EventBridge Retry Policies and DLQ Handling in Production on AWS
Silent event loss is one of the most deceptive failure modes in event-driven architectures on AWS. This tutorial walks through configuring EventBridge retry policies and dead letter queues correctly — from IAM permissions to CloudWatch alerting and replay strategies.
Jenkins to AWS Authentication with OIDC: Replacing Static Keys with Federated Identity
Static AWS access keys in Jenkins are a persistent security liability — rotation is manual, secrets sprawl across credential stores, and a single leak can compromise entire environments. This post walks through configuring OIDC federation between Jenkins and AWS IAM so your pipelines authenticate with short-lived tokens and no stored secrets.
Terraform Remote State on AWS: S3 Backend with DynamoDB Locking
Local Terraform state files are a liability the moment a second engineer joins the project. This tutorial walks through provisioning an S3 backend with DynamoDB state locking — the standard pattern for safe, concurrent infrastructure management on AWS.
EventBridge Pipe: Route S3 DataSync Task Events to SNS Alerts
Wire AWS DataSync task completion events through an EventBridge Pipe into SNS so your team gets notified the moment a sync job finishes or fails — no polling, no Lambda glue code required.
AWS Lambda Dead-Letter Queues with SQS: Capture and Replay Failed Async Events
Silent Lambda failures on async invocations discard event payloads permanently unless you have a safety net in place. This post walks through wiring an SQS dead-letter queue to a Lambda function and building a controlled replay script to recover those lost events.
Automating S3 to Glacier Data Tiering with Lifecycle Configuration Rules
S3 lifecycle rules let you shift objects through storage classes automatically, cutting costs without manual intervention. This tutorial walks through writing a lifecycle configuration, applying it via the AWS CLI, and validating that transitions are actually happening.
IAM Roles and Least-Privilege Policies for CI/CD Pipelines on AWS
Long-lived AWS access keys in CI/CD pipelines are a liability — scoped IAM roles with temporary credentials are the correct architecture. This tutorial walks through trust policy design, OIDC federation, and the policy mistakes that cause real incidents.
AWS Lambda + Python: Handle S3 Events and Errors Like a Pro
Learn how to trigger an AWS Lambda function from S3 uploads using Python, with real error handling that won't leave you guessing at 2am.
Terraform S3 Backend Setup with DynamoDB State Locking for Team Workflows
Storing Terraform state locally works fine in isolation, but it breaks down the moment a second engineer joins the project. This tutorial walks through provisioning an S3 backend with DynamoDB locking and wiring it into your Terraform project correctly.
Terraform Remote State on AWS S3 with DynamoDB State Locking
Storing Terraform state locally is fine for solo experiments, but it breaks down the moment a second engineer runs a plan. This tutorial walks through provisioning a production-grade S3 remote backend with DynamoDB locking and shows you exactly how to wire it into any Terraform project.
☕ Support us · 💳 Monobank