2 min read
Here's the recording from our DevOps “Office Hours” session on 2022-03-09.
We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.
These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.
Register here: cloudposse.com/office-hours
Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.
[00:00:00] Intro
[00:01:20] AWS & Google WAF bypassed via oversized POST requests
https://portswigger.net/daily-swig/google-waf-bypassed-via-oversized-post-requests
[00:02:18] Amazon Web Services blocks new sign-ups from Russia and Belarus
https://www.nytimes.com/2022/03/08/technology/amazon-web-services-russia.html
[00:02:58] GitLab Critical Security Release: 14.8.2, 14.7.4, and 14.6.5
https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/#unauthenticated-user-enumeration-on-graphql-api
[00:03:26] Sharing GitHub Actions within your enterprise is now GA – GitHub Changelog
https://github.blog/changelog/2022-03-04-sharing-github-actions-within-your-enterprise-is-now-ga
[00:04:50] Take the Cloud Posse Quiz
https://cloudposse.com/quiz
[00:05:40] It’s pretty common to render static pages for docs purposes directly from Github Action or Gitlab
[00:12:10] Is there a good argument for or against adding remote_state entries in a Terraform module
[00:01:02] Outro