DEV Community: Ricardo Sueiras

Reading list (29th March to April 20th)

Ricardo Sueiras — Mon, 20 Apr 2026 17:16:51 +0000

These are the current online posts that I enjoyed reading and made me think.

AI

Great video that provides an essential overview of how to build with AI (in this instance using Spring AI). Has a supporting Github repo at https://github.com/tzolov/voxxeddays2026-demo - link [tutorial] - ( Added: 2026-04-20 17:14:20 )
Agent harness or harness engineering is the new hotness right now, so this is a breakdown of all the components need to build an ai coding agent - link [opinion] - ( Added: 2026-04-20 10:34:17 )
A new tool that allows you to put controls on your AI agent spending - link [tool] - ( Added: 2026-04-20 10:32:30 )
A recent example of the challenges of relying too much on a single vendor - in this instance, Anthropic - who cut off an entire organisation (60 developers) - link [case study] - ( Added: 2026-04-20 08:45:22 )
Use Obsidan as a memory layer for Claude - this tool works at the repo level, helping you capture essential information that will persist over the lifetime of that project - link [tool] - ( Added: 2026-04-19 14:18:16 )
Another great doc on RAG done properly, this time exploring the science of chunks - link [best-practice] - ( Added: 2026-04-19 13:52:26 )
Sits between your apps and your models and provides various security features. - link [tool] - ( Added: 2026-04-19 10:17:46 )
Detailed breakdown of what a production RAG system would look like, with a great context builder architecture - link [best-practice] - ( Added: 2026-04-18 09:19:40 )
Good post on caching techniques you can apply to optimise your token/inference usage - link [best-practice] - ( Added: 2026-04-18 09:18:31 )
Nice blog post from the folks at PwC on observability in your generative AI systems - link [best-practice] - ( Added: 2026-04-12 19:04:06 )
Thread on Reddit around the observability gap with AI, and suggests that this is why AI project failure rates are so high - link [opinion] - ( Added: 2026-04-12 18:42:17 )
Decision making framework when architecting agentic apps - link [best-practice] - ( Added: 2026-04-11 22:49:40 )
Great primer video if you want to learn more about different AI agent patterns - link [best-practice] - ( Added: 2026-04-11 22:41:51 )
Harness engineering is so hot right now - a post from the wonderful folks at Thoughtworks, so you know its going to provide you with a good insight into exactly what this means. - link [opinion] - ( Added: 2026-04-11 21:44:38 )
A post that helps you think about and then select the right design pattern for your use case and situation - link [best-practice] - ( Added: 2026-04-11 21:43:19 )
Nice post with some ideas and thoughts on team structure and dynamics in the age of agentic AI - link [opinion] - ( Added: 2026-04-11 21:42:09 )
Run agents, lots of them, using this open source project - link [tool] - ( Added: 2026-04-11 07:42:11 )
A contrarian post on why we are falling for the AI hype - link [opinion] - ( Added: 2026-04-10 07:01:22 )
Production-grade engineering skills for AI coding agents from the OG himself. - link [code-repo] - ( Added: 2026-04-09 11:39:31 )
A post on how new agentic AI is changing engineering team structure and dynamics - link [opinion] - ( Added: 2026-04-09 11:37:54 )
In a world where architecture teams are either feared gatekeepers or invisible bystanders, Oliver brings together a brilliant panel to ask a genuinely awkward question: is your governance framework actually helping anyone? - link [opinion] - ( Added: 2026-04-09 11:26:49 )
A really cool way to run Playright - link [tool] - ( Added: 2026-04-04 09:04:17 )
New open source framework from Microsoft that looks at agentic AI governance and security - link [security] - ( Added: 2026-04-03 16:08:22 )
Good post from Mr Assay on AI and developer productivity - as always, the gold is in there those hyperlinks. - link [opinion] - ( Added: 2026-04-02 16:02:24 )
A must watch video about Blackhat LLMs from the clever folks at Anthropic - link [security] - ( Added: 2026-04-02 09:32:43 )
Mastra is a framework for building AI-powered applications and agents with a modern TypeScript stack. It includes everything you need to go from early prototypes to production-ready applications. Mastra integrates with frontend and backend frameworks like React, Next.js, and Node, or you can deploy it anywhere as a standalone server. It's the easiest way to build, tune, and scale reliable AI products. - link [tool] - ( Added: 2026-04-01 08:49:08 )
Nice post from the great folk at Nearform on how to build production grade agentic applications with the right testing approach - link [best-practice] - ( Added: 2026-04-01 08:36:59 )
Seems like a theme this week - folks writing about the gap of using agentic AI, and however good the output they generate, they do not understand what good looks like, how to evaluate quality, and understand how to make the right trade offs. - link [opinion] - ( Added: 2026-04-01 08:07:51 )
An interesting take on AI - the fact that Agents do not understand what "good" looks like, thats on you. - link [opinion] - ( Added: 2026-04-01 08:06:26 )
Great blog post on implementing controls when deploying production AI agents to help minimise regression and drive up consistency - link [best-practice] - ( Added: 2026-04-01 07:34:15 )
Portkey is a tool that helps provide AI governance and observability to your apps. Now open source - link [tool] - ( Added: 2026-04-01 07:30:49 )
An interesting pov on the difference in how execs and individual contributors (ICs) are viewing agentic AI - link [opinion] - ( Added: 2026-03-31 15:23:36 )
Understand AI coding harnesses by looking at the (disclosed) source code for Claude Code - check the README to understand the. backstory here - link [code-repo] - ( Added: 2026-03-31 14:47:51 )
Research paper that seems to indicate that creating personas within your agentic AI applications might be leading to suboptimal output - link [research] - ( Added: 2026-03-31 09:59:49 )
Some interesting insights from a study of students and how they are using LLMs in their studying. - link [case study] - ( Added: 2026-03-31 08:22:41 )
Enforce runtime guardrails through a centralized control layer—configure once and apply across all agents. Agent Control evaluates inputs and outputs against configurable rules to block prompt injections, PII leakage, and other risks without changing your agent’s code. - link [tool] - ( Added: 2026-03-31 08:12:52 )
Run multiple agents in parallel — each in its own container, with its own workspace, collaborating on your code or project files simultaneously. - link [tool] - ( Added: 2026-03-30 14:53:06 )
This repo provides info on how you can integrate Cedar policies into your MCP Servers - link [code-repo] - ( Added: 2026-03-30 12:00:13 )
The folks at JPC Morgan have put together this post that outlines how they are using agentic AI to help them with threat modelling - link [security] - ( Added: 2026-03-29 18:28:46 )
Dify is an open-source LLM app development platform. Its intuitive interface combines AI workflow, RAG pipeline, agent capabilities, model management, observability features (including Opik, Langfuse, and Arize Phoenix) and more, letting you quickly go from prototype to production. - link [tool] - ( Added: 2026-03-29 11:20:22 )
A collection of use cases with supporting assets from OpenAI - link [best-practice] - ( Added: 2026-03-28 21:19:14 )
Scion is an experimental multi-agent orchestration testbed designed to manage concurrent LLM-based agents running in containers across your local machine and remote clusters. It enables developers to run groups of specialized agents with isolated identities, credentials, and workspaces, allowing for a dynamic and evolving graph of parallel execution of tasks such as research, coding, auditing, and testing. - link [tool] - ( Added: 2026-03-28 12:50:21 )

