AWS Morning Brief Welcome to re:Invent, Where the Roadmap Is Made Up and the Quotas Don't Matter
Dec 1, 2025
This week, fascinating topics include dynamic data masking for Aurora PostgreSQL, enhancing security without data duplication. CloudFront introduces mutual TLS support for edge-level authentication, ideal for B2B and IoT applications. There's a humorous take on EC2’s interruptible capacity reservations, raising questions about their function. Corey critiques AWS's approach to closing the AI value gap and dissects zero-ETL claims for Amazon Redshift. The discussion also highlights Route 53’s enhanced recovery and praises Compute Optimizer's recommendations for idle NAT gateways.
AI Snips
Chapters
Transcript
Episode notes
Column-Level Masking Arrives For Aurora Postgres
- Dynamic data masking for Aurora PostgreSQL finally provides column-level protection at query runtime without duplicating data.
- Corey Quinn highlights this as long-overdue enterprise functionality that avoids maintaining many DB copies.
Mutual TLS At The Edge Is Now Free
- CloudFront adding mutual TLS at the edge gives free client authentication useful for B2B APIs and IoT fleets.
- Corey notes compliance teams will appreciate proper client auth once teams implement mTLS.
Interruptible Capacity Reservations Raise Questions
- EC2 interruptible capacity reservations are confusing and feel like spot instances with extra organizational steps.
- Corey expresses uncertainty about whether this genuinely simplifies capacity planning or just adds complexity.