The Meaning(lessness) of Serverless“Serverless” as a term is close to meaningless, and it’s not useful to argue about the definition. So how should we talk about it today?Mar 14, 20232Mar 14, 20232
The “End of Programming” will look a lot like programmingNobody wants “temperamental and mysterious” products, so what will AI-integrated software development look like?Jan 2, 20235Jan 2, 20235
AWS IAM Permissions Boundaries Are Incomplete Without PropagationPermissions boundaries are mostly unusable for organizations where developers need to create IAM principals as part of their normal processOct 29, 20214Oct 29, 20214
Cross-account role trust policies should trust AWS accounts, not roles, part 2Further details on privilege escalation for cross-account role assumptionOct 22, 20211Oct 22, 20211
Cross-account role trust policies should trust AWS accounts, not rolesYour role’s trust policy should be representative of the security boundary and not give a false sense of security.Oct 13, 20211Oct 13, 20211
Never put AWS temporary credentials in env vars or credentials files — there’s a better wayPlease, I’m begging you — learn about how the AWS CLI and SDK retrieve and refresh credentials. There are such good options!Oct 6, 202111Oct 6, 202111
AWS IAM Permission Boundaries Has A Caveat That May Surprise YouResource policies can unilaterally grant access, even if it isn’t within the permissions boundarySep 29, 2021Sep 29, 2021
I Trust AWS IAM to Secure My Applications. I Don’t Trust the IAM Docs to Tell Me How.We need better AWS IAM documentation so that we can confidently and successfully use the extensive power of IAM to gain the security we…Sep 22, 2021Sep 22, 2021
Principals in AWS IAMThis article explains the basics of AWS authentication: the way you gain an identity that you can use to access AWS servicesSep 8, 20213Sep 8, 20213
Python multi-line string literals with textwrap.dedent()Line continuations should be avoided in code, but are useful in this case!Aug 25, 2021Aug 25, 2021