Dare Osewa

Software Engineer | Cloud

Just-in-Time AWS Access with Entra ID PIM

When our DevOps team launched a year ago, engineers relied on a legacy ADFS integration for AWS access. Under this setup, Active Directory groups were mapped directly to IAM roles; engineers simply logged into a SSO portal and were granted access to AWS Accounts. However, this “automatically in” model created high-risk Standing Privileges, granting admin
Read More

Theory of everything

One of the fundamental limitations of science is its pursuit of a single equation or theory to explain everything, attempting to compress the richness of reality into a simplified theory called the “theory of everything.” It’s reasonable that a theory of everything would explain the single entity where everything comes from, but maybe we need
Read More

Agent Ops

One of the ways I am trying to stay close to what is happening in AI agents outside of work is by building small things in public. I started with a setup that lets me code from my phone by SSH-ing into a Linux server and using Codex there. That setup has been simple, fast,
Read More

Making SSH into my Home Server Seamless from Windows

Making SSH Access Seamless from Windows In an earlier post, I set up Codex CLI on my home Linux server: Typing the SSH command every time gets old fast, so I decided to simplify the workflow from my Windows machine. Quick SSH Access with PowerShell The simplest approach was to create a shortcut that opens
Read More

Running Codex CLI on My Home Linux Server (Ubuntu + SSH Setup)

My home Linux server had been sitting idle for a while after I moved it out of reach, this is mainly to stop my little boy from constantly turning it on and off. Recently, I’ve been experimenting with Codex in VS Code, and it got me thinking… why not bring that same experience to my
Read More

#3 – Advanced IAM

Understanding AWS Security Token Service (STS) AWS Security Token Service (STS) allows you to obtain temporary credentials that can be used to access AWS resources. These credentials are short-lived and typically valid for up to one hour, which improves security by avoiding long-term credentials. Temporary credentials are commonly used for: AssumeRole AssumeRole allows an identity
Read More

#2 – IAM Basics

AWS Identity and Access Management (IAM) is a global AWS service used to manage access to AWS resources. When an AWS account is first created, a root account is created automatically. The root user has full access to the account. However, it is best practice not to use the root user for everyday tasks. Instead,
Read More

#1 – AWS Cloud Introduction

Amazon Web Services (AWS) started as an internal infrastructure used by Amazon. Over time, the company realised other organisations could benefit from the same infrastructure, so they began offering it as a service. The first AWS service launched was SQS (Simple Queue Service), which allowed applications to communicate asynchronously using message queues. Today AWS provides
Read More

Moving 500GB of Data Globally into Amazon S3

When collecting large datasets from systems distributed across multiple continents, the main challenge is usually reliable and fast data transfer into a central storage location. A common pattern in AWS for this scenario is combining S3 Transfer Acceleration and Multipart Upload. This approach works particularly well for workloads such as log aggregation, telemetry collection, or
Read More

AWS Lambda Foundations

I created this presentation for an AWS Lambda knowledge-sharing session. The topics covered include event triggers, asynchronous workflows, AWS SAM, and security best practices.  This material is based on AWS public documentation and hands-on learning.
Dare Osewa