Just shipped a compagnon website for MAMIP, the tool that detects change made by AWS on IAM Managed Policy.
Let me know what do you think of this first version. I'm considering adding many new features in the next upcoming weeks.
Let me know what do you think of this first version. I'm considering adding many new features in the next upcoming weeks.
October 6, 2025 at 3:03 PM
Just shipped a compagnon website for MAMIP, the tool that detects change made by AWS on IAM Managed Policy.
Let me know what do you think of this first version. I'm considering adding many new features in the next upcoming weeks.
Let me know what do you think of this first version. I'm considering adding many new features in the next upcoming weeks.
Just 2 hours to go before fwd:cloudsec Europe kicks off here in Berlin! 🇩🇪
We’ve got an incredible lineup of speakers this year covering the latest in cloud security, from IAM and supply chain risks to practical defense strategies.
We’ve got an incredible lineup of speakers this year covering the latest in cloud security, from IAM and supply chain risks to practical defense strategies.
September 15, 2025 at 4:40 AM
Just 2 hours to go before fwd:cloudsec Europe kicks off here in Berlin! 🇩🇪
We’ve got an incredible lineup of speakers this year covering the latest in cloud security, from IAM and supply chain risks to practical defense strategies.
We’ve got an incredible lineup of speakers this year covering the latest in cloud security, from IAM and supply chain risks to practical defense strategies.
Since January, I've resumed running. It's part of my New Year's resolution: new gear and a more challenging routine after a seven-year pause and passing the 40-year milestone.
I'm now using Strava only to record my activities, and I've found a few cool FOSS initiatives that are game changers.
I'm now using Strava only to record my activities, and I've found a few cool FOSS initiatives that are game changers.
August 18, 2025 at 2:34 PM
Since January, I've resumed running. It's part of my New Year's resolution: new gear and a more challenging routine after a seven-year pause and passing the 40-year milestone.
I'm now using Strava only to record my activities, and I've found a few cool FOSS initiatives that are game changers.
I'm now using Strava only to record my activities, and I've found a few cool FOSS initiatives that are game changers.
The lineup for fwd:cloudsec Europe is revealed, presenting a two-day event filled with top-tier presentations on a single track, alongside engaging "Birds of a Feather" discussion sessions. Sponsorship slots remain open.
fwdcloudsec.org/conference/...
See you there, folks! 🇩🇪
fwdcloudsec.org/conference/...
See you there, folks! 🇩🇪
fwd:cloudsec Europe 2025 | fwd:cloudsec
fwd:cloudsec is a non-profit conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security features, the pros and cons of different security strategies, and generally the types of things cloud practitioners want to know, but that don't fit neatly into a vendor conference schedule.
fwdcloudsec.org
August 7, 2025 at 6:54 AM
The lineup for fwd:cloudsec Europe is revealed, presenting a two-day event filled with top-tier presentations on a single track, alongside engaging "Birds of a Feather" discussion sessions. Sponsorship slots remain open.
fwdcloudsec.org/conference/...
See you there, folks! 🇩🇪
fwdcloudsec.org/conference/...
See you there, folks! 🇩🇪
We are living in a unique time where core software technology is ready, but the hardware or device component is lacking.
Several times a day, I use an LLM for work-related questions, and at home, I often rely on voice interaction for personal queries.
Several times a day, I use an LLM for work-related questions, and at home, I often rely on voice interaction for personal queries.
August 4, 2025 at 3:58 PM
We are living in a unique time where core software technology is ready, but the hardware or device component is lacking.
Several times a day, I use an LLM for work-related questions, and at home, I often rely on voice interaction for personal queries.
Several times a day, I use an LLM for work-related questions, and at home, I often rely on voice interaction for personal queries.
Sometimes, stats are very painful to read.
You're sharing engaging content and OSS AWS projects, yet your blog's most popular post is an eight-year-old paper on interacting with the JIRA API using PowerShell.
Rude.
You're sharing engaging content and OSS AWS projects, yet your blog's most popular post is an eight-year-old paper on interacting with the JIRA API using PowerShell.
Rude.
July 30, 2025 at 3:01 PM
Sometimes, stats are very painful to read.
You're sharing engaging content and OSS AWS projects, yet your blog's most popular post is an eight-year-old paper on interacting with the JIRA API using PowerShell.
Rude.
You're sharing engaging content and OSS AWS projects, yet your blog's most popular post is an eight-year-old paper on interacting with the JIRA API using PowerShell.
Rude.
AWS is not magic; it's a compilation of hard work and simplicity, executed at scale.
