Improving token efficiency in GitHub Agentic Workflows

If you’ve been experimenting with AI agents in your CI/CD pipelines, you’ve probably noticed something: those token counts add up fast. GitHub recently shared how they tackled this exact problem in their own production workflows, and the lessons are worth understanding whether you’re running agents on every pull request or planning to.

Agentic workflows—automated systems that use AI models to reason through tasks, make decisions, and take actions—have become a practical way to automate code review, testing, and deployment tasks. The problem is that each agent invocation can consume significant API tokens, especially when running on high-frequency events like pull requests. A small inefficiency in how you’re prompting your agents or structuring their context can multiply across thousands of runs, turning what seemed like a reasonable automation into an unexpectedly expensive bill. GitHub’s team discovered they were passing redundant information to their models, making unnecessary API calls, and regenerating context that could have been cached or reused. For a company running agents at scale, these inefficiencies weren’t just costly—they were slowing down feedback loops and adding latency to their development process.

Kubernetes v1.36: Server-Side Sharded List and Watch

Kubernetes clusters are getting bigger, and bigger clusters create bigger problems. When you’re running tens of thousands of nodes, controllers that need to watch resources like Pods start hitting a scaling wall. Every instance of a horizontally scaled controller receives the complete stream of events from the API server—and that’s expensive. Each replica deserves to deserialize every single object, even though most of them don’t belong to that replica’s slice of responsibility. This redundancy multiplies CPU, memory, and network costs across your entire control plane. Kubernetes v1.36 introduces server-side sharded list and watch to fix this inefficiency.

Validating agentic behavior when correct isn't deterministic

The challenge of validating AI agents cuts to the heart of modern development workflows. When GitHub Copilot or similar coding agents generate solutions, how do you know if they’re actually correct? Unlike traditional unit tests where inputs map to deterministic outputs, agentic systems can arrive at valid solutions through multiple legitimate paths. A function might be refactored differently, use alternative libraries, or follow different architectural patterns—all while being functionally correct. This ambiguity makes validation incredibly difficult, and it’s why many teams struggle to trust autonomous agents in their CI/CD pipelines.

The AWS MCP Server is now generally available

AWS has released the AWS MCP Server as a generally available service, marking a significant step in making AI agents and coding assistants more practical for enterprise AWS environments. If you’ve been following the evolution of AI tooling, you’ve probably noticed a growing gap: AI agents and coding assistants are getting smarter, but they often lack secure, authenticated access to your actual infrastructure. The AWS MCP Server fills that gap by implementing the Model Context Protocol (MCP)—an open standard that lets these AI tools safely interact with AWS services without requiring complex custom integrations.

Kubernetes v1.36: Declarative Validation Graduates to GA

If you’ve ever deployed a Kubernetes manifest and gotten a cryptic validation error, you’ve encountered the limitations of the old way Kubernetes validates your resources. With Kubernetes v1.36, Declarative Validation—a feature that’s been in beta for a while—has now reached General Availability. This might sound like an internal implementation detail, but it’s actually a meaningful shift in how Kubernetes handles validation, and it matters if you’re building reliable infrastructure.

Here’s what’s changed under the hood: traditionally, Kubernetes validation rules for native resources (like Pods, Services, and Deployments) were hardcoded directly into the API server using Go. This approach works, but it’s rigid and difficult to extend. Declarative Validation moves these rules into a declarative format called Common Expression Language (CEL) rules, which are stored alongside the resource definitions themselves. Think of it as shifting from validation logic buried in source code to validation rules that live in your OpenAPI schema. For you as a user, this means validation errors become clearer and more consistent across different tools. Instead of mysterious rejection messages, you’ll see exactly which field violated which rule and why. The validation rules are also now documented as part of the API spec, so tools like kubectl and the Kubernetes dashboard can surface that information directly.

Modernize your workflows: Amazon WorkSpaces now gives AI agents their own desktop (preview)

The gap between legacy systems and modern AI has always been one of the trickiest problems in enterprise automation. You’ve got decades-old desktop applications that run critical business processes, but they were never designed to talk to AI agents. Until now, bridging that gap meant either ripping and replacing the entire system or building custom integrations—both expensive and risky propositions. AWS is tackling this differently with a preview feature that lets AI agents operate desktop applications directly through Amazon WorkSpaces, the managed virtual desktop service. Instead of modernizing your backend, you’re giving the AI agent its own desktop environment to interact with applications the way a human would.

Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM

When you’re building AI systems or automation pipelines in the cloud, you’re making a fundamental bet: that your encryption keys—the digital equivalent of your master password—stay secure. Microsoft’s recent move to open-source the Azure Integrated HSM signals a shift in how cloud providers are approaching this problem. Rather than asking you to simply trust that keys are protected behind closed doors, Azure is pulling back the curtain. By open-sourcing the HSM (Hardware Security Module) design, Microsoft is letting security teams and researchers verify exactly how cryptographic trust flows from the silicon level all the way up through Azure services.

AWS Transform custom: Enterprise Code Modernization with the Learn-Scale-Improve Flywheel

There’s a fundamental difference between modernizing one codebase and modernizing fifty. When you’re dealing with a single repository, the challenge is mostly technical—you pick a tool, run it, review the output, and iterate. But at enterprise scale, the bottleneck shifts. You’re no longer asking “can we modernize this code?” but rather “how do we coordinate teams, share learnings, and maintain quality across hundreds of repositories while keeping velocity high?” AWS Transform custom addresses this reality by treating code modernization not as a one-time event, but as a continuous learning system.

Kubernetes v1.36: Pod-Level Resource Managers (Alpha)

Kubernetes v1.36 introduces Pod-Level Resource Managers as an alpha feature, marking a significant shift in how the platform handles resource allocation for performance-sensitive workloads. Previously, resource management policies in Kubernetes were set at the node level through kubelet configuration—a one-size-fits-all approach that often forced teams into uncomfortable compromises. The new feature allows you to define resource management strategies at the pod level, giving you granular control over CPU pinning, memory management, and topology-aware scheduling without requiring node-level changes or multiple kubelet configurations.

A Virtual Agent team at Docker: How the Coding Agent Sandboxes team uses a fleet of agents to ship faster

At Docker, the Coding Agent Sandboxes team (internally known as “sbx”) is solving a problem that’s becoming increasingly important as AI coding agents proliferate: how do you safely give autonomous AI agents the freedom to write, test, and deploy code without risking your host system? The answer is a fleet of lightweight, containerized sandboxes that provide each AI agent—whether it’s Claude Code, Gemini, Codex, Docker Agent, or Kiro—complete isolation with full autonomy. Think of it like giving each agent its own isolated development environment where it can do whatever it needs without consequences bleeding back to your infrastructure.

OpenAI's GPT-5.5 in Microsoft Foundry: Frontier intelligence on an enterprise ready platform

When a new frontier AI model becomes available, most developers ask the same question: can I actually use this in production? Microsoft’s announcement that OpenAI’s GPT-5.5 is now generally available through Microsoft Foundry answers that with a clear yes. This isn’t just about access to cutting-edge AI—it’s about getting enterprise-grade infrastructure, compliance tooling, and support wrapped around it. For teams building agents and automation workflows on Azure, this means you can now deploy GPT-5.5 with the same reliability and governance frameworks you’d use for mission-critical applications.

Kubernetes v1.36: In-Place Vertical Scaling for Pod-Level Resources Graduates to Beta

The Kubernetes community has reached another milestone with v1.36: In-Place Pod-Level Resources Vertical Scaling is now graduating to Beta status and enabled by default. If you’ve been following the feature’s journey through earlier versions, this represents a meaningful step toward stability. For those new to the concept, this feature addresses one of Kubernetes’ long-standing operational challenges—adjusting CPU and memory requests and limits for running pods without forcing a restart. Previously, if you realized a pod needed more resources, you had to terminate it and redeploy it with new specifications, causing service interruption. In-place vertical scaling eliminates that painful workflow.

GitHub Copilot CLI for Beginners: Interactive v. non-interactive mode

GitHub Copilot CLI is an AI-powered tool that brings code suggestions directly to your terminal. Instead of switching between your code editor and documentation, you can describe what you need and get intelligent command suggestions right where you’re working. It integrates with your shell environment and uses natural language processing to understand your intent—whether you need a complex AWS CLI command, a Python one-liner, or a system administration task. For teams managing cloud infrastructure or building automation scripts, this can significantly reduce context-switching and the time spent hunting through documentation.

