undefined | Better HN

0 pointsvitramir3mo ago0 comments

terraform cloud, argocd, vercel and supabase (modern stack for micro apps), sentry (doesn't have per project permissions), sendgrid, etc...

What does your stack look like beyond Kubernetes and AWS? It’s hard to imagine everything there supports truly fine-grained permissions.

0 comments

verdverm3mo ago

Actually, almost everything stays within the private cloud, health care industry

GCP (main), AWS/Azure (b/c customers), Jenkins/Argo

TF/Helm are IaC and run from containers, no hashicorp services

CloudSQL, why are you sending your db queries to a SaaS?

LGTM for observability

The vendors we do have are WIF'd (i.e. code & secops scanning)

WIF is the key, mature vendors are supporting WIF, and amazingly the hyperscalers are supporting each others WIFs for cross-cloud, so we can give a GCP SA, AWS perms and vice versa

j / k navigate · click thread line to collapse