sjramblings.io

sjramblings.ioCloud engineering, infrastructure as code, and agentic AI insights by Stephen Joneshttps://sjramblings.io/en-auAWS Config Just Added 30 Resource Types. The Bedrock AgentCore Ones Matter Most.https://sjramblings.io/aws-config-30-new-resource-types-bedrock-agentcore/https://sjramblings.io/aws-config-30-new-resource-types-bedrock-agentcore/AWS Config now tracks Bedrock AgentCore Gateways, Memory, and 28 other resource types. What this means for AI agent governance, Cognito audit trails, and compliance at scale.Tue, 03 Mar 2026 00:00:00 GMTAgent Plugins Are the Future — But You Might Be Giving Away Your Best Engineeringhttps://sjramblings.io/agent-plugins-marketplace-intelligence/https://sjramblings.io/agent-plugins-marketplace-intelligence/Sat, 28 Feb 2026 00:00:00 GMTPageIndex Deep Dive: The Good, The Bad, and The Ugly of Vectorless RAGhttps://sjramblings.io/pageindex-deep-dive-vectorless-rag/https://sjramblings.io/pageindex-deep-dive-vectorless-rag/What if everything we know about RAG is built on a flawed assumption? A deep dive into PageIndex's tree-based reasoning approach to document retrieval — no vectors, no chunking, no embedding databases.Sat, 28 Feb 2026 00:00:00 GMTYour AWS Certificates Just Got Shorter: What the 198-Day Validity Change Actually Meanshttps://sjramblings.io/aws-acm-certificate-validity-shorter-lifetimes/https://sjramblings.io/aws-acm-certificate-validity-shorter-lifetimes/Fri, 20 Feb 2026 00:00:00 GMTIs Infrastructure as Code the Next Abstraction to Fall?https://sjramblings.io/is-infrastructure-as-code-the-next-abstraction-to-fall/https://sjramblings.io/is-infrastructure-as-code-the-next-abstraction-to-fall/Tue, 17 Feb 2026 00:00:00 GMTOpen-Weight Models Just Landed in Sydney: What This Means for Australian AI Sovereigntyhttps://sjramblings.io/aws-bedrock-open-weight-models-sydney-australian-sovereignty/https://sjramblings.io/aws-bedrock-open-weight-models-sydney-australian-sovereignty/Mon, 16 Feb 2026 00:00:00 GMTAWS Finally Launches Nested Virtualisation on EC2: Better Late Than Neverhttps://sjramblings.io/aws-ec2-nested-virtualization-finally/https://sjramblings.io/aws-ec2-nested-virtualization-finally/Mon, 16 Feb 2026 00:00:00 GMTBuilding Your Own AI Agent Stack. What I Learned From 10 Open Source Projectshttps://sjramblings.io/building-your-own-ai-agent-stack/https://sjramblings.io/building-your-own-ai-agent-stack/Mon, 16 Feb 2026 00:00:00 GMTBuild vs. Buy Just Flipped. Most Teams Haven't Noticed Yet.https://sjramblings.io/build-vs-buy-just-flipped/https://sjramblings.io/build-vs-buy-just-flipped/Wed, 11 Feb 2026 00:00:00 GMTYour Inference Bill Is Going Up. Even as Costs Go Down.https://sjramblings.io/inference-tax-nobody-budgeted-for/https://sjramblings.io/inference-tax-nobody-budgeted-for/Wed, 11 Feb 2026 00:00:00 GMTThe Real Skill Isn't Coding Anymore. It's Describing What You Want.https://sjramblings.io/get-shit-done-describing-what-you-want/https://sjramblings.io/get-shit-done-describing-what-you-want/Tue, 10 Feb 2026 00:00:00 GMTAWS STS Finally Lets You Write Trust Policies That Actually Mean Somethinghttps://sjramblings.io/aws-sts-identity-provider-claims-validation/https://sjramblings.io/aws-sts-identity-provider-claims-validation/Mon, 09 Feb 2026 00:00:00 GMTThe Friction Was the Pointhttps://sjramblings.io/the-friction-was-the-point/https://sjramblings.io/the-friction-was-the-point/Mon, 09 Feb 2026 00:00:00 GMTChronos Forecasting – LinkedIn Posthttps://sjramblings.io/chronos-forecasting-linkedin-post/https://sjramblings.io/chronos-forecasting-linkedin-post/Chronos forecasting from Amazon Science offers an end-to-end approach that brings consistency, speed, and reliability to multi-horizon forecasts.Tue, 27 Jan 2026 00:00:00 GMTMarketing skills for AI agents: Why builders should carehttps://sjramblings.io/marketing-skills-for-ai-agentswhy-builders-should-care/https://sjramblings.io/marketing-skills-for-ai-agentswhy-builders-should-care/If