Welcome to this week’s edition of the DevOps Bulletin!

AWS just launched S3 Vectors, sparking hot takes on whether it’s the end of vector databases or just a cheaper sidekick. Meanwhile, a massive npm supply-chain attack slipped malware into debug and chalk, exposing tokens across thousands of repos. Terraform fans get two must-reads: 17 design tips before you write a single module, and why treating Terraform state like a distributed system might save you pain. Oh, and Flipkart showed how they run Prometheus at 80M metrics scale without chaos.

On the “how-to” side: learn to lock down GitHub Actions, manage Postgres without superuser, keep SSH sessions alive with systemd-inhibit, make Python code 80× faster with Cython, and handle multiple Docker environments the smart way. Plus, Signadot shared a neat trick: isolating Kafka messages with OpenTelemetry so teams can test async workflows without cloning entire clusters.

And don’t miss the tools: DetectPack Forge (AI-generated detection packs), OneDev (self-hosted Git + CI/CD), Termix & Lazyssh (server/SSH managers), AnduinOS (a friendly Ubuntu flavor), CloudGovernance.org (free cloud governance tips), and WinBoat (run Windows apps on Linux).

All this and more in this week’s DevOps Bulletin, don’t miss out!

Newsworthy stories

• Will Amazon S3 vectors kill vector databases

• Widespread npm supply chain attack

• 17 key considerations before designing Terraform modules

• Terraform state as a distributed systems problem

• Scaling with Prometheus: managing 80M metrics smoothly

Are shared environments causing chaos in your Kafka-based workflows? 🤯

Testing asynchronous systems can be a major headache, with teams struggling to isolate their changes without impacting others. Signadot solves this with a scalable approach that uses OpenTelemetry to isolate Kafka messages, eliminating the need to duplicate your entire infrastructure. This innovative method lets your team test Kafka workflows in parallel, leading to faster, more reliable releases.

Read how to fix your Kafka bottleneck.

Tutorials of the week

• Securing GitHub actions

• Building a Docker-like container from scratch

• PostgreSQL maintenance without superuser

• Keeping sessions alive with systemd-inhibit

• Run your Python code up to 80x faster using the Cython library

• Docker approaches to multiple environments

• Top 5 monorepo tools for 2025

• How to get started with AWS in 2025

• 5 GitHub repositories for an instant knowledge boost

Videos of the week

📘 New Book: Practical FinOps

This book is written from years of running FinOps at scale: what worked (and what didn’t) is now in this book.

Projects of the week

• DetectPack Forge converts plain-English behaviors or logs into production-ready detection packs.

• OneDev is a self-hosted Git server with built-in CI/CD, Kanban, code search, package registry, and flexible workflows.

• Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities.

• Lazyssh is a terminal-based, interactive SSH manager inspired by tools like lazydocker and k9s.

• AnduinOS is a custom Ubuntu-based Linux distribution that provides a familiar and user-friendly experience for those transitioning to Linux.

• A free library for cloud governance, built by practitioners, sharing real-world lessons and practical frameworks.

• WinBoat lets you run Windows apps seamlessly on Linux, with a sleek interface, filesystem integration, and full Windows desktop support.

Meme of the week