One of the biggest pain points with managing macOS devices at scale has always been application packaging and deployment workflows.
That’s why I’m pretty excited to see where Omnissa is going with the new macOS App Management capabilities in Workspace ONE UEM.
For anyone who has spent time managing Macs in enterprise environments, you already know the struggle:
PKGs
DMGs
Custom scripts
Version control
Manual wrapping
Dependency headaches
User prompts
Constant app update maintenance
A lot of macOS management has historically required extra tooling, extra scripting, or extra operational overhead compared to what admins wanted.
This update feels like a major step toward simplifying that experience.
What stood out to me most is the ability to streamline macOS app onboarding and lifecycle management directly within Workspace ONE UEM instead of relying on a bunch of disconnected processes.
That matters because IT teams are being asked to support more Apple devices than ever before — without growing headcount at the same pace.
Anything that helps reduce:
packaging complexity
deployment time
testing overhead
ongoing maintenance
app update management
…is a huge operational win.
I’m also excited because this continues to push Workspace ONE further into modern endpoint management instead of traditional “MDM-only” thinking.
The future of endpoint management is:
automation
simplified workflows
unified visibility
faster deployment cycles
reduced operational friction
And honestly, this is the type of quality-of-life improvement admins actually care about day-to-day.
Looking forward to testing this more in real-world environments.
Original Omnissa article: https://community.omnissa.com/technical-blog/managing-macos-apps-just-got-easier-in-workspace-one-uem-app-management-for-macos-devices-r199/
Run your own autonomous AI assistant in the cloud in under 30 minutes.
Introduction
AI agents are rapidly evolving from simple chatbots into systems capable of performing real tasks such as managing workflows, executing commands, and integrating with external tools. One of the most exciting open-source projects in this space is OpenClaw, a self-hosted AI assistant designed to run automation workflows using large language models.
Instead of running OpenClaw directly on your personal machine, many developers prefer deploying it on a cloud server. This approach provides better security, reliability, and uptime.
In this guide, we’ll walk through how to deploy OpenClaw using Amazon Lightsail, a simplified cloud platform from AWS that allows you to launch and manage virtual servers quickly.
By the end of this tutorial you will have:
A running cloud server
OpenClaw installed and running
A web interface you can access from anywhere
What Is OpenClaw?
OpenClaw is an open-source AI assistant framework that connects to large language models and executes tasks on your behalf. It can integrate with messaging platforms, external APIs, and automation tools.
Unlike traditional chatbots, OpenClaw is designed to act as a task-executing AI agent.
Key capabilities
Integrates with AI models such as OpenAI, Claude, or Gemini
Executes commands and automation workflows
Connects with services like Slack, Telegram, or Discord
Runs locally or in your own cloud infrastructure
Because the AI agent may execute commands or access external systems, running it in a dedicated cloud environment is often the safest option.
Why Use AWS Lightsail?
AWS Lightsail is a simplified cloud computing service that provides virtual servers, networking, storage, and monitoring in one interface.
It’s designed to make cloud hosting much easier than traditional AWS services like EC2.
Benefits of Lightsail
Simple server deployment
Fixed monthly pricing
Built-in browser SSH access
Easy scaling and snapshots
Ideal for small apps and AI tools
Lightsail can launch a server in minutes and is perfect for hosting self-hosted tools like OpenClaw.
Prerequisites
Before starting this tutorial, make sure you have:
An AWS account
Access to the AWS Management Console
Basic knowledge of Linux commands
AWS recommends creating an administrative user and enabling multi-factor authentication rather than using the root account for daily operations.
Step 1 — Create an AWS Lightsail Instance
Log in to the AWS Console
Search for Lightsail
Click Create Instance
Recommended settings
Platform: Linux / Unix
Blueprint: Ubuntu 22.04
Instance plan:
Plan
CPU
RAM
Recommended
$5
1 vCPU
512MB
Testing
$10
1 vCPU
1GB
Better
$20
2 vCPU
2GB
Production
Choose a region close to you to minimize latency.
Then click Create Instance.
Screenshot – Create Lightsail Instance
Within a few minutes your server will be available.
