--- title: "Agents, Plugins, and AgentCore: AWS Has an AI Naming Problem" id: "15338" type: "newsletter" slug: "agents-plugins-and-agentcore-aws-has-an-ai-naming-problem" published_at: "2026-02-23T14:30:00+00:00" modified_at: "2026-02-23T14:30:00+00:00" url: "https://www.lastweekinaws.com/newsletter/agents-plugins-and-agentcore-aws-has-an-ai-naming-problem/" markdown_url: "https://www.lastweekinaws.com/newsletter/agents-plugins-and-agentcore-aws-has-an-ai-naming-problem.md" excerpt: "I spend most of my time telling companies they're spending too much money on AWS. But here's the dirty secret: most of them don't even know what they're spending money on. That's the actual problem. Duckbill is building Skyway —..." --- About the Author Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure. Sign up for the Newsletter Stay up to date on the latest AWS news, opinions, and tools, all lovingly sprinkled with a bit of snark. "*" indicates required fields ## [Good Morning](https://www.lastweekinaws.com/newsletter/) ! I spend most of my time telling companies they’re spending too much money on AWS. But here’s the dirty secret: most of them don’t even know what they’re spending money on. That’s the actual problem. Duckbill is building Skyway — software that makes enterprise cloud bills legible to the humans who are theoretically responsible for them. When you’re spending $200 million a year on AWS, “what are we paying for” shouldn’t be a philosophical question, but for most companies it absolutely is. We’re hiring in San Francisco. If you want to build software that turns the world’s most incomprehensible invoices into something a CFO can look at without weeping, come [join us](https://www.duckbillhq.com/careers) . ## Things I Found on the Internet Running a multi-node k3s cluster and tired of every node pulling the same images from upstream? Ellie (my friend, and yours) wrote up [how Spegel turns your nodes into a BitTorrent-style p2p registry](https://ellie.wtf/notes/spegel/) , so images get shared locally via Kademlia DHT. One flag and a config file. The bandwidth savings alone make this worth your time. More to the point, it’s worth my time for my home k3s cluster; thanks Ellie. I’ve talked to enough people who have shipped SaaS products on the AWS marketplace to know this pain is real. Siddharth walks through [the race condition hiding in the subscription flow](https://sidshome.wordpress.com/2026/02/16/the-aws-marketplace-race-condition-nobody-warns-you-about/) and offers a clean “event sourcing lite” fix. Four products’ worth of scar tissue, distilled nicely. My colleague Mike Julian wrote [a piece on why FinOps is solving the wrong problem](https://www.duckbillhq.com/blog/finops-is-solving-the-wrong-problem/) (https://www.duckbillhq.com/blog/finops-is-solving-the-wrong-problem/), and I think he nailed it. Nobody loses sleep over a big cloud bill. They lose sleep over a cloud bill they can’t explain, predict, or control. The complexity is the disease; high spend is just a symptom. Look, I’m biased here for obvious reasons, but I’m genuinely proud of what we’ve been building. Mike and I spent years learning what breaks at nine-to-ten-figure cloud scale, and now we’re turning that into software. [GeekWire has the full story](https://www.geekwire.com/2026/cloud-and-aws-cost-consultant-duckbill-expands-to-software-raises-7-75m-for-new-skyway-platform/) on Skyway, our $7.75M raise, and why predicting cloud costs matters more than shrinking them. Mark Atwood wrote [a brutally honest post-mortem](https://www.linkedin.com/pulse/what-happened-amazon-dont-put-down-drone-how-founders-mark-atwood-uh7bf/?trackingId=h46s4%2BY7TeqD0W62kLKH6Q%3D%3D) on how Amazon’s innovation engine died. The core argument: Bezos confused “made my vision real” with “has vision,” and the zero-cost-of-failure contract that powered everything quietly broke when growth slowed. Anyone managing founder succession should read this twice. ## What AWS Has For Us This Time [Amazon Bedrock expands support for AWS PrivateLink](https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-bedrock-expands-aws-privatelink-support-openai-api-endpoints/) Bedrock now lets you privately access OpenAI-compatible API endpoints via PrivateLink, powered by something called “Project Mantle.” Because what Bedrock really needed was another geological metaphor and a compatibility layer that lets you pretend you’re calling OpenAI while actually paying AWS prices. The AWS naming committee (motto: “Proudly Crap Since 2005”) remains undefeated. [AWS CloudWatch Alarm Mute Rules eliminate alert fatigue](https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-cloudwatch-alarm-muting-rules) Finally, a legitimate solution to the problem every ops team has been solving with duct tape and cron jobs since 2015. Muting up to 100 alarms is nice, sure, but the real feature is “automatically triggered as long as the alarm remains in the same state.” Translation: your 3 AM pages are merely deferred, not eliminated. And yes, I’m fully aware that “set up alarms, then make sure they don’t go off” sounds like an insane anti-pattern. [Amazon EC2 supports nested virtualization on virtual Amazon EC2 instances](https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-ec2-nested-virtualization-on-virtual) VMs inside VMs inside AWS. It’s turtles all the way down, and every turtle has its own hourly billing rate. Previously you needed bare metal instances for this, which is AWS-speak for “the expensive ones.” Now you can nest on virtual instances too, so your inception-style architecture dreams can finally come true for slightly less money. I would like to know more about this feature. [Announcing Amazon DocumentDB long-term support (LTS) on 5.0](https://aws.amazon.com/about-aws/whats-new/2026/02/announcing-amazon-documentdb-5-0-long-term-support) Amazon Basics MongoDB gets long-term support, which in AWS parlance means “we promise to stop breaking your database for a while.” I’m frankly surprised they didn’t just start charging you extra after a new version comes out, like the RDS jackals do. MongoDB compatibility with the stability of not actually being MongoDB – honestly, that might be the most compelling pitch they’ve ever made. [AWS Certificate Manager updates default certificate validity to comply with new guidelines](https://aws.amazon.com/about-aws/whats-new/2026/02/aws-certificate-manager-updates-default/) Certificate validity periods just got cut in half to comply with CA/Browser Forum rules. Credit where it’s due, and a stick in the eye of folks who responded to [my take on exportable certs](https://www.lastweekinaws.com/blog/aws-certificate-manager-has-announced-exportable-tls-certificates-and-im-mostly-okay-with-it/) back when they dropped: ACM actually reduced pricing on exportable certs proportionally, which is the kind of thing I’d normally assume was a typo. Auto-renewal handles everything, so no action required. Ops folks catch a rare break. [Claude Sonnet 4.6 now available in Amazon Bedrock](https://aws.amazon.com/about-aws/whats-new/2026/02/claude-sonnet-4.6-available-in-amazon-bedrock/) I feel like I’ve been too rough on AWS’s crapass naming over the years now that Anthropic’s version naming and numbering has lapped AWS’s own services in confusing the piss out of everyone. “Approaches Opus 4.6 intelligence at a lower cost” is doing Olympic-level heavy lifting in that marketing copy. Translation: it’s the cheaper one they actually want you to use at volume so your Bedrock bill can quietly purchase Anthropic’s next funding round. [Kiro is now available in AWS GovCloud (US) Regions](https://aws.amazon.com/about-aws/whats-new/2026/02/kiro-launch-aws-govcloud-us/) Government contractors can now use Kiro, AWS’s agentic AI IDE (AIDE?), in GovCloud regions, because if there’s one thing classified workloads need, it’s an AI agent autonomously generating code and connecting to databases. I’m sure the security review for that was a real breezy afternoon. [Amazon EC2 Hpc8a Instances powered by 5th Gen AMD EPYC processors are now available](https://aws.amazon.com/blogs/aws/amazon-ec2-hpc8a-instances-powered-by-5th-gen-amd-epyc-processors-are-now-available/) 192 cores per instance and only two regions to run them in. Nothing screams “high performance computing” like hoping your workload is geographically compatible with Ohio or Stockholm (What do those have in common? One strongly evokes “being kidnapped and held hostage,” while the other is in Sweden). The 40% performance boost over Hpc7a is genuinely impressive, though I suspect the pricing page will deliver its own kind of shock simulation. [Introducing VPC encryption controls: Enforce encryption in transit within and across VPCs in a Region | AWS News Blog](https://aws.amazon.com/blogs/aws/introducing-vpc-encryption-controls-enforce-encryption-in-transit-within-and-across-vpcs-in-a-region/) This came out last year, with a fun caveat: it’s free until… next week. This