Well known AWS services are in fact, heavily customized OSS.
ALB → NGINX
ELB → HAProxy
EC2 → Xen, KVM
DynamoDB → InnoDB
Deep Glacier → BD-R optical
CloudFront → was NGINX + Squid
Well known AWS services are in fact, heavily customized OSS.
ALB → NGINX
ELB → HAProxy
EC2 → Xen, KVM
DynamoDB → InnoDB
Deep Glacier → BD-R optical
CloudFront → was NGINX + Squid
July 25, 2025 at 3:00 PM
AWS is not magic; it's a compilation of hard work and simplicity, executed at scale.
Well known AWS services are in fact, heavily customized OSS.
ALB → NGINX
ELB → HAProxy
EC2 → Xen, KVM
DynamoDB → InnoDB
Deep Glacier → BD-R optical
CloudFront → was NGINX + Squid
Well known AWS services are in fact, heavily customized OSS.
ALB → NGINX
ELB → HAProxy
EC2 → Xen, KVM
DynamoDB → InnoDB
Deep Glacier → BD-R optical
CloudFront → was NGINX + Squid
Reposted by Victor Grenu
ReadOnlyAccess, SecurityAudit, SystemAdministrator ... https://github.com/z0ph/MAMIP/commit/fcfd41a1
July 24, 2025 at 5:00 PM
ReadOnlyAccess, SecurityAudit, SystemAdministrator ... https://github.com/z0ph/MAMIP/commit/fcfd41a1
Me: Just rolled out a new version of unusd dot cloud for “UN-USD” as in kicking unused dollars out of AWS.
Friend: Wait, people really leave money on the table?
Friend: Wait, people really leave money on the table?
July 23, 2025 at 2:57 PM
Me: Just rolled out a new version of unusd dot cloud for “UN-USD” as in kicking unused dollars out of AWS.
Friend: Wait, people really leave money on the table?
Friend: Wait, people really leave money on the table?
Recently, I've added more details to commit messages for MAMIP in response to user feedback on GitHub.
You will now be able to see the policy version for each new AWS IAM Managed Policy detection.
I hope this Quality of Life improvement benefits other repository users.
You will now be able to see the policy version for each new AWS IAM Managed Policy detection.
I hope this Quality of Life improvement benefits other repository users.
July 21, 2025 at 3:04 PM
Recently, I've added more details to commit messages for MAMIP in response to user feedback on GitHub.
You will now be able to see the policy version for each new AWS IAM Managed Policy detection.
I hope this Quality of Life improvement benefits other repository users.
You will now be able to see the policy version for each new AWS IAM Managed Policy detection.
I hope this Quality of Life improvement benefits other repository users.
This is how I see MCP (Model Context Protocol) nowadays: a way to supercharge your second brain (LLM) with specialized content
Neo learned to pilot a helicopter and master martial arts with "I Know Kung Fu"
Next, plug the MCP into your first brain. What's your first MCP choice?
Neo learned to pilot a helicopter and master martial arts with "I Know Kung Fu"
Next, plug the MCP into your first brain. What's your first MCP choice?
July 17, 2025 at 3:02 PM
This is how I see MCP (Model Context Protocol) nowadays: a way to supercharge your second brain (LLM) with specialized content
Neo learned to pilot a helicopter and master martial arts with "I Know Kung Fu"
Next, plug the MCP into your first brain. What's your first MCP choice?
Neo learned to pilot a helicopter and master martial arts with "I Know Kung Fu"
Next, plug the MCP into your first brain. What's your first MCP choice?
Global DNS outage at Cloudflare lasted 62 min due to legacy config accidentally linking 1.1.1.1 routes to a test service.
When the test activated, it withdrew all BGP announcements.
Classic "dormant config bomb" - bad change in June, triggered in July.
blog.cloudflare.com/cloudflare-...
When the test activated, it withdrew all BGP announcements.
Classic "dormant config bomb" - bad change in June, triggered in July.
blog.cloudflare.com/cloudflare-...
Cloudflare 1.1.1.1 Incident on July 14, 2025
On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS.
We’re deeply sorry for this outage.
This outage was the result of an internal configuration error and not the result of an attack or a BGP hijack. In this blog post, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.
blog.cloudflare.com
July 16, 2025 at 7:40 AM
Global DNS outage at Cloudflare lasted 62 min due to legacy config accidentally linking 1.1.1.1 routes to a test service.
When the test activated, it withdrew all BGP announcements.
