AWS Bites

If you’re curious about building with LLMs, but you want to skip the hype and learn what it takes to ship something reliable in production, this episode is for you.We share our real-world experience building AI-powered apps and the gotchas you hit after the demo: tokens and cost, quotas and throttling, IAM and access friction, marketplace subscriptions, and structured outputs that do not break your JSON parser.We focus on Amazon Bedrock as AWS’s managed inference layer: how to get started with the current access model, how to choose models, how pricing works, and what to watch for in production.We also go deep on structured outputs: constrained decoding, schema design that improves output quality, and how to avoid “grammar compilation timed out”.

In this episode, we mentioned the following resources:

AWS Lambda is fantastic for small, stateless code on demand. But when your “function” starts looking like a workflow (retries, backoff, long waits, human approvals, callbacks), classic Lambda patterns can feel like a fight: 15-minute max runtime, no built-in state, and orchestration glue everywhere (Step Functions, queues, schedules, and state you did not want to own). In this episode of AWS Bites, Eoin and Luciano explore AWS Lambda Durable Functions, announced at re:Invent 2025. It’s still Lambda (same runtimes and scaling), but with durable execution superpowers: named steps, automatic checkpointing, and the ability to suspend and resume from a safe point without redoing completed work. We unpack the replay/resume model under the hood, when this approach shines, and the gotchas (determinism, idempotency, replay-aware logging, debugging resumed runs). To make it real, we share how we rebuilt PodWhisperer v2 using Durable Functions to orchestrate a GPU-powered WhisperX pipeline, LLM refinement, speaker naming, and caption generation.

In this episode, we mentioned the following resources:

AWS just made Lambda… less serverless. Lambda Managed Instances (Lambda MI) brings managed EC2 capacity into Lambda, and it changes the rules: environments stay warm, a single environment can handle multiple concurrent invocations, and scaling becomes proactive and asynchronous instead of “spin up on demand when traffic hits.”In this episode of AWS Bites, Eoin and Luciano break down what Lambda MI unlocks (and what it costs): fewer traditional cold starts, but a new world of capacity planning, headroom, and potential throttling during fast spikes. We compare it to Default Lambda, explain how the new scaling signals work, and what “ACTIVE” really means when publishing can take minutes on a new capacity provider.To make it real, we built a video-processing playground: an API, a CPU-heavy processor, and a Step Functions workflow that scales up before work and back down after. We share the practical lessons, the rough edges (regions, runtimes, mandatory VPC, minimum 2 GB + 1 vCPU, concurrency pitfalls), and the pricing reality: requests + EC2 cost + a 15% management fee.

In this episode, we mentioned the following resources:

Love AWS Fargate, but occasionally hit the “I need more control” wall (GPUs, storage, network bandwidth, instance sizing)? In this episode of AWS Bites, Eoin and Luciano put the brand-new Amazon ECS Managed Instances (ECS MI) under the microscope as the “middle path” between Fargate simplicity and ECS on EC2 flexibility. We unpack what ECS MI actually is and where it fits in the ECS spectrum, especially how it changes the way you think about clusters and capacity providers. From there we get practical: we talk through the pricing model (EC2 pricing with an additional ECS MI fee that can be a bit counterintuitive if you rely heavily on Reserved Instances or Savings Plans), and we share what it feels like to finally get GPU support in an experience that’s much closer to Fargate than to “full EC2 fleet management”. To make it real, we walk through what we built: a GPU-enabled worker that transcribes podcast audio using OpenAI Whisper, including the end-to-end setup in CDK (roles, capacity provider wiring, task definitions, and service configuration). Along the way we call out the rough edges we ran into, like configuration options that look like they might enable Spot-style behavior, and the operational realities you should expect, such as tasks taking roughly 3–4 minutes to start when ECS needs to provision fresh capacity. We close by mapping out the workloads where ECS MI shines (queue-driven GPU jobs, HPC-ish compute, tighter storage/network control) and the scenarios where it’s probably the wrong choice, like when you need custom AMIs, SSH access, or stricter isolation guarantees.

