Blog

Terraform CI Is Green. Here's What It Missed.

Changed-files detection in Terraform CI silently skips stacks that consume modified modules. Here's the pattern that actually works, plus three supporting fixes.

S3 Table Buckets in Terraform: What Nobody Warned Me About

S3 Table Buckets encrypt, wire up IAM, and coexist with standard S3 differently than you'd expect. Five Terraform gotchas that cost real debugging hours.

ECS vs EKS in 2026: The Decision Framework—Including ECS Anywhere

ECS vs EKS isn't a features comparison — it's an operational capacity question. Decision framework including ECS Anywhere, with real production examples.

The IAM Trust Policy Chicken-and-Egg (That Isn't)

How to break the apparent IAM trust policy circular dependency in Terraform by constructing role ARNs deterministically — no two-pass apply needed.

What the first 24 hours of production CloudWatch data told us

The morning after go-live, one service was running at 99.8% CPU across 9 tasks with a 1,010ms p50 latency. Here's what the data said to do next — and why the sequence mattered.

Stop Manually Updating Jira After Every PR Merge

You just merged a PR. Now you copy the URL, open Jira, paste it in a comment, change the status to Done, and update the deployed field. 5 minutes wasted, 20 times a week, every week. Here's how to eliminate it completely with GitHub Actions.

How I Manage Claude Code Context Across 20+ Repositories

Every new Claude Code session starts cold. After 3 months of daily use across 20+ infrastructure repos, I built a three-tier context hierarchy that loads team patterns, project state, and infrastructure conventions automatically — no copy-paste, no ramp-up.

Building Automated AWS Permission Testing Infrastructure for CI/CD

We were deploying IAM permission sets and finding the bugs in production — 5 iterations to get one permission set right. Here's the testing framework that caught 95% of permission issues before they hit prod.

Building Apache Iceberg Lakehouse Storage with S3 Table Buckets

S3 Table Buckets are purpose-built for Iceberg metadata operations — 10x faster than regular S3 for query planning. Here's how we built a three-zone medallion lakehouse with Terraform, including what's different about Table Buckets that most posts don't mention.

Zero-Downtime AWS Transit Gateway Hub-Spoke Migration

Our network topology had three standalone Transit Gateways that couldn't talk to each other. Here's how we redesigned the full platform — hub-spoke TGW with inline Network Firewall inspection — and cut over without touching a single application.

Stop Managing EKS Add-ons by Hand

I was managing EKS add-ons with kubectl and YAML files. No version control, no drift detection, no rollback. Here's how I fixed it with a single Terraform module.

The 5-Minute Tax I Killed With GitHub Actions

How I eliminated the 5-minute deployment tax with GitHub Actions so git push just works

I Spent 6 Hours Automating a 30-Minute Task (And I'd Do It Again)

Why I automated my side hustle infrastructure with Terraform instead of clicking through AWS console like a normal person

DNS Validation: From 15 Steps to Zero

How Terraform eliminated 15 manual steps from SSL certificate validation across two domains

Building Multi-Account AWS Infrastructure with Terraform and ECP