Emiliano Montesdeoca
Cloud Solutions Team Lead & Community Builder
Emiliano is an Uruguayan-Spanish software developer and community advocate based in Tenerife, Canary Islands. He specializes in architecting scalable cloud solutions and translates real-world cloud, AI, and platform engineering work into practical guidance for builders. On The AWS Blog, he focuses on clear, actionable articles for teams building, operating, and modernizing workloads on AWS.
News
ACM ACME support turns certificate automation into a governance problem
AWS Certificate Manager now supports ACME for public certificates, giving teams a standard automation path while keeping domain control, audit, and policy centralized.
Bedrock managed entitlements make model access a platform control
Amazon Bedrock managed entitlements let organizations subscribe to marketplace models centrally and distribute access across accounts without broad AWS Marketplace permissions.
CloudFormation Express mode is about feedback loops, not just faster deploys
AWS CloudFormation Express mode shortens infrastructure iteration by completing after configuration is applied, but builders need clear guardrails for when stabilization still matters.
CloudFormation pre-deployment validation makes IaC failures cheaper
AWS CloudFormation and CDK pre-deployment validation now runs on stack operations, helping builders catch quota, Config, and ECR issues before failed deployments waste time.
Replicating S3 bucket configuration needs workflow discipline
AWS shows how Step Functions can replicate S3 bucket configuration across Regions, but builders should decide where automation ends and infrastructure as code should remain the source of truth.
Faster S3 access log queries make storage security more usable
AWS shows how CloudWatch and S3 Tables can make S3 access logs easier to query, which helps builders turn storage audit data into operational and security signals.
Lambda durable functions fit the messy middle of agent workflows
AWS Lambda durable functions give multi-agent and human-in-the-loop workflows checkpointing, replay, callbacks, and polling without forcing every team to assemble custom orchestration infrastructure.
Redshift multi-warehouse improvements reduce the analytics freshness trade-off
Amazon Redshift multi-warehouse enhancements improve materialized views, remote DDL, and concurrency scaling so analytics teams can separate ingestion and consumption more cleanly.
Secure ML environments need productivity and exfiltration controls together
An AWS architecture using SageMaker AI, VPC endpoints, DNS controls, and WorkSpaces Secure Browser shows how ML teams can protect sensitive data without returning to expensive air-gapped workflows.
S3 Storage Lens groups make storage cost conversations less generic
Amazon S3 Storage Lens groups help teams inspect storage by workload-specific criteria, making cost, lifecycle, and data hygiene work more actionable.
Running pgvector on Aurora is a production operations decision
AWS guidance on pgvector in Amazon Aurora PostgreSQL highlights that vector search is not only a model feature; it needs indexing, memory, partitioning, and observability discipline.
AWS Transform makes migration assessments more conversational, but data quality still wins
AWS Transform assessments use agentic AI to turn migration planning into an interactive business-case workflow, but builders still need inventory discipline and assumption control.
OpenSearch Serverless next generation changes the economics of tenant isolation
Amazon OpenSearch Serverless next-generation architecture makes collection-per-tenant search more practical with scale-to-zero compute and regional endpoint routing.
Restricting AWS Console access by network is a useful perimeter, not a complete identity strategy
AWS sign-in resource-based policies and resource control policies can restrict Management Console access to expected networks, adding a practical layer to data perimeter designs.
S3 Files makes Lambda file workflows simpler, but not automatically better
Amazon S3 Files lets Lambda functions work with S3-backed file paths instead of download-process-upload code, which can simplify workloads if teams understand consistency, throughput, and VPC implications.
EKS Auto Mode improvements show why managed Kubernetes is becoming operational engineering
Recent EKS Auto Mode runtime, compute, storage, and networking improvements reduce Kubernetes operational friction, but teams still need workload-level SLOs and migration discipline.
EKS control plane egress through your VPC closes a real private-cluster gap
Amazon EKS customer-routed control plane egress lets Kubernetes API server traffic use customer VPC routing, security controls, and private endpoints for webhooks and OIDC dependencies.
Lambda MicroVMs make isolated sandboxes a serverless design choice
AWS Lambda MicroVMs give builders a new option for running user-generated and AI-generated code with VM-level isolation, fast resume, and controlled lifecycle state.
Lambda runtime upgrades need campaigns, not reminders
AWS Transform custom can help teams upgrade Lambda runtimes at scale, but the durable improvement is treating runtime changes as governed modernization campaigns.
Before downsizing EC2, simulate the EBS burst budget
AWS shows how to simulate EBS burst credits before downsizing EC2 instances, a practical cost-optimization step that avoids turning compute savings into storage throttling.