The Last IT Guy
Or: Why AWS Is Windows NT, and AI Agents Don’t Need Your Managed Services
It’s 5 PM on a Friday, and I’m staring at an RDS console that won’t tell me anything useful.
The last CTO chose a 32-bit integer for the primary key of our busiest table. In 2025. A 2.1-billion-row timebomb, planted in the foundation and left for someone else to find.
That someone is me. I’m not the CTO. I’m the Head of AI. But when the counter overflows and the app goes down, titles don’t matter. Someone has to fix it, and here I am, running an ALTER TABLE ... ALTER COLUMN ... TYPE bigint on a production PostgreSQL instance behind AWS RDS while the interactions table refuses to accept new writes.
The fix itself is plain, any second-year CS student knows the difference between a 32-bit and a 64-bit integer. The problem is that I can’t see anything. PostgreSQL doesn’t expose per-index progress during an ALTER TYPE rewrite. No pg_stat_progress view covers it. That’s a known gap. It’s been discussed on pgsql-hackers but never implemented.
On bare metal, I’d ls -la the data directory and watch the new relation files grow in real time. I’d know wtf was going on.
But this is RDS. Amazon’s managed service. The one that’s supposed to make my life easier. And it has abstracted away the filesystem entirely. I’m flying blind during a production crisis, held hostage by the walled garden that was supposed to protect me. Thanks Amazon.
It occurs to me, somewhere around hour three, that I’ve seen this movie before.
Computer Scientists and IT Guys
There are computer scientists (on paper or at heart) and there are IT professionals who specialise in platforms. Both are necessary. But the balance between them is shifting, and the shift maps onto the fault line in modern infrastructure.
A computer scientist understands what a filesystem is, what an index rebuild does at the page level, why a 32-bit integer overflows at 2,147,483,647, and what the options are when it does. They can operate at any layer of the stack because they understand the stack.
An IT guy knows which AWS console to click, which managed service to provision, which CloudFormation template to copy, which certification to renew. They navigate the maze. The maze is their value.
For twenty years, this distinction didn’t matter much. Cloud providers built increasingly elaborate mazes, and companies hired increasingly specialised maze-runners. The abstraction felt like progress. And for many companies, it genuinely was… not everyone needs to understand B-tree page splits to ship a product.
But we’ve reached the point where the abstraction is the problem, and the people who spent their careers inside it can’t see the walls.
This is not a new pattern. In fact, it’s the oldest pattern in enterprise technology.
The Certification Industrial Complex
In 1993, if you wanted to run a corporate network, you hired a Certified Novell Engineer. Novell owned networking. NetWare held over 60% of the network operating system market, and the CNE was the credential that proved you could operate within Novell’s proprietary world and its NDS directory, its IPX/SPX protocols, its arcane console commands. An entire career infrastructure existed around navigating the complexity of NetWare. The maze was the value.
Then Microsoft bundled networking into Windows NT. The operating system that companies were already buying for their desktops now included the networking they used to buy separately from Novell. By 1999, the resellers who had built their businesses on NetWare were re-certifying their CNE engineers as MCSEs and positioning NetWare as legacy. Novell’s market share collapsed. The CNE certification was eventually retired to “legacy status” … a euphemism for irrelevance.
The MCSE took the CNE’s place. By 2000, if you wanted to run a corporate network, you hired a Microsoft Certified Systems Engineer. The MCSE was the new gold standard, at last an entire career infrastructure built around navigating the proprietary complexity of Windows NT and Active Directory. Same maze, different vendor. Same economics: the harder Windows was to manage, the more you needed an MCSE. Microsoft’s complexity was their job security.
The MCSE certified you to operate the maze. It did not certify you to question whether the maze should exist.
Meanwhile, Cisco built its own parallel empire. The CCIE (Cisco Certified Internetwork Expert) became the most prestigious credential in networking. Cisco’s IOS operating system ran the internet’s backbone, and understanding its CLI, its routing protocols, its byzantine configuration syntax was a career in itself.
