- Published on
- 9 min read
AI Tool Gateways: Sandboxing Agent Access in Kubernetes
AI agents have unlimited ambition and undefined access boundaries. You have sandboxed everything else. Here is how to sandbox your agents too.
Security
7 posts tagged
- Published on
- 8 min read
Network Control with Cilium and Kyverno: Policies That Actually Work
Network policies in most Kubernetes clusters are cargo cult. Teams write them, Kubernetes accepts them, and nothing changes. Cilium actually enforces them — and shows you the traffic.
- Published on
- 12 min read
The M5 Pro Setup: Same Mac, Different Era
Why 48GB changes a Mac from coding laptop into an AI workstation for local models, parallel agents, and platform engineering.
- Published on
- 6 min read
Git Commit Signing with GPG on macOS
A practical GPG commit signing setup on macOS, with GitHub verification, pinentry-mac, GPG_TTY, and the parts that usually break.
- Published on
- 8 min read
SSH Git Commit Signing for Busy Engineers
A clean SSH commit signing setup on macOS, with separate auth and signing keys, local verification, and none of the usual GPG hassle.
- Published on
- 22 min read
Authentication 101: A Complete Guide to Modern Identity Methods
Authentication gets easier when you separate login, delegated access, SSO, and workload identity. This guide shows where each one fits.
- Published on
- 7 min read
GKE to AWS Identity Federation: A Guide to Keyless Access
Run workloads on GKE and access AWS without static keys. This guide shows how to federate a Kubernetes service account into an AWS IAM role.