago, it, it gave me very rudimentary terraform code without any kind of modulars. It was very monolithic and, and it wasn't going to scale. And I was, I took one look at it being like, this is, this isn't. [51:33] Matt Kohn: You have to give it your repo and kind of give it your structure of how to do it because I actually use it all the time because for some reason I can't write dynamic from scratch. Like my brain started with, you know, Terraform 7 when the provider was still inside. When like all the providers were so baked into the, you know, terraform, for lack of a better term, exe binary. You know, Ed, I feel like today I was like, I know I need to do a dynamic, I don't care enough to figure out the syntax. Go do this for me. You know, but like, that's a very like specific granular task. But I've had to do even things like here's our repo, here's our structure, go write me a full CDN to S3 kind of setup and then had it walk through and do all that. And it did that pretty well. But again, it's just like anything else where you have to give it your structure, your design, your naming convention, et cetera, et cetera. And then it does pretty well. Might have made up a bucket feature that didn't exist. But don't worry about that. [52:32] Ryan Lucas: Yeah, yeah. I mean I think that you will see a lot more of these. [52:35] Matt Kohn: Right. [52:35] Ryan Lucas: I think this is a fantastic release. I think I'm particularly interested in the agent skills. I want to check out that. [52:41] Justin Brodley: Right. [52:41] Ryan Lucas: The MCP makes sense to me in terms of like what it can do against the, you know, the provider marketplace and probably Terraform Cloud. But having these sort of pre built use cases for specific technologies is probably a little bit of self defense to keep, you know, the billions of AI bots from scraping and taking down their website. But also having, you know, some consistency and you know, hopefully some token efficiency as well. [53:09] Matt Kohn: I've definitely said go read the latest docs because you know, I knew a feature was released and it wasn't in training. It was like here's the docs. Go do this thing. Because it couldn't figure it out otherwise. [53:20] Justin Brodley: Yep. Moving on to aws. They have a new massively big instance that I don't know what to do with. The C8ID maid and R8ID instances up to 22.8 TB of local MVV storage are GA. They include the sizes up to 96x large with 384 VCPUs and 3 TB of memory, delivering up to 40% higher compute performance and 3.3% more x more memory bandwidth than previous generation instances. They're on the Intel Xeon 6 processor, exclusive to AWS, running at 3.9 GHz sustained all core Turbo frequency. And I guess that's all great. So if you need big boxes, here you go. [54:00] Matt Kohn: If it's all core Turbo, is it really turbo at that point? If everything's running in turbo mode? [54:05] Justin Brodley: Don't. Don't ask questions like this. This is intel marketing at its finest. Yeah, do it. [54:10] Ryan Lucas: Do I at least get to pass like a turbo flag since we don't have the buttons on the front of the towers anymore? [54:15] Justin Brodley: Like, come on, it should be a button in the console. [54:17] Matt Kohn: Should be. [54:17] Ryan Lucas: It absolutely should be. [54:19] Matt Kohn: Isn't that the burstable unlimited button? [54:23] Ryan Lucas: It's no fun. I need a button. [54:25] Matt Kohn: I mean, I like that. These are on the. I call it the core instance types to see the M The R T I guess is another one that I consider core, but it's just giving you NVMe. So if you have an application that is doing a lot of IO and you don't care about it, you know, I've run MongoDB clusters, you know, across a couple nodes where I didn't care. You know, I had a redundancy across zones and it was a storage thing and it didn't matter if we had to rebuild it or not. It was a great cheap way to get done. It's nice that they're building this into the core instance types where I never was there before or not that I remember. [55:00] Justin Brodley: I know the T4G exists for but. [55:05] Matt Kohn: Did it have local storage like the NVME storage? [55:08] Justin Brodley: No, it doesn't have. I'm just thinking about like I actually think the T series are getting pretty up there in age because I, I think the T3 is the last version that had the intel and AMD line and then the T4G had the Graviton 2 but I actually think they're pretty dated these days. [55:26] Matt Kohn: I feel like it's all the T's are just all the old hardware that when they kind of deprecated, which is. [55:30] Justin Brodley: Fine, but I mean like I, I would expect to see a T4 intel and a T4AMD at this point. I don't think that exists. [55:37] Matt Kohn: Yeah, I don't know. [55:39] Justin Brodley: I. I feel like the T is was a great idea that continues to not really be super popular with people and so they just haven't really invested in it. AWS IAM Identity center now supports multi region replication, allowing organizations to replicate workforce identities, permission sets and metad data from a primary region to additional regions for improved resiliency and disaster recovery. This means if the primary region