is just a nonsense charge; “enforce VPC encryption” is a great checkbox solution, but charging 15¢ per hour, per VPC to do it is just absurd, and reeks of Day 2 thinking. Once again, customers are being asked to consider whether they want to use AWS, or pay extra for a secure version of AWS. [Migrating from AWS App Runner to Amazon ECS Express Mode](https://aws.amazon.com/blogs/containers/migrating-from-aws-app-runner-to-amazon-ecs-express-mode/) Pouring one out for App Runner, the service that existed just long enough to prove AWS will absolutely ship a product, sunset it, and tell you the replacement is better anyway. I wonder what execs they managed to hire away from Google to make this possible. ECS Express Mode is basically App Runner wearing a trench coat pretending to be a grown-up service while exposing itself to strangers on the city bus. Migration guide included, therapy not. [Introducing Agent Plugins for AWS](https://aws.amazon.com/blogs/developer/introducing-agent-plugins-for-aws/) “Just type ‘deploy to AWS’ and the agent handles everything” is doing a lot of heavy lifting. Open source plugins that recommend AWS services, generate CDK, and estimate costs – so now your AI coding assistant is also your solutions architect, except it works for free and never tries to upsell you on a support contract. Apropos of absolutely nothing, it’s all over the news that AWS took [two outages caused by AI tools,](https://arstechnica.com/ai/2026/02/an-ai-coding-bot-took-down-amazon-web-services/) which at first I didn’t believe, but then I read the statements that AWS PR gave and now I absolutely believe it happened like the articles say they did. Great work, corporate comms team. [Build unified intelligence with Amazon Bedrock AgentCore](https://aws.amazon.com/blogs/machine-learning/build-unified-intelligence-with-amazon-bedrock-agentcore/) They named their internal sales tool CAKE, which is adorable until you realize it’s stitching together Neptune, DynamoDB, OpenSearch, and Redshift just so a sales rep can prep for a meeting. Now that it’s public they’re likely going to ignore actual problems and instead focus on making names wors; they’re gonna rename CAKE to DUMPY. [Reduce unexpected AWS costs: Tracing AWS billing charges with log correlation techniques](https://aws.amazon.com/blogs/networking-and-content-delivery/reduce-unexpected-aws-costs-tracing-aws-billing-charges-with-log-correlation-techniques/) Love that AWS published a four-step methodology for figuring out why your bill is wrong. In any other industry, this would be called “a receipt.” Instead you need VPC Flow Logs, Route 53 query logs, CUR 2.0, and Athena just to answer “what cost $1,200?” The mystery is the product. True story: about a year ago I chatted off the record with a distinguished engineer in AWS’s networking group and asked what magic tools they REALLY had to diagnose network issues. The answer was… exactly the tools mentioned in this post, and now I’m sad that they’re not living in the future, but rather here in the gutters with the rest of us. … and that’s what happened ***Last Week in AWS.*** ## You might also like [More Newsletter Issues](https://www.lastweekinaws.com/newsletter/) Issue No.468 ### [Multicloud Interconnect and the Great CVE Hunt](https://www.lastweekinaws.com/newsletter/multicloud-interconnect-and-the-great-cve-hunt/) [Read More about Multicloud Interconnect and the Great CVE Hunt](https://www.lastweekinaws.com/newsletter/multicloud-interconnect-and-the-great-cve-hunt/) Issue No.467 ### [S3 Files and an AI-Powered Singing Rat Trap](https://www.lastweekinaws.com/newsletter/s3-files-and-an-ai-powered-singing-rat-trap/) [Read More about S3 Files and an AI-Powered Singing Rat Trap](https://www.lastweekinaws.com/newsletter/s3-files-and-an-ai-powered-singing-rat-trap/) Issue No.466 ### [S3 Gets Vectors, CloudFront Gets SHA-256, You Get the Bill](https://www.lastweekinaws.com/newsletter/s3-gets-vectors-cloudfront-gets-sha-256-you-get-the-bill/) [Read More about S3 Gets Vectors, CloudFront Gets SHA-256, You Get the Bill](https://www.lastweekinaws.com/newsletter/s3-gets-vectors-cloudfront-gets-sha-256-you-get-the-bill/) Issue No.465 ### [Aurora PostgreSQL: Now Free Enough to Be Dangerous](https://www.lastweekinaws.com/newsletter/aurora-postgresql-now-free-enough-to-be-dangerous/) [Read More about Aurora PostgreSQL: Now Free Enough to Be Dangerous](https://www.lastweekinaws.com/newsletter/aurora-postgresql-now-free-enough-to-be-dangerous/)