How Amazon loses everything except the one business Jeff Bezos would never have predicted.
An American consumer wants a German duvet cover, 130x200 cm. They go to Amazon. They get four pages of Chinese-manufactured polyester comforters keyword-stuffed with every bed size ever conceived by humanity. The sponsored listings at the top are for products that share no meaningful attributes with what was searched. The organic results, if you scroll far enough to find them, are identical in kind if not in degree.
This is not a search failure. Amazon’s search works exactly as intended. The intent is not to return what you asked for.
The intent is to return what someone paid to show you.
Every subsequent problem in Amazon’s retail business is downstream of that choice, and the choice was rational at every level of the org chart. Individual sellers pay for placement to survive the algorithm. Category managers hit revenue targets from sponsored listing fees. Finance reports higher margin per page view than from actual product sales. Andy Jassy’s predecessor made the numbers. The numbers were real. The product was broken. No one in the chain had the authority or incentive to fix it, because fixing it would require Amazon to voluntarily reduce revenue in exchange for a better customer experience, and Amazon stopped being a company that does that somewhere around 2015.
Personal Disclosure: I was laid off from Amazon in Spring 2024. I was starting to see these problems clearly while I still worked there. Writing it down then was not safe. You don’t publish structural critiques of your employer’s core revenue mechanisms while you’re still collecting a paycheck and hoping to keep it. So I didn’t. Since then the picture has gotten clearer, the distance has gotten longer, and the constraints are gone. This is what I saw and what I think comes next.
The threat to Amazon’s retail search isn’t a startup. It’s Grainger.
W.W. Grainger sells industrial and MRO (maintenance, repair, and operations) supplies to corporate and institutional buyers. Roughly 1.7 million products. Catalog search that returns what you searched for, because the customer is a procurement manager with a part number who will immediately go elsewhere if the results are wrong. Grainger doesn’t sell sponsored placements above the right answer. Grainger’s business model depends on the right answer appearing first. They have existing distribution relationships, existing shipping infrastructure, existing corporate account relationships, and a search product that works because their incentive structure requires it to work.
Grainger isn’t moving into consumer retail tomorrow. But the model is the argument. The thing that beats Amazon’s consumer search isn’t a better algorithm. It’s a different charter. Any company with existing fulfillment infrastructure, existing supplier relationships, and a structural reason not to corrupt its own search results is a candidate. Grainger is the clearest current example. Walmart has the physical infrastructure. Costco has the membership model that already filters for a different kind of buyer trust. McMaster-Carr has been doing honest industrial search longer than Amazon has existed.
Trust is not a spectrum. You either have a search that returns what you asked for, or you have a search that returns what someone paid to show you. There is no partially honest search. The companies that win this aren’t the ones that decide to be more ethical. They’re the ones whose revenue model never required them to be dishonest in the first place.
Amazon’s retail moat was never selection. Selection is table stakes. The moat was search capture plus friction asymmetry: once you trust the results, you stop checking elsewhere. Any incumbent with distribution and an honest search charter dissolves both simultaneously. Once you know Amazon’s search is pay-to-play, you don’t go back. The trust doesn’t rebuild. This is why Amazon cannot respond: the response would require eliminating the sponsored listing revenue that makes the retail division profitable, which is not a strategic option they can exercise while also satisfying the investors who priced that revenue into the stock.
Meanwhile, Walmart was always better positioned for last-mile delivery than Amazon and chose not to notice it for about a decade.
Amazon spent approximately $200 billion building out fulfillment infrastructure to get packages to your door in two days. Walmart had 4,700 stores already positioned near people, already staffed, already paying occupancy costs regardless of whether they were used for click-and-collect or same-day delivery. The capital was already spent. Amazon built what Walmart had for free and called it a moat.
The pharmacy play is the same logic accelerated. Walmart has existing Medicaid and Medicare contracting infrastructure, pharmacists already on payroll, and foot traffic from a customer base that skews exactly toward the demographics that fill the most prescriptions. Amazon’s pharmacy required building all of that from scratch, in a regulated industry, against incumbents with existing relationships with every PBM (pharmacy benefit manager) that controls the reimbursement rates that determine whether a pharmacy is profitable.
Prime membership renewal has been softening for two years (my read, from public earnings commentary and analyst channel checks, not a verified figure). The value proposition was always a bundle: free shipping plus Prime Video plus pharmacy plus music plus whatever else they added to justify the price increase. When the shipping benefit degrades because the search that precedes the shipping is broken, the bundle math changes. Once you stop buying from Amazon because you can’t find what you want, the other bundle benefits don’t retain you.
AWS is a separate dissolution, running in parallel, with a different structure.
