× Want to read this newsletter every week?! × 👋  Join FAUN
 
Last week's must-read news and stories from the DevOps communityDevOps Weekly Newsletter, DevOpsLinks, a FAUN Newsletter.
 
🔗 View in your browser.   |  ✍️ Publish on FAUN   |  🦄 Become a sponsor
 
Last week's must-read news and stories from the DevOps community
DevOpsLinks
 
Curated DevOps news, tutorials, tools and more!
 
 
 
 
This week’s drop has it all: Terraform laser-focus, identity crises in engineering, and a 78% cloud cost cut that’s almost too good to be true. Plus—AWS speeds up CI, PyPI gets hit again, and we revisit Kubernetes... the hard way. 🧠⚙️

Accelerating CI with AWS CodeBuild: Parallel testing now live
🐍 Malicious Python Packages on PyPI downloaded 39,000+ times
🧱 Terraform -target: Power tool or tech debt trap?
🧠 The Software Engineering Identity Crisis
🏗️ Kubernetes The Hard Way: Vagrant, Ansible, and Cilium
🛡️ OPKSSH: Single Sign-On for SSH, open sourced by Cloudflare
💸 How dacadoo saved 78% with Kubernetes & serverless
🧪 Asymmetric Experiments @ Meta: Control group madness
☁️ Sequencing Cloud Migration for smarter ROI
📉 Terraform DR strategies without the chaos

📎 Read. Think. Ship.
 
 
⭐ Patrons
 
www.manageengine.com www.manageengine.com
 
Navigating Kubernetes observability: A live webinar by ManageEngine and DevOps Toolkit
 
 
Struggling with Kubernetes visibility? Join ManageEngine and DevOps expert Viktor Farcic in this exclusive webinar to uncover strategies for enhancing performance, eliminating blind spots, and optimizing your Kubernetes environment. Register now !
 
 

👉 Spread the word and help developers find you by promoting your projects on FAUN. Get in touch for more information.

 
ℹ️ News, Updates & Announcements
 
aws.amazon.com aws.amazon.com
 
Accelerating CI with AWS CodeBuild: Parallel test execution now available
 
 

AWS CodeBuild chops test times from 35 minutes to a mere 6. How? It brilliantly deploys a sharding strategy for running tests side by side. Efficiency on steroids.

 
 
thehackernews.com thehackernews.com
 
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
 
 

Cybersecurity researchers found malicious libraries in the Python Package Index repository designed to steal sensitive information and test stolen credit card data, attracting hundreds of downloads before being taken down. One of the packages, disgrasya, contained a carding script targeting WooCommerce stores, while the others attempted to overwrite legitimate commands with malicious code to exfiltrate sensitive data. These packages were part of a broader attack category known as automated transaction abuse.

 
 
www.helpnetsecurity.com www.helpnetsecurity.com
 
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH
 
 

Meet OPKSSH: the eager bouncer for your SSH keys. It kicks out crusty manual keys and rolls out the red carpet for OpenID Connect—ensuring keys self-destruct on schedule. No more long-term lurkers. Available now for the curious on GitHub!

 
 
 
🔗 Stories, Tutorials & Articles
 
build5nines.com build5nines.com
 
Applying Terraform Changes To Specific Resources Using The -target Argument
 
 

Terraform's -target command slices through the noise, nailing tweaks on specific resources like a hawk-eyed laser. It's your secret weapon for speedy Azure Function App updates. But overindulgence? That leads to the creeping chaos of infrastructure drift. So double-check those dependencies and commit to full deployments now and then, lest the tech gods demand their price.

 
 
medium.com medium.com
 
Sequencing Cloud Migration to Reduce Cost: What to Migrate and When
 
 

Ditch pricey commercial software to chop down Total Cost of Ownership during cloud migration. Target migrations when contracts expire for faster ROI victories.

 
 
annievella.com annievella.com
 
The Software Engineering Identity Crisis   ✅
 
 

AI isn't just tinkering with code; it's upending engineering identities. Once builders, we're now orchestrators. Cue the existential crisis as AI churns out 95% of new code in certain Y Combinator startups.

 
 
www.hashicorp.com www.hashicorp.com
 
Disaster recovery strategies with Terraform
 
 

Learn how Terraform can help play a key role in disaster recovery strategies by simplifying and accelerating the provisioning of DR related infrastructure, while simultaneously reducing costs.

 
 
sendbird.com sendbird.com
 
How does Sendbird secure AWS?
 
 

Orca's agentless snapshot scanning? It's the secret sauce that turns Sendbird's AWS security from a headache into a leisurely stroll through cloudland. Shove over clunky processes—onboarding and cloud wrangling just got slick. Swapping IAM users for Okta SSO? Now that's living smart. User management’s never been this elegant. Then there's Teleport, keeping EC2 and K8s access as tight as a snare drum—securing every engineer's workflow while letting them strut their productivity stuff.