In this episode, we mentioned the following resources:

We dive deep into Strapi, an open-source headless CMS that's changing how we approach content management and CRUD applications. In this episode, we explore how Strapi separates content from presentation, allowing marketing teams to manage content independently while developers maintain full control over the frontend experience. We discuss the powerful features that caught our attention, including the visual content type builder, dynamic zones, components, and the innovative blocks editor that stores content as JSON rather than HTML. We also cover practical aspects like local development workflows, data synchronization between environments, and deployment strategies on AWS. While we highlight some rough edges around documentation and minor bugs, we share our overall positive experience and provide insights into when Strapi might be the right choice for your next project.

In this episode, we mentioned the following resources:

What if “Java is too old for serverless” is the myth holding your team back in 2025?

We put it to the test with Mark Sailes (ex-AWS, Java-on-Lambda expert). In this AWS Bites episode we get specific: when Java is the right call for Lambda and when it isn’t, how to hit real latency targets, and the exact levers that matter in production—SnapStart, provisioned concurrency, smart JVM/GC settings, and whether GraalVM is worth it. We compare vanilla Java, Micronaut, Quarkus, and Spring Boot for startup and memory, share realistic p95/p99 expectations, and outline fast feedback loops with Testcontainers and LocalStack.If Java on Lambda sounds risky, this might change your mind. Stick around for Mark’s tuning checklist and our verdict on when to bet on Java vs pick another runtime.

What if AWS built an IDE to rival your favorite editor? Turns out they did!In this episode of AWS Bites, we dive into Kiro, an AI centric fork of VS Code that tries to turn an empty repo and a loose idea into working software. Kiro imports your VS Code world, then guides you through requirements, design, and a clear task plan before an agent gets to work. We share what clicked, what tripped us up, and how Kiro’s spec driven approach compares to Cursor or Claude Code. We also cover status, limits, pricing, and what this could become if AWS leans in with deep cloud integration. Stick around for our take on whether you should switch or wait.

What if AWS had its own version of Killed by Google? Well… turns out it kind of does.In this episode of AWS Bites, we explore the AWS Product Lifecycle page, the official place where AWS quietly lists products and services that are being deprecated, shut down, or closed to new customers. If you rely on AWS in production, this is a page you’ll want to bookmark.We walk through what’s on the list today, from Amazon Pinpoint to IoT Analytics and beyond, and we even throw in some predictions of what might be next to hit the chopping block. App Runner vs Beanstalk? API Gateway REST vs HTTP? Let the speculation begin!

Amazon Aurora DSQL promises to bring a truly serverless experience to SQL databases. But does it actually deliver? In this episode of AWS Bites, we put Aurora DSQL to the test. We explore what makes it exciting, how it compares to traditional Aurora Serverless, and where it falls short. You’ll hear what changed since our last Aurora deep dive, and why DSQL might be the PostgreSQL-compatible serverless database you’ve been waiting for.

Cost is always top of mind when building in the cloud, and recently AWS has introduced some changes worth paying attention to. In this episode of AWS Bites, we explore a shift that caught many by surprise: the “free” INIT phase for Lambda’s managed runtimes is going away. That cold start time that used to fly under the billing radar? It's now part of the cost. We dig into what this means for your workloads, who might feel the impact, and whether this gives languages like Rust and Go an extra edge. But it’s not all bad news. AWS has also rolled out new pricing tiers for CloudWatch Logs, making it cheaper for high-volume accounts. On top of that, there are new options to send logs directly to S3 or Firehose, helping simplify pipelines and reduce costs. We close with a few tips to help you keep your Lambda and logging spend under control. If you're building on AWS and care about efficiency, this is one you won't want to miss.

