GenerativeAI

What it really takes to run AI workloads on AWS

A surprising number of AI platforms begin life with a question that sounds reasonable in a standup and catastrophic in a postmortem, something along the lines of “Can we just stick a GPU behind an API?” You can. You probably shouldn’t. AI workloads are not ordinary web services wearing a thicker coat. They behave differently, fail differently, scale differently, and cost differently, and an architecture that ignores those differences will eventually let you know, usually on a Sunday.

This article is not about how to train a model. It is about building an AWS architecture that can host AI workloads safely, scale them reliably, and keep the monthly bill within shouting distance of the original estimate.

Why AI workloads change the architecture conversation

Treating an AI workload as “the same thing, but with bigger instances” is a classic and very expensive mistake. Inference latency matters in milliseconds. Accelerator choice (GPU, Trainium, Inferentia) affects both performance and invoice. Traffic spikes are unpredictable because humans, not schedulers, trigger them. Model lifecycle and data lineage become first-class design concerns. Governance stops being a compliance checkbox and becomes the seatbelt that keeps sensitive information from ending up inside a prompt log.

Put differently, AI adds several new axes of failure to the usual cloud architecture, and pretending otherwise is how teams rediscover the limits of their CloudWatch alerting at 3 am.

Start with the use case, not the model

Before anyone opens the Bedrock console, the first design decision should be the business problem. A chatbot for internal knowledge, a document summarization pipeline, a fraud detection scorer, and an image generation service have almost nothing in common architecturally, even if they all happen to involve transformer models.

From the use case, derive the architectural drivers (latency budget, throughput, data sensitivity, availability target, model accuracy requirements, cost ceiling). These drivers decide almost everything else. The opposite workflow, picking the infrastructure first and then seeing what it can do, is how you end up with a beautifully optimized cluster solving a problem nobody asked about.

Choosing your AI path on AWS

AWS offers several paths, and they are not interchangeable. A rough guide.

Amazon Bedrock is the right choice when you want managed foundation models, guardrails, agents, and knowledge bases without running the model infrastructure yourself. Good for teams that want to ship features, not operate GPUs.

Amazon SageMaker AI is the right choice when you need more control over training, deployment, pipelines, and MLOps. Good for teams with ML engineers who enjoy that sort of thing. Yes, they exist.

AWS accelerator-based infrastructure (Trainium, Inferentia2, SageMaker HyperPod) is the right choice when cost efficiency or raw performance at scale becomes the dominant constraint, typically for custom training or large-scale inference.

The common mistake here is picking the most powerful option by default. Bedrock with a sensible model is usually cheaper to operate than a custom SageMaker endpoint you forgot to scale down over Christmas.

The data foundation comes first

AI systems are a thin layer of cleverness on top of data. If the data layer is broken, the AI will be confidently wrong, which is worse than being uselessly wrong because people tend to believe it.

Answer the unglamorous questions first. Where does the data live? Who owns it? How fresh does it need to be? Who can see which parts of it? For generative AI workloads that use retrieval, add more questions. How are documents chunked? What embedding model is used? Which vector store? What metadata accompanies each chunk? How is the index refreshed when the source changes?

A poor data foundation produces a poor AI experience, even when the underlying model is state of the art. Think of the model as a very articulate intern; it will faithfully report whatever you put in front of it, including the typo in the policy document from 2019.

Designing compute for reality, not for demos

Training and inference are not the same workload and should rarely share the same architecture. Training is bursty, expensive, and tolerant of scheduling. Inference is steady, latency-sensitive, and intolerant of downtime. A single “AI cluster” that tries to do both tends to be bad at each.

For inference, focus on right-sizing, dynamic scaling, and high availability across AZs. For training, focus on ephemeral capacity, checkpointing, and data pipeline throughput. For serving large models, consider whether Bedrock’s managed endpoints remove enough operational burden to justify their pricing compared to self-hosted inference on EC2 or EKS with Inferentia2.

And please, autoscale. A fixed-size fleet of GPU instances running at 3% utilization is a monument to optimism.