Kubernetes v1.36: Tiered Memory Protection with Memory QoS

Memory management has always been one of the trickier aspects of running containers at scale. You set resource requests and limits, hope nothing goes wrong, and then debug mysterious OOM (out-of-memory) kills at 3 AM. Kubernetes v1.36 is making this situation materially better with significant updates to Memory QoS, a feature that’s been evolving since v1.22. The new tiered memory protection system gives the Linux kernel much more nuanced guidance about which containers deserve memory when resources get tight, moving beyond the blunt instrument of hard limits.

Top announcements of the What's Next with AWS, 2026

AWS just wrapped their What’s Next event with three major announcements that signal where enterprise AI is heading. If you’re building on AWS or planning to, these updates deserve your attention because they’re reshaping how teams integrate AI into their workflows and operations.

The headline grab is Amazon Quick, a new AI assistant designed specifically for work. Think of it as AWS’s answer to the enterprise AI assistant problem—it’s built to understand context across your AWS environment, internal tools, and documentation. What makes it technically interesting is the desktop app approach combined with expanded integrations. Rather than forcing everything through a chat interface, Quick can natively connect to your existing tools and APIs. For a development team, this means asking Quick to help debug CloudFormation templates, explain your architecture decisions, or even scaffold boilerplate code without bouncing between windows. Under the hood, this likely leverages foundational models through Amazon Bedrock with retrieval-augmented generation (RAG) to pull context from your actual infrastructure and documents. The practical win here is reduced context-switching and faster onboarding for teams learning your specific setup.

Kubernetes v1.36: Staleness Mitigation and Observability for Controllers

If you’ve ever debugged a Kubernetes controller that mysteriously took the wrong action at the worst possible time, you’ve probably encountered staleness. Staleness happens when a controller makes decisions based on outdated information about your cluster’s state. A controller might read that a pod exists, but by the time it acts on that information, the pod has already been deleted. Or it might see an old version of a ConfigMap and roll out stale configuration to your services. These race conditions are notoriously difficult to catch during testing because they depend on precise timing—they often only surface under production load, after they’ve already caused damage.

Microsoft Discovery: Advancing agentic R&D at scale

Microsoft has expanded preview access to Microsoft Discovery, a new set of enterprise-grade AI capabilities designed specifically for research and development teams. This platform brings autonomous AI agents into the R&D workflow, allowing teams to automate complex, iterative processes that typically require significant manual effort. For organizations managing large-scale research projects—whether in pharmaceuticals, materials science, or software development—this represents a meaningful shift in how teams can approach experimentation and data analysis.

Kubernetes v1.36: Mutable Pod Resources for Suspended Jobs (beta)

Kubernetes v1.36 is promoting a useful feature to beta: the ability to modify container resource requests and limits while a Job is suspended. If you’re managing workloads at scale, this sounds like a niche feature—but it solves a real operational headache. Previously, once you created a Job with specific CPU and memory requests, those values were locked in. If you needed to adjust resources before the job ran, you had to delete and recreate it. Now you can modify the pod template of a suspended Job, adjust CPU, memory, GPU, and custom resources, then resume it without losing your place in the queue or restarting from scratch.

AWS Weekly Roundup: Anthropic & Meta partnership, AWS Lambda S3 Files, Amazon Bedrock AgentCore CLI, and more (April 27, 2026)

This week’s AWS announcements showcase a continued push toward making AI development more accessible and practical for enterprise teams. The major highlights—including a strategic partnership between Anthropic and Meta, new Lambda integrations for S3, and expanded Bedrock tooling—signal AWS’s focus on reducing friction in the AI development lifecycle. For teams building on AWS, these updates mean fewer workarounds and more direct paths from experimentation to production.

The Anthropic and Meta partnership represents a significant shift in how foundational models are being integrated into AWS services. Rather than competing in isolation, these companies are aligning to improve model accessibility and interoperability across platforms. From a technical standpoint, this means AWS customers will have more options when selecting which AI models power their applications through Amazon Bedrock. If you’re currently locked into a single model provider, this partnership creates leverage—you can test multiple models against the same workload without rebuilding your integration layer. The practical benefit? Better price negotiation, model redundancy for reliability, and the ability to choose the best tool for specific tasks (like Claude for complex reasoning or Meta’s models for cost-sensitive applications).

Introducing GPT-5.5

OpenAI just released GPT-5.5, their latest large language model, and it’s worth paying attention to if you’re building with AI in the cloud. This model improves on previous versions with better speed and reasoning capabilities, particularly for tasks that require sustained focus like writing production code, analyzing datasets, and conducting research. If you’ve been experimenting with GPT-4 or Claude, GPT-5.5 represents a meaningful step forward in handling the kind of complex, multi-step problems you actually encounter in real projects.

