DEV Community: Ahmed Oluwasegun

Building Decoupled Applications using Amazon SQS

Ahmed Oluwasegun — Mon, 07 Apr 2025 18:10:12 +0000

**I **just completed an hands-on lab on "Building Decoupled Applications using Amazon SQS" — an

d it had lots of wow moment, what a learning experience!
As an aspiring Solutions Architect, I got to break down monolithic structures and build a more resilient, scalable, and event-driven architecture in the AWS Cloud. Here’s how it went:
Phase 1:
I started with a Node.js-based application in AWS Cloud9 where the web server and application server were tightly coupled. It worked—but it was not without its ‘read an AWS documentation moments.’
Phase 2:
Enter Amazon SQS and Amazon SNS. In a new Cloud9 environment, I decoupled the components—so now, the web server and app server could operate independently, communicate asynchronously, and scale much more efficiently.

Here’s what I did, step-by-step:

Installed and tested the image processing application.
Set up Amazon SQS to queue jobs for processing.
Configured Amazon SNS for fan-out messaging and notifications
Set up S3 event triggers and the right IAM permissions
Subscribed endpoints to the SNS topic
Tuned parameters, ran tests, and watched it all come together! The application now accepts images, queues them, processes them into tinted versions, and notifies systems asynchronously. That’s the power of decoupling.

💡 Key Takeaways:
• Decoupled systems = better fault tolerance, flexibility, and scalability
• SQS + SNS = for me, these are an event-driven goldmine
• IAM, S3, and Cloud9 = the ultimate dev toolkit in AWS
If you're diving into AWS and cloud architecture, I recommend playing with these services hands-on. Nothing beats the "aha" moments when the architecture just clicks.

AWS #CloudComputing #SolutionsArchitect #AmazonSQS #AmazonSNS #Serverless #NodeJS #DecoupledArchitecture #Cloud9 #HandsOnLearning #WomenInTech #CloudEnthusiast

Challenge Accepted: Automating Infrastructure Deployment with AWS!

Ahmed Oluwasegun — Tue, 25 Mar 2025 10:50:50 +0000

I recently completed one of the most challenging and rewarding labs in my AWS Cloud journey—Automating Infrastructure Deployment. This lab pushed me to tackle real-world scenarios, solve complex problems, and sharpen my skills in Infrastructure as Code (IaC) and Continuous Delivery.

Challenge 1: Automating a Static Website Deployment
The first task was to create a static website for a café. From scratch, I:
Designed and wrote a CloudFormation template to define and provision the infrastructure.
Configured an S3 bucket to host the static website and updated the stack using CloudFormation.
Takeaway: This experience reinforced the importance of Infrastructure as Code (IaC) for repeatability and efficient infrastructure management.

Challenge 2: Version Control with AWS CodeCommit
Next, a new business requirement arose: storing CloudFormation templates in a version control system:
I cloned an AWS CodeCommit repository to manage and track infrastructure changes efficiently.
Takeaway: Leveraging version control is crucial for maintaining transparency and managing changes across multiple environments.

Challenge 3: Implementing a CI/CD Pipeline
With evolving business needs, I was tasked with automating the creation of network and application layers. Here’s how I handled it, I:

Built a CloudFormation template for the network layer and stored it in CodeCommit.
Automated the deployment process by configuring AWS CodePipeline.
Defined an EC2 instance and successfully launched the application layer.
Takeaway: Automation via CI/CD pipelines accelerates deployment, reduces manual errors, and ensures consistency across environments.
Challenge 4: Multi-Region Deployment
To enhance resilience and availability, I duplicated the café's network and application resources in a second AWS Region (Oregon). I:

Extended the CloudFormation templates to support multi-region deployments.
Verified the infrastructure and application consistency across regions.
Takeaway: Multi-region deployments are essential for disaster recovery, fault tolerance, and delivering a better user experience globally.

✅ What did this lab teach me?

The power of Infrastructure as Code (IaC) with AWS CloudFormation.
How to integrate AWS CodeCommit and AWS CodePipeline for a smooth CI/CD workflow.
The importance of scalability and fault tolerance through multi-region deployments.
Efficiency matters—automation saves time and reduces errors. This lab not only deepened my technical skills but also prepared me for real-world cloud architecture challenges. It has also equipped me with the hands-on ability to design and deploy scalable, automated, and resilient AWS architectures. Always ready to take on the next challenge!

AWS #CloudComputing #InfrastructureAsCode #SolutionArchitecture #ALX #LearningInPublic #CloudFormation #CodePipeline

Debrief: Configuring Access to the Application Instance via the Bastion Host

Ahmed Oluwasegun — Mon, 10 Mar 2025 12:58:52 +0000

In the latest challenge lab I did, I configured access for an Application Instance (running in a private subnet) via a Bastion Host (in a public subnet). From setting up bastion hosts for secure access to configuring VPCs, subnets, route tables, NAT gateways, and security groups, every step brought me closer to mastering cloud infrastructure.

