E

Emiliano Montesdeoca

Cloud Solutions Team Lead & Community Builder

Emiliano is an Uruguayan-Spanish software developer and community advocate based in Tenerife, Canary Islands. He specializes in architecting scalable cloud solutions and translates real-world cloud, AI, and platform engineering work into practical guidance for builders. On The AWS Blog, he focuses on clear, actionable articles for teams building, operating, and modernizing workloads on AWS.

// posts by Emiliano Montesdeoca 20 posts

News

ACM ACME support turns certificate automation into a governance problem

AWS Certificate Manager now supports ACME for public certificates, giving teams a standard automation path while keeping domain control, audit, and policy centralized.

awsacmtlssecurity

Bedrock managed entitlements make model access a platform control

Amazon Bedrock managed entitlements let organizations subscribe to marketplace models centrally and distribute access across accounts without broad AWS Marketplace permissions.

awsbedrockaigovernance

CloudFormation Express mode is about feedback loops, not just faster deploys

AWS CloudFormation Express mode shortens infrastructure iteration by completing after configuration is applied, but builders need clear guardrails for when stabilization still matters.

awscloudformationiacdevops

CloudFormation pre-deployment validation makes IaC failures cheaper

AWS CloudFormation and CDK pre-deployment validation now runs on stack operations, helping builders catch quota, Config, and ECR issues before failed deployments waste time.

awscloudformationcdkdevops

Replicating S3 bucket configuration needs workflow discipline

AWS shows how Step Functions can replicate S3 bucket configuration across Regions, but builders should decide where automation ends and infrastructure as code should remain the source of truth.

awss3step-functionsdisaster-recovery

Faster S3 access log queries make storage security more usable

AWS shows how CloudWatch and S3 Tables can make S3 access logs easier to query, which helps builders turn storage audit data into operational and security signals.

awss3cloudwatchsecurity

Lambda durable functions fit the messy middle of agent workflows

AWS Lambda durable functions give multi-agent and human-in-the-loop workflows checkpointing, replay, callbacks, and polling without forcing every team to assemble custom orchestration infrastructure.

awslambdaserverlessai

Redshift multi-warehouse improvements reduce the analytics freshness trade-off

Amazon Redshift multi-warehouse enhancements improve materialized views, remote DDL, and concurrency scaling so analytics teams can separate ingestion and consumption more cleanly.

awsredshiftanalyticsdata-engineering

Secure ML environments need productivity and exfiltration controls together

An AWS architecture using SageMaker AI, VPC endpoints, DNS controls, and WorkSpaces Secure Browser shows how ML teams can protect sensitive data without returning to expensive air-gapped workflows.

awssagemakermachine-learningsecurity

S3 Storage Lens groups make storage cost conversations less generic

Amazon S3 Storage Lens groups help teams inspect storage by workload-specific criteria, making cost, lifecycle, and data hygiene work more actionable.

awss3cost-optimizationstorage

Running pgvector on Aurora is a production operations decision

AWS guidance on pgvector in Amazon Aurora PostgreSQL highlights that vector search is not only a model feature; it needs indexing, memory, partitioning, and observability discipline.

awsaurorapostgresqlpgvector

AWS Transform makes migration assessments more conversational, but data quality still wins

AWS Transform assessments use agentic AI to turn migration planning into an interactive business-case workflow, but builders still need inventory discipline and assumption control.

awsmigrationmodernizationaws-transform

OpenSearch Serverless next generation changes the economics of tenant isolation

Amazon OpenSearch Serverless next-generation architecture makes collection-per-tenant search more practical with scale-to-zero compute and regional endpoint routing.

awsopensearchsearchserverless

Restricting AWS Console access by network is a useful perimeter, not a complete identity strategy

AWS sign-in resource-based policies and resource control policies can restrict Management Console access to expected networks, adding a practical layer to data perimeter designs.

awssecurityiamorganizations

S3 Files makes Lambda file workflows simpler, but not automatically better

Amazon S3 Files lets Lambda functions work with S3-backed file paths instead of download-process-upload code, which can simplify workloads if teams understand consistency, throughput, and VPC implications.

awslambdas3serverless

EKS Auto Mode improvements show why managed Kubernetes is becoming operational engineering

Recent EKS Auto Mode runtime, compute, storage, and networking improvements reduce Kubernetes operational friction, but teams still need workload-level SLOs and migration discipline.

awsekskubernetescontainers

EKS control plane egress through your VPC closes a real private-cluster gap

Amazon EKS customer-routed control plane egress lets Kubernetes API server traffic use customer VPC routing, security controls, and private endpoints for webhooks and OIDC dependencies.

awsekskubernetesnetworking

Lambda MicroVMs make isolated sandboxes a serverless design choice

AWS Lambda MicroVMs give builders a new option for running user-generated and AI-generated code with VM-level isolation, fast resume, and controlled lifecycle state.

awslambdaserverlesssecurity

Lambda runtime upgrades need campaigns, not reminders

AWS Transform custom can help teams upgrade Lambda runtimes at scale, but the durable improvement is treating runtime changes as governed modernization campaigns.

awslambdamodernizationdeveloper-tools

Before downsizing EC2, simulate the EBS burst budget

AWS shows how to simulate EBS burst credits before downsizing EC2 instances, a practical cost-optimization step that avoids turning compute savings into storage throttling.

awsec2ebscost-optimization
Share:
View source code for this author page on GitHub ↗