Kyler Middleton
@letsdodevops.com
Cloud Security Chick | LetsDoDevOps.com | Microsoft MVP (DevOps) | AWS Community Builder x3 (AI Engineering)| Day Two DevOps Podcast Host | Former Hashi Ambassador | Open Source Zealot
All six parts of the Let’s Do DevOps “Building a Teams AI Bot” series are now free to read.
This series walks through every step of creating a Microsoft Teams bot with real AI capabilities—from registration and OAuth, to message handling, to AWS integration with Bedrock and Lambda.
This series walks through every step of creating a Microsoft Teams bot with real AI capabilities—from registration and OAuth, to message handling, to AWS integration with Bedrock and Lambda.
🔥Building a Teams Bot with AI Capabilities - Part 6 - Reading Teams Attachments🔥
aka, file location and permissions aren't reliable, and are critically important. Great.
buff.ly
November 4, 2025 at 4:21 PM
All six parts of the Let’s Do DevOps “Building a Teams AI Bot” series are now free to read.
This series walks through every step of creating a Microsoft Teams bot with real AI capabilities—from registration and OAuth, to message handling, to AWS integration with Bedrock and Lambda.
This series walks through every step of creating a Microsoft Teams bot with real AI capabilities—from registration and OAuth, to message handling, to AWS integration with Bedrock and Lambda.
How are ya'll smart folks correlating the conversations agentic bots have with AI services to a particular conversation or user request? How do you do request tracing?
November 3, 2025 at 3:04 PM
How are ya'll smart folks correlating the conversations agentic bots have with AI services to a particular conversation or user request? How do you do request tracing?
You know how AI-generated photos have a yellow pallor? Attached photo for reference.
There's an idea that the models were trained on older photos that were scanned into computers, and the photos had yellowed with age.
Tech is weird.
There's an idea that the models were trained on older photos that were scanned into computers, and the photos had yellowed with age.
Tech is weird.
October 30, 2025 at 3:02 PM
You know how AI-generated photos have a yellow pallor? Attached photo for reference.
There's an idea that the models were trained on older photos that were scanned into computers, and the photos had yellowed with age.
Tech is weird.
There's an idea that the models were trained on older photos that were scanned into computers, and the photos had yellowed with age.
Tech is weird.
No one gets to tell you what you mean when you write LGTM on a PR.
I personally mean Lets Go To the Moon
What about you?
I personally mean Lets Go To the Moon
What about you?
October 29, 2025 at 3:05 PM
No one gets to tell you what you mean when you write LGTM on a PR.
I personally mean Lets Go To the Moon
What about you?
I personally mean Lets Go To the Moon
What about you?
In Part 5 of my “Building a Teams Bot with AI Capabilities” series, we dive into the fun stuff: how the bot actually reads conversations, grabs context, and posts AI-generated responses back into Teams.
Full article’s free to read, link in image
#DevOps #TeamsBot #AWS #AIIntegration #LetsDoDevOps
Full article’s free to read, link in image
#DevOps #TeamsBot #AWS #AIIntegration #LetsDoDevOps
October 28, 2025 at 3:03 PM
In Part 5 of my “Building a Teams Bot with AI Capabilities” series, we dive into the fun stuff: how the bot actually reads conversations, grabs context, and posts AI-generated responses back into Teams.
Full article’s free to read, link in image
#DevOps #TeamsBot #AWS #AIIntegration #LetsDoDevOps
Full article’s free to read, link in image
#DevOps #TeamsBot #AWS #AIIntegration #LetsDoDevOps
If you've wondered how to REALLY use MCPs in your bots, me too. So as I've been experimenting and adding things to my Strands bot at work, I've been publishing all the code, including the MCPs which so far includes:
* Atlassian
* AWS
* Azure
* GitHub
* PagerDuty
Find it here: buff.ly/3sRrT5V
* Atlassian
* AWS
* Azure
* GitHub
* PagerDuty
Find it here: buff.ly/3sRrT5V
October 27, 2025 at 3:41 PM
If you've wondered how to REALLY use MCPs in your bots, me too. So as I've been experimenting and adding things to my Strands bot at work, I've been publishing all the code, including the MCPs which so far includes:
* Atlassian
* AWS
* Azure
* GitHub
* PagerDuty
Find it here: buff.ly/3sRrT5V
* Atlassian
* AWS
* Azure
* GitHub
* PagerDuty
Find it here: buff.ly/3sRrT5V
MinIO has stopped publishing their namesake object-store docker file, now requiring customers to build from source. This, with no notice, over 1B (billion) downloads from dockerhub, and just after a critical CVE was dropped.