CODING

A very nice interactive tool to help you understand some of the underpinning concepts of event driven, serverless application architectures - link [best-practice] - ( Added: 2026-04-20 17:07:39 )
Agentic AI coding tools roll out infigraphic - link [best-practice] - ( Added: 2026-04-19 13:39:04 )
A post that dives into whether token maxing is a signal of dev productivity or whether there are other data points that matter. Well worth your attention - link [best-practice] - ( Added: 2026-04-18 09:43:57 )
A collection of great Claude files, especially around the domain of TDD and testing - link [best-practice] - ( Added: 2026-04-13 09:03:00 )
Measuring AI in software development: Interview with Jellyfish CEO Andrew Lau - link [case study] - ( Added: 2026-04-09 11:38:26 )
Great overview of how Spotify do releases - if you want to nerd out on details, this is the post for you. Whilst the stuff in here is pretty standard, the way it is described is excellent so well worth your time. - link [best-practice] - ( Added: 2026-04-09 11:23:00 )
Data points on software engineering jobs - slowly increasing over the past two years, despite the increasing usage of AI coding assistants. - link [report] - ( Added: 2026-04-01 09:05:22 )
Nice blog post on some architecture patterns when implementing gitops - link [best-practice] - ( Added: 2026-03-31 10:00:45 )
A nice tool from my good friend Danilo that allows you to take a code repo and then generate a very cool interactive tool to help explain the code, line by line - link [tool] - ( Added: 2026-03-30 12:04:12 )
A nice tool that helps you reduce token use when exploring your code base in Claude - link [tool] - ( Added: 2026-03-28 08:31:33 )

TECH

Trends in enterprise customers in software engineering - link [opinion] - ( Added: 2026-04-10 16:49:04 )
The State of Agentic AI 2026 Report - link [report] - ( Added: 2026-04-09 11:36:28 )
If you want to learn Kubernetes and all things cloud native, this resource will help you get started - all local, so as long as you have a good broadband and decent spec machine (home lab) you should be good to go - link [code-repo] - ( Added: 2026-04-09 11:35:11 )
A HBR post that looks at how AI is reshaping security and risk. Whether you are using it or not, security and risk are being impacted and you need to think about what your plan is to tackle these new threats. - link [security] - ( Added: 2026-04-09 11:29:53 )
Really great post on how to approach the fragmentation problem when teams want to leverage different tools - link [best-practice] - ( Added: 2026-04-02 15:57:51 )
A blog post on why you should start a blog - provides some good reasons, and these defo ring true for me. - link [opinion] - ( Added: 2026-03-31 08:21:35 )

Generated on 2026-04-20 by Bookmark Manager | 28th Mar 26 to 20th Apr 26 | Total bookmarks: 58

Follow me on LinkedIn or GitHub

Getting hands on with spec driven development

Ricardo Sueiras — Tue, 14 Apr 2026 10:02:06 +0000

If you are interested in learning more about Spec Driven Development, I am happy to share that I will be running workshop with Simon Martinelli on the 14th May, that will help developers get started.

A lot of developers today are already using AI but still struggling to make the output consistent and production-ready. That’s exactly what this workshop focuses on. You will walk away with a clear idea of how you can apply spec driven development to your own projects.

Use this link , and use the code RIC40 to get a discount.

Reading list (17th to 28th March)

Ricardo Sueiras — Sat, 28 Mar 2026 14:57:15 +0000

These are the current online posts that I enjoyed reading and made me think.

AI

Scion is an experimental multi-agent orchestration testbed designed to manage concurrent LLM-based agents running in containers across your local machine and remote clusters. It enables developers to run groups of specialized agents with isolated identities, credentials, and workspaces, allowing for a dynamic and evolving graph of parallel execution of tasks such as research, coding, auditing, and testing. - link [tool] - ( Added: 2026-03-28 12:50:21 )
Runtime safety infrastructure for AI agents. Kernel-enforced isolation, supply-chain security, immutable auditing, atomic rollbacks, credential management, and more. - link [tool] - ( Added: 2026-03-27 22:03:00 )
A great summary of agentic AI frameworks and tools for Java - link [tool] - ( Added: 2026-03-27 20:51:03 )
Run Claude Code in local sandboxed docker containers - tool that provides full Claude credentials - link [code-repo] - ( Added: 2026-03-24 19:55:01 )
Excellent post about how to improve accuracy of your agentic AI application using a number of approaches - link [best-practice] - ( Added: 2026-03-24 15:34:36 )
llm-d is a high-performance distributed inference serving stack optimized for production deployments on Kubernetes. We help you achieve the fastest "time to state-of-the-art (SOTA) performance" for key OSS large language models across most hardware accelerators and infrastructure providers with well-tested guides and real-world benchmarks. - link [code-repo] - ( Added: 2026-03-24 11:31:22 )
Some useful advice on how to prepare and position how developers interact with your platform or system - link [opinion] - ( Added: 2026-03-23 17:24:29 )
A great series diving into Claude Code. One of the better guides I’ve read. - link [opinion] - ( Added: 2026-03-21 20:40:24 )

CODING

A nice tool that helps you reduce token use when exploring your code base in Claude - link [tool] - ( Added: 2026-03-28 08:31:33 )
FeatureOps is the discipline of controlling software behavior at runtime. It extends DevOps pillars (flow, feedback, continuous learning) into the layer where real user value lives: the features themselves. Where DevOps asks "is the code deployed?", FeatureOps asks "is the feature working for the right users at the right time?" - link [opinion] - ( Added: 2026-03-23 12:02:55 )
A set of opinionated steering guides for a number of use cases around developing a web application - link [code-repo] - ( Added: 2026-03-17 09:57:26 )

TECH

Want to dive deep into how to measure your DevRel activities? Take a look at this blog post that has some good ideas that you can lean into. - link [opinion] - ( Added: 2026-03-23 16:56:22 )
The developer advocate flywheel - link [opinion] - ( Added: 2026-03-23 16:47:13 )
A nice history and timeline that looks at how we got to modern day developer advocacy from the initial evanglism roots - link [case study] - ( Added: 2026-03-23 13:35:08 )
A good summary of how to approach developer marketing - link [best-practice] - ( Added: 2026-03-23 13:31:01 )
A great set of essays on how to think about developer relations - link [opinion] - ( Added: 2026-03-23 12:03:27 )

Generated on 2026-03-28 by Bookmark Manager | 17th Mar 26 to 28th Mar 26 | Total bookmarks: 16

Follow me on LinkedIn or GitHub

Reading list (10th - 16th of March)

Ricardo Sueiras — Tue, 17 Mar 2026 09:32:17 +0000

These are the current online posts that I enjoyed reading and made me think.