you are building with AI agents, you should also equip them with marketing skills. Not marketing in the cringe sense — marketing in the engineering sense.Tue, 27 Jan 2026 00:00:00 GMTFrom Network Plumbing to Application Intent: What AWS Networking Reveals About Infrastructure's New Rolehttps://sjramblings.io/network-application-centric-architecture/https://sjramblings.io/network-application-centric-architecture/Network infrastructure is no longer invisible plumbing. It's becoming intent-driven and application-aware. What this means for your architecture strategy.Sun, 14 Dec 2025 00:00:00 GMTThe AI Agent Governance Gap: Why Policy and Evaluations Matter More Than the Modelhttps://sjramblings.io/bedrock-agentcore-policy-evaluations/https://sjramblings.io/bedrock-agentcore-policy-evaluations/AWS adds policy controls and quality evaluations to AgentCore. Finally, the operational discipline AI agents needed all along.Sat, 13 Dec 2025 00:00:00 GMTBeyond Vibe Coding: The Renaissance Developer Framework for Infrastructure Leadershttps://sjramblings.io/renaissance-developer-framework/https://sjramblings.io/renaissance-developer-framework/Werner Vogels' final keynote reveals the five qualities driving the next era of software engineering. Why this matters for your infrastructure strategy.Thu, 11 Dec 2025 00:00:00 GMTFinally! AWS Transit Gateway Gets Flexible Cost Allocationhttps://sjramblings.io/aws-transit-gateway-flexible-cost-allocation/https://sjramblings.io/aws-transit-gateway-flexible-cost-allocation/AWS just launched flexible cost allocation for Transit Gateway, solving one of the biggest pain points in multi-account networking. Learn how to implement metering policies to properly allocate costs across your organization.Tue, 25 Nov 2025 00:00:00 GMTUnderstanding LLM Prompt Injection: The Security Risk You Can't Ignorehttps://sjramblings.io/understanding-llm-prompt-injection/https://sjramblings.io/understanding-llm-prompt-injection/Explore LLM prompt injection vulnerabilities, from direct and indirect attacks to multimodal exploits. Learn practical mitigation strategies to secure your AI applications.Thu, 06 Nov 2025 00:00:00 GMTI Used Amazon Q CLI to Build a Feature for Amazon Q CLI (And It Was Mind-Bending)https://sjramblings.io/used-amazon-q-cli-build-feature-amazon-q-cli-mind-bending/https://sjramblings.io/used-amazon-q-cli-build-feature-amazon-q-cli-mind-bending/Ever wondered what it's like to use an AI tool to improve itself? I just spent 2 hours using Amazon Q CLI to build a new feature for Amazon Q CLI, and the...Thu, 11 Sep 2025 00:00:00 GMTClaude Code Multi-Agent Orchestration: How AI Agent Teams Work Togetherhttps://sjramblings.io/multi-agent-orchestration-claude-code-when-ai-teams-beat-solo-acts/https://sjramblings.io/multi-agent-orchestration-claude-code-when-ai-teams-beat-solo-acts/Learn Claude Code multi-agent orchestration patterns. How to coordinate AI agent teams with architect, builder, validator, and scribe roles for complex software projects.Mon, 08 Sep 2025 00:00:00 GMTAWS ap-southeast-6 (New Zealand Region): Services, Pricing & Migration Guidehttps://sjramblings.io/aws-lands-in-new-zealand-what-the-ap-southeast-6-region-means-for-kiwi-cloud-builders/https://sjramblings.io/aws-lands-in-new-zealand-what-the-ap-southeast-6-region-means-for-kiwi-cloud-builders/Everything about the AWS New Zealand region (ap-southeast-6). Day-one services, pricing reality check, migration framework, and practical next steps for Kiwi cloud builders.Sat, 06 Sep 2025 00:00:00 GMTAWS VPC Route Server: The Game-Changer for Dynamic Routing You've Been Waiting Forhttps://sjramblings.io/aws-vpc-route-server-the-game-changer-for-dynamic-routing-youve-been-waiting-for/https://sjramblings.io/aws-vpc-route-server-the-game-changer-for-dynamic-routing-youve-been-waiting-for/AWS