Step 2 — Connect to Your Server
Lightsail provides a built-in browser terminal, meaning you don’t need to install an SSH client.
To connect:
Open your instance in Lightsail
Click Connect
Launch the Browser-based SSH terminal
Screenshot – Lightsail SSH Terminal
You can now run Linux commands directly from your browser.
Docker allows OpenClaw to run in containers, making installation easier and safer.
Step 4 — Install OpenClaw
Clone the OpenClaw repository:
git clone https://github.com/openclaw-ai/openclaw.git
cd openclaw
Start the OpenClaw services:
docker compose up -d
Docker will automatically download and configure the necessary containers.
Step 5 — Access the OpenClaw Dashboard
Once running, OpenClaw provides a web interface.
Open a browser and go to:
http://YOUR_SERVER_IP:18789
Replace YOUR_SERVER_IP with your Lightsail public IP.
From this interface you can:
Configure AI models
Install automation skills
Connect messaging platforms
Run workflows and commands
Screenshot – OpenClaw Dashboard
Security Best Practices
Because OpenClaw can run commands and access external systems, security is critical.
Recommended protections:
Enable HTTPS with a reverse proxy
Restrict open ports in Lightsail firewall
Store API keys in environment variables
Keep containers updated
Treat the OpenClaw server like any production workload.
Monitoring and Backups
AWS Lightsail includes tools to monitor and protect your server.
Built-in features
CPU and network monitoring
Snapshots for backups
Additional storage disks
Instance resizing
Snapshots allow you to restore your entire environment if something goes wrong.
Final Thoughts
Deploying OpenClaw on AWS Lightsail provides a powerful yet simple way to run AI agents in the cloud.
In just a few steps you can:
Launch a cloud server
Install OpenClaw
Connect AI models and services
Run autonomous workflows 24/7
As AI agents become more capable, self-hosted platforms like OpenClaw offer developers full control over automation and data while leveraging the scalability of the cloud.
On February 18, 2026, AWS announced an important update to AWS Certificate Manager (ACM) that aligns public TLS certificate lifetimes with new industry-wide security standards.
This change reflects a broader shift across the web toward shorter-lived certificates, stronger automation, and reduced exposure to key compromise.
🔐 What Changed?
AWS Certificate Manager now issues public certificates with a maximum validity of 198 days, replacing the previous 395-day validity period.
This update ensures compliance with the CA/Browser Forum mandate requiring certificate lifetimes to be no longer than 200 days starting March 15, 2026.
Key Highlights
New certificates: Automatically issued with a 198-day validity by default.
Existing certificates: Continue to work until they expire or renew—no manual changes required.
Renewals: ACM automatically renews certificates 45 days before expiration under the new model.
Legacy 395/398-day certs: Renew normally, then switch to the 198-day lifecycle.
➡️ In short: No action is required from customers—ACM handles the transition seamlessly.
📉 Pricing Adjusted to Match Shorter Lifetimes
Because certificates now live for roughly half as long, AWS reduced pricing for exportable public certificates:
Certificate Type
Old Price
New Price
FQDN Certificate
$15
$7
Wildcard Certificate
$149
$79
These lower prices reflect the reduced validity window while keeping automated lifecycle management intact.
🛡️ Why the Industry Is Moving to Shorter Certificate Lifetimes
Although this update is operationally small, it represents a significant evolution in TLS security philosophy.
1. Reduced Risk Window
If a private key is compromised, a shorter certificate lifetime limits how long attackers can exploit it.
2. Encouragement of Automation
Modern PKI assumes automated issuance and rotation rather than manual certificate management—something ACM already abstracts away.
3. Alignment With Zero-Trust Principles
Frequent credential rotation is a core tenet of Zero Trust architectures, making short-lived certificates a natural fit.
4. Standardization Across Browsers and CAs
The CA/Browser Forum mandate is an ecosystem-wide move—not AWS-specific—ensuring consistent security baselines across providers.
⚙️ What This Means for AWS Customers
If You Already Use ACM (Most Users)
You’ll likely notice no operational difference:
Certificates still auto-renew.
