Teri Radichel
@teriradichel.bsky.social
2nd Sight Lab. Cloud, SAAS, and App Pentesting. Security Research. AWS Security Hero . Author on Amazon. Former IANS, SANS faculty. GSE. Masters Software & Infosec.
Pinned
Artificial Intelligence
Generating Code and Content With AI
medium.com
Chronicling my venture into AI here. 🤖 Sept 25 was key post. Started exploring production ready code. Immediately saw the pitfalls and wrote a framework and better context. A month later….have accomplished a lot. No time to write. Follow for updates.
medium.com/cloud-securi...
medium.com/cloud-securi...
Two things I want most at AWS re:Invent:
Q CLI to work with AWS IAM - so ability to use app code not browser for MFA to start a session using an IAM role using CLI credentials which can be stored in Secrets Manager as demonstrated over and over on my blog and in my GitHub repository.
Q CLI to work with AWS IAM - so ability to use app code not browser for MFA to start a session using an IAM role using CLI credentials which can be stored in Secrets Manager as demonstrated over and over on my blog and in my GitHub repository.
November 10, 2025 at 5:07 PM
Two things I want most at AWS re:Invent:
Q CLI to work with AWS IAM - so ability to use app code not browser for MFA to start a session using an IAM role using CLI credentials which can be stored in Secrets Manager as demonstrated over and over on my blog and in my GitHub repository.
Q CLI to work with AWS IAM - so ability to use app code not browser for MFA to start a session using an IAM role using CLI credentials which can be stored in Secrets Manager as demonstrated over and over on my blog and in my GitHub repository.
So much to do, so little time. If you have not tried Q CLI with a custom agent and proper permissions boundaries I suggest you try it. I wrote about how to do that in my pinned posts.
November 10, 2025 at 4:06 PM
So much to do, so little time. If you have not tried Q CLI with a custom agent and proper permissions boundaries I suggest you try it. I wrote about how to do that in my pinned posts.
What kind of bugs me is that q can’t fix the same error over and over and I run out of credits this month based on repeated failed attempts that didn’t work. That’s a bit frustrating. Not sure how to fix it. I accept the code to test it but the test fails. Repeat repeat repeat….
November 8, 2025 at 10:13 PM
What kind of bugs me is that q can’t fix the same error over and over and I run out of credits this month based on repeated failed attempts that didn’t work. That’s a bit frustrating. Not sure how to fix it. I accept the code to test it but the test fails. Repeat repeat repeat….
What am I doing wrong. The first bullet point in my custom context file for a Q CLI agent says never use sudo. I thought I also put that in the json file somehow. And yet Q CLI keeps trying to use sudo. Why?
November 8, 2025 at 8:25 PM
What am I doing wrong. The first bullet point in my custom context file for a Q CLI agent says never use sudo. I thought I also put that in the json file somehow. And yet Q CLI keeps trying to use sudo. Why?
Today I am running Q CLI with a custom agent. The agent’s context file explains the code the agent can edit and read. And yet, the agent’s context file is trying to access this for no apparent reason:
crates/chat-cli/src/cli/mod.rs
Put controls around your agents!
crates/chat-cli/src/cli/mod.rs
Put controls around your agents!
November 8, 2025 at 8:24 PM
Today I am running Q CLI with a custom agent. The agent’s context file explains the code the agent can edit and read. And yet, the agent’s context file is trying to access this for no apparent reason:
crates/chat-cli/src/cli/mod.rs
Put controls around your agents!
crates/chat-cli/src/cli/mod.rs
Put controls around your agents!
Just noticed Werner Vogels’ keynote is at a different time this year at AWS re:Invent if you plan your schedule around that like I do 😉
November 7, 2025 at 6:23 PM
Just noticed Werner Vogels’ keynote is at a different time this year at AWS re:Invent if you plan your schedule around that like I do 😉
Related to my last post… App that implements consistent code logging to screen and file in two tries…
infosec.exchange/@teriradiche...
infosec.exchange/@teriradiche...
Teri Radichel (@[email protected])
Related to my last post… App that implements consistent code logging to screen and file in two tries…
After dinner I touched up the README for the app that tests the log router. I told it to configur...
infosec.exchange
November 7, 2025 at 6:00 AM
Related to my last post… App that implements consistent code logging to screen and file in two tries…
infosec.exchange/@teriradiche...
infosec.exchange/@teriradiche...
I think I’m hitting deadlocks running multiple Q CLI agents at the same time. Not sure if it is Q. May be cargo.
