Posts

Day 30 - Multi-Environment GitOps Drift Detection with Automated Remediation

Image
I ntroduction:   To conclude my 30-Day AWS Terraform Challenge , I tackled a critical problem for modern cloud architectures: managing infrastructure drift across multiple environments. The goal was to build a system where the running state in AWS always reflects the desired state in GitHub, automatically healing any manual, unauthorized changes. This final project demonstrates my ability to build scalable, highly available, and compliant infrastructure —proving I’m ready for the role of a Cloud Architect. The Architecture: Highly Available, Highly Isolated My application, a Dockerized Python web server (built in previous days), runs on AWS within a modular VPC. To prepare for production, I implemented environment isolation, state separation, and a professional multi-availability-zone (multi-AZ) layout. Below is the high-level architecture diagram. It illustrates how Terraform Multi-Environment configuration, S3 state backend locking, and GitHub Actions work together ...
Post a Comment
Read more

Day 29 - GitOps Patient Zero — Continuous Delivery on AWS EKS with Argo CD and Kustomize

Image
Today's project moves away from manual, ad-hoc cluster provisioning and embraces true modern cloud operations by setting up a production-grade GitOps Continuous Delivery (CD) Pipeline using Argo CD and Kustomize running on an Amazon Elastic Kubernetes Service (EKS) cluster. Traditional infrastructure management often suffers from "configuration drift," where changes made manually via CLI or console make environments impossible to reproduce. By shifting to a GitOps topology, my entire application stack state is now declared natively in code and driven directly from a GitHub repository as the single source of truth. 1. The System Architecture Topography This project establishes a clean boundary separating core cloud infrastructure provisioning from the software application delivery lifecycle. Below is the technical structural blueprint behind today's successful deployment: 2. Technical Highlights & Version Pinning Strategy To eliminate fragile integration depend...
Post a Comment
Read more

Day 28 - Building a Highly Available 3-Tier AWS Application with Terraform and GitHub Actions

Image
For Day 28, the goal was to build a highly available 3-tier application on AWS. The application included a Node.js frontend, a Go backend API, and a PostgreSQL database. My mentor demonstrated this using VS Code and manual Docker commands, but I wanted to take it one step further and deploy it through GitHub Actions. The objective was not only to create AWS infrastructure, but also to understand how application code, Docker images, Terraform, and AWS services work together in a real deployment workflow. Architecture Overview The application was deployed across multiple layers inside a custom VPC. The public layer contains an internet-facing Application Load Balancer. This is the only entry point exposed to users. The frontend layer runs Node.js containers on EC2 instances managed by an Auto Scaling Group. The backend layer runs Go containers on EC2 instances behind an internal Application Load Balancer. The database layer uses Amazon RDS PostgreSQL in private database subnets. The...
Post a Comment
Read more

Day 27 – Production Style AWS Infrastructure with Terraform and GitHub Actions CI/CD

Image
Introduction For Day 27 of my AWS and Terraform learning journey, I wanted to move beyond basic Terraform deployments and simulate a more production style Infrastructure as Code workflow. The goal of this project was not just to deploy AWS resources manually from a laptop, but to build a deployment pipeline where infrastructure changes are reviewed, approved, and automatically applied through GitHub Actions. This project included: Terraform based AWS infrastructure deployment GitHub Actions CI/CD workflow AWS OIDC authentication instead of static access keys Protected production approval workflow Auto Scaling Group infrastructure updates through Git commits Multi AZ production style network architecture Architecture Overview This architecture includes: VPC with public and private subnets Internet Gateway NAT Gateway Application Load Balancer Auto Scaling Group EC2 instances running Nginx S3 backend for Terraform remote state GitHub Actions CI/CD pi...
Post a Comment
Read more