Integrations with services like ALB, CloudFront, and API Gateway remain unchanged.
Deployment workflows do not need modification.
If You Export Certificates
Plan for:
More frequent renewal cycles.
Updated cost modeling (now cheaper per certificate).
Ensuring downstream systems expect shorter validity periods.
If You Manage Certificates Manually Elsewhere
This announcement is a signal to accelerate automation—manual rotation every ~6 months is not sustainable.
📊 Operational Impact Snapshot
Area
Before
After
Default Validity
395 days
198 days
Renewal Timing
~60 days prior (legacy)
45 days prior
Compliance
Pre-mandate
CA/B Forum aligned
Customer Action Needed
Sometimes
None
Exportable Cert Cost
Higher
Reduced
🚀 Strategic Takeaway
This change isn’t just a technical adjustment—it’s part of a broader movement toward ephemeral trust models in cloud security.
Organizations that:
Automate certificate lifecycle management
Treat credentials as short-lived assets
Integrate renewal into CI/CD and infrastructure pipelines
…will be best positioned for the next wave of PKI modernization.
✍️ Final Thoughts
AWS Certificate Manager’s shift to 198-day certificates demonstrates how cloud platforms are quietly enforcing stronger security hygiene across the internet. With automation handling the heavy lifting, customers gain improved security posture without additional operational burden.
I’m incredibly grateful to share that I’ve been selected once again as part of the 2026 Omnissa Tech Insiders —my second year in this inspiring community.
This year’s cohort brings together an exceptional group of professionals with deep experience across AI, cloud, security, developer tools, and beyond. The diversity of perspectives, real-world impact, and accomplishments across the group truly impressed me.
Being part of this community has been both energizing and humbling—learning from peers, exchanging ideas, and contributing to conversations that are shaping the future of technology. I’m proud to stand alongside such talented individuals and excited about what lies ahead.
A huge thank you to the Omnissa team and to everyone in this cohort. Congratulations to all the 2026 Tech Insiders—I’m looking forward to another great year of collaboration and growth.
Amazon Polly makes it easy to convert text into natural-sounding speech using AI-powered voices. Whether you prefer clicking through a web interface or automating everything on a Linux server, Polly has you covered.
In this guide, we’ll:
Launch an Amazon Linux EC2 instance
Use Amazon Polly from the AWS Console (GUI)
Generate speech using the AWS CLI
Create audio files programmatically with Python
What Is Amazon Polly?
Amazon Polly is a managed text-to-speech service that:
Converts text into lifelike speech
Supports multiple languages and neural voices
Outputs MP3, OGG, and PCM audio formats
Requires no infrastructure management
Prerequisites
You’ll need:
An AWS account
An EC2 key pair
Basic Linux knowledge
An IAM user or role with Polly permissions
Step 1: Launch an Amazon Linux EC2 Instance
Go to AWS EC2 Console
Click Launch Instance
Choose Amazon Linux 2
Select t2.micro or t3.micro
Allow SSH (port 22) in the security group
Launch the instance
Copy the public IP address once the instance is running.
Step 2: Connect to the EC2 Instance
ssh -i your-key.pem ec2-user@<EC2_PUBLIC_IP>
You are now logged into your Amazon Linux server.
Step 3: Using Amazon Polly via the AWS Console (GUI)
Before touching the command line, let’s explore Polly using the AWS Management Console — this is the fastest way to experiment.
Accessing the Polly Console
Log in to the AWS Management Console
Search for Polly
Click Amazon Polly
Open the Text-to-Speech page
No EC2 instance is required for this step.
Generating Speech in the GUI
In the Text-to-Speech editor:
Enter your text:
Welcome to Amazon Polly. This audio was created using the AWS Console.
Choose a voice (e.g., Joanna, Matthew)
Select Engine:
Standard
Neural (more natural, recommended)
Choose Language
Click Listen ▶️
You’ll hear the generated speech instantly.