experiences a service disruption, users can still access AWS accounts through an active access portal endpoint in a secondary region using their existing permissions. The feature requires using an organization instance of IAM Identity center connected to an external IDP like Entre or Okta and you must first configure multi region customer managed KMS keys before replicating to additional regions, which if you've never done that, that is a fun project. Organizations can now deploy AWS managed applications closer to users and datasets to meet data residence requirements or improved performance features available to you at no additional cost and 17 enabled by default. Commercial AWS regions I recently set up. I am a data center for the first time and I was surprised that it was US East 1 only. So I'm pleased to see this is now available as that did. I did flag to me as like that's going to burn me someday. [56:47] Ryan Lucas: Yeah, I'm not going to be able. [56:49] Justin Brodley: To access my account. [56:50] Matt Kohn: I like how they spin it like oh, it's so it's close to the users. No, no, no, it's so when there's a regional outage you can actually log into your AW accounts and do your failover processes that you need to do. [57:00] Justin Brodley: This feels like a response to the large US East1 outage that happened in Q4 and a lot of customers who were not able to log in and they realized, oh, we're gonna have to fix this. [57:09] Ryan Lucas: Yep, that's what I was thinking as well. Like it's ah, this makes sense, you. [57:12] Justin Brodley: Know, because it was about a quarter ago and I, I would assume the system took about a quarter to write. So yeah, I assume there was a Kiro narrative written very shortly after. ECS is now supporting Linear and Canary deployment strategies natively with network load balancers, bringing managed traffic shifting to tcp, UDP workloads that previously required custom solutions or third party tools. This fills a deployment gap for applications needing network load balancer features like static IPs, long live connections and low latency. The feature integrates with CloudWatch alarms for automatic rollback if deployment issues are detected, providing safety guardrails for production updates. Primary infinities of course are latency sensitive and connection orientated Workloads such as online gaming backends, financial transaction systems and real time messaging Services that deploy depend on NLBS layer 4 capabilities. These apps can now use the same pattern ALB users have been using for years. Yes, thank you. This now brings ECs to full deployment parity between ALB and NLB, eliminating a common pain point that previously existed. Available to you in all aws, commercial and Gov cloud regions that support ecs, which I think is pretty much all of them. [58:18] Ryan Lucas: Yeah, this is one of those rough edges that you hit that you hit unexpectedly. You know, it's like you want to, you want to use a network load balancer typically because you have to. Right? Like it's easier to set up an application load balancer. It's. You're only using a network load balancer when it's not your choice and then you can't, you know, deploy this app safely without lots of interruption or risk is kind of a problem. So like I'm really happy to see things like that and it's, it's never really made sense to me why network load balancing was so separate in the ecosystem, in aws. That's probably because I don't understand, like, the networking magic that they're doing to actually make it work. This is pretty, pretty nice for people using ecs. [59:00] Justin Brodley: All right, structured outputs are now available to you in Bedrock, Amazon. Bedrock will enforce JSON schema compliance at the model level, eliminating the need for custom validation logic and retry mechanisms when extracting structured data from foundational models. This addresses a common production pain point or formatting errors and LLM responses break downstream API integrations and automated workflows. Yes, I'm familiar with this one. The feature works in two modes. Custom JSON schema definitions for response formatting, or strict tool definitions that ensure model tool calls match exact specifications. This reduces operational overhead by preventing malformed outputs before they reach application code. Available now for anthropic Claude 4.5 models. And select open weight models across all commercial AWS regions where Bedrock operates. Yeah, so I ran into this one actually, because I attempted to use Bedrock for the bolt initially when I was trying to do, you know, templated outputs for the show notes. And yeah, it didn't honor what you put into the prompt very well all the time. And so yeah, their API does and if you use cloud stuff, it all works fine. But if you used Bedrock, it was not working. So now being able to force this is much appreciated. [60:08] Ryan Lucas: This is sort of surprising to me and you know, at first when I read that article I was like, wait, they're doing this at the model level? Because I think it's. It is what it says, but it's not really at the model level. [60:16] Matt Kohn: It's. [60:16] Ryan Lucas: It's at the interaction level. [60:17] Justin