<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Pravesh Sudha</title>
    <description>The latest articles on DEV Community by Pravesh Sudha (@pravesh_sudha_3c2b0c2b5e0).</description>
    <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1805492%2F62f81727-4167-4aa7-9890-40fa2d850525.png</url>
      <title>DEV Community: Pravesh Sudha</title>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/pravesh_sudha_3c2b0c2b5e0"/>
    <language>en</language>
    <item>
      <title>🤔 If Data Survives in Deployments, Why Do We Need StatefulSets?</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Mon, 01 Jun 2026 17:56:01 +0000</pubDate>
      <link>https://dev.to/aws-builders/if-data-survives-in-deployments-why-do-we-need-statefulsets-31km</link>
      <guid>https://dev.to/aws-builders/if-data-survives-in-deployments-why-do-we-need-statefulsets-31km</guid>
      <description>&lt;p&gt;Hola Amigos 👋&lt;/p&gt;

&lt;p&gt;Welcome to the second episode of &lt;strong&gt;K8s with Pravesh&lt;/strong&gt;. If you're new to the series, check out the &lt;a href="https://dev.to/aws-builders/kubernetes-for-beginners-deploying-an-nginx-node-redis-application-1o7h"&gt;first episode&lt;/a&gt; where we learned how Deployments and Services work under the hood.&lt;/p&gt;

&lt;p&gt;Most people believe that StatefulSets are needed because Deployments lose data. But is that actually true?&lt;/p&gt;

&lt;p&gt;In today's blog, we'll answer this question by exploring &lt;strong&gt;StatefulSets vs Deployments&lt;/strong&gt; through a practical hands-on demonstration.&lt;/p&gt;




&lt;h2&gt;
  
  
  🚀 Getting Started
&lt;/h2&gt;

&lt;p&gt;Head over to my &lt;a href="https://github.com/Pravesh-Sudha/K8s_with_Pravesh" rel="noopener noreferrer"&gt;GitHub&lt;/a&gt; repository, fork it under your own GitHub account, and clone the code:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git clone https://github.com/&amp;lt;your-username&amp;gt;/K8s_with_Pravesh.git
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Navigate to the project directory:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;cd &lt;/span&gt;K8s_with_Pravesh/part-02-statefulsets/configs
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Here you'll find:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Secrets and ConfigMaps&lt;/li&gt;
&lt;li&gt;Deployment manifest&lt;/li&gt;
&lt;li&gt;StatefulSet manifest&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;First, apply the Secrets and ConfigMaps. These contain the MySQL password, database name, and MySQL initialization script.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl apply &lt;span class="nt"&gt;-f&lt;/span&gt; secrets-and-config.yml
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h2&gt;
  
  
  🧪 Experiment 1: Deployment + PVC
&lt;/h2&gt;

&lt;p&gt;Now let's apply our Deployment manifest.&lt;/p&gt;

&lt;p&gt;This file contains:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Persistent Volume Claim (PVC)&lt;/li&gt;
&lt;li&gt;Deployment&lt;/li&gt;
&lt;li&gt;Service&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Apply it using:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl apply &lt;span class="nt"&gt;-f&lt;/span&gt; deployment.yml
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Once the pod is running, we'll create a sample record inside MySQL, delete the pod, and verify whether the data survives.&lt;/p&gt;

&lt;p&gt;Get the pod name:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pods
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Connect to MySQL:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl &lt;span class="nb"&gt;exec&lt;/span&gt; &lt;span class="nt"&gt;-it&lt;/span&gt; mysql-XXXXXX-XXXX &lt;span class="nt"&gt;--&lt;/span&gt; mysql &lt;span class="nt"&gt;-uroot&lt;/span&gt; &lt;span class="nt"&gt;-p&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Enter the password:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Pravesh
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;(You can change this value in the &lt;code&gt;secrets-and-config.yml&lt;/code&gt; file.)&lt;/p&gt;