Picture this. You’ve got a web app built with Rust and Solid.js. It started life running on a dusty on-prem server, but now it's time to move it to the cloud. The clock is ticking. You could take the well-worn AWS path: set up a VPC, configure subnets, attach an ALB, define IAM roles, and deploy with Fargate. Or you could try something different. In this episode of AWS Bites, we share the real story of migrating a monolithic containerized app to AWS App Runner. It promises to take your code, build it, deploy it, and scale it with minimal effort. But does it really deliver? We compare App Runner with Fargate based on hands-on experience. You’ll learn where App Runner shines, where it gets in the way, and how we handled everything from custom domains to background job processing. You’ll also hear when we would still choose Fargate, and why. If you've ever hoped for a Heroku-like experience on AWS, or you want to simplify your container deployments without giving up too much control, this episode is for you.

We discuss common use cases and challenges for copying data between S3 buckets and S3-compatible object storage services. We share our experience building an open source Node.js CLI tool called S3-Migrate to efficiently migrate data with separate source and destination credentials. We cover performance considerations like streaming, chunk sizes, concurrency and parallelism.

In this episode, we provide an overview of AWS Step Functions and dive deep into the powerful new JSONata and variables features. We explain how JSONata allows complex JSON transformations without custom Lambda functions, enabling more serverless workflows. The variables feature also helps avoid the previous 256KB state size limit. We share examples from real projects showing how these features simplify workflows, reduce costs and enable new use cases.

In this episode, we explore DuckDB, an open-source analytical database known for its speed and simplicity. Discover how DuckDB stands out in various applications and compare it to other tools like SQLite, Athena, Pandas, and Polars. We also demonstrate integrating DuckDB with AWS Lambda and Step Functions for serverless analytics.

In this episode, we discuss using AWS Lambda Powertools for Python to build serverless REST APIs with AWS Lambda. We cover the benefits of using Powertools for routing, validation, OpenAPI support, and more. Powertools provides an excellent framework for building APIs while maintaining Lambda best practices.In this episode, we mentioned the following resources:

Ready to take your tech career to the cloud and build those awe-inspiring systems you see? Then you're in the right place. This episode of AWS Bites is your blueprint for becoming a successful cloud architect. We're not just going to talk about it; we'll show you what worked for us, sharing the critical skills you need, and a practical path to build your expertise. Whether you're a beginner or looking to take the next step, join us as we equip you with the knowledge and tools to make your mark as a cloud architect!

In this episode, we mentioned the following resources:

In this episode, David Lynam provides an overview of AWS Transit Gateway, which aims to simplify complex network connectivity between VPCs, VPNs, and on-premises networks. We discuss the limitations of using VPC peering and the benefits Transit Gateway provides through its hub-and-spoke model. The main components of Transit Gateway are explained, including attachments, route tables, associations, and route propagation. We go through some example use cases like sharing Transit Gateways across accounts, network isolation for compliance, routing traffic through security services, and bandwidth/scaling capabilities.

In this episode, we mentioned the following resources:

In this pre-re:Invent 2024 episode, Luciano and Eoin discuss some of their favorite recent AWS announcements, including improvements to AWS Step Functions, Lambda runtime updates, DynamoDB price reductions, ALB header injection, Cognito enhancements, VPC public access blocking, and more. They share their thoughts on the implications of these new capabilities and look forward to seeing what else is announced at the conference. Overall, it's an exciting time for AWS developers with many new features to explore. Very important: no focus on GenAI in this episode :)

In this episode, we discuss the pros and cons of using serverless architecture in enterprise companies. We cover topics like cost, complexity, security, ability to evolve architecture, and more. Overall, we find that serverless can provide benefits like reduced operational costs, improved developer productivity, and increased focus on core business logic for larger companies.

In this episode, we discuss why IAM users and long-lived credentials are dangerous and should be avoided. We share war stories of compromised credentials and overprivileged access. We then explore solutions like centralizing IAM users, using tools like AWS Vault for temporary credentials, integrating with AWS SSO, and fully eliminating IAM users when possible.

