TALK NERDY
TO ME
Cloud & FinOps → Served Fresh Daily
No jargon. No BS. Just practical cloud wisdom for multi-cloud, FinOps, and platform engineering—
served up with a side of automation scripts and coffee.
Today's Specials
Claude Code Hit $2.5B. Amazon Engineers Can't Use It. Welcome to AI Agent Lock-In.
Claude Code just hit a $2.5 billion run-rate — doubled since January 1st. Yet 1,500 Amazon engineers are fighting for permission to use it, steered toward AWS Kiro instead. This is vendor lock-in repackaged for the AI agent era. Platform-native vs platform-agnostic is the new architectural fault line.
GitHub Agentic Workflows: The Decision Framework Nobody's Talking About
Everyone's excited about AI in CI/CD. Nobody's asking when to use it vs when not to. GitHub Agentic Workflows just entered technical preview — the architecture is solid. But the real decision isn't which agent to pick. It's when to use agentic workflows vs deterministic ones. Here's the decision framework, the adoption pattern, and the three questions to answer before you deploy.
GitHub Agentic Workflows: "Continuous AI" Enters the CI/CD Loop
GitHub launched Agentic Workflows in technical preview — replacing YAML with Markdown for AI-driven pipeline automation. Copilot, Claude Code, and Codex handle jobs that require judgment, not just deterministic execution. Open source under MIT. Here's how it works and what your team should do.
Quick Bites
The Multi-Model Copilot Era Is Here — And It Changes Your Architecture
Microsoft quietly transformed Copilot from an OpenAI product into a model orchestration layer. Claude is now enabled by default. MAI frontier models ship this year. OpenAI signed a $300B deal with Oracle. Here's what the orchestration era means for your architecture, FinOps, and platform strategy.
DevSecOps for the Agent Era: The Security Gap Nobody's Talking About
Three CVE vulnerabilities hit Anthropic's MCP Git server. Docker acquired MCP Defender for runtime agent security. OWASP published a dedicated Top 10 for Agentic Applications. AI agents are shipping to production — but the security model hasn't caught up. Here's the agent security playbook.
47 Known CVEs Just Deployed to Production: Why Container Image Scanning Isn't Optional
A developer pulls a base image from Docker Hub, builds their app on top, and ships it. Nobody checks what's inside that base layer. 87% of container images in production carry high-severity CVEs. Here's how to shift-left on container security with scanning, digest pinning, distroless images, and approved base image registries.
Terraform 1.14 Actions: When Declarative IaC Goes Imperative
Terraform 1.14 introduces Actions — first-class imperative blocks that let you invoke provider-defined operations directly within the plan/apply lifecycle. No more 500-line Bash wrappers. Here's what Actions are, how they work, where the boundaries are, and how to adopt them without turning your Terraform into Ansible.
Follow @talknerdyto_me
Cloud tips, FinOps hacks & automation gems—
fresh takes daily on X. No noise, just signal.
Join the Cloud & FinOps Conversation