just dropped a networking feature that's going to change how we think about VPC routing forever. VPC Route Server brings dynamic routing capabilities...Sat, 06 Sep 2025 00:00:00 GMTBuilding AI-Powered Life Management Systems: The AWS Infrastructure Approachhttps://sjramblings.io/building-ai-powered-life-management-systems-aws-infrastructure-approach/https://sjramblings.io/building-ai-powered-life-management-systems-aws-infrastructure-approach/Daniel Miessler just dropped a fascinating deep-dive into building what he calls a "Personal AI Infrastructure" (PAI) - essentially an AI-powered life...Sat, 06 Sep 2025 00:00:00 GMTPersonal AI Infrastructure (PAI): How to Build Your Own AI Systemhttps://sjramblings.io/building-personal-ai-infrastructure-beyond-tools-systems/https://sjramblings.io/building-personal-ai-infrastructure-beyond-tools-systems/Learn how to build your own Personal AI Infrastructure (PAI). A practical guide to creating AI systems that amplify human capabilities — architecture patterns, Claude Code integration, and real implementation.Sat, 06 Sep 2025 00:00:00 GMTAWS Bedrock AgentCore Starter Toolkit: Deploy AI Agents in 3 Commandshttps://sjramblings.io/the-bedrock-agentcore-toolkit-a-new-easy-button-for-ai-agents/https://sjramblings.io/the-bedrock-agentcore-toolkit-a-new-easy-button-for-ai-agents/Get started with the AWS Bedrock AgentCore Starter Toolkit. Deploy AI agents to AgentCore in 3 commands — configure, launch, test. Includes SAM CLI comparison and step-by-step walkthrough.Mon, 21 Jul 2025 00:00:00 GMT🕹️ AWS-Powered Tetris: Building a Retro Game with Amazon Q and Amplifyhttps://sjramblings.io/aws-powered-tetris-building-a-retro-game-with-amazon-q-and-amplify/https://sjramblings.io/aws-powered-tetris-building-a-retro-game-with-amazon-q-and-amplify/There's something magical about the games we grew up with. The simple mechanics, the blocky graphics, and the maddeningly catchy music are etched into our...Sun, 15 Jun 2025 00:00:00 GMTCost-Effective Workflow Automation: Deploying n8n on Amazon Lightsailhttps://sjramblings.io/cost-effective-workflow-automation-deploying-n8n-on-amazon-lightsail/https://sjramblings.io/cost-effective-workflow-automation-deploying-n8n-on-amazon-lightsail/Recently I've been trying out n8n as a workflow automation tool and I'm really enjoying the flexibility it offers. Of course, being an AWS Community Builder I...Tue, 10 Jun 2025 00:00:00 GMTUnlocking Cloud Savings: Your Guide to fsx and s3 Intelligent-Tiering with Python Magic! 🚀https://sjramblings.io/unlocking-cloud-savings-your-guide-to-fsx-and-s3-intelligent-tiering-with-python-magic/https://sjramblings.io/unlocking-cloud-savings-your-guide-to-fsx-and-s3-intelligent-tiering-with-python-magic/Learn how to estimate fsx storage costs with s3 Intelligent-Tiering using Python and CloudWatch metrics. Bridge the gap between your fsx file system and potential cloud storage savings with data-driven insights and the AWS Pricing Calculator.Wed, 05 Mar 2025 00:00:00 GMTStreamline Your Cloud Compliance: Mastering Time-Based AMI Copies with AWShttps://sjramblings.io/streamline-your-cloud-compliance-mastering-time-based-ami-copies-with-aws/https://sjramblings.io/streamline-your-cloud-compliance-mastering-time-based-ami-copies-with-aws/Hey there, Tech Friends! 👋Tue, 04 Mar 2025 00:00:00 GMTHashiCorp Vault Auto Unseal Guide: AWS KMS, Transit & Configurationhttps://sjramblings.io/streamline-vault-operations-a-guide-to-mastering-auto-unseal/https://sjramblings.io/streamline-vault-operations-a-guide-to-mastering-auto-unseal/Complete guide to HashiCorp Vault auto unseal. Compare AWS KMS vs Transit secret engine methods with step-by-step configuration examples for production environments.Sun, 02 Mar 2025 00:00:00 GMTUnleash the Power of EBSight for Optimal AWS Storage Management 🚀https://sjramblings.io/unleash-the-power-of-ebsight-for-optimal-aws-storage-management/https://sjramblings.io/unleash-the-power-of-ebsight-for-optimal-aws-storage-management/Hey there, tech aficionados! 