Classic "dormant config bomb" - bad change in June, triggered in July.
blog.cloudflare.com/cloudflare-...
When the test activated, it withdrew all BGP announcements.
Classic "dormant config bomb" - bad change in June, triggered in July.
blog.cloudflare.com/cloudflare-...
🎵 “CostBusters (AWS)” 🎵
Idle EC2? Volume’s got dust?
Who you gonna call? CostsBusters!
I ain’t afraid of no waste,
I ain’t afraid of no cost haze - let’s chase!
When S3’s cold and RDS’s high,
Time to hunt those ghosts and say goodbye!
⸻
Idle EC2? Volume’s got dust?
Who you gonna call? CostsBusters!
I ain’t afraid of no waste,
I ain’t afraid of no cost haze - let’s chase!
When S3’s cold and RDS’s high,
Time to hunt those ghosts and say goodbye!
⸻
July 7, 2025 at 2:59 PM
🎵 “CostBusters (AWS)” 🎵
Idle EC2? Volume’s got dust?
Who you gonna call? CostsBusters!
I ain’t afraid of no waste,
I ain’t afraid of no cost haze - let’s chase!
When S3’s cold and RDS’s high,
Time to hunt those ghosts and say goodbye!
⸻
Idle EC2? Volume’s got dust?
Who you gonna call? CostsBusters!
I ain’t afraid of no waste,
I ain’t afraid of no cost haze - let’s chase!
When S3’s cold and RDS’s high,
Time to hunt those ghosts and say goodbye!
⸻
Back in the Ring!
Big thanks to the team at Wiz and especially Scott Piper for putting this together!
Big thanks to the team at Wiz and especially Scott Piper for putting this together!
July 3, 2025 at 2:42 PM
Back in the Ring!
Big thanks to the team at Wiz and especially Scott Piper for putting this together!
Big thanks to the team at Wiz and especially Scott Piper for putting this together!
We are typically building a Garbage Collector for your cloud environments.
For many years, during our consulting engagements with Dorian, we have consistently observed the same recurring pain points: the lack of cost visibility for operational teams. Again and Again.
For many years, during our consulting engagements with Dorian, we have consistently observed the same recurring pain points: the lack of cost visibility for operational teams. Again and Again.
June 30, 2025 at 3:09 PM
We are typically building a Garbage Collector for your cloud environments.
For many years, during our consulting engagements with Dorian, we have consistently observed the same recurring pain points: the lack of cost visibility for operational teams. Again and Again.
For many years, during our consulting engagements with Dorian, we have consistently observed the same recurring pain points: the lack of cost visibility for operational teams. Again and Again.
🚌 Do you know what the bus factor is?
It’s the number of people who must suddenly disappear (🚍, lottery win, new job, sick leave) before your project stops. If that number is 1, your luck is riding on one brain.
It’s the number of people who must suddenly disappear (🚍, lottery win, new job, sick leave) before your project stops. If that number is 1, your luck is riding on one brain.
June 23, 2025 at 2:59 PM
🚌 Do you know what the bus factor is?
It’s the number of people who must suddenly disappear (🚍, lottery win, new job, sick leave) before your project stops. If that number is 1, your luck is riding on one brain.
It’s the number of people who must suddenly disappear (🚍, lottery win, new job, sick leave) before your project stops. If that number is 1, your luck is riding on one brain.
👀 Peeking behind AWS IAM managed-policy curtains.
I’ve been running MAMIP Bot since its first commit (2019-02-10) to mirror every change AWS pushes to its managed-policy repo.
Five years of logs reveal clear rhythms from AWS dev teams (two-pizza teams):
I’ve been running MAMIP Bot since its first commit (2019-02-10) to mirror every change AWS pushes to its managed-policy repo.
Five years of logs reveal clear rhythms from AWS dev teams (two-pizza teams):
June 17, 2025 at 2:53 PM
👀 Peeking behind AWS IAM managed-policy curtains.
I’ve been running MAMIP Bot since its first commit (2019-02-10) to mirror every change AWS pushes to its managed-policy repo.
Five years of logs reveal clear rhythms from AWS dev teams (two-pizza teams):
I’ve been running MAMIP Bot since its first commit (2019-02-10) to mirror every change AWS pushes to its managed-policy repo.
Five years of logs reveal clear rhythms from AWS dev teams (two-pizza teams):
🍔 I Spotted the new “BIG ARCH” at McDo, and it hit me: cloud architecture can look just like that burger.
June 11, 2025 at 3:00 PM
🍔 I Spotted the new “BIG ARCH” at McDo, and it hit me: cloud architecture can look just like that burger.