Treating inference as a production workload

Many AI articles spend chapters on models and a paragraph on serving them, which is roughly the opposite of how the effort is distributed in real projects. Inference is where the workload meets reality, and reality brings concurrency, timeouts, thundering herds, and users who click the retry button like they are trying to start a stubborn lawnmower.

Plan for all of it. Set timeouts. Configure throttling and quotas. Add rate limiting at the edge. Use exponential backoff. Put circuit breakers between your application tier and your AI tier so a slow model does not take the whole product down. AWS explicitly recommends rate limiting and throttling as part of protecting generative AI systems from overload, and they recommend it because they have seen what happens without it.

Protecting inference is not mainly about safety. It is about surviving the traffic spike after your launch gets a mention somewhere popular.

Separating application, AI, and data responsibilities

A quietly important architectural point is that the AI tier should not share an account, an IAM boundary, or a blast radius with the application that calls it. AWS security guidance increasingly points toward separating the application account from the generative AI account. The reasoning is simple: the consequences of a mistake in prompt construction, data retrieval, or model output are different from the consequences of a mistake in, say, a shopping cart service, and they deserve different controls.

Think of it as the organizational version of not keeping your passport in the same drawer as your house keys. If one goes missing, the other is still where it should be.

Security and guardrails from day one

AI-specific controls sit on top of the usual cloud security hygiene (IAM least privilege, encryption at rest and in transit, VPC endpoints, logging, data classification). On top of that, you need approved model catalogues so teams cannot quietly wire up any foundation model they saw on Hacker News, prompt governance with templates and input validation and logging policies that do not accidentally store sensitive data forever, output filtering for harmful content and PII leakage and jailbreak attempts, and clear data classification policies that decide which data is allowed to reach which model.

For Bedrock-based systems, Amazon Bedrock Guardrails offer configurable safeguards for harmful content and sensitive information. They are not magic, but they save a surprising amount of custom work, and custom work in this area tends to age badly.

Governance is not bureaucracy. Governance is what lets your AI feature get through a security review without being rewritten twice.

Protecting the retrieval layer when you use RAG

Retrieval-augmented generation is often described as “LLM plus documents”, which is technically true and practically misleading. A production RAG system involves ingestion pipelines, embedding generation, a vector store, metadata design, and ongoing synchronization with source systems. Each of those is a place where things can quietly go wrong.

One specific point is worth emphasizing. User identity must propagate to the retrieval layer. If Alice asks a question, the knowledge base should only return chunks Alice is allowed to see. AWS guidance recommends enforcing authorization through metadata filtering so users only get results they have access to. Without this, your RAG system will happily summarize the CFO’s compensation memo for the summer intern, which is the sort of thing that gets architectures shut down by email.

Observability goes beyond CPU and memory

Traditional observability (CPU, memory, latency, error rates) is necessary but insufficient for AI workloads. For these systems, you also want to track model quality and drift over time, retrieval quality (are the right chunks being returned?), prompt behavior and common failure modes, token usage per request and per tenant and per feature, latency per model and not just per service, and user feedback signals, with thumbs-up and thumbs-down being the cheapest useful telemetry ever invented.

Amazon Bedrock provides evaluation capabilities, and SageMaker Model Monitor covers drift and model quality in production. Use them. If you run your own inference, budget time for custom metrics, because the default dashboards will tell you the endpoint is healthy right up until users stop trusting its answers.

AI operations is not a different discipline. It is mature operations thinking applied to a stack where “the service works” and “the service is useful” are two different statements.

Cost optimization belongs in the first draft

Cost should be a design constraint, not a debugging session six weeks after launch. The biggest levers, roughly in order of impact.

Model choice. Smaller models are cheaper and often good enough. Not every feature needs the largest frontier model in the catalogue.

Inference mode. Real-time endpoints, batch inference, serverless inference, and on-demand Bedrock invocations have wildly different cost profiles. Match the mode to the traffic pattern, not the other way around.

Autoscaling policy. Scale to zero where possible. Keep the minimum capacity honest.

Hardware choice. Inferentia2 and Trainium are positioned specifically for cost-effective ML deployment, and they often deliver on that positioning.

Batching. Batching inference requests can dramatically improve throughput per dollar for workloads that tolerate small latency increases.

A common failure mode is the impressive prototype with the terrifying monthly bill. Put cost targets in the design document next to the latency targets, and revisit both before go-live.

