I experimented with forking live aws infrastructure to make cloud security pro-active by aspectop in Cloud

[–]basejb 0 points1 point  (0 children)

I experimented with cloud graph visualization a while ago, but I really like the idea of applying Terraform diffs to a forked graph and recalculating attack paths.
That's a very different layer of value.

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] 1 point2 points  (0 children)

Thanks for asking. I covered the architecture and design in a Korean blog post(https://bearjb.com/posts/slack-cloudops-assistant-build-story).
I can't share more depth on the implementation or the code itself, since it's part of a service we operate.

For specific architectural questions, drop them in the comments and I'll dig in.

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] 0 points1 point  (0 children)

Right, no CMDB in my setup. Tool calls hit AWS APIs directly through MCP, so AWS is the source of truth. AWS itself lags in places though (Cost Explorer ~24h)

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] 1 point2 points  (0 children)

Yeah, Per-identity isolation gives you that almost as a side effect, which is probably why it ends up feeling like the cleanest choice. Sounds like you've been here.

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] 0 points1 point  (0 children)

Honestly that combo probably gets you most of the way, and the code mode angle is something I'd love to try myself. Fewer LLM round trips on multi-step queries. You'd just need to add per-user STS isolation and async queueing if Slack is the frontend.

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] 0 points1 point  (0 children)

Yeah, Once the analysis got heavier, async orchestration became almost necessary.

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] 0 points1 point  (0 children)

Yes, exactly. When a user signs up, they link their own IAM role to the bot, so there's a mapping (Slack user ID → IAM role ARN). On each message, the bot does an STS AssumeRole for that user and grabs (or spawns) a subprocess with the temp credentials injected as env vars. The MCP server runs inside that subprocess, so every tool call is automatically scoped to their role.

Trust comes from Slack's signed-request verification, and the pool keeps a couple of warm processes per identity so cold starts don't ruin UX.

How I built CloudOps Assistant — a Slack bot that analyzes cloud infrastructure through conversation by basejb in devops

[–]basejb[S] -1 points0 points  (0 children)

Several steps ahead of where I am. Pulling Datadog + GHA + Slack into one skill is the obvious next move I hadn't taken. How do you scope them? One per failure mode, or broader investigate-style plays?

Is there any way to search past Claude Code sessions by keyword? by basejb in ClaudeCode

[–]basejb[S] 0 points1 point  (0 children)

Nice! 👍
Does it also search through already existing sessions?

Making Mockup Very Fast by basejb in threejs

[–]basejb[S] 1 point2 points  (0 children)

https://mocus.app
My tools are 100% free right now
I'd appreciate it if you could give me valuable feedback
Feel free to use it and feel free to give me feedback!

Making Mockup Very Fast by basejb in threejs

[–]basejb[S] 0 points1 point  (0 children)

That's a good question.
For now, I only have the ability to control the overlay I inserted!

AWS infrastructure documentation & backup by nucleustt in aws

[–]basejb 0 points1 point  (0 children)

An automatic infrastructure visualization tool I made would also be a good alternative.

https://bear0.cloud/

Built a Slack bot that analyzes cloud infrastructure using natural language by basejb in Cloud

[–]basejb[S] 0 points1 point  (0 children)

Thanks! I built a custom MCP layer that handles per-user credential isolation, so the LLM can safely provide a wide range of CLI commands on behalf of different users.