AWS Lambda Dead-Letter Queues with SQS: Capture and Replay Failed Async Events
Silent Lambda failures on async invocations discard event payloads permanently unless you have a safety net in place. This post walks through wiring an SQS dead-letter queue to a Lambda function and building a controlled replay script to recover those lost events.
GitHub Actions workflow to build and push Docker image to ECR
A working GitHub Actions setup that builds a Docker image on every push and pushes it to Amazon ECR. Covers the IAM side too, which is usually where things break.
GitLab CI/CD pipeline stages with artifact passing between jobs
Setting up a GitLab pipeline with explicit stages and artifact dependencies so build output actually reaches the deploy job without re-running everything.
Automating S3 to Glacier Data Tiering with Lifecycle Configuration Rules
S3 lifecycle rules let you shift objects through storage classes automatically, cutting costs without manual intervention. This tutorial walks through writing a lifecycle configuration, applying it via the AWS CLI, and validating that transitions are actually happening.
Github Actions Pipeline with sonarqube quality gate manual approval and helm rollback
A single GitHub Actions workflow that blocks deployment on a failed SonarQube gate, waits for a human to approve, and rolls Helm back to the previous revision if anything goes wrong.
IAM Roles and Least-Privilege Policies for CI/CD Pipelines on AWS
Long-lived AWS access keys in CI/CD pipelines are a liability โ scoped IAM roles with temporary credentials are the correct architecture. This tutorial walks through trust policy design, OIDC federation, and the policy mistakes that cause real incidents.
boto3 EC2 inventory script with argparse profiles and structured logging
A Python CLI that lists running EC2 instances across regions using boto3 sessions, argparse, and paginators, with a fix for the NoRegionError that bit me mid-refactor.
Postgres Database Backups on Kubernetes Using a Scheduled CronJob
Manual Postgres backups don't belong in a production Kubernetes environment โ pods are ephemeral, PVCs can disappear, and human schedules are unreliable. This tutorial walks through a CronJob-based backup strategy that runs pg_dump on a schedule, ships compressed dumps to S3, and handles retention automatically.
Terraform Root Config Wiring VPC, IAM, and S3 Modules Together
One root module connecting community VPC, S3, and a local IAM module with correct dependency ordering and remote state.
Kubernetes Deployment Service and Ingress wiring in one manifest
A working example of Deployment, Service, and Ingress resources wired together in a single file, with the 503 that breaks it when names don't match.
โ Support us ยท ๐ณ Monobank