In my case, I work at a large enterprise with strict data governance built into customer contracts, and (partly related, partly not) our own governance concerns. Using vendors where you not only have infosec permission, but they are also listed as data processors in our contracts with our customers is the way not to get fired and sued.
If I'm playing around at home, with my own code and data, I can do whatever I want. But with my employer and customer? Absolutely not. It's the same reason we don't use whatever is the flavor of the month frontier model is.
Side hustles and startups just have an entirely different set of constraints and considerations.
If you read the fine print, you'll notice something funny. You are largely responsible for data loss, SLA claims require you to present concrete evidence, and the remediation you accepted is usually credits for future spend on specifically the same product you lost your data on.
And AWS fine print is actually quite reasonable compared with, say, GCP, where the SLA seems mostly useful so the enterprise acquisition team can say "they have SLA, I can't get fired for choosing them since I did my due diligence!", while GCP can say "you already accepted the proposed remedy when signing the contract, sue us and we'll just point you to it. Thanks for your trust.". [0]
[0] https://docs.cloud.google.com/storage/docs/storage-classes
^ Standard multi-region or dual-region storage has a 99.95% availability SLA, regional Standard has 99.9%, and regional Nearline, Coldline, or Archive can be as low as 99.0%. The credits are 10%, 25%, or 50% of the monthly bill for the affected service tier, with 50% as the aggregate monthly cap, applied to future use. Google also says the customer must request the credit within 30 days or forfeit it.
I'm just tired of the 'everyone follows their immediate incentives while the system stays incoherent' as the de facto reality. I think shedding some light over the actual mechanics would maybe make someone consider 'perhaps we shouldn't allow our acquisition team just turn off their brain and choose the default to cover their bottoms; maybe vendors are worth more decision investment via actual thinking instead of performatively ending up on the default choice after a little ritualistic game of "eeny, meeny, miny, AWS"'.
I think it's worth pointing out that Jeff Bezos would fight this tooth and nail from happening in his companies. He popularised 'process as proxy'. Yet AWS as sold to external enterprises is the exact proxy Bezos warned against internally. Do what Bezos does, and even what Bezos preaches, just don't do by default what Bezos sells.
It is refreshing actually. They can accurately answer questions on how everything works and there is no subsubsubprocessors to worry about.
So the fact that Microsoft let remote hands-on-keyboards in the PRC fix problems on GCC-High Azure nodes used by DoD contractors doesn't matter, since they're too big to censure in any meaningful way without impacting tens of thousands of businesses that rely on them to get a letter that satisfies a compliance assessor.
Actually knowing what you're doing, or being able to critically assess the risks of using a specific provider, doesn't matter.
Also, this isn't about SLA at all.
OTOH, the other form is that instead of generic AI spend going up it is total spending for a particular AWS account within the umbrella of the firms AWS organization, so that the spending is attributed to a specific project whose use case, other costs, and (presumably) benefit and/or revenue can be considered.
Of course, if your AWS stuff is just one undifferentiated bucket, that’s a problem, but AFAICT AWS (like GCP) is much better set up for tracking use and costs by project than OpenAI (or Anthropic), because its an enterprise cloud provider where fitting into how large organizations track things at multiple levels is as much a core competency as any technical feature, whereas OpenAI and Anthropic are AI technology providers that are much less mature as enterprise vendors.
AWS could still be hacked, but they've taken some care to make it a bit less likely, a bit easier to track which customers affected etc. If you dig into AWS logging for example, there is a TON if you turn it on, you can really go back and see who did what to the permissions / environment etc. I imagine they've got pretty good logging of their staffs access to things as well. I had to jump through some hoops once to have their staff on my account.
It's easy to do blanket statements like "never choose azure", "avoid GCP at all cost" or "never again on AWS". Until real world comes your way and you are forced to deal with it.
That being said: I'd fire anyone choosing to deploy a workload on GCP.
I was shocked to realize how difficult it has been to have a GitHub CoPilot license on Azure. I mean, they're both Microsoft products. But no, the IT now has to figure out how to set up a GitHub enterprise, link to Azure subscription, and all that.
in a company of 12 you can do that by saying 'we're all generalists, just don't be an idiot'. In a company of 10,000, you hired Dave cause he's good at legal merger mumbo jumbo not because he's an IT generalist.
The list of compliance standards that AWS meets is so big they have a separate product just to deliver the compliance documents. They basically do everything imaginable.
1. Large companies tend to already have an existing relationship with AWS, which makes things way easier to go through vs. setting up a new vendor relationship 2. Large companies tend to have strong internal requirements about making sure that internal data stays under company control. With AWS Bedrock, you can be a lot more confident that what you're feeding into the models is not going to end up in someone's training set somewhere. For where I work, this requirement is a dealbreaker for going directly through OpenAI's API instead of going through AWS Bedrock.