Kubernetes v1.36: Fine-Grained Kubelet API Authorization Graduates to GA

Kubernetes v1.36 marks an important milestone for cluster security: fine-grained kubelet API authorization has reached General Availability (GA). This feature, which began as an alpha experiment in v1.32 and moved to beta in v1.33, is now production-ready and will be enabled by default in new clusters. For teams managing Kubernetes at scale, this graduation matters because it gives you precise control over who can do what on individual nodes—closing a significant security gap that’s existed in Kubernetes for years.

Highlights from Git 2.54

Git 2.54 is the latest stable release of the distributed version control system that powers most modern development workflows. For anyone working with infrastructure automation, AI model repositories, or cloud deployments, understanding what’s new in Git can directly impact your productivity and how you manage code across teams. GitHub recently published their analysis of the most significant features and improvements in this release, offering insights into changes that affect daily development practices.

Speeding up agentic workflows with WebSockets in the Responses API

Agent-based systems have transformed how we think about automation in the cloud. Instead of rigid workflows, agents can reason through problems, take actions, and adapt based on results. But there’s a catch: traditional REST APIs introduce latency overhead that compounds with each agent step. OpenAI’s recent work on WebSocket support in the Responses API tackles this head-on by maintaining persistent connections and caching context across agent loops. For teams building autonomous systems—whether that’s code generation pipelines, customer service agents, or data processing workflows—this optimization can mean the difference between a system that feels responsive and one that feels sluggish.

Gateway API v1.5: Moving features to Stable

The Kubernetes ecosystem just got a significant stability boost. On March 14, 2026, the Kubernetes SIG Network community released Gateway API v1.5—a milestone release that graduates several experimental features into stable, production-ready status. If you’re running Kubernetes clusters and managing ingress traffic, this is worth paying attention to. Gateway API represents the next generation of how Kubernetes handles north-south traffic (traffic entering and leaving your cluster), moving beyond the older Ingress API with a more flexible, role-based design.

Automating Incident Investigation with AWS DevOps Agent and Salesforce MCP Server

Every minute counts during a production incident. While your team scrambles to understand what’s happening, customers are already noticing the outage. Traditional incident response relies on manual investigation—jumping between monitoring dashboards, checking logs, reviewing configuration changes, and updating ticket systems. AWS DevOps Agent, developed in collaboration with Salesforce, streamlines this process by automating the investigation phase, allowing teams to diagnose problems faster and keep stakeholders informed automatically.

At its core, AWS DevOps Agent combines two key technologies working together. The agent itself is an autonomous system that can investigate AWS infrastructure issues by accessing CloudWatch logs, EC2 instances, and other AWS services on your behalf. The Salesforce MCP (Model Context Protocol) Server acts as a bridge, allowing the agent to read and update incident information directly in Salesforce Service Cloud. When an incident is detected, instead of a human opening multiple tabs and manually gathering information, the agent begins investigating immediately. It searches relevant logs, identifies recent changes in your environment, checks resource utilization metrics, and correlates these findings into a coherent incident narrative—all while automatically updating your Salesforce ticket with findings and status.

AWS Weekly Roundup: Claude Opus 4.7 in Amazon Bedrock, AWS Interconnect GA, and more (April 20, 2026)

This week brings several significant updates across AWS’s AI, networking, and infrastructure services. Claude Opus 4.7 is now available in Amazon Bedrock alongside new connectivity options and security enhancements. If you’re building multi-model AI applications, managing hybrid cloud infrastructure, or concerned about quantum-safe encryption, there’s something here worth your attention.

Claude Opus 4.7 and the 1M Token Context Window

Anthropic’s Claude Opus 4.7 is now available through Amazon Bedrock, bringing meaningful improvements for developers building AI agents. The headline feature is the 1 million token context window—roughly equivalent to 750,000 words. Technically, this means you can pass an entire codebase, lengthy documentation, or months of conversation history in a single API call without token limits becoming a constraint. The model also ships with improved agentic coding capabilities, meaning it can write, debug, and refactor code with better accuracy than previous versions. Practically, this matters for teams building code analysis tools, documentation chatbots, or multi-step automation workflows. Instead of chunking documents into 100K token segments and making multiple API calls, you can now process large datasets in parallel, reducing latency and complexity in your application logic.