Close with an operating model, not just a diagram

An architecture diagram is the opening paragraph of the story, not the whole book. What makes an AI platform sustainable is the operating model around it (versioning, CI/CD or MLOps/LLMOps pipelines, evaluation suites, rollback strategy, incident response, and clear ownership between platform, data, security, and application teams).

AWS guidance for enterprise-ready generative AI consistently stresses repeatable patterns and standardized approaches, because that is what turns successful experiments into durable platforms rather than fragile demos held together by one engineer’s tribal knowledge.

What separates a platform from a demo

Preparing a cloud architecture for AI on AWS is not mainly about buying GPU capacity. It is about designing a platform where data, models, security, inference, observability, and cost controls work together from the start. The teams that do well with AI are not the ones with the biggest clusters; they are the ones who took the boring parts seriously before the interesting parts broke.

If your AI architecture is running quietly, scaling predictably, and costing roughly what you expected, congratulations, you have done something genuinely difficult, and nobody will notice. That is always how it goes.

April 22, 2026 by Fernando SRE Cloud stuff

How AI transformed cloud computing forever

When ChatGPT emerged onto the tech scene in late 2022, it felt like someone had suddenly switched on the lights in a dimly lit room. Overnight, generative AI went from a niche technical curiosity to a global phenomenon. Behind the headlines and excitement, however, something deeper was shifting: cloud computing was experiencing its most significant transformation since its inception.

For nearly fifteen years, the cloud computing model was a story of steady, predictable evolution. At its core, the concept was revolutionary yet straightforward, much like switching from owning a private well to relying on public water utilities. Instead of investing heavily in physical servers, businesses could rent computing power, storage, and networking from providers like AWS, Google Cloud, or Azure. It democratized technology, empowering startups to scale into global giants without massive upfront costs. Services became faster, cheaper, and better, yet the fundamental model remained largely unchanged.

Then, almost overnight, AI changed everything. The game suddenly had new rules.

The hardware revolution beneath our feet

The first transformative shift occurred deep inside data centers, a hardware revolution triggered by AI.

Traditionally, cloud servers relied heavily on CPUs, versatile processors adept at handling diverse tasks one after another, much like a skilled chef expertly preparing dishes one by one. However AI workloads are fundamentally different; training AI models involves executing thousands of parallel computations simultaneously. CPUs simply weren’t built for such intense multitasking.

Enter GPUs, Graphics Processing Units. Originally designed for video games to render graphics rapidly, GPUs excel at handling many calculations simultaneously. Imagine a bustling pizzeria with a massive oven that can bake hundreds of pizzas all at once, compared to a traditional restaurant kitchen serving dishes individually. For AI tasks, GPUs can be up to 100 times faster than standard CPUs.

This demand for GPUs turned them into high-value commodities, transforming Nvidia into a household name and prompting tech companies to construct specialized “AI factories”, data centers built specifically to handle these intense AI workloads.

The financial impact businesses didn’t see coming

The second seismic shift is financial. Running AI workloads is extremely costly, often 20 to 100 times more expensive than traditional cloud computing tasks.

Several factors drive these costs. First, specialized GPU hardware is significantly pricier. Second, unlike traditional web applications that experience usage spikes, AI model training requires continuous, heavy computing power, often 24/7, for weeks or even months. Finally, massive datasets needed for AI are expensive to store and transfer.

This cost surge has created a new digital divide. Today, CEOs everywhere face urgent questions from their boards: “What is our AI strategy?” The pressure to adopt AI technologies is immense, yet high costs pose a significant barrier. This raises a crucial dilemma for businesses: What’s the cost of not adopting AI? The potential competitive disadvantage pushes companies into difficult financial trade-offs, making AI a high-stakes game for everyone involved.

From infrastructure to intelligent utility

Perhaps the most profound shift lies in what cloud providers actually offer their customers today.

Historically, cloud providers operated as infrastructure suppliers, selling raw computing resources, like giving people access to fully equipped professional kitchens. Businesses had to assemble these resources themselves to create useful services.

