OpenAI Comes to Amazon Bedrock: A Win for Model Consumers

In a move that few would have predicted even a year ago, Amazon Web Services and OpenAI have announced a significant partnership that brings OpenAI’s frontier models — including Codex — directly into Amazon Bedrock. For those of us who build on AWS and care about where the AI ecosystem is headed, this is a genuinely exciting development.

You can read the official announcements from both sides here: OpenAI on AWS and AWS: Bedrock OpenAI Models .

Amazon Bedrock's Security Model: What Enterprises Actually Need to Know

One of the most common blockers I hear from enterprise teams evaluating generative AI isn’t about model quality — it’s about trust. Where does our data go? Can AWS see our prompts? Will our inputs be used to train someone else’s model? Can we meet our compliance requirements? These are the right questions to ask, and Amazon Bedrock has spent considerable engineering effort making sure the answers are satisfying.

This post walks through the core pillars of Bedrock’s security model: how inference stays private, what AWS commits to around your data, how to keep traffic off the public internet, what compliance certifications are in place, how IAM gives you fine-grained access control, and how AgentCore’s Cedar policies extend that control to the level of individual agent tool calls.

Amazon Bedrock AgentCore: The Infrastructure Layer Your AI Agents Have Been Missing

Building an AI agent that works in a demo is one thing. Getting it to reliably work in production — across thousands of concurrent users, with proper security, memory, and observability — is an entirely different challenge. If you’ve ever tried to take an AI agent from prototype to production, you know exactly what I’m talking about. Months of undifferentiated infrastructure work: session management, identity controls, persistent memory, tool integrations, monitoring. All of it built from scratch, all of it before you’ve written a single line of your actual business logic.

How Startups & SMBs Can Leverage AWS Marketplace to Accelerate Growth

As a Startup or Small-to-Medium Business (SMB), you’re always looking for ways to move fast and scale smart 💡. AWS Marketplace offers a powerful resource to help you get the tools you need without spending time and money building everything from scratch. It’s a one-stop shop for finding, purchasing, and deploying software and services that meet your business needs.

Cloud marketplaces are becoming a key channel for businesses to quickly discover and purchase software. This is especially critical for startups and SMBs aiming to innovate rapidly and accelerate time-to-value. Explore how AWS Marketplace simplifies software procurement, provisioning, and governance: Learn more here .

Unlocking the Power of AWS Marketplace: A Guide for Every Persona

Welcome to the start of an exciting journey 🚀, where I dive into the AWS Marketplace! Whether you’re a Startup, SMB, Enterprise, Solution Integrator, or Independent Software Vendor (ISV), the AWS Marketplace offers a treasure trove of tools and services designed to help you scale, innovate, and manage software and data procurement, provisioning, and governance in the cloud.

In this series, I’ll explore how each persona can unlock the full potential of the AWS Marketplace—from discovering ready-to-deploy software solutions to simplifying procurement and streamlining management tasks. But first, let’s set the stage with an overview of what AWS Marketplace is and why it’s valuable for your specific needs.

Encrypt and Copy Existing AWS Backup Recovery Points to a New Account for Enhanced Security

Backup Best Practices in Data Protection

When designing a secure backup solution on AWS, it is important to ensure that:

• Recovery points are stored in a separate account: This prevents an attacker from deleting both the production data and backups in the event of credential compromise.
• Backups are encrypted: Even if data is lost or compromised, encryption ensures that it cannot be read or misused.

In this post, I will guide you through a process to implement a solution that satisfies both of these best practices.

Remediating Unencrypted EBS Volumes: Encryption in Action

Recap: Preparing for Full Encryption

In the last two posts, I discussed the importance of encrypting data at rest and how to identify unencrypted EBS volumes attached to EC2 instances by using a Python script. After generating a report, I outlined the initial steps for remediation, which included gathering information about unencrypted volumes.

Now, it’s time to take action in an automated fashion. In this post, I’ll guide you through the process of actually encrypting unencrypted EBS volumes using the encrypt-ec2-ebs-vols.py Python script. This script automates the encryption process, ensuring that your EC2 instances’ volumes are fully secured. Note that EC2 instances will be powered off during these operations, and I’ll handle instances differently based on their initial state.