AI

Find out how Anthropic models are being used across geographical regions. Broken down by use cases - link [report] - ( Added: 2026-03-15 14:49:37 )
A look at a new tool to sandbox AI agents on MacOS, which the zooms out and looks at some of the broader questions you need to ask yourself - link [tool] - ( Added: 2026-03-15 14:37:21 )
A new agent orchestration project, this time from Bytedance - link [tool] - ( Added: 2026-03-15 11:17:48 )
Rightsizing engineering teams in the agentic AI age - link [opinion] - ( Added: 2026-03-15 10:58:03 )
Great thoughtworks piece on the agentic SDLC and how to think and plan ahead - link [opinion] - ( Added: 2026-03-15 10:56:24 )
Fascinating write up by an openclaw agent that was tasked to research and come up with ways to improve itself - link [opinion] - ( Added: 2026-03-15 10:39:42 )
A great tool to test your agents to see if they can be asked to do things they shouldn’t do. - link [tool] - ( Added: 2026-03-15 10:31:33 )
A detailed guide on different security postures when it comes to deploying Claude Cowork - details and specifics are what set this post apart. - link [best-practice] - ( Added: 2026-03-12 21:16:15 )
A nice enterprise architecture reference implementation of agentic ai building blocks - link [opinion] - ( Added: 2026-03-12 20:55:11 )
This is a great read of one date engineer's experience of using Claude Code to generate data engineering pipelines with dbt - the good and the not so good is covered. - link [opinion] - ( Added: 2026-03-12 12:03:41 )
Research paper on the security foundations of agentic systems - well worth reading to understand the security problem space - link [research] - ( Added: 2026-03-12 10:56:55 )
Fantastic post that looks at the timeline of maturity for agentic aI - link [opinion] - ( Added: 2026-03-12 09:31:08 )
Want to run your agentic apps in Kubernetes? Give this repo a try out (looks like OpenAI only from the docs) - link [code-repo] - ( Added: 2026-03-11 14:51:55 )
It is rare to find a detailed post on how to approach testing agentic AI code, but this post walks you through how to use a layered approach. Very nice. - link [opinion] - ( Added: 2026-03-11 13:31:38 )
The lethal trifecta for AI agents: private data, untrusted content, and external communication - import post to understand some of the foundational risks with agentic based AI - link [best-practice] - ( Added: 2026-03-11 12:19:08 )
An implementation of integrate Cedar policies and Calude Code (via hooks) - link [tool] - ( Added: 2026-03-11 11:40:41 )
A nice blog post around using Cedar policies with agentic flows. Different to AgentCore which also uses Cedar. - link [opinion] - ( Added: 2026-03-11 11:36:46 )
State of the art open source text to speak model - Trained on over 10 million hours of audio across approximately 50 languages, S2 combines reinforcement learning alignment with a Dual-Autoregressive architecture to generate speech that sounds natural, realistic, and emotionally rich. - link [code-repo] - ( Added: 2026-03-11 09:27:11 )
A nice collection of prompts with explanations. I don’t normally read these as I find that spending time experimenting provides better learning but these were good and I’ll be testing a few out - link [opinion] - ( Added: 2026-03-10 19:16:31 )
A new macOS menu bar tool to run/manage local LLMs. Nice features and this one is optimised for Apple silicon - link [tool] - ( Added: 2026-03-10 08:24:52 )

CODING

Really good opinion piece on how to think (and approach) reviewing agentic code contributions - link [opinion] - ( Added: 2026-03-15 10:51:33 )
A TypeScript library for easy scripting of AI agents. Thinkwell provides a fluent API for blending deterministic code with LLM-powered reasoning. - link [tool] - ( Added: 2026-03-12 09:18:17 )
If you want to use AI coding assistants to build Rust code, then this is the framework you need to look at. Anecdotes say it generates consistently better code. - link [tool] - ( Added: 2026-03-12 09:17:45 )
AgentDiff is a CLI tool that hooks into Claude Code and tracks every file change with its prompt, reasoning, and task context. Think git blame, but for the why behind AI-generated code. Works with any language, any codebase. - link [tool] - ( Added: 2026-03-10 19:08:46 )

TECH

Newspeak House, The London College of Political Technology, is an independent residential college founded in 2015. Our mission is to study, nurture and inspire emerging communities of practice across civil society and the public sector in the UK. - link [opinion] - ( Added: 2026-03-11 14:22:09 )

AWS

A new and comprehensive resource for learning about DevSecOps and cloud security - link [best-practice] - ( Added: 2026-03-10 19:25:59 )

Generated on 2026-03-17 by Bookmark Manager | 10th Mar 26 to 16th Mar 26 | Total bookmarks: 26

Follow me on LinkedIn or GitHub

What I have been reading this week (2nd - 9th of March)

Ricardo Sueiras — Mon, 09 Mar 2026 11:16:13 +0000

This is what I read about and tried this week.

AI

A graph-based tool routing library for LLM agents. Instead of asking your LLM "what tool should I use next?" at every step, Self-Healing Router models your tools as a weighted directed graph and uses Dijkstra's algorithm for deterministic routing. When a tool fails, edge weights update to infinity and the path recomputes automatically. The LLM is only called as a last resort — when no feasible path exists. - link [tool] - ( Added: 2026-03-09 11:12:40 )
More about sandboxing agents. Worth reading - link [opinion] - ( Added: 2026-03-08 18:37:02 )
Claude Code introduces evals for skill creation meaning you can now measure and improve your context - link [best-practice] - ( Added: 2026-03-07 15:22:11 )
Very nice tool that allows you to build voice based applications using ultra low latency response times - supports cloud based and local models - link [code-repo] - ( Added: 2026-03-06 14:22:02 )
From Alibaba, an open source project that provides a new specification for creating sandboxes for your agentic applications. Supports some agents/frameworks/tools - link [tool] - ( Added: 2026-03-06 11:28:08 )
A runtime MCP layer that provides some enterprise level capabilities to your agentic applications - link [tool] - ( Added: 2026-03-04 20:58:03 )
Even if LLMs continue to get exponentially more powerful, there will be core engineering techniques that make LLM-powered software more reliable, more scalable, and easier to maintain. If you want to know what those are, check out this repo - link [opinion] - ( Added: 2026-03-04 20:35:14 )
The Agentic Engineering Guide. 10 parts, 33 chapters. Context engineering, authorization, cost control, evaluation, adoption playbooks. Rather than a hands on tutorial, this is more about the decisions you face when adopting agents, in the order you face them. - link [opinion] - ( Added: 2026-03-04 19:58:51 )
A new project that provides you with options for running your agentic ai in isolated sandboxes, both local and prod scale - link [tool] - ( Added: 2026-03-04 19:47:59 )
From the folks behind the warp terminal, comes Oz he orchestration platform for cloud agents. Spin up unlimited parallel cloud coding agents - programmable, auditable, and fully steerable. - link [tool] - ( Added: 2026-03-04 18:26:42 )
Worth reading if you think that keeping Claude in a container is all you need when it comes to sandboxing strategy. Yeah, this included me too! - link [best-practice] - ( Added: 2026-03-04 09:21:55 )
If you are looking to get some hands on training on Claude, then you can do worse than review this selection of courses. - link [tutorial] - ( Added: 2026-03-04 09:19:23 )
Very cool new library that has a really nice UI to help you keep track of what your agentic applications are doing. Instruments everything and allows you to replay and view all previous transactions via the nice UI - link [tool] - ( Added: 2026-03-03 17:26:33 )
A really great post from Mike Chambers that looks at "on demand application generation" and how the current state of where we are allows you to build this whilst looking at emerging new tools/frameworks that are making it simpler than ever to build apps "on demand" - link [opinion] - ( Added: 2026-03-03 10:21:40 )

OSS

Latest post on the fun and games that are copyright and AI. Some good references in this post, that keeps you up to date. - link [opinion] - ( Added: 2026-03-08 09:14:14 )

CODING

A new way of think about how to orchestrate ai coding assistants - link [opinion] - ( Added: 2026-03-06 14:22:48 )
Ghost is a CLI that flips the git workflow: instead of committing code, you commit prompts. An AI coding agent generates the artifacts; the commit captures both the intent and the output. Your git history becomes a chain of prompts + their results. - link [tool] - ( Added: 2026-03-04 09:20:54 )
A plug-and-play framework for generating projects with Claude Code CLI — optimized for speed, token efficiency, and consistent output across any language or framework. - link [tool] - ( Added: 2026-03-04 09:20:16 )
A new tool for users of Kiro CLI on macOS, that provides a nifty menu bar toggle to manage your MCP servers - link [tool] - ( Added: 2026-03-03 08:04:00 )

AWS

Demo code that shows an example of what you can do with Durable Functions in an an event driven architecture flow - link [code-repo] - ( Added: 2026-03-06 11:13:34 )
If you are looking to take AWS certification tests, then you can get vouchers which are valid for 12 months across Foundation, Associate, and Professional tiers - link [best-practice] - ( Added: 2026-03-04 09:25:38 )

Generated on 2026-03-09 by Bookmark Manager | 3rd Mar 26 to 9th Mar 26 | Total bookmarks: 21

Follow me on LinkedIn or GitHub

What I have been reading this week (25th Feb to 1st March)

Ricardo Sueiras — Sun, 01 Mar 2026 18:00:15 +0000

These are the current online posts that I enjoyed reading and made me think.