November 6, 2025 at 12:16 AM
I think I’m hitting deadlocks running multiple Q CLI agents at the same time. Not sure if it is Q. May be cargo.
Today’s AI test:
We are having work done on the foundation of our historic house and the noise, grinding, and shaking makes it hard to concentrate so my pup and I walked to the coffee shop to sit outside in the shade and work.
infosec.exchange/@teriradiche...
We are having work done on the foundation of our historic house and the noise, grinding, and shaking makes it hard to concentrate so my pup and I walked to the coffee shop to sit outside in the shade and work.
infosec.exchange/@teriradiche...
Teri Radichel (@[email protected])
Today’s AI test:
We are having work done on the foundation of our historic house and the noise, grinding, and shaking makes it hard to concentrate so my pup and I walked to the coffee shop to sit out...
infosec.exchange
November 5, 2025 at 5:34 PM
Today’s AI test:
We are having work done on the foundation of our historic house and the noise, grinding, and shaking makes it hard to concentrate so my pup and I walked to the coffee shop to sit outside in the shade and work.
infosec.exchange/@teriradiche...
We are having work done on the foundation of our historic house and the noise, grinding, and shaking makes it hard to concentrate so my pup and I walked to the coffee shop to sit outside in the shade and work.
infosec.exchange/@teriradiche...
I went through all my readmes last night and put a mandatory comment at the top telling every project which lost important roles it has to follow. I also found some conflicting information in a couple of readmes. For one thing I explicitly describe and asked for in a readme, I gave up.
Is Q or Claude broken right now? I hope my credits are not used up when it makes the same errors over and over, does not follow instructions, and removes code it already fixed repeatedly. Time for a break.
November 5, 2025 at 2:26 PM
I went through all my readmes last night and put a mandatory comment at the top telling every project which lost important roles it has to follow. I also found some conflicting information in a couple of readmes. For one thing I explicitly describe and asked for in a readme, I gave up.
Is Q or Claude broken right now? I hope my credits are not used up when it makes the same errors over and over, does not follow instructions, and removes code it already fixed repeatedly. Time for a break.
November 5, 2025 at 2:25 AM
Is Q or Claude broken right now? I hope my credits are not used up when it makes the same errors over and over, does not follow instructions, and removes code it already fixed repeatedly. Time for a break.
A long time ago I built this whole CMS in Java that could implement *any* web design using XSLT and optimize it for SEO. But I was too slow, never got investors, got sued by a company whom I tried to do a favor, and never really got it off the ground and kind of gave up.
November 4, 2025 at 10:25 PM
A long time ago I built this whole CMS in Java that could implement *any* web design using XSLT and optimize it for SEO. But I was too slow, never got investors, got sued by a company whom I tried to do a favor, and never really got it off the ground and kind of gave up.
Are you registered for AWS re:Invent? I’ll be there. Should be a really interesting time this year with new AI advancements.
reinvent.awsevents.com
reinvent.awsevents.com
AWS re:Invent 2025 | December 1 – 5, 2025
Build the future with us at AWS re:Invent, Dec 1 – 5, 2025 in Las Vegas, NV. Learn new skills, take home proven strategies, make lifelong connections.
reinvent.awsevents.com
November 4, 2025 at 2:54 PM
Are you registered for AWS re:Invent? I’ll be there. Should be a really interesting time this year with new AI advancements.
reinvent.awsevents.com
reinvent.awsevents.com
It has taken forever for me to get Linux permissions right with AI agents with both new and existing files and directories across the entire SDLC I’ve got implemented. Each time I think I have it right the next time I run my scripts to create a new project something else doesn’t have permission.
November 4, 2025 at 2:20 PM
It has taken forever for me to get Linux permissions right with AI agents with both new and existing files and directories across the entire SDLC I’ve got implemented. Each time I think I have it right the next time I run my scripts to create a new project something else doesn’t have permission.
Was doing pretty well either AI code lately but last night I got stuck in another frustrating loop where the agent couldn’t figure out how to fix some unit tests, reported incorrect information and I stopped and went to bed.
November 4, 2025 at 2:07 PM
Was doing pretty well either AI code lately but last night I got stuck in another frustrating loop where the agent couldn’t figure out how to fix some unit tests, reported incorrect information and I stopped and went to bed.
Chronicling my venture into AI here. 🤖 Sept 25 was key post. Started exploring production ready code. Immediately saw the pitfalls and wrote a framework and better context. A month later….have accomplished a lot. No time to write. Follow for updates.
medium.com/cloud-securi...
medium.com/cloud-securi...
Artificial Intelligence
Generating Code and Content With AI
medium.com
November 2, 2025 at 6:48 PM
Chronicling my venture into AI here. 🤖 Sept 25 was key post. Started exploring production ready code. Immediately saw the pitfalls and wrote a framework and better context. A month later….have accomplished a lot. No time to write. Follow for updates.
medium.com/cloud-securi...
medium.com/cloud-securi...
So is Amazon Q getting better or am I getting better at using it or is it just that I’m doing something it happens to be heavily trained on? I just converted my bash AWS deploy anything script to rust and fixed most of the remaining issues.
November 2, 2025 at 9:51 AM
So is Amazon Q getting better or am I getting better at using it or is it just that I’m doing something it happens to be heavily trained on? I just converted my bash AWS deploy anything script to rust and fixed most of the remaining issues.
What happened to Amazon Q. I can no longer subscribe users or groups.
November 1, 2025 at 5:57 PM
What happened to Amazon Q. I can no longer subscribe users or groups.
Testing assume role with MFA using the AWS rust-sdk. How and why I am doing it this way.
2ndSightLab/aws-rust-assume-role-with-mfa
github.com/2ndSightLab/...
2ndSightLab/aws-rust-assume-role-with-mfa
github.com/2ndSightLab/...
GitHub - 2ndSightLab/aws-rust-assume-role-with-mfa: Testing assume role with MFA using the AWS rust-sdk
Testing assume role with MFA using the AWS rust-sdk - 2ndSightLab/aws-rust-assume-role-with-mfa
github.com
November 1, 2025 at 2:09 AM
Testing assume role with MFA using the AWS rust-sdk. How and why I am doing it this way.
2ndSightLab/aws-rust-assume-role-with-mfa
github.com/2ndSightLab/...
2ndSightLab/aws-rust-assume-role-with-mfa
github.com/2ndSightLab/...
Yeah I’m sure Huawei is just fine. Hello.
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
In a report shared with Recorded Future News, Unit 42 attributed the targeting of Cisco ASA devices to Storm-1849 — a China-based threat group that Cisco previously said has been attacking the tools since 2024.
therecord.media
October 31, 2025 at 6:31 PM
Yeah I’m sure Huawei is just fine. Hello.
When you look at the dependencies for rust crates it’s not just the direct dependencies but all the dependencies of your dependencies and their dependencies and so on, down to the dependencies written by one person in a personal repo….
October 31, 2025 at 2:05 PM
When you look at the dependencies for rust crates it’s not just the direct dependencies but all the dependencies of your dependencies and their dependencies and so on, down to the dependencies written by one person in a personal repo….
Why isn’t AWS STS
or Security Token Service in this list? Am I missing it? Where is the documentation that shows me every most recent library with every method and how to use it. Like assume a role with MFA? And best practices like how to use Secure String with that?
awslabs.github.io/aws-sdk-rust/
or Security Token Service in this list? Am I missing it? Where is the documentation that shows me every most recent library with every method and how to use it. Like assume a role with MFA? And best practices like how to use Secure String with that?
awslabs.github.io/aws-sdk-rust/
AWS SDK for Rust
AWS SDK for the Rust Programming Language
awslabs.github.io
October 31, 2025 at 1:47 PM
Why isn’t AWS STS
or Security Token Service in this list? Am I missing it? Where is the documentation that shows me every most recent library with every method and how to use it. Like assume a role with MFA? And best practices like how to use Secure String with that?
awslabs.github.io/aws-sdk-rust/
or Security Token Service in this list? Am I missing it? Where is the documentation that shows me every most recent library with every method and how to use it. Like assume a role with MFA? And best practices like how to use Secure String with that?
awslabs.github.io/aws-sdk-rust/
⚠️ ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Do not try to use Google AI to write code for the AWS rust SDK.
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
infosec.exchange/@teriradiche...
infosec.exchange/@teriradiche...
Teri Radichel (@[email protected])
Let me just save you some time since I just wasted a whole day.
⚠️ ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Do not try to use Google AI to write code for the AWS rust SDK.
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Google has given me so...
infosec.exchange
October 31, 2025 at 4:18 AM
⚠️ ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Do not try to use Google AI to write code for the AWS rust SDK.
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
infosec.exchange/@teriradiche...
infosec.exchange/@teriradiche...
Wishing AWS rust builder types were based on a trait so I could generically instantiate a client for any service. I wonder why not.
October 30, 2025 at 9:15 PM
Wishing AWS rust builder types were based on a trait so I could generically instantiate a client for any service. I wonder why not.