Complex systems require extensive monitoring and observability. Systems as complex as Kubernetes clusters have so many moving parts that sometimes it's a task and a half just to configure their monitoring properly. Today I'm going to talk in depth about cross-account observability for multiple EKS clusters, explore various implementation options, outline the pros and cons of each approach, and explain one of them in close detail. Whether you’re an aspiring engineer seeking best-practice advice, a seasoned professional ready to disagree with everything, or a manager looking for ways to optimize costs -- this article might be just right for you.

Continue reading →

I love a good challenge. I love the feeling when the brain sparks and screeches while trying to solve another mystery. For several years, I’ve been tackling all sorts of nut-cracking challenges, and for several months, I’ve been thinking of creating one myself. Luckily, I have just the right resources for that: a personal website and a blog. And finally, we’re here. Welcome to hatedabamboo’s ARG:2025!

Continue reading →

CTF challenges continue to be one of my interests for their ability to show me even more ways in which my allegedly "secure" and "solid" infrastructure setup can be accessed by a malicious actor. This time we're gonna discuss the second challenge in a series of CTFs made by WIZ: EKS Cluster Games.

Continue reading →

Databases are a cornerstone of any meaningful business application. Or not meaningful. Or not even business. They keep things consistent. Yes, that’s the one.

For decades, we’ve been using usernames and passwords to connect to databases inside applications. While consistent and secure enough, sometimes we want a different, more secure way to access sensitive data. And in this article, I’m going to show you the entire process of configuring a database connection using AWS native tools -- IAM roles and policies.

Continue reading →

Hello, dear reader! It's been a while since our last one-way communication. Mostly because the last couple of months have been taxing on me. Searching for a new job is not an easy task these days. Also, there’s been a new Warhammer box, which I just couldn’t resist.

But I'm slowly getting back up to speed, and today we're gonna explore the abilities to manage the managed service -- in particular, how we can configure custom parameters to spin up instances and storage on AWS EKS to our liking.

Continue reading →

CTF (Capture The Flag) challenges are a fun and safe way to stretch a stale brain muscle and learn a trick or two about how robust security is not actually that robust. Today we're going to solve The Big IAM Challenge^[1] and reflect on the lessons learned.

Continue reading →

Integrating Playwright end-to-end test reporting into a CI/CD pipeline by automatically uploading the generated reports to an AWS S3 bucket, enabling easy access and centralized storage.

Continue reading →

Two easy ways to include a pip package for your Python Lambda function.

Continue reading →

Some time ago I wrote about bash aliases and how they reduce the complexity of long commands by replacing them with several symbols. But aliases are not the only things that can ease the usage of shell. In this article I will share with you the magic of bash functions and provide several examples of how awesome they are.

Continue reading →

Hello, dear visitor. Seeing you here today means you're likely a developer, engineer, coder, or some combination of these -- and that you're familiar with the term "code". For several decades engineers all over the world were writing code. This code, first and foremost, was meant to solve problems. And today I would like to tell you about solving even more problems with the power of code. I will show you why and how we should use code for more and more scenarios across our professional and personal lives.

Continue reading →