Now, providers are evolving into sellers of intelligence itself, “Intelligence as a Service.” Instead of just providing raw resources, cloud companies offer pre-built AI capabilities easily integrated into any application through simple APIs.

Think of this like transitioning from renting a professional kitchen to receiving ready-to-cook gourmet meal kits delivered straight to your door. You no longer need deep culinary skills, similarly, businesses no longer require PhDs in machine learning to integrate AI into their products. Today, with just a few lines of code, developers can effortlessly incorporate advanced features such as image recognition, natural language processing, or sophisticated chatbots into their applications.

This shift truly democratizes AI, empowering domain experts, people deeply familiar with specific business challenges, to harness AI’s power without becoming specialists in AI themselves. It unlocks the potential of the vast amounts of data companies have been collecting for years, finally allowing them to extract tangible value.

The Unbreakable Bond Between Cloud and AI

These three transformations, hardware, economics, and service offerings, have reinvented cloud computing entirely. In this new era, cloud computing and AI are inseparable, each fueling the other’s evolution.

Businesses must now develop unified strategies that integrate cloud and AI seamlessly. Here are key insights to guide that integration:

Integrate, don’t reinvent: Most businesses shouldn’t aim to create foundational AI models from scratch. Instead, the real value lies in effectively integrating powerful, existing AI models via APIs to address specific business needs.
Prioritize user experience: The ultimate goal of AI in business is to dramatically enhance user experiences. Whether through hyper-personalization, automating tedious tasks, or surfacing hidden insights, successful companies will use AI to transform the customer journey profoundly.

Cloud computing today is far more than just servers and storage, it’s becoming a global, distributed brain powering innovation. As businesses move forward, the combined force of cloud and AI isn’t just changing the landscape; it’s rewriting the very rules of competition and innovation.

The future isn’t something distant, it’s here right now, and it’s powered by AI.

June 7, 2025 by Fernando SRE Cloud stuff Computer Science stuff

SRE in the age of generative AI

Imagine this: you’re a seasoned sailor, a master of the seas, confident in navigating any storm. But suddenly, the ocean beneath your ship becomes a swirling vortex of unpredictable currents and shifting waves. Welcome to Site Reliability Engineering (SRE) in the age of Generative AI.

The shifting tides of SRE

For years, SREs have been the unsung heroes of the tech world, ensuring digital infrastructure runs as smoothly as a well-oiled machine. They’ve refined their expertise around automation, monitoring, and observability principles. But just when they thought they had it all figured out, Generative AI arrived, turning traditional practices into a tsunami of new challenges.

Now, imagine trying to steer a ship when the very nature of water keeps changing. That’s what it feels like for SREs managing Generative AI systems. These aren’t the predictable, rule-based programs of the past. Instead, they’re complex, inscrutable entities capable of producing outputs as unpredictable as the weather itself.

Charting unknown waters, the challenges

The black box problem

Think of the frustration you feel when trying to understand a cryptic message from someone close to you. Multiply that by a thousand, and you’ll begin to grasp the explainability challenge in Generative AI. These models are like giant, moody teenagers, powerful, complex, and often inexplicable. Even their creators sometimes struggle to understand them. For SREs, debugging these black-box systems can feel like trying to peer into a locked room without a key.

Here, SREs face a pressing need to adopt tools and practices like ModelOps, which provide transparency and insights into the internal workings of these opaque systems. Techniques such as SHAP (Shapley Additive Explanations) and LIME (Local Interpretable Model-agnostic Explanations) are becoming increasingly important for addressing this challenge.

The fairness tightrope

Walking a tightrope while juggling flaming torches, that’s what ensuring fairness in Generative AI feels like. These models can unintentionally perpetuate or even amplify societal biases, transforming helpful tools into unintentional discriminators. SREs must be constantly vigilant, using advanced techniques to audit models for bias. Think of it like teaching a parrot to speak without picking up bad language, seemingly simple but requiring rigorous oversight.

Frameworks like AI Fairness 360 and Explainable AI are vital here, giving SREs the tools to ensure fairness is baked into the system from the start. The task isn’t just about keeping the models accurate, it’s about ensuring they remain ethical and equitable.

