AWS Summit Hamburg 2025 Summary
12 June 2025
Germany's AWS Summit usually took place in Berlin around May and June. But this year, it was held in Hamburg π³οΈ for the first time. The event was a great experience as always, and with each year, I feel like I benefit from it more and more efficiently. Apparently, in the new venue they gathered way more guests but I didn't feel it - it felt just as usual. The only thing that was worse was the amount of drink fridges π§ - in Berlin they were easily accessible almost at every corner. But I'm not here to bore you with logistic details, we are here for the important stuff. This year, I took part in four sessions and one special roundtable discussion.
How to build scalable platforms with Amazon EKS
The first talk I attended was about platform engineering on EKS. I don't know if it was too high level for me or I was just too excited about the summit and couldn't focus, but the only thing I remember is that there's a new tool called Kubernetes Resource Orchestrator (kro) that creates sort of pipelines or step-by-step orchestrations that abstract k8s resources (in kro's documentation it is called resource graphs). With that you can create copies of those graphs for different environments. That way we can create such a resource graph for a developer, so that they don't deploy raw YAML files (with for example ReplicaSet).
Keynote
This year the focus of the Summit was not Generative AI anymore (finally!), but rather use cases of AWS Services in different industries - whether it's robotics, machinery, warehouse or even game dev. It was also visible in the venues that were split into sections. I remember that last year there were also dedicated sections for startups or industrial applications but this year they seemed much larger and prominent. So from Gen-AI marketing we moved towards practical applications!
Another large part of the keynote was dedicated to AWS European Sovereign Cloud (especially in the context of Germany). As far as I know, it will be a completely independent company that will only license intellectual property from Amazon Web Services, Inc. similar to China. They would even focus to hire local EU citizens.
From service announcements, there wasn't much. S3 Metadata? Aurora DSQL multi-region?
Moving Web Analytics off of BigQuery into Redshift
This talk was mostly about access control and types of data that can be shared for different teams. There are three tiers of data: bronze, that means raw data, silver, which is somewhat cleaned and enriched with other sources, and lastly gold, which is materialized view of the data that is ready to create for example graphs and dashboards. To each tier we can also apply a different role in the company: bronze is for data analysts who try to make sense of all these unstructured blobs, silver is for data engineers who can process it for further use, and gold is for the business person who can but not necessarily know SQL, yet definitely knows how to do PowerPoint. Obviously, bronze tier is kept inside a data lake π, and gold one in a data warehouse π.
Enhancing Protein Structure Prediction at Merck with AlphaFold and AWS
Just as I don't know Kubernetes, I know even less about protein folding π§¬. But out of sheer curiosity I wanted to try to learn something new. The talk wasn't too much biology, but rather running AlphaFold on AWS. I know that they needed a lot of GPU power to run AlphaFold itself and a lot of CPU power and disk IO to perform Multiple Sequence Alignment (MSA) on the huge database of proteins. To save on costs and increase performance, they split each task into a separate AWS Batch job with a different instance type. Because this product is targeted toward scientists and not software engineers, they have created a simple serverless frontend using Lambda, API Gateway, DynamoDB, and CloudFront, and implemented SES for asynchronous notification when the job is done. This way they sped up the process of searching for new proteins significantly.
Furthermore, one of the speakers also mentioned new use case for Generative AI in this field, namely Protein Language Models. Although it is a fresh concept, it is a promising alternative to AlphaFold that can be easier to use, with increased accuracy and lower cost.
Amazon VPC: Advanced design and whatβs new
This was overview of the latest developments in AWS Networking. There's a lot of things to mention so I will just list the most important ones (for me π) with a short summary:
Security Groups and VPC Security
SGs are now a construct not within a VPC but within an account. They are also shareable using Resource Access Manager (RAM), so for example IT Security team can create a set of security groups with best practices. Security Groups can be now referenced also via Transit Gateway and across regions (previously only within VPC Peering in the same region). A new feature for VPC was introduced: block public access - either ingress only or bidirectional - with that you can create an isolated VPC environment.
Load balancers and PrivateLink
Network Load Balancers support dual-stack UDP traffic. TCP connections can now be forced to time out when the connection is idle for too long. Because of the update to the NLB, PrivateLink now also support UDP but the targets have to be IPv6. This sounds like a little push for us to finally start using IPv6 because it is the future after all (and this blog post confirms it).
Moreover, PrivateLink can now be used to expose VPC-based resources such as RDS databases or ElastiCache clusters using a new construct called Resource Gateway. VPC Endpoints are then associated to one Resource Configuration which can also be shared using RAM. Last but not least, PrivateLink is now cross-region.
VPC Lattice
VPC Lattice can now also connect to ECS tasks and services, as well as can bind to Resource Gateways from above.
CloudWAN
Direct Connect can be now plugged into CloudWAN segments directly, skipping
Transit Gateway. What is more, inspection VPCs (see: what Gateway Load Balancer
is used for) can be now used between CloudWAN segments. With new actions in
Network Function Groups (send-via
and send-to
), you can control the flow of
the traffic between segments and attached resources. To inspect egress Internet
traffic, you can use send-to
action, while for intra- or inter-segment use
send-via
.
This blog post contains
a lot of interesting examples.
"A secret meeting" - roundtable discussion
Before the Summit, I got a survey from AWS Customer Research that asked me about how I use AWS services day to day. I answered it and because my profile matched someone they needed feedback from, I was invited to a roundtable session with several other people that represented different types of users. I really enjoyed the session where we could share our experiences from the topics of Cloud Infrastructure, Security, Data Analytics, AI and Migration. It was a pretty long one (1,5 hours) but at least I finally got into a room with air conditioning π. Thanks Shawn!
Summary
I really enjoyed the talks I attended, both those I understood well, and those I had no idea what they were about. I could have run around the venue collecting swag π but this time I decided to avoid this vanity. I still have a huge box of plastics that I never use, look at or think about. I still have plenty of stickers, but because many of them are just one of each type, I have this fear of placing them on a wrong place and thus wasting them π . And on the other hand I don't want leave residue on my pretty Starlight MacBook (just ordered a clear skin for it, so I can place billions of stickers on it without regrets).
However, the most important thing is to meet old buddies and meet new people, I never met before, I met but had no time to talk, or I had them in LinkedIn connections since forever but never had a chance to meet in person. Truly they made this event special and worth attending. I remember my first AWS Summit where I didn't know anyone and was just roaming around for ten hours, collecting swag, talking to some AWS employees and that's it. Now as a Community Builder, I am always sure I will meet some familiar face and not feel alone π₯².