<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Edwin Jonathan</title>
    <description>The latest articles on DEV Community by Edwin Jonathan (@edwindevops).</description>
    <link>https://dev.to/edwindevops</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3910450%2F83277dda-3c32-4a62-973e-26d0f74c3356.png</url>
      <title>DEV Community: Edwin Jonathan</title>
      <link>https://dev.to/edwindevops</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/edwindevops"/>
    <language>en</language>
    <item>
      <title>Your Terraform State Is Lying to You. I Built the Tool That Proves It.</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Sun, 21 Jun 2026 17:14:46 +0000</pubDate>
      <link>https://dev.to/edwindevops/your-terraform-state-is-lying-to-you-i-built-the-tool-that-proves-it-ck9</link>
      <guid>https://dev.to/edwindevops/your-terraform-state-is-lying-to-you-i-built-the-tool-that-proves-it-ck9</guid>
      <description>&lt;h2&gt;
  
  
  The Quiet Failure Mode Every AWS Team Pretends Doesn't Exist I Found the Gap Every DevOps Tool Stopped Short Of Closing Nobody Finished This Tool. So I Did.
&lt;/h2&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt; Open your AWS console right now and compare it to your Terraform state file, line by line. I'll save you the trouble. They don't match.
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;Not because you did anything wrong. Because someone — you, a teammate, a contractor with console access nobody revoked — made a change outside the pipeline. A security group rule got loosened during an incident and never got tightened back. An S3 bucket lost its encryption config mid-debug. A database got flagged publicly accessible for twenty minutes of convenience and stayed that way for three months because nobody was watching.&lt;/p&gt;

&lt;p&gt;Terraform doesn't know any of this happened. It still believes the world looks like what you declared. The gap between that belief and reality is called drift, and it is the quietest liability in cloud infrastructure — not because it's rare, but because nothing alerts on it. It doesn't throw an error. It waits for an audit, or an attacker, whichever comes first.&lt;/p&gt;

&lt;p&gt;I went looking for the tool that closes that gap properly. I found pieces of one, scattered across three dead-ends.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5deqtrqrxhi6wc67u2ok.jpeg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5deqtrqrxhi6wc67u2ok.jpeg" alt=" " width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Driftctl detected drift competently — until Snyk acquired it, extracted whatever value they wanted, and let the repository go silent. No commits in over a year, still recommended on every "top drift detection tools" roundup that nobody bothered to update. Checkov scans your Terraform code before you apply it, which is useful and also irrelevant to what's already running in production. Infracost will price a resource down to the cent and say nothing about the fact that the resource shouldn't be publicly exposed in the first place.&lt;/p&gt;

&lt;p&gt;Three tools, three lanes, none of them talking to each other. Nobody had built the version that watches your real infrastructure, tells you precisely how dangerous a discrepancy is using frameworks security teams actually trust, prices what it's costing you, and hands you the fix instead of a report you'll skim once and forget.&lt;/p&gt;

&lt;p&gt;So I built it. DriftGuard is live, it's running against real AWS accounts, and it doesn't soften what it finds.&lt;/p&gt;

&lt;p&gt;What It Does, Without the Marketing Language&lt;br&gt;
DriftGuard reads your terraform.tfstate and queries your live AWS account directly — EC2, security groups, S3, RDS, IAM — and checks whether the two still agree.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxwpobl5kxgcrgtiuf531.jpeg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxwpobl5kxgcrgtiuf531.jpeg" alt=" " width="800" height="385"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;When they don't, it doesn't hand you a raw diff and call it done. Every discrepancy runs through a rules engine mapped to CIS AWS Benchmark controls and MITRE ATT&amp;amp;CK technique IDs. A security group that opened SSH to the entire internet isn't logged as "rule modified." It's flagged as a direct CIS 4.1 violation, tied to the exact attack technique it enables, and weighted with a severity that makes it impossible to quietly skip in a backlog review.&lt;/p&gt;

&lt;p&gt;It also does the arithmetic nobody else runs. An EC2 instance quietly bumped from t3.micro to t3.large isn't just a config change — it's an unapproved $53 a month, compounding silently across however many times that pattern repeats across your fleet before finance notices the bill moved.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flenn90ym05ab6aiakc97.jpeg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Flenn90ym05ab6aiakc97.jpeg" alt=" " width="800" height="383"&gt;&lt;/a&gt;&lt;br&gt;
Then it closes the loop entirely. DriftGuard writes the exact Terraform HCL needed to restore the declared state, commits it to a branch, and opens a pull request on your repository with the severity, the specific compliance violation, the cost impact, and the fix sitting together in one place. You don't investigate. You review and merge.&lt;/p&gt;

&lt;p&gt;That's the entire premise: stop generating reports nobody reads, and start generating fixes someone can act on in under a minute.&lt;/p&gt;

&lt;p&gt;What Actually Happened Behind the Scenes&lt;br&gt;
I won't pretend this was a clean build, because the clean version of any engineering story is usually the fictional one.&lt;/p&gt;

&lt;p&gt;The core engine — parsing state, pulling live AWS data through boto3, diffing the two, scoring severity against compliance frameworks — came together quickly. That part is just structured logic: compare, flag, weight, output. Algorithms cooperate. Infrastructure doesn't.&lt;/p&gt;

&lt;p&gt;Deployment is where I actually got tested.&lt;/p&gt;

&lt;p&gt;Railway rejected the first build outright: "railpack could not determine how to build the app." No requirements.txt in the path it expected, no signal telling it what kind of project this even was. I fixed it. It failed again on a different missing piece. By the time I got a deployment that actually held, I'd burned through my entire Railway trial — watched the credits disappear before I'd shipped anything real, which is its own particular kind of frustrating.&lt;/p&gt;

&lt;p&gt;I moved to Render. Free tier, no countdown clock. First build failed there too — a pydantic-core metadata error, because I'd pinned exact dependency versions with no prebuilt wheel for the Python runtime underneath. I stripped every version pin, let pip resolve compatible versions on its own, redeployed, and watched the logs finally turn green.&lt;/p&gt;

&lt;p&gt;That sequence — dead platform, burned credits, stripped config, second platform, second failure, fix, green build — is the actual build log. Not a straight line. A series of corrections until something held. That's what shipping looks like, regardless of who's doing the shipping or how old they are.&lt;/p&gt;

&lt;p&gt;On the Matter of My Age&lt;br&gt;
I'm seventeen. I don't have a degree, and I stopped waiting for one to certify what I already knew how to do. Linux, Docker, Kubernetes, Terraform, AWS — learned from documentation and broken builds, the way most of this industry actually gets learned, with no cohort and no professor softening the parts that didn't make sense the first time.&lt;/p&gt;

&lt;p&gt;Before DriftGuard, I'd already built a Zero-Trust Kubernetes platform end to end. I'd already shipped a security posture engine scoring live clusters against MITRE ATT&amp;amp;CK using real scan data, not staged examples. I'd already stood up AWS pipelines authenticated entirely through OIDC — zero static credentials anywhere in the chain, the way the documentation says it should be done and the way most teams still aren't doing it.&lt;/p&gt;

&lt;p&gt;DriftGuard is the first project I'm putting directly in front of an industry that hasn't had a reason to look yet. It solves a problem real infrastructure teams actually have. Test it against your own AWS account. Try to break it. File an issue — I read every one, and I close them fast, because a maintainer who goes quiet is the fastest way to lose trust in a tool.&lt;/p&gt;

&lt;p&gt;Live API: &lt;a href="https://driftguard-endm.onrender.com/docs" rel="noopener noreferrer"&gt;https://driftguard-endm.onrender.com/docs&lt;/a&gt;&lt;br&gt;
GitHub: &lt;a href="https://github.com/EdwinJdevops/driftguard" rel="noopener noreferrer"&gt;https://github.com/EdwinJdevops/driftguard&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Closing&lt;br&gt;
I didn't write this to introduce myself. The repository is public, the API is live, and the commit history will tell you more about how I work than any paragraph here could.&lt;/p&gt;

&lt;p&gt;What I'll say instead is this: most people wait for permission before they consider themselves ready. A title, a degree, an interview that grants them the right to call their work serious. I skipped that part. I built the tool, deployed it, broke it, fixed it, and put it where anyone can verify every claim I just made.&lt;/p&gt;

&lt;p&gt;The work is the introduction. Everything else is just confirmation.&lt;/p&gt;

&lt;p&gt;I'm Edwin Jonathan — a 17-year-old self-taught DevOps Engineer building from Lagos, Nigeria. No degree, no shortcuts — just real infrastructure, real pipelines, and real results. Follow the journey: 🔗 GitHub: github.com/EdwinJdevops ✍️ Hashnode: edwinjonathand-devops.hashnode.dev 💼 Open to remote DevOps/Cloud roles globally&lt;/p&gt;

</description>
      <category>aws</category>
      <category>devops</category>
      <category>opensource</category>
      <category>infrastructureascode</category>
    </item>
    <item>
      <title>Junior Engineers Are Learning AI Faster Than They Are Learning Systems</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Thu, 18 Jun 2026 16:11:47 +0000</pubDate>
      <link>https://dev.to/edwindevops/junior-engineers-are-learning-ai-faster-than-they-are-learning-systems-jg7</link>
      <guid>https://dev.to/edwindevops/junior-engineers-are-learning-ai-faster-than-they-are-learning-systems-jg7</guid>
      <description>&lt;h2&gt;
  