👋Mon, 17 Feb 2025 00:00:00 GMTMastering AWS Security: Why You Should Avoid Using the Root User for Everyday Taskshttps://sjramblings.io/mastering-aws-security-why-you-should-avoid-using-the-root-user-for-everyday-tasks/https://sjramblings.io/mastering-aws-security-why-you-should-avoid-using-the-root-user-for-everyday-tasks/Hey there, tech enthusiasts! Ever felt that little thrill of power when you get root access on a system? It's like holding the keys to the kingdom, right?Sun, 16 Feb 2025 00:00:00 GMTA Reminder of the Power of AWS Confighttps://sjramblings.io/a-reminder-of-the-power-of-aws-config/https://sjramblings.io/a-reminder-of-the-power-of-aws-config/Discover how AWS Config Aggregators unlock powerful insights across your entire AWS Organisation. Learn to audit security groups at scale using advanced queries instead of manual CLI commands on every account.Wed, 13 Nov 2024 00:00:00 GMTStreamline Your Azure DevOps Pipelines: Harnessing Variables and makefile Magichttps://sjramblings.io/streamline-your-azure-devops-pipelines-harnessing-variables-and-makefile-magic/https://sjramblings.io/streamline-your-azure-devops-pipelines-harnessing-variables-and-makefile-magic/👋 Hey there!Sun, 03 Nov 2024 00:00:00 GMTHashiCorp Vault Production Hardening Guide: Security Best Practices (2026)https://sjramblings.io/secure-your-secrets-best-practices-for-hardening-hashicorp-vault-in-production/https://sjramblings.io/secure-your-secrets-best-practices-for-hardening-hashicorp-vault-in-production/The definitive HashiCorp Vault production hardening guide. Covers TLS, mTLS, audit logging, firewall rules, single-tenancy, and operational security best practices for enterprise deployments.Fri, 01 Nov 2024 00:00:00 GMTHashiCorp Vault Secrets Management: Best Practices, Rotation & Dynamic Secretshttps://sjramblings.io/hashicorp-vault-the-key-to-secrets-management/https://sjramblings.io/hashicorp-vault-the-key-to-secrets-management/Complete guide to HashiCorp Vault secrets management best practices. Covers secret engines, dynamic secrets, secret rotation policies, and production configuration with real examples.Wed, 23 Oct 2024 00:00:00 GMTEnsuring Seamless Connectivity - The Crucial Role of Failover testing in AWS Direct Connecthttps://sjramblings.io/aws-direct-connect-failover-testing-importanc/https://sjramblings.io/aws-direct-connect-failover-testing-importanc/👋 Hey there!Tue, 21 May 2024 00:00:00 GMTgithub Self-Hosted Runners on AWS CodeBuildhttps://sjramblings.io/github-self-hosted-runners-on-aws-codebuild/https://sjramblings.io/github-self-hosted-runners-on-aws-codebuild/👋 Hey there!Fri, 12 Apr 2024 00:00:00 GMTCreating shared github-actionshttps://sjramblings.io/creating-shared-github-actions/https://sjramblings.io/creating-shared-github-actions/* Workflow Before * Workflow After * The Workflow * Creating a shared (reusable) workflow + Workflow Repository + Adapt the workflow for reuse * Calling the...Mon, 12 Feb 2024 00:00:00 GMTDo Not Default to PAThttps://sjramblings.io/do-not-default-to-pat/https://sjramblings.io/do-not-default-to-pat/👋 Hey there!Tue, 23 Jan 2024 00:00:00 GMTSearching github Organisationshttps://sjramblings.io/searching-github-organisations/https://sjramblings.io/searching-github-organisations/👋 Hey there!Thu, 07 Dec 2023 00:00:00 GMTAWS Windows SSM Port Forwarding, too easyhttps://sjramblings.io/windows-ssm-port-forwarding-too-eas/https://sjramblings.io/windows-ssm-port-forwarding-too-eas/👋 Hey there!Mon, 20 Nov 2023 00:00:00 GMTSupercharge Your AWS CloudWatch Metrics with Lambda Powertoolshttps://sjramblings.io/supercharge-your-aws-cloudwatch-metrics-with-lambda-powertools/https://sjramblings.io/supercharge-your-aws-cloudwatch-metrics-with-lambda-powertools/In this post, I'll show you how