AI

AWS responsible use of AI guide (pdf) - link [best-practice] - ( Added: 2026-03-01 15:16:45 )
Agentic AI is an amplifier, for both good and bad organisational behaviours. This post looks at some of the things you might observe for those who have not yet got their house in order - link [opinion] - ( Added: 2026-03-01 13:12:29 )
A good post on how to setup observability for your agentic applications. - link [opinion] - ( Added: 2026-03-01 10:32:37 )
A neat tool that will help you right size LLMs for a given hardware spec. It detects your hardware, scores each model across quality, speed, fit, and context dimensions, and tells you which ones will actually run well on your machine. - link [tool] - ( Added: 2026-03-01 00:24:15 )
Another open source tool that allows you to "compact" your context and in the process help you reduce the input/output tokens used. Supports lots of common frameworks (Strands, LangChain, etc) and model providers (Amazon Bedrock) - link [tool] - ( Added: 2026-02-28 19:53:17 )
Research paper that looks at how to measure the reliability of agents - it proposes 12 metrics across four dimensions: 1/Consistency (does it behave the same across multiple runs?) 2/Robustness (does it handle and recover from tool failures - API errors, timeout, throttled, etc.?) 3/ Predictability (does the AI's confidence of success match reality?) and 4/ Safety (how often does it violate constraints, and how severe are the failures?) - link [best-practice] - ( Added: 2026-02-28 14:47:35 )
A benchmark that measures how models answer “bullshit” questions. It’s measured whether they push back (good) or go full on sycophantic and do it anyway. Why is this important? In an agentic flow, you want to have some confidence that your models are going to act/behave the right way when told to do stupid things. - link [code-repo] - ( Added: 2026-02-27 09:19:24 )
Why running the Context Development Lifecycle over time produces a compounding advantage your competitors can't copy. - link [opinion] - ( Added: 2026-02-26 14:20:47 )
YT Video from The Pragmatic Summit. This session (panel) was titles "Building world-class engineering teams in the age of AI" with Thomas Dohmke (cofounder & CEO, Entire, previously CEO at GitHub) and Rajeev Rajan (CTO, Atlassian). - link [video] - ( Added: 2026-02-25 16:14:54 )
Whitepaper that helps you figure out how to think about organisational adoption of AI - link [best-practice] - ( Added: 2026-02-25 16:09:54 )
Essential reading - a number of reports that help you navigate the agentic AI landscape through tools like the AI capabilities framework and various reports. - link [best-practice] - ( Added: 2026-02-25 16:08:30 )
A look at how the Agentic AI Foundation (AAIF) grew to 146 members (including 97 new Gold and Silver companies), launched MCP Apps as a landmark OpenAI-Anthropic collaboration, and established a full governance structure with a Governing Board, Technical Committee, and seven working groups. - link [opinion] - ( Added: 2026-02-25 13:40:15 )
Book on what AI Native Engineering is - being developed in the open - link [opinion] - ( Added: 2026-02-25 09:55:56 )
Techniques that you can use to reduce hallucinations when working with LLMs - link [best-practice] - ( Added: 2026-02-25 09:52:16 )

AWS

An ebook from AWS that helps you analyse which foundational model is the best fit for your use case - link [best-practice] - ( Added: 2026-03-01 15:09:27 )
If you are looking to migrate to the cloud, one of the first steps you will need to complete is setting up your landing zone. This is the AWS prescriptive guide on how to set this up. - link [best-practice] - ( Added: 2026-02-27 15:18:31 )

CODING

If you need to do any sort of local dev or testing with email, this project makes that easier. Nice and simple to get started, with great features and a nice UI - link [tool] - ( Added: 2026-03-01 13:28:21 )
Must read post on the impact of agentic AI on the software developers lifecycle (SDLC) - link [opinion] - ( Added: 2026-03-01 13:15:17 )
One of the best posts u have read on how agentic AI might impact and change software development. - link [opinion] - ( Added: 2026-03-01 12:56:38 )
Looks super interesting- using Claude hooks together with deterministic tools to provide a new kind of workflow. - link [opinion] - ( Added: 2026-03-01 10:26:06 )
New tool that can be used to ‘desloppify’ your vibed code. Looks interesting- installs a tool and is then run via a prompt. - link [tool] - ( Added: 2026-03-01 10:22:31 )
Verified Spec Driven Development unified software engineering methodology that fuses three proven paradigms into a single AI-orchestrated pipeline: - link [opinion] - ( Added: 2026-03-01 00:18:15 )
Anthropic Claude Code skills training course - link [tutorial] - ( Added: 2026-02-26 22:18:00 )
AWS Hero Matt Lewis shares some code snippets used as part of his session at re:Invent to showcase some different approaches to code migration/transformation - link [code-repo] - ( Added: 2026-02-26 11:00:09 )
An interesting idea - create functions without code, but with prompts, tests, and validators. Crazy or the future? You decide - link [opinion] - ( Added: 2026-02-25 16:30:07 )
A YT Video featuring Laura Tacho (dgx.com) on how organisations are really using/adopting AI coding tools - link [video] - ( Added: 2026-02-25 11:18:01 )

OSS

For commercial open source projects, agentic AI is creating new risks that allow anyone to reproduce your stack (NextJS, etc). Is it time to rethink how you manage your test suite? More questions than answers. - link [opinion] - ( Added: 2026-02-28 21:17:15 )
In this study, LF Research has tackled this question through the analysis of results from a survey and quantitative model on contribution ROI. Findings show that organizations spend hundreds of thousands of dollars maintaining private forks or developing internal workarounds, while those who choose to contribute upstream experience faster responses to security issues, increased development speeds, and easier talent retention. Reported benefit-to-cost ratios from OSS contributions are 2-5x on average, and the model estimates that contributing organizations yield a 6x ROI from their investments. - link [report] - ( Added: 2026-02-27 12:12:33 )
Redmonk take on oss and AI slop - link [opinion] - ( Added: 2026-02-24 22:25:44 )
Impact of vibe coding on open source projects. Some great data points and much food for thought. - link [opinion] - ( Added: 2026-02-24 21:50:01 )

TECH

A great post on why a lot of developer programs fail, with opinions on how to fix that. It’s a hard problem for sure. - link [opinion] - ( Added: 2026-02-27 09:24:43 )
A great talk on the five immutable patterns of system design: evolvability, encapsulation, coupling, understanding, and failure. Well worth a watch - delivered silky smooth by James Eastham - link [best-practice] - ( Added: 2026-02-26 16:57:50 )
Microsoft's take on understanding and then building resilient systems - contains some good slides to help you understand how to communicate these to stakeholders - link [video] - ( Added: 2026-02-26 14:48:10 )
If you want to dive deep into best practices around newsletters, then look no more - this post is an incredible resource and provides great best practices. - link [best-practice] - ( Added: 2026-02-25 16:12:33 )
A good tutorial on setting up a prod gitops environment - Kubernetes (Amazon EKS / Karpenter) with argoCD. - link [tutorial] - ( Added: 2026-02-25 09:47:13 )

Generated on 2026-03-01 by Bookmark Manager | 24th Feb 26 to 1st Mar 26 | Total bookmarks: 35

Follow me on LinkedIn or GitHub

What I am currently reading (Feb 23rd)

Ricardo Sueiras — Wed, 25 Feb 2026 11:09:48 +0000

What I am currently reading ( 23rd Feb 26 )

These are the current online posts that I enjoyed reading and made me think.

