I think some of us thought the same at least once. Me, I've thought this hundreds of times. And today, instead of a usual strict technical format, I want to talk a bit and share my thoughts on feeling like an impostor.
Happy 2026, dear visitor! I know, it's already been a whole month of 2026, but only now have I found some time to write a new article. Today we're going to discuss migration from ingress-nginx to Kubernetes Gateway, particularly Envoy.
The New Year is nigh, and it's time to look back at the past year. Let's take a look at some numbers and noticeable changes, however big or small they might be. Mostly related to this blog, though some may be personal.
Advent season is here! And that means advent challenges as well!
After a disastrous attempt at Advent of Code last year, this year I was very happy to see that Sad Servers started an Advent challenge of their own -- Advent of Sysadmin! At last, a challenge I can (hopefully) progress further than task 3. And this means more challenges for us to tackle. The Advent will consist of 12 challenges. To keep things slightly more interesting, I will publish the solution to each task the day after it's released: for example, today, on December 2, I will solve the task from December 1, and so on. Have fun!
All tasks are available!
Several weeks ago, while tinkering with a Wi-Fi router in a coffee shop, a thought occurred to me: "Some networks might be blocking user activity based on MAC addresses. It might be a good idea to automate MAC address changes." So I decided to write a script that would change my laptop's MAC address.
Complex systems require extensive monitoring and observability. Systems as complex as Kubernetes clusters have so many moving parts that sometimes it's a task and a half just to configure their monitoring properly. Today I'm going to talk in depth about cross-account observability for multiple EKS clusters, explore various implementation options, outline the pros and cons of each approach, and explain one of them in close detail. Whether you're an aspiring engineer seeking best-practice advice, a seasoned professional ready to disagree with everything, or a manager looking for ways to optimize costs -- this article might be just right for you.
I love a good challenge. I love the feeling when the brain sparks and screeches while trying to solve another mystery. For several years, I've been tackling all sorts of nut-cracking challenges, and for several months, I've been thinking of creating one myself. Luckily, I have just the right resources for that: a personal website and a blog. And finally, we're here. Welcome to hatedabamboo's ARG:2025!
Enter the game
CTF challenges continue to be one of my interests for their ability to show me even more ways in which my allegedly "secure" and "solid" infrastructure setup can be accessed by a malicious actor. This time we're gonna discuss the second challenge in a series of CTFs made by WIZ: EKS Cluster Games.
Databases are a cornerstone of any meaningful business application. Or not meaningful. Or not even business. They keep things consistent. Yes, that's the one.
For decades, we've been using usernames and passwords to connect to databases inside applications. While consistent and secure enough, sometimes we want a different, more secure way to access sensitive data. And in this article, I'm going to show you the entire process of configuring a database connection using AWS native tools -- IAM roles and policies.
Hello, dear reader! It's been a while since our last one-way communication. Mostly because the last couple of months have been taxing on me. Searching for a new job is not an easy task these days. Also, there's been a new Warhammer box, which I just couldn't resist.
But I'm slowly getting back up to speed, and today we're gonna explore the abilities to manage the managed service -- in particular, how we can configure custom parameters to spin up instances and storage on AWS EKS to our liking.
CTF (Capture The Flag) challenges are a fun and safe way to stretch a stale brain muscle and learn a trick or two about how robust security is not actually that robust. Today we're going to solve The Big IAM Challenge[1] and reflect on the lessons learned.
Integrating Playwright end-to-end test reporting into a CI/CD pipeline by automatically uploading the generated reports to an AWS S3 bucket, enabling easy access and centralized storage.
Two easy ways to include a pip package for your Python Lambda function.
Some time ago I wrote about bash aliases and how they reduce the complexity of long commands by replacing them with several symbols. But aliases are not the only things that can ease the usage of shell. In this article I will share with you the magic of bash functions and provide several examples of how awesome they are.
Hello, dear visitor. Seeing you here today means you're likely a developer, engineer, coder, or some combination of these -- and that you're familiar with the term "code". For several decades engineers all over the world were writing code. This code, first and foremost, was meant to solve problems. And today I would like to tell you about solving even more problems with the power of code. I will show you why and how we should use code for more and more scenarios across our professional and personal lives.
S3 is an incredibly useful service for storing and sharing a vast variety of files. Due to its ability to store files in a bucket accessible to a broad audience, it is even possible to host a static website. The first "S" in the acronym S3 stands for "Simple." But is it actually so simple when it comes to public access? In this article, I will try to comprehensively figure out the thing that baffles me each time I come across it: the "Block public access" configuration.
