In Season 4, Episode 31, Karl and Jon are joined by Warren Parad, CTO of Authress. They discussed AWS Managed Microsoft Active Directory and security practices, Amazon Q Developer CLI and serverless solutions, defense in depth security for CodeBuild pipelines, AWS, Microsoft, and Google Cloud quarterly financial results, and the UK Competition and Markets Authority probe into cloud service providers. Then the guys started discussing Japanese electoral politics and karate techniques instead of AWS news.

03:47 - AWS managed Microsoft Active Directory 

The article discusses how to automatically disable users in AWS managed Microsoft Active Directory based on GuardDuty findings. The process involves a complex setup described as a "Rube Goldberg machine," including Event Bridge, Step Functions, and Systems Manager. The speakers debate the practicality of this solution and suggest alternatives like using Azure Active Directory instead.

08:40 - Amazon Q developer CLI and serverless solutions 

This article from the AWS artificial intelligence blog discusses building modern serverless solutions using Amazon Q developer CLI. The speakers express skepticism about the quality of the recommendations provided by the tool, noting that even the examples in the blog post don't adhere to best practices. They discuss the concept of MCP (Multi-Cloud Platforms) and its relevance in the context of AI and API interactions.

13:16 - Defense in depth security for CodeBuild pipelines 

The article focuses on implementing defense in depth security measures for CodeBuild pipelines. The speakers discuss the relevance of such measures, especially in the context of open-source projects and potential security risks from pull requests. They also touch on the recent security incident with AWS tools for Q developer and the need for transparency in such situations.

22:52 - Cloud providers' quarterly financial results 

The discussion covers the quarterly financial results of major cloud providers (AWS, Microsoft Azure, and Google Cloud). The speakers analyze the growth rates, revenue numbers, and the challenges in comparing these figures due to differences in how each company reports their cloud-related earnings. They also discuss the impact of AI investments on these results.

33:36 - UK Competition and Markets Authority probe 

The podcast covers the ongoing probe by the UK Competition and Markets Authority into major cloud service providers. The investigation has focused on Microsoft and Amazon, finding that both have "significant unilateral market power." The speakers discuss the implications of this finding, the challenges faced by smaller cloud providers, and the potential impact on issues like egress fees.