CODING

A tool that provides observability across your Claude Code sessions - when running multi agent swarms this provides some nice info on what they are all up to - link [tool] - ( Added: 2026-02-23 17:47:05 )
Brooks proved in 1975 that adding more programmers to a late project makes it later because communication overhead grows faster than output. AI agents have the same problem. They eliminate accidental complexity (boilerplate, tooling, setup) but generate new accidental complexity as they go. McKinney’s finding: beyond 100,000 lines, agents start chasing their own tails, refactoring each other’s output in circles. - link [opinion] - ( Added: 2026-02-23 16:58:17 )
Breakthrough Method of Agile AI Driven Development - an AI-driven agile development module for the BMad Method Module Ecosystem, the best and most comprehensive Agile AI Driven Development framework that has true scale-adaptive intelligence that adjusts from bug fixes to enterprise systems. - link [tool] - ( Added: 2026-02-23 16:56:07 )
A primer on how you can use a feature of git (worktrees) to help with maximise the number of parallel agentic ai processes you can orchestrate during a working session - link [tutorial] - ( Added: 2026-02-23 14:09:12 )
A collection of skills for the Antigravity AI coding tool - link [tool] - ( Added: 2026-02-23 14:06:58 )
Thoughtworks report on the future of software engineering - Senior engineering practitioners from major technology companies gathered for a multi-day retreat to confront the questions that matter most as AI transforms software development. - link [opinion] - ( Added: 2026-02-23 09:11:07 )
Interesting new take on SDLC - the context development lifecycle maps out how to optimise context for better agentic ai output - link [opinion] - ( Added: 2026-02-23 08:55:47 )

AI

A very cool project that allows you to do agent sandboxing. provides a managed service as well as the code so you can run it yourself. - link [tool] - ( Added: 2026-02-23 17:45:59 )
A free detailed book on agentic ai architecture and development patterns - link [best-practice] - ( Added: 2026-02-23 17:03:31 )

OSS

Redmonk take on oss and AI slop - link [opinion] - ( Added: 2026-02-23 22:25:44 )
Impact of vibe coding on open source projects. Some great data points and much food for thought. - link [opinion] - ( Added: 2026-02-23 21:50:01 )

Generated on 2026-02-25 by Bookmark Manager | 23rd Feb 26 to 25th Feb 26 | Total bookmarks: 15

Follow me on LinkedIn or GitHub

What I am currently reading (Feb 17th)

Ricardo Sueiras — Wed, 25 Feb 2026 11:07:29 +0000

What I am currently reading ( 17th Feb 26 )

These are the current online posts that I enjoyed reading and made me think.

AI

A new CNCF inspired look at the agentic AI space - link [tool] - ( Added: 2026-02-22 23:48:00 )
A detailed 100 page guide from Jeremy Daley on how to build production grade multi tenant systems - link [best-practice] - ( Added: 2026-02-22 21:03:48 )
A new take on why we have not lost anything to our agentic AI overlords - worth reading to get some alternative view points - link [opinion] - ( Added: 2026-02-22 15:43:55 )
How to deploy production AI applications on AWS - architectural patterns and blueprints - link [best-practice] - ( Added: 2026-02-21 14:24:23 )
A bunch of system prompts you can use to help define different agentic personas - link [tool] - ( Added: 2026-02-18 12:24:33 )
Tips on getting the best out of Claude Code - link [best-practice] - ( Added: 2026-02-18 12:23:14 )
Swamp is a CLI that supercharges AI agents to create operational workflows that are reviewable, shareable, and accurate. Built for agents, there to empower humans. - link [tool] - ( Added: 2026-02-18 12:21:01 )
Opinionated approach to deploying agentic applications to run on Amazon EKS - link [best-practice] - ( Added: 2026-02-18 12:10:18 )
A sample production architecture for deploying agents - link [code-repo] - ( Added: 2026-02-18 10:22:15 )

CODING

cc-setup solves MCP Server overload and complexity when using Claude Code by letting you define all your servers and plugins once in a central registry, then selectively enable only the ones each project needs. - link [tool] - ( Added: 2026-02-22 21:46:52 )
A blog post that outlines the maturity levels of developers using agentic AI tooling - link [opinion] - ( Added: 2026-02-22 15:38:40 )
Timebound-IAM is an MCP Server that issues short-lived, service-scoped AWS credentials via STS AssumeRole so that AI coding agents (like Claude Code) can access AWS resources without long-lived keys. Credentials are time-bounded (15 minutes to 12 hours), scoped to specific services and access levels (read-only or full), and automatically cleaned up on expiry. - link [tool] - ( Added: 2026-02-19 10:30:42 )
Backlog.md turns any folder with a Git repo into a self‑contained project board powered by plain Markdown files and a zero‑config CLI. Built for spec‑driven AI development — structure your tasks so AI agents deliver predictable results. - link [tool] - ( Added: 2026-02-18 16:39:18 )
A good post on how to use Claude to ship code - link [opinion] - ( Added: 2026-02-18 12:25:34 )
Claude Skill to help with Test Driven Development (tdd) - link [tool] - ( Added: 2026-02-18 12:23:49 )
Sample AI-DLC implementation patterns - link [code-repo] - ( Added: 2026-02-18 10:25:40 )
A set of AWS specific plugins for Claude - link [code-repo] - ( Added: 2026-02-18 10:22:44 )

AWS

A good doc that covers use cases and options on how to use aws-vault to ensure you use secure, short lived credentials when accessing your AWS resources - link [tool] - ( Added: 2026-02-19 14:56:00 )

TECH

This is what a good CV looks like - link [best-practice] - ( Added: 2026-02-18 12:56:54 )

OSS

Good article positioning open source licensing models against digital sovreignty - link [strategy] - ( Added: 2026-02-17 15:53:49 )

Generated on 2026-02-25 by Bookmark Manager | 17th Feb 26 to 22nd Feb 26 | Total bookmarks: 20

Follow me on LinkedIn or GitHub

What I am currently reading (Jan 16th)

Ricardo Sueiras — Wed, 25 Feb 2026 11:05:59 +0000

What I am currently reading ( 2nd Feb 26 )

These are the current online posts that I enjoyed reading and made me think.

AI

AWS Agentic development patterns - link [best-practice] - ( Added: 2026-02-16 13:12:05 )
A multi agent system for Kiro - similar to my player/coach model - link [code-repo] - ( Added: 2026-02-16 12:18:39 )
Video on getting started in building your AI strategy - link [strategy] - ( Added: 2026-02-16 12:17:27 )
What is Ralph Wiggum in the context of agentic ai - link [opinion] - ( Added: 2026-02-16 12:15:34 )
timeline on how to become ai native - link [opinion] - ( Added: 2026-02-16 12:15:05 )
A very interesting tool that helps you compress context, which will save on tokens (and therefore $$$) - link [code-repo] - ( Added: 2026-02-16 12:09:02 )

CODING

Intro tutorial to using Claude - link [tutorial] - ( Added: 2026-02-16 12:55:13 )
Agentic design patterns - link [best-practice] - ( Added: 2026-02-16 12:30:22 )
Using Dagger to do multi agent/parallel development using Kiro CLI - link [best-practice] - ( Added: 2026-02-16 12:29:21 )
A tutorial on how to use git worktrees - link [best-practice] - ( Added: 2026-02-16 12:24:02 )
How orgs choose and evaluate ai coding assistants - link [opinion] - ( Added: 2026-02-16 12:16:29 )
Views on automating of developers - link [opinion] - ( Added: 2026-02-16 12:15:54 )
A guide on using ai coding assistants to review code - link [opinion] - ( Added: 2026-02-16 12:14:34 )
A tutorial on getting started with AI coding (Claude based) - link [best-practice] - ( Added: 2026-02-16 12:14:09 )
View on impact of ai coding assistants and the quality of code that we write - link [opinion] - ( Added: 2026-02-16 12:13:29 )
CLI used to manage swarm agents to build software - link [code-repo] - ( Added: 2026-02-16 12:08:17 )

