Author: rodrigtech

  • Groq + Exa.ai Powerful Searching across LLMs

    Introduction I’ve been exploring APIs that extend some search capabilities of existing LLM models for knowledge that isn’t known to the underlying model and ideally assist with relevant knowledge bases for some research I’m conducting. I’ve tried a handful of API’s such as Serper API that is very powerful and recently did a video using…

  • Google Cloud Privileged Access Management

    Today’s vast array of identities whether they are human-centric identities or machine-identities have a large amount of permissions tied to them, given the attack surface of cloud identities can be tied to resources that are also mapped to other services this can be a sticky situation. Most hyperscalers have best practices documented on Identity and…

  • Adversarial Simulation in Azure AI Studio

    Large Language Models present a powerful enabler for various use-cases for most enterprises but without some form of due diligence and testing can spew some unintended responses. Content safety is a preventative mechanism that is used for Azure AI Studio and can also be tested with the Prompt-flow SDK. In this blog post I’ve going…

  • AKS Advanced Networking Capabilities in Action

    Azure Kubernetes Service has a new service that enhances observability, introducing the use Advanced Container Networking Services. This in a nutshell is a suite of services to observability in your kubernetes cluster supporting visibility from the Hubble UI and native integration of Azure Monitor + Grafana or you can Bring Your Own. This service as…

  • Vertex AI Agents

    Google Cloud Platform’s Vertex AI offers a comprehensive suite of tools designed to simplify the process of building, deploying, and scaling machine learning models. One of the standout features of Vertex AI is its support for Agents, which are frameworks that enable seamless integration and automation within AI workflows. In this blog post, we’ll delve…

  • Defender for Containers (CWPP)

    If you’re managing production-grade workloads on a major cloud platform, it’s essential to assess your security framework, particularly as you shift towards microservices and orchestration. A key yet often overlooked solution in this space is Microsoft Defender for Containers. Part of the broader Microsoft Defender for Cloud, this tool provides critical visibility and protection for…

  • SpinKube WASM in Kubernetes

    SpinKube is a new open-source project that is tailored to deploying WASM (WebAssembly) workloads on Kubernetes. SpinKube enhances the ability of scalability of WASM applications this tool allows integration with kubernetes primitives and use of conversion of application using the spin-plugin to make it effective conversion of YAML to interpret by the cluster and serve…

  • AWS Config

    Cloud operations with the control plane leverage a large amount of API’s and permissions behind the scenes abstracted from the end users. To continuously address these changes and states in your environment natively you can use AWS Config. Visually the set up for this in a simple configuration is shown below to illustrate the service…

  • ABAC in AWS IAM

    Attribute-based access control (ABAC) enhances identity and access management by allowing the assignment of specific conditions to authorization requests. These conditions, often referred to as attributes, include tags that can be attached to IAM resources—such as users or roles—as well as to other AWS resources. Understanding and implementing ABAC policies can be challenging, often acting…

  • API Server VNET Integration

    Connectivity in AKS If you’re running AKS in production you’ll likely encounter the private link scope and integration of leverage private DNS zones for putting the API server behind private IP’s rather than accessible on port 6443 or you should be doing this. But what about other options? Perhaps you’re spinning up a dev/test cluster…