Infrastructure-as-Code

This is part of the series Startup that Failed . Infrastructure as Code: Why It’s Non-Negotiable Start with this rule: If you’re touching AWS console to create resources, you’re doing it wrong. Every resource goes through Terraform. IAM roles, security groups, RDS instances, S3 buckets, EKS clusters - everything. No exceptions. This isn’t about following best practices. It’s about three concrete problems: 1. Reproducibility. You will need to rebuild your infrastructure. Whether it’s disaster recovery, creating new environments, or (in my case) rebranding, you’ll need to recreate everything. With Terraform, it’s terraform apply. Without it, you’re clicking through AWS console trying to remember what you configured six months ago. ...

This is a no-fuss summarization of what I’ve learned from running my own startup and failing hard at it. The good, the bad, and the brutally honest. It’s a series of short essays where I dissect every mistake, every win, and every “what the hell was I thinking?” moment. If you’re thinking about a side project, already knee-deep in one, or just enjoy watching someone learn expensive lessons so you don’t have to - then this series of essays is for you. ...

Container-Optimized OS: A Pragmatic Approach to Running Containers on Google Cloud As cloud computing continues to evolve, so does the need for efficient, secure, and scalable ways to run containerized applications. In this essay, we’ll delve into what makes COS stand out, its security advantages-particularly root filesystem immutability, seamless updates, and how it can be smartly utilized with regional managed instances for scaling. We’ll also explore the role of startup scripts and other practical considerations for engineering teams. ...

Building a Health-Data Platform I have had the opportunity to work on several complex and challenging projects. One such project was a health-data platform designed as a modular monolith with a plethora of complex requirements to fulfill. As a health-data platform, ensuring the security and compliance of our users’ sensitive information was paramount. To that end, we made it a priority to align with both HIPAA and SOC-2 standards. Compliance and Security Measures for a Health-Data Platform SOC-2 Compliance For SOC-2 compliance, we implemented various strict controls to guarantee the safety of our user’s data. This included implementing multi-factor authentication, such as FIDO tokens, for added security. We also conducted regular security assessments and backups to ensure that any data would be protected in the event of a security breach. Additionally, we employed SOC-2-compliant cloud providers to host and store sensitive data. Furthermore, a robust Governance, Risk management, and Compliance (GRC) program were established and regularly reviewed to ensure compliance with SOC-2 standards. ...

From Theory to Practice It is recommended that readers familiarize themselves with the principles outlined in the article Modular Monoliths - Simplified before delving into the practical example provided in this follow-up piece. This article will explore a specific implementation of a modular monolith architecture, utilizing a clear separation of handlers, services, and repository layers. The accompanying GitHub Repository serves as a reference and starting point, providing a boilerplate structure that can be easily adapted to suit the specific needs of your project. ...