OSS

Todo definition of OSPO - link [best-practice] - ( Added: 2026-02-16 12:29:45 )
Case study of setting up an OSPO - link [case study] - ( Added: 2026-02-16 12:28:34 )
How to set up an OSPO - link [case study] - ( Added: 2026-02-16 12:27:00 )
Todo guide on setting up OSPO - link [best-practice] - ( Added: 2026-02-16 12:26:25 )

Generated on 2026-02-25 by Bookmark Manager | 2nd Feb 26 to 16th Feb 26 | Total bookmarks: 20

Follow me on LinkedIn or GitHub

Using aws-vault to manage access to your AWS resources from Kiro CLI

Ricardo Sueiras — Thu, 19 Feb 2026 21:14:45 +0000

As we say at AWS, security is our top priority. This is why I have been spending time thinking about how to manage what our agentic AI tools can do. After publishing a previous post on this topic (Getting Kiro CLI to use short lived AWS credentials), this post takes a look at another approach you can take. Vincent reminded me about an awesome open source tool called aws-vault that helps developers move to using short lived, temporary credentials. In this post I wanted to compare and contrast approaches. But first, let me walk you through the setup.

The documentation for aws-vault is good, and it has pretty much everything you need. That said, I did want to include in this post how I configured it to work with AWS Identity Centre, which is what I use.

Setting things up

Like timebound-iam, aws-vault is a tool that needs to be installed. Installation is painless, a quick "brew install aws-vault" and I was good to go.

Also like timebound-iam, you need to associate aws-vault with credentials. aws-vault provides a lot of flexibility with regards to how it will work with your existing credentials (go check the usage guide for info).

In my particular setup, as I use AWS Identity Centre, this is what I did to get aws-vault working for me.

From the IdC console, I created a new permissions set that I would associated with aws-vault. This entails either using existing managed IAM policies or creating your own. I decided to use a managed ReadOnly policy that provides me with only read access to my AWS environment (I called this KiroCLIView)
From the IdC console, I assigned this to an existing user and my AWS account
I then created a new sso profile in my local "~/.aws/config" that looks like this (where {aws_account_no} is my AWS account number):

[profile KiroCLIView]
sso_start_url=https://beachgeek-uk.awsapps.com/start
sso_account_id = {aws_account_no}
sso_role_name = KiroCLIView
sso_region = eu-west-1
region = eu-west-1

That is all I had to do. To test it, I used the following command:

aws-vault exec KiroCLIView -- aws s3 ls

After first asking me to provide a password to my keystore, a new browser window is opened, and I then follow my typical Idc login flow (user credentials and MFA token). I only have to do this the first time, subsequent logins are simplified.

Opening the SSO authorization page in your default browser (use Ctrl-C to abort)
https://beachgeek-uk.awsapps.com/start/#/device?user_code=FJBS-GWZH

After entering my details, I now see a list of my buckets on S3.

Like timebound-aim, aws-vault provides tools to help you manage your sessions. I can view all existing sessions using "aws-vault list"

Profile                  Credentials              Sessions
=======                ===========           ========
KiroCLIView          -                              sso.GetRoleCredentials:11h57m52s
-                               -                               oidc:https://beachgeek-uk.awsapps.com/start

I can also clear any sessions using is the "aws-vault clear" (you will be asked to authenticate when you do this).

Configuring Kiro

On the Kiro side, the setup is simpler - no MCP server. All I do is create a new custom agent with a rule file that asks it to always use aws-vault when accessing AWS resources. This is what it looks like:

**When accessing AWS resources**

- ALWAYS use aws-vault to login to AWS when you need to access AWS resources
- To get credentials, you will have to use "aws-vault exec KiroCLIView" to initially get access to AWS credentials

and here is my custom agent config file

{
  "name": "vault",
  "description": "",
  "prompt": null,
  "mcpServers": {
  },
  "tools": [
    "*"
  ],
  "toolAliases": {},
  "allowedTools": [],
  "resources": [
    "file://AGENTS.md"],
  "hooks": {},
  "toolsSettings": {}
}

From within my Kiro CLI session, when I now ask it to interact with AWS, I can see that Kiro CLI is ensuring that aws-vault is used to generate these temporary credentials.

[vault] >

tell me what is in my s3 bucket 094459-assets

> I'll list the contents of your S3 bucket 094459-assets using aws-vault for credentials.
I will run the following command: aws-vault exec KiroCLIView -- aws s3 ls s3://094459-assets/ (using tool: shell)
Purpose: List contents of S3 bucket 094459-assets using aws-vault

Opening the SSO authorization page in your default browser (use Ctrl-C to abort)
https://beachgeek-uk.awsapps.com/start/#/device?user_code=QFRZ-VPWL

<redacted>

Files:
- HTML files: about.html, index.html
- JavaScript libraries: linkify-html.js, linkify.js, qrcode.js
- Images: favicon.ico, presign-arch.png, several JPEG files
- Video files: Multiple large MP4 files (OSS news episodes 165-174, ranging from ~186MB to ~305MB)
- Log file: audit.log (47 bytes, updated today)

The bucket has a mix of web assets, video content, and some presigned URL test files based on the naming
patterns.

 ▸ Credits: 0.08 • Time: 34s

If I ask it to write a file into this bucket

[vault] > can you write a file called audit.test into that bucket

> I'll create a file called audit.test and upload it to your S3 bucket.
I will run the following command: echo "test" > /tmp/audit.test && aws-vault exec KiroCLIView -- aws s3 cp /tmp/audit.test s3://094459-assets/audit.test (using tool: shell)
Purpose: Create audit.test file and upload to S3 bucket

upload failed: ../../../../tmp/audit.test to s3://094459-assets/audit.test An error occurred (AccessDenied) when calling the PutObject operation: User: arn:aws:sts::704533066374:assumed-role/AWSReservedSSO_KiroCLIView_c3c565557df10f4f/ricsue@amazon.co.uk is not authorized to perform: s3:PutObject on resource: "arn:aws:s3:::094459-assets/audit.test" because no identity-based policy allows the s3:PutObject action
 - Completed in 1.431s

> I can't upload the file because your current AWS role (KiroCLIView) doesn't have s3:PutObject
permissions on this bucket. The role only has read access.

You'll need to either:
- Use a different AWS profile/role with write permissions to this bucket
- Have an administrator grant s3:PutObject permission to your current role

 ▸ Credits: 0.06 • Time: 8s

It works as expected.

If I open up a new terminal, and use my normal credentials which does have write access, I can successfully write the file.

>~/kiro-cli/aws-vault  aws s3 cp AGENTS.md s3://094459-assets
upload: ./AGENTS.md to s3://094459-assets/AGENTS.md

 >~/kiro-cli/aws-vault  aws s3 ls 094459-assets
                           PRE uploads/
2026-02-19 17:46:43        226 AGENTS.md

If I logout of that session and then try and access my AWS resources, I get the usual error

Unable to locate credentials. You can configure credentials by running "aws login".

This is a little more flexible than timebound-iam, which requires you to have an active AWS session to work.

The final thing I wanted to try is to configure the duration of the temporary credentials. timebound-iam has a 15 min session timeout, but I noticed that the credentials aws-vault were using were set to 60 minutes. It turns out that you can configure most of the characteristics of your session by using environment variables (great docs make a big difference).

By setting "AWS_SESSION_TOKEN_TTL=15m" in my rules file, I was able to tune those temporary credentials down from the default. Nice.

Which one should you use?

