Platform Engineering Monthly — March 2026
Welcome to the twenty-eighth edition of Platform Engineering Monthly. This month has been a big one I spoke at Platform Engineering Day at KubeCon EU in Amsterdam, and I’ll have more reflections on that in the coming weeks. As always, if you have suggestions or ideas for the next edition, let me know!
📰 News
Stop Enabling Every AWS Security Service
A sensible general approach to cloud security: step one is to assess your actual risk, rather than just turning everything on. Worth a read if you’re trying to bring some rationality to your AWS security posture.
A One-Line Kubernetes Fix That Saved 600 Hours a Year
Kubernetes default settings are fairly sensible when you’re starting out, but this article is a good reminder that it’s worth reviewing them as your usage matures and grows.
AWS Data Centre Incident in UAE Triggers Disaster Recovery
The usual “wait for AWS to fix it” approach didn’t hold up when an object struck data centres in the UAE. Good old disaster recovery playbooks had to be dusted off, a timely reminder that cloud resilience still requires your own planning.
TeamPCP Trivy Supply Chain Attack
Trivy, the widely used dependency vulnerability scanner, suffered yet another supply chain attack compromising its users. This article is a solid breakdown of what happened. Frankly, GitHub Actions and CI/CD tooling in general are in a poor security state right now, it feels like the market is ripe for disruption.
Cloud Native Agentic Standards
Practical CNCF guidance on building cloud native agentic systems. If you’re starting to bring AI agents into your platform work, this is a useful reference for thinking about it in a principled way.
GitHub Copilot Data Privacy: Opt Out Before April 24th
GitHub is going to start using your Copilot interactions code snippets, chat conversations, acceptance decisions to train its AI models from April 24th. This article walks through the details and the steps to opt out if you’d rather keep your code private.
📚 Learning
Making etcd Incidents Easier to Debug in Production Kubernetes
A useful guide using etcd-diagnosis to speed up the resolution of etcd incidents. If you run production Kubernetes clusters, having this in your back pocket is worthwhile.
Securing Production Debugging in Kubernetes
Production debugging is always a security risk — you want to move fast in a sensitive environment. This is a solid guide on how to lock things down on Kubernetes without sacrificing your ability to diagnose problems.
Understanding Kubernetes Metrics: Best Practices for Effective Monitoring
A practical guide to the baseline metrics you can get out of the box with Kubernetes. Good grounding material for anyone building out observability for their clusters.
🧪 Interesting Projects
Generate slick-looking architecture diagrams directly from your Terraform. A handy tool for making infrastructure legible to the wider team.
An open-source cybersecurity management tool that supports an impressive range of compliance frameworks. Worth exploring if you’re trying to get serious about GRC without a huge budget.
A Docker secret scanner that checks across all image layers — not just the top-level ones. Given the number of supply chain incidents lately, this kind of tool deserves a place in your pipeline.
A leak scanner produced by Aikido Security. Another useful addition to the security toolbox as the pressure on secret’s management continues to grow.
Localstack sunset their community edition this month, and floci looks to be the emerging open-source alternative for emulating AWS locally. One to watch if you rely on local AWS emulation in your development workflow.
📅 Events
DX Annual 2026
San Francisco - 16th April 2026
DX is hosting a conference focused on platform engineering leaders and developer experience. A more intimate and practitioner-focused event worth keeping an eye on.
DevOpsCon Amsterdam 2026
Amsterdam - 20th–24th April 2026
A well-regarded conference covering DevOps, Kubernetes, CI/CD, and platform engineering. It also includes a dedicated Platform Engineering Summit track, which is worth picking out if you’re attending.
KubeCon + CloudNativeCon India 2026
India - 18th–19th June 2026
A growing edition of the KubeCon family reflecting the expanding cloud native community in the region.
DevOpsCon Berlin 2026
Berlin - 15th–19th June 2026 (also online)
A comprehensive programme covering CI/CD, Kubernetes, platform engineering, and DevSecOps. One of the more substantial European events for the DevOps and platform engineering community.
PlatformCon 2026
Online + London (23rd June) + New York (25th June) - 22nd–26th June 2026
The world’s largest platform engineering conference, with 150+ talks, 30+ hours of workshops, and in-person live days in both London and New York. I’m happy to share that I’ve had a talk accepted this year, so I’ll be speaking at PlatformCon 2026, more details to follow. An excellent signal for where platform engineering thinking is heading, and the London live day is particularly worth considering if you’re UK-based.
Have platform engineering tips to share? Reply to this email or connect with me on LinkedIn.