OIDC, bastion hosts, and production safety

OIDC, bastion hosts, and production safety

From North Meets South Web Podcast by Jacob Bennett and Michael Dyrynda

March 19, 2026 · 38 min · Episode 189

About this episode

Jake and Michael discuss modern infrastructure security practices, focusing on OIDC and the risks of long-lived credentials.

In this episode, Jake and Michael dive into modern infrastructure security practices, sparked by an annual audit and the painful process of rotating AWS IAM tokens. That experience leads into a broader discussion on why long-lived credentials in GitHub Actions are risky, and how OIDC (OpenID Connect) enables a more secure, short-lived, role-based alternative. Show links Scout Suite OpenID Connect (OIDC) Laravel Forge Laravel Horizon Scramble Claude LoRA (Low-Rank Adaptation)

People in this episode

Hosts: Jacob Bennett, Michael Dyrynda

Topics covered

  • infrastructure security
  • AWS IAM tokens
  • OIDC
  • GitHub Actions
  • role-based access
  • short-lived credentials

Keywords

  • OIDC
  • AWS IAM
  • GitHub Actions
  • infrastructure security
  • short-lived credentials
  • role-based access
  • security practices

Mentioned in this episode

Organizations: AWS, GitHub Actions, Scout Suite, OpenID Connect (OIDC), Laravel Forge, Laravel Horizon, Scramble, Claude LoRA (Low-Rank Adaptation)

More episodes of North Meets South Web Podcast

Explore listener stats, chart rankings, contacts and more on the North Meets South Web Podcast podcast page.