Brodley: Like, yeah, it's. It's. [60:19] Matt Kohn: It's a pre validation check. [60:20] Ryan Lucas: Yeah, I get it. It's. You can select it in each model within the Bedrock ecosystem. I just read it wrong, but yeah, this is definitely. I can see that'd be a problem that everyone would hit pretty quickly. Glad to see it fixed. [60:35] Justin Brodley: On our final Amazon story, Redshift now allows database administrators to allocate dedicated compute resources specifically for automatic optimization tasks like table optimization, sorting, vacuuming and analysis. This prevents maintenance operations from competing with user queries during peak usage periods, addressing a common pain point where DBAs had to manually schedule these tasks during off hours. Feature includes cost controls for provision clusters, letting administrators cap the amount of extra compute resources that autonomics can consume. This prevents runaway costs while still enabling continuous optimization and works alongside the new SYS automatic optimization system table that provides visibility into what optimization operations are running and their resource consumption. This enhancement is available across all AWS regions where Redshift operates, supporting both provision clusters and service workloops. And I'd have to say this is why I wanted a managed service from you Amazon, so I didn't have to think about this. This is you failing me and giving me a half assed solution to the problem that your system creates about how it does this. Thank you so so much. [61:35] Ryan Lucas: Yeah, this is, it is kind of funny to me like this, you know, allowing extra compute for optimization just by, you know, just the, just that sentence to me is like, that's hilarious. But I do understand like some of the features do have to be sort of data specific, but I also feel like yeah, this is something that could just be attracted away and, and not be my concern anymore. Like, come on. [62:01] Justin Brodley: Yeah, I, I don't want to think about this. Yeah. All right. Moving on to GCP and probably the coolest feature of the week. Google is launching the Developer Knowledge API and Model Context Protocol Server to provide AI assistance with programmatic access to official Google developer documentation as machine readable markdown. This addresses the problem of LLMs relying on outdated training data or web scraping when helping developers build with Google technologies like Firebase, Android and Google Cloud. MCP Server implements the Open Model Context Protocol standard, allowing popular asses and IDEs directly query Google's documentation for real time answers about API changes, code examples and best practices. And developers can enable it through BG Cloud CLI and configure it in their AI assistant settings with support for tools like Cloud Desktop and various IDE extensions. Services are currently in public preview with free access through standard Google Cloud API quotas and future plans include additional structured content support for code samples and API reference entities. This integration benefits developers using AI coding systems by ensuring responses reference current Google documents rather than potentially stale information from model training cutoffs, which I have also ran into. The Developer Knowledge API requires a Google Cloud project with API enabled through GCloud. Beta services and detailed configuration are available in the official document documentation. So I've not set this up yet, but I will be setting it up because this one I've ran into a bunch a lot. [63:17] Ryan Lucas: Yeah, I mean this won't fix the fact that Google documentation is awful. [63:21] Justin Brodley: Oh, of course not. [63:23] Ryan Lucas: But this will make it at least better, right? Because it is. I always found it funny because I, I. Maybe it's anecdotal, but I swear that Gemini is the worst at answering my Google questions, which I find just hilarious because and it very frequently will Give me outdated or just made up information about how Google Cloud services work and you know, and it just, it's so frustrating when you hit that. So I'm really happy to see this and I can't wait to set it up because it is because of like the way that Google does business especially in Google Cloud like their APIs auto generate their, you know, the permissions generate per resource on dynamically on calls. Like it is really tricky to do some complicated things in Google Cloud and so you have to use these things. So I'm pretty happy to see this and can't wait to use it. [64:15] Matt Kohn: I was gonna say I feel like Azure's had this actually for a little while. I thought we talked about it where I know Azure has their MCP and I think their MCP also has all their latest documentation. [64:26] Justin Brodley: Stop trying to make Azure cool. [64:28] Matt Kohn: I'm really not. I'm actually googling it because I haven't actually used it yet. It was on my list I think when they announced it, which is what Ryan talking about how he wants to use it. I was like, I'm pretty sure I meant to do that in my life and just never got around to it. [64:41] Ryan Lucas: I remember there being an MCB announcement for dealing with Azure