From Cloud Chaos to Confidence
Last week in Vegas, AWS made it pretty clear where they think cloud computing is headed. The word ”agent” came up roughly every 30 seconds across the keynotes. Here’s what caught our attention.
Compute, Serverless & Containers
Graviton5 delivers 192 cores with 25% higher performance than Graviton4 and 33% lower inter-core latency. The new M9g instances target general-purpose workloads at industry-leading price-performance.
Lambda Managed Instances lets you run Lambda functions on EC2 instances without managing infrastructure. AWS handles instance lifecycle, OS patching, routing, load balancing, and auto-scaling.
Access specialized hardware including Graviton5 processors and high-bandwidth networking, leverage EC2 pricing models like Compute Savings Plans and Reserved Instances, and process parallel requests within execution environments for better resource utilization. Create capacity providers to define compute preferences and scaling policies. Supports Java, Node.js, Python, and .NET runtimes. Available in US East, US West, Asia Pacific Tokyo, and Europe Ireland.
Lambda Durable Functions enables multi-step workflows that run for up to a year. It automatically checkpoints progress and recovers from failures without custom error handling code. New ”steps” and ”waits” operations let you pause execution with no compute charges while waiting. GA in US East (Ohio) for Python 3.13/3.14 and Node.js 22/24, with support via Console, CLI, CloudFormation, SAM, SDK, and CDK.
On the container side, Amazon EKS streamlines Kubernetes building and scaling with out-of-the-box platform features. AWS handles auto scaling, patching, and upgrading of platform components in AWS-owned infrastructure separate from customer clusters. Three capabilities available: Argo CD, AWS Controllers for Kubernetes, and Kube Resource Orchestrator. Available in all AWS Regions except GovCloud and China. EKS Capabilities allows organizations to focus on application deployment while AWS manages platform infrastructure operations.
Amazon ECS Express Mode lets you rapidly launch containerized web applications and APIs. Just provide your container image ECS Express Mode handles the rest, including auto-generating an AWS-provided domain name. Applications scale in response to traffic, use ALB for distribution, and can consolidate up to 25 services behind a single ALB with intelligent rule-based routing. All provisioned resources remain fully accessible in your account. Available in all AWS Regions at no additional charge via Console, CLI, SDK, CloudFormation, CDK, and Terraform.
Security
GuardDuty Extended Threat Detection now provides unified visibility across EC2 and ECS, helping identify multi-stage attacks that span VMs and containers supporting the same application. It uses AI/ML to correlate security signals across network, process, malware, and API activity, and introduces two new critical-severity findings: CompromisedInstanceGroup and CompromisedCluster. Each finding includes attack sequence information, MITRE ATT&CK mappings, and remediation recommendations. Automatically enabled for existing GuardDuty customers at no additional cost (30-day free trial for new customers).
Security Hub now delivers near real-time risk analytics and advanced trends for actionable insights. It correlates security signals from GuardDuty, Inspector, and CSPM services, with automated attack path visualization showing how threats could chain together. New features include centralized deployment across AWS Organizations, an integrated ticketing system for automated response workflows, and streamlined pricing that consolidates multiple security services.
Cost Optimization
Database Savings Plans extends the Savings Plans model to your data tier with up to 35% savings. Discounts automatically apply to both serverless and provisioned instances, and you can switch between instance families, regions, and database engines without losing your discount. Supports Aurora, RDS, DynamoDB, ElastiCache, DocumentDB, Neptune, Keyspaces, Timestream, and DMS. Available in all AWS Regions (except China) with no upfront payment required.
New AWS Support plans got a major revamp with AI-powered insights and proactive monitoring. The real news is pricing: Business Support+ now starts at $29/month (down from $100), Enterprise drops to $5,000/month (down from $15,000). Note: Developer, Business, and Enterprise On-Ramp plans are being discontinued January 2027 existing customers will need to migrate.
Networking
AWS/Google Interconnect provides dedicated private connections between Amazon VPCs and other cloud environments. Google Cloud is the first launch partner, with Microsoft Azure coming later in 2026. Eliminates complex ”do-it-yourself” multicloud networking approaches and reduces connection setup time from weeks/months to quick deployment via AWS Transit Gateway, Cloud WAN, and Amazon VPC. Available in preview across five AWS Regions, accessible via AWS Management Console and open API on GitHub.
