#Aws
118 posts
AWS in Practice #6: Cost Optimization and Dashboards — Wrapping Up the Track
Cost Explorer analysis, Savings Plans / Spot / Graviton, Right Sizing, tag enforcement and cost classification, the FinOps angle — and the wrap-up of 27 posts of AWS track converging into one system.
AWS Certified Cloud Practitioner (CLF-C02) #6 Domain 3-1 Core Services — Compute and Storage
The front half of Domain 3 (34%), the widest-surface domain on the CLF-C02 exam. We classify the compute services (EC2, Lambda, ECS, Fargate, Elastic Beanstalk, Lightsail, Batch) by the kind of workload they fit, and lay out the storage services (S3 storage classes, EBS, EFS, FSx, Storage Gateway, Snow Family) by category and use case. The volume looks large, but it collapses into workload → service mappings. #7 continues with networking and databases.
AWS in Practice #5: Monitoring — CloudWatch Alarms and X-Ray
CloudWatch Logs Insights operational queries, ECS / RDS / ALB core metrics and alarm thresholds, SNS → Slack notifications, X-Ray distributed tracing for catching slow requests in one line — turning on the operational eye.
AWS Certified Cloud Practitioner (CLF-C02) #5 Domain 2-2 Compliance — Governance, AWS Artifact, GDPR/HIPAA
The second half of Domain 2. What AWS compliance certifications (SOC, ISO, PCI DSS, HIPAA, FedRAMP, GDPR) actually mean, how to pull certification documents through AWS Artifact, where governance tools (CloudTrail, Config, Organizations SCP) and security operations tools (GuardDuty, Inspector, Macie, Security Hub) sit, and finally data encryption (at rest and in transit) together with KMS and CloudHSM. In #6 we head into Domain 3 — Compute and Storage at 34% of the exam weight.
AWS in Practice #4: IaC — Terraform Fundamentals
Why IaC, Terraform shape of provider / resource / state, team collaboration with S3 + DynamoDB backend, environment separation through modules, and the flow of code-ifying the #1–#3 infrastructure line by line.
K8s Practice #1: EKS Cluster Setup — Terraform / eksctl / IRSA / Addons
The first post in the K8s Practice series. We follow the path of building a real operational cluster rather than a toy abstraction. Defining the VPC and EKS cluster with Terraform, setting up node groups and IRSA, laying on the essential addons (VPC CNI, CoreDNS, kube-proxy, EBS CSI), and comparing eksctl as a faster setup option along the way. The starting point for the imaginary service myshop-api used throughout the 6-post series.
AWS Certified Cloud Practitioner (CLF-C02) #4 Domain 2-1 Security — Shared Responsibility Model and IAM Basics
The first half of Domain 2 (30%), the largest-weighted domain of the CLF-C02 exam. Where the responsibility line falls between AWS and the customer (and how that shifts with the service model), the four IAM essentials — users, groups, roles, and policies — and how they differ, operating principles for MFA and access keys, and a root user guide that often appears as an exam trap. The next post #5 continues with compliance certifications, AWS Artifact, and encryption.
AWS in Practice #3: CI/CD — GitHub Actions + ECR + ECS
GitHub Actions without access keys via OIDC, ECR push, automatic Task Definition updates, ECS Service rolling deployments, deployment circuit breakers and auto-rollback, and a touch of CodeDeploy blue/green — a deployment flow that ends with a single git push.
AWS Certified Cloud Practitioner (CLF-C02) #3 Domain 1-2 Cloud Design — The Six Well-Architected Pillars
The second half of CLF-C02 Domain 1. We unpack the six pillars of the AWS Well-Architected Framework — Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability — and organize the design principles and exam-scenario mappings for each. We also fix the common mistake of memorizing only five pillars and forgetting Sustainability, which was added in December 2021. From #4 onward we head into Domain 2 Security, the 30% giant.
AWS in Practice #2: RDS Integration and Migration Operations
RDS Postgres Multi-AZ inside the VPC, Security Group design, password injection through Secrets Manager, the operational side of Alembic / Django migrations, and blue/green-compatible migration patterns.
AWS Certified Cloud Practitioner (CLF-C02) #2 Domain 1-1 Cloud Concepts — Value, Economics, and the Cloud Adoption Framework
The first half of CLF-C02 Domain 1. The six value propositions of the cloud that show up in the exam, the cost-structure shift from CapEx to OpEx, the six perspectives of the AWS Cloud Adoption Framework, and how the global infrastructure (regions, AZs, edge) gets reshaped into exam questions. Series #3 continues with the second half of the same domain — the six Well-Architected pillars.
AWS in Practice #1: Deploying FastAPI/Django to ECS Fargate
Push a container image to ECR, write a Task Definition, and stand it up as an ECS Fargate Service behind an ALB — the full flow of putting a small blog API into production, in a single post.