resources but I was unaware that it was Doc for Doc. [64:47] Justin Brodley: There's a Learn Docs MCP which leverages model to allow AI system to interact with Microsoft's official documentation as resource using natural language. Yeah, so there is one now. So this, both of these are kind of what we talked about earlier with Hashicorp but the difference is Hashicorp built theirs as a plugin to Claude versus just making the MCP basically be the bridge for that. And I don't know which way I prefer better. I like that plugin idea but then I'm now depending on a plugin versus just using an MCP server. But I'm. I'm okay with both models. [65:19] Ryan Lucas: Well the, the agent stuff they have to sort of do that way right? Because they're, it's not the same as like an MCP server. [65:27] Justin Brodley: You're. [65:28] Ryan Lucas: You're basically. [65:28] Justin Brodley: It's. [65:29] Ryan Lucas: It's almost like pre built instructions for whatever, you know, like so I kind of get that. I thought Hashicorp had already announced an MCP server. [65:38] Justin Brodley: They do have an MCP server too. But yeah, so what they were saying is that documentation was available through, you know, they didn't make it available through the mcp. They had this plugin instead. And then the MCP was more for talking to Terraform. And using it thinking more of an API level versus passive documentation. So I get it. Maybe more efficient to have it as on the box in this agent type thing that actually has access to. I don't know, I, I like both models. I just, I don't know if it needs to be a separate plugin model versus MCP model where I think the MCP can provide both. But that's just my two cents on it. And I don't know enough about. Maybe I'm wrong completely. I'm gonna try the hashgrp one. So, yeah, I'll get back to you on this. [66:14] Ryan Lucas: I need, I need to spend. I've spent a lot of time like playing with MCP and using mcp, but I haven't made one. [66:20] Matt Kohn: Right. [66:20] Ryan Lucas: So, like, I feel like this may be a limitation on our experience there because it's like, oh, I can see why this wouldn't work. [66:27] Justin Brodley: Yeah, well, it was interesting because Bolt, you know, uses Google Docs SDKs. And so one of the problems with Google Docs is the API is terrible. Yes, yes, it is. And so, you know, I, I have a lot of custom code written in Python to handle all of the show note configuration stuff that we have because we have a lot of formatting and things that we do in it. And so I was, you know, it's been about a year since I wrote some of that. Well, not a year, about six months since I wrote some of that. And I was like, well, I wonder if there's an MVP yet. And so, you know, I put Claude on a research mission. I was like, hey, go evaluate. I do Google search. There's like four or five, you know, people who've written them and Google doesn't have an official one yet still, which curses Google. And so I came back and it was like, yeah, you should not implement any of these MTPs. Like, your custom code is so much more tuned to your use case and like you've already done the work that you're not getting any advantage and it's actually going to be slower for you. And I was like, okay, wow, thanks Claude. Appreciate it. [67:18] Ryan Lucas: That's interesting. [67:18] Matt Kohn: Yeah, don't change what's not broken. [67:20] Justin Brodley: Yep, it's always a good model. I just was trying to eliminate a bunch of custom code because it's like probably one of the most complicated parts of the entire Python project for Bolt is the Google stuff to make it work with Docs. That's the way we format and the way we do things in our show notes. [67:35] Ryan Lucas: Yeah. [67:36] Justin Brodley: Like, I mean, to the point That I have a, the tests actually read another Google Doc that has a perfect set of show notes that I created that are fake and basically like if it, when it make changes to it and if it changes the format and it fails that test, it basically rolls back the entire change and Claude has to try again because like it's so particular in how it's written that I don't ever want to rewrite it again. Yeah. [67:59] Ryan Lucas: I mean it stopped me from writing this before. [68:02] Justin Brodley: Right. Yeah. I mean there's, there are some things. [68:03] Ryan Lucas: That, that's exactly where I got stuck. [68:05] Matt Kohn: I could not make stuck too. [68:07] Justin Brodley: Yeah, yeah. I mean there's, there's literally some things that aren't perfect. Like, and you guys see it when they come in sometimes where it'll like, it'll miss a bullet or like it'll add extra, extra line and I, it's worth it. [68:16] Ryan Lucas: Fine. Yeah, good enough. [68:17] Justin Brodley: I'll take that. It's fine. Yeah. [68:19] Matt Kohn: Yeah. But I feel like all naturally Ryan and I go through it, it just as we're reading it just bothers both of us. We just cleaned it up either way. So, you know. [68:27] Justin Brodley: Yeah, I, I go through and I clean them up a couple times a week and you know, I, I, you know, I make mistakes when I add stuff in the show and sometimes I go clean that up or I'm debugging stuff so I just fix it while I'm waiting for something