In these two posts I have looked at a couple of ways you can manage access to your AWS resources from your agentic AI tools. I guess the question some of you might be asking is which one should I use?

They both perform similar tasks, and have similar requirements to get them up and running. That said, there are a couple of things that are nudging me towards aws-vault over timebound-iam. First is maturity. timebound-iam is a new tool and so its just getting started. I am sure it will develop and mature over time, but it lacks the features and capabilities that have evolved in aws-vault over the years. The second reason is that timebound-iam requires you to have a valid AWS session before it will generated short lived credentials, something that you do not need with aws-vault. This feels cleaner and it also mitigates the scenario where the agent might try and work around the rules files you create. The final reason is simplicity - timebound-iam is an MCP server which requires that additional configuration, whereas aws-vault is just something you define in your rules file.

In this short video you can see aws-vault in action.

What's next?

The last two posts have looked at just one aspect of how you can manage access to downstream systems that your agentic AI tools are using. Whilst in these examples I have used my AWS account and resources, it is likely that you will be access a much broader range of systems. You should start to think about what tools exist that will allow you to manage control to those systems.

This has got me thinking about creating something more comprehensive. Across the different layers, how can we optimise for control and security. Watch this space, as I will be noodling and coming up with some thoughts on this in the coming weeks.

Get started today

You can get started with Kiro CLI today for free. Download it from this link. I have created a workshop if you are new to Kiro CLI and the Kiro CLI workshop will walk you through getting started with the terminal based Kiro CLI tool, and provides a comprehensive overview as well as advanced topics.

Finally, if you did find this post interesting, helpful, or useful, I would love to get your feedback. Please use this 30 second feedback form and I will be forever grateful.

Made with ♥ from DevRel

Getting Kiro CLI to use short lived AWS credentials

Ricardo Sueiras — Thu, 19 Feb 2026 12:44:58 +0000

Agentic AI tools like Kiro IDE and Kiro CLI are pretty awesome. You provide the right context, the right prompt, and away they will go. After a period of time, you can now review the output.

Early on developers understood the power, but also the potential harm that could be cause (and we began to read stories like this one. Most developer tools now provide capabilities that allow you as a developer to have fine grain control of what they can and more importantly, should never do. (If you want details, you can check out my hands on workshop on Kiro CLI where I dive deep into these capabilities here)

As an aside, if the tool you are using does not provide these controls, you should seriously look at re-evaluating the tools and find the one that works best for you!

timebound-iam

This week I discovered a new tool that can help you provide further controls on what your agentic AI tools can do, specifically when it comes to providing controls about how to limit access to your AWS resources.

timebound-iam is an mcp server that allows you to vend short term credentials to access your AWS resources. It is pretty simple in concept.

You define a role and permissions policy that you associate with your agentic AI tool (in my case I am using Kiro CLI)
You install the timebound-iam tool in your machine
You configure your agentic-AI tool to use this tool via MCP integration
You add steering/rules files to enforce using timebound-iam tools when access your AWS resources

Setting up my AWS permissions

The first thing I needed to do was to setup a new role and IAM policy that would be used to vend short lived credentials. I like this approach as it allows you to take an AWS approach to fine grain control over what resources you might want your agentic AI tools to have access to.

The tool provides help in this respect, providing a walk through of what you need to create. Type:

timebound-iam setup aws

And it will ask you for which services you want to control access to, and then helps you with what you need to create. I follow these instructions, and for the purposes of testing, I create a new role called "timebound-iam-broker", and generating an inline policy that looked like the following.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::094459-assets",
                "arn:aws:s3:::094459-assets/*"
            ]
        }
    ]
}

This was deliberately narrow as I wanted to test how Kiro would handle this (and how hard it would try and work around any blocks that it encountered).

Configuring this in Kiro CLI

To get this up and running in Kiro CLI, after I installed the timebound-iam tool (using brew install builder-magic/tap/timebound-iam), I created a new custom agent in Kiro. Here is my configuration.

{
  "name": "timebound",
  "description": "",
  "prompt": null,
  "mcpServers": {
    "timebound-iam": {
      "autoApprove": [],
      "disabled": false,
      "command": "/opt/homebrew/bin/timebound-iam",
      "args": [
        "serve"
      ]
    }
  },
  "tools": [
    "*"
  ],
  "toolAliases": {},
  "allowedTools": [],
  "resources": [
    "file://AGENTS.md"],
  "hooks": {},
  "toolsSettings": {},
  "includeMcpJson": true,
  "model": null
}

I then created a file in the root of my project workspace called AGENTS.md, and added these directives.

**When accessing AWS resources**

- ALWAYS use the timebound-iam mcp server to access AWS resources
- use the grant_access tool to vend short lived credentials
- NEVER use standard AWS credentials for accessing AWS resources, EVEN when you get Access Denied errors using timebound-iam

I was undecided about whether this was the best approach. I had initially thought about defining the custom agent with this as its system prompt. I might try again in the future to see if it makes any difference.

I then started my Kiro-CLI session using this custom agent. I could see that the mcp server had started successfully,

Model: auto (/model to change) | Plan: KIRO POWER (/usage for more detail)

Checkpoints are not available in this directory. Use '/checkpoint init' to enable checkpoints.

✓ timebound-iam loaded in 0.04 s

[timebound] > /mcp

timebound-iam
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
[2026:12:23]: ✓ timebound-iam loaded in 0.04 s

and that I had new tools available to me.

timebound-iam (MCP)
- grant_access                180    not trusted
- list_active_sessions         40    not trusted
- list_services                50    not trusted

I next trusted these tools using the "/tools trust {tool name}" command:

[timebound] > /tools trust grant_access


Tool '@timebound-iam/grant_access' is now trusted. I will not ask for confirmation before running this tool.

And that was it. I was now ready to test this out.

Testing timebound-iam

From the Kiro CLI prompt, I tried to do the following operations:

view files from the allowed S3 bucket
write files from the allowed S3 bucket
view files from other S3 buckets
get general info on my EC2 instances

Viewing files

This is the output I got from my Kiro CLI session:

[timebound] > list files in my s3 bucket 094459-assets

> I'll help you list the files in your S3 bucket. First, I need to get temporary credentials to access S3.
Running tool grant_access with the param (from mcp server: timebound-iam)
 ⋮  {
 ⋮    "services": [
 ⋮      "s3"
 ⋮    ],
 ⋮    "level": "read_only",
 ⋮    "ttl": "15m"
 ⋮  }

I will run the following command: env $(cat /var/folders/sn/h2yml_6n46vcq93q4c9qrzqh0000gr/T/timebound-iam-2968778292/timebound-iam-c3160a49-0aaf-4b6b-b96f-2d6428f46b26.env) aws s3 ls s3://094459-assets/ (using tool: shell)
Purpose: List files in S3 bucket 094459-assets


Allow this action? Use 't' to trust (always allow) this tool for the session. [y/n/t]:

[timebound] > t

                           PRE uploads/
2023-03-29 09:15:39       2199 about.html
<redacted>

 - Completed in 1.179s

The bucket contains 26 files plus the uploads/ directory.

 ▸ Credits: 0.14 • Time: 22s

So this worked as expected. I could see that Kiro used this tool (grant_access) to generated short lived credentials, and then executed. You can see that it generates these credentials in temp files (/var/folders/sn/h2yml_6n46vcq93q4c9qrzqh0000gr/T/timebound-iam-2968778292/timebound-iam-c3160a49-0aaf-4b6b-b96f-2d6428f46b26.env) which all look as you would expect

AWS_ACCESS_KEY_ID=ASIA2ICLXOKDCSHLV4AL
AWS_SECRET_ACCESS_KEY=XNDncGZ4HoPL8X8DtaJQSJtgfGrZkQ0QunlRVET4
AWS_SESSION_TOKEN=IQo<redacted>==

Don't panic! those credentials are short lived, if you try and use them you will get "An error occurred (ExpiredToken) when calling the ListBuckets operation: The provided token has expired."

