Ben KehoeThe Meaning(lessness) of Serverless“Serverless” as a term is close to meaningless, and it’s not useful to argue about the definition. So how should we talk about it today?3 min read·Mar 14, 2023--2--2
Ben KehoeThe “End of Programming” will look a lot like programmingNobody wants “temperamental and mysterious” products, so what will AI-integrated software development look like?4 min read·Jan 2, 2023--4--4
Ben KehoeAWS IAM Permissions Boundaries Are Incomplete Without PropagationPermissions boundaries are mostly unusable for organizations where developers need to create IAM principals as part of their normal process4 min read·Oct 29, 2021--4--4
Ben KehoeCross-account role trust policies should trust AWS accounts, not roles, part 2Further details on privilege escalation for cross-account role assumption5 min read·Oct 22, 2021--1--1
Ben KehoeCross-account role trust policies should trust AWS accounts, not rolesYour role’s trust policy should be representative of the security boundary and not give a false sense of security.5 min read·Oct 13, 2021--1--1
Ben KehoeNever put AWS temporary credentials in env vars or credentials files — there’s a better wayPlease, I’m begging you — learn about how the AWS CLI and SDK retrieve and refresh credentials. There are such good options!13 min read·Oct 6, 2021--11--11
Ben KehoeAWS IAM Permission Boundaries Has A Caveat That May Surprise YouResource policies can unilaterally grant access, even if it isn’t within the permissions boundary5 min read·Sep 29, 2021----
Ben KehoeI Trust AWS IAM to Secure My Applications. I Don’t Trust the IAM Docs to Tell Me How.We need better AWS IAM documentation so that we can confidently and successfully use the extensive power of IAM to gain the security we…5 min read·Sep 22, 2021----
Ben KehoePrincipals in AWS IAMThis article explains the basics of AWS authentication: the way you gain an identity that you can use to access AWS services5 min read·Sep 8, 2021--3--3
Ben KehoePython multi-line string literals with textwrap.dedent()Line continuations should be avoided in code, but are useful in this case!2 min read·Aug 25, 2021----