Here’s a summary of what and how I set it up:

Configurations for Accessing the Application Instance via the Bastion Host Bastion Host Setup Launched a Bastion Host in the Public Subnet (with a public IP). Attached a Security Group (SG) allowing inbound SSH (Port 22) from your IP. Connected to the Bastion Host using SSH and a private key (.ppk for PuTTY).

Application Instance (Private Subnet) Configuration
Launched an Application EC2 Instance in a Private Subnet (no public IP).
Created a Security Group allowing inbound SSH (Port 22) only from the Bastion Host's SG.
Used SSH from the Bastion Host to access the Private Instance.

Network ACL Configuration
Allowed inbound and outbound SSH traffic (Port 22) from the Bastion Host.
Configured ephemeral port rules (1024-65535) for return traffic.

2. Traffic Flow from the Internet to the Application Server
I defined traffic flow using multiple configurations:
**Security Group Rules
**For Bastion Host: Allowed inbound SSH (Port 22) from my IP.
For Application Server: Allowed SSH (Port 22) inbound only from the Bastion Host SG.

Route Tables
Public Subnet Route Table: Had a default route (0.0.0.0/0) pointing to the Internet Gateway (IGW).
Private Subnet Route Table: No direct internet access (default route pointed to a NAT Gateway).

Network ACLs (NACLs)
Configured Inbound & Outbound ACLs to allow SSH and return traffic.
Modified rules to block or allow ICMP traffic when required.

Summary of Traffic Flow

From My Computer → Bastion Host (Public Subnet)
Used SSH (Port 22) with a key pair.
Security Group & NACL allowed traffic.
From Bastion Host → Application Instance (Private Subnet)
Used SSH (Port 22) to private IP.
Security Group allowed only Bastion Host’s SG.
From Application Instance → Internet (for updates)
Used NAT Gateway for outbound access (no public IP).

A heartfelt thank you to the ALX team and AWS Cloud Computing program coordinators, especially for their guidance and unwavering support.
As I continue sharpening my skills in AWS Solutions Architecture, I am eager to contribute my expertise to innovative projects. If you’re looking for a passionate cloud computing enthusiast ready to solve complex infrastructure challenges, let’s connect!

Deploying a Web App on AWS: My Hands-On Experience & Challenges.

Ahmed Oluwasegun — Thu, 27 Feb 2025 22:52:56 +0000

I just completed a lab using AWS resources to deploy an application on an Amazon EC2 instance. This application allows a café to accept online orders, and my task was to set it up in a development environment, then scale it by creating an Amazon Machine Image (AMI) and launching a production instance in another AWS region.

Key Tasks and Challenges Faced

Analyzing an existing EC2 instance – Here I noted key details of the pre-configured instance.
Answering instance-related questions – AWS quizzes kept me on my toes! 😅
Connecting to the IDE on the EC2 instance – I used Amazon Cloud9 for the first time, which was exciting but had a learning curve.
Confirming the LAMP stack setup – Running ‘sudo’ commands helped me validate that the web server was accessible.
Installing the café application – A few command-line struggles later, I successfully downloaded and extracted the application files.
Testing the application – Placing an order didn’t work at first due to code errors! Debugging on an unfamiliar IDE was tricky, but I finaly got it running.
Creating an AMI & launching another EC2 instance – I cloned my existing setup, allowing the café website to scale effortlessly.
Verifying the new instance – I checked the EC2 console in Oregon to confirm that my ProdCafeServer was up and running.

Here are my key takeaways:
Hands-on experience with EC2, AMI, and multi-region deployment.
Troubleshooting & debugging on Amazon Cloud9.
Setting up and managing a LAMP stack in AWS.
Scaling applications efficiently using AMIs.

This lab reinforced real-world cloud architecture principles and challenged me to balance security, performance, scalability, and cost while ensuring resilience and automation. If you're working with AWS cloud, what's been your most exciting challenge so far? Let’s discuss!

Building a Secure and Scalable Static Website on AWS S3: A Hands-on Experience

Ahmed Oluwasegun — Mon, 17 Feb 2025 13:59:47 +0000

Exploring Amazon S3 for Web Hosting & Data Management

In my opinion, one of the biggest advantages of cloud computing is the ability to build scalable, cost-effective, and highly available solutions with minimal overhead. Recently, I completed a hands-on AWS lab where I used Amazon S3 to host a static website while also implementing key architectural best practices to enhance security, and manage data as efficiently as I could, especially after going through related AWS documentations.
This experience deepened my understanding of AWS storage, security, and automation, and I’d love to share my key takeaways with fellow cloud enthusiasts, architects, and hiring managers looking for skilled cloud professionals.