 
 
www.hashicorp.com www.hashicorp.com
 
Ace your Terraform Professional exam: 5 tips from certified pros
 
 

The Terraform Pro exam doesn't play—it's all about real-world scenarios. Forget the theory-only approach. Dive into hands-on practice in your own setup. Consider HashiCorp's docs your secret weapon.

 
 
www.zdnet.com www.zdnet.com
 
The best AI for coding in 2025 (and what not to use - including DeepSeek R1)
 
 

ChatGPT Plus aces coding tests. Meanwhile, Microsoft's Copilot and Meta AI trip over their virtual feet. These AIs can patch bugs like pros, but crafting full-fledged apps? Not in their current skill set.

 
 
aws.amazon.com aws.amazon.com
 
From virtual machine to Kubernetes to serverless: How dacadoo saved 78% on cloud costs and automated operations   ✅
 
 

dacadoo chopped costs by a jaw-dropping 78% while pulling off an uptime miracle at 99.999%. The secret sauce? Ditching clunky VMs for Kubernetes then waltzing into a fully serverless future with AWS Lambda, API Gateway, and DynamoDB. This serverless swagger didn't just beef up scalability; it also untangled the ops team from mundane tasks, giving the SRE crew the bandwidth to chase shiny, new ideas.

 
 
developer-friendly.blog developer-friendly.blog
 
Kubernetes The Hard Way   ✅
 
 

Vagrant and VirtualBox join forces to build an on-premise Kubernetes cluster, with Ansible cracking the whip on configuration, and Cilium handling network duties without touching the cloud. Say goodbye to kube-proxy—we’re Cilium all the way. This project gets gritty, peeling back Kubernetes' layers like an onion. Want to issue certificates by hand and maneuver through private networks to save on cloud bills? Welcome to the jungle.

 
 
www.haproxy.com www.haproxy.com
 
Load Balancing VMware Horizon's UDP & TCP Traffic with HAProxy
 
 

HAProxy flexes its consistent hashing muscle, cracking the Omnissa Horizon protocol puzzle with finesse. It syncs TCP and UDP minus the drama. Stateful mechanisms? Who needs them. Complexity? Gone. It amps up reliability and makes load balancing look like a Sunday stroll.

 
 
www.token.security www.token.security
 
IaC Ownership - Tag-based approach
 
 

IaC goes wild once you try tracking NHIs' owners. In Terraform, you might log each file's role, but tag inheritance throws a wrench into scaling it up.

 
 
 
💬 Discussions, Q&A & Forums
 
reddit.com reddit.com
 
Recruiter accidently emailed me her secret internal selection guidelines 👀
 
 
 
 
reddit.com reddit.com
 
Am I the Only DevOps who doesn't know how to program?
 
 
Seeking advice on how to improve programming skills as a DevOps professional.
 
 
 
⚙️ Tools, Apps & Software
 
github.com github.com
 
okigan/awscurl
 
 

curl-like access to AWS resources with AWS Signature Version 4 request signing.

 
 
github.com github.com
 
liam-hq/liam
 
 

Automatically generates beautiful and easy-to-read ER diagrams from your database.

 
 
github.com github.com
 
fleetdm/fleet
 
 

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

 
 
github.com github.com
 
medialab/xan
 
 

The CSV magician

 
 
github.com github.com
 
azurekid/blackcat
 
 

BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potential security holes.

 
 

👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.

 
🤔 Did you know?
 
 
Did you know that Netflix uses a custom-built tool called Spinnaker for continuous delivery? Originally developed in-house and later open-sourced, Spinnaker helps Netflix deploy code thousands of times per day across its global infrastructure. It supports multi-cloud environments, enabling seamless rollouts on AWS, Google Cloud, and more. One of its key features is automated canary analysis, which deploys new code to a small subset of users and monitors for issues before a full rollout—helping Netflix ship faster while keeping their 200+ million users streaming smoothly.
 
 
😂 Meme of the week
 
 
 
 
🗣️ Quote of the week
 
 
“If you can’t describe what you are doing as a process, then you don’t know what you are doing.” ― Clayton M. Christensen, Competing Against Luck: The Story of Innovation and Customer Choice
 
 
❤️ Thanks for reading
 
 
👉 Never miss an issue
Join FAUN Developer Community and subscribe to our newsletter here.

👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📰Reddit
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could share it with your friends! You can also donate to help us keep this newsletter going.

ℹ️ Have a question or feedback?
Feel free to reach out to us at community@faun.dev. We'd love to hear from you!

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.