The moat was never compute. EC2 instances run on commodity hardware and the hyperscalers all have roughly comparable unit economics. The moat was egress pricing combined with IAM lock-in. Egress pricing charged roughly $0.09 per gigabyte to move your data out of AWS. Not in. Out. Once your data is in, every dollar of egress is a reason to not move. AWS didn’t own your infrastructure. It owned your migration cost calculus.
AWS egress pricing was never a fee. It was a hostage situation.
The Bandwidth Alliance already exists. Cloudflare founded it in 2018; it now includes Azure, Google Cloud, Oracle, Alibaba, DigitalOcean, Backblaze, and roughly twenty others. The technical mechanism is Cloudflare’s Argo routing engine, which optimizes traffic flows across private interconnects between members and automates the accounting so customers actually see the savings. AWS is not a member. AWS has never been a member. The list of who joined and who didn’t is its own argument.
What the Bandwidth Alliance has not yet done is the harder and more threatening piece: federated identity and key management. Right now it reduces transfer costs between members. It does not make your security architecture portable. That’s the next move, and it’s the one that actually kills the lock-in.
The buildout looks like this. First, federated IAM (Identity and Access Management): a cross-provider identity standard so a principal (user, service account, workload) authenticated on one cloud can be granted least-privilege access on another without manual trust configuration on both sides. SPIFFE/SPIRE already does workload identity federation at the service level; extending that to the full IAM surface is an engineering project, not a research problem. Second, federated key management: a protocol for cross-provider KMS (Key Management Service) operations so that keys provisioned in one cloud’s HSM (Hardware Security Module) infrastructure can authorize decrypt operations against data stored in another. Third, provider discovery: a DNS-like registry so workloads can locate services across member clouds without hardcoding endpoints, which is the precondition for any of the portability claims being real rather than theoretical. Fourth, centralized billing: a single invoice across consortium members so finance teams can see actual cross-cloud spend without stitching together four separate cost-explorer exports. That last one sounds administrative. It isn’t. Unified billing is what lets a CFO say yes to multicloud without a six-month procurement process.
None of this is novel technology. All of it requires someone to own the standard and the trust model. The Bandwidth Alliance is the natural home for it. The question is whether Cloudflare has the appetite to run an identity federation layer in addition to a network layer, or whether a separate consortium entity needs to own it.
The reason this matters is that AWS’s real moat was never EC2. It was your compliance team’s mental model: specifically the assumption that IAM integrations were so deeply embedded in your security architecture that porting them was a multi-year project. Federated IAM and federated keying dissolve that assumption. Your compliance team’s mental model updates. The migration calculus changes. What looked like a multi-year replatforming project becomes a workload-by-workload migration with no forced key rotation and no identity cliff.
Bedrock and SageMaker were always wrappers around Nvidia primitives with an AWS markup on top.
Amazon understood this and bet on Trainium and Inferentia to build proprietary silicon that could compete with Nvidia on training and inference costs. The bet has not paid off. Trainium is behind Nvidia on both performance and ecosystem depth, and the gap is not closing at a rate that matters strategically. The CUDA ecosystem is twenty years of accumulated developer familiarity, toolchain integration, and library support. You do not overcome that with a chip that’s 80% as good and requires retraining your entire ML engineering team.
The Nvidia CNCF (Cloud Native Computing Foundation) move is the knife. Nvidia donates the canonical training and inference abstraction to CNCF, which transforms an offensive weapon (Nvidia’s proprietary tooling) into an open standard that every hyperscaler is now obligated to support or appear hostile to their own customers. Amazon has to support it. Supporting it validates Nvidia’s abstraction as the standard. The Bedrock/SageMaker wrapper becomes redundant. You can now run the same workload on any CNCF-compliant cluster regardless of underlying cloud provider.
Whether this is already happening or is a reasonable projection of Nvidia’s obvious strategic interest, I’ll leave to the reader. The structural logic is airtight regardless of timing.
FedRAMP was a moat because authorization costs were unsocializable.
Getting a FedRAMP authorization at IL2 or IL4 (the lower classification tiers used for most civilian agency workloads) costs between $1-3 million in audit fees, documentation, and compliance engineering before you can sell to the federal government. A single hyperscaler can absorb that. A smaller provider cannot. The barrier to entry was not technical. It was financial and bureaucratic.
A certification consortium socializes the cost. Multiple providers pool the audit overhead. The per-provider cost drops by 60-80%. FAR (Federal Acquisition Regulations) requires contracting officers to award to the lowest compliant bidder. Once multiple vendors hold equivalent authorizations, the moat is now a commodity certification and the contract goes to whoever has better pricing and relationships.
IL2 and IL4 go first. The civilian agency business is contestable within 18-24 months of a functioning consortium.
