It has been a week dominated by platform stories, which is fitting because that is exactly where the most important enterprise decisions are being made right now. Whether it is data infrastructure, compliance architecture, or agentic AI, every major vendor is arguing that consolidation beats sprawl. Whether they are right depends on who is doing the consolidating.
Microsoft doubles down on PostgreSQL with code, not just services
Source: From commit to cloud: Powering what’s next for PostgreSQL
Microsoft published a notable piece this week setting out its strategic position on PostgreSQL. The headline number is 345 commits contributed to the latest PostgreSQL release, alongside a team of in-house committers working upstream. On the product side, Azure now supports two distinct deployment models: Azure Database for PostgreSQL for open-source-aligned and lift-and-shift workloads, and Azure HorizonDB for cloud-native systems that need scale-out compute and shared storage. Microsoft is also integrating vector search and model invocation directly into PostgreSQL workflows, positioning the database as a natural foundation for AI-enabled applications.
Why it matters: If you are still treating managed PostgreSQL as a straightforward lift-and-shift decision, this is worth a second look. The bifurcation between traditional and cloud-native deployments is real, and the upstream contribution strategy suggests Microsoft is playing a long game here rather than just skinning the open-source engine with proprietary features.
AWS Redshift gets Graviton and drops the Spectrum tax
Source: Amazon Redshift introduces AWS Graviton-based RG instances with an integrated data lake query engine
Amazon announced the Redshift RG instance family, its first Graviton-powered generation. The headline claims are 2.2x faster than RA3 for data warehouse workloads at 30% lower price per vCPU, and up to 2.4x faster for Apache Iceberg queries. The more operationally significant change is the removal of Redshift Spectrum. Data lake queries now run on the cluster nodes themselves, which means they stay within your VPC boundary, use existing IAM roles, and incur zero per-terabyte scanning charges. That eliminates the $5 per TB Spectrum fee that quietly added up for organisations running heavy lake queries. Migration paths are either an in-place Elastic Resize with 10 to 15 minutes of downtime, or a Snapshot and Restore approach. The service is live today across European regions including London, Frankfurt, Paris, and Stockholm.
Why it matters: The Spectrum removal is the real story here. Unified compute for both warehouse and lake queries simplifies cost modelling significantly, particularly for organisations running agentic AI workloads that query at a scale no human team would generate.
Google Cloud sets out a compliance architecture blueprint for regulated software
Source: The new era of SaMD: Why cloud infrastructure is the foundation for digital health in 2026
Google Cloud published a substantive piece this week on running Software as a Medical Device (SaMD) on cloud infrastructure, and while the healthcare framing is specific, the architecture patterns apply to any regulated workload. The regulatory backdrop is worth noting: the FDA has aligned its Quality Management System Regulation with ISO 13485 this year, moving toward automated audit trails as primary evidence rather than manual paperwork. More urgently for UK and EU architects, the EU AI Act enters full applicability for high-risk AI systems on 2 August, which is a live deadline for anyone building regulated software that touches AI. Google’s central argument is that Compliance as Code has moved from competitive advantage to regulatory necessity. The post sets out a three-plane architecture model covering a data plane for operational data movement, a control plane enforcing Zero Trust identity and network policy, and an evidence plane generating immutable audit trails, build attestations, and SBOM metadata as a continuous byproduct of how the system runs rather than a manual exercise bolted on at audit time.
Why it matters: The three-plane model is worth lifting regardless of whether you work in healthcare. Any regulated industry facing DORA, the EU AI Act, or equivalent frameworks is dealing with the same underlying problem: how do you produce defensible compliance evidence at the pace modern delivery teams move? The shift from shared responsibility to what Google calls shared fate, where the cloud provider supplies the technical primitives and the organisation configures them to implement its quality system, is a framing that changes how you think about platform selection for regulated workloads.
Azure Red Hat OpenShift positions itself as the VMware exit ramp
Source: Red Hat Summit 2026: Platform modernization and AI on Microsoft Azure Red Hat OpenShift
Red Hat Summit in Atlanta delivered a significant joint announcement from Microsoft and Red Hat. Azure Red Hat OpenShift (ARO) 5.8, due in general availability in June, ships with OpenShift Virtualization integrated by default. That means VMs and containers running side-by-side on the same managed platform, with tooling to migrate existing virtual machines without rearchitecting first, then containerise gradually over time. Microsoft won Red Hat’s Platform Modernization Partner of the Year award, and the two companies previewed an ARO Anywhere vision that would extend the same governance model to third-party clouds including AWS Outposts and Google Distributed Cloud, using Azure Arc as the control plane.
Why it matters: For organisations still actively evaluating VMware alternatives, ARO 5.8 is worth putting on the shortlist. The dual-path approach of running VMs natively while incrementally containerising is a realistic modernisation story rather than an aspirational one, and the Azure Hybrid Benefit eligibility helps with the commercial case.
The build vs buy question for agentic AI is not as simple as it looks
Source: The hidden cost of build vs. buy for agentic AI in regulated industries
The New Stack ran a piece this week, contributed by GitLab’s field CTO, making the case against building internal agentic AI platforms in regulated industries. The central argument is that the hard part is not the model but the orchestration layer, and that organisations consistently underestimate the ongoing engineering commitment required to own it. Under frameworks like DORA and the EU AI Act, an internal AI system functions as a regulated system, which means the organisation takes on the risk classification, documentation, and audit obligations for the life of the platform. The DevOps era is the reference point: the industry spent years consolidating fragmented toolchains because the integration burden and governance gaps were unsustainable.
Why it matters: Worth reading even accounting for the vendor provenance. The regulatory surface area argument is sound, particularly for UK financial services and energy organisations navigating DORA obligations. The three questions the piece proposes as decision anchors are genuinely useful: is the requirement truly unique, how much regulatory surface can the organisation realistically own, and what is the time horizon?
Looking ahead
The common thread this week is the tension between consolidation and control. Every major vendor is arguing for platform-level integration, and in most cases the operational and regulatory logic holds. But as the agentic AI build vs buy piece quietly admits, governance must be automated and usable to survive contact with real delivery teams. The question is not just which platform wins, it is whether the platforms being built are actually governable at the pace enterprises need them to be. Where are you landing on that question for your organisation right now?