Building an emoji list generator with the GitHub Copilot CLI

GitHub recently demonstrated a practical example of AI-assisted development during their Rubber Duck Thursday stream: building an emoji list generator using the GitHub Copilot CLI. While emoji generators might sound like a novelty, the underlying technique reveals something genuinely useful for developers working with APIs, data transformation, and rapid prototyping. The Copilot CLI lets developers ask natural language questions directly from the terminal, turning the command line into an interactive problem-solving partner without leaving your workflow.

AWS Interconnect is now generally available, with a new option to simplify last-mile connectivity

AWS just announced the general availability of two interconnectivity services that address a real problem many organizations face: connecting infrastructure across multiple cloud providers securely and efficiently. If you’ve ever struggled with the complexity of establishing private connections between your AWS environment and resources on Azure, Google Cloud, or your own data center, these new tools are worth understanding.

At its core, AWS Interconnect – multicloud does something straightforward: it creates managed private connectivity between your Amazon VPC and VPCs on other cloud providers without routing traffic over the public internet. Technically, this builds on AWS’s existing Direct Connect infrastructure, but extends it to work with other clouds. Instead of configuring VPN tunnels manually or dealing with the complexity of peering agreements, you get a managed service that handles the heavy lifting. The new AWS Interconnect – last mile component addresses the “final stretch” problem—that expensive and often complicated last connection from your on-premises network or regional office to the AWS network itself. Rather than paying for expensive dedicated lines or dealing with carrier provisioning delays, last mile gives you a more straightforward way to establish these high-speed connections.

How GitHub uses eBPF to improve deployment safety

When you’re managing deployments across thousands of services, one subtle bug can cascade into a production outage. GitHub recently shared how they’re using eBPF (extended Berkeley Packet Filter) to catch one particularly nasty class of problems: circular dependencies in their deployment tooling. This technique represents a practical evolution in how infrastructure teams can observe and prevent failures before they happen.

At its core, eBPF is a technology that lets you run sandboxed programs inside the Linux kernel without modifying kernel code or loading kernel modules. Think of it as a safe way to insert observability hooks directly where the action happens—at the system level where processes communicate, make network calls, and access files. GitHub’s team used eBPF to instrument their deployment pipeline and trace the dependency relationships between services in real time. By hooking into system calls and tracking which services attempt to load or depend on which other services, they could build a live map of deployment dependencies. When the eBPF program detected a circular path (Service A depends on B, B depends on C, C depends on A), it could immediately flag the issue and prevent the problematic deployment from proceeding.

Introducing Anthropic's Claude Opus 4.7 model in Amazon Bedrock

Last week, AWS announced the availability of Claude Opus 4.7, Anthropic’s latest and most capable model in the Opus family, now accessible through Amazon Bedrock. This release marks a meaningful step forward in accessible enterprise AI, particularly for teams working with AWS infrastructure. Claude Opus 4.7 is optimized for tasks requiring deep reasoning and complex problem-solving—think multi-step coding projects, autonomous agent workflows, and professional analysis where accuracy matters. What makes this launch notable isn’t just the model itself, but how it’s integrated into Bedrock’s infrastructure, which AWS has rebuilt specifically for generative AI workloads.

Build a personal organization command center with GitHub Copilot CLI

GitHub recently shared how one of their engineers built a personal organization command center—essentially a custom CLI tool that acts as a single entry point for managing tasks, calendar events, and project work. The project is a great example of how modern AI tools like GitHub Copilot CLI can accelerate development of internal productivity tools that would’ve taken significantly longer to build manually. Rather than spending weeks writing boilerplate code and debugging command parsing, the engineer leveraged Copilot to scaffold the project structure, handle common patterns, and solve specific problems interactively.

The next evolution of the Agents SDK

OpenAI just released significant updates to their Agents SDK that address one of the biggest pain points in building production AI agents: security and execution isolation. If you’re working with autonomous agents that need to interact with files, databases, or external tools over extended periods, this update is worth your attention.

The core improvement centers on native sandbox execution. Previously, when you built an agent that needed to run code or access files, you had to handle isolation yourself—spinning up containers, managing permissions, cleaning up resources. It was workable but added complexity and potential security vulnerabilities. The updated SDK now provides built-in sandboxing, meaning your agent’s code runs in an isolated environment by default. Think of it like running Python scripts in a restricted subprocess, but handled automatically by the framework. This matters because agents that run unattended need hard guarantees that they can’t accidentally (or maliciously) access data outside their scope.