Surviving the “Capital Effect”: TV‑driven traffic spikes on AWS.
June 9, 2025 at 3:03 PM
Surviving the “Capital Effect”: TV‑driven traffic spikes on AWS.
When building a bathroom, one of the first things your plumber does after installing the shower drain is a leak test: pour in a large amount of water (5L or more) to check for leaks, ensure the glued joints hold, and verify the slope drains properly.
June 6, 2025 at 7:52 AM
When building a bathroom, one of the first things your plumber does after installing the shower drain is a leak test: pour in a large amount of water (5L or more) to check for leaks, ensure the glued joints hold, and verify the slope drains properly.
What’s the point of all this?
Most of my professional life has revolved around cloud architecture, security, development, and automation.
But sometimes, if we step back and ask why we do what we do (yes, I went full “5 Whys” 🥲), it all boils down to one thing:
Most of my professional life has revolved around cloud architecture, security, development, and automation.
But sometimes, if we step back and ask why we do what we do (yes, I went full “5 Whys” 🥲), it all boils down to one thing:
June 2, 2025 at 2:56 PM
What’s the point of all this?
Most of my professional life has revolved around cloud architecture, security, development, and automation.
But sometimes, if we step back and ask why we do what we do (yes, I went full “5 Whys” 🥲), it all boils down to one thing:
Most of my professional life has revolved around cloud architecture, security, development, and automation.
But sometimes, if we step back and ask why we do what we do (yes, I went full “5 Whys” 🥲), it all boils down to one thing:
I just signed up for another half-marathon.
My last big race was the Paris Marathon 2017, eight years ago.
Since then, I’ve been running another long race: building a company with side-projects.
Running and entrepreneurship share a lot of similar values.
My last big race was the Paris Marathon 2017, eight years ago.
Since then, I’ve been running another long race: building a company with side-projects.
Running and entrepreneurship share a lot of similar values.
May 28, 2025 at 3:00 PM
I just signed up for another half-marathon.
My last big race was the Paris Marathon 2017, eight years ago.
Since then, I’ve been running another long race: building a company with side-projects.
Running and entrepreneurship share a lot of similar values.
My last big race was the Paris Marathon 2017, eight years ago.
Since then, I’ve been running another long race: building a company with side-projects.
Running and entrepreneurship share a lot of similar values.
Mark your calendar: fwd:cloudsec Europe 2025 lights up Berlin on September 15-16!
This two-day event is a non-profit cloud security conference, and we expect over 350 attendees this year!
This two-day event is a non-profit cloud security conference, and we expect over 350 attendees this year!
May 26, 2025 at 2:56 PM
Mark your calendar: fwd:cloudsec Europe 2025 lights up Berlin on September 15-16!
This two-day event is a non-profit cloud security conference, and we expect over 350 attendees this year!
This two-day event is a non-profit cloud security conference, and we expect over 350 attendees this year!
Ten years ago, when I began my journey into this mysterious new thing called “the cloud”, I was like little Kid Goku.
Naive, Wide-eyed, and incredibly curious about this new way of handling infrastructure.
• Spinning up a VM in seconds?
• Pay-as-you-go pricing?
Naive, Wide-eyed, and incredibly curious about this new way of handling infrastructure.
• Spinning up a VM in seconds?
• Pay-as-you-go pricing?
May 22, 2025 at 2:49 PM
Ten years ago, when I began my journey into this mysterious new thing called “the cloud”, I was like little Kid Goku.
Naive, Wide-eyed, and incredibly curious about this new way of handling infrastructure.
• Spinning up a VM in seconds?
• Pay-as-you-go pricing?
Naive, Wide-eyed, and incredibly curious about this new way of handling infrastructure.
• Spinning up a VM in seconds?
• Pay-as-you-go pricing?
Mind the gap… between your AWS bill and what you actually use.
This Paris metro-style warning? It’s not just a joke.
With my co-founder Dorian, we’ve seen the same issues come up again and again while working with customers:
This Paris metro-style warning? It’s not just a joke.
With my co-founder Dorian, we’ve seen the same issues come up again and again while working with customers:
May 20, 2025 at 3:04 PM
Mind the gap… between your AWS bill and what you actually use.
This Paris metro-style warning? It’s not just a joke.
With my co-founder Dorian, we’ve seen the same issues come up again and again while working with customers:
This Paris metro-style warning? It’s not just a joke.
With my co-founder Dorian, we’ve seen the same issues come up again and again while working with customers: