makeyourAI.work the machine teaches the human

Week 5: Shipping Systems, Not Demos

Least Privilege, Networking, and Scan Your Surface

Production systems fail at the edges when privileges and exposure are lazy.

advanced 65 minutes Runtime Gate

Objective

Apply least privilege and basic attack-surface awareness to an AI service deployment.

The lesson is public. The pressure loop lives inside the app where submissions, revision, and review happen.

Deliverable

A local stack blueprint and deployment hardening plan.

Each lesson contributes to a week-level artifact and eventually to the shipped AI-native SaaS.

Preview

Public lesson preview.

Lesson Preview

Least Privilege, Networking, and Scan Your Surface

Production systems fail at the edges when privileges and exposure are lazy.

This lesson is about hardening the operational perimeter of an AI service: privileges, network exposure, secrets, and scanning habits.

A surprisingly large fraction of breaches and production failures come from default-open thinking. AI features do not change that rule; they often make the consequences worse.

Every credential, open route, storage bucket, and admin action is a capability. Least privilege means capabilities exist only where required, for as little time and as small a surface as possible.

What This Is

This lesson is about hardening the operational perimeter of an AI service: privileges, network exposure, secrets, and scanning habits.

Why This Matters in Production

A surprisingly large fraction of breaches and production failures come from default-open thinking. AI features do not change that rule; they often make the consequences worse.

Mental Model

Every credential, open route, storage bucket, and admin action is a capability. Least privilege means capabilities exist only where required, for as little time and as small a surface as possible.

Deep Dive

Least privilege applies to human roles, service credentials, runtime bindings, and network reachability. A public surface should not have app secrets. An admin workflow should not share learner permissions. A scanning habit matters because you need some method of discovering what is exposed before an attacker or incident does it for you.

Worked Example

A mail provider API key lives only in the app runtime. The public academy has no reason to see it. That single boundary removes one entire class of accidental leakage.

Common Failure Modes

Common failures include environment sprawl, admin endpoints hidden but not protected, and assuming the platform default is already the secure one.

References

Further reading the machine expects you to use properly.

official-doc

OWASP Secrets Management

Use this for secret-handling discipline.

Open reference

official-doc

Cloudflare Secrets

Tie least privilege to actual runtime configuration.

Open reference

official-doc

Attack Surface Management

Helpful framing for exposure review.

Open reference