How is it possible that over the last weeks, I constantly run into "insufficient capacity" issues on AWS when I try to start EC2 VMs?

Is that the scalability everyone talks about?

#AWS #amazon #cloud

Shadow Roles: AWS Defaults Can Open the Door to Service Takeover

https://www.aquasec.com/blog/shadow-roles-how-aws-defaults-can-open-the-door-to-service-takeover/

Discussions: https://discu.eu/q/https://www.aquasec.com/blog/shadow-roles-how-aws-defaults-can-open-the-door-to-service-takeover/

#aws #devops

Yesterday (Fri 2 May 2025) the temperature ranged from 1.3 to 16.2°C and there was no rain. The wind gusted up to 18mph. Sunrise was at 05:25 hrs and sunset at 20:47 hrs.
#aws #weatherstation #weather

Understanding transaction visibility in PostgreSQL clusters with read replicas
https://aws.amazon.com/blogs/database/understanding-transaction-visibility-in-postgresql-clusters-with-read-replicas/ #aws #blog

[アップデート] Amazon Bedrock Guardrails が日本語を含む、最大 17 言語をサポートしました
https://dev.classmethod.jp/articles/amazon-bedrock-guardrails-supports-17-languages-including-japanese/

#dev_classmethod #Amazon_Bedrock_Guardrails #Amazon_Bedrock #AWS #生成AI

Lambda 関数 + SES を利用して EC2 インスタンスのスクリーンショットをメールアドレスに送信してみた
https://dev.classmethod.jp/articles/ec2-screenshot-lambda-ses-email/

#dev_classmethod #AWS #Amazon_EC2 #AWS_Lambda #Amazon_SES

Lightsail スナップショットを EC2 にエクスポートしてみた
https://dev.classmethod.jp/articles/lightsail-exporting-snapshots-ec2/

#dev_classmethod #AWS #Amazon_Lightsail #Amazon_EC2

AWS Marketplace AMI 製品の無料トライアルは年間契約と併用できますか
https://dev.classmethod.jp/articles/tsnote-aws-marketplace-ami-buyer-free-trial/

#dev_classmethod #AWS #AWS_Marketplace #AMI

AWS WAF コンソールも CloudFront のマルチテナント機能に対応していたので設定してみた
https://dev.classmethod.jp/articles/cloudfront-multitenant-waf/

#dev_classmethod #AWS_WAF #Amazon_CloudFront #AWS

Amazon Q Developer IDE 拡張の新しい Agentic Coding 機能を体験する
https://qiita.com/hayao_k/items/9c6b1b9d364a06472182?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #VSCode #AmazonQ #AmazonQDeveloper

週刊生成AIアップデート
https://qiita.com/kanako_kodera_16/items/e131cdfb2263d80af6c7?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #update #生成AI

AWS SAP合格体験記｜最小の教材で最大の成果を得た話
https://qiita.com/Masaki_T/items/1b7598b6f76dc1308b53?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #AWS認定ソリューションアーキテクト #資格 #勉強法 #AWS認定試験

Mastra×BedrockでLLMアプリを作成してみよう！~トレースも取得するよ~
https://qiita.com/har1101/items/11c913c34f5f8ba088aa?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #Next_js #bedrock #LLM #Mastra

New Open-Source AWS Advanced PostgreSQL ODBC Driver now available for Amazon Aurora and RDS
https://aws.amazon.com/about-aws/whats-new/2025/05/aws-advanced-postgresql-odbc-driver-aurora-rds/ #aws

Lastly, there's the training data. I work for #AWS (so these are strictly my personal opinions). We are opinionated about the platform. We think that there are things you should do and things you shouldn't. If you have deep knowledge of anything (Microsoft, Google, NodeJS, SAP, whatever) you will have informed opinions.

The threat models that I have seen, that use general purpose models like Claude Sonnet, include advice that I think is stupid because I am opinionated about the platform. There's training data about AWS in the model that was authored by not-AWS. And there's training data in the model that was authored by AWS. The former massively outweighs the latter in a general-purpose, trained-on-the-Internet model.

So internal users (who are expected to do things the AWS way) are getting threats that (a) don't match our way of working, and (b) they can't mitigate anyway. Like I saw an AI-generated threat of brute-forcing a cognito token. While the possiblity of that happening (much like buying a winning lottery ticket) is non-zero, that is not a threat that a software developer can mitigate. There's nothing you can do in your application stack to prevent, detect, or respond to that. You're accepting that risk, like it or not, and I think we're wasting brain cells and disk sectors thinking about it and writing it down.

The other one I hate is when it tells you to encrypt your data at rest in S3. Try not to. There's no action for you to take. The thing you control is which key does it and who can use that key.

So if you have an area of expertise, the majority of the training data in any consumer model is worse than your knowledge. It is going to generate threats and risks that will irritate you.

4/fin

#AI #AppSec #ThreatModel

Amazon ECR adds support for Internet Protocol version 6 (IPv6)

https://aws.amazon.com/about-aws/whats-new/2025/05/amazon-ecr-support-ipv6/

#ipv6 #aws

Amazon OpenSearch Service launches flow builder to empower rapid AI search innovation
https://aws.amazon.com/blogs/big-data/amazon-opensearch-service-launches-flow-builder-to-empower-rapid-ai-search-innovation/ #aws #blog

Resource control policies (RCPs) are now available in the AWS GovCloud (US) Regions
https://aws.amazon.com/about-aws/whats-new/2025/05/resource-control-policies-aws-govcloud-us-regions #aws

AWS STS グローバルエンドポイントの仕様変更を東京リージョンで確かめてみた
https://dev.classmethod.jp/articles/aws-sts-global-endpoint-requests-locally-tokyo/

#dev_classmethod #AWS_STS #AWS #AWS_CLI #IAM

Build a gen AI–powered financial assistant with Amazon Bedrock multi-agent collaboration
https://aws.amazon.com/blogs/machine-learning/build-a-gen-ai-powered-financial-assistant-with-amazon-bedrock-multi-agent-collaboration/ #aws #blog