CCIEs commanded $150,000+ salaries because Cisco’s proprietary hardware and software were everywhere, and operating them required deep, vendor-specific knowledge.
Then three things happened: software-defined networking abstracted the hardware away, cloud networking made physical routers irrelevant for most workloads, and open-source alternatives matured. The CCIE didn’t become worthless overnight (just as the MCSE didn’t, just as the CNE didn’t) but its value decoupled from the underlying knowledge and reattached to the vendor lock-in. Cisco had to revamp its entire certification programme in 2020, adding DevNet tracks and automation requirements, a tacit admission that the old model was dying.
The pattern is always the same: a proprietary platform creates complexity, a certification ecosystem monetises that complexity, and then a more open alternative arrives and makes the complexity unnecessary. The people who built careers inside the maze don’t switch overnight. Why would they? They’re not wrong that the old system works. They’re wrong that “works” is the same as “best.”
Then Linux happened. Open-source tooling matured. The web moved to LAMP stacks and then to containers. The proprietary GUI that Windows NT required became a liability against the elegant, lightweight text commands of Unix. The MCSE was officially retired by Microsoft in 2021, a quiet burial for a credential that had defined an entire generation of IT careers.
Novell CNE. Microsoft MCSE. Cisco CCIE. Three vendor empires, three certification ecosystems, three slow declines as a more open alternative matured. None of the people who held those certifications were stupid. Many were excellent engineers. But excellence within a closed system doesn’t protect you when the system opens up.
The question is what’s next on the list.
AWS Is the New Windows NT
Amazon Web Services became the dominant “Cloud OS” by doing what Microsoft did in the ‘90s and Novell did in the ‘80s: bundling complexity and charging a massive premium so companies didn’t have to think about the underlying systems.
Don’t want to manage PostgreSQL? Here’s RDS. Don’t want to run Elasticsearch? Here’s OpenSearch. Don’t want to understand networking? Here’s a VPC wizard. Don’t want to learn Linux? Here’s a console with 247 services and a certification programme to help you navigate them.
This worked. It worked spectacularly. AWS generated $128.7 billion in revenue in 2025, and every Fortune 500 company has a six-figure AWS bill. An entire generation of engineers built their careers around AWS Certified Solutions Architect the same way previous generations built theirs around MCSE, CCIE, and CNE.
But look at what’s happening beneath the surface:
AWS’s growth is decelerating fast. 17.5% year-over-year in Q2 2025 — while Azure grew 39% and Google Cloud grew 32%. AWS’s market share slid from 33% to 30% in three years. And Amazon’s overall free cash flow dropped 70% year-over-year in the same period, driven by massive CapEx bets on infrastructure that aren’t yet paying off. The $128 billion revenue number looks impressive until you realise the margins are compressing underneath it.
The empire isn’t collapsing. But the moat is filling in.
Companies are leaving. DHH and 37signals famously walked away from AWS and projected $10 million in savings over five years — their annual infrastructure bill dropped from $3.2 million to under $1 million. The $600K in Dell servers paid for themselves in six months. They’re now deleting their AWS accounts entirely. A Barclays CIO Survey found that 86% of CIOs now plan to repatriate some workloads — the highest rate ever recorded. The bare-metal cloud market is projected to grow at 21-25% CAGR, reaching $53-67 billion by 2033. This is not a fringe movement. It’s a structural correction.
The managed service tax is real and it’s grotesque. My team benchmarked self-hosted Qdrant against AWS alternatives for vector search at scale. The results:
AWS charges 13 to 24 times more for a service that is measurably slower. The “managed” in managed service means you are paying Amazon to be slower.
And the extraction doesn’t stop at compute. AWS data egress fees have been estimated at up to 80 times the actual cost of bandwidth, a markup so outrageous that the EU has stepped in. The EU Data Act, taking effect from January 2027, will ban cloud providers from charging egress fees that exceed the actual cost of data transfer. When a regulatory body has to legislate against your pricing because the markup is too extractive, you’re not running a value-added service. You’re running a tollbooth.
