Ouiam Ait taleb’s Post

Excited to share CloudNotes — my latest full-stack serverless project on AWS! As I deepen my journey into Cloud Engineering and DevOps, I aimed to create something genuinely production-ready — not just a tutorial clone. The Architecture: - React + TypeScript SPA - CloudFront CDN - API Gateway - Lambda (Node.js) - DynamoDB Engineering Challenges I Solved: - OOM build crash on t2.micro — fixed with Linux Swap and NODE_OPTIONS heap tuning - CORS preflight failures — resolved in API Gateway and Lambda response headers - SPA 403 on refresh — addressed with CloudFront Custom Error Response rules Every problem reinforced one key insight: Cloud Engineering is about understanding how data flows securely and reliably between services. GitHub: [https://lnkd.in/gDFSvH5e] #AWS #CloudEngineering #DevOps #Serverless #React #TypeScript #Lambda #DynamoDB #LearningJourney

Platform engineering is genuinely one of the most interesting spaces in tech right now and I decided to stop just reading about it and actually build something. So I am building a production grade internal developer platform on AWS from scratch and documenting the whole journey publicly. Not a tutorial follow along. A real platform with real problems. And honestly the problems have been the best part. In just the first two phases I hit things like OIDC trust policies breaking every time I recreated the cluster, a missing EBS CSI driver keeping Prometheus stuck in Pending for an hour, and EC2 launch restrictions on a new AWS account that took a paid support plan to fix. None of that is in any tutorial. All of it is in the README. Here is where I am at: Phase 1: EKS + Terraform + IRSA + ALB Ingress - Done Phase 2: Prometheus + Grafana + AlertManager - Done Phase 3: GitOps with ArgoCD (coming soon) Phase 4: Reusable Terraform modules (coming soon) Stay tuned, more posts coming for each phase breaking down the architecture, the decisions, and the problems. If you are building something similar or have been down this road I would love to hear how you approached it. Repo: https://lnkd.in/e53BRp-6 #AWS #EKS #PlatformEngineering #Terraform #DevOps #Kubernetes

Just shipped a one-click destroy-all workflow for my AWS infrastructure repo — because what used to be a full SaaS (Roxas) is now just a Claude Code skill. The pivot: I spent months building out a proper AWS stack — ECS services, RDS Postgres, per-PR ephemeral environments, the works. It was real. It worked. And then I started building Claude Code skills (/promote-newsletter, /promote-github, /crosspost-newsletter) and realized the user interface I actually wanted was a slash command that runs on the user's own machine, not a hosted SaaS. So Roxas the product becomes a skill. The AWS infra becomes a cost I no longer need to pay. 4 PRs landed today to make the teardown clean: • Full AWS teardown via a single GitHub Actions workflow • Scoped to dev and prod environments — no accidental staging nuke • Auto-disables RDS deletion_protection before destroy (otherwise Terraform errors and you start over) • Tolerates per-PR orphan resources that get left behind when shared-tier stacks are destroyed first Infrastructure that's easy to destroy is infrastructure that's easy to iterate on. And sometimes "iterating" means recognizing the better shape is a 200-line skill, not a 5,000-line Terraform repo. https://lnkd.in/gW9WFKHP

Just shipped a one-click destroy-all workflow for my AWS infrastructure repo — because what used to be a full SaaS (Roxas) is now just a Claude Code skill. The pivot: I spent months building out a proper AWS stack — ECS services, RDS Postgres, per-PR ephemeral environments, the works. It was real. It worked. And then I started building Claude Code skills (/promote-newsletter, /promote-github, /crosspost-newsletter) and realized the user interface I actually wanted was a slash command that runs on the user's own machine, not a hosted SaaS. So Roxas the product becomes a skill. The AWS infra becomes a cost I no longer need to pay. 4 PRs landed today to make the teardown clean: • Full AWS teardown via a single GitHub Actions workflow • Scoped to dev and prod environments — no accidental staging nuke • Auto-disables RDS deletion_protection before destroy (otherwise Terraform errors and you start over) • Tolerates per-PR orphan resources that get left behind when shared-tier stacks are destroyed first Infrastructure that's easy to destroy is infrastructure that's easy to iterate on. And sometimes "iterating" means recognizing the better shape is a 200-line skill, not a 5,000-line Terraform repo. https://lnkd.in/ggHi939V