  
  &lt;strong&gt;The most important engineering gap nobody seems interested in talking about&lt;/strong&gt;
&lt;/h2&gt;

&lt;p&gt;A few months ago, I noticed something strange.&lt;/p&gt;

&lt;p&gt;Everywhere I looked, people were learning AI.&lt;/p&gt;

&lt;p&gt;People were building agents.&lt;br&gt;
People were generating code.&lt;br&gt;
People were creating AI startups.&lt;br&gt;
People were posting AI projects.&lt;/p&gt;

&lt;p&gt;Yet when basic infrastructure questions appeared, many of the same people struggled.&lt;/p&gt;

&lt;p&gt;Questions about networking.&lt;/p&gt;

&lt;p&gt;Questions about Linux.&lt;/p&gt;

&lt;p&gt;Questions about containers.&lt;/p&gt;

&lt;p&gt;Questions about DNS.&lt;/p&gt;

&lt;p&gt;Questions about how applications actually move from a laptop to production.&lt;/p&gt;

&lt;p&gt;The more I observed, the more I realized this might become one of the biggest engineering gaps of the next decade.&lt;/p&gt;

&lt;p&gt;We are producing people who can use intelligence without understanding the systems that deliver it.&lt;/p&gt;

&lt;p&gt;That is not necessarily their fault.&lt;/p&gt;

&lt;p&gt;The industry is rewarding AI skills aggressively.&lt;/p&gt;

&lt;p&gt;A teenager can build something impressive with modern AI tools in a weekend.&lt;/p&gt;

&lt;p&gt;A startup can launch faster than ever.&lt;/p&gt;

&lt;p&gt;A founder can prototype an idea without hiring a team.&lt;/p&gt;

&lt;p&gt;The barrier to building software has dropped dramatically.&lt;/p&gt;

&lt;p&gt;But there is a hidden problem.&lt;/p&gt;

&lt;p&gt;The easier software becomes to create, the easier it becomes to ignore the foundations underneath it.&lt;/p&gt;

&lt;p&gt;Nobody notices networking until production breaks.&lt;/p&gt;

&lt;p&gt;Nobody cares about DNS until customers cannot access the application.&lt;/p&gt;

&lt;p&gt;Nobody thinks about observability until incidents start costing money.&lt;/p&gt;

&lt;p&gt;Nobody thinks about infrastructure until infrastructure becomes the bottleneck.&lt;/p&gt;

&lt;p&gt;For years, engineering careers followed a predictable path.&lt;/p&gt;

&lt;p&gt;People learned operating systems.&lt;/p&gt;

&lt;p&gt;Then networking.&lt;/p&gt;

&lt;p&gt;Then servers.&lt;/p&gt;

&lt;p&gt;Then automation.&lt;/p&gt;

&lt;p&gt;Then cloud.&lt;/p&gt;

&lt;p&gt;Then architecture.&lt;/p&gt;

&lt;p&gt;Today, many people are entering through AI.&lt;/p&gt;

&lt;p&gt;That is not bad.&lt;/p&gt;

&lt;p&gt;What concerns me is when AI becomes the entire foundation rather than another layer on top of it.&lt;/p&gt;

&lt;p&gt;An engineer who understands systems can learn AI.&lt;/p&gt;

&lt;p&gt;An engineer who only understands AI may eventually struggle to understand systems.&lt;/p&gt;

&lt;p&gt;Those are very different positions to be in.&lt;/p&gt;

&lt;p&gt;I think this creates an unusual opportunity.&lt;/p&gt;

&lt;p&gt;While thousands of people are racing toward the newest AI framework, there is a smaller group quietly developing deeper infrastructure knowledge.&lt;/p&gt;

&lt;p&gt;They are learning Linux.&lt;/p&gt;

&lt;p&gt;They are learning Kubernetes.&lt;/p&gt;

&lt;p&gt;They are learning cloud architecture.&lt;/p&gt;

&lt;p&gt;They are learning reliability engineering.&lt;/p&gt;

&lt;p&gt;They are learning how large-scale systems actually behave.&lt;/p&gt;

&lt;p&gt;Ironically, these skills may become more valuable as AI adoption increases.&lt;/p&gt;

&lt;p&gt;Because every AI application still runs somewhere.&lt;/p&gt;

&lt;p&gt;Every AI service still depends on infrastructure.&lt;/p&gt;

&lt;p&gt;Every AI platform still needs security.&lt;/p&gt;

&lt;p&gt;Every AI product still needs monitoring.&lt;/p&gt;

&lt;p&gt;Every AI company still needs engineers who understand systems.&lt;/p&gt;

&lt;p&gt;The future probably does not belong to engineers who reject AI.&lt;/p&gt;

&lt;p&gt;It also probably does not belong to engineers who depend entirely on AI.&lt;/p&gt;

&lt;p&gt;The future belongs to engineers who understand both.&lt;/p&gt;

&lt;p&gt;People who can build with AI while still understanding what happens underneath the interface.&lt;/p&gt;

&lt;p&gt;As a 17-year-old cloud and DevOps engineer, this is one reason I continue spending time learning infrastructure fundamentals.&lt;/p&gt;

&lt;p&gt;Not because they are trendy.&lt;/p&gt;

&lt;p&gt;Not because they generate viral posts.&lt;/p&gt;

&lt;p&gt;But because every major technology shift in history eventually rewards people who understand the layers beneath the excitement.&lt;/p&gt;

&lt;p&gt;AI may be changing software.&lt;/p&gt;

&lt;p&gt;But systems still run the world.&lt;/p&gt;

&lt;p&gt;And right now, I think too many future engineers are forgetting that.&lt;/p&gt;

&lt;p&gt;Maybe I am wrong.&lt;/p&gt;

&lt;p&gt;Maybe AI will abstract away most of the complexity.&lt;/p&gt;

&lt;p&gt;Maybe future engineers will never need to understand networking, Linux, infrastructure, or distributed systems at a deep level.&lt;/p&gt;

&lt;p&gt;But history suggests otherwise.&lt;/p&gt;

&lt;p&gt;Every major technology shift creates a rush toward new tools and new opportunities. Yet the people who create lasting careers are usually the ones who understand what exists beneath the surface.&lt;/p&gt;

&lt;p&gt;Today, everyone is racing toward AI.&lt;/p&gt;

&lt;p&gt;I am paying attention to AI too.&lt;/p&gt;

&lt;p&gt;But I am also learning Linux, cloud architecture, containers, automation, observability, and distributed systems.&lt;/p&gt;

&lt;p&gt;Because when the hype cycle moves on, the fundamentals remain.&lt;/p&gt;

&lt;p&gt;And when production breaks at 3 AM, infrastructure still matters.&lt;/p&gt;

&lt;p&gt;I am 17 years old, building from Lagos, Nigeria.&lt;/p&gt;

&lt;p&gt;I do not have decades of experience.&lt;/p&gt;

&lt;p&gt;I do not have a large engineering team behind me.&lt;/p&gt;

&lt;p&gt;What I do have is curiosity, access to knowledge, and a belief that world-class engineering talent can emerge from anywhere.&lt;/p&gt;

&lt;p&gt;The real question is not whether AI will replace engineers.&lt;/p&gt;

&lt;p&gt;The real question is whether future engineers will still understand the systems that AI depends on.&lt;/p&gt;

&lt;p&gt;The next generation of engineers should not have to choose between AI and systems.&lt;/p&gt;

&lt;p&gt;They should master both.&lt;/p&gt;

&lt;p&gt;Because the engineers who understand intelligence and infrastructure at the same time may end up building the future everyone else talks about.&lt;/p&gt;

&lt;p&gt;I'm Edwin Jonathan — a 17-year-old self-taught DevOps Engineer building from Lagos, Nigeria. No degree, no shortcuts — just real infrastructure, real pipelines, and real results. Follow the journey: 🔗 GitHub: github.com/EdwinJdevops ✍️ Hashnode: edwinjonathand-devops.hashnode.dev 💼 Open to remote DevOps/Cloud roles globally&lt;/p&gt;

&lt;blockquote&gt;
&lt;/blockquote&gt;

</description>
      <category>ai</category>
      <category>aws</category>
      <category>cloudcomputing</category>
      <category>devops</category>
    </item>
    <item>
      <title>DRIFTGUARD</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Thu, 11 Jun 2026 15:11:36 +0000</pubDate>
      <link>https://dev.to/edwindevops/driftguard-93n</link>
      <guid>https://dev.to/edwindevops/driftguard-93n</guid>
      <description>&lt;p&gt;Hey DEV.to&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8o5w3w705vvykgrmcjpo.jpeg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8o5w3w705vvykgrmcjpo.jpeg" alt=" " width="800" height="383"&gt;&lt;/a&gt;👋&lt;/p&gt;

&lt;p&gt;I'm Edwin, a self-taught Cloud &amp;amp; DevOps Engineer from Lagos, Nigeria.&lt;/p&gt;