It doesn't actually. The US can request data from whatever country US companies store it, and companies must comply.
So if you have strong requirements for data to stay in your country, using a US provider, whatever it is, is out of question no matter what the company's marketing claims (they are not maintaining these claims under oath for what it's worth: https://www.senat.fr/compte-rendu-commissions/20250609/ce_co... )
Curious to understand how AI will continue to grow if this is the trend. Assuming most valuable data is behind such firewalls. And whatever is public has been harvested, trained on top of whatever has been acquired illegally (this is a grey area).
Will it become a closed ecosystem without outside input?!
There probably is a point of “peak data” where the amount of new data will start decreasing, but that’s likely a 22nd or 24rd century problem.
Unless we’re producing data on the order of an entire new internet every couple of years, then it’s hard to see how LLMs can achieve further huge leaps in capability compared to training on effectively 0% of the internet vs 100% of the internet.
And individuals will loose motivation to share, because it wont be that pro-social activity anymore anyway.
They have access to a ridiculous amount of private customer data and so far have not shown any predilection to misusing that access.
There's zero reason to "trust" Amazon about anything. (And yes, I know the retail and AWS sides of the company are different, but it's still the same company. The same rot is always there, just shuffled around.)
every single retail company does this, they allow suppliers to sell the product using retails's infrastructure, and then retailer turns around and create private label products using sales data (Costco's Kirkland Signature, Walmart's Great Value, are just some examples)
They absolutely go out and find who can make the product and the quality and price they want. It’s not always an identical product to the brand name on the same shelf. Sometimes it displaces the brand name.
everything from amazon is coming from China, I dont understand why does a random person who resells stuff from Chinese factories via Amazon FBA feels entitled for exclusivity arrangement with Amazon?
Was such exclusivity encoded in some form of legally enforceable agreement ?
They are the only ones I trust not to do that so far. And their terms are extremely clear on that, no fuzzy language. Exactly what we want to see. So we use Bedrock.
Instead you trust your best friend because you have known them for 15 years and seen them in enough situations. It’s long term observation and predictability they ultimately gives trust.
AWS has been around 20 years and has never once shown a sign that that they would sell customer data. Could they still try? Sure, in the same way they my friend who hates seafood his entire life could suddenly flip 180 and love it. Yeah I guess it’s possible.
Also unlike Altman they are trustworthy - a lot of Amazon competitors do run on AWS for decades.
https://docs.aws.amazon.com/bedrock/latest/userguide/data-pr...
But it seems tremendously unlikely with how explicit they are being with it. It is clearly one of the top selling features for the service.
AWS isn’t going to risk their reputation, and thus huge chunks of their business, just so a few AI labs can get some extra training data. That’s an insane risk with zero upside for AWS. AWS knows full well they will make insane quantities of cash without breaking legal contracts with companies who pay them billions each year for infra.
So, as an example, if you use Codex through Bedrock, that’s a totally separate instance of Codex from anything you would be interfacing with if you directly used OpenAI’s API; if you use Codex via Bedrock, OpenAI never sees your data or prompts because they stay sandboxed in an ephemeral Bedrock instance. For many large enterprise deployments this hard boundary is a big big deal.
Over the past year, Claude being available via Bedrock and ChatGPT/Codex not being available via Bedrock has been a huge competitive advantage for Anthropic in the enterprise space.
Claude Code keeps omitting new features from people using it through Amazon Bedrock (e.g. auto mode, ultra plan, Claude for Chrome). Hopefully some more competition can get them to rethink their strategy.
For awhile now, I've had a api.anthropic.com emulator that "secretly" forwards requests to Amazon Bedrock. Works great and now I get all the nice first-party only features right away.
Anthropic models were quite literally the only viable serverless API (i.e. Bedrock) models on AWS. They didn't even bother releasing the recent Qwen 3.5/3.6 series. Combined with the token efficiency/ROI focus, I would really like to see how Antrhopic ends Q3.
Fond memories when only startups used S3 and EC2....
It's both an incredible triumph and tremendously sad that cloud providers are now the dinosaurs. So many companies are locked in, just as they were before. It's only going to get worse.
I wish the "cloud" was more fungible.
If they put in a global endpoint like with Claude (or OpenAI directly) then it’ll probably match the direct pricing, if the pattern holds.
(https://aws.amazon.com/bedrock/pricing/, scroll to OpenAI)
This explanation seems plausible to me.
Enterprises can focus on paying for AWS OpenAI models and get going.