Go offline with the Player FM app!
Season 4 Episode 31: Cloud Wars, Code Builds, and CMA Probes
Manage episode 498441098 series 3426452
In Season 4, Episode 31, Karl and Jon are joined by Warren Parad, CTO of Authress. Together, they discuss a range of topics including AWS Managed Microsoft Active Directory and best practices for security, the Amazon Q Developer CLI and serverless solutions, implementing defense-in-depth security for CodeBuild pipelines, and the latest quarterly financial results from AWS, Microsoft, and Google Cloud. They also cover the UK Competition and Markets Authority’s investigation into cloud service providers — all while Karl battles network issues ahead of his upcoming fibre installation.
03:47 - AWS managed Microsoft Active Directory
The article discusses how to automatically disable users in AWS managed Microsoft Active Directory based on GuardDuty findings. The process involves a complex setup described as a "Rube Goldberg machine," including Event Bridge, Step Functions, and Systems Manager. The speakers debate the practicality of this solution and suggest alternatives like using Azure Active Directory instead.
08:40 - Amazon Q developer CLI and serverless solutions
This article from the AWS artificial intelligence blog discusses building modern serverless solutions using Amazon Q developer CLI. The speakers express skepticism about the quality of the recommendations provided by the tool, noting that even the examples in the blog post don't adhere to best practices. They discuss the concept of MCP (Multi-Cloud Platforms) and its relevance in the context of AI and API interactions.
13:16 - Defense in depth security for CodeBuild pipelines
The article focuses on implementing defense in depth security measures for CodeBuild pipelines. The speakers discuss the relevance of such measures, especially in the context of open-source projects and potential security risks from pull requests. They also touch on the recent security incident with AWS tools for Q developer and the need for transparency in such situations.
22:52 - Cloud providers' quarterly financial results
The discussion covers the quarterly financial results of major cloud providers (AWS, Microsoft Azure, and Google Cloud). The speakers analyze the growth rates, revenue numbers, and the challenges in comparing these figures due to differences in how each company reports their cloud-related earnings. They also discuss the impact of AI investments on these results.
33:36 - UK Competition and Markets Authority probe
The podcast covers the ongoing probe by the UK Competition and Markets Authority into major cloud service providers. The investigation has focused on Microsoft and Amazon, finding that both have "significant unilateral market power." The speakers discuss the implications of this finding, the challenges faced by smaller cloud providers, and the potential impact on issues like egress fees.
100 episodes
Manage episode 498441098 series 3426452
In Season 4, Episode 31, Karl and Jon are joined by Warren Parad, CTO of Authress. Together, they discuss a range of topics including AWS Managed Microsoft Active Directory and best practices for security, the Amazon Q Developer CLI and serverless solutions, implementing defense-in-depth security for CodeBuild pipelines, and the latest quarterly financial results from AWS, Microsoft, and Google Cloud. They also cover the UK Competition and Markets Authority’s investigation into cloud service providers — all while Karl battles network issues ahead of his upcoming fibre installation.
03:47 - AWS managed Microsoft Active Directory
The article discusses how to automatically disable users in AWS managed Microsoft Active Directory based on GuardDuty findings. The process involves a complex setup described as a "Rube Goldberg machine," including Event Bridge, Step Functions, and Systems Manager. The speakers debate the practicality of this solution and suggest alternatives like using Azure Active Directory instead.
08:40 - Amazon Q developer CLI and serverless solutions
This article from the AWS artificial intelligence blog discusses building modern serverless solutions using Amazon Q developer CLI. The speakers express skepticism about the quality of the recommendations provided by the tool, noting that even the examples in the blog post don't adhere to best practices. They discuss the concept of MCP (Multi-Cloud Platforms) and its relevance in the context of AI and API interactions.
13:16 - Defense in depth security for CodeBuild pipelines
The article focuses on implementing defense in depth security measures for CodeBuild pipelines. The speakers discuss the relevance of such measures, especially in the context of open-source projects and potential security risks from pull requests. They also touch on the recent security incident with AWS tools for Q developer and the need for transparency in such situations.
22:52 - Cloud providers' quarterly financial results
The discussion covers the quarterly financial results of major cloud providers (AWS, Microsoft Azure, and Google Cloud). The speakers analyze the growth rates, revenue numbers, and the challenges in comparing these figures due to differences in how each company reports their cloud-related earnings. They also discuss the impact of AI investments on these results.
33:36 - UK Competition and Markets Authority probe
The podcast covers the ongoing probe by the UK Competition and Markets Authority into major cloud service providers. The investigation has focused on Microsoft and Amazon, finding that both have "significant unilateral market power." The speakers discuss the implications of this finding, the challenges faced by smaller cloud providers, and the potential impact on issues like egress fees.
100 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.