Have your teams check if they're using this image from dockerhub.
Have your teams check if they're using this image from dockerhub.
October 23, 2025 at 4:00 PM
MinIO has stopped publishing their namesake object-store docker file, now requiring customers to build from source. This, with no notice, over 1B (billion) downloads from dockerhub, and just after a critical CVE was dropped.
Have your teams check if they're using this image from dockerhub.
Have your teams check if they're using this image from dockerhub.
Do you know who subscribes to LetsDoDevOps[.]com?
Turns out folks from:
- Amazon
- Intel
- Hashicorp
- Boeing
- GitHub
- SAP
- Fortinet
- Sandia National Laboratories
- ZScaler
- Anduril
Please go subscribe, there's a free tier (but paid helps me buy caffeine to keep generating the content haha)
Turns out folks from:
- Amazon
- Intel
- Hashicorp
- Boeing
- GitHub
- SAP
- Fortinet
- Sandia National Laboratories
- ZScaler
- Anduril
Please go subscribe, there's a free tier (but paid helps me buy caffeine to keep generating the content haha)
October 22, 2025 at 2:31 PM
Do you know who subscribes to LetsDoDevOps[.]com?
Turns out folks from:
- Amazon
- Intel
- Hashicorp
- Boeing
- GitHub
- SAP
- Fortinet
- Sandia National Laboratories
- ZScaler
- Anduril
Please go subscribe, there's a free tier (but paid helps me buy caffeine to keep generating the content haha)
Turns out folks from:
- Amazon
- Intel
- Hashicorp
- Boeing
- GitHub
- SAP
- Fortinet
- Sandia National Laboratories
- ZScaler
- Anduril
Please go subscribe, there's a free tier (but paid helps me buy caffeine to keep generating the content haha)
When you interact with Bedrock services, your logs get put into a cloudwatch log group. That sounds great, right? Except ALL bot interactions get put into the SAME log group, making differentiating all those logs a pain.
FireHose can solve this with some custom lambda. Link in the image :D
FireHose can solve this with some custom lambda. Link in the image :D
October 21, 2025 at 2:04 PM
When you interact with Bedrock services, your logs get put into a cloudwatch log group. That sounds great, right? Except ALL bot interactions get put into the SAME log group, making differentiating all those logs a pain.
FireHose can solve this with some custom lambda. Link in the image :D
FireHose can solve this with some custom lambda. Link in the image :D
A coworker just said "... since we're in Q4 of the year" and I am still shocked and offended by this language.
October 14, 2025 at 2:03 PM
A coworker just said "... since we're in Q4 of the year" and I am still shocked and offended by this language.
Strands, for everyone in the world, will be able to read the contents of GitHub files next week when they publish the new version of the Strands agent.
I'm proud of this change. Will be published next week to pypi!
I'm proud of this change. Will be published next week to pypi!
Add EmbeddedResource support to mcp (read GitHub file contents blocker) by KyMidd · Pull Request #726 · strands-agents/sdk-python
Description Hey team! Utilizing strands locally to connect to (remote github MCP), and saw that it was unable to download particular files using github MCP tool get_file_contents. When I'd at...
buff.ly
October 13, 2025 at 2:03 PM
Strands, for everyone in the world, will be able to read the contents of GitHub files next week when they publish the new version of the Strands agent.
I'm proud of this change. Will be published next week to pypi!
I'm proud of this change. Will be published next week to pypi!
I had a lovely time, #TechFutures. Met some wonderful people, made a room laugh at my AI jokes, and helped a small room of folks deploy a genAI bot into their slack. It's been a pretty good time.
October 10, 2025 at 2:31 PM
I had a lovely time, #TechFutures. Met some wonderful people, made a room laugh at my AI jokes, and helped a small room of folks deploy a genAI bot into their slack. It's been a pretty good time.
Hey all!
Parts 3 and 4 of the Teams AI Bot series on Let’s Do DevOps are now FREE FOREVER!