&lt;p&gt;I built DriftGuard because I kept watching the same thing &lt;br&gt;
happen: engineers write perfect Terraform, apply it, and &lt;br&gt;
then someone clicks around in the AWS console three weeks &lt;br&gt;
later. Security group opened. S3 encryption disabled. RDS &lt;br&gt;
made publicly accessible. Nobody knows until something &lt;br&gt;
breaks or gets breached.&lt;/p&gt;

&lt;p&gt;Driftctl is abandoned. Checkov only scans. Infracost only &lt;br&gt;
costs. Nothing combined all three with auto-remediation.&lt;/p&gt;

&lt;p&gt;So I built it.&lt;/p&gt;

&lt;p&gt;DriftGuard detects drift, scores it against CIS AWS &lt;br&gt;
Benchmarks and MITRE ATT&amp;amp;CK, calculates the monthly cost &lt;br&gt;
delta, and opens a GitHub PR with the exact Terraform HCL &lt;br&gt;
fix — automatically.&lt;/p&gt;

&lt;p&gt;Live API: &lt;a href="https://driftguard-endm.onrender.com/docs" rel="noopener noreferrer"&gt;https://driftguard-endm.onrender.com/docs&lt;/a&gt;&lt;br&gt;
GitHub: github.com/EdwinJdevops/driftguard&lt;/p&gt;

&lt;p&gt;No VC funding. No team. Built in Lagos.&lt;br&gt;
Brutal feedback welcome — that's why I'm here.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz2xpqkhu39hlbqt6w017.jpeg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz2xpqkhu39hlbqt6w017.jpeg" alt=" " width="800" height="385"&gt;&lt;/a&gt;&lt;/p&gt;

</description>
      <category>devolopertool</category>
      <category>opensource</category>
      <category>security</category>
      <category>aws</category>
    </item>
    <item>
      <title>Deployment Isn't the Hard Part. Recovery Is.</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Fri, 05 Jun 2026 13:30:31 +0000</pubDate>
      <link>https://dev.to/edwindevops/deployment-isnt-the-hard-part-recovery-is-4e2e</link>
      <guid>https://dev.to/edwindevops/deployment-isnt-the-hard-part-recovery-is-4e2e</guid>
      <description>

&lt;h1&gt;
  
  
  Deployment Isn't the Hard Part. Recovery Is.
&lt;/h1&gt;

&lt;p&gt;When I first started learning DevOps, I thought deployment was the destination.&lt;/p&gt;

&lt;p&gt;Build the application.&lt;/p&gt;

&lt;p&gt;Push the code.&lt;/p&gt;

&lt;p&gt;Deploy to production.&lt;/p&gt;

&lt;p&gt;Repeat.&lt;/p&gt;

&lt;p&gt;Simple.&lt;/p&gt;

&lt;p&gt;At least that's what most tutorials make it look like.&lt;/p&gt;

&lt;p&gt;The deeper I went into cloud engineering, the more I realized that production systems don't care how beautiful your CI/CD pipeline is.&lt;/p&gt;

&lt;p&gt;Production only cares about one thing:&lt;/p&gt;

&lt;p&gt;Can the system survive when something goes wrong?&lt;/p&gt;

&lt;p&gt;That question completely changed how I think about engineering.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Problem With Most Learning Paths
&lt;/h2&gt;

&lt;p&gt;Most people learning DevOps spend countless hours understanding deployment.&lt;/p&gt;

&lt;p&gt;How to automate builds.&lt;/p&gt;

&lt;p&gt;How to create pipelines.&lt;/p&gt;

&lt;p&gt;How to deploy containers.&lt;/p&gt;

&lt;p&gt;How to provision infrastructure.&lt;/p&gt;

&lt;p&gt;All of those things matter.&lt;/p&gt;

&lt;p&gt;But very few conversations focus on what happens after deployment.&lt;/p&gt;

&lt;p&gt;What happens if a release introduces a bug?&lt;/p&gt;

&lt;p&gt;What happens if a database migration fails?&lt;/p&gt;

&lt;p&gt;What happens if a configuration change breaks production?&lt;/p&gt;

&lt;p&gt;What happens if users start seeing errors five minutes after a successful deployment?&lt;/p&gt;

&lt;p&gt;The reality is that deployment is only the beginning of the story.&lt;/p&gt;

&lt;p&gt;The real story starts when systems encounter failure.&lt;/p&gt;

&lt;h2&gt;
  
  
  A Deployment Pipeline Is Not a Reliability Strategy
&lt;/h2&gt;

&lt;p&gt;One lesson that stood out to me is that a successful deployment doesn't automatically mean a successful release.&lt;/p&gt;

&lt;p&gt;Code can reach production perfectly and still create problems.&lt;/p&gt;

&lt;p&gt;I've seen examples where:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Deployments completed successfully.&lt;/li&gt;
&lt;li&gt;Infrastructure passed validation.&lt;/li&gt;
&lt;li&gt;Monitoring showed healthy services.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Yet users still experienced issues.&lt;/p&gt;

&lt;p&gt;That's because reliability is bigger than deployment.&lt;/p&gt;

&lt;p&gt;Reliable systems require:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Observability&lt;/li&gt;
&lt;li&gt;Monitoring&lt;/li&gt;
&lt;li&gt;Rollback strategies&lt;/li&gt;
&lt;li&gt;Feature flags&lt;/li&gt;
&lt;li&gt;Incident response procedures&lt;/li&gt;
&lt;li&gt;Recovery planning&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Without those pieces, a deployment pipeline is simply moving risk faster.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Question That Changed My Perspective
&lt;/h2&gt;

&lt;p&gt;Whenever I look at an architecture now, I ask a different question.&lt;/p&gt;

&lt;p&gt;Not:&lt;/p&gt;

&lt;p&gt;"How do we deploy this?"&lt;/p&gt;

&lt;p&gt;But:&lt;/p&gt;

&lt;p&gt;"What happens at 2 AM if this breaks?"&lt;/p&gt;

&lt;p&gt;That single question exposes weaknesses very quickly.&lt;/p&gt;

&lt;p&gt;Suddenly you're thinking about:&lt;/p&gt;

&lt;p&gt;Can we roll back safely?&lt;/p&gt;

&lt;p&gt;Do we know when something fails?&lt;/p&gt;

&lt;p&gt;How quickly can we recover?&lt;/p&gt;

&lt;p&gt;Will customers notice?&lt;/p&gt;

&lt;p&gt;Do we have enough visibility to investigate the issue?&lt;/p&gt;

&lt;p&gt;The answers to those questions often matter more than the deployment itself.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Observability Matters
&lt;/h2&gt;

&lt;p&gt;One of the most underrated parts of modern engineering is observability.&lt;/p&gt;

&lt;p&gt;Many teams invest heavily in deployment automation.&lt;/p&gt;

&lt;p&gt;Far fewer invest the same energy into understanding system behavior.&lt;/p&gt;

&lt;p&gt;Metrics tell you what happened.&lt;/p&gt;

&lt;p&gt;Logs tell you where it happened.&lt;/p&gt;

&lt;p&gt;Tracing helps explain why it happened.&lt;/p&gt;

&lt;p&gt;Without visibility, troubleshooting becomes guesswork.&lt;/p&gt;

&lt;p&gt;And guesswork becomes expensive when production is involved.&lt;/p&gt;

&lt;p&gt;The best engineers I've learned from don't just build systems.&lt;/p&gt;

&lt;p&gt;They build systems they can understand.&lt;/p&gt;

&lt;h2&gt;
  
  
  Recovery Is a Feature
&lt;/h2&gt;

&lt;p&gt;As engineers, we often think about features from a user perspective.&lt;/p&gt;

&lt;p&gt;New dashboard.&lt;/p&gt;

&lt;p&gt;New API.&lt;/p&gt;

&lt;p&gt;New functionality.&lt;/p&gt;

&lt;p&gt;But some of the most valuable features are invisible.&lt;/p&gt;

&lt;p&gt;Rollback mechanisms.&lt;/p&gt;

&lt;p&gt;Automated backups.&lt;/p&gt;

&lt;p&gt;Disaster recovery plans.&lt;/p&gt;

&lt;p&gt;Health checks.&lt;/p&gt;

&lt;p&gt;Incident runbooks.&lt;/p&gt;

&lt;p&gt;Users rarely see these things.&lt;/p&gt;

&lt;p&gt;But they benefit from them every day.&lt;/p&gt;

&lt;p&gt;Because when failure occurs, those systems quietly protect the experience.&lt;/p&gt;

&lt;h2&gt;
  
  
  What I'm Learning as a Young Engineer
&lt;/h2&gt;

&lt;p&gt;Being 17 and learning DevOps has given me an interesting perspective.&lt;/p&gt;

&lt;p&gt;The more I learn, the less I believe engineering is about knowing every tool.&lt;/p&gt;

&lt;p&gt;Tools change.&lt;/p&gt;

&lt;p&gt;Platforms evolve.&lt;/p&gt;

&lt;p&gt;Technologies come and go.&lt;/p&gt;

&lt;p&gt;The principles remain.&lt;/p&gt;

&lt;p&gt;Reliability.&lt;/p&gt;

&lt;p&gt;Resilience.&lt;/p&gt;

&lt;p&gt;Recovery.&lt;/p&gt;

&lt;p&gt;Observability.&lt;/p&gt;

&lt;p&gt;Those concepts will still matter long after today's tools are replaced by tomorrow's tools.&lt;/p&gt;