The CNE holders had decades of experience. So did the MCSE holders. Experience is necessary but not sufficient, and when it becomes the primary argument, it’s usually because the data has stopped cooperating.
Why AI Breaks the Cloud OS
Here’s where it gets interesting.
AWS’s value proposition is simple: infrastructure is hard, so you’ll pay a premium to avoid it. RDS exists because configuring, securing, patching, and backing up PostgreSQL is painful for a human engineer. OpenSearch exists because running Elasticsearch clusters is a full-time job.
But what happens when the engineer isn’t human?
AI agents like Claude and the ecosystem building on top of them, are natively fluent in Linux, Bash, Python, Docker, and SQL. They don’t need a GUI. They don’t need a wizard. They don’t need a managed service to abstract away complexity, because complexity is what they’re good at.
This isn’t hypothetical. 75% of software engineers now use AI tools for at least half their work. Anthropic’s Claude Code is reportedly running at a $2.5 billion annual run rate. GitHub Copilot has over 1.8 million paid subscribers. The tooling for AI-managed infrastructure is here.
Ask an AI agent to configure a PostgreSQL instance with streaming replication, set up automated backups, configure connection pooling, and write the monitoring scripts. It will do it in minutes. Correctly. On a $29/month Hetzner VPS.
Ask it to set up the same thing on RDS, and it will do that too — but now you’re paying $200/month for the privilege of having less visibility into your own database. Which I can confirm, firsthand, from a Friday night I’d rather forget.
AI unbundles DevOps.
The managed service premium was always a tax on complexity. AI agents eliminate the complexity. The tax has no basis.
The historical pattern is clear. Each generation of infrastructure created a class of specialised operators, and each was disrupted when the underlying complexity became manageable through more open or automated means. Novell needed CNEs until Windows NT bundled networking for free. Windows NT needed MCSEs until Linux and open-source tooling matured. Cisco needed CCIEs until SDN and cloud networking abstracted the hardware. In each case, the disruption wasn’t that the skills became worthless, it was that the premium for vendor-specific knowledge collapsed.
And because AI agents commoditise the orchestration layer, we are no longer tethered to centralised cloud providers just because they have the easiest deployment wizards. When deploying to thirty global edge nodes is as effortless as deploying to us-east-1, you are free to place compute exactly where physics dictates it should go: right next to the user.
The Edge-First Future
While the industry debates which managed service to use, the architecture is shifting underneath them.
Cloudflare grew revenue 31% in 2025 while AWS grew 17.5%. They signed their largest-ever deal at over $100 million, driven by the Workers platform. AI inference requests on Workers grew 4,000% year-over-year.
The thesis is simple: why route every request across an ocean to a centralised server when you can push logic, state, and caching to the edge? Our Sentry telemetry showed international users suffering 150-280ms network penalties to reach US-based AWS infrastructure. Cloudflare Workers resolve those same requests in under 10ms globally.
The physics is non-negotiable. Light travels through fibre at roughly 200,000 km/s. London to Virginia is 5,900 km. That’s a 59ms round trip at the speed of light, and real-world routing adding 2-3x on top of that. No managed service can repeal the speed of light.
Edge computing solves it by not trying to. Instead of asking “which AWS region is closest?”, it asks “why are we going to a region at all?” Push the logic to 300+ points of presence worldwide, and the question of latency disappears.
AWS has no competitive answer for this. Lambda@Edge has crippling cold starts. CloudFront Functions are too restricted for real logic. The “all-in on AWS” playbook actively prevents you from building for global, sub-10ms latency.
The future isn’t choosing between AWS regions. It’s bypassing the origin entirely.
The Optionality Dividend
The cost of AWS lock-in isn’t on the monthly bill; it’s the opportunities you can’t say yes to.
