Skip to content
View THOM-AwS's full-sized avatar
8 followers · 31 following

Achievements

Achievement: QuickdrawAchievement: Pair Extraordinairex3Achievement: Pull Sharkx3Achievement: YOLO

Achievements

Achievement: QuickdrawAchievement: Pair Extraordinairex3Achievement: Pull Sharkx3Achievement: YOLO

Block or report THOM-AwS

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
THOM-AwS/README.md

My IT Philosophy

First I drink the Coffee, then I do the things.

Before I Build Anything

Ask the questions first:

  • How many users? Where do they live?
  • Does it need eleven-nines uptime or can we restart it Tuesday afternoon?
  • How many engineers maintain this? (2 people shouldn't babysit 50 microservices)
  • What's the budget? If I wouldn't spend my own money on it, why should the org?

Then build the simplest thing that works:

  • Monolith first. Microservices are a tax on complexity - only pay it when you must
  • Can it still vertically scale? Modern boxes are beasts. Don't distribute prematurely
  • Pick your database by query pattern, not hype. Joins? SQL. Key lookups? K/V. Everything else? Probably still SQL
  • SAGA pattern only when distributed transactions are unavoidable. Spoiler: they're usually avoidable
  • Do you really, REALLY need to have kubernetes or will a lambda do?

Make it observable:

  • If you can't see it, you can't fix it
  • If it's broken and no one knows, is it really running?
  • Alerts wake you up. Metrics let you sleep

How I Ship Code

Git is the source of truth.
If it's not in git, it doesn't exist. Complete history, complete audit trail, no arguments.

Pipelines, not people.
Automate everything. Manual deployments are just future incidents waiting to happen.

Peer review, always.
By someone who actually understands what they're reviewing. No rubber stamps.

Test in non-prod, deploy to prod.
Zero config drift between environments. If prod is special, you're doing it wrong.

No humans in production.
Read-only access is fine. Write access requires a very good reason and an even better audit trail.

Run it securely:

  • Patch it
  • Back it up (and test the restore)
  • Monitor it (alert if critical)

Document it like you'll forget it.
Because in 10 years, you will have.

Spend it like it's your money.
Because cloud bills compound like credit cards. If you wouldn't pay for it personally, justify it to the org.

Pinned Loading

  1. terraform-patch-manager terraform-patch-manager Public

    Create patching groups for three teir architecture VPC's with both scan and patch for all OS types.

    HCL 2 1

  2. aws-static-website aws-static-website Public

    AWS static webiste with S3, Cloudfront, ACM and Route53

    HCL 1

  3. Backup-checker Backup-checker Public

    check to see if there is backups occuring on your ec2 instances.

    Python

  4. EBS-Encryptor EBS-Encryptor Public

    encrypt your ebs volumes that are already in use

    Shell

  5. fastapi-model fastapi-model Public

    Follow a fastapi tutorial to build out a fully featured API.

    Python

  6. mytf mytf Public

    Python