Latest writing

view all 11

Advice to an early-career DevOps engineer

This week I was asked a really fundamental question and I totally flunked. I didn't grasp its importance and here is my attempt to correct that mistake: What advice would you give to an early-career DevOps?I had been engrossed in writing automation scripts tha…▷ read more

3 Lessons from the Daily Stoic Challenge

I took the daily stoic challenge this summer. It is a 10-day program developed by author Ryan Holiday that will encourage you to implement ideas from the stoics into your daily live. Here are few things I learned during the challenge, if you read this I still…▷ read more

Troubleshooting AWS API Gateway & CORS issues

The problemSetting CORS while using AWS API Gateway can be confusing as the Enable CORS option in the Action menu doesn't work out of the box. The problem occurs during the pre-flight call that fail as it is. A solution to this issue is simply to create a…▷ read more

Tech radar

Interactive visualization of technologies and how they fit in past, present and future projects— based on the technology frontier radar by thoughtworks. It will be updated twice a year or so. For the best experienced go to https://cdvel.github.io/tech-radar…▷ read more

Run and Meditate

This is probably your situation too. I find very difficult to find enough time to take care of myself. Running and meditation have been for a long time some of the habits that I get most benefits from. Ideally, I like doing a 40 minutes seated meditation, but…▷ read more

Quick and dirty ReactiveX example

Event-driven architectures have been around for a while and lately its use has become popular in environments such as Node.js. One of the most expressive and graceful implementations of these ideas is ReactiveX. It was created from the idea of interfacing thre…▷ read more

Prefer Myopic Feedback

This week, James Clear posted an interesting idea on How to effectively measure improvements. His main point was that it might be better approach to use short-term feedback to calibrate your actions and your probability of achieving your goals. Most people act…▷ read more

60 seconds to TDD

This quick tutorial presents a minimal setup with Python to start coding using TDD. It only requires two lightweight dependencies nose and when-changed available through pip . Install and run sudo pip install nose sudo pip install when-changed The following…▷ read more

Keeping a Journal

Journaling is very powerful tool to record your thoughts, events, ideas, people you meet, goals, quotes or basically anything that matters to you. It can help you grow in every aspect of your life. Powerful negative emotions are diminished by writing ... capt…▷ read more

Notes

view all 28

Container Security

ChallengesTraditional tools aren't fit to secure containers (and kubernetes): too heavy handed such, e.g., EDR, vulnerability scanners, hostbased firewalls, network forensics, security analytics.Alternative dedicated lightweight tools are being used – and dahs…▷ read more

Posture Management

Cloud security posture managementWhat is it?Cloud security posture management validates your configuration in cloud environments (usually public clouds), it includes but not limited to: Auditing and monitoring of cloud infrastructureReal-time threat activity m…▷ read more

Best of AWS re:Invent

2020Zero Trust: An AWS perspective – Quint Van DemanTen easy and effective ways to secure your AWS environment – Becky WeissSecurity best practices the AWS Well-Architected way – Ben Potter2019CI/CD for serverless applications – Eric Johnson 2018Become an IAM…▷ read more

Well-Architected Framework

AWS Well-Architected FrameworkDesign PrinciplesAWS...Cost OptimizationCost OptimizationPerformance EfficiencyPerformance Effi...OperationalExcellenceOperational...SecuritySecurityReliabilityReliabilityPerform OperationsAs CodePerform Operations...Annotate Do…▷ read more

Cloud Native Security

Intro[TK] Reports Snyk - State of Cloud Native Application SecurityCloud Native Application Security Report | SnykNew research reveals 60% of organizations have increased security concerns since adopting cloud native. Read the full State of Cloud Native Appl…▷ read more

Docker

Getting startedImages are the blueprint to instantiate containers that are built, run, and distributed by the Docker Daemon, which used via a Docker Client and pull images from a registry such as Docker Hub Basic commands#runs a container (downloads image if n…▷ read more

GitOps

Standarized workflow to deploy, configure, monitor, update IaaC – the repository contains declarative descriptions of the desired state of the infrastructure ... and automation makes the production enviroment match the repositoryState is 1. Declarative, 2.Vers…▷ read more

Chaos Engineering

IntroductionMain objectives: Part of overall Resilience approachSurface evidence of weaknesses before crisis and outagesMake everyone responsible for code in productionImprove availability, stability, robustness, service in case of outagesAssess how well code…▷ read more

Kubernetes

The most used container orchestration tool for deployment, scaling, and maintenance in the cloud. Notes are living documents and will change over time 🌱…▷ read more

Rust Libraries

NetworkingReqwest is an ergonomic, batteries-included HTTP Client for Rust. Plain bodies, JSON, urlencoded, multipart, Customizable redirect policy, HTTP Proxies, HTTPS via system-native TLS (or optionally, rustls), Cookie Store, WASM. Rustls is a modern TLS l…▷ read more

Rust

Getting startedInstall via script # install curl https://sh.rustup.rs -aSf | sh source $HOME/.cargo/env export PATH="$HOME/.cargo/bin:$PATH" # check installation cargo -V rustc -V Create a template project via command cargo new --bin hello-world or cargo init…▷ read more

Vim

Basicsmove k h l j move between words words! _a_re words w words! are _w_ords e words! ar_e_ words b words_!_ are words B _w_ords! are words multipliers number + [h, j, k, l , w, e, b] 5h wor_d_s! are words…▷ read more