easy it is to publish custom metrics into AWS CloudWatch using AWS Lambda Powertools and the Cloudwatch EMU SpecificationMon, 07 Aug 2023 00:00:00 GMTHow to sync containers from github Container Registry to AWS ECShttps://sjramblings.io/how-to-sync-containers-from-ghcr-to-aws-ecs/https://sjramblings.io/how-to-sync-containers-from-ghcr-to-aws-ecs/Back in June last year I wrote about syncing containers from DockerHub to AWS ECS.Tue, 25 Jul 2023 00:00:00 GMTgithub-actions in CodeBuildhttps://sjramblings.io/github-actions-in-codebuild/https://sjramblings.io/github-actions-in-codebuild/This month AWS released support for github-actions in CodeBuild.Fri, 14 Jul 2023 00:00:00 GMTGetting Started with Steampipe on Azurehttps://sjramblings.io/getting_started_with_steampipe_on_azure/https://sjramblings.io/getting_started_with_steampipe_on_azure/It's been a while since I gave Steampipe a run, and wow, has it had some excellent updates!Fri, 28 Apr 2023 00:00:00 GMTRoute 53 Resolver Magichttps://sjramblings.io/route53_resolver_magic/https://sjramblings.io/route53_resolver_magic/This post covers some core concepts of Route 53 Resolvers and how they can help establish inbound and outbound name resoltion with your on-premise and AWS...Wed, 12 Apr 2023 00:00:00 GMTUnlock the Hidden Power of VPC Sharing in AWShttps://sjramblings.io/unlock-the-hidden-power-of-vpc-sharing-in-aws/https://sjramblings.io/unlock-the-hidden-power-of-vpc-sharing-in-aws/As rightly stated here by Aidan Steele (AWS Hero), VPC Sharing appears to be the forgotten superpower.Wed, 12 Apr 2023 00:00:00 GMTAWS GP3 Volumeshttps://sjramblings.io/aws-gp3-volumes/https://sjramblings.io/aws-gp3-volumes/AWS made the following announcement at Reinvent2020Mon, 13 Mar 2023 00:00:00 GMTCloudformation FirewallPolicy UPDATE_FAILEDhttps://sjramblings.io/cloudformation-firewallpolicy-update_failed/https://sjramblings.io/cloudformation-firewallpolicy-update_failed/While I have a fond love for Cloudformation, sometimes I find myself banging my head against a wall when trying to get past an error.Mon, 13 Mar 2023 00:00:00 GMTAWS Managed Prefix Listshttps://sjramblings.io/aws_managed_prefixes/https://sjramblings.io/aws_managed_prefixes/Some time ago AWS released a new feature called Customer Managed Prefix Lists.Mon, 13 Mar 2023 00:00:00 GMTBuild a Terraform Community Org on github Enterprisehttps://sjramblings.io/build_a_terraform_community_org_on_github_enterprise/https://sjramblings.io/build_a_terraform_community_org_on_github_enterprise/Infrastructure as Code (IAC) is great, people can knock up some Terraform and smash out some stacks in next to no time, delivering value to the business...Mon, 13 Mar 2023 00:00:00 GMTConfig Conundrumhttps://sjramblings.io/config_conundrum/https://sjramblings.io/config_conundrum/At our organisation we use custom config rules to help us achieve near real-time compliance and remediation.Mon, 13 Mar 2023 00:00:00 GMTBootstrap Terraform on AWShttps://sjramblings.io/bootstrap_terraform_on_aws/https://sjramblings.io/bootstrap_terraform_on_aws/Terraform is a great product for managing infrastructure on AWS however many people start by creating an iam user and sharing access keys into configuration...Mon, 13 Mar 2023 00:00:00 GMTAWS Config Rules Blessed with Cloudformation cfn-guard Support!https://sjramblings.io/aws-config-rules-blessed-with-cloudformation-cfn-guard-support/https://sjramblings.io/aws-config-rules-blessed-with-cloudformation-cfn-guard-support/They said it was coming, and here it is! Support for defining custom cfn-guard rules for AWS Config via Cloudformation.Mon, 13 Mar 2023 00:00:00 GMTUp and running with AWS Network Firewall - Part 1https://sjramblings.io/getting-started-with-aws-network-firewall/https://sjramblings.io/getting-started-with-aws-network-firewall/This post is the first in a series to share my learnings as I get to grips with AWS Network