Dare Osewa

Software Engineer | Cloud

Understanding Open ID Connect and the Problems with Static Credentials – Part 1

Introduction The use of static credentials in CI/CD pipelines introduces several operational and security challenges. Access keys require regular rotation, and if rotations are missed or delayed, pipelines can fail unexpectedly during deployments. On my current project, credential rotation used to depend on another internal team, creating an external dependency for deployment reliability. This created
Read More

Why Most Screen-Time Apps Miss the Real

One thing I’ve noticed about most screen-time apps is that they focus on restricting behaviour. Few seem to focus on helping users choose an alternative action in that moment. So instead of simply saying “don’t do this”, what if technology helped people do something they had already decided was important? e.g. Calling or messaging someone
Read More

Just-in-Time AWS Access with Entra ID PIM

When our DevOps team launched a year ago, engineers relied on a legacy ADFS integration for AWS access. Under this setup, Active Directory groups were mapped directly to IAM roles; engineers simply logged into a SSO portal and were granted access to AWS Accounts. However, this “automatically in” model created high-risk Standing Privileges, granting admin
Read More

Theory of everything

One of the fundamental limitations of science is its pursuit of a single equation or theory to explain everything, attempting to compress the richness of reality into a simplified theory called the “theory of everything.” It’s reasonable that a theory of everything would explain the single entity where everything comes from, but maybe we need
Read More

Agent Ops

One of the ways I am trying to stay close to what is happening in AI agents outside of work is by building small things in public. I started with a setup that lets me code from my phone by SSH-ing into a Linux server and using Codex there. That setup has been simple, fast,
Read More

Making SSH into my Home Server Seamless from Windows

Making SSH Access Seamless from Windows In an earlier post, I set up Codex CLI on my home Linux server: Typing the SSH command every time gets old fast, so I decided to simplify the workflow from my Windows machine. Quick SSH Access with PowerShell The simplest approach was to create a shortcut that opens
Read More

Running Codex CLI on My Home Linux Server (Ubuntu + SSH Setup)

My home Linux server had been sitting idle for a while after I moved it out of reach, this is mainly to stop my little boy from constantly turning it on and off. Recently, I’ve been experimenting with Codex in VS Code, and it got me thinking… why not bring that same experience to my
Read More

#3 – Advanced IAM

Understanding AWS Security Token Service (STS) AWS Security Token Service (STS) allows you to obtain temporary credentials that can be used to access AWS resources. These credentials are short-lived and typically valid for up to one hour, which improves security by avoiding long-term credentials. Temporary credentials are commonly used for: AssumeRole AssumeRole allows an identity
Read More

#2 – IAM Basics

AWS Identity and Access Management (IAM) is a global AWS service used to manage access to AWS resources. When an AWS account is first created, a root account is created automatically. The root user has full access to the account. However, it is best practice not to use the root user for everyday tasks. Instead,
Read More

#1 – AWS Cloud Introduction

Amazon Web Services (AWS) started as an internal infrastructure used by Amazon. Over time, the company realised other organisations could benefit from the same infrastructure, so they began offering it as a service. The first AWS service launched was SQS (Simple Queue Service), which allowed applications to communicate asynchronously using message queues. Today AWS provides
Read More
Dare Osewa