
OIDC, bastion hosts, and production safety
From North Meets South Web Podcast by Jacob Bennett and Michael Dyrynda
March 19, 2026 · 38 min · Episode 189
About this episode
Jake and Michael discuss modern infrastructure security practices, focusing on OIDC and the risks of long-lived credentials.
In this episode, Jake and Michael dive into modern infrastructure security practices, sparked by an annual audit and the painful process of rotating AWS IAM tokens. That experience leads into a broader discussion on why long-lived credentials in GitHub Actions are risky, and how OIDC (OpenID Connect) enables a more secure, short-lived, role-based alternative. Show links Scout Suite OpenID Connect (OIDC) Laravel Forge Laravel Horizon Scramble Claude LoRA (Low-Rank Adaptation)
People in this episode
Hosts: Jacob Bennett, Michael Dyrynda
Topics covered
- infrastructure security
- AWS IAM tokens
- OIDC
- GitHub Actions
- role-based access
- short-lived credentials
Keywords
- OIDC
- AWS IAM
- GitHub Actions
- infrastructure security
- short-lived credentials
- role-based access
- security practices
Mentioned in this episode
Organizations: AWS, GitHub Actions, Scout Suite, OpenID Connect (OIDC), Laravel Forge, Laravel Horizon, Scramble, Claude LoRA (Low-Rank Adaptation)
More episodes of North Meets South Web Podcast
- Fast Laravel with Jason McCreary · June 4, 2026 · 56 min
- Laracon AU CFP, developer storytelling, and audience engagement · May 21, 2026 · 47 min
- Unused APIs, Passport testing traps, and local AI bottlenecks · May 7, 2026 · 36 min
- Gents on Gent with David Hemphill · April 23, 2026 · 1h 1m
- Flight booking mistakes, Laracon AU, and dead letters · April 9, 2026 · 49 min
- Worktree structures, workflow events, and enum metadata · March 5, 2026 · 45 min
Explore listener stats, chart rankings, contacts and more on the North Meets South Web Podcast podcast page.