After my last post, a colleague pinged me with “I thought you used environment variables to manage credentials, so why didn’t you show that?” The short answer is that it would detract from the points I was trying to make. The long answer is rooted in history and not-quite-implemented features, so rates its own post. … Read More
My last post compared different infrastructure tools for creating users and letting them assume roles for cross-account access. I received a few questions about the underlying problem that those scripts were trying to solve, so this post delves a bit deeper into the realm of user management.
My background is as a developer, so when I think of “devops” and “infrastructure as code” I look for the loops and conditionals of a Turing-complete language. Unfortunately for me, popular devops tools lean toward a declarative format: you describe the environment that you want, and the tool makes whatever changes are needed to achieve … Read More
The correct compute platform depends on the workload that you’re running. This post contains criteria for picking the right environment from the choices that AWS gives you.