Riccardo Padovani

Hi! In this corner of web you'll find my posts about different topics in the C.S. field: I'm a Solutions Architect with a strong passion for F/OSS and bug bounties!

The inconsistencies of AWS EKS IAM permissions

aws and security

AWS EKS is a remarkable product: it manages Kubernetes for you, letting you focussing on creating and deploying applications. However, if you want to manage permissions accordingly to the shared responsibility model, you are in for some wild rides.

Read More

How to make Terraform waiting for cloud-init to finish on EC2 without SSH

aws and terraform

Terraform is a powerful tool. However, it has some limitations: since it uses AWS APIs, it doesn’t have a native way to check if an EC2 instance has completed to run cloud-init before marking it as ready. A possible workaround is asking Terraform to SSH on the instance, and wait until it is able to perform a connection before marking the instance as ready.

Read More

Adding comments to the blog


After years of blogging, I’ve finally chosen to add a comment system, including reactions, to this blog. I’ve done so to make it easier engaging with the four readers of my blabbering: of course, it took some time to choose the right comment provider, but finally, here we are!

Read More

Reading env variables from a Tauri App

tauri and javascript

“Build smaller, faster, and more secure desktop applications with a web frontend” is the promise made by Tauri. And indeed, it is a great Electron replacement. But being in its first days (the beta has just been released!) a bit of documentation is still missing, and on the internet there aren’t many examples on how to write code.

Read More

Integrating JetBrains Qodana with GitLab pipelines


JetBrains Qodana is a new product, still in early access, that brings the “Smarts” of JetBrains IDEs into your CI pipeline, and it can be easily integrated in GitLab.

Read More

Fail a Gitlab pipeline when code coverage decreases


Automatic and continuous testing is a fundamental part of today’s development cycle. Given a Gitlab pipeline that runs for each commit, we should enforce not only all tests are passing, but also that a sufficient number of them are present.

Read More

Create a PyTorch Docker image ready for production

docker and pytorch

Given a PyTorch model, how should we put it in a Docker image, with all the related dependencies, ready to be deployed?

Read More

Introducing Daintree.app: an opensource alternative implementation of the AWS console.

aws and daintree.app

Daintree.app is a website to manage some of your AWS resources: since this is an early preview, at the moment, it supports a subset of Networking, EC2, SQS, and SNS

Read More

Leveraging AWS Lambda to notify users about their old access keys


I love to spend time trying to automatize out boring part of my job. One of these boring side is remembering people to rotate AWS Access Keys, as suggested also by AWS in their best practices.

Read More

My year on HackerOne


Last year, totally by chance, I found a security issue over Facebook - I reported it, and it was fixed quite fast. In 2018, I also found a security issue over Gitlab, so I signed up to HackerOne, and reported it as well. That first experience with Gitlab was far from ideal, but after that first report I’ve started reporting more, and Gitlab has improved its program a lot.

Read More