&lt;p&gt;And that realization has probably been one of the most valuable lessons in my journey so far.&lt;/p&gt;

&lt;h2&gt;
  
  
  Closing Thoughts
&lt;/h2&gt;

&lt;p&gt;I'm a 17-year-old DevOps and Cloud Engineer building from Lagos, Nigeria.&lt;/p&gt;

&lt;p&gt;I don't have decades of experience.&lt;/p&gt;

&lt;p&gt;I don't have stories from hundreds of production incidents.&lt;/p&gt;

&lt;p&gt;But every project, every deployment, every architecture diagram, and every lesson learned reinforces the same idea:&lt;/p&gt;

&lt;p&gt;Engineering isn't measured by how often things work.&lt;/p&gt;

&lt;p&gt;It's measured by how teams respond when things don't.&lt;/p&gt;

&lt;p&gt;The engineers I admire most aren't the ones who never encounter failure.&lt;/p&gt;

&lt;p&gt;They're the ones who design systems with failure in mind and build the discipline to recover quickly when it arrives.&lt;/p&gt;

&lt;p&gt;So while many people focus on shipping faster, I'm learning to focus on something different:&lt;/p&gt;

&lt;p&gt;Building systems that remain trustworthy when things go wrong.&lt;/p&gt;

&lt;p&gt;Because in the end, the goal isn't simply to deploy.&lt;/p&gt;

&lt;p&gt;The goal is to build with enough care, enough foresight, and enough responsibility that when failure eventually appears—as it always does—we're ready for it.&lt;/p&gt;

&lt;p&gt;And that's the kind of engineer I'm working to become.&lt;/p&gt;

&lt;p&gt;I'm Edwin Jonathan — a 17-year-old self-taught DevOps Engineer building from Lagos, Nigeria. No degree, no shortcuts — just real infrastructure, real pipelines, and real results. Follow the journey: 🔗 GitHub: github.com/EdwinJdevops ✍️ Hashnode: edwinjonathand-devops.hashnode.dev 💼 Open to remote DevOps/Cloud roles globally&lt;/p&gt;

</description>
      <category>aws</category>
      <category>devops</category>
      <category>sre</category>
      <category>cloudcomputing</category>
    </item>
    <item>
      <title>The Day I Realized Backups Aren't Disaster Recovery: Lessons From Building an AWS Recovery Strategy</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Wed, 03 Jun 2026 15:51:43 +0000</pubDate>
      <link>https://dev.to/edwindevops/the-day-i-realized-backups-arent-disaster-recovery-lessons-from-building-an-aws-recovery-strategy-53cf</link>
      <guid>https://dev.to/edwindevops/the-day-i-realized-backups-arent-disaster-recovery-lessons-from-building-an-aws-recovery-strategy-53cf</guid>
      <description>

&lt;h1&gt;
  
  
  The Day I Realized Backups Aren't Disaster Recovery: Lessons From Building an AWS Recovery Strategy
&lt;/h1&gt;

&lt;p&gt;One of the biggest misconceptions in cloud engineering is believing that backups automatically mean you're prepared for a disaster.&lt;/p&gt;

&lt;p&gt;I used to think the same thing.&lt;/p&gt;

&lt;p&gt;As long as snapshots existed, backups were running, and databases were stored somewhere safe, everything felt secure.&lt;/p&gt;

&lt;p&gt;Then I worked on a disaster recovery project.&lt;/p&gt;

&lt;p&gt;And I learned very quickly that recovery is a completely different problem from backup.&lt;/p&gt;

&lt;p&gt;A backup answers:&lt;/p&gt;

&lt;p&gt;"Can we restore the data?"&lt;/p&gt;

&lt;p&gt;Disaster recovery answers:&lt;/p&gt;

&lt;p&gt;"Can the business survive the outage?"&lt;/p&gt;

&lt;p&gt;Those are not the same question.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Challenge
&lt;/h2&gt;

&lt;p&gt;The environment contained critical workloads that depended heavily on database availability.&lt;/p&gt;

&lt;p&gt;The concern wasn't only data loss.&lt;/p&gt;

&lt;p&gt;The real concern was operational downtime.&lt;/p&gt;

&lt;p&gt;What happens if an AWS Region experiences an outage?&lt;/p&gt;

&lt;p&gt;What happens if a database becomes corrupted?&lt;/p&gt;

&lt;p&gt;What happens if someone accidentally deletes production data?&lt;/p&gt;

&lt;p&gt;What happens if backups exist but recovery takes several hours?&lt;/p&gt;

&lt;p&gt;Those questions completely changed how I approached the project.&lt;/p&gt;

&lt;p&gt;The focus shifted from storage to resilience.&lt;/p&gt;

&lt;h2&gt;
  
  
  The First Reality Check
&lt;/h2&gt;

&lt;p&gt;One lesson became obvious almost immediately:&lt;/p&gt;

&lt;p&gt;Everyone talks about backups.&lt;/p&gt;

&lt;p&gt;Very few people talk about recovery objectives.&lt;/p&gt;

&lt;p&gt;Before designing anything, I had to understand two critical metrics:&lt;/p&gt;

&lt;p&gt;Recovery Time Objective (RTO)&lt;/p&gt;

&lt;p&gt;How quickly must systems recover?&lt;/p&gt;

&lt;p&gt;Recovery Point Objective (RPO)&lt;/p&gt;

&lt;p&gt;How much data loss is acceptable?&lt;/p&gt;

&lt;p&gt;At first these sounded like business terms.&lt;/p&gt;

&lt;p&gt;In reality they became engineering constraints that influenced every architectural decision.&lt;/p&gt;

&lt;p&gt;A recovery requirement of fifteen minutes creates a completely different architecture from a recovery requirement of four hours.&lt;/p&gt;

&lt;p&gt;The infrastructure must reflect those expectations.&lt;/p&gt;

&lt;h2&gt;
  
  
  Database Resilience Is More Complex Than It Looks
&lt;/h2&gt;

&lt;p&gt;The project involved evaluating how databases could remain available during unexpected failures.&lt;/p&gt;

&lt;p&gt;The assumption was simple:&lt;/p&gt;

&lt;p&gt;"If the database fails, restore it."&lt;/p&gt;

&lt;p&gt;The reality was much more complicated.&lt;/p&gt;

&lt;p&gt;Database recovery introduces challenges such as:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Replication lag&lt;/li&gt;
&lt;li&gt;Data consistency&lt;/li&gt;
&lt;li&gt;Failover timing&lt;/li&gt;
&lt;li&gt;Connection management&lt;/li&gt;
&lt;li&gt;Recovery validation&lt;/li&gt;
&lt;li&gt;Application dependencies&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;A database can technically recover while the application remains completely unusable.&lt;/p&gt;

&lt;p&gt;That distinction matters.&lt;/p&gt;

&lt;p&gt;Engineering success isn't measured by whether the database comes online.&lt;/p&gt;

&lt;p&gt;It's measured by whether users can continue using the platform.&lt;/p&gt;

&lt;h2&gt;
  
  
  The AWS Services That Changed My Thinking
&lt;/h2&gt;

&lt;p&gt;Several AWS services became central to the strategy.&lt;/p&gt;

&lt;p&gt;Amazon RDS automated much of the operational burden associated with database management.&lt;/p&gt;

&lt;p&gt;Multi-AZ deployments improved availability by maintaining standby infrastructure.&lt;/p&gt;

&lt;p&gt;AWS Backup introduced centralized backup governance.&lt;/p&gt;

&lt;p&gt;Amazon CloudWatch provided visibility into operational health.&lt;/p&gt;

&lt;p&gt;What stood out wasn't the services themselves.&lt;/p&gt;

&lt;p&gt;It was how they worked together.&lt;/p&gt;

&lt;p&gt;Cloud engineering is rarely about individual tools.&lt;/p&gt;

&lt;p&gt;It's about building systems where multiple services cooperate under failure conditions.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Problem Nobody Talks About
&lt;/h2&gt;

&lt;p&gt;The hardest part of disaster recovery isn't creating backups.&lt;/p&gt;

&lt;p&gt;The hardest part is testing recovery.&lt;/p&gt;

&lt;p&gt;Many organizations confidently claim they have disaster recovery plans.&lt;/p&gt;

&lt;p&gt;Very few execute them regularly.&lt;/p&gt;

&lt;p&gt;A recovery plan that has never been tested is closer to a theory than a strategy.&lt;/p&gt;

&lt;p&gt;During the project, one of the most valuable exercises was validating assumptions.&lt;/p&gt;

&lt;p&gt;Would the recovery process actually work?&lt;/p&gt;

&lt;p&gt;Would access controls still function?&lt;/p&gt;

&lt;p&gt;Would applications reconnect correctly?&lt;/p&gt;

&lt;p&gt;Would dependencies fail unexpectedly?&lt;/p&gt;

&lt;p&gt;These questions revealed weaknesses that documentation alone could never expose.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Failure Taught Me
&lt;/h2&gt;

&lt;p&gt;The project wasn't perfect.&lt;/p&gt;

&lt;p&gt;Several assumptions turned out to be incorrect.&lt;/p&gt;

&lt;p&gt;Some recovery procedures took longer than expected.&lt;/p&gt;

