Blog Posts

AI is transforming the Software Development Life Cycle by embedding intelligent agents into planning, design, development, testing, and operations. This guide explains how to build a secure, governed, and scalable AI-driven SDLC using spec-driven development, centralized governance, and platform engineering practices. Learn how organizations can improve velocity, quality, and security while enabling developers to deliver production-ready code from day one.

Building a successful open-source project goes beyond sharing code — it requires production-grade quality, clear documentation, strong DevEx, and active community engagement. In this guide, learn how to build secure, maintainable, and high-impact open-source projects using GitHub best practices, CI/CD pipelines, contribution templates, and real-world automation. Ideal for both companies and individual developers.

AWS re:Invent 2025 summary - exciting new services and features launched from a Serverless and agentic AI developer perspective.

Platform engineering isn't just for Kubernetes—serverless teams need it too. In this post, learn how applying platform engineering principles to AWS serverless can help you scale infrastructure, enforce security, improve observability, and boost developer productivity. From reusable CDK blueprints to automated governance and cost optimization, see how platform teams empower developers and accelerate delivery in a serverless world.

My session guide for AWS re:Invent: 2025 breakout sessions, workshops, and talks relevant to Serverless, SaaS, platform engineering, and security.

AWS re:Invent 2025 is massive, intense, and full of opportunities. In my latest guide, I share practical tips from three years of experience as both speaker and attendee. From arriving early to beat jet lag, packing the right tools (shoes, layers, battery pack), and navigating sessions efficiently, to leveraging community tracks, social events, and unique Vegas experiences—this post helps you plan smart, learn deeply, and connect with the AWS community like a pro.

Choosing between AWS Secrets Manager and SSM Parameter Store isn’t always straightforward. This guide breaks down the key differences in cost, secret rotation, versioning, encryption, IaC support, and more—helping you decide which service fits your use case. Whether you're managing sensitive credentials or sharing configuration across environments, you'll walk away with a clear, practical recommendation backed by real-world experience.

Building agentic AI requires more than prompts—it needs secure, structured access to your systems. This post explores three ways to deploy a production-grade MCP server on AWS: Lambda with Web Adapter, Pure Lambda, and AWS Fargate. Compare performance, cost, observability, and DevEx tradeoffs, and access ready-to-use CDK templates. Ideal for teams bringing agentic AI into real-world applications on AWS.

AWS Lambda makes it easy to build serverless apps—but security is often an afterthought. This post covers 14 real-world Lambda security best practices, from input validation, secret management, and least-privileged IAM to tenant isolation and safe logging. Backed by years of hands-on experience and aligned with OWASP Serverless Top 10, it includes a downloadable checklist to help you secure your functions from day one.