#Aws

118 posts

AWS in Practice #6: Cost Optimization and Dashboards — Wrapping Up the Track
11 min read

AWS in Practice #6: Cost Optimization and Dashboards — Wrapping Up the Track

Cost Explorer analysis, Savings Plans / Spot / Graviton, Right Sizing, tag enforcement and cost classification, the FinOps angle — and the wrap-up of 27 posts of AWS track converging into one system.

AWS Certified Cloud Practitioner (CLF-C02) #6 Domain 3-1 Core Services — Compute and Storage
10 min read

AWS Certified Cloud Practitioner (CLF-C02) #6 Domain 3-1 Core Services — Compute and Storage

The front half of Domain 3 (34%), the widest-surface domain on the CLF-C02 exam. We classify the compute services (EC2, Lambda, ECS, Fargate, Elastic Beanstalk, Lightsail, Batch) by the kind of workload they fit, and lay out the storage services (S3 storage classes, EBS, EFS, FSx, Storage Gateway, Snow Family) by category and use case. The volume looks large, but it collapses into workload → service mappings. #7 continues with networking and databases.

AWS in Practice #5: Monitoring — CloudWatch Alarms and X-Ray
10 min read

AWS in Practice #5: Monitoring — CloudWatch Alarms and X-Ray

CloudWatch Logs Insights operational queries, ECS / RDS / ALB core metrics and alarm thresholds, SNS → Slack notifications, X-Ray distributed tracing for catching slow requests in one line — turning on the operational eye.

AWS Certified Cloud Practitioner (CLF-C02) #5 Domain 2-2 Compliance — Governance, AWS Artifact, GDPR/HIPAA
9 min read

AWS Certified Cloud Practitioner (CLF-C02) #5 Domain 2-2 Compliance — Governance, AWS Artifact, GDPR/HIPAA

The second half of Domain 2. What AWS compliance certifications (SOC, ISO, PCI DSS, HIPAA, FedRAMP, GDPR) actually mean, how to pull certification documents through AWS Artifact, where governance tools (CloudTrail, Config, Organizations SCP) and security operations tools (GuardDuty, Inspector, Macie, Security Hub) sit, and finally data encryption (at rest and in transit) together with KMS and CloudHSM. In #6 we head into Domain 3 — Compute and Storage at 34% of the exam weight.

AWS in Practice #4: IaC — Terraform Fundamentals
10 min read

AWS in Practice #4: IaC — Terraform Fundamentals

Why IaC, Terraform shape of provider / resource / state, team collaboration with S3 + DynamoDB backend, environment separation through modules, and the flow of code-ifying the #1–#3 infrastructure line by line.

K8s Practice #1: EKS Cluster Setup — Terraform / eksctl / IRSA / Addons
12 min read

K8s Practice #1: EKS Cluster Setup — Terraform / eksctl / IRSA / Addons

The first post in the K8s Practice series. We follow the path of building a real operational cluster rather than a toy abstraction. Defining the VPC and EKS cluster with Terraform, setting up node groups and IRSA, laying on the essential addons (VPC CNI, CoreDNS, kube-proxy, EBS CSI), and comparing eksctl as a faster setup option along the way. The starting point for the imaginary service myshop-api used throughout the 6-post series.

AWS Certified Cloud Practitioner (CLF-C02) #4 Domain 2-1 Security — Shared Responsibility Model and IAM Basics
9 min read

AWS Certified Cloud Practitioner (CLF-C02) #4 Domain 2-1 Security — Shared Responsibility Model and IAM Basics

The first half of Domain 2 (30%), the largest-weighted domain of the CLF-C02 exam. Where the responsibility line falls between AWS and the customer (and how that shifts with the service model), the four IAM essentials — users, groups, roles, and policies — and how they differ, operating principles for MFA and access keys, and a root user guide that often appears as an exam trap. The next post #5 continues with compliance certifications, AWS Artifact, and encryption.

AWS in Practice #3: CI/CD — GitHub Actions + ECR + ECS
10 min read

AWS in Practice #3: CI/CD — GitHub Actions + ECR + ECS

GitHub Actions without access keys via OIDC, ECR push, automatic Task Definition updates, ECS Service rolling deployments, deployment circuit breakers and auto-rollback, and a touch of CodeDeploy blue/green — a deployment flow that ends with a single git push.

AWS Certified Cloud Practitioner (CLF-C02) #3 Domain 1-2 Cloud Design — The Six Well-Architected Pillars
9 min read

AWS Certified Cloud Practitioner (CLF-C02) #3 Domain 1-2 Cloud Design — The Six Well-Architected Pillars

The second half of CLF-C02 Domain 1. We unpack the six pillars of the AWS Well-Architected Framework — Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability — and organize the design principles and exam-scenario mappings for each. We also fix the common mistake of memorizing only five pillars and forgetting Sustainability, which was added in December 2021. From #4 onward we head into Domain 2 Security, the 30% giant.

AWS in Practice #2: RDS Integration and Migration Operations
10 min read

AWS in Practice #2: RDS Integration and Migration Operations

RDS Postgres Multi-AZ inside the VPC, Security Group design, password injection through Secrets Manager, the operational side of Alembic / Django migrations, and blue/green-compatible migration patterns.

AWS Certified Cloud Practitioner (CLF-C02) #2 Domain 1-1 Cloud Concepts — Value, Economics, and the Cloud Adoption Framework
9 min read

AWS Certified Cloud Practitioner (CLF-C02) #2 Domain 1-1 Cloud Concepts — Value, Economics, and the Cloud Adoption Framework

The first half of CLF-C02 Domain 1. The six value propositions of the cloud that show up in the exam, the cost-structure shift from CapEx to OpEx, the six perspectives of the AWS Cloud Adoption Framework, and how the global infrastructure (regions, AZs, edge) gets reshaped into exam questions. Series #3 continues with the second half of the same domain — the six Well-Architected pillars.

AWS in Practice #1: Deploying FastAPI/Django to ECS Fargate
10 min read

AWS in Practice #1: Deploying FastAPI/Django to ECS Fargate

Push a container image to ECR, write a Task Definition, and stand it up as an ECS Fargate Service behind an ALB — the full flow of putting a small blog API into production, in a single post.