&lt;p&gt;Certain dependencies behaved differently under simulated failure conditions.&lt;/p&gt;

&lt;p&gt;But those moments became the most valuable learning experiences.&lt;/p&gt;

&lt;p&gt;Cloud engineering isn't about avoiding failure.&lt;/p&gt;

&lt;p&gt;It's about understanding failure before it happens.&lt;/p&gt;

&lt;p&gt;The best engineers don't simply build systems.&lt;/p&gt;

&lt;p&gt;They design for the day those systems break.&lt;/p&gt;

&lt;h2&gt;
  
  
  What This Experience Changed For Me
&lt;/h2&gt;

&lt;p&gt;Before this project, I viewed cloud infrastructure primarily through the lens of deployment and scalability.&lt;/p&gt;

&lt;p&gt;Afterward, I started viewing infrastructure through the lens of resilience.&lt;/p&gt;

&lt;p&gt;Anyone can build a system that works.&lt;/p&gt;

&lt;p&gt;Exceptional engineers build systems that continue working when things go wrong.&lt;/p&gt;

&lt;p&gt;That mindset shift changed how I think about architecture, automation, observability, and operational excellence.&lt;/p&gt;

&lt;h2&gt;
  
  
  Final Thoughts
&lt;/h2&gt;

&lt;p&gt;As a 17-year-old building a career in DevOps and Cloud Engineering, this project reinforced something important:&lt;/p&gt;

&lt;p&gt;Technology isn't tested on good days.&lt;/p&gt;

&lt;p&gt;Technology is tested on bad days.&lt;/p&gt;

&lt;p&gt;The true measure of infrastructure isn't how it performs during normal operations.&lt;/p&gt;

&lt;p&gt;It's how quickly, safely, and reliably it recovers when the unexpected happens.&lt;/p&gt;

&lt;p&gt;And if there's one lesson I'll carry forward from this experience, it's this:&lt;/p&gt;

&lt;p&gt;Backups create confidence.&lt;/p&gt;

&lt;p&gt;Disaster recovery creates resilience.&lt;/p&gt;

&lt;p&gt;The difference between those two concepts is where some of the most important engineering decisions are made.&lt;/p&gt;

&lt;p&gt;I'm Edwin Jonathan — a 17-year-old self-taught DevOps Engineer building from Lagos, Nigeria. No degree, no shortcuts — just real infrastructure, real pipelines, and real results. Follow the journey: 🔗 GitHub: github.com/EdwinJdevops ✍️ Hashnode: edwinjonathand-devops.hashnode.dev 💼 Open to remote DevOps/Cloud roles globally&lt;/p&gt;

</description>
      <category>aws</category>
      <category>devops</category>
      <category>database</category>
      <category>cloudcomputing</category>
    </item>
    <item>
      <title>I’m 17, Building in Cloud &amp; DevOps From Nigeria — and No, My Journey Isn’t “AI Generated”</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Sat, 30 May 2026 09:31:53 +0000</pubDate>
      <link>https://dev.to/edwindevops/im-17-building-in-cloud-devops-from-nigeria-and-no-my-journey-isnt-ai-generated-d8f</link>
      <guid>https://dev.to/edwindevops/im-17-building-in-cloud-devops-from-nigeria-and-no-my-journey-isnt-ai-generated-d8f</guid>
      <description>&lt;p&gt;People assume my work is fake because they cannot imagine someone my age writing with this level of clarity, structure, and technical direction. This is the truth behind my journey.&lt;/p&gt;




&lt;h1&gt;
  
  
  I’m 17, Building in Cloud &amp;amp; DevOps From Nigeria — and No, My Journey Isn’t “AI Generated”
&lt;/h1&gt;

&lt;p&gt;There’s something strange happening in tech culture lately.&lt;/p&gt;

&lt;p&gt;The moment a young person sounds too polished, too intentional, or too technically aware, people immediately assume it’s fake.&lt;/p&gt;

&lt;p&gt;“AI wrote this.”&lt;/p&gt;

&lt;p&gt;“This experience isn’t real.”&lt;/p&gt;

&lt;p&gt;“He’s just posting motivational content.”&lt;/p&gt;

&lt;p&gt;“He’s too young to actually understand DevOps.”&lt;/p&gt;

&lt;p&gt;I’ve heard all of it.&lt;/p&gt;

&lt;p&gt;And honestly, I understand why people think that way.&lt;/p&gt;

&lt;p&gt;The internet is flooded with fake builders, fake founders, fake engineers, fake screenshots, fake lifestyles, and AI-generated expertise. Everyone wants to look senior before they’ve actually built anything meaningful.&lt;/p&gt;

&lt;p&gt;So when people see a 17-year-old from Nigeria talking seriously about Cloud Engineering, Infrastructure, DevOps culture, automation, systems thinking, and modern engineering problems, their first instinct is skepticism.&lt;/p&gt;

&lt;p&gt;Not curiosity.&lt;/p&gt;

&lt;p&gt;Skepticism.&lt;/p&gt;

&lt;p&gt;But here’s the part people don’t see.&lt;/p&gt;

&lt;p&gt;I didn’t randomly wake up one day and decide to “become a tech influencer.”&lt;/p&gt;

&lt;p&gt;I grew up around technology.&lt;/p&gt;

&lt;p&gt;Not the aesthetic version of tech.&lt;br&gt;
The real version.&lt;/p&gt;

&lt;p&gt;My parents are certified AWS developers.&lt;br&gt;
My siblings work in cybersecurity.&lt;br&gt;
Technical conversations existed around me long before I understood what DevOps even meant.&lt;/p&gt;

&lt;p&gt;While some people discovered cloud computing through trends on social media, I was already exposed to engineering environments early. I was watching how technical professionals think, communicate, solve problems, and approach systems.&lt;/p&gt;

&lt;p&gt;That exposure changes you.&lt;/p&gt;

&lt;p&gt;It changes how you write.&lt;br&gt;
It changes how you think.&lt;br&gt;
It changes how early you begin understanding technical concepts.&lt;/p&gt;

&lt;p&gt;People assume age automatically determines technical awareness.&lt;/p&gt;

&lt;p&gt;It doesn’t.&lt;/p&gt;

&lt;p&gt;Environment matters.&lt;br&gt;
Exposure matters.&lt;br&gt;
Consistency matters.&lt;/p&gt;

&lt;p&gt;And most importantly: obsession matters.&lt;/p&gt;

&lt;p&gt;I’ve wanted to become a developer since I was young.&lt;br&gt;
Not because it looked cool online.&lt;br&gt;
Because I genuinely loved technology.&lt;/p&gt;

&lt;p&gt;What people call “too polished” is actually years of observation, curiosity, and immersion.&lt;/p&gt;

&lt;p&gt;Now let me clear something else up.&lt;/p&gt;

&lt;p&gt;Being young in tech is not some magical advantage.&lt;/p&gt;

&lt;p&gt;In many ways, it’s a disadvantage.&lt;/p&gt;

&lt;p&gt;People rarely take you seriously.&lt;br&gt;
Recruiters assume you’re inexperienced before speaking to you.&lt;br&gt;
Some professionals automatically dismiss your opinions because of your age.&lt;br&gt;
And when your communication is strong, they assume AI is carrying you.&lt;/p&gt;

&lt;p&gt;Ironically, if my writing was worse, people would probably believe me more.&lt;/p&gt;

&lt;p&gt;But I refuse to intentionally sound smaller just to make people comfortable.&lt;/p&gt;

&lt;p&gt;I take writing seriously because communication is part of engineering.&lt;/p&gt;

&lt;p&gt;A lot of engineers underestimate this.&lt;/p&gt;

&lt;p&gt;You can be technically skilled and still become invisible because you cannot communicate clearly.&lt;/p&gt;

&lt;p&gt;Documentation matters.&lt;br&gt;
Architecture discussions matter.&lt;br&gt;
Writing matters.&lt;br&gt;
Technical storytelling matters.&lt;/p&gt;

&lt;p&gt;The best engineers are not just builders.&lt;br&gt;
They are translators of complexity.&lt;/p&gt;

&lt;p&gt;That’s something I’m intentionally developing early.&lt;/p&gt;

&lt;p&gt;And no, that doesn’t mean I know everything.&lt;/p&gt;

&lt;p&gt;Far from it.&lt;/p&gt;

&lt;p&gt;I’m still learning.&lt;br&gt;
Still studying.&lt;br&gt;
Still building.&lt;br&gt;
Still failing.&lt;br&gt;
Still figuring things out one step at a time.&lt;/p&gt;

&lt;p&gt;I am not a “senior engineer.”&lt;br&gt;
I don’t pretend to be one.&lt;/p&gt;

&lt;p&gt;What I am is focused.&lt;/p&gt;

&lt;p&gt;I spend time studying cloud infrastructure, DevOps workflows, automation culture, system reliability, CI/CD concepts, and engineering communication because I genuinely care about this path.&lt;/p&gt;

&lt;p&gt;Not for clout.&lt;br&gt;
Not for aesthetics.&lt;br&gt;
Not because “tech is paying.”&lt;/p&gt;

&lt;p&gt;Because I want to become exceptional.&lt;/p&gt;

&lt;p&gt;There’s also a deeper issue underneath all this.&lt;/p&gt;