Cloud-agnostic architecture isn’t just cheaper. It’s a strategic asset. It lets you play hyperscalers against each other instead of being captured by one. It means that when Google offers you free compute, or Azure offers better GPU pricing, or a bare-metal provider cuts their rates, you can actually take the deal. Lock-in isn’t just a cost: it’s an opportunity cost, and you never see the opportunities you missed because you couldn’t say yes.
Novell learned this the hard way. Their customers couldn’t leave when Windows NT offered networking for free ... until they did, all at once. The same dynamics apply: every proprietary AWS service you adopt makes the exit more expensive, until the accumulated cost of staying finally exceeds the cost of leaving. And by then, you’ve been paying the tax for years.
The Timebomb Under Every “Managed” System
Back to my Friday night.
The 32-bit integer overflow wasn’t caused by AWS. It was caused by a CTO who didn’t understand (or didn’t care about) the difference between int and bigint. That’s a computer science failure, not an infrastructure failure.
But the pain of fixing it was entirely caused by the managed service. On bare metal, I’d have had visibility into the rebuild. I’d have been able to estimate time, monitor progress, and make informed decisions about whether to wait or try an alternative approach. Instead, I watched wait_event change and hoped.
This is the trap. Managed services are convenient right up until the moment of crisis. In a crisis, you need visibility and control … the very things you traded for convenience.
Every managed service is an abstraction, and every abstraction is a bet. You’re betting that the abstraction will never leak, and you’ll never need to see beneath it. For routine operations, that bet pays off. For the 32-bit integer timebomb at 5 PM on a Friday, it doesn’t. And the thing about timebombs is that you don’t get to choose when they go off.
The engineers who understand the stack know this intuitively. The rest of us learn it the hard way … at 5 PM on a Friday, when the abstraction leaks and there’s nobody to call.
What Comes Next
I don’t think AWS disappears. Novell didn’t disappear , it got acquired by Micro Focus. Microsoft didn’t disappear after Linux won the server, it bought GitHub and put Linux inside Windows. Cisco didn’t disappear, it pivoted to software subscriptions. The pattern isn’t extinction. It’s diminishment. The dominant platform becomes a legacy platform, the legacy platform becomes a line item, and the engineers who defined themselves by the old maze have to decide whether to learn the new landscape or defend the old one.
The signals are everywhere if you’re looking. Revenue growth halving while competitors accelerate. The EU legislating against egress pricing. 86% of CIOs planning repatriation. AI agents commoditising the operational complexity that justified the premium. Bare-metal providers growing at 25% CAGR. Edge platforms outpacing centralised cloud on every metric that matters.
The question isn’t whether the premium disappears. It’s how quickly.
The companies that understand this are building on containers, staying cloud-agnostic, and keeping their options open. They’re treating cloud providers as commodity compute, not as a platform to be married to.
The companies that don’t understand this are going all-in on a single provider’s proprietary services, told by someone with a decade of certifications that this is the safe choice. It’s not safe. It’s familiar. Those aren’t the same thing.
Every generation of infrastructure engineers has faced this inflection. The CNEs who evolved beyond NetWare thrived. The MCSEs who learned Linux found their skills more portable, not less. The CCIEs who picked up automation and SDN are still in demand. The ones who couldn’t let go of the old maze got left behind — not because they were bad engineers, but because they confused mastery of a specific platform with mastery of the underlying discipline.
The AWS Solutions Architects face the same choice today. The ones who understand infrastructure (not just AWS’s version of it) will be fine. The ones who can only navigate one vendor’s console are betting their careers on a maze that’s already starting to open up.
I know which bet I’d take.
I’m Sutha, Head of AI at Kimono. I’ve been building AI systems for many years, from neural networks in the late ‘90s to the multi-cloud, edge-first architectures I work on today. I write about what I see from the intersection of infrastructure, AI, and the places where conventional wisdom breaks.
If this resonated, subscribe. I’m going to write more about the edge-first thesis, and about what happens when AI agents start making infrastructure decisions that humans currently make badly.
Now I need to check whether that ALTER TABLE finished.