Firewall.Mon, 13 Mar 2023 00:00:00 GMTGetting Started with AWS CloudFormation Guard (cfn-guard): Policy-as-Code Guidehttps://sjramblings.io/getting-started-with-cfn-guard/https://sjramblings.io/getting-started-with-cfn-guard/Learn AWS CloudFormation Guard (cfn-guard) for policy-as-code validation. Parse AWS Config resources, write Guard rules, and enforce compliance without Lambda functions.Mon, 13 Mar 2023 00:00:00 GMTgithub-actions AWS Authentication with OIDC for github Enterprisehttps://sjramblings.io/github-actions-aws-authentication-with-oidc-for-github-enterprise/https://sjramblings.io/github-actions-aws-authentication-with-oidc-for-github-enterprise/There are many blog posts about how to use github-actions OIDC with AWS; however, they all refer to using Github.com and don't provide some easy steps if you...Mon, 13 Mar 2023 00:00:00 GMTgithub-actions - How did I not see thathttps://sjramblings.io/github-actions-how-did-i-not-see-that/https://sjramblings.io/github-actions-how-did-i-not-see-that/This post is about a mistake I made that wasted a fair bit of time on my side until the folks over in Support set me straight :)Mon, 13 Mar 2023 00:00:00 GMTFix "Resource Not Accessible by Integration" in GitHub Actions (2026 Guide)https://sjramblings.io/github-actions-resource-not-accessible-by-integration/https://sjramblings.io/github-actions-resource-not-accessible-by-integration/Getting "Resource not accessible by integration" in GitHub Actions? Fix HTTP 403, GraphQL createPullRequest, and GITHUB_TOKEN permission errors. Step-by-step with real examples.Mon, 13 Mar 2023 00:00:00 GMTGithub Runner ECS Authenticationhttps://sjramblings.io/github-runner-ecs-authentication/https://sjramblings.io/github-runner-ecs-authentication/Using this fantastic open-source project, we have enabled github-actions using ephemeral self-managed runners on AWS SPOT.Mon, 13 Mar 2023 00:00:00 GMTHashiCorp packer amazon-linux cracklib gotchahttps://sjramblings.io/hashicorp-packer-gotcha/https://sjramblings.io/hashicorp-packer-gotcha/While setting up packer for the first time in ages I found a little cracklib quirk when using amazon linux while following the instructions from the website.Mon, 13 Mar 2023 00:00:00 GMTHow to simplify your CI/CD with Makefileshttps://sjramblings.io/how-to-simplify-your-ci-cd-with-makefiles/https://sjramblings.io/how-to-simplify-your-ci-cd-with-makefiles/*Make is a build automation tool that automatically builds executable programs and libraries from source code by reading files called Makefiles which specify...Mon, 13 Mar 2023 00:00:00 GMTHow to sync containers to AWS ECS the easy wayhttps://sjramblings.io/how-to-sync-containers-to-aws-ecs-the-easy-way/https://sjramblings.io/how-to-sync-containers-to-aws-ecs-the-easy-way/Back in November 2021 AWS announced that you can cache containers from DockerHub through to ECS.Mon, 13 Mar 2023 00:00:00 GMTHow to use cfn-guard with AWS Confighttps://sjramblings.io/how-to-use-cfn-guard-with-aws-config/https://sjramblings.io/how-to-use-cfn-guard-with-aws-config/I'm not sure when but AWS Config now supports using Guard rules to determine the compliance of resources. This is a pretty neat integration and one of the...Mon, 13 Mar 2023 00:00:00 GMTProwler on AWShttps://sjramblings.io/prowler_on_aws/https://sjramblings.io/prowler_on_aws/Prowler is an awesome open source tool for auditing AWS settings within an account or many accounts across an organisation.Mon, 13 Mar 2023 00:00:00 GMTSecurity Hub now supports Custom AWS Config Ruleshttps://sjramblings.io/security-hub-now-supports-custom-aws-config-rules/https://sjramblings.io/security-hub-now-supports-custom-aws-config-rules/AWS recently announced an integration that I'm a little excited about!Mon, 13 Mar 2023 00:00:00 GMTSemgrep Rules for AWS & Azure: Enforce Code Standards with Custom Ruleshttps://sjramblings.io/semgrep/https://sjramblings.io/semgrep/Build custom Semgrep rules for AWS and Azure infrastructure code. Enforce Terraform module pinning, variable descriptions, and security standards across your engineering team.Mon, 13 Mar 2023 00:00:00 GMTTerraform, github-actions & OIDC on AWShttps://sjramblings.io/terraform-github-actions/https://sjramblings.io/terraform-github-actions/I've posted here how to configure the OIDC AWS Provider & github Enterprise integration; however, nothing is better than an example of it working, and this...Mon, 13 Mar 2023 00:00:00 GMTUp and running with AWS Network Firewall - Part 2https://sjramblings.io/up-and-running-with-aws-network-firewall-part-2/https://sjramblings.io/up-and-running-with-aws-network-firewall-part-2/The second post in my series as I share my learnings with AWS Network Firewall.Mon, 13 Mar 2023 00:00:00 GMTWhen Forking is not an option for your public git reposhttps://sjramblings.io/when-forking-is-not-an-option-for-your-public-git-repos/https://sjramblings.io/when-forking-is-not-an-option-for-your-public-git-repos/I'm curious if this is an everyday use case, but I need to sync a public repo to our internal github Enterprise instance.Mon, 13 Mar 2023 00:00:00 GMTWhen Enterprise IT systems migrate to AWShttps://sjramblings.io/when-legacy-cots-meets-cloud/https://sjramblings.io/when-legacy-cots-meets-cloud/So we've all seen the marketing slides....Mon, 13 Mar 2023 00:00:00 GMTUp and running with AWS Network Firewall - Part 3https://sjramblings.io/up-and-running-with-aws-network-firewall-part-3/https://sjramblings.io/up-and-running-with-aws-network-firewall-part-3/The third post in my series as I share my learnings with AWS Network Firewall.Mon, 13 Mar 2023 00:00:00 GMTPossibly the Greatest Log Insights CloudTrail Query Ever!https://sjramblings.io/the-greatest-log-insights-cloudtrail-query-ever/https://sjramblings.io/the-greatest-log-insights-cloudtrail-query-ever/AWS CloudTrail has a wealth of information that often gets forgotten and unchecked.Fri, 10 Mar 2023 00:00:00 GMTThe Power of Self-Hosted github-actionshttps://sjramblings.io/the-power-of-self-hosted-github-actions/https://sjramblings.io/the-power-of-self-hosted-github-actions/github-actions is a CI/CD (Continuous Integration/Continuous Deployment) platform integrated into github, allowing users to automate software development...Fri, 10 Mar 2023 00:00:00 GMTIntegrating github with AWS EventBridgehttps://sjramblings.io/integrating-github-with-aws-eventbridge/https://sjramblings.io/integrating-github-with-aws-eventbridge/Ever since I saw this announcement, I've been dying to get a chance to set it up and play with it. That time is now!Fri, 10 Mar 2023 00:00:00 GMTUnleashing the power of AWS Athena on Transit Gateway Flow Logshttps://sjramblings.io/unleashing-the-power-of-aws-athena-on-transit-gateway-flow-logs/https://sjramblings.io/unleashing-the-power-of-aws-athena-on-transit-gateway-flow-logs/AWS Transit Gateway Flow Logs provide valuable insights into the traffic flowing through your network. However, analyzing this data can be challenging...Fri, 10 Mar 2023 00:00:00 GMTDude Scale My Runnershttps://sjramblings.io/dude-scale-my-runners/https://sjramblings.io/dude-scale-my-runners/In our github Enterprise Instance, we use the super-linter to keep all our users honest and lint everything.Fri, 10 Mar 2023 00:00:00 GMTProcess github Workflow Events with AWS Stepfunctionshttps://sjramblings.io/process-github-workflow-events-with-aws-stepfunctions/https://sjramblings.io/process-github-workflow-events-with-aws-stepfunctions/This is the next part of integrating github Enterprise Managed User events into the AWS Serverless ecosystem.Thu, 09 Mar 2023 00:00:00 GMTAWS Prefix Lists for the Organizationhttps://sjramblings.io/aws-prefix-list-for-the-organization/https://sjramblings.io/aws-prefix-list-for-the-organization/this is meta descriptionThu, 09 Mar 2023 00:00:00 GMT