Troubleshooting environment with AI analysis in AWS Elastic Beanstalk

AWS Elastic Beanstalk has long been a go-to platform for developers who want to deploy web applications without getting bogged down in infrastructure management. You push your code, and Elastic Beanstalk handles the heavy lifting—provisioning capacity, configuring load balancers, scaling instances, and monitoring health. But even with all this automation, things still break. Your application might be consuming too much memory, your database connections could be pooling incorrectly, or environment configuration issues might be silently degrading performance. Historically, tracking down these problems meant digging through logs, comparing metrics against baselines, and making educated guesses. AWS has now added AI Analysis to this toolset, bringing automated troubleshooting directly into the Elastic Beanstalk console.

AWS Weekly Roundup: Claude Mythos Preview in Amazon Bedrock, AWS Agent Registry, and more (April 13, 2026)

As AI models move from experimental side projects into critical business workflows, teams face a hard reality: cost visibility becomes non-negotiable. AWS is addressing this squeeze with several new releases that acknowledge the practical challenges of scaling AI workloads. The Claude Mythos preview in Amazon Bedrock, combined with the new AWS Agent Registry, represents a meaningful shift toward production-ready AI infrastructure rather than just raw model access.

The Claude Mythos preview is important because it demonstrates how foundation models are evolving beyond size and capability metrics into specialized variants optimized for real constraints. When you’re running inference at scale—say, processing thousands of support tickets or analyzing document batches—the difference between a general-purpose model and one tuned for your specific task can mean the difference between a sustainable operation and cost overruns that catch your finance team off guard. Mythos reportedly focuses on improved efficiency in particular domains, which technically means better token-to-output ratios and lower latency for common patterns. For your Python workflows calling Bedrock’s API, this translates to more predictable costs and faster response times without architectural changes.

Kubernetes v1.36 Sneak Peek

Kubernetes v1.36 is arriving in late April 2026, and the community is gearing up for another significant release cycle. Like every major version bump, this one brings the usual mix of removals, deprecations, and new features—but this time, the enhancement list is notably substantial. If you’re managing containerized workloads in production or exploring Kubernetes for the first time, understanding what’s coming helps you plan upgrades and adjust your automation strategies accordingly.

Securely connect AWS DevOps Agent to private services in your VPCs

AWS DevOps Agent represents a meaningful shift in how teams handle operational tasks across distributed infrastructure. Rather than jumping between monitoring dashboards, ticketing systems, and cloud consoles, you get an AI-powered teammate that understands your entire stack—AWS, multicloud, and on-premises systems included. The agent proactively identifies incidents before they impact users, suggests optimizations based on real performance data, and handles routine SRE work like log analysis and root cause investigation. If you’re managing complex deployments where context switching kills productivity, this tool addresses a real pain point.

Launching S3 Files, making S3 buckets accessible as file systems

Amazon S3 has always presented developers with a choice: use object storage for its scalability and cost benefits, or switch to traditional file systems when you need interactive file access. S3 Files bridges this gap by mounting S3 buckets directly as file systems on EC2 instances, Lambda functions, and other AWS compute resources. This means you can now access objects in S3 using standard file operations—ls, cat, grep, mv—without building custom APIs or managing separate storage infrastructure.

GitHub Copilot CLI for Beginners: Getting started with GitHub Copilot CLI

If you’ve been working in the terminal lately, you’ve probably noticed how much time goes into remembering syntax, debugging commands, and looking up documentation. GitHub Copilot CLI brings the AI-assisted coding experience you might know from the editor directly into your command line, making it easier to construct complex commands, understand error messages, and automate repetitive tasks—without constantly switching between your terminal and browser windows.

At its core, GitHub Copilot CLI uses the same foundation as other Copilot products: a large language model trained on vast amounts of code and documentation that understands context and intent. When you describe what you want to accomplish in natural language—say, “find all Python files modified in the last week”—the CLI translates that into the appropriate command for your system, whether that’s Linux, macOS, or Windows. It works by analyzing your description, considering your current shell environment, and generating shell commands that match your intent. You maintain full control: the tool shows you what it’s about to run, and you approve or modify commands before execution.