Downloading the Audio File
Select Output format (MP3 or OGG)
Click Download
Save the file locally
This is perfect for:
Testing voices
Demos and presentations
Content creation workflows
Using SSML in the GUI (Optional)
Enable SSML to control speech:
<speak>
Welcome to <emphasis level="strong">Amazon Polly</emphasis>.
<break time="1s"/>
This is an example using SSML.
</speak>
SSML allows:
Pauses
Emphasis
Speaking rate control
Pronunciation tuning
Step 4: Configure AWS Credentials on Linux
Recommended: IAM Role
Attach an IAM role to the EC2 instance with:
AmazonPollyFullAccess
No credentials required on the server.
Alternative: AWS CLI Credentials
aws configure
Enter:
Access key
Secret key
Region (e.g., us-east-1)
Step 5: Using Amazon Polly from the AWS CLI
Generate speech directly from Linux:
aws polly synthesize-speech \
--voice-id Joanna \
--output-format mp3 \
--text "This audio was generated from the AWS CLI" \
cli-output.mp3
import boto3
polly = boto3.client("polly")
response = polly.synthesize_speech(
Text="Hello from Amazon Polly using Python on Amazon Linux",
OutputFormat="mp3",
VoiceId="Matthew"
)
with open("python-output.mp3", "wb") as file:
file.write(response["AudioStream"].read())
print("Audio file created: python-output.mp3")
Run it:
python3 polly_tts.py
mpg123 python-output.mp3
Comparing GUI vs CLI vs Code
Method
Best For
AWS Console (GUI)
Voice testing, demos, learning
AWS CLI
Automation, scripting
Python / SDK
Application integration
Security Best Practices
Prefer IAM roles over access keys
Use least-privilege IAM policies
Monitor usage with CloudWatch
Avoid committing credentials to Git
Conclusion
Amazon Polly is flexible enough for beginners and powerful enough for production systems. Whether you use the AWS Console GUI, CLI, or Python SDK, Polly lets you bring natural-sounding speech to your applications quickly and securely.
Once you’re comfortable, you can combine Polly with:
S3 for audio storage
Lambda for serverless processing
Transcribe for full speech workflows
Happy building—and enjoy giving your apps a voice 🔊🚀
Running containers in the cloud doesn’t have to be complicated. In this guide, we’ll walk through creating an AWS EC2 Linux instance, installing Docker, and setting up Portainer to manage containers visually and effortlessly.
By the end, you’ll have a lightweight, production-ready Docker host you can control from your browser.
Prerequisites
Before we begin, make sure you have:
An AWS account
Basic familiarity with Linux and SSH
An EC2 key pair for secure access
A local machine with SSH installed
Step 1: Launch an AWS EC2 Linux Instance
Log in to the AWS Management Console
Navigate to EC2 → Launch Instance
Choose an AMI:
Select Amazon Linux 2 (recommended for stability and AWS compatibility)
Choose an instance type:
t2.micro or t3.micro (free tier eligible)
Configure key settings:
Attach your key pair
Allow SSH (port 22) in the security group
Add port 9000 (Portainer UI) and port 80 if you plan to run web apps
Launch the instance 🚀
Once running, copy the public IPv4 address.
Step 2: Connect to the EC2 Instance
From your local terminal:
ssh -i your-key.pem ec2-user@<EC2_PUBLIC_IP>
If successful, you’ll be logged into your Amazon Linux server.
You now have full visual control over your Docker host 🎯
What You Can Do with Portainer
With Portainer, you can:
Deploy containers using forms or Docker Compose
Monitor container health and logs
Manage volumes, networks, and images
Stop, start, or scale services
Secure access with user roles
It’s perfect for:
Small production workloads
Learning Docker visually
Managing remote servers with ease
Security Best Practices
Before using this in production, consider:
Restricting port 9000 to your IP only
Enabling HTTPS with a reverse proxy
Using IAM roles instead of access keys
Regularly updating Docker and the OS
Conclusion
By combining AWS EC2, Amazon Linux, Docker, and Portainer, you get a powerful yet simple container platform that scales with your needs. Whether you’re deploying side projects or learning container orchestration, this setup is an excellent foundation.
Joseph Klimczak 
You must be logged in to post a comment.