Storage
Amazon S3 now supports objects up to 50 TB, a 10x increase from the previous 5 TB limit. Supports large files like high-resolution videos, seismic data, and AI training datasets. Available across all storage classes and regions. Use AWS SDK’s CRT and S3 Transfer Manager for optimized upload/download performance.
- AWS US East (N. Virginia) us-east-1 – Google Cloud N. Virginia (us-east4)
- AWS US West (N. California) us-west-1 – Google Cloud Los Angeles (us-west2)
- AWS US West (Oregon) us-west-2 – Google Cloud Oregon (us-west1)
- AWS Europe (London) eu-west-2 – Google Cloud London (europe-west2)
- AWS Europe (Frankfurt) eu-central-1 – Google Cloud Frankfurt (europe-west3)
AWS NAT Gateway now supports regional availability means a single NAT Gateway automatically expands/contracts across AZs based on workload presence. Simplified setup, maintained high availability, potential cost optimization for multi-AZ architectures.
Logs
Amazon CloudWatch introduces unified data management and analytics for operations, security, and compliance. Automatically normalizes data with built-in OCSF and OpenTelemetry support, and offers Apache Iceberg-compatible access through S3 Tables for querying with Athena, SageMaker, or any Iceberg tool. New pipelines streamline data ingestion with pre-built connectors for AWS services and third-party sources (CrowdStrike, Okta, Wiz, Palo Alto Networks, ServiceNow, and more). Query using natural language, LogsQL, PPL, or SQL through a single interface. New Facets provide intuitive filtering by source, application, account, region, and log type. Available in all AWS Regions except GovCloud and China.
Database
Amazon DynamoDB now supports multi-attribute composite keys for global secondary indexes. Partition and sort keys can include up to four attributes each (eight total), eliminating the need for manual value concatenation into synthetic keys. No data backfilling required when adding new indexes. Multi-attribute partition keys improve data distribution and uniqueness, while multi-attribute sort keys enable flexible left-to-right conditional querying. Available at no additional charge in all AWS Regions via Console, CLI, SDKs, and DynamoDB API.
Developer Tools & Modernization
AWS Transform got agentic AI for code modernization. It learns your org’s patterns, automates transformations across repositories, and cuts execution time by up to 80%. Air Canada modernized thousands of Lambda functions in days.
Amazon Kiro, AWS’s AI development platform, is now free for startups for a year. Amazon revealed they’re using it as their own in-house platform.
The Agent Push is Real
Frontier Agents can run for days on complex tasks without human intervention. AWS launched a Kiro agent for developers and a Security Agent that handles application security across AWS and multicloud environments.
AWS DevOps Agent (preview) autonomously triages incidents and guides teams to rapid resolution. It learns resource relationships and correlates telemetry, code, and deployment data across observability tools, runbooks, code repositories, and CI/CD pipelines. Provides actionable recommendations for observability and infrastructure optimization. Available at no additional cost during preview in US East (N. Virginia).
Bedrock AgentCore updates include episodic memory (agents learn from past interactions), better policy controls, and quality monitoring.
AWS AI Factories lets you deploy managed AWS AI infrastructure on-premises for organizations with data residency or regulatory requirements.
On models: Nova Forge (build custom frontier models), Nova Act (browser automation at 90%+ reliability), and Claude 4.5 landed in Bedrock. Additionally, 18 new open-weight models are now available across multiple AI providers: Google Gemma 3 (4B, 12B, 27B), Mistral Large 3 and Ministral series, NVIDIA Nemotron for general and vision tasks, Qwen3 (including 80B and 235B variants), plus models from MiniMax, Moonshot, and OpenAI. Unified API enables easy model evaluation and switching without code changes.
Werner’s Last Keynote
Werner Vogels delivered his final re:Invent keynote after 14 years (though he’s staying at Amazon). His closing talk focused on AI’s role in the future including the honest acknowledgment that it will displace some jobs. He ended with a literal mic drop: ”Werner, out.”
Accelerate Your Cloud Journey with K3
AWS is delivering groundbreaking innovations across compute, serverless, containers, security, and AI. As your cloud experts, K3 helps you turn these capabilities into real business value — from cost optimization and modernization to building secure, scalable, future-ready cloud platforms.
Ready to unlock the full power of the cloud? Connect with K3 and let’s move forward together.
