- 2025-12-023 minWhy Connect RPC is a great choice for building APIs
Connect RPC is a suite of libraries which enable you to build HTTP based APIs which are gRPC compatible. It provides a bridge between gRPC and HTTP/1.1, letting you leverage HTTP/2’s multiplexing and performance …
#008 - 2025-11-164 minWhy OIDC?
Over the last few years there has been a push away from using machine identity for continuous integration (CI) agents, or runners, and instead use a more targeted, least privileged approach to authentication and …
#007 - 2023-12-168 minGetting started with AI for developers
As a software developer, I have seen a lot of changes over the years, however few have been as drastic as the rise of artificial intelligence. There are a growing list of tools and services using this technology to help …
#006 - 2023-11-123 minAvoid accidental exposure of authenticated Amazon API Gateway resources
I have been working with Amazon API Gateway for a while and one thing I noticed is there are a few options for authentication, which can be confusing to developers, and lead to security issues. This post will cover one …
#005 - 2023-07-174 minStop using IAM User Credentials with Terraform Cloud
I recently started using Terraform Cloud but discovered that the getting started tutorial which describes how to integrate it with Amazon Web Services (AWS) suggested using IAM user credentials . This is not ideal as …
#004 - 2023-02-196 minAutomated Cloud Security Remediation
Recently I have been looking into automated security remediation to understand its impacts, positive and negative. As I am a user of AWS, as well other cloud services, I was particularly interested in how it helped …
#003 - 2021-04-264 minGitHub Actions supply chain attacks
There has been a lot of press about supply chain attacks recently, these type of attacks are nothing new and understanding them is really important for developers using services such as GitHub Actions , given Continuos …
#002 - 2020-10-086 minWhy isn't my s3 bucket secure?
We have all read horror stories of Amazon Simple Storage Service (S3) buckets being “hacked” in the popular media, and we have seen lots of work by Amazon Web Services (AWS) to tighten up controls and messaging around …
#001