IL5 and IL6 stay sticky longer. Not because of technical complexity (the technical requirements are achievable) but because cleared-personnel buildout takes 12-18 months per person regardless of how much capital you throw at it, and SCIF (Sensitive Compartmented Information Facility) construction and accreditation takes years. The physical and personnel infrastructure is genuinely irreplaceable on a short timeline. This is the actual last moat.
The managed database business is not a moat. It was always a convenience play dressed as infrastructure.
RDS is Postgres and MySQL with an AWS console and automated backups. PlanetScale, Neon, CockroachDB, and Supabase already exist and already cover the common API surface for the vast majority of workloads. A CNCF-blessed managed database operator on Kubernetes covering 90% of the API for 90% of customers is not a hard engineering problem. It’s a standardization and distribution problem, and CNCF exists specifically to solve that. The moat was operational convenience plus IAM integration. Federated keying dissolves the IAM piece. The convenience piece is one CNCF project and eighteen months of adoption curve away from dissolution.
Aurora Serverless is the partial exception. The auto-scaling model has real engineering depth that’s not trivially cloned, and the optimization work on PostgreSQL compatibility is probably a 3-5 year advantage. That’s not a permanent moat. It’s a runway.
The Anthropic investment was supposed to be Amazon’s answer to the AI layer problem. It isn’t.
Bedrock is a model API with a console. That’s it. You point your application at a Bedrock endpoint, you get inference, you get billed. The value proposition is that the model is good (Anthropic’s) and the billing is already on your AWS invoice. That’s a convenience play. It is not a moat.
A moat requires switching costs. Bedrock has none worth naming. The Anthropic API is callable directly. Azure has Claude available through Azure AI. Google has its own frontier models on Vertex. If you’re already migrating workloads off AWS because federated IAM makes that viable, you don’t re-route inference traffic back to Bedrock just because it’s familiar. You call whatever model endpoint is cheapest or best for the workload, and you do it from wherever your compute now lives.
The deeper problem is that Bedrock doesn’t own Anthropic. Amazon invested roughly $4 billion for a minority stake and compute commitments. Anthropic’s models run on AWS infrastructure, which is revenue for AWS, but Anthropic sets its own roadmap, prices its own API, and maintains relationships with every other distribution channel it wants. Amazon bought preferential positioning, not exclusivity. The moment Amazon’s infrastructure advantages dissolve, Anthropic has no particular reason to weight the relationship above others. Anthropic is a company trying to build transformative AI; it needs capital and compute, not a permanent marriage to a single cloud provider whose market position is deteriorating.
The Trainium bet compounds this. Amazon built custom silicon (Trainium for training, Inferentia for inference) to reduce dependence on Nvidia and capture hardware margin on AI workloads. Trainium 2 is a legitimate chip. It is not competitive with H100s at scale for frontier model training, which is why Anthropic’s largest training runs still use Nvidia hardware. Amazon’s own AI infrastructure investment is internally inconsistent: they funded a frontier lab whose heaviest workloads can’t yet run efficiently on Amazon’s own silicon. That’s not a strategy. That’s a hedge on top of a hedge.
The Anthropic investment buys Amazon a seat at the AI table and a good model to put in a product catalog. It does not create lock-in. It does not generate switching costs. It does not protect market share. It is the right move for a company with no better options, which is exactly what Amazon’s position has become.
What survives.
The IC (Intelligence Community) infrastructure and the cleared-personnel apparatus around it. Classified programs. Physical infrastructure that took years to build and certify and cannot be replicated on any commercially relevant timeline by consortium members who don’t already have it. Real revenue, probably in the $60-80B range at steady state (I’m gesturing at that figure, not deriving it; public IC contracting data probably supports a real estimate for someone willing to do the work). Durable. Not discussed publicly because you can’t discuss classified infrastructure publicly.
The retail business survives as a smaller, less profitable version of itself. Maybe with an honest search layer eventually, maybe not, depending on whether Amazon can separate the search experience from the sponsored revenue model without triggering a shareholder revolt.
The consumer cloud services (Alexa, Ring, various ambient compute plays) survive or don’t depending on factors that are genuinely hard to project from here. Personally, I don’t think they do.
Prime Video survives. Content lock-in is real. The subscriber base that stays for The Boys and doesn’t care about retail benefits is real, and it’s underrepresented in how people analyze Amazon’s decline narrative.
What doesn’t survive at current scale: the everything-store growth story, the AWS infrastructure dominance thesis, the 33% cloud market share trajectory, the Bedrock-as-AI-moat narrative, the $2 trillion valuation multiple.
Jeff Bezos wanted to sell everything to everyone. What survives is a classified government program he can't talk about publicly and wouldn't have predicted in 1994.