to happen. [68:37] Ryan Lucas: But it's not even, doesn't even reach annoyance level. [68:39] Justin Brodley: Right. [68:40] Ryan Lucas: Because it's 99.9% correct. So it's fine. [68:43] Justin Brodley: Exactly. And like to make it perfect would be so much more code and so much more work for me. Like, it's just not worth it. [68:48] Ryan Lucas: No. [68:49] Justin Brodley: All right, so next up, Google Cloud is expanding its sovereign cloud portfolio with three new tiers. Data Boundary, Dedicated and Air Gap. Designed to be varying data sovereignty requirements, Air Gap operates completely disconnected from Google Cloud and the Internet with no remote access possible by Google, while Dedicated allows partners to monitor and block updates with up to 12 months of independent operation if disconnected. Company announced substantial infrastructure investments across all contents, including Thailand, Malaysia and Sweden. Plus subsea cables like Tyler Link and Devaru for Asia Pacific. And Google's committing to legal resistance because government shut down orders and will enable qualified third parties to operate Google Cloud using Google's code if Google becomes unable to continue operations. The most. The biggest one of these is probably France's S3 and S, which is a partnership between them and Thales to basically run a sovereign cloud deployment disconnected from The Google mothership. And it costs exactly what you think it's going to a lot. [69:41] Ryan Lucas: The GDP of a small country. [69:43] Justin Brodley: Yeah, yeah. And then our final Google story. Google's launching gear Gemini Enterprise Agent Ready as a specialized learning program within the Google Developer program to help developers build production ready AI agents. The program provides 35 monthly learning credits on Google Skills platform for sandbox testing and lab access at no cost to you the participant. The program offers two main learning paths. Introduction to agents for understanding agent architecture and integration with Gemini Enterprise and develop agents with agent development kit for building agents with reasoning loops. Both paths focus on moving developers from experimentation to production grade implementations using Google's open source adk. Here includes a credential system with completion badges on Google developer profiles and skill badges for intermediate and advanced expertise. Program addresses the shift towards a gentech AI where software can reason, plan and execute complex workflows autonomously. Which is all I do right now with Bolt. This is great. So if you. I'm actually going to do this because we have Gemini Enterprise at the day job and I don't know how to make agents inside of that but I'm super interested in making some there to make some of my day to day work better. And so I'm going to check this out. I don't probably need all 35 credits but there's a couple of specific Gemini Enterprise features that I need to understand a little bit better to make it work for me. So I'm going to check this out. All the chairs know what I think Andrei do that. Yeah. [70:56] Ryan Lucas: And I still think there's a very large amount of people who don't really understand sort of putting, you know, an agentic workflow in place to do what they want. [71:05] Justin Brodley: Right. [71:06] Ryan Lucas: Like it's I think still pretty much fire and forget, you know, chat operations and so it's. There's a lot of power in the tool once you know how to use it, but it is sort of less than straightforward I think. So I think this is a great course and I, I don't. Yeah, I'm like you. I don't know if I'll take the whole thing or how that'll work, but I'm definitely gonna start it and see, play around and see if it's working for me. Although completion badges, you know me, I am a fiend for some completion badges. [71:37] Justin Brodley: I agree. We love a good badge and a sticker at the conference that I'm bad. All right, let's get into Azure then. We're going to wrap it up for today. Because we've already gone quite a ways over time here tonight, but some cool things in the world of Charlie Bell. He is stepping into an individual contributor role which is sort of interesting. This is from an email Satya Nadella sent out to the team that Hyatt, Galett or Gallett sorry is returning as EVP of Security reporting directly to CEO Satya Nadella while Charlie Bell transitions from leading security to focusing on engineering quality as an individual contributor. This organizational shift reflects Microsoft's continued emphasis on security as a top priority following recent security copilot and purview adoption Momentum. Gallup brings 15 plus years of Microsoft experience building Windows and Office franchises plus recent Google Cloud customer experience leadership positioning her to connect product development with customer value realization across Microsoft's security portfolio. Her employment comes as Microsoft integrates security into its new commercial cohorts operating model and announced during recent earnings. Charlie Bell's move from organizational leadership to intellectual engineering role is a notable for a senior executive with his new focus on quality excellence initiative to