In this episode, we provided an overview of GitHub Action Runners and discussed the benefits of using self-hosted runners on AWS. We covered options including EC2 and CodeBuild for running GitHub Actions, compared pricing across solutions, and shared our hands-on experience setting things up. Overall, using AWS services can provide more control, lower latency, and cost optimization compared to GitHub hosted runners.

In this episode, we discuss the concept of CloudFormation drift, what causes it, how to detect it, and strategies for resolving it. We explain that drift happens when the actual state of resources diverges from what is defined in the CloudFormation templates. Common causes include manual changes, third party tools, mixing IaC solutions, and automation. We then cover built-in drift detection in CloudFormation and integrating it with alarms. Finally, we suggest approaches for reconciling drift like change sets, deletion protection, and bringing up parallel stacks.

In this episode, we had the pleasure to interview Farrah Campbell, head of modern compute community at AWS, prolific speaker, and former AWS Hero. We discussed Farrah's career journey from healthcare into tech, tips on public speaking, dealing with imposter syndrome, the pace of innovation in the cloud, and predictions for the future. Farrah shared personal stories and advice for getting started in tech and being an active member of the community. It was inspiring to hear from someone so passionate about helping others learn and grow.

In this episode, we discuss AWS Lambda provisioned concurrency. We start with a recap of Lambda cold starts and the different concurrency control options. We then explain how provisioned concurrency works to initialize execution environments in advance to avoid cold starts. We cover how to enable it, pricing details, common issues like over/under-provisioning, and alternatives like self-warming functions or using other services like ECS and Fargate.

In this episode, we discuss Luciano's new book project on using Rust to write AWS Lambda functions. We start with a recap on why Rust is a good fit for Lambda, including performance, efficiency, safety, and low cold start times. Luciano provides details on the book's progress so far, the intended audience, and the current published chapters covering Lambda internals, getting started with Rust Lambda, and building a URL shortener app with DynamoDB. We also explore the differences between traditional publishing and self-publishing, and why Luciano chose the self-publishing route for this book. Luciano shares insights into the writing process with AsciiDoc, code samples, SVG image generation, and using Gumroad for distribution. He invites feedback from listeners who have experience with Rust and Lambda.

An overview of load balancers, explaining how they distribute traffic across multiple servers and provide high availability. We discuss layer 4 and layer 7 load balancers, detailing their pros and cons. We then focus on AWS load balancers, covering network load balancers and application load balancers in depth, including their features, use cases, and pricing models. We conclude by mentioning some alternatives to AWS load balancers.

This episode discusses solutions for securely accessing private VPC resources for debugging and troubleshooting. We cover traditional approaches like bastion hosts and VPNs and newer solutions using containers and AWS services like Fargate, ECS, and SSM. We explain how to set up a Fargate task with a container image with the necessary tools, enable ECS integration with SSM, and use SSM to start remote shells and port forwarding tunnels into the container. This provides on-demand access without exposing resources on the public internet. We share a Python script to simplify the process. We suggest ideas for improvements like auto-scaling the container down when idle. Overall, this lightweight containerized approach can provide easy access for debugging compared to managing EC2 instances.

In this episode, we discuss the newly announced CloudFront Hosting Toolkit from AWS. We provide an overview of the tool, which aims to simplify deploying modern front-end applications to AWS while retaining infrastructure control. We discuss the current capabilities and limitations and share our hands-on experiences trying out the tool. We also talk about alternatives like Vercel and Amplify, and the tradeoffs between convenience VS control. Overall, the toolkit shows promise but is still early-stage. We are excited to see it evolve to support more frameworks and use cases.

In this episode, we discuss some tips and tricks for optimizing performance when working with Amazon S3 at scale. We start by giving an overview of how S3 works, highlighting the distributed nature of the service and how data is stored redundantly across multiple availability zones for durability. We then dive into specific tips like using multipart uploads and downloads, spreading the load across key namespaces, enabling transfer acceleration, and using S3 byte-range fetches. Overall, we aim to provide developers building S3-intensive applications with practical guidance to squeeze the most performance out of the service.

