IaCConf 2026 is this edition’s sponsor, a virtual event on May 14th that brings together platform engineering leaders to discuss what happens to your platform abstractions and metrics when AI becomes a first-class consumer of your infrastructure.

On the news side, a direct argument that Terraform is now obsolete, as LLM can translate intent into infrastructure without an intermediate DSL. One engineer left port 22 open on the internet for 54 days and documented exactly who showed up. AWS shipped S3 Files, a native NFS layer that lets Lambda, EKS, and EC2 mount S3 buckets as shared filesystems without changing application code. Researchers using AI tools found RCE vulnerabilities in PostgreSQL’s pgcrypto extension and MariaDB’s JSON validation logic that had been sitting there for over 20 years, with patches now out for both. Postman shared how they scaled security reviews across engineering without creating a bottleneck. Google published its official BigQuery threat model covering 14 attack vectors, including privilege escalation and data exfiltration.

On the tutorial side: a SQL learning game built around Squid Game’s format with 9 progressive levels, a PCI-DSS compliant GKE framework walkthrough for financial institutions, building a serverless AI agent code review system on top of AWS S3 Files and Lambda, a step-by-step guide to fixing CrashLoopBackoff in Kubernetes, Cilium’s CI/CD security lessons from running a large open source project, Slack’s migration of 700+ EMR pipeline jobs from SSH to REST with zero downtime, and a practical look at stopping Claude Code from leaking sensitive data using Cedar policy-as-code.

For videos this week: on networking concepts every DevOps engineer needs to know, and a deep dive into why the GitHub situation just got worse.

This week’s open source picks include late.sh, a Rust SSH terminal with real-time chat, lofi streaming, and games on a PostgreSQL backend; frak, a Node.js CLI that deploys files over rsync with interactive diffs and post-deploy hooks; Sn1per, an offensive security platform in Shell and Lua orchestrating 90+ tools with 600+ exploits in a single Docker workspace; GreptimeDB, a Rust observability database unifying metrics, logs, and traces as a drop-in for Prometheus, Loki, and Elasticsearch at 50x lower storage cost; waffle, a Go CLI that runs AWS Well-Architected reviews against Terraform files via Amazon Bedrock; and graphify, a Python tool that turns codebases, docs, PDFs, and videos into knowledge graphs for Claude Code, Cursor, and GitHub Copilot.

Your Platform Engineering playbook needs an AI rethink

Join the sharpest minds in platform engineering from Google, AHEAD, Mondelez, & Weave Intelligence to learn if the metrics, abstractions, and practices you’re relying on today will still hold up as AI becomes a first-class consumer of your platform.

Register Now - May 14th

Newsworthy stories

• Terraform is dead

• I left port 22 open on the internet for 54 days, here’s who showed up

• S3 is not a filesystem, but now there’s one in front of it

• AI sandboxing is having its Kubernetes moment

• How we scaled security reviews without slowing down engineering

• S3 is the perfect place to store data, until you try to search it

• BigQuery threat model report

• AI finds 20-year-old bugs in PostgreSQL and MariaDB

• Trunk-based development: your pull requests are still too big

Tutorials of the week

• SQL Squid Game

• Building a PCI-DSS compliant GKE framework for financial institutions

• Lambda just got a file system. I put AI agents on it

• Building an MCP server using PostgreSQL

• How do I fix CrashLoopBackoff in Kubernetes?

• Building secure PII encryption at scale

• Securing CI/CD for an open source project

• A security-driven modernization of Slack’s EMR data pipelines

• How to stop Claude Code from leaking sensitive data

Videos of the week

Projects of the week

• late.sh is a Rust-based terminal social platform over SSH with real-time chat, lofi streaming, and shared TUI games.

• frak is a Node.js CLI that deploys files to remote servers via rsync over SSH with interactive diffs and post-deploy hooks.

• Sn1per is a Shell/Lua offensive security platform consolidating recon, scanning, exploitation, and reporting across 90+ tools in one Docker workspace.

• GreptimeDB is a Rust observability database that unifies metrics, logs, and traces as a drop-in replacement for Prometheus, Loki, and Elasticsearch.

• waffle is a Go CLI that runs AWS Well-Architected Framework reviews against Terraform files via Amazon Bedrock.

• ai-dba-workbench is a Go/TypeScript PostgreSQL monitoring platform with AI anomaly detection and natural language cluster queries via MCP.

• git-commands-cheatsheet is a zero-dependency HTML reference covering 115 Git commands.

• graphify is a Python tool that turns codebases, docs, PDFs, and videos into queryable knowledge graphs for Claude Code, Cursor, and GitHub Copilot.

Meme of the week