improve engineering standards and product durability across Microsoft's global scale operations. He'll be partnering with Azure leadership including Scott Guthrie on quality improvements and Alice Holosek takes on chief architecture for security role to bring platform architects to security products and connect them with Microsoft's existing scale business and the agent platform. Time aligns Microsoft's recent earnings report highlighting security business growth and the company's broader realization around commercial cohorts indicating security will have dedicated product development rhythms separate from other business units. No specific pricing or feature changes were announced as part of the change. [73:16] Ryan Lucas: Yeah, I don't understand this at all. Like it's crazy to me to think, you know, if you're an EVP at that level, especially you know, coming from you know, Amazon and dealing with Compute to now security which and then some notable security issues during that tenure and now going to quality as an individual contributor like that. I want to know what the day to day looks like for that job. [73:41] Justin Brodley: I think this is them recreating the engineering operations review at Amazon. At Azure I think he is basically building a weekly program team that is going to be running the wheel. If you're familiar with Amazon's wheel thing where basically you as a service owner could be called on at any time and you have to deep dive into all your KPIs, how your system's operating service operations, recent incidents and you have to be, you have to answer that. At Amazon they do it every week and it was always called the Charlie Bell meeting. It's one of the big things that he's really popular and famous for inside of Amazon is the creation of that meeting. I think as a security EVP running a business, you can't do that. That's not something. It would be a good use of his time. But as an individual contributor, if you're in charge of this process and you're going to run the new Charlie Bell meeting at Azure, this makes sense to me. That's why I think he's doing this. [74:32] Ryan Lucas: Well, didn't he do that while he was leading EC2 though? But I mean, yeah, I mean it. [74:36] Justin Brodley: Was when he was doing that. But EC2 is much more business than than Microsoft Security. Like Microsoft Security is massive. So plus he's had some, you know, dark marks in his current year on security side. Not necessarily things that there are more things he inherited than he caused. But yeah, again I think this is the fact that it's a like the way this is where it's a quality excellence initiative. Reporting to Scott Guthrie tells me that this is specifically about building an engineering operations function. [75:02] Ryan Lucas: Yeah, well now that you've said it out loud, it makes more sense to me because that is. I can't imagine it going any other way. And that's awesome. That's going to be a huge benefit. [75:11] Justin Brodley: I mean it's going to be great for Matt who's not going to have as many Azure outages, hopefully after a few years. [75:18] Matt Kohn: Yeah, it's the few years comment that worries me, but I totally get that. And good news. This week they released I guess we could have put this in the other section. They reduced the average propagation time to change your CDN from 45 minutes to 20 minutes. [75:32] Justin Brodley: Oh good. [75:33] Matt Kohn: To do things like invalidate or anything. [75:36] Justin Brodley: It's been getting better and better every day. [75:38] Matt Kohn: Yeah, yeah, great. [75:41] Justin Brodley: Azure NetApp File Elastic ZRS, which is zone redundant service, introduces synchronous replication across three or more availability zones within a region with automatic service managed failover maintaining the same amount of target endpoint during zone failures. This will make customers to manage HA clusters or VM level failover while guaranteeing zero data loss for mission critical workloads. The service costs less than running three separate ANF volumes with cross zone replication while providing the same multi az high availability in a single volume. Volumes can be created as small as 1 gigabyte, offering flexibility for those of any size with support for both NFS and SMB protocols independently. Elastic ZRS delivers enterprise data management capabilities including instant snapshots, clones, tiering and backup integration. Powered by NetApp ONTAP+ efficient metadata operations through shared quality of service architecture that dynamically allocates IOPS services currently available in select Azure regions. Apparently the only ones that have more than three availability zones because I don't know how many of those are with a rapid expansion plan and future capabilities with will include simultaneous multi protocol access including NFS, SMB and object rest APIs, custom region pairs for cross region application and a migration assistant for moving data from on premise on tap systems to Azure cloud. [76:50] Matt Kohn: I just wonder why you are a small to medium business running on tap with your 1 gigabyte volumes. [76:59] Justin Brodley: Because you don't know how not to burn money. [77:01] Ryan Lucas: Yeah, because your storage guy only knows the one thing. [77:05] Matt Kohn: Yeah, like that's where my brain went. I mean like it's a good quality of life thing. But I also avoid running netapps on top of the cloud and the same reason I try to avoid running void running VMware on top of. [77:19] Justin Brodley: You can run that. I mean the nice thing is you can run that up on all the clouds now. So you can. Yeah, use it at gcp, you can use it at Azure. [77:24] Matt Kohn: It gives you the multi cloud store. [77:26] Ryan Lucas: I guess it's the Kubernetes of storage, right? [77:28] Justin Brodley: Like the kubernetes storage. Oh God, that's going to stick with me for a while. Yeah. Yeah. [77:36] Matt Kohn: I'm not okay with that ride. [77:38] Justin Brodley: Yeah. All right, let's move on to postgres. Microsoft is enhancing Azure database for postgres with native AI capabilities including direct integration with Microsoft Foundry for in database LLM operations like embeddings and semantic search. Service now supports disk and vector indexing for high performance similarity search and includes a new PostgreSQL extension for visual Studio code that enables database provisioning directly from the IDE with built in entra ID authentication because what could go wrong there? The platform introduces zero ETL real time analytics through Microsoft fabric mirroring and native parquet file support via the Azure Storage extension line. Direct read write operations to Azure storage using SQL commands. PostgreSQL 18 is now generally available on Azure with new v6 compute SKUs that deliver highly improved IO performance and lower latency, while elastic clusters enable horizontal scaling for multi tenant workloads. Azure Horizon DB was announced at Ignite as a new PostgreSQL compatible service in Private Preview designed specifically for AI native workloads with scale out compute and sub millisecond latency positioning Azure to support both traditional postgres workloads and next generation AI applications. I mean when did they Announce basically their version of aurora. Yeah. The GitHub Copilot integration provides schema aware SQL systems with visual Studio code, while the new McP server for PostgreSQL enables direct agent framework connections. In Microsoft Foundry, NASDAQ was a customer demonstrating a production use case where their Board Vantage platform uses Azure database for PostgreSQL and Microsoft Foundry to add AI powered document analysis and summarization to their board governance system serving nearly half of the Fortune 500. [79:07] Matt Kohn: Nothing more than I like better than an LLM inside my database. [79:11] Justin Brodley: What could go wrong? [79:14] Ryan Lucas: I mean you know it's I'm not going to use SQL until I have played it. I dabbled with the the virtual Studio code like plugin and playing around with that and so it is kind of neat. I didn't have a real use case so I was just sort of mucking around but I just sort of like whenever I am using SQL and having relational data but not actually having to learn SQL, I'm pretty happy about that. [79:37] Matt Kohn: Well, that's what I'm trying to figure this out. If this is around, you know, mirroring into fabric and everything else, you know. It's also able to handle some of the NoSQL schemas with the Postgres plugin, so potentially it's also opening up a lot of those things to this. [79:55] Justin Brodley: Microsoft OneLake and Snowflake are now offering you a bi directional Iceberg table interoperability and general availability allowing customers to store and access data across both platforms without duplicating the data, which was very green. Changes made in one platform automatically reflect on the other, eliminating the need for traditional copy heavy data integration approaches. Snowflake managed Iceberg tables can now be natively stored in Microsoft OneLake while fabric data automatically converts to Iceberg format for direct Snowflake access Addresses the challenge of enterprise data living across 5 minute systems by providing a single copy of data accessible through either platform's analytical engine. New UI elements launching next week include a Snowflake item in OneLake for simplified access, complex configurations plus Snowflake UI that pushes managed iceberg tables directly into fabric as discoverable OneLake items. The integration also supports OneLake table APIs working with Snowflake's catalog linked database features and the target use case centers on database teams managing analytics and across multiple platforms who want to avoid vendor lock in and proprietary formats. Notice the pricing details. Will provide an announcement Though the integration leverages existing OneLake and Snowflake licensing models. This is kind of neat. [80:56] Ryan Lucas: It's unexpected, you know because it is data and the amount of data, like what you'd have in a data lake is usually one of those elements that makes using a service very sticky. So providing sort of an easy way to get out of that is surprise to me. But it's also from a customer perspective if you've got data across both, like how fantastic is that to be able to use it? I like it. [81:21] Justin Brodley: Yeah. [81:22] Matt Kohn: I mean not replicating data, managing the replication, it's. It's a great feature that they added. Still a little bit surprised they did it, but. Yeah, yeah. [81:30] Ryan Lucas: I mean I've definitely had use cases where I would need this. Right. I've had like, you know, an IT team that's very comfortable with Power BI and they want to do a whole bunch of analysis and data on that. But the, you know, the data was in, you know, RDs or somewhere else. Right. So it's what are your options at that point? [81:48] Justin Brodley: Right. [81:49] Ryan Lucas: And say usually it's a huge data migration, it's expensive and cumbersome. So this is cool. [81:57] Justin Brodley: It's cool. Azure container storage version 2.10 brings native elastic SAN integration line kubernetes workloads to leverage Azure shared block storage service for high performance persistent volumes. I assume for AI. This integration provides an alternative to existing Azure disk and ephemeral disk options, particularly beneficial for workloads requiring shared storage across multiple pods. I mean all I can say is that Azure sales reps must have heard a lot of people saying I just need a san. This, this Azure Disk stuff is ephemeral disk. These, these object storage blobs like just. I don't want any of that. Just give me a sand because like the amount of SAN investment they've done in the last year has crazy easy to me. Yeah. [82:33] Ryan Lucas: I mean for the container bits this is a me too thing because I think ecs, EKS and maybe gk, I don't remember that one but both announced the similar capabilities, you know, and Lambda. [82:49] Justin Brodley: Actually, but to a san. I mean like yes, they connected to EBS and they connected to EFS service and they connect to maybe the NetApp managed service. But like this is a flat out SAN service created and fully managed by, by Microsoft. [83:06] Ryan Lucas: I guess I missed that. It's block storage. [83:08] Matt Kohn: Yeah. [83:08] Justin Brodley: VSAN is. It's a san. [83:09] Ryan Lucas: Yeah. [83:10] Justin Brodley: Yeah. [83:12] Ryan Lucas: Okay. Yeah, I don't remember this. That is kind of crazy. [83:18] Justin Brodley: All right, good. Well, yeah, it's, it's nuts how much they've done there. And then finally our final story is SQLCON is a new SQL focused conference collated with Favcon in Atlanta March 16th to 20th. Offering dual access with single registration event offer features 50 SQL sessions covering SQL Server, Azure, SQL and SQL Database in fabric. And while this is great for SQL people, I really just want to talk about the fact that. Why do they call it a con? Are they trying to make this fun? Like, it's like Comic Con. You come and you do SQL Con. [83:47] Matt Kohn: You know, SQL is fun. Justin, come on. [83:50] Ryan Lucas: Do I dress up still? Can I. Can I make a big robot costume and then come do T SQL? [83:54] Justin Brodley: Can I dress up as a store procedure? Like, is that a thing to do? [83:57] Matt Kohn: Yeah, t. SQL, giant letters. [84:00] Justin Brodley: I. It's cute. I mean, SQLCon, though, just. [84:06] Ryan Lucas: I don't know, totally cater with FabCon. And I don't know what FabCon is. [84:10] Justin Brodley: That's for a fabric, which is their data warehouse. [84:13] Ryan Lucas: I see. [84:13] Justin Brodley: Okay. Yeah, so it's. [84:15] Matt Kohn: I mean, you can get $200 off. [84:17] Justin Brodley: Yes, you can. Early bird pricing and team discounts are available. Promo code, a sequel, CMTY200. [84:22] Matt Kohn: I think it's like $1,400. Like, it's not a cheap conference. It's up there. [84:25] Justin Brodley: Like, I don't think any Microsoft conferences are cheap, are they? [84:29] Matt Kohn: I don't. [84:29] Ryan Lucas: Yeah, I don't think there's any cheap conferences anymore. If it's a cheap conference, it's free and it's a webinar. Right. [84:34] Justin Brodley: I mean, Google gave me a ticket for free to Google Next. So. [84:37] Ryan Lucas: Yeah, you're an executive who spends a lot of money. That's not the same thing. Oh, okay. [84:42] Justin Brodley: I mean, you also got a free ticket. I do. [84:44] Ryan Lucas: Yes. [84:45] Justin Brodley: Because you're an executive who spends a lot of money. Fair. Fair. Okay, I'll take that. Well, that is it for another fantastic week on the cloud. Sorry for the length tonight, but earnings, it's always lengthy. [84:57] Ryan Lucas: Yeah, if we got to do special show for earnings now. No, we're not. [85:01] Justin Brodley: No, no, we're not going to do that. [85:02] Matt Kohn: No, no, no. [85:04] Justin Brodley: Absolutely not. [85:05] Matt Kohn: No. [85:06] Justin Brodley: Veto struck. Veto. [85:08] Ryan Lucas: Yeah, it's my second strike, so we better end it before I officially strike out. [85:12] Justin Brodley: All right, see you guys next week here in the Cloud. [85:15] Ryan Lucas: Bye, everybody. [85:16] Matt Kohn: Bye, everyone. [85:20] Ryan Lucas: And that's all for this week in Cloud. Head over to our website@thecloudpod.net where you can subscribe to our newsletter, join our. [85:26] Justin Brodley: Slack community, send us your feedback, and ask any questions you might have. [85:30] Ryan Lucas: Thanks for listening and we'll catch you on the next episode.