GitHub Copilot CLI combines model families for a second opinion

If you’ve ever asked a colleague to review your bash command or SQL query, you understand the value of a second perspective. GitHub has introduced a similar concept into Copilot CLI through a feature called Rubber Duck—a way to get multiple AI viewpoints on the same problem. Instead of relying on a single model’s suggestion, Rubber Duck leverages different model families to cross-check and validate proposed solutions before you run them in production.

Running Agents on Kubernetes with Agent Sandbox

The way we build AI applications is fundamentally changing. For years, the dominant pattern was simple: send a prompt to an AI model, get a response back, move on. But that era is ending. We’re shifting toward something more sophisticated—AI agents that can think, plan, and take actions over extended periods. This transition creates new architectural challenges, especially around deployment and resource management. That’s where running agents on Kubernetes with Agent Sandbox comes in.

Streamlining Cloud Compliance at GoDaddy Using CDK Aspects

At scale, managing cloud compliance feels like herding cats. Every team deploys resources differently, security rules get forgotten, and suddenly you’re auditing hundreds of stacks to find resources missing required tags or using the wrong encryption settings. GoDaddy faced exactly this problem—and solved it with AWS CDK Aspects, a feature that applies organization-wide policies automatically across your entire infrastructure as code.

CDK Aspects work by implementing the Visitor pattern to traverse your infrastructure constructs and enforce standards before resources are deployed. Think of them as automated compliance checkpoints that run during the synthesis phase. When you define a CDK Aspect, you write code that inspects every construct in your stack—from S3 buckets to RDS databases—and either validates that it meets your requirements or modifies it to comply. For example, you could create an Aspect that checks every S3 bucket has default encryption enabled, or automatically adds cost-tracking tags to all resources. The key advantage: these rules apply consistently across all your stacks, no matter which team deployed them or when they were created.

Amazon S3 Files: making S3 buckets accessible as file systems

AWS just launched S3 Files, a feature that turns S3 buckets into fully accessible file systems for compute resources. If you’ve ever dealt with the friction of copying data between S3 and file-based applications, this is the kind of update that changes your workflow fundamentally. S3 Files delivers a shared file system interface on top of S3, combining the scalability, durability, and cost-effectiveness of object storage with the semantics applications expect from a traditional file system.

Amazon Bedrock Guardrails supports cross-account safeguards with centralized control and management

If you’ve been working with Amazon Bedrock to build generative AI applications, you’ve likely had to think about safety controls. The question of how to enforce consistent guardrails across multiple projects and AWS accounts just got easier. AWS has made organizational safeguards generally available in Amazon Bedrock Guardrails, which means you can now define safety policies once and apply them across your entire AWS Organization. This is a meaningful shift for teams managing AI applications at scale, moving from scattered, account-specific controls to a unified governance model.

Run multiple agents at once with /fleet in Copilot CLI

The GitHub Copilot CLI just got a powerful new capability: the /fleet command. Instead of running one agent at a time to solve a problem, you can now dispatch multiple agents in parallel to work on different parts of your task simultaneously. This is a meaningful shift in how you can interact with AI-assisted development—from sequential, single-threaded assistance to concurrent, distributed problem-solving. If you’ve ever wished you could have Copilot work on multiple files or components at the same time, /fleet is designed for exactly that scenario.

Autonomous Incident Response: How AWS DevOps Agent Brings Agentic AI to Your Operations

The operational challenge is familiar to anyone running distributed systems: when something breaks, the information you need is scattered across logs, metrics, deployment pipelines, and dozens of monitoring dashboards. You spend precious minutes just gathering context before you can even start troubleshooting. AWS DevOps Agent aims to change this by bringing agentic AI directly into your incident response workflow—an always-on operations teammate that can investigate, correlate data, and take action without waiting for human intervention.

Microsoft takes on AI rivals with three new foundational models

Microsoft has just announced three new foundational AI models, marking a significant move in its competition against other major players in the artificial intelligence space. These models were released by MAI following the group’s establishment just six months ago. The announcement demonstrates Microsoft’s commitment to developing diverse AI capabilities rather than relying solely on large language models like those powering ChatGPT.

The three new models cover important use cases across different data types. One model handles speech-to-text transcription, converting spoken audio into written text with high accuracy. A second model focuses on audio generation, enabling systems to create spoken content programmatically. The third model tackles image generation, allowing developers to create visual content through code. For IT professionals and developers, this means more options for integrating multimodal AI capabilities into applications without depending on external vendors or third-party APIs.