The hallucination problem

Imagine your GPS suddenly telling you to drive into the ocean. That’s the hallucination problem in Generative AI. These systems can occasionally produce outputs that are convincingly wrong, like a silver-tongued con artist spinning a tale. For SREs, this means ensuring systems not only stay up and running but that they don’t confidently spout nonsense.

SREs need to develop robust monitoring systems that go beyond the typical server loads and response times. They must track model outputs in real-time to catch hallucinations before they become business-critical issues. For this, leveraging advanced observability tools that monitor drift in outputs and real-time hallucination detection will be essential.

The scalability scramble

Managing Generative AI models is like trying to feed an ever-growing, always-hungry giant. Large language models, for example, are resource-hungry and demand vast computational power. The scalability challenge has pushed even the most hardened IT professionals into a constant scramble for resources.

But scalability is not just about more servers; it’s about smarter allocation of resources. Techniques like horizontal scaling, elastic cloud infrastructures, and advanced resource schedulers are critical. Furthermore, AI-optimized hardware such as TPUs (Tensor Processing Units) can help alleviate the strain, allowing SREs to keep pace with the growing demands of these AI systems.

Adapting the sails, new approaches for a new era

Monitoring in 4D

Traditional monitoring tools, which focus on basic metrics like server performance, are now inadequate, like using a compass in a magnetic storm. In this brave new world, SREs are developing advanced monitoring systems that track more than just infrastructure. Think of a control room that not only shows server loads and response times but also real-time metrics for bias drift, hallucination detection, and fairness checks.

This level of monitoring requires integrating AI-specific observability platforms like OpenTelemetry, which offer more comprehensive insights into the behavior of models in production. These tools give SREs the ability to manage the dynamic and often unpredictable nature of Generative AI.

Automation on steroids

In the past, SREs focused on automating routine tasks. Now, in the world of GenAI, automation needs to go further, it must evolve. Imagine self-healing, self-evolving systems that can detect model drift, retrain themselves, and respond to incidents before a human even notices. This is the future of SRE: infrastructure that can adapt in real time to ever-changing conditions.

Frameworks like Kubernetes and Terraform, enhanced with AI-driven orchestration, allow for this level of dynamic automation. These tools give SREs the power to maintain infrastructure with minimal human intervention, even in the face of constant change.

Testing in the Twilight Zone

Validating GenAI systems is like proofreading a book that rewrites itself every time you turn the page. SREs are developing new testing paradigms that go beyond simple input-output checks. Simulated environments are being built to stress-test models under every conceivable (and inconceivable) scenario. It’s not just about checking whether a system can add 2+2, but whether it can handle unpredictable, real-world situations.

New tools like DeepMind’s AlphaCode are pushing the boundaries of testing, creating environments where models are continuously challenged, ensuring they perform reliably across a wide range of scenarios.

The evolving SRE, part engineer, part data Scientist, all superhero

Today’s SRE is evolving at lightning speed. They’re no longer just infrastructure experts; they’re becoming part data scientist, part ethicist, and part futurist. It’s like asking a car mechanic to also be a Formula 1 driver and an environmental policy expert. Modern SREs need to understand machine learning, ethical AI deployment, and cloud infrastructure, all while keeping production systems running smoothly.

SREs are now a crucial bridge between AI researchers and the real-world deployment of AI systems. Their role demands a unique mix of skills, including the wisdom of Solomon, the patience of Job, and the problem-solving creativity of MacGyver.

Gazing into the crystal ball

As we sail into this uncharted future, one thing is clear: the role of SREs in the age of Generative AI is more critical than ever. These engineers are the guardians of our AI-powered future, ensuring that as systems become more powerful, they remain reliable, fair, and beneficial to society.

The challenges are immense, but so are the opportunities. This isn’t just about keeping websites running, it’s about managing systems that could revolutionize industries like healthcare and space exploration. SREs are at the helm, steering us toward a future where AI and human ingenuity work together in harmony.

So, the next time you chat with an AI that feels almost human, spare a thought for the SREs behind the scenes. They are the unsung heroes ensuring that our journey into the AI future is smooth, reliable, and ethical. In the age of Generative AI, SREs are not just reliability engineers, they are the navigators of our digital destiny.

October 1, 2024 by Fernando SRE DevOps stuff SRE stuff