&lt;p&gt;A lot of people are uncomfortable seeing young Africans think globally.&lt;/p&gt;

&lt;p&gt;Especially when the presentation doesn’t match the stereotype they expect.&lt;/p&gt;

&lt;p&gt;People are used to seeing teenagers online joke around, chase trends, or seek attention.&lt;/p&gt;

&lt;p&gt;So when someone from a Nigerian background starts discussing infrastructure resilience, engineering culture, cloud systems, and technical growth with seriousness, it breaks the mental model they already had.&lt;/p&gt;

&lt;p&gt;And when people cannot explain something quickly, they often dismiss it.&lt;/p&gt;

&lt;p&gt;But none of that changes reality.&lt;/p&gt;

&lt;p&gt;I know where I’m starting from.&lt;br&gt;
I know what I’m building toward.&lt;br&gt;
And I know this journey is real.&lt;/p&gt;

&lt;p&gt;Not perfected.&lt;br&gt;
Not finished.&lt;br&gt;
Real.&lt;/p&gt;

&lt;p&gt;I’m still at the beginning.&lt;/p&gt;

&lt;p&gt;But beginnings matter.&lt;/p&gt;

&lt;p&gt;One thing I’ve learned already is this:&lt;/p&gt;

&lt;p&gt;The tech industry respects visible execution over explanations.&lt;/p&gt;

&lt;p&gt;So instead of arguing endlessly with doubters, I’d rather continue building.&lt;/p&gt;

&lt;p&gt;Continue learning.&lt;br&gt;
Continue writing.&lt;br&gt;
Continue improving.&lt;br&gt;
Continue documenting the process honestly.&lt;/p&gt;

&lt;p&gt;Because over time, consistency exposes what is real.&lt;/p&gt;

&lt;p&gt;Not noise.&lt;br&gt;
Not hype.&lt;br&gt;
Not performance.&lt;/p&gt;

&lt;p&gt;Consistency.&lt;/p&gt;

&lt;p&gt;And maybe this article isn’t even about defending myself.&lt;/p&gt;

&lt;p&gt;Maybe it’s about documenting a reality many young builders experience but rarely talk about openly.&lt;/p&gt;

&lt;p&gt;Being underestimated.&lt;br&gt;
Being doubted.&lt;br&gt;
Being questioned before being understood.&lt;/p&gt;

&lt;p&gt;Especially when you are young.&lt;br&gt;
Especially when you are African.&lt;br&gt;
Especially when your ambition sounds “too big” for your environment.&lt;/p&gt;

&lt;p&gt;But ambition is not delusion.&lt;/p&gt;

&lt;p&gt;Sometimes it is simply vision arriving earlier than validation.&lt;/p&gt;

&lt;p&gt;And for anyone young, overlooked, underestimated, or constantly accused of “trying too hard” because they care deeply about their future:&lt;/p&gt;

&lt;p&gt;Keep building anyway.&lt;/p&gt;

&lt;p&gt;One day the same things people mocked will become the exact reasons they respect you.&lt;/p&gt;

&lt;p&gt;And when that day comes, let your work speak louder than your frustration ever did.&lt;br&gt;
I am not writing this as a senior engineer.&lt;/p&gt;

&lt;p&gt;I am writing this as a 17-year-old Nigerian building toward that future every single day.&lt;/p&gt;

&lt;p&gt;I do not have decades of experience.&lt;br&gt;
I do not have a long list of enterprise projects behind my name.&lt;br&gt;
And I do not claim to have all the answers.&lt;/p&gt;

&lt;p&gt;What I do have is curiosity, discipline, access to an environment that exposed me to technology early, and a commitment to keep learning long after the excitement fades.&lt;/p&gt;

&lt;p&gt;The goal was never to impress people with my age.&lt;/p&gt;

&lt;p&gt;The goal was always to become the kind of engineer whose work, thinking, and consistency speak for themselves.&lt;/p&gt;

&lt;p&gt;If there is one thing I hope people take away from this article, it is that potential should never be measured only by age, location, or background.&lt;/p&gt;

&lt;p&gt;Great engineers are not built overnight.&lt;/p&gt;

&lt;p&gt;They are built through years of learning, failing, improving, and showing up when nobody is watching.&lt;/p&gt;

&lt;p&gt;This is only the beginning of my journey.&lt;/p&gt;

&lt;p&gt;And years from now, when I look back at this article, I hope it serves as proof that every accomplished engineer once started as a beginner with a vision that others could not yet see.&lt;/p&gt;

&lt;p&gt;Until then, I'll keep learning, keep building, and keep earning every opportunity that comes my way.&lt;/p&gt;

&lt;p&gt;One system.&lt;br&gt;
One project.&lt;br&gt;
One lesson at a time.&lt;br&gt;
I'm Edwin Jonathan — a 17-year-old self-taught DevOps Engineer building from Lagos, Nigeria. No degree, no shortcuts — just real infrastructure, real pipelines, and real results. Follow the journey: 🔗 GitHub: github.com/EdwinJdevops ✍️ Hashnode: edwinjonathand-devops.hashnode.dev 💼 Open to remote DevOps/Cloud roles globally&lt;/p&gt;

</description>
      <category>devops</category>
      <category>aws</category>
      <category>cloudcomputing</category>
      <category>career</category>
    </item>
    <item>
      <title>Why Most “Senior” DevOps Engineers Are Building Fragile Infrastructure — And Why the Industry Rewards It</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Sat, 23 May 2026 09:30:23 +0000</pubDate>
      <link>https://dev.to/edwindevops/why-most-senior-devops-engineers-are-building-fragile-infrastructure-and-why-the-industry-4l5i</link>
      <guid>https://dev.to/edwindevops/why-most-senior-devops-engineers-are-building-fragile-infrastructure-and-why-the-industry-4l5i</guid>
      <description>&lt;p&gt;For years, the tech industry has sold an illusion.&lt;/p&gt;

&lt;p&gt;The illusion is that more tools automatically mean better engineering.&lt;/p&gt;

&lt;p&gt;More Kubernetes operators.&lt;br&gt;
More CI/CD layers.&lt;br&gt;
More observability stacks.&lt;br&gt;
More Terraform modules.&lt;br&gt;
More dashboards.&lt;br&gt;
More YAML.&lt;br&gt;
More abstraction.&lt;/p&gt;

&lt;p&gt;And somewhere in the middle of this chaos, the industry quietly stopped valuing one thing:&lt;/p&gt;

&lt;p&gt;Infrastructure that actually survives pressure.&lt;/p&gt;

&lt;p&gt;Modern DevOps culture has become dangerously addicted to complexity disguised as innovation.&lt;/p&gt;

&lt;p&gt;A shocking number of “production-grade” systems today are nothing more than fragile towers of automation held together by copied GitHub repositories, AI-generated scripts, and engineers who have never experienced real infrastructure failure under pressure.&lt;/p&gt;

&lt;p&gt;And the uncomfortable truth is this:&lt;/p&gt;

&lt;p&gt;The industry rewards it.&lt;/p&gt;

&lt;p&gt;Tech companies reward engineers for shipping fast, not for building systems that survive long-term operational stress.&lt;/p&gt;

&lt;p&gt;Recruiters reward keyword stacking over systems thinking.&lt;/p&gt;

&lt;p&gt;Startups reward velocity over resilience.&lt;/p&gt;

&lt;p&gt;Cloud providers reward increased consumption, not simplicity.&lt;/p&gt;

&lt;p&gt;The result?&lt;/p&gt;

&lt;p&gt;An entire generation of infrastructure engineers building systems they themselves cannot manually recover if automation fails.&lt;/p&gt;

&lt;p&gt;That is not engineering.&lt;/p&gt;

&lt;p&gt;That is dependency.&lt;/p&gt;

&lt;p&gt;And eventually, dependency becomes fragility.&lt;/p&gt;

&lt;p&gt;The Kubernetes Illusion&lt;/p&gt;

&lt;p&gt;Kubernetes is one of the greatest engineering platforms ever built.&lt;/p&gt;

&lt;p&gt;It is also one of the most abused.&lt;/p&gt;

&lt;p&gt;Thousands of engineers deploy Kubernetes clusters they do not fully understand because the industry convinced them that using Kubernetes automatically makes infrastructure “advanced.”&lt;/p&gt;

&lt;p&gt;It does not.&lt;/p&gt;

&lt;p&gt;A badly engineered Kubernetes cluster is infinitely more dangerous than a well-designed VM architecture.&lt;/p&gt;

&lt;p&gt;But saying this publicly almost feels illegal in DevOps spaces.&lt;/p&gt;

&lt;p&gt;Why?&lt;/p&gt;

&lt;p&gt;Because modern engineering culture is heavily tied to optics.&lt;/p&gt;

&lt;p&gt;Companies want to appear “cloud-native.”&lt;/p&gt;

&lt;p&gt;Engineers want to appear “senior.”&lt;/p&gt;

&lt;p&gt;Recruiters want resumes filled with buzzwords.&lt;/p&gt;

&lt;p&gt;So organizations deploy infrastructure complexity they do not operationally deserve yet.&lt;/p&gt;

&lt;p&gt;Then incidents happen.&lt;/p&gt;

&lt;p&gt;Then engineers panic.&lt;/p&gt;

