| |
| 🔗 Stories, Tutorials & Articles |
| |
|
| |
| Beyond IAM access keys: Modern authentication approaches for AWS |
| |
| |
AWS wants long-term IAM access keys gone. In their place: temporary creds via IAM roles, IAM Identity Center, CloudShell, and OIDC integrations.
The push covers everything—CLI tools, local dev, compute, CI/CD, even old-school on-prem. The message is clear: rotate automatically, grant minimally, and stop treating static keys like they're safe.
Big picture: Shifting the default to short-lived creds and federated identity is not just a best practice—it’s the new norm. |
|
| |
|
| |
|
| |
| Creating a GitHub App based Azure DevOps Pipelines Service Connection |
| |
| |
Azure DevOps made it easier to link up with GitHub—no more re-installing the Azure Pipelines GitHub App to kick things off.
Teams can spin up a GitHub App–based service connection directly from a dummy pipeline setup. The service connection comes GitHub App–authenticated out of the gate. Super handy during messy multi-org migrations. |
|
| |
|
| |
|
| |
| How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets |
| |
| |
Truffle Security dropped a sharp new open-source tool that digs through GitHub’s public commit history looking for zero-commit force pushes—a tactic devs use to erase mistakes, usually secrets. Problem is, they don’t go quietly.
By tapping into historical GitHub PushEvents via GH Archive, the tool hunts down dangling commits—the ghosts of deleted secrets that still linger. Stuff most scanners miss.
Heads-up: Force-pushing doesn’t scrub secrets anymore. Assume every leaked key is burned. |
|
| |
|
| |
|
| |
| You might not need tmux |
| |
| |
A dev swapped out tmux for a slick combo: Zellij, SSH multiplexing, and systemd socket daemons. No more virtual splits. Just clean session persistence and tight remote control.
This setup brings scrollback back where it belongs—your terminal’s native buffer. It plays nice with extras like the Kitty graphics protocol and offloads window juggling to your actual window manager.
The shift: Multiplexers aren’t dead—but the old models are looking crusty. More devs are ditching all-in-one tools for modular setups powered by Unix-native parts that speak standard protocols. |
|
| |
|
| |
|
| |
| Writing a basic service for GNU Guix |
| |
| |
A developer walks through building a custom GNU Guix system service for kmonad—yes, the keyboard remapper—by wiring up a new service-type that plugs into Shepherd and account-service-type.
To get there, they lift patterns from services like wesnothd, use make-forkexec-constructor to spin up the daemon, and define the right user/group accounts so the whole thing boots cleanly under Guix. |
|
| |
|
| |
|
| |
| GitHub Copilot DevOps Excellence: Prompt Files vs Instructions vs Chat Modes |
| |
| |
GitHub Copilot just leveled up: prompt files, custom instructions, and custom chat modes are live.
Now it's not just tagging along—it’s shaping how you work. Automate code reviews, security scans, or implementation plans. Reuse setups across teams. Control it all from VS Code. |
|
| |
|
| |
|
| |
| Automating infrastructure deployments in the Cloud with Terraform and Azure Pipelines |
| |
| |
This Azure lab wires up Terraform with Azure Pipelines CI/CD to spin up infrastructure and deploy a .NET Core app using IaC. It handles remote state with Azure Storage, automates plan and apply in pipelines, and swaps in config values via token replacement during deploy. |
|
| |
|
| |
|
| |
| Zero Trust and Cloud-Native Windows |
| |
| |
Microsoft’s moving the cheese again—this time steering Windows deep into the cloud. The old on-prem management playbook? Getting dusty.
At the core: Intune, pushing Zero Trust like it means it. Identity-based access, always-on compliance, real-time config—no more trusting the device just because it’s plugged into the right network.
Out of the box, it taps Conditional Access, Windows Autopatch, and Security Copilot to lock things down, update automatically, and chase threats without blinking. The network perimeter? Irrelevant.
The shift: Windows goes cloud-native, identity-first. Built for hybrid work, wired for Zero Trust. |
|
| |
|
| |
|
| |
| Indexed Views in SQL Server: A Production DBA's Complete Guide |
| |
| |
| Indexed views are a powerful yet underutilized feature in SQL Server for optimizing complex query performance, with potential for significant performance gains in read-heavy applications. Automatic query substitution is a game-changer when it comes to leveraging indexed views for performance optimization, offering a competitive edge over other solutions like Oracle's materialized views or PostgreSQL's manual refresh approach. |
|
| |
|
| |
|
| |
| When Process Becomes Latency: Optimizing Incident Response Cadence |
| |
| |
| In incident response, adaptability is key. Instead of endless playbooks, focus on flexible frameworks for faster, more effective responses. Brandon Chalk, 16-year Google SRE, shares insights on balancing structure and speed when every second counts. |
|
| |
|
| |
|
| |
| GitOps Done Right: 10 Best Practices That Make It Work |
| |
| |
GitOps ditches hand-rolled deployment scripts for a cleaner, declarative model. Git becomes the truth. Agents like Argo CD or Flux CD watch for changes and sync your clusters on their own.
It’s not just about pushing YAML. Good GitOps setups lean on Kustomize for modular config, wire in automated image updates, and roll out changes safely with Argo Rollouts. Want guardrails? Add OPA or Kyverno to enforce policy.
Big picture: GitOps flips CI/CD on its head. GitOps trades step-by-step deployments for event-driven automation, all versioned like proper infrastructure should be. |
|
| |
|
| |
|
| |
| Driving Content Delivery Efficiency Through Classifying Cache Misses ✅ |
| |
| |
| Netflix’s Open Connect program rewires the streaming game. Enter Open Connect Appliances (OCAs): these local units demolish latency, curb cache misses, and pump up streaming power. How? By magnetizing servers with network proximity wizardry. Meanwhile, Kafka rolls up its sleeves, juggling low-latency logs like a pro. Real-time miss metrics? Covered. A slick ballet of data that refines content delivery and spruces up user experiences worldwide. |
|
| |
|
| |
|
| |
| AWS CLI Cheatsheet ✅ |
| |
| |
The AWS CLI lets developers skip the console and drive AWS straight from the terminal. It’s scriptable, cross-region, and built for automation. Run a command, get back JSON. Pipe it into jq, slice what you need, done.
Tab-completion and in-line help make it faster to poke around and stitch together workflows—without leaving the keyboard. |
|
| |
|
| |
👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community. |