🚀 𝐏𝐑𝐎𝐉𝐄𝐂𝐓 𝐌𝐈𝐋𝐄𝐒𝐓𝐎𝐍𝐄: 𝐂𝐥𝐨𝐮𝐝𝐃𝐞𝐜𝐤 I designed and deployed a fully serverless portfolio website on AWS—not from a tutorial, but architected from scratch using production-grade practices (and leveraging Claude to help accelerate my IaC development). 🌐 Live Demo: https://lnkd.in/gSWgvqrc 💻 Source Code: https://lnkd.in/gcxeEyR2 🧰 Tech Stack: • Amazon S3 & CloudFront — static hosting with HTTPS and edge caching • AWS Lambda — serverless backend for visitor counter  • API Gateway — REST API layer for Lambda integration • DynamoDB —NoSQL for visitor tracking • Terraform — IaC (15+ resources) • GitHub Actions — 4-stage CI/CD pipeline • Checkov — security scanning on every push • Cost Explorer API — real-time cost dashboard 𝐖𝐡𝐚𝐭 𝐭𝐡𝐢𝐬 𝐩𝐫𝐨𝐣𝐞𝐜𝐭 𝐫𝐞𝐚𝐥𝐥𝐲 𝐭𝐚𝐮𝐠𝐡𝐭 𝐦𝐞: This project wasn't just about deploying a website — it was about understanding how AWS services connect end-to-end: from S3 origins to CloudFront distributions, from API Gateway routes to Lambda integrations, from IAM policies to DynamoDB access patterns. Debugging Terraform state issues and Lambda permission errors taught me more than any tutorial ever could. CloudWatch logs became my best friend when tracing API Gateway → Lambda → DynamoDB call chains. 🧠 Key takeaways: • Designing serverless architecture from scratch  • Writing Terraform for real multi-service infrastructure  • Building CI/CD pipelines with security scanning (Checkov) • Understanding IAM least-privilege policies  • Debugging cross-service integrations with CloudWatch • Keeping AWS costs at $0.00 with free tier optimization 📌 This is Project 1 of 4 in my Cloud/DevOps portfolio Next up: a self-healing 3-tier infrastructure with auto-recovery. Would appreciate any feedback! 🚀 #AWS #Terraform #DevOps #CloudEngineering #GitHubActions #Serverless #Lambda #DynamoDB #CloudFront #S3 #LookingForCloudIntern

Built an end-to-end EC2 Governance Engine on AWS using Python, Terraform, Lambda, EventBridge, SNS, Slack, and S3. This project scans EC2 instances across all states, applies governance rules, snapshots stopped instances, optionally terminates approved ones, generates CSV reports, stores them in S3, and sends notifications by email and Slack. What I liked most about this build was combining infrastructure automation with real operational governance, not just deployment. It was a great hands-on way to work with Lambda packaging, Terraform workflows, reporting, notifications, and cloud cost/control practices. Tech used: AWS Lambda EC2 EBS EventBridge SNS S3 Terraform Python GitHub Actions Slack API Always growing through building real-world cloud projects. Github Link : https://lnkd.in/grx7mGHQ #AWS #Terraform #Python #DevOps #CloudComputing #Lambda #InfrastructureAsCode #GitHubActions #EC2 #CloudEngineering

Showcasing my DevOps portfolio — Project 2   End-to-end LKE cluster deployment on Linode using Terraform.   Back in 2022, I was brought in to deploy a full Kubernetes stack on Linode — not AWS, not GCP. Same IaC principles, different provider, and a real lesson in how Terraform provider initialization actually works. All projects in this series are real client work. Each post covers a real problem, a real solution, and the architecture behind it.   Here's what I delivered:   → Configured Linode + Kubernetes Terraform providers → Provisioned LKE cluster with dynamic node pools via Terraform → Deployed Apache (3 replicas) + MongoDB (3 replicas) entirely through Terraform → MongoDB credentials stored in Kubernetes Secrets — never hardcoded → HPA configured using an External latency metric — scales Apache pods 1 to 10 → ConfigMap for MongoDB connection URL used by other deployments   PS. Provision the cluster first, export the kubeconfig, then deploy everything else. 🚀   FYI - I have started creating content on instagram related to DevOps, Cloud & Information Security. Github: https://lnkd.in/dQjpr_dM (follow :P) Instagram: https://lnkd.in/d7kKjhhy   #DevOps #Kubernetes #Terraform #Linode #IaC #CloudEngineering #CKA #Portfolio #engineering #Github #apache #mongodb #software #Cloud #Cluster #PaaS

Alhamdulillah, my first AWS project is now live. I built a fully serverless form application from scratch, utilizing the following components: - S3 to host the frontend - API Gateway to handle requests - Lambda (Python) to process form data - DynamoDB to store every submission This setup means no servers and no maintenance, just the cloud. Honestly, I felt stuck on tutorials for weeks, thinking I wasn't making progress. However, building this project helped clarify many concepts that hours of watching videos couldn't. The most time-consuming part? Getting CORS configured correctly between API Gateway and Lambda. It may seem straightforward on paper, but it can be quite frustrating in practice. You can find the full project along with the architecture diagram on GitHub → https://lnkd.in/d43yGeny #AWS #DevOps #CloudComputing #Serverless #LearningInPublic

