Three things AWS Bedrock still gets wrong
Bedrock has gotten meaningfully better in the last six months. The places it hasn't are still the same places. Worth being explicit about which gaps are likely to close and which look structural.
Cloud
AWS Bedrock through a small-shop lens
Bedrock is built for the enterprise integration story. Most of the AWS-doc treatment assumes that audience. Worth working through what the small-shop or solo-developer version of using it actually looks like.
The state of GPU access for the rest of us
The headlines say GPUs are unobtainable. The headlines are about the hyperscalers. For everyone else, the picture in early 2025 is more interesting and more usable than it gets credit for.
The cloud bill nobody talks about: "free" AI features in your SaaS
Every SaaS vendor shipped AI features last year. Most of them are billed as included. They are not free, they are baked into the seat price, and the seat price is moving.
GPT-4.5 vs Claude 3.7 vs Gemini 2.0: a cloud architect's take
Three frontier models on the table at the end of February, three different bets about what "frontier" means. The interesting comparison isn't who wins, it's who fits which workload.
Stargate, $500B, and what the bill is actually for
The Stargate announcement was a number, a podium, and a four-year horizon. Underneath those there's an actual procurement plan worth understanding, and one that exists in tension with what got proven the day before.
Cloud waste at the IaC layer: catching it before merge
Most cloud-bill surprises were visible at PR time. The plan output knows the resource shape, the region, the size, and what the cloud charges for it, and you can read that out of the plan-json before anything ships. Here's the pattern, what it catches, and what it can't.
HashiCorp and IBM: what the acquisition changes for IaC users
IBM announced a $6.4B acquisition of HashiCorp on April 24. The honest read is that this confirms the BSL-era trajectory more than it changes it. Here's what's likely, what's uncertain, what stays the same for current Terraform users in the short term, and what to actually watch.
GKE clusters via Terraform: the variables that actually matter
Most GKE-via-Terraform modules expose every knob the API has, then bury the few that matter. Here's the split I've landed on after a year of customer demos, what to parameterize per environment, what to hardcode and forget, and the regional-vs-zonal trade-off nobody likes to talk about.
Provider version pinning: the audit nobody runs until something breaks
Provider version pinning is one of those Terraform topics nobody thinks about until the CI runner picks up a new minor release at 2 a.m. and a hundred plans go red. Here's the audit pattern I run for customers, the trap on both sides, and the constraint style I land on by default.
Lifecycle hooks for production Terraform: prevent_destroy and ignore_changes
Lifecycle hooks are the part of Terraform that looks trivial in the docs and saves you from a six-figure outage in practice. Here's how prevent_destroy and ignore_changes actually get used in production, what to put them on, what not to, and the operations cost of getting it right.
Plan output as data: what terraform plan -json actually enables
Most Terraform pipelines treat plan output as text, paste it in a PR, hope the reviewer reads it. The JSON form is structured data, and once you treat it that way, cost preview, policy gates, drift attribution, and change-risk scoring become engineering problems.