In this episode, we provide a comprehensive overview of DynamoDB, including how it compares to relational databases, when to use it, how to get started, writing and querying data, secondary indexes, and single table design. We share our experiences using DynamoDB and discuss the pros and cons compared to traditional SQL databases.

In this episode, we provide an overview of Amazon Aurora, a relational database solution on AWS. We discuss its unique capabilities like distinct storage architecture for better performance and faster recovery. We cover concepts like Aurora clusters, reader and writer instances, endpoints, and global databases. We also compare the serverless versions V1 and V2, noting that V2 is more enterprise-ready while V1 scales to zero. We touch on billing and additional features like the data API, RDS query editor, and RDS proxy. Overall, Aurora is powerful and scalable but not trivial to use at global scale. It's best for serious enterprise use cases or variable traffic workloads.

In this episode, we discuss 5 different ways to extend CloudFormation capabilities beyond what it natively supports. We started with a quick recap of what CloudFormation is and why we might need to extend it. We then covered using custom scripts and templating engines, which can be effective but require extra maintenance. We recommended relying instead on tools like Serverless Framework, SAM, and CDK which generate CloudFormation templates but provide abstractions and syntax improvements. When you need custom resources, CloudFormation macros allow pre-processing templates, while custom resources and the CloudFormation registry allow defining new resource types. We summarized recommendations for when to use each approach based on our experience. Overall, we covered multiple options for extending CloudFormation to support more complex infrastructure needs.

In this episode, we discuss best practices for working with AWS Lambda. We cover how Lambda functions work under the hood, including cold starts and warm starts. We then explore different invocation types - synchronous, asynchronous, and event-based. For each, we share tips on performance, cost optimization, and monitoring. Other topics include function structure, logging, instrumentation, and security. Throughout the episode, we aim to provide a solid mental model for serverless development and share our experiences to help you build efficient and robust Lambda applications.

In this episode, we provide commentary and analysis on the 2024 AWS Community Survey results. We go through the key findings for each area including infrastructure as code, CI/CD, serverless, containers, NoSQL databases, event services, and AI/ML. While recognizing potential biases, we aim to extract insights from the data and share our perspectives based on experience. Overall, we see increased adoption across many services, though some pain points remain around developer experience. We hope this format provides value to listeners interested in cloud technology trends.

In this episode, we provide an introductory overview of AWS's best practices for managing infrastructure using multiple accounts under an organization. We discuss the advantages of this approach and how to get started creating your own multi-account environment, or "landing zone".

In this episode, we provide an overview of Amazon EBS, which stands for Elastic Block Storage. We explain what block storage is and how EBS provides highly available and high-performance storage volumes that can be attached to EC2 instances. We discuss the various EBS volume types, including GP3, GP2, provisioned IOPS, and HDD volumes, and explain how they differ in performance characteristics like IOPS and throughput. We go over important concepts like IOPS, throughput, and volume types so listeners can make informed decisions when provisioning EBS. We also cover EBS features like snapshots, encryption, direct API access, and ECS integration. Overall, this is a comprehensive guide to understanding EBS and choosing the right options based on your workload needs.

In this episode, we discuss AWS Resource Access Manager (RAM) and how it can be used to securely share AWS resources like VPC subnets, databases, and SSM parameters across accounts. We explain the benefits of using RAM over other options like resource policies and assumed roles. Some key topics covered include how to get started with RAM, how it works from the resource owner and resource participant side, and common use cases like sharing VPC subnets, Aurora databases, and SSM parameters.

In this episode, we discuss Permission Boundary policies in AWS IAM. A permissions boundary is an advanced feature in which you set the maximum permissions that an identity-based policy can grant to an IAM entity. When you set a permissions boundary for an entity, the entity can perform only the actions allowed by its identity-based policies and its permissions boundaries. In this episode, we discuss this concept a bit more in detail and we show how it can be used to give freedom to development teams while preventing privilege escalation. We also cover some of the disadvantages that come with using permission boundaries and other things to be aware of. Finally, we will give some practical advice on how to get the best out of Permissions Boundary Policy and get the best out of them.