🤔 𝗪𝗵𝘆 𝗮𝗿𝗲 𝗧𝗲𝗿𝗿𝗮𝗳𝗼𝗿𝗺 𝗽𝗿𝗼𝘃𝗶𝗱𝗲𝗿𝘀 𝗲𝘃𝗲𝗻 𝗿𝗲𝗾𝘂𝗶𝗿𝗲𝗱? Think of Terraform like a universal remote 📺 But without batteries… it’s useless. 👉 Providers are those batteries. They allow Terraform to: Talk to cloud platforms ☁️ Create resources (VMs, Storage, Networks) Manage infrastructure APIs Without providers ❌ 👉 Terraform doesn’t know WHERE or HOW to create anything   ⚠️ 𝗪𝗵𝗮𝘁 𝗵𝗮𝗽𝗽𝗲𝗻𝘀 𝗶𝗳 𝘆𝗼𝘂 𝗱𝗼𝗻’𝘁 𝗱𝗲𝗳𝗶𝗻𝗲 𝗽𝗿𝗼𝘃𝗶𝗱𝗲𝗿𝘀? 🚫 No cloud connection 🚫 No resource creation 🚫 terraform init fails 🚫 terraform apply becomes meaningless 👉 Terraform becomes just a configuration file reader 📄   🔗 𝗣𝗿𝗼𝘃𝗶𝗱𝗲𝗿 = 𝗗𝗲𝗽𝗲𝗻𝗱𝗲𝗻𝗰𝘆 If you’ve worked with: Python → pip install 🐍 Node.js → npm install 📦 👉 Then you already understand providers! 💡 Providers are dependencies for infrastructure. They are plugins that: Extend Terraform capabilities Connect Terraform to external platforms   🌍 𝗛𝗼𝘄 𝗺𝗮𝗻𝘆 𝗽𝗿𝗼𝘃𝗶𝗱𝗲𝗿𝘀 𝗮𝗿𝗲 𝘁𝗵𝗲𝗿𝗲? 👉 6000+ providers available! 🤯 Popular ones: Azure → azurerm AWS → aws Google Cloud → google Kubernetes → kubernetes GitHub → github 💡 Not just cloud! Providers exist for: SaaS tools 🧰 Monitoring tools 📊 Networking platforms 🌐   📥 𝗛𝗼𝘄 𝗱𝗼𝗲𝘀 𝗧𝗲𝗿𝗿𝗮𝗳𝗼𝗿𝗺 𝗱𝗼𝘄𝗻𝗹𝗼𝗮𝗱 𝗽𝗿𝗼𝘃𝗶𝗱𝗲𝗿𝘀? When you run: terraform init 👉 Terraform: Reads required_providers block 📖 Connects to Terraform Registry 🌐 Downloads the provider plugin 📦 Stores it locally in .terraform/ 📁   🔐 𝗪𝗵𝘆 𝘃𝗲𝗿𝘀𝗶𝗼𝗻𝗶𝗻𝗴 𝗺𝗮𝘁𝘁𝗲𝗿𝘀? version = "4.27.0" 👉 This ensures: Same behavior across environments ✅ No breaking changes ❌ Stable CI/CD pipelines 🚀   🧠 𝗣𝗿𝗼 𝗜𝗻𝘀𝗶𝗴𝗵𝘁 (𝗗𝗲𝘃𝗢𝗽𝘀 𝗴𝗼𝗹𝗱) 🔥 Providers are binary plugins, not just config 🔥 Terraform communicates with them using RPC 🔥 You can even use private providers in enterprises   💡 𝗥𝗲𝗮𝗹-𝗪𝗼𝗿𝗹𝗱 𝗔𝗻𝗮𝗹𝗼𝗴𝘆 👉 Terraform = Brain 🧠 👉 Provider = Hands 🤲 Without hands… 👉 The brain can think, but can’t act.   🎯 𝗞𝗲𝘆 𝗧𝗮𝗸𝗲𝗮𝘄𝗮𝘆 ✔️ Providers are mandatory ✔️ They act like dependencies ✔️ They connect Terraform to real-world platforms ✔️ Without them → Terraform cannot create anything   💬 Have you ever faced a Terraform error because of missing providers? Drop your experience 👇 #Terraform #DevOps #CloudComputing #Azure #AWS #InfrastructureAsCode #TechStory

𝐃𝐚𝐲 𝟐𝟓: 𝐁𝐞𝐲𝐨𝐧𝐝 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐁𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐑𝐞𝐚𝐥 𝐒𝐨𝐥𝐮𝐭𝐢𝐨𝐧𝐬 Certification validates skills, but practice builds true mastery. As part of the Terraform Challenge with EveOps- Everything operations,AWS UG AI/ML Kenya , and Hashicorp User Group Meru, today was all about hands-on execution by deploying a globally accessible static website using AWS S3 and CloudFront, entirely driven by Terraform. We focused on creating a reusable module, implementing remote state with DRY configuration, and automating the entire deployment from bucket setup to security policies. It’s one thing to have the badge, but it’s another to build the infrastructure that delivers real value. Read the full article here: 🔗 https://lnkd.in/dHMxmuWJ #TerraformChallenge #AWS #IaC #TheCloudPastor