Author | Lightnews

Teri Radichel @teriradichel.bsky.social · 1d

I use Q CLI and created a framework for my agents to maintain a proper architecture and security.

Teri Radichel @teriradichel.bsky.social · 1d

Chronicling my venture into AI here. 🤖 Sept 25 was key post. Started exploring production ready code. Immediately saw the pitfalls and wrote a framework and better context. A month later….have accomplished a lot. No time to write. Follow for updates.

medium.com/cloud-securi...

Artificial Intelligence

Generating Code and Content With AI

medium.com

1

Teri Radichel @teriradichel.bsky.social · 1d

Definitely faster than I would have done myself and with a lot less rework.

My agent framework is running nicely to keep my agents behaving themselves.

1 2

Teri Radichel @teriradichel.bsky.social · 1d

I also integrated the AWS auth library I posted last time that requires MFA to execute a deployment with credentials coming from secrets manager.

1 1

Teri Radichel @teriradichel.bsky.social · 1d

So is Amazon Q getting better or am I getting better at using it or is it just that I’m doing something it happens to be heavily trained on? I just converted my bash AWS deploy anything script to rust and fixed most of the remaining issues.

1 1

Teri Radichel @teriradichel.bsky.social · 2d

To summarize show available users and groups in a drop down when subscribing or don’t have a drop down! Tell the user they need to explicitly type the name of user or group if not displayed when using standalone IC and no external identity provider.

1

Teri Radichel @teriradichel.bsky.social · 2d

Will let people know in person later but maybe someone will read and fix that. 😁 I probably wrote about it my blog already and forgot because…trying to remember too many things!

1

Teri Radichel @teriradichel.bsky.social · 2d

When I go to groups, the application is not shown for that group. Hmm. Did I not add the group actually? Maybe not. Ah yes I did not actually assign the group that’s right. But I can if I type in the name. It just won’t appear in any drop down list. That is super confusing.

1

Teri Radichel @teriradichel.bsky.social · 2d

But it also wouldn’t let me add the group because it already had access even though I couldn’t see it.

1

Teri Radichel @teriradichel.bsky.social · 2d

Ok what did I miss. I go back into Applications in IC. How come I couldn’t see that the group had access to that application?? Now I see the use that I created has access to the application but it doesn’t show the group.

1

Teri Radichel @teriradichel.bsky.social · 2d

I asked Q like 20 times in 20 different ways and finally it told me that I have to type in the user name when subscribing. It will not be searchable or show up in a drop down list. Is that a bug? At least tell people that in big letters on the screen??

1

Teri Radichel @teriradichel.bsky.social · 2d

I can’t figure out how to tell my existing group has access to that application. It’s not showing up anywhere. What am I missing? How do admins know what groups have access to what apps?

1

Teri Radichel @teriradichel.bsky.social · 2d

But I still couldn’t see that user when I went into Q developer. I also couldn’t figure out how to grant the user direct access to the application in AWS IAM Identity Center.

1

Teri Radichel @teriradichel.bsky.social · 2d

Today I logged in to resubscribe a user but every button and option was disabled. I couldn’t figure out how to fix it in IC or Q dev so I deleted those three users and added a new one and put it in the group that should have access to the app.

1

Teri Radichel @teriradichel.bsky.social · 2d

Ok this is overly complicated. I had three users in a group that was assigned access to Q Developer Pro Tier in a standalone AWS IAM Identity Center account…

1

Teri Radichel @teriradichel.bsky.social · 2d

What happened to Amazon Q. I can no longer subscribe users or groups.

1

Teri Radichel @teriradichel.bsky.social · 2d

Testing assume role with MFA using the AWS rust-sdk. How and why I am doing it this way.

2ndSightLab/aws-rust-assume-role-with-mfa

github.com/2ndSightLab/...

GitHub - 2ndSightLab/aws-rust-assume-role-with-mfa: Testing assume role with MFA using the AWS rust-sdk

Testing assume role with MFA using the AWS rust-sdk - 2ndSightLab/aws-rust-assume-role-with-mfa

github.com

2

Teri Radichel @teriradichel.bsky.social · 3d

Yeah I’m sure Huawei is just fine. Hello.

InfoSec @infosec.skyfleet.blue · 3d

Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide

In a report shared with Recorded Future News, Unit 42 attributed the targeting of Cisco ASA devices to Storm-1849 — a China-based threat group that Cisco previously said has been attacking the tools since 2024.

therecord.media

Teri Radichel @teriradichel.bsky.social · 3d

Try building by using only the GitHub repos not crates. You’ll probably see what I mean. Like trying to build c crypto library dependencies. And how do you even know which repos to use when there are multiple repos with similar names?

Teri Radichel @teriradichel.bsky.social · 3d

When you look at the dependencies for rust crates it’s not just the direct dependencies but all the dependencies of your dependencies and their dependencies and so on, down to the dependencies written by one person in a personal repo….

1

Teri Radichel @teriradichel.bsky.social · 3d

This shows assume role but not how to pass in creds or MFA token. I wanted to start basic with a prompt and convert to secrets manager with prompt for MFA token. I didn’t get how to enter creds. Figured it out I think but docs were confusing to me. docs.aws.amazon.com/sdk-for-rust...

AWS STS examples using SDK for Rust - AWS SDK for Rust

Code examples that show how to use AWS SDK for Rust with AWS STS.

docs.aws.amazon.com

Teri Radichel @teriradichel.bsky.social · 3d

Why isn’t AWS STS
or Security Token Service in this list? Am I missing it? Where is the documentation that shows me every most recent library with every method and how to use it. Like assume a role with MFA? And best practices like how to use Secure String with that?
awslabs.github.io/aws-sdk-rust/

AWS SDK for Rust

AWS SDK for the Rust Programming Language

awslabs.github.io

1

Teri Radichel @teriradichel.bsky.social · 3d

Good idea! But I can’t do that when just doing Google AI searches. In theory it should be using the latest docs on the web and I told it to look at that but it still kept going in circles giving me incorrect answers. Also I perused the AWS docs. Was not easy to find. I need to look at that again.

1 1

Teri Radichel @teriradichel.bsky.social · 3d

⚠️ ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️ Do not try to use Google AI to write code for the AWS rust SDK.  ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️

infosec.exchange/@teriradiche...

Teri Radichel (@[email protected])

Let me just save you some time since I just wasted a whole day. ⚠️ ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️ Do not try to use Google AI to write code for the AWS rust SDK. ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️ Google has given me so...

infosec.exchange

1

Teri Radichel @teriradichel.bsky.social · 3d

Wishing AWS rust builder types were based on a trait so I could generically instantiate a client for any service. I wonder why not.

1