#Aws

118 posts

Cost Optimization and Dashboards
11 min read

Cost Optimization and Dashboards

Cost Explorer analysis, Savings Plans / Spot / Graviton, Right Sizing, tag enforcement and cost classification, and the FinOps area. Patterns that actually cut a production system's cost, wrapping up Part 4, 'From the console to code.'

Deploying a Fullstack App on AWS — ECS Fargate Capstone
11 min read

Deploying a Fullstack App on AWS — ECS Fargate Capstone

A capstone exercise weaving all the services from Chapters 1 ~ 31 into one. It deploys modern-react's Next.js app and modern-python's FastAPI app on one account with ECS Fargate + RDS + S3 + CloudFront + ALB + Secrets Manager + Terraform, and lays out the step-by-step Terraform code, the 13-step PR flow, a minimal-cost setup at about $10/month, and a comparison with the EKS deployment in the Kubernetes book.

Deploying a static site with CloudFront
12 min read

Deploying a static site with CloudFront

AWS's global CDN, CloudFront. The flow of Origin / Behavior / Cache Policy, the S3 + CloudFront static hosting pattern, how to safely shield S3 with OAC, and the operational flow of invalidation.

Disaster Recovery & Backup — Backups · Cross-region DR · RTO/RPO
8 min read

Disaster Recovery & Backup — Backups · Cross-region DR · RTO/RPO

Designing how to bring data and services back when one AZ or one region collapses. Set RTO/RPO first, then learn to put backups in place with Terraform via RDS PITR · S3 versioning and Cross-Region Replication · AWS Backup, and round out the cross-region DR patterns Pilot Light · Warm Standby · Multi-Site with Route 53 failover.

EC2 and VPC Basics
12 min read

EC2 and VPC Basics

The cloud's oldest compute and network, EC2 and VPC. How instance types, AMIs, and EBS, plus VPC / subnets / route tables / IGW / NAT all weave into one picture — laying the first skeleton of your operational infrastructure.

EC2 Operations — security group, key pair, SSM
12 min read

EC2 Operations — security group, key pair, SSM

The everyday tools of EC2 operations. Security Group rule design, the difference from NACLs, the limits of key pairs and SSM Session Manager, IMDSv2, and how to harden an instance's skeleton with an AMI.

ECR — the Image Registry
11 min read

ECR — the Image Registry

Where you store the container images that ECS and Lambda will pull. We cover the private / public difference in Amazon ECR, IAM authentication, docker push / pull, image scanning, tag strategy, lifecycle policies, multi-architecture (linux/amd64 + arm64), VPC Endpoints, and cross-account access.

ECS and Fargate — Deploying Containers
15 min read

ECS and Fargate — Deploying Containers

Putting containers on AWS, all in one place. We cover how ECS works (vs EKS), its four building blocks — Cluster · Service · Task · Task Definition — the difference between the EC2 launch type and Fargate, the split between Execution Role and Task Role, ALB · VPC wiring, and everything from your first deployment to Auto Scaling and cost.

EventBridge / SQS / SNS
11 min read

EventBridge / SQS / SNS

AWS's messaging infrastructure, all in one place. We cover the difference between the three tools, SNS topic / SQS queue / EventBridge bus·rule, the fan-out pattern, FIFO vs Standard, DLQs and idempotency, Visibility Timeout, and how they tie into Lambda / ECS.

Getting Started with AWS — Accounts · Regions · AZs
12 min read

Getting Started with AWS — Accounts · Regions · AZs

The map you need in your head before you put anything on AWS. The rise of the cloud and AWS, accounts and the root user, Regions and Availability Zones (AZs), the difference between global and regional services, and the first setup right after sign-up.

IaC — Terraform Intro
12 min read

IaC — Terraform Intro

Why IaC, the shape of Terraform's provider / resource / state, team collaboration with an S3 + DynamoDB backend, environment separation with modules, and the flow of codifying the previous chapters' infrastructure step by step.

IAM — Users, Groups, Roles, Policies
11 min read

IAM — Users, Groups, Roles, Policies

Sort out IAM's four elements — users · groups · roles · policies — that decide who you work as on AWS, all in one go. Covers JSON policy syntax, the essence of AssumeRole, and permission-design patterns that hold up even in a small team.