The recent project for Marko Sluga’s community was a massive learning curve. I built the infrastructure on Discord
Optimizing roles, security, and onboarding.
I coudn´t sleep so I am doing this right after a short nap a few hours later. The idea was stuck in my head. Maybe that´s why I had to write it down.
I am grinding through my AWS certifications and retraining as a Cloud Security Architect in my own time, my brain doesn't stop at
"Discord Settings."
I started mapping every requirement to the AWS ecosystem too. What would it take?
I didn´t know how hard it would be so I mapped it out first. This is primarily why I am writing this now.
This way I could turn the discord project into : Building my own on AWS Infrastructure.
This is what I came up with: If I had to build a scalable, secure backend for a community like this on AWS, here is exactly how I’d do it.
1. Security First (The Foundation)
In Discord, I focused on permission hierarchies. In AWS, this is IAM (Identity and Access Management)
- The AWS Way: I would implement Least Privilege using custom IAM Policies. No "Admin" for everyone. (hint: I also didn´t do this on Discord) Just sayin. Check your permissions. Don´t rely on the default settings. Check, verify and then you go live. Just like in a real corporate environment.
2.Computing & Scaling (The Engine)
Discord handles the "hosting," but if we were running custom bots or a community dashboard:
- The Choice: I’d go with AWS Fargate (ECS)
(something I came across recently on the Udemy Course from Stephané Maarek. He is the G.O.A.T when it comes to studying for Certfications in my Opinion.
Here is the Link to his Course which helped me tremendously.
If you buy a course on Udemy: Wait for a sale. Never pay the full price.
Stephané mentions Fregate in Section 9 and section 10 of his course.
- Why? I want low operational overhead (Serverless). As the community grows, Fargate scales the containers automatically. I don’t want to patch OS at at night or get an alert or something when I can´t be on a Computer to fix it ; I want to focus on the community.
3. Protecting the Perimeter
Community platforms are targets for spam and DDoS.
The AWS Way :
I would put everything behind AWS WAF (Web Application Firewall) and Amazon CloudFront. Why ?The Benefit: This filters out malicious traffic before it even hits the application. Security isn't just a checkbox; it's a multi-layered shield.
4. Infrastructure as Code (The Blueprint)
I built the Discord setup manually. It works, but it’s not "Version 2.0" ready.
- The AWS Way: Terraform
Why?
If Marko says, "Ali, I need a second community for Cloud Security,"
I shouldn't be clicking in a console for hours. I should be running terraform apply. Everything from VPCs to S3 buckets stays in Git.
That is true Ownership
You should ask yourself now: What is "Git" and what do I use it for ?
Simply put: Git is a tool that remembers changes.
Git keeps a History of your files so can see:
what changed?
undo mistakes you made
work safely without the fear of breaking things
(in the beginning you will break things and it is good that you do because understanding why it broke and how to fix it is how you learn)You can even use Git to share your work with other people
Some numbers so you understand the importance of Git:
Git has :
150+ Million Developers
4+ Million Organizations
420+ Million Repositories
90% Fortune 100
Here is the website for proof: https://github.com/about
I ll put it even simpler into an Analogy so you get it
A very concrete analogy
If you are writing a document WITHOUT Git you probably did this once or more:
final.docx
final_version_2.docx
final_version_3_DONE_FINAL_Time.docx
That's how I did it more than once and @ Uni uploaded the wrong file by mistake, the file that wasn´t ready.
With Infrastructure as Code, we can't afford that chaos.
With Git you:
Save snapshots of your project
The Beautuy ? You see what
changed,
when it changed ,
why it changed (a short explanation next to it),
who changed it
"Snapshots" in Git are called "commits"
It´s importnant to know early on What Git isn´t
- Git isn´t GitHub
- Git isn´t "Cloud-only"
- Git is not just for code
How Git works ?
Git works on YOUR Laptop, Offline with any text files:
- Terraform files
- config files
- documentation
- scripts
GitHub / GitLab / Bitbucket are just places to store Git projects online.
The core idea in 60 seconds
You have a folder (your project)
Git watches that folder
When you make changes, you tell Git:
“Save the current state.”
That save is a commit.
Later you can:
go back in time
compare versions
see exactly what changed
Why Git matters for Terraform & AWS
“Everything from "VPCs" to "S3 buckets" stays in Git. That is true Ownership.”
Without Git
- You click around in the AWS console
- You forget what you changed
- You can’t easily recreate the setup
- You can’t safely undo mistakes
Scaling = is a pain
But with Git + Terraform
Your AWS setup is described in files
Those files live in Git
Git becomes the source of truth if you will
If something breaks, you don’t guess --> you look at the history.
If AWS breaks?
You can go back to the old version and "re-apply" it.
That’s power.
5. Monitoring & Observability
If the community goes down, I need to know why before the first member complains. (in an ideal world)
- **The AWS Way: Amazon CloudWatch for logs and AWS CloudTrail for auditing.
The Goal: If a role is changed or a bot fails, I have the logs.
"I think it's broken" is not an option. "The logs show a 403 error in the IAM policy" is the architect's answer.
Why I’m writing this
I didn't use AWS for the initial Discord build. But the Logic of Ownership is the same.
Whether I’m configuring Discord roles or writing HCL for a Terraform module, the goal is: Stability, Security, and Scalability.
This is the bridge I’m building during my retraining. It’s not about where you start BUT it’s about how you architect the path forward.
Top comments (0)