banner
cloudnativeboy.bsky.social
@cloudnativeboy.bsky.social
Host of youtube.com/@cloudnativefm podcast, CNCF Ambassador
MIT says ~95% of GenAI pilots show no measurable P&L impact. Wharton finds ~75% of firms report positive ROI. Different questions = different headlines.

Short clip w/ RichardSimon unpacks why
#CloudNativeWisdom18: youtu.be/fTE_tSW1NzA
January 7, 2026 at 4:03 PM
Resilience vs High Availability, following the AWS US-East-1 outage,

Richard Simon and I explain why AZ-level resilience wasn’t enough and how true HA needs cross-region failover and practice

Watch our quick explainer 👇
youtu.be/WMx3kV-qwXE
#CloudNativeWisdom17 Resilience ≠ HA: What the US-East-1 Outage Taught Us
YouTube video by Cloud Native Podcast
youtu.be
January 6, 2026 at 1:24 PM
@hrexed.bsky.social Happy birthday and best wishes for 2026.
January 6, 2026 at 9:23 AM
#CloudNativeWisdom16 How AI and generative agents are reshaping cloud migration from automated discovery & dependency mapping to vendor tools, including those from AWS, Microsoft Azure, Google, and newcomers like Fluid Cloud.

Watch on #CloudNativeFM -> youtu.be/13eEAOCA6SQ
January 6, 2026 at 3:23 AM
With the release of K8s 1.35, In-Place Pod Vertical Scaling has officially hit GA.

We no longer have to restart pods (and risk minor disruptions) just to adjust CPU or memory limits.

Check out the details here: kubernetes.io/blog/2025/12...
Kubernetes 1.35: In-Place Pod Resize Graduates to Stable
This release marks a major step: more than 6 years after its initial conception, the In-Place Pod Resize feature (also known as In-Place Pod Vertical Scaling), first introduced as alpha in Kubernetes ...
kubernetes.io
January 2, 2026 at 5:48 PM
If 2025 was a bug, may 2026 be the hotfix. 🔧🎉

HAPPY #NewYear2026 TO ALL THOSE WHO'RE IN JANUARY 🎉.
December 31, 2025 at 7:08 PM
Msg sent, hoping to start a conversation there.
December 21, 2025 at 5:54 PM
Great, the request is sent; afterward, I can send a DM.
December 19, 2025 at 1:11 PM
Is there anything JavaScript can’t do?
December 17, 2025 at 6:33 PM
Docker Hardened Images (DHI) is now free and open source (Apache 2.0) 🎉

- hardened, minimal, near-zero CVEs images & helm charts
- SBOM & provenance attestations

Read more:
www.docker.com/blog/docker-...
Hardened Images for Everyone | Docker
Security for everyone. Docker Hardened Images are now free to use, share, and build on with no licensing surprises.
www.docker.com
December 17, 2025 at 2:46 PM
I can't make it to the #KubeCon, b/c none of my CFPs have been accepted for the last 6 years, but I can give a keynote talk thanks to "new ChatGPT Images."
December 17, 2025 at 6:54 AM
I hope you find this 🧵 helpful, writing, enabling, and executing policy as code, not only a prerequisite, but it's a demand for battle-tested and resilient infrastructure, which will continue to evolve as the Dev/Ops req change, share your thoughts on the CEDAR approach ✍️ 👇
bsky.app/profile/clou...
🧵 (1/1) A new Kid in the Policy Town Cedar by AWS access controls for Kubernetes! Cedar is an open-source policy language created by AWS and is now a CNCF Sandbox Project. This project enables writing expressive Kubernetes permissions.
aws.amazon.com/blogs/openso...
Cedar Joins CNCF as a Sandbox Project | Amazon Web Services
Cedar, an open source authorization policy language and SDK, has joined the Cloud Native Computing Foundation (CNCF) as a Sandbox project. CNCF provides a neutral home for early stage and developing o...
aws.amazon.com
December 16, 2025 at 5:18 PM
(7/7) An exciting aspect to me is the ability to enforce label-based access control decisions in a cluster. This enables you to partition a Kubernetes cluster not by namespaces, but by k/v label presence. See the launch blog for an example of how this can work.

www.cedarpolicy.com/blog/cedar-f...
Cedar Language Playground
www.cedarpolicy.com
December 16, 2025 at 5:11 PM
(6/6) Cedar for Kubernetes supports features not available in Kubernetes RBAC today like denials, conditions, and attribute and label-based access controls.
December 16, 2025 at 5:11 PM
(5/5) For a walkthrough of Cedar, you can get a crash course in the project’s GitHub documentation or the language docs. Cedar is powered by formally verified automated reasoning, enabling you to verify that policies are valid and cannot error on enforcement.
December 16, 2025 at 5:10 PM
(4/4) Cedar access control for Kubernetes aims to help solve this set of problems. By using the same language for both authorization and admission policies, administrators can quickly reason about what permissions are granted and what restrictions are applied in the same policy file.
December 16, 2025 at 5:09 PM
(3/3) This introduces high cognitive overhead when authoring policy, and the risk of an unintended effect increases when making and reviewing code changes to existing policies, as a reviewer might not be aware of all permissions or restrictions if only one is being modified.
December 16, 2025 at 5:09 PM
(2/2) One of the main motivations for this work is that defenders who secure Kubernetes clusters have to learn and use multiple policy languages to get their job done, often defining permitted actions in one file and restrictions in separate policy files, languages, and frameworks
December 16, 2025 at 5:08 PM
🧵 (1/1) A new Kid in the Policy Town Cedar by AWS access controls for Kubernetes! Cedar is an open-source policy language created by AWS and is now a CNCF Sandbox Project. This project enables writing expressive Kubernetes permissions.
aws.amazon.com/blogs/openso...
Cedar Joins CNCF as a Sandbox Project | Amazon Web Services
Cedar, an open source authorization policy language and SDK, has joined the Cloud Native Computing Foundation (CNCF) as a Sandbox project. CNCF provides a neutral home for early stage and developing o...
aws.amazon.com
December 16, 2025 at 5:08 PM
Congrats and I'm really looking forward to connecting with you to host a podcast to get a fresh perspective of what this project is all about and roadmap ahead, hoping to connect.
December 16, 2025 at 1:11 PM
Last livestream of 2025, Thank you everyone, for giving up your precious time to be with us #ReInvent re: Call Livestream.

Guy Brodetzki (@InfrOS)
Cristian Măgherușan-Stanciu (LeanerCloud)
Mike Mead (The Scale Factory)
Randi Belz (@NirmataCloud)
Jon Brookes (AJBC)
The Vegas Airport Slot Machines 😀
December 16, 2025 at 1:09 PM
AI and programmers then vs AI and programmers now......

Can you spot a BIG difference?
December 15, 2025 at 4:44 PM
Learn how Perforator fetches continuous profiling data (via Pyrocope), allows you to copy a contextual prompt for a bottleneck, & then utilizes an MCP-enabled AI agent to request the profiling payload and automatically refactor the code, saving dev time & surfacing real fixes, not guesses.

Link 👇
December 15, 2025 at 4:41 PM
Happy Monday, Software Engineers!!!
December 15, 2025 at 3:29 PM