&lt;p&gt;Then Slack channels explode.&lt;/p&gt;

&lt;p&gt;Then companies realize their infrastructure documentation was never truly written.&lt;/p&gt;

&lt;p&gt;Then they discover their production environment depends on one engineer who just resigned.&lt;/p&gt;

&lt;p&gt;This is happening far more often than the industry admits publicly.&lt;/p&gt;

&lt;p&gt;The Real Skill Gap Nobody Talks About&lt;/p&gt;

&lt;p&gt;The biggest gap in DevOps is not Kubernetes.&lt;/p&gt;

&lt;p&gt;It is operational maturity.&lt;/p&gt;

&lt;p&gt;Most engineers today know how to deploy.&lt;/p&gt;

&lt;p&gt;Far fewer know how to recover.&lt;/p&gt;

&lt;p&gt;And recovery is the true test of engineering.&lt;/p&gt;

&lt;p&gt;Can you restore production manually if CI/CD dies?&lt;/p&gt;

&lt;p&gt;Can you recover infrastructure if Terraform state becomes corrupted?&lt;/p&gt;

&lt;p&gt;Can you operate during DNS failure?&lt;/p&gt;

&lt;p&gt;Can your monitoring survive partial outages?&lt;/p&gt;

&lt;p&gt;Can your systems degrade gracefully instead of collapsing entirely?&lt;/p&gt;

&lt;p&gt;Most companies never test these scenarios seriously.&lt;/p&gt;

&lt;p&gt;Because resilience engineering is not glamorous on LinkedIn.&lt;/p&gt;

&lt;p&gt;Failure testing does not go viral.&lt;/p&gt;

&lt;p&gt;But during real incidents, none of the fancy dashboards matter.&lt;/p&gt;

&lt;p&gt;Only architecture quality matters.&lt;/p&gt;

&lt;p&gt;The AI Problem Nobody Wants to Say Out Loud&lt;/p&gt;

&lt;p&gt;AI is making junior engineers faster.&lt;/p&gt;

&lt;p&gt;But it is also making weak engineers look temporarily competent.&lt;/p&gt;

&lt;p&gt;This is creating a dangerous new category inside tech:&lt;/p&gt;

&lt;p&gt;Engineers who can generate infrastructure, but cannot reason about infrastructure.&lt;/p&gt;

&lt;p&gt;There is a massive difference.&lt;/p&gt;

&lt;p&gt;The future elite engineers will not be the people who generate the most YAML with AI.&lt;/p&gt;

&lt;p&gt;They will be the engineers who understand systems deeply enough to detect when AI-generated infrastructure is architecturally dangerous.&lt;/p&gt;

&lt;p&gt;Because AI can produce syntactically correct disaster at scale.&lt;/p&gt;

&lt;p&gt;And many companies are already merging generated configurations into production environments with minimal review.&lt;/p&gt;

&lt;p&gt;That should concern everyone.&lt;/p&gt;

&lt;p&gt;**&lt;/p&gt;

&lt;h2&gt;
  
  
  What Actually Makes an Elite Infrastructure Engineer
&lt;/h2&gt;

&lt;p&gt;**&lt;br&gt;
Not certificates.&lt;/p&gt;

&lt;p&gt;Not buzzwords.&lt;/p&gt;

&lt;p&gt;Not posting “Day 47 of Learning Kubernetes.”&lt;/p&gt;

&lt;p&gt;Not collecting tools like Pokémon cards.&lt;/p&gt;

&lt;p&gt;Elite engineers think differently.&lt;/p&gt;

&lt;p&gt;They optimize for:&lt;/p&gt;

&lt;p&gt;Survivability&lt;br&gt;
Simplicity&lt;br&gt;
Recovery&lt;br&gt;
Operational clarity&lt;br&gt;
Failure containment&lt;br&gt;
Observability with purpose&lt;br&gt;
Low cognitive load&lt;br&gt;
Long-term maintainability&lt;/p&gt;

&lt;p&gt;The best infrastructures often look deceptively simple.&lt;/p&gt;

&lt;p&gt;Because true engineering maturity removes unnecessary complexity.&lt;/p&gt;

&lt;p&gt;Immature engineering adds complexity to appear intelligent.&lt;/p&gt;

&lt;p&gt;Senior engineering removes it.&lt;/p&gt;

&lt;p&gt;**&lt;/p&gt;

&lt;h2&gt;
  
  
  What Young Engineers Should Understand Early
&lt;/h2&gt;

&lt;p&gt;**&lt;/p&gt;

&lt;p&gt;The industry will constantly pressure you to perform intelligence instead of building competence.&lt;/p&gt;

&lt;p&gt;Resist that pressure.&lt;/p&gt;

&lt;p&gt;Do not become addicted to surface-level engineering.&lt;/p&gt;

&lt;p&gt;Most people are chasing titles.&lt;br&gt;
Very few are studying systems deeply.&lt;/p&gt;

&lt;p&gt;If you truly want to stand out globally as an engineer:&lt;/p&gt;

&lt;p&gt;Study failures.&lt;/p&gt;

&lt;p&gt;Study outages.&lt;/p&gt;

&lt;p&gt;Study architecture tradeoffs.&lt;/p&gt;

&lt;p&gt;Study why systems collapse.&lt;/p&gt;

&lt;p&gt;Study why recovery processes fail.&lt;/p&gt;

&lt;p&gt;Study why supposedly “highly available” systems still go down.&lt;/p&gt;

&lt;p&gt;That knowledge separates infrastructure operators from infrastructure engineers.&lt;/p&gt;

&lt;p&gt;**&lt;/p&gt;

&lt;h2&gt;
  
  
  My Own Shift in Thinking
&lt;/h2&gt;

&lt;p&gt;**&lt;/p&gt;

&lt;p&gt;At 17, I started realizing something uncomfortable:&lt;/p&gt;

&lt;p&gt;Many infrastructures online looked impressive visually but weak operationally.&lt;/p&gt;

&lt;p&gt;Beautiful dashboards.&lt;br&gt;
Terrible resilience.&lt;/p&gt;

&lt;p&gt;Massive cloud bills.&lt;br&gt;
Poor architecture decisions.&lt;/p&gt;

&lt;p&gt;Complex pipelines.&lt;br&gt;
Weak recovery strategy.&lt;/p&gt;

&lt;p&gt;So I stopped obsessing over looking advanced.&lt;/p&gt;

&lt;p&gt;I started obsessing over understanding systems pressure.&lt;/p&gt;

&lt;p&gt;That mindset changed how I approached automation, cloud engineering, security tooling, Kubernetes, and infrastructure design.&lt;/p&gt;

&lt;p&gt;I became less interested in “more tooling.”&lt;/p&gt;

&lt;p&gt;And more interested in:&lt;/p&gt;

&lt;p&gt;**&lt;/p&gt;

&lt;h2&gt;
  
  
  “What happens when everything fails?”
&lt;/h2&gt;

&lt;p&gt;**&lt;br&gt;
That single question changes how you engineer permanently.&lt;br&gt;
**&lt;/p&gt;

&lt;p&gt;Final Thought&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn5ysyg1wqnmyktc8ktb6.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn5ysyg1wqnmyktc8ktb6.png" alt=" " width="800" height="457"&gt;&lt;/a&gt;&lt;br&gt;
**&lt;br&gt;
The next generation of elite DevOps engineers will not win because they know the most tools.&lt;/p&gt;

&lt;p&gt;They will win because they understand infrastructure deeply enough to reduce fragility in an industry addicted to complexity.&lt;/p&gt;

&lt;p&gt;And when the industry finally realizes that reliability matters more than hype, a lot of “senior” engineers are going to look extremely unprepared.&lt;/p&gt;

&lt;p&gt;I'm Edwin Jonathan — a 17-year-old self-taught DevOps Engineer building from Lagos, Nigeria. No degree, no shortcuts — just real infrastructure, real pipelines, and real results. Follow the journey: 🔗 GitHub: github.com/EdwinJdevops ✍️ Hashnode: edwinjonathand-devops.hashnode.dev 💼 Open to remote DevOps/Cloud ro&lt;/p&gt;

</description>
      <category>devops</category>
      <category>cloudcomputing</category>
      <category>kubernetes</category>
      <category>sre</category>
    </item>
    <item>
      <title>How I Used OIDC to Eliminate Static AWS Keys from GitHub Actions (Real Pipeline Walkthrough)</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Wed, 06 May 2026 11:45:58 +0000</pubDate>
      <link>https://dev.to/edwindevops/how-i-used-oidc-to-eliminate-static-aws-keys-from-github-actions-real-pipeline-walkthrough-4dpo</link>
      <guid>https://dev.to/edwindevops/how-i-used-oidc-to-eliminate-static-aws-keys-from-github-actions-real-pipeline-walkthrough-4dpo</guid>
      <description>&lt;p&gt;Static AWS access keys in GitHub Actions secrets is how &lt;br&gt;
production environments get breached.&lt;/p&gt;

&lt;p&gt;Here's how I replaced every static key with OIDC federation &lt;br&gt;
for the Damolak Technologies DevOps challenge — &lt;br&gt;
and why you should too.&lt;/p&gt;




&lt;p&gt;The Problem With Static Keys&lt;/p&gt;

