Last Week In AWS Podcast Welcome to re:Invent, Where the Roadmap Is Made Up and the Quotas Don't Matter
Dec 1, 2025
This week, fascinating topics include dynamic data masking for Aurora PostgreSQL, enhancing security without data duplication. CloudFront introduces mutual TLS support for edge-level authentication, ideal for B2B and IoT applications. There's a humorous take on EC2’s interruptible capacity reservations, raising questions about their function. Corey critiques AWS's approach to closing the AI value gap and dissects zero-ETL claims for Amazon Redshift. The discussion also highlights Route 53’s enhanced recovery and praises Compute Optimizer's recommendations for idle NAT gateways.
AI Snips
Chapters
Transcript
Episode notes
Mutual TLS At The Edge Is Now Free
- CloudFront adding mutual TLS at the edge gives free client authentication useful for B2B APIs and IoT fleets.
- Corey notes compliance teams will appreciate proper client auth once teams implement mTLS.
Interruptible Capacity Reservations Raise Questions
- EC2 interruptible capacity reservations are confusing and feel like spot instances with extra organizational steps.
- Corey expresses uncertainty about whether this genuinely simplifies capacity planning or just adds complexity.
Follow AWS Network Scanning Guidelines
- Be polite when performing network scanning and follow AWS's published guidelines to avoid enforcement issues.
- Corey frames the guidelines as a request to be nice while AWS builds technical controls.