Blog
Failing Less at Kubernetes with Policy as Code & OPA
April 12, 2023 (External Post) Kubernetes has become the de facto way to run modern computing platforms, both in the cloud and on-premise.
Enforcing Role-based Access Control Policies with OPA
March 28, 2023 (External Post) The original RBAC design still makes for a great starting point when designing an access control system. With OPA now commonly taking up a central...
Using BigQuery PERCENTILE_CONT to Find My Best Value Albums
November 16, 2022 I have been a Spotify subscriber for over 10 years. I use their API and data from Last.fm to keep a record of all my...
toolbelt - Building a personal side project platform
October 10, 2022 I'm fortunate to have both the time and energy to work on technical side projects in my spare time. I feel joy when I automate...
Modern workload identity with SPIFFE & Trust Domains
August 12, 2022 (External Post) A workload is a running instance of an application. Workload identities are how workloads trust and get trusted by each other. Workloads need to communicate with other...
Creating a DIY offline YouTube watch list with Inoreader, yt-dlp, Zapier, GitHub Actions and Dropbox
July 15, 2022 Update: Zapier webhooks are now a premium integration, I have now built my own handler for this transformation here
Authorizing requests with embeddable logic programming DSLs
May 8, 2021 Over the past 18 months I've become interested in the idea of standardizing authorization checks in software. This interest started when using Open Policy...