&lt;p&gt;When you do this:&lt;br&gt;
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}&lt;br&gt;
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}&lt;br&gt;
 You have a long-lived credential sitting in GitHub that:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Never rotates automatically&lt;/li&gt;
&lt;li&gt;Has blast radius if the repo is compromised&lt;/li&gt;
&lt;li&gt;Violates least-privilege by existing at all&lt;/li&gt;
&lt;/ul&gt;




&lt;p&gt;The Fix: OIDC&lt;/p&gt;

&lt;p&gt;GitHub Actions supports OIDC token exchange with AWS.&lt;br&gt;
Your pipeline requests a short-lived token. AWS validates it &lt;br&gt;
against a trust policy. No stored credentials.&lt;/p&gt;

&lt;p&gt;Step 1 — IAM OIDC Provider&lt;/p&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
hcl
resource "aws_iam_openid_connect_provider" "github" {
  url             = "https://token.actions.githubusercontent.com"
  client_id_list  = ["sts.amazonaws.com"]
  thumbprint_list = ["6938fd4d98bab03faadb97b34396831e3780aea1"]
}

Step 2 — Trust Policy (scoped to YOUR repo):
{
  "Condition": {
    "StringLike": {
      "token.actions.githubusercontent.com:sub": 
        "repo:EdwinJdevops/damolak-challenge:ref:refs/heads/main"
    }
  }
}

This means ONLY your main branch can assume this role.
A fork cannot. A PR branch cannot. Exact scope.

Step 3 — GitHub Actions Workflow
permissions:
  id-token: write
  contents: read

- name: Configure AWS credentials
  uses: aws-actions/configure-aws-credentials@v4
  with:
    role-to-assume: arn:aws:iam::ACCOUNT_ID:role/github-actions-role
    aws-region: us-east-1
That's it. No secrets stored. Token lives for 15 minutes.

**The Full Pipeline I Shipped
**
OIDC auth → ECR login → Docker build + push →
ECS Fargate rolling deploy → ALB health check
33 AWS resources provisioned by Terraform.
Live endpoint behind ALB.
Zero static credentials anywhere in the stack.
Full repo: github.com/EdwinJdevops/damolak-challenge.

Connect:https://hashnode.com/@jonathandevops
Connect:https://www.linkedin.com/in/edwin-jonathan-1094093b0
Connect:https://x.com/TheCloudDeveng
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

</description>
      <category>devops</category>
      <category>aws</category>
      <category>githubactions</category>
      <category>terraform</category>
    </item>
    <item>
      <title>I Built a Production-Grade Internal Developer Platform at 17 — Full Architecture</title>
      <dc:creator>Edwin Jonathan</dc:creator>
      <pubDate>Sun, 03 May 2026 15:23:10 +0000</pubDate>
      <link>https://dev.to/edwindevops/i-built-a-production-grade-internal-developer-platform-at-17-full-architecture-id6</link>
      <guid>https://dev.to/edwindevops/i-built-a-production-grade-internal-developer-platform-at-17-full-architecture-id6</guid>
      <description>&lt;p&gt;The Problem&lt;/p&gt;

&lt;p&gt;Most engineers deploy to Kubernetes by clicking buttons in a UI. &lt;br&gt;
That's not DevOps. That's manual labor with extra steps.&lt;/p&gt;

&lt;p&gt;I built Archnet — a fully automated Internal Developer Platform &lt;br&gt;
that handles deployments, secrets, observability, and self-healing &lt;br&gt;
with zero human intervention after setup.&lt;/p&gt;

&lt;p&gt;What is an Internal Developer Platform?&lt;/p&gt;

&lt;p&gt;An IDP is the infrastructure layer that sits between your code &lt;br&gt;
and your cloud. It handles:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;How code gets deployed&lt;/li&gt;
&lt;li&gt;How secrets are managed&lt;/li&gt;
&lt;li&gt;How the system monitors itself&lt;/li&gt;
&lt;li&gt;How failures get detected and fixed&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Most companies pay Humanitec or Backstage $50k+/month for this.&lt;br&gt;
I built it from scratch.&lt;/p&gt;

&lt;p&gt;The Architecture:&lt;/p&gt;

&lt;p&gt;Developer pushes code to GitHub&lt;br&gt;
↓&lt;br&gt;
GitHub Actions builds + scans the image&lt;br&gt;
↓&lt;br&gt;
Docker image pushed to registry&lt;br&gt;
↓&lt;br&gt;
ArgoCD detects manifest change in Git&lt;br&gt;
↓&lt;br&gt;
ArgoCD syncs to k3s Kubernetes cluster&lt;br&gt;
↓&lt;br&gt;
Prometheus scrapes metrics from all pods&lt;br&gt;
↓&lt;br&gt;
Grafana visualizes — AlertManager fires on anomalies&lt;br&gt;
↓&lt;br&gt;
Loki aggregates all logs&lt;/p&gt;

&lt;p&gt;Tech Stack &amp;amp; Why&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;k3s over kubeadm&lt;/strong&gt;&lt;br&gt;
Single binary. Boots in under 5 minutes. &lt;br&gt;
Full Kubernetes API. Production-proven by Rancher.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;ArgoCD over Flux&lt;/strong&gt;&lt;br&gt;
Better UI for drift visibility. Multi-cluster support. &lt;br&gt;
Stronger RBAC controls. Built-in auto-remediation.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Sealed-Secrets over HashiCorp Vault&lt;/strong&gt;&lt;br&gt;
No external dependencies. Secrets live encrypted in Git.&lt;br&gt;
Only the cluster can decrypt. Zero operational overhead.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Prometheus + Grafana over Datadog&lt;/strong&gt;&lt;br&gt;
Full data ownership. No per-host billing.&lt;br&gt;
Custom retention. Industry standard.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;GitHub Actions over Jenkins&lt;/strong&gt;&lt;br&gt;
No server to maintain. Native Git integration.&lt;br&gt;
YAML pipelines. Free for public repos.&lt;/p&gt;

&lt;h2&gt;
  
  
  The GitOps Model
&lt;/h2&gt;

&lt;p&gt;Everything is declarative. No imperative commands in production.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;You commit a change to Git&lt;/li&gt;
&lt;li&gt;ArgoCD detects the drift between Git and cluster state&lt;/li&gt;
&lt;li&gt;ArgoCD automatically syncs — no human needed&lt;/li&gt;
&lt;li&gt;If a pod crashes, ArgoCD detects and resyncs&lt;/li&gt;
&lt;li&gt;Prometheus fires an alert, Grafana shows the anomaly&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;This is self-healing infrastructure.&lt;/p&gt;

&lt;p&gt;Security Hardening&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Network policies: default deny all, explicit allow per service&lt;/li&gt;
&lt;li&gt;RBAC: least-privilege service accounts per workload&lt;/li&gt;
&lt;li&gt;Sealed-Secrets: no plaintext secrets anywhere&lt;/li&gt;
&lt;li&gt;Trivy: scans every image before it touches the cluster&lt;/li&gt;
&lt;li&gt;Audit logging: every API call recorded&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Observability Stack
&lt;/h2&gt;

&lt;p&gt;Three pillars:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Metrics&lt;/strong&gt; — Prometheus collects from every pod&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Logs&lt;/strong&gt; — Loki aggregates from every container&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Alerts&lt;/strong&gt; — AlertManager fires to Slack on anomalies&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Dashboards track: cluster health, pod restarts, &lt;br&gt;
deployment status, ArgoCD sync state, node memory/CPU.&lt;/p&gt;

&lt;h2&gt;
  
  
  What I Learned
&lt;/h2&gt;

&lt;p&gt;Real DevOps is not about knowing commands.&lt;br&gt;
It's about designing systems that run themselves.&lt;/p&gt;

&lt;p&gt;Observability is not optional — if you can't see it, &lt;br&gt;
you can't fix it.&lt;/p&gt;

&lt;p&gt;Security must be designed in from day one.&lt;br&gt;
Not bolted on after.&lt;/p&gt;

&lt;p&gt;Git is not just version control. &lt;br&gt;
In GitOps, Git is your deployment engine.&lt;/p&gt;

&lt;p&gt;The Repo&lt;/p&gt;

&lt;p&gt;Full open source: github.com/EdwinJdevops/ARCHNET&lt;/p&gt;

&lt;p&gt;Architecture docs, tech decisions, security model, &lt;br&gt;
CI/CD pipeline, Terraform IaC — all documented.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who I Am
&lt;/h2&gt;

&lt;p&gt;17-year-old self-taught DevOps Engineer from Nigeria.&lt;br&gt;
Building infrastructure that enterprises pay millions for.&lt;/p&gt;

&lt;p&gt;Available for DevOps, Cloud, and Platform Engineering roles globally.&lt;/p&gt;




&lt;p&gt;If this helped you — share it. &lt;br&gt;
If you're hiring — let's talk.&lt;/p&gt;

&lt;p&gt;Originally published on Hashnode: [&lt;a href="https://edwinjonathand-devops.hashnode.dev/" rel="noopener noreferrer"&gt;https://edwinjonathand-devops.hashnode.dev/&lt;/a&gt;]&lt;/p&gt;

</description>
      <category>devops</category>
      <category>kubernetes</category>
      <category>gitops</category>
      <category>productivity</category>
    </item>
  </channel>
</rss>