Steps I Took to Build and Secure My AWS S3 Static Website

Extracting and Preparing Files
Every cloud project starts with proper preparation. I extracted the necessary files from a ZIP folder, ensuring the right content structure for my website. Lesson learned: Good file management saves time and prevents deployment issues.
Creating an S3 Bucket for Static Website Hosting
I created an S3 bucket, which serves as the foundation for hosting a static website. Why did I use Amazon S3? It’s cost-efficient, highly available, and eliminates the need for traditional web servers.
Uploading Website Files to S3
After setting up my bucket, I uploaded my HTML, CSS, and Media files. AWS S3 makes it easy to manage files at scale, whether you're hosting a simple website or a complex application. In my case; I was hosting the former.
Implementing a Public Read Access Policy
By default, S3 is private—which is great for security, but needs customization for web hosting. I created a bucket policy to grant public read access, allowing users to access my website without authentication. Security tip: Always review policies carefully to avoid exposing sensitive data.
Enabling Versioning for Data Protection
To protect against accidental overwrites or deletions, I enabled versioning on my S3 bucket. This ensures that every modification creates a new version, making it easy to recover older files if needed. Best practice: Always enable versioning for critical data.
Setting-Up Lifecyccle Policies for Cost Optimization
Managing storage cost is key in the cloud. I configured two lifecycle policies to automatically move non-current versions of files to Amazon S3 Standard IA after 30 days, and to also permanently delete files in Standard IA after 365 days. I did this to ensure retention at a lower cost. Smart storage management can save organizations thousands in cloud expenses!
Enabling Cross-Region Replication (CRR) for Disaster Recovery
To ensure my website’s high availability and resilience, I set up Cross-Region Replication (CRR), automatically duplicating files to another AWS region. In my view, this is a key disaster recovery strategy, ensuring data redundancy and compliance.

Key Takeaways for Cloud Professionals
• Amazon S3 is more than just storage: it can be a powerful tool for hosting and securing web applications.
• Security-first approach: Always apply the principle of least privilege when configuring public access.
• Automate and optimize: Lifecycle policies and CRR can reduce costs and improve reliability.
• Hands-on experience is invaluable! The best way to master AWS is by building real-world solutions.

🎯 Ready to Apply These Skills in a Real Cloud Role!
As a Cloud Practitioner, I am continuously expanding my expertise in AWS storage, security, and automation. If your team is looking for a dedicated, hands-on cloud professional to build, optimize, and secure cloud environments—let’s connect!
How do you implement security and cost optimization in your AWS storage strategy? Let’s discuss in the comments or send me a message!

Thanks so much for the platform and opportunity @ALX_Nigeria and @alx_africa

AWS #CloudComputing #S3 #CloudSecurity #CloudArchitecture #Hiring #AWSCommunity #TechCareer

Exploring AWS Identity and Access Management (IAM): A Hands-on Experience 🔐

Ahmed Oluwasegun — Tue, 11 Feb 2025 20:30:00 +0000

One of the most crucial aspects of cloud security is Identity and Access Management (IAM)—because what’s the cloud without secure access? 🌍☁️
Recently, I completed an AWS lab on "Exploring AWS IAM", where I gained practical experience in:
✅ Managing IAM users and groups effectively
✅ Inspecting and understanding IAM policies in real-world scenarios
✅ Assigning permissions and testing access restrictions dynamically
✅ Locating and using the IAM sign-in URL for secure authentication
✅ Evaluating policy effects to enforce the principle of least privilege

IAM is the backbone of AWS security, and mastering it ensures organizations can enforce least privilege access, secure workloads, and prevent unauthorized access. 🚀

For cloud architects and security professionals, how do you approach IAM best practices in your AWS environments? Let’s share insights! 🔍👇
Also, if you're building secure, scalable cloud infrastructures and need a cloud enthusiast ready to contribute, innovate, and grow, let’s connect!

AWS #CloudComputing #IAM #CloudSecurity #Hiring #Opportunities

Hands-On with Amazon EC2: Learning by Doing!

Ahmed Oluwasegun — Thu, 30 Jan 2025 12:37:41 +0000

I recently completed a hands-on lab on Amazon EC2, diving deep into launching, managing, and securing cloud instances. This wasn't just theory—I got my hands dirty with real-world tasks that reflect what cloud professionals do daily!

By the end of the lab, I had successfully:
✅ Launched a web server with termination protection enabled
✅ Monitored my EC2 instance’s performance
✅ Modified Security Groups to allow HTTP access
✅ Scaled and resized my EC2 instance to adapt to different workloads
✅ Explored EC2 limits and tested stop protection

*Every step reinforced a key takeaway: *

Cloud scalability
Security
Cost optimization

These steps are all critical in AWS environments. This practical experience has strengthened my confidence in managing cloud infrastructure efficiently.
I’m excited about the journey ahead and look forward to applying these skills in real-world cloud environments. If you're working with AWS and looking for a cloud practitioner who’s passionate about hands-on learning and problem-solving, let’s connect! 🚀