We can use one of the tools to see the currently available (live) sessions.

[timebound] > can you list active sessions in timebound-iam

Running tool list_active_sessions with the param (from mcp server: timebound-iam)
 ⋮  {}

> You have 1 active timebound-iam sessions:

1. Session ID: timebound-iam-c3160a49-0aaf-4b6b-b96f-2d6428f46b26
   - Services: s3
   - Level: read_only
   - Expires: 2026-02-19T11:26:56Z (11m 24s remaining)

 ▸ Credits: 0.07 • Time: 9s

Writing files

Ok so what happens if we try and ask Kiro to write a file into this directory.

[timebound] > write a file called "audit.test" in the same bucket

> I'll create a file called "audit.test" in your S3 bucket. First, I need to get write access credentials.

Running tool grant_access with the param (from mcp server: timebound-iam)
 ⋮  {
 ⋮    "level": "full",
 ⋮    "services": [
 ⋮      "s3"
 ⋮    ],
 ⋮    "ttl": "15m"
 ⋮  }
 - Completed in 0.39s

I will run the following command: echo "test" | env $(cat /var/folders/sn/h2yml_6n46vcq93q4c9qrzqh0000gr/T/timebound-iam-2968778292/timebound-iam-7428f4f3-46b0-4bb9-abc7-7f979aa583e7.env) aws s3 cp - s3://094459-assets/audit.test (using tool: shell)
Purpose: Upload audit.test file to S3 bucket

upload failed: - to s3://094459-assets/audit.test An error occurred (AccessDenied) when calling the PutObject operation: User: arn:aws:sts::704533066374:assumed-role/timebound-iam-broker/timebound-iam-7428f4f3-46b0-4bb9-abc7-7f979aa583e7 is not authorized to perform: s3:PutObject on resource: "arn:aws:s3:::094459-assets/audit.test" because no identity-based policy allows the s3:PutObject action
 - Completed in 1.0s

> I received an Access Denied error. The timebound-iam credentials don't have permission to write to this bucket. This could be due to:

1. The bucket policy or IAM role restrictions
2. The timebound-iam broker role doesn't have PutObject permissions for this bucket

You may need to check the bucket permissions or the timebound-iam configuration to allow write access to the 094459-assets bucket.

 ▸ Credits: 0.12 • Time: 13s

As expected this failed. The permissions assigned to the timebound-iam-broker role does not permit write operations.

The key thing here is that IF YOU DO NOT HAVE A RULES file, then your agentic AI will try alternative approaches. Remember, I still have my standard federated credentials in my "~/.aws" directory, and so when I tried this WITHOUT the rules defined in the AGENTS.md file, Kiro just switched to using those credentials.

Rules are important and help you control the behaviour of your agentic AI tools.

Accessing EC2 resources

I get similar results when trying to access other AWS resources not defined within my timebound-iam-broker policy.

[timebound] > ok can you tell me about my ec2 instances in eu-west-1 please

> I'll get temporary credentials for EC2 and check your instances in eu-west-1.

Running tool grant_access with the param (from mcp server: timebound-iam)
 ⋮  {
 ⋮    "level": "read_only",
 ⋮    "services": [
 ⋮      "ec2"
 ⋮    ],
 ⋮    "ttl": "15m"
 ⋮  }
 - Completed in 0.153s

I will run the following command: env $(cat /var/folders/sn/h2yml_6n46vcq93q4c9qrzqh0000gr/T/timebound-iam-2968778292/timebound-iam-e2bc8a5a-23b8-4396-81fa-05c930d847ab.env) aws ec2 describe-instances --region eu-west-1 --query 'Reservations[*].Instances[*].[InstanceId,InstanceType,State.Name,PublicIpAddress,PrivateIpAddress,Tags[?Key==`Name`].Value|[0]]' --output table (using tool: shell)
Purpose: List EC2 instances in eu-west-1

An error occurred (UnauthorizedOperation) when calling the DescribeInstances operation: You are not authorized to perform this operation. User: arn:aws:sts::704533066374:assumed-role/timebound-iam-broker/timebound-iam-e2bc8a5a-23b8-4396-81fa-05c930d847ab is not authorized to perform: ec2:DescribeInstances because no identity-based policy allows the ec2:DescribeInstances action
 - Completed in 1.118s

> I'm getting an Access Denied error. The timebound-iam-broker role doesn't have permission to perform ec2:DescribeInstances.

Similar to the S3 write issue earlier, the timebound-iam system can create sessions for EC2, but the underlying broker role lacks the necessary EC2 permissions to actually describe instances.

The timebound-iam-broker role would need ec2:DescribeInstances permission added to its IAM policy to allow
querying EC2 instances.

 ▸ Credits: 0.13 • Time: 12s

Viewing other S3 buckets

As expected, even though its a READ only operation, I get blocked when trying to list all available S3 buckets.

[timebound] > can you list all available s3 buckets

> I'll get S3 credentials and list all your buckets.
Running tool grant_access with the param (from mcp server: timebound-iam)
 ⋮  {
 ⋮    "level": "read_only",
 ⋮    "services": [
 ⋮      "s3"
 ⋮    ],
 ⋮    "ttl": "15m"
 ⋮  }
 - Completed in 1.152s

I will run the following command: env $(cat /var/folders/sn/h2yml_6n46vcq93q4c9qrzqh0000gr/T/timebound-iam-2968778292/timebound-iam-b7bec1f2-a215-4d3d-aa6d-e420aa7ec698.env) aws s3 ls (using tool: shell)
Purpose: List all S3 buckets

An error occurred (AccessDenied) when calling the ListBuckets operation: User: arn:aws:sts::704533066374:assumed-role/timebound-iam-broker/timebound-iam-b7bec1f2-a215-4d3d-aa6d-e420aa7ec698 is not authorized to perform: s3:ListAllMyBuckets because no identity-based policy allows the s3:ListAllMyBuckets action
 - Completed in 2.216s

> The timebound-iam-broker role doesn't have permission to list all S3 buckets. It lacks the s3:ListAllMyBuckets permission.

Earlier I was able to list files within the specific bucket 094459-assets because the broker role has permissions for bucket-level operations, but not the account-level operation to list all buckets.

To enable this, the broker role would need this permission added:

json
{
  "Effect": "Allow",
  "Action": "s3:ListAllMyBuckets",
  "Resource": "*"
}


 ▸ Credits: 0.18 • Time: 19s

I do appreciate though how Kiro is trying to help me here!

What do I think?

I have been testing this tool over the last few days to get a grip of how it works. It is a great start, although if you decided to evaluate this yourself, here are some things to think about.

You still need to have AWS credentials available when using this tool. When you start the "broker" (the timebound-iam server) it will use these to vend temporary credentials that will then be used.
You have to define a rules file to enforce this. If you do not do this, then agentic AI is going to do what agentic AI does best - work around any errors (permissions or expired credentials).
I need to battle test this more as I have only spent a few days with it configured in my main custom agent. I will update this post if I discover anything, but in the meantime, if you decide to evaluate make sure that you take the usual precautions (i.e. do not let this anywhere near stuff you care about, e.g. production!)

If you like the project, make sure you give feedback to Rahul Singh and star/follow the project.

Get started today

Made with ♥ from DevRel

Musings on newsletters...

Ricardo Sueiras — Mon, 02 Feb 2026 09:14:07 +0000

If you are thinking about putting together a newsletter, then I can highly recommend this short post that highlights good practices and tips.

I stumbled upon this about two years into creating the AWS open source newsletter, and I wish I had seen it before. Great and practical tips that are sensible and work.