GenAI
Behind my IAM security assistant built on Amazon Bedrock
Why broad permissions cause so many cloud incidents, why least privilege is so hard to get right, and how my IAM assistant on Amazon Bedrock changed between 2023 and today.
Blog
Notes from production
Hard-won lessons in cloud, security, IAM, and AI agents. Numbers where I have them.
Astro
How this blog is built: Astro, Cloudflare Pages, and a custom domain
A technical teardown of hernan.tech: a static Astro pipeline, content collections validated with Zod, Git-driven deploys on Cloudflare Pages, DNS and CNAME flattening, and the real build numbers and free-tier limits.
AWS
EP179: Cost optimization on Amazon ECS and AWS Fargate
Visibility with Cost Explorer and CUR, tagging, right-sizing with CloudWatch, Auto Scaling, Fargate vs. EC2, and pricing options (On-Demand, Savings Plans, and Spot) to optimize container costs on AWS.