I build open-source GenAI and security tools, and write about cloud, IAM, and AI agents — with real numbers where I have them.
Open-source on the official AWS Samples org
A GenAI assistant that audits and generates least-privilege IAM policies.
Open-source on AWS Samples
Find Amazon WorkSpaces nobody has used in N days — before they quietly cost you money.
Repo health, visualized
A CLI that generates a shareable visual X-ray of any git repository — contributors, code hotspots, complexity trends, bus factor and knowledge silos — as a self-contained HTML report.
GenAI
Why broad permissions cause so many cloud incidents, why least privilege is so hard to get right, and how my IAM assistant on Amazon Bedrock changed between 2023 and today.
Astro
A technical teardown of hernan.tech: a static Astro pipeline, content collections validated with Zod, Git-driven deploys on Cloudflare Pages, DNS and CNAME flattening, and the real build numbers and free-tier limits.
AWS
Visibility with Cost Explorer and CUR, tagging, right-sizing with CloudWatch, Auto Scaling, Fargate vs. EC2, and pricing options (On-Demand, Savings Plans, and Spot) to optimize container costs on AWS.