Part 3: Building the Teams Bot AI Backend - buff.ly/hXo4RHJ
Part 4: Deploying Your Serverless AI Bot - buff.ly/tAai7SN
Subscribe to support more articles <3
Parts 3 and 4 of the Teams AI Bot series on Let’s Do DevOps are now FREE FOREVER!
Part 3: Building the Teams Bot AI Backend - buff.ly/hXo4RHJ
Part 4: Deploying Your Serverless AI Bot - buff.ly/tAai7SN
Subscribe to support more articles <3
🔥Building a Teams Bot with AI Capabilities - Part 3 - Delegated Permissions and Making Lambda Stateful for Oauth2🔥
aka, "do you remember me?"
buff.ly
October 8, 2025 at 2:01 PM
Hey all!
Parts 3 and 4 of the Teams AI Bot series on Let’s Do DevOps are now FREE FOREVER!
Part 3: Building the Teams Bot AI Backend - buff.ly/hXo4RHJ
Part 4: Deploying Your Serverless AI Bot - buff.ly/tAai7SN
Subscribe to support more articles <3
Parts 3 and 4 of the Teams AI Bot series on Let’s Do DevOps are now FREE FOREVER!
Part 3: Building the Teams Bot AI Backend - buff.ly/hXo4RHJ
Part 4: Deploying Your Serverless AI Bot - buff.ly/tAai7SN
Subscribe to support more articles <3
If you're in NY this week for Tech Futures conference, let me know! I'm teaching a workshop where folks will leave with a functional private AI bot!
October 7, 2025 at 2:03 PM
If you're in NY this week for Tech Futures conference, let me know! I'm teaching a workshop where folks will leave with a functional private AI bot!
When you invoke an AI model in Bedrock, it writes the conversation to a single CloudTrail log group. Disambiguating the logs is left as homework for the admins (read: It work bad.).
I implemented a firehose to harvest cloudtrail logs, extract the information we care about in Splunk events.
I implemented a firehose to harvest cloudtrail logs, extract the information we care about in Splunk events.
October 2, 2025 at 2:05 PM
When you invoke an AI model in Bedrock, it writes the conversation to a single CloudTrail log group. Disambiguating the logs is left as homework for the admins (read: It work bad.).
I implemented a firehose to harvest cloudtrail logs, extract the information we care about in Splunk events.
I implemented a firehose to harvest cloudtrail logs, extract the information we care about in Splunk events.
Sai and I met with Ashish to talk about the platform engineering things you should be doing around AI development (and there's a LOT!).
Watch this to learn some things you can do to help fix it.
Watch this to learn some things you can do to help fix it.
LinkedIn Pulse
buff.ly
September 26, 2025 at 2:04 PM
Sai and I met with Ashish to talk about the platform engineering things you should be doing around AI development (and there's a LOT!).
Watch this to learn some things you can do to help fix it.
Watch this to learn some things you can do to help fix it.
This is pretty specific, but in case anyone else has a layer7 firewall in front of their github runners, and have a line like this in your Dockerfile:
FROM public.ecr[.]aws/lambda/python:3.12
Then you'll need to permit these two URLs:
- d2glxqk2uabbnd.cloudfront[.]net
- public.ecr[.]aws
FROM public.ecr[.]aws/lambda/python:3.12
Then you'll need to permit these two URLs:
- d2glxqk2uabbnd.cloudfront[.]net
- public.ecr[.]aws
September 25, 2025 at 2:03 PM
This is pretty specific, but in case anyone else has a layer7 firewall in front of their github runners, and have a line like this in your Dockerfile:
FROM public.ecr[.]aws/lambda/python:3.12
Then you'll need to permit these two URLs:
- d2glxqk2uabbnd.cloudfront[.]net
- public.ecr[.]aws
FROM public.ecr[.]aws/lambda/python:3.12
Then you'll need to permit these two URLs:
- d2glxqk2uabbnd.cloudfront[.]net
- public.ecr[.]aws
I presented an RSA Webcast last week, and got emailed a certificate of completion afterwards, like all the other attendees.
Great, now I can prove I was there
Great, now I can prove I was there
September 22, 2025 at 2:05 PM
I presented an RSA Webcast last week, and got emailed a certificate of completion afterwards, like all the other attendees.
