Aidan W Steele

12.8K posts

Aidan W Steele

Aidan W Steele

@__steele

I try to tweet novel things about AWS.“Shit-poster extraordinaire” according to @LastWeekInAWS. He/him. AWS Serverless Hero

Melbourne, Australia Katılım Nisan 2011
2.3K Takip Edilen9.9K Takipçiler
dom96
dom96@d0m96·
@threepointone @schrockn @jarredsumner Sadly lack of professionalism in open source is a serious problem. I spent over a decade of my life trying to change this in one project (Nim) and failed.
English
1
0
8
835
Nick Schrock
Nick Schrock@schrockn·
I have never actively wanted a programming language to fail but thanks to Andrew Kelley's scurrilous, outrageous, classless post on @jarredsumner 's bun rewrite, I got there. Port every project from Zig to Rust.
English
67
23
693
127.2K
Aidan W Steele
Aidan W Steele@__steele·
Every time I see “fractional CTO” on LinkedIn, this is what I’m reminded of.
Aidan W Steele tweet media
English
0
0
3
1.1K
Aidan W Steele
Aidan W Steele@__steele·
@rhowe212 @apparentorder Really nice, I’m going to add this feature request to the blog. Could also just be a session tag, e.g. aws:PrincipalTag/aws:SourceApplicationArn
English
0
0
1
261
Russell Howe
Russell Howe@rhowe212·
@__steele @apparentorder What I want is the equivalent of the azp claim in entra which tells me which application a user is using. Can use this to say "you get this permission but only via this trusted app, not directly against the API". Would require a new global context condition key I think
English
1
0
2
505
Aidan W Steele
Aidan W Steele@__steele·
AWS IAM Identity Center just launched some functionality that I've wanted to see in AWS for at least 10 years. It's still got some way to go, but it's very promising. awsteele.com/blog/2026/07/0…
English
3
9
38
8.1K
Aidan W Steele
Aidan W Steele@__steele·
@hhopk That’s absolutely my number one concern with this kind of thing, or AI agents running on laptops. I’m keen to get some visibility into who is doing what on whose behalf ASAP
English
2
0
1
247
houston
houston@hhopk·
@__steele Do you feel non-repudiation is largely, already, a dead principle? This may be overly American thinking, but with so many things able to act on behalf of humans, humans shelling to act as machines; blame is largely playing out as who is collectively decided to take the fall.
English
1
0
1
474
Bradley Wilson-Hunt
Bradley Wilson-Hunt@BradErzwh·
@samgoodwin89 Add to the list workload identity federation from workers to easily connect to AWS or GCP without static keys.
English
1
0
2
197
sam
sam@samgoodwin89·
Cloudflare needs an equivalent of AWS KMS. Key management is hard. Storing a key in secrets store is not enough. This, plus IAM Roles are their biggest gaps imo.
English
27
3
181
18.8K
Aidan W Steele
Aidan W Steele@__steele·
@myonlinetrust @apparentorder UDP works via your own VPC (using the network connector) but is blocked in the default setup. I too would absolutely love real ingress, even if it was IPv6 only.
English
0
0
2
29
Anthony
Anthony@myonlinetrust·
@apparentorder UDP works, but you need to use hole punching to trick the microvm into thinking it’s egress traffic. So… it seems there’s no technical reason they can’t just enable ingress (with the proper security group settings) on the microvm
English
1
0
1
30
Aidan W Steele
Aidan W Steele@__steele·
AWS did a great job of documenting the new Lambda MicroVMs, but missed a couple of small things that I personally found interesting - so I wrote some notes. awsteele.com/blog/2026/06/2…
English
2
16
70
7K
Aidan W Steele
Aidan W Steele@__steele·
A fast-follow from my previous tweet: turns out that AWS Lambda MicroVMs are quite flexible. You can run a Kubernetes cluster across them. With multiple pods per MicroVM. So I built a sample project showing how to do just that. github.com/aidansteele/mi…
English
6
7
51
5.5K
Aidan W Steele
Aidan W Steele@__steele·
@QuinnyPig Which parts did you find alarming? I dug into it yesterday, came across one false alarm with ENI enumeration and mostly walked away satisfied. I’m keen to know what I missed - DM?
English
0
0
10
1.1K
Corey Quinn
Corey Quinn@QuinnyPig·
You’re competing with *three* teams at AWS, who have never spoken to one another. When these products eventually ship they will be gated behind a crappy interface and, in this specific microVM Lambda case, have some security behaviors I can only describe as “alarming.”
Kushal Byatnal@kushalbyatnal

this misses a key point — you're never actually competing with "AWS" you're competing with one team at AWS that works 10am-4pm, ships slowly, and doesn't care about the problem half as much as you do when we started, we got compared to Textract on every call now when I walk into a deal and hear they're on Textract, I'm thrilled because we know a 100 different ways it falls short

English
5
7
256
39.1K
Aidan W Steele
Aidan W Steele@__steele·
CloudTrail Lake is deprecated. We’re told to use CloudWatch instead. Only problem is it’s not very good (yet). The service, docs, whole experience need a lot of work. awsteele.com/blog/2026/06/1…
English
0
2
6
827
Aidan W Steele
Aidan W Steele@__steele·
When I verify ownership of a domain in AWS SES, that should let me send an email to *@${domain} while in the sandbox.
English
0
0
3
351
Aidan W Steele
Aidan W Steele@__steele·
@VB_tins Looks similar to my first attempt two months ago. For bread it tasted pretty good. For focaccia it was underwhelming. Will have to try again soon
Aidan W Steele tweet media
English
1
0
0
39
nico
nico@VB_tins·
Tastes OK 👍 🍞
English
1
0
0
105
Nikki Pinski
Nikki Pinski@pinskinator·
@benkershner Look, we all launched Amazon Sumerian in 2019. But we didn't launch the 3rd competing UUID service until 2021 at the earliest!
English
1
0
2
48
Aidan W Steele
Aidan W Steele@__steele·
@QuinnyPig @kmcquade3 @forrestbrazeal I think they ended up bringing in the guy who wrote the primary HTTP/3 implementation in Go to clean up my steaming pile of code. I can only imagine what he thought when he saw the absurd connections-in-streams-in-godknowswhat I was building.
English
1
0
1
86