Posts

🚀 How I Used a No-Code Backend to Power a Fake Startup Certification Platform Recently I launched S Corp™ — a parody certification for startups that want to look ethical without the burden of actually doing anything. You type in your company name, click a button, and get a downloadable certificate that looks suspiciously legit. It’s satire. It’s fast. It’s 100% nonsense. Behind the scenes, the app is powered by React, Tailwind, and a healthy disrespect for real sustainability certifications....

The AI MCP Protocol: An Ambitious Idea - But this feels like VHS vs Betamax The AI Model Context Protocol (MCP) burst onto the scene in late 2024 as an Open Standard, introduced by Anthropic, suggesting a simple way for AI-powered apps—especially chatbots and assistants—to dynamically plug into external tools and data at runtime. Sounds great, right? But after some digging, it turns out MCP might not be as practical as it initially seems....

Did this earlier today for a client. You can’t directly upgrade from 1.29 to 1.32, so instead have to repeat these steps for each version. Upgrading Amazon Elastic Kubernetes Service (EKS) is a crucial maintenance task that ensures security, stability, and access to the latest Kubernetes features. Given AWS’s recommendation to upgrade one minor version at a time, this guide walks through upgrading EKS from version 1.29 to 1.32 in stages....

Connecting GitHub Actions to AWS Using OIDC and an Assumed Role When deploying applications or managing AWS infrastructure through GitHub Actions, using OpenID Connect (OIDC) provides a secure way to authenticate without requiring static AWS credentials. This guide will walk you through setting up an AWS IAM role, configuring an OIDC identity provider, and updating your GitHub Actions workflow to assume the role. Step 1: Create an IAM Role for GitHub Actions Navigate to the AWS IAM Console....

AWS + Azure - Single Sign-On: Configuring Azure Entra ID to Login to AWS via Terraform Single Sign-On (SSO) is a powerful feature that allows users to access multiple applications with a single set of credentials. Integrating Azure Entra ID (formerly Azure Active Directory) with Amazon Web Services (AWS) enables seamless access management across both platforms. In this blog post, we’ll explore how to configure Azure Entra ID to enable SSO to AWS using Terraform....

Leveraging Amazon Inspector for Enhanced Security: A Deep Dive In the realm of cloud computing, securing applications and infrastructure is paramount. Following our exploration of DevSecOps on AWS, this follow-up post delves into Amazon Inspector, an automated security assessment service that aids in improving the security and compliance of applications deployed on AWS. Amazon Inspector is a potent tool in the DevSecOps arsenal, designed to automatically discover and assist you in remediating security vulnerabilities and deviations from best practices....

The Evolution of DevSecOps on AWS: A Comprehensive Guide The integration of security into the DevOps process, known as DevSecOps, is revolutionising how organisations deploy software, ensuring that security is not an afterthought but a fundamental aspect of the development lifecycle. Amazon Web Services (AWS), a leader in cloud computing, offers a robust platform for implementing DevSecOps practices. This blog post explores the significance of DevSecOps on AWS, its benefits, key practices, and tools to seamlessly integrate security into your development processes....

Until recently, this blog was hosted on GatsbyCloud – Which was recently discontinued :sadpanda: In theory, it should’ve been reasonably easy to just host Gatsby myself, and carry on, but really I thought I should upgrade to the latest version.. But that got me into NPM Dependency Hell, and frankly my dears, I don’t have time for that kind of nonsense. So I’m reworking it all to be generated by Hugo, then it’s just static, and I can stick it somewhere like S3 and call it a day....

I’ve been a DevOps Engineer since roughly 2011, or some time around that when the fashion for pure Systems Administration became a lot more automated, and the start of the ‘shift left’ movement started, with integrating the tooling that we know and love now into deployment architectures. I’ve also spent a significant portion of my working career in security-focussed roles, either from a purely application security perspective, or a more holistic standpoint on infrastructure security....

This is Part Two of the series “Introduction to DevSecOps”. In this segment, we’re looking at integrating some tooling into the build and deployment pipelines. Tooling Looking more deeply into what’s possible to action ‘shift-left’ security, it’s time to start thinking about what tools we want to use, where we want to put them in the pipeline, and how to action the results. Starting Point, a vulnerable app. I forked https://github....