Great, now I can prove I was there
Great, now I can prove I was there
Starting Sept 29, you won't have to manually enable specific models in new accounts for AWS Bedrock. This could be seen as very positive (no more approval step) or very negative (developers can now use any model, even the ones that your company maybe doesn't want them to (see: DeepSeek).
September 17, 2025 at 2:02 PM
Starting Sept 29, you won't have to manually enable specific models in new accounts for AWS Bedrock. This could be seen as very positive (no more approval step) or very negative (developers can now use any model, even the ones that your company maybe doesn't want them to (see: DeepSeek).
Develop and implement a secure generative Al Slack bot with guidance from Veradigm Sr Principal Software Engineer Kyler Middleton in this #RSAC Webcast.
Wednesday the September 19 @ 1:00 PM ET
Register:
Wednesday the September 19 @ 1:00 PM ET
Register:
Building a Secure Al Assistant in a Regulated Industry
Join us on a journey of continuous learning with Building a Secure Al Assistant in a Regulated Industry
buff.ly
September 15, 2025 at 2:06 PM
Develop and implement a secure generative Al Slack bot with guidance from Veradigm Sr Principal Software Engineer Kyler Middleton in this #RSAC Webcast.
Wednesday the September 19 @ 1:00 PM ET
Register:
Wednesday the September 19 @ 1:00 PM ET
Register:
I couldn't find a good example of AppConfig terraform to build a multi-variant Config - one which changes based on the Context provided by the clients... so I experimented for a few hours, got it working, and submitted one.
It just became live. Hope it helps :) <3
It just became live. Hope it helps :) <3
September 12, 2025 at 3:12 PM
I couldn't find a good example of AppConfig terraform to build a multi-variant Config - one which changes based on the Context provided by the clients... so I experimented for a few hours, got it working, and submitted one.
It just became live. Hope it helps :) <3
It just became live. Hope it helps :) <3
AWS Strands can't yet read GitHub file contents using the GitHub MCP, and it's all on Strands - it doesn't yet support Resources, how GitHub returns file contents.
I have a write-up of what's wrong and why the Strands Maintainers don't want to merge my fix for this behavior.
I have a write-up of what's wrong and why the Strands Maintainers don't want to merge my fix for this behavior.
🔥AWS Strands can't read GitHub Files with MCP🔥
aka, Are you sure you don't want to accept my PR to fix this?
buff.ly
September 10, 2025 at 2:31 PM
AWS Strands can't yet read GitHub file contents using the GitHub MCP, and it's all on Strands - it doesn't yet support Resources, how GitHub returns file contents.
I have a write-up of what's wrong and why the Strands Maintainers don't want to merge my fix for this behavior.
I have a write-up of what's wrong and why the Strands Maintainers don't want to merge my fix for this behavior.
The AWS Provider docs don't have a good example of multi-variant AppConfig feature flags configs, and they're provided as this flag json structure like IAM rules (but less supported, worse error messages and tools). I got it working after a few hours of testing.
So I'm fixing it! buff.ly/wxKvDob
So I'm fixing it! buff.ly/wxKvDob
Add AppConfig multi-variate example by KyMidd · Pull Request #44162 · hashicorp/terraform-provider-aws
Rollback Plan If a change needs to be reverted, we will publish an updated version of the library. Changes to Security Controls No. Description Adding an example of multi-variate AppConfig feature...
github.com
September 5, 2025 at 5:07 PM
The AWS Provider docs don't have a good example of multi-variant AppConfig feature flags configs, and they're provided as this flag json structure like IAM rules (but less supported, worse error messages and tools). I got it working after a few hours of testing.
So I'm fixing it! buff.ly/wxKvDob
So I'm fixing it! buff.ly/wxKvDob
The only real Strands production use I have so far I'm calling VeraResearch, and it's an agentic bot that's reachable via Slack, and it currently only has a GitHub MCP.
For instance, different teams have different gitflow. What should I do next to promote code? Well, VeraResearch can tell you!
For instance, different teams have different gitflow. What should I do next to promote code? Well, VeraResearch can tell you!
September 4, 2025 at 5:23 PM
The only real Strands production use I have so far I'm calling VeraResearch, and it's an agentic bot that's reachable via Slack, and it currently only has a GitHub MCP.
For instance, different teams have different gitflow. What should I do next to promote code? Well, VeraResearch can tell you!
For instance, different teams have different gitflow. What should I do next to promote code? Well, VeraResearch can tell you!