In this episode, we discuss the new experimental AWS Lambda LLRT Low Latency runtime for JavaScript. We provide an overview of what a Lambda runtime is and how LLRT aims to optimize cold starts and performance compared to existing runtimes like Node.js. We outline the benefits of LLRT but also highlight concerns around its experimental status, lack of parity with Node.js, and reliance on dependencies like QuickJS. Overall, LLRT shows promise but needs more stability, support, and real-world testing before it can be recommended for production use. In the end, we also have an appeal for AWS itself when it comes to investing in the larger JavaScript ecosystem.

In this episode, we discuss what to do if you accidentally leak your AWS credentials during a live stream. We explain the difference between temporary credentials and long-lived credentials, and how to revoke each type. For temporary credentials, we recommend using the AWS console to revoke sessions or creating an IAM policy to deny access. For long-lived credentials, you must deactivate and rotate the credentials. We also touch on using tools like HashiCorp Vault to manage credentials securely.

In this episode, we provide a friendly introduction to Service Control Policies (SCPs) in AWS Organizations. We explain what SCPs are, how they work, common use cases, and tips for troubleshooting access-denied errors related to SCPs. We cover how SCPs differ from identity-based and resource-based policies, and how SCPs can be used to set boundaries on maximum permissions in AWS accounts across an organization.

In this episode, we discuss how we work as a cloud consulting company, including our principles, engagement process, sprint methodology, and focus on agile development to deliver successful projects. We aim to be trusted partners, not just vendors, and enable our customers' business goals. By the end of this episode, you will know what working with a cloud consulting company like fourTheorem could look like and you might learn some strategies to make cloud projects a success! We will also digress a little into the history of software practices, common misconceptions, and what we believe should be the right way to build software.

In this episode, we discuss using AWS Lambda for machine learning inference. We cover the tradeoffs between GPUs and CPUs for ML, tools like ggml and llama.cpp for running models on CPUs, and share examples where we've experimented with Lambda for ML like podcast transcription, medical imaging, and natural language processing. While Lambda ML is still quite experimental, it can be a viable option for certain use cases.

💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources.

This episode of the AWS Bites Podcast provides an overview of the AWS Project Development Kit (PDK), an open-source tool to help bootstrap and maintain cloud projects. We discuss what PDK is, how it can help generate boilerplate code and infrastructure, keep configuration consistent across projects, and some pros and cons of using a tool like this versus doing it manually. Is PDK something you should use for your cloud projects? Let's find out!

💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources.

In this episode, we discuss how you can use Python for data science workloads on AWS Lambda. We cover the pros and cons of using Lambda for these workloads compared to other AWS services. We benchmark cold start times and performance for different Lambda deployment options like zip packages, layers, and container images. The results show container images can provide faster cold starts than zip packages once the caches are warmed up. We summarize the optimizations AWS has made to enable performant container image deployments. Overall, Lambda can be a good fit for certain data science workloads, especially those that are bursty and need high concurrency.

💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources.

In this episode, we share expert opinions from AWS community leaders on their favorite announcements from re:Invent 2023, advice for those starting their cloud journey, predictions for the future of serverless, whether to go multi-cloud or not, and how AI will impact developers. Our guests provide insightful perspectives on getting hands-on experience, leveraging the AWS community, thinking through architectural decisions, and more. AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources.

Luciano and Eoin chat about Luciano's experience attending AWS re:Invent 2023 in Las Vegas for the first time. They talk about the massive scale of the event, logistical challenges getting around between venues, highlights from the keynotes and announcements, and tips for networking and getting the most out of re:Invent. Luciano shares his perspective on the AI focus, meeting people in real life after connecting online, rookie mistakes to avoid, and why re:Invent is worth the investment for anyone working in the AWS space. AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources.