#random - April 2026

came across this post about Trivy, https://raxe.ai/labs/advisories/RAXE-2026-045

anyone going to gitex africa ?

the hashicorp license change last year made me realize i had no idea what it would actually take to migrate off terraform if we ever needed to. turned out the answer was way more complicated than just rewriting some hcl files - we're locked into the provider sdk, the module registry, and most painfully the state file format which doesn't have any clean conversion path to other tools unless you manually import every single resource one by one.
i documented the four types of lock-in most teams don't realize they have until they try to leave, plus realistic migration timelines based on team size

https://dev.to/muskan_8abedcc7e12/terraform-lock-in-is-real-heres-how-to-get-out-4j8g

Ever stopped an RDS or Aurora database, only to be surprised by a big bill because it was re-started after 7 days?

I'm excited to share a new release of github.com/sqlxpert/step-stay-stopped-aws-rds-aurora !

It should now work beyond just the aws partition (please confirm, and I'll acknowledge you in the next ReadMe update). I've also added an optional service control policy and enabled immutable releases.

Key elements are security (IAM intricacies and optional KMS encryption — the real thing, with support for multi-region keys housed in a separate account), multi-region + multi-account deployment (CloudFormation StackSet + optional Terraform), and serverless simplicity (EventBridge→Step Function). This was inspired by a user request, so I welcome your feedback…

['=]---

Next Stategraph Demo Day is April 22: https://stategraph.com/demo-day
I’ll be putting the demo gods to the test by refactoring a messy Terraform repo live using Claude Code and the Stategraph SKILL.md

I just completed the self-service microservice IDP project, built with Backstage, ArgoCD, GitHub Actions and Helm. dev fills out a form in Backstage and gets a full repo + CI/CD + k8s would really appreciate any feedback, repos: - backstage portal: https://github.com/Eweka01/backstage-app - software templates: https://github.com/Eweka01/backstage-software-templates writeup: https://medium.com/@oseweka1/i-built-a-self-service-microservice-platform-with-backstage-argocd-github-actions-2037f46a3b50 (edited)

Medium
I Built a Self-Service Microservice Platform with Backstage, ArgoCD & GitHub Actions
Tech Stack: Python · Docker · GitHub Actions · Kubernetes · Helm · ArgoCD· Backstage: From CI/CD Pipelines to an Internal Developer Portal

hi everyone
wanted to share a small project i’ve been working on.

KubeAgent watches your Kubernetes clusters 24/7, diagnoses issues automatically, and applies safe fixes or pings you on Slack, Discord, Teams, Telegram, or PagerDuty to approve risky ones.

would love feedback from you.
https://kubeagent.net/

AI is so powerful now. I feel companies should look at flexible time sharing contractors instead of part-time or full-time ones, benefit for both sides

Hey folks, just wanted to share a new tutorial on building a closed-loop workflow with Codex and Signadot. It covers using MCP to let agents spin up their own K8s sandboxes and self-correct based on test results. Hope it's helpful!
https://www.signadot.com/docs/tutorials/autonomous-closed-loop-codex

👋 Hi everyone!

My name is Chi, and I'm a VIP Experience Executive at Kisaco Research - a London-based B2B events company that produces high-level industry conferences and summits for some of the world's leading tech communities.

I'll be honest, I'm relatively new to the AI and infrastructure space 😄 but I'm learning fast and this community looks like exactly the right place to do that!

The reason I wanted to reach out is that we have our AI Infra Summit coming up at the Santa Clara Convention Center, 15–17 September, and it may be of interest to some of you. Here's a flavour of what's on:

🔹 6 content stages covering Compute, Data Movement, Data & Models, AI Data Centre, Physical AI, and a Main Stage
🔹 8,000+ attendees from across the AI infrastructure engineering world
🔹 Speakers include Jeff Dean (Chief Scientist, Google), Lip-Bu Tan (CEO, Intel), plus teams from Microsoft, Meta, Boeing, Lockheed Martin, eBay and 50 more announced just this week
🔹 Real-world architecture talks from teams running large-scale AI workloads in production

Complimentary tickets are available for qualifying enterprises, hyperscalers, and AI labs, which is exactly where my role comes in. I handle VIP guesting for enterprise and hyperscaler attendees, so if you're interested in attending or know a colleague who might be, feel free to drop me a message and I'll get you sorted 😁

We also have a free webinar coming up on 16 April - AI in Practice: From Innovation to Market Reality - if you'd like a taster before the main event. 👉️ https://lnkd.in/eDRCQEAY

Great to meet you all, and looking forward to getting to know this community! 🙌

Not sure if this was shared already; @Matt Gowie shared with me https://www.youtube.com/watch?v=g1R71Wbxlkk

Hey 👋
DevOps / SRE here (~8y professional experience).

After constantly dealing with load testing setups, I built a tool to simplify the workflow (distributed tests, regression detection, reports, CI/CD, etc):
https://loadtester.org

Would love feedback from others engineers — happy to jump on a quick demo call if useful, otherwise feel free to register and use a free plan!

Sam may be intentionally to stay behind Dario to avoid to be hated by engineers being laid off but maintain his business market. the hatred turning against to the 1st leader may happen in a snap, hope this wouldn’t happen

AI infrastructure is moving fast, and the cost of getting it wrong is rising.

Too many teams are still dealing with the same problems: surface-level conversations, fragmented market views, and uncertainty over whether the right people are even in the room.

AI Infra Summit is built to solve that.

It brings together the technical leaders, enterprises, hyperscalers, and infrastructure players driving the industry forward, so you can get practical insight, see the full ecosystem more clearly, and make connections that matter.

If you want a sharper perspective and better conversations, register your interest here: https://lnkd.in/e9HVGddr

I built CubbyDrop — encrypted file sharing where the server never sees your data.
How it works: your files are encrypted with AES-256-GCM in the browser before upload. The key stays in the link — the server literally can't access
your files.

Main features:
• End-to-end encrypted file transfers
• Password protection & download limits
• Delete-after-download for sensitive files
• Live peer-to-peer mode (no server, no size limits)
• Personal subdomains (you.cubbydrop.com)
• Team plans with admin dashboard & domain discovery
• QR code sharing for mobile
• Encrypted text/password paste
https://cubbydrop.com
Would love honest feedback — what's missing? What would make you switch from your current tool?

Another week, another resource control policy! I guess this is what IAM geeks do. 😹

github.com/sqlxpert/aws-rcp-s3-require-encryption-kms
…is my new way to replace KMS encryption statements potentially repeated in hundreds of S3 bucket policies.

• Install it in your AWS Organizations management account, with CloudFormation or native Terraform.
• Tag an S3 bucket and enable attribute-based access control (ABAC) for the bucket.
security-s3-require-encryption-kms-key-arn = ARN of KMS key required in this bucket

(Two other identifiers are also supported. One is for the simplest setups, in which S3 bucket and KMS key are only ever used in one region and AWS account. The other fits KMS multi-region keys defined in a central AWS account.)

• Any attempt to create an object with the wrong encryption type or wrong KMS key yields AccessDenied .
• An optional service control policy locks the tag.
Between the resource control policy itself, the automated test stack (CloudFormation only, because it's temporary), and the documentation, there's lots of information about:
• New 2025–2026 S3 features (attribute-based access control, account-regional namespaces)
• IAM policy condition keys for tags, and condition operator semantics
• Secure, future-proof KMS key configurations
I really appreciate your feedback, and that's not an empty statement: I improve stuff based on user requests, and I of course acknowledge the source.

I hope this will be useful. If you give it a try, thank you!

Not sure if there is a similar project for MFA token chaining, if not, I have just made one, https://github.com/snowsky/mfa-chain-orchestrator, which can be installed with pip install mfa-chain-orchestrator, and an example can be found at https://github.com/snowsky/mfa-chain-orchestrator/tree/main/examples.

The idea is simple, user can set up MFA with multiple authenticators in a chain. I tested in my application. When user logs in, he can use password first, and then will be prompted for Google Authenticator and Microsoft Authenticator in sequence or random.

Hi everyone!

We built a knowledge graph as a service for production teams: real-time mapping of your infra, apps and codebase, with causal reasoning for incident resolution and prediction.

Would love feedback from people who deal with this daily, or a pointer to someone who'd be keen to try it. Free trial here: https://www.anyshift.io/

Used by Citrix, MotherDuck and Yelp. SOC 2 certified, self-hosted option available. Happy to chat or do a quick demo!

GPT 5.5 is coming?

A github issue complaining MiniMax model but in Chinese, https://github.com/MiniMax-AI/MiniMax-M2/issues/102, many found the post from google and confirmed the bad performance

Hey guys 👋

I built a self-service developer platform and it's live on the public internet — you can try it from your phone right now.

👉️ https://backstage.gabrieleweka.dev (sign in with GitHub or Google)

The flow: click Create, type a name, pick prod or dev. In ~2 minutes you get:
• A new GitHub repo with a Flask API + frontend
• Full CI/CD pipeline (super-linter + Trivy scans, build, push, deploy)
• Auto-deployed to Kubernetes via ArgoCD with a valid HTTPS URL
• Its own Grafana dashboard (pods, CPU, memory, network, crash count)
• TechDocs page rendered in Backstage

Other stuff to poke at:
• https://argocd.gabrieleweka.dev — read-only login: viewer / viewer123
• http://grafana.gabrieleweka.dev — no login, opens on the Platform Overview
• http://prometheus.gabrieleweka.dev

Heads up: scaffolded apps auto-delete after 30 min (a CronJob reaps them), so don't get attached. Whole thing runs on my old laptop through a Cloudflare Tunnel — $0/month.

Would love feedback 🙌

🇺🇸 US based software engineers!
You can get refresh new jobs hourly basis here.
https://usdevjobs.com/

🚀Bay Area Devs folk— quick one: a 𝗗𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿 𝗚𝗶𝘁-𝗧𝗼𝗴𝗲𝘁𝗵𝗲𝗿 𝗶𝗻 𝗦𝗮𝗻 𝗙𝗿𝗮𝗻𝗰𝗶𝘀𝗰𝗼 to talk about what’s actually working (and what’s breaking) in AI-First SDLC.


🗓️ 𝗠𝗮𝘆 𝟭𝟰 | 𝟱:𝟯𝟬–𝟴:𝟯𝟬 𝗣𝗠
📍 TestMu, San Francisco

If you’re in backend, QA, or DevOps — this will be worth your time.

Spots are limited (invite only).

👉️ Register: https://lnkd.in/dxaGF9iN


𝗪𝗵𝗮𝘁 𝘆𝗼𝘂’𝗹𝗹 𝗮𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗴𝗲𝘁:
→ Real conversations with engineers building at scale
→ Live demo (not a sales pitch)
→ Practical ideas you can take back to your team
→ Swag + good coffee

IAM misconfigurations sit in ticket queues for 14 days on average. the fix itself takes four minutes. wrote up this article on a closed-loop remediation system that handles it in 90 seconds instead, and explains which security findings you should never auto-remediate. I would love some feedback on this.

https://dev.to/riya_mittal_cdd264250ad45/closed-loop-iam-remediation-auto-fixing-security-misconfigurations-without-a-human-in-the-loop-dhc

Is anybody here using Cloud Custodian? Curious what your experience has been and what use cases you use it for!

https://cloudcustodian.io