AWS has long allowed users to host their static websites using S3 buckets. While this is a very simple and reliable solution, sometimes there is a need for a more complex application. AWS addresses this need with AWS Amplify Gen 2. In this article, I'm going to show you how to create and serve a React application utilizing its power.
Recently, during a routine backup procedure for personal files, I discovered that my private bucket, which should contain only one archive, for some reason has approximately 500 objects in it. This surprised me greatly, and I decided to investigate what the issue was and how it happened.
Containers have been a dominant force in the Internet landscape for nearly two decades. Their popularity stems not only from their convenience but also from the ease of creation and setup. I'm certainly not the first to acknowledge that containers are an incredibly useful tool, and I won't be the last. Like any tool, however, they can be used quickly or they can be used effectively. Today, we will focus on the latter: optimizing application efficiency by reducing the container's size and examining the trade-offs in terms of size, complexity, and build time.
In this series of articles, I will attempt to solve scenarios from the website "Sad Servers" and provide detailed explanations of the tasks and solutions. The website is described as "Like LeetCode for Linux", offering opportunities to train and improve debugging and operating skills with Linux.
Part 2 includes scenarios 11 to 20.
Exactly one year ago, on August 24, 2023, I published my first blog post. Since then, one year has passed, 14 posts have been written, and some other events have happened. I love numbers, so I decided to gather some statistics for the past year and publish them here for your, dear reader, joy, and my own clarity.
In this series of articles, I will attempt to solve scenarios from the website "Sad Servers" and provide detailed explanations of the tasks and solutions. The website is described as "Like LeetCode for Linux", offering opportunities to train and improve debugging and operating skills with Linux.
Part 1 includes scenarios 1 to 11 (scenario 10 is locked behind a paywall and will be discussed in another article).
A few days ago, AWS open-sourced[1] its Secrets Manager Agent, which is designed to help us users fetch secrets more easily and securely. Let's take a look at what it is, compare it with existing solutions, discuss its potential applications and limitations and how it may help us (or not) in our day-to-day operations.
Terraform, apart from being an incredible tool overall, is very good for managing IAM policies: it's straightforward, easy to maintain, and very flexible. I've seen a lot of guides on using Terraform for managing infrastructure in general and IAM specifically, but I haven't seen any implementing an important but not very common feature -- validating IAM policy length. So I decided to create one.
Yet another reason why I love Linux is the ability to shoot myself in the leg and still be able to do something about it (or not). This approach allows very deep configuration and understanding of the system, but at the same time, it teaches users to be cautious of their actions. Today, I would like to tell a story about how I locked myself out of root access (easy) and fixed it afterward (not easy).
We all use git. We all are familiar with pull, push and commit commands and we don't give them too much thought apart from that. Like, what can possibly be complicated about a commit? But is it actually this simple and straightforward?
Let's find out!
Yet another reason why I love Linux: everything is a file. Today I would like to talk about the files that help us to understand the health of our accumulator batteries.
To certify or not to certify? That is a complicated question. In this post, I will speculate on the topic and share my personal thoughts on certifications in general, specifically focusing on the CKA.
Git hooks are a very handy feature in development. However, because of their local nature, configuring them from a centralized repository perspective can be challenging. In this note, I aim to find a convenient solution to this problem.
There are a lot of posts in the internet regarding which program or tool does what in Linux systems. Usually it's a brief overview of the program's functionality, a few examples, and that's it. All from the objective point of view: what we want to achieve. But there aren't so many posts discussing the algorithms in which these programs can be used. So I decided to write a quick guide you can follow to determine whether there's a problem with a server and where it is.
I love bash. A tool as trivial as command line interface (CLI, or just console) holds so many secrets, that even after 9 years of experience I still sometime find something wonderful. But today I want to talk a bit about one of my favourite tricks -- aliases.
A short story about why I decided to create a personal website and blog and how I set them up and got them running. (Which turned into a manual on how to create a static website with S3 + HTTPS + custom domain name and blog for it using GitHub Pages).
How often you find yourself in the situation, when you're too bored to write a commit message? Personally, quite often. For this specific reason I finally managed to create a quick way to write commit messages.
This note is dedicated to showing how one can store CI/CD variables and secret values inside AWS Parameter Store (or Secrets Manager) and use them within Gitlab CI.
Here lies the first ever blogpost. Just so it will be here. No other particular reason.