Newslurp

<< Stories

VPC Encryption Controls ☁️, AI for Developer Productivity ✨, S3 Access At Scale ⚖️

TLDR DevOps <dan@tldrnewsletter.com>

November 24, 12:10 pm

TLDR DevOps
AWS has announced VPC encryption controls, a new Amazon VPC capability that audits and enforces encryption in transit for all traffic ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ 

TLDR

Together With N-Central

TLDR DevOps 2025-11-24

Your (ungated) playbook for smarter automation + 5 free scripts (Sponsor)

Are you providing bonuses for script development? Holding team automation contests? How about providing time-based script dev perks?

If you're not getting your team involved in automation, you're missing out on their ideas. This N-able playbook lays out a framework for making automation a collaborative venture. 

Inside, you'll find:

  • A clear strategy for implementing IT automation that delivers real impact
  • Key areas where automation drives the most value—like patching, onboarding, and alert response
  • Practical advice for managing team adoption and driving buy-in
  • Free ready-to-use scripts for failed login detection, BitLocker management, screen locking, and more

Get the playbook

📱

News & Trends

Breaking siloes: How to use cross-store correlations with Grafana (6 minute read)

Grafana users can now correlate third-party data sources with Grafana Cloud using the correlation feature in Grafana 12.3. Users can jump from a chart to logs or traces with one click. The time range and label values are carried automatically, so there is no copying and pasting or need for new agents.
Introducing VPC encryption controls: Enforce encryption in transit within and across VPCs in a Region (7 minute read)

AWS has announced VPC encryption controls, a new Amazon VPC capability that audits and enforces encryption in transit for all traffic within and across VPCs in a Region. With monitor and enforce modes, organizations can gain centralized visibility and control over encryption status, identify resources allowing plaintext traffic, and ensure all future resources are created on compatible Nitro instances.
Introducing AWS CloudFormation Stack Refactoring Console Experience: Reorganize Your Infrastructure Without Disruption (5 minute read)

AWS CloudFormation Stack Refactoring, announced today, lets users reorganize their stacks in the CloudFormation console by moving resources between stacks, renaming logical IDs and decomposing templates without disrupting underlying infrastructure. This new console experience extends the AWS CLI experience. It is available in all commercial AWS regions.
🚀

Opinions & Tutorials

In-place Pod resizing in Kubernetes: How it works and how to use it (12 minute read)

Kubernetes supports in-place Pod resizing, allowing CPU and memory resources to be updated on running Pods without restarting them, with kubelet and the container runtime handling changes asynchronously. The feature, fully enabled by default in v1.33, includes a resize subresource, status tracking, and policies for restarts. Limitations remain for swap usage, Windows nodes, QoS class changes, and certain container types.
Automating Azure DevOps Pipeline Onboarding (7 minute read)

This post describes an automated Azure DevOps pipeline that scans a repository for YAML files and imports them all into Azure DevOps automatically, eliminating the need for manual creation. The self-contained PowerShell-based solution preserves folder structure, prevents duplicates, supports dry-run mode, and uses built-in variables for zero configuration setup.
Use AI to Boost Developer Productivity (13 minute read)

Software engineers can improve productivity with AI tools by adopting a development process that includes prompting, planning, producing, and refining. This approach involves breaking tasks into actionable chunks, managing context, and using steering documents to guide the AI, ensuring sustainable code and maximum productivity. The habits you build and the workflows you develop will help you stay ahead of the curve as AI tools evolve.
🧑‍💻

Resources & Tools

🚗 How Uber Migrated 1M Lines of JUnit in 2 weeks with AI and OpenRewrite (Sponsor)

A million-line migration would take most teams months, but Uber did it in just two weeks. Using OpenRewrite and AI-assisted static analysis, they automated 4,000 pull requests and modernized 1 million lines of code - safely. In the upcoming Moderne webinar, their engineering team will share the full story. Join live
Server Survival (GitHub Repo)

Server Survival, a 3D simulation game, puts players in the role of a Cloud Architect tasked with building a resilient cloud infrastructure and managing budgets while fighting off DDoS attacks. Players can use a toolbar to build their architecture, balancing the cost and upkeep of each service to survive as long as possible and maintain their budget and reputation.
trifold (Resource)

trifold is a tool that serves static websites using a content delivery network (CDN).
🎁

Miscellaneous

Implementing Terraform Drift Detection in Your Workflow (9 minute read)

Infrastructure drift occurs when live cloud resources diverge from Terraform configurations, causing security gaps, compliance violations, and significant unexpected costs. Implementing continuous drift detection using tools like Terraform plan, Driftctl, or Spacelift enables automated alerts, reconciliation, and code alignment, reducing financial waste, maintaining compliance, and ensuring infrastructure matches declared state.
S3 server access logs at scale (14 minute read)

Yelp implemented object-level logging on its Amazon S3 buckets to improve data security, troubleshoot permission issues, and identify unused data for deletion, after AWS added essential features like date-based partitioning for S3 server access logs in November 2023. By converting raw logs to parquet format, Yelp reduced storage size by 85% and the number of objects by 99.99%, also using a single AWS account for querying between different accounts. The company uses access-based retention to delete unused objects. It is planning to forward S3 server access logs to Splunk for more efficient troubleshooting in the future.

Quick Links

Big Iron Bits: The mainframe mockumentary you never knew you needed (Sponsor)

The mainframe is thriving! Big Iron Bits: a Mainframe Mockumentary explains why everyone still needs Big Iron. Think The I.T. Crowd meets Silicon Valley. Start watching now
Manage Azure Firewall Rules, NSG rules, using Terraform resource blocks and CSV files (2 minute read)

Using CSV files to define Azure Firewall, NSG, and route table rules allows Terraform to dynamically generate resources, reducing code clutter and simplifying bulk updates.
Kubernetes Guardrail Extension: Bringing Compliance-as-Code to Your Browser (5 minute read)

The Kubernetes Guardrail Extension validates YAML files directly in GitHub and GitLab, giving developers instant, in-browser feedback on compliance and security best practices before commit.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
https://refer.tldr.tech/fc7198a6/10
Track your referrals here.

Want to advertise in TLDR? 📰

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

Want to work at TLDR? 💼

Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR DevOps isn't for you, please unsubscribe.