Digest #173: Figma’s $300K/day AWS bill, Soham Parekh and MCP security checklist
How Uber saved 50% on CI, what’s behind Figma’s $300K/day AWS bill, why IAM needs an attack-graph approach, and the latest open source projects.
Welcome to this week’s edition of the DevOps Bulletin!
Uber slashed CI costs by over 50% and cut build queue waits by 37% using smart ML-powered batching. We also uncover Figma’s eye-popping $300k/day AWS bill from their IPO filing, and a fresh “serverless scam” is circulating in CI/CD pipelines.
On the tutorial front, dive into Kubernetes security networking, IAM best practices via attack‑graph modeling, and how Airbnb’s Impulse tool is load‑testing at scale. ngrok shares how to deploy an API gateway without wrestling with firewalls.
Our open‑source spotlight shines on standout tools like Sirius, a GPU‑native SQL engine; ZeQLPlus, a fast SQLite terminal browser; Codex, a CLI coding agent; Apptainer, a secure container runtime.
All this and more in this week’s DevOps Bulletin—don’t miss out!
Newsworthy stories
Your API is ready for a Gateway (Sponsor)
API gateways do more than manage traffic—they secure, optimize, and customize it. The problem? They're overcomplicated.
Watch ngrok's on-demand workshop to explore simple ways to:
Block bad actors
Create custom responses
Load balance across multiple services
Get it right early and avoid future headaches. Watch now.
Tutorials of the week
Video of the week
Projects of the week
Sirius is a GPU-native SQL engine that integrates with DuckDB via Substrait, delivering ~10 times faster analytics on GPUs at the exact hardware cost.
ZeQLPlus is a terminal-based SQLite browser written in V. A tiny cross-platform binary for blazing-fast table listing, pagination, and ad-hoc SQL queries.
Codex is a coding agent CLI that leverages OpenAI models to read, refactor, and run your repo in a sandbox, enabling chat-driven, fully automated development from the command line.
A container to create disk images from bootc container inputs.
Apptainer is an open-source container platform designed to be simple, fast, and secure.
vet is a command-line tool that acts as a safety net for the standard but risky curl | bash pattern.
Meme of the week
If you have feedback to share or are interested in sponsoring this newsletter, feel free to reach out via LinkedIn, or simply reply to this email.