&lt;p&gt;Inside MySQL, run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight sql"&gt;&lt;code&gt;&lt;span class="n"&gt;USE&lt;/span&gt; &lt;span class="n"&gt;crud_app&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="k"&gt;INSERT&lt;/span&gt; &lt;span class="k"&gt;INTO&lt;/span&gt; &lt;span class="n"&gt;users&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;name&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="n"&gt;email&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="n"&gt;password&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;span class="k"&gt;VALUES&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="s1"&gt;'Pravesh'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="s1"&gt;'pravesh@example.com'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="s1"&gt;'secret'&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Exit MySQL:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;exit&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdkx7o38um3o7rz3pkau0.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdkx7o38um3o7rz3pkau0.png" alt=" " width="800" height="488"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Delete the pod:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl delete pod mysql-XXXXXX-XXXX
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Wait for Kubernetes to create a replacement pod:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pods
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Connect to the new pod:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl &lt;span class="nb"&gt;exec&lt;/span&gt; &lt;span class="nt"&gt;-it&lt;/span&gt; mysql-XXXXXX-XXXX &lt;span class="nt"&gt;--&lt;/span&gt; mysql &lt;span class="nt"&gt;-uroot&lt;/span&gt; &lt;span class="nt"&gt;-p&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight sql"&gt;&lt;code&gt;&lt;span class="n"&gt;USE&lt;/span&gt; &lt;span class="n"&gt;crud_app&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="k"&gt;SELECT&lt;/span&gt; &lt;span class="o"&gt;*&lt;/span&gt; &lt;span class="k"&gt;FROM&lt;/span&gt; &lt;span class="n"&gt;users&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33f1trg1hhd6yv83jgzk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33f1trg1hhd6yv83jgzk.png" alt=" " width="800" height="523"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;You'll notice that the data is still there.&lt;/p&gt;

&lt;h3&gt;
  
  
  Wait... The Data Survived?
&lt;/h3&gt;

&lt;p&gt;At this point, many people expect the data to disappear because we're using a Deployment.&lt;/p&gt;

&lt;p&gt;However, the data survived.&lt;/p&gt;

&lt;p&gt;So the obvious question becomes:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;If data survives in a Deployment, why do we even need StatefulSets?&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;The answer is simple.&lt;/p&gt;

&lt;p&gt;The data survived because we attached a Persistent Volume Claim (PVC) to the MySQL container. The PVC preserved the data, not the Deployment.&lt;/p&gt;

&lt;p&gt;In other words:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Pod
 ↓
PVC
 ↓
Persistent Storage
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The pod can disappear and be recreated, but the storage remains intact.&lt;/p&gt;




&lt;h2&gt;
  
  
  🧪 Experiment 2: StatefulSet
&lt;/h2&gt;

&lt;p&gt;Now let's perform the same experiment using a StatefulSet.&lt;/p&gt;

&lt;p&gt;Apply the StatefulSet manifest:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl apply &lt;span class="nt"&gt;-f&lt;/span&gt; statefulset.yml
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Wait for the pod to start:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pods
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You'll notice that the pod has a predictable name:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;mysql-0
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Connect to MySQL:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl &lt;span class="nb"&gt;exec&lt;/span&gt; &lt;span class="nt"&gt;-it&lt;/span&gt; mysql-0 &lt;span class="nt"&gt;--&lt;/span&gt; mysql &lt;span class="nt"&gt;-uroot&lt;/span&gt; &lt;span class="nt"&gt;-p&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Insert another record:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight sql"&gt;&lt;code&gt;&lt;span class="n"&gt;USE&lt;/span&gt; &lt;span class="n"&gt;crud_app&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="k"&gt;INSERT&lt;/span&gt; &lt;span class="k"&gt;INTO&lt;/span&gt; &lt;span class="n"&gt;users&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;name&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="n"&gt;email&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="n"&gt;password&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;span class="k"&gt;VALUES&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="s1"&gt;'Pravesh'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="s1"&gt;'pravesh@example.com'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="s1"&gt;'secret'&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Exit MySQL:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;exit&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Delete the pod:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl delete pod mysql-0
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Wait for Kubernetes to recreate it:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pods
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Notice something interesting:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;mysql-0
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The pod name remains exactly the same.&lt;/p&gt;

&lt;p&gt;Connect again:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl &lt;span class="nb"&gt;exec&lt;/span&gt; &lt;span class="nt"&gt;-it&lt;/span&gt; mysql-0 &lt;span class="nt"&gt;--&lt;/span&gt; mysql &lt;span class="nt"&gt;-uroot&lt;/span&gt; &lt;span class="nt"&gt;-p&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Verify the data:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight sql"&gt;&lt;code&gt;&lt;span class="n"&gt;USE&lt;/span&gt; &lt;span class="n"&gt;crud_app&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="k"&gt;SELECT&lt;/span&gt; &lt;span class="o"&gt;*&lt;/span&gt; &lt;span class="k"&gt;FROM&lt;/span&gt; &lt;span class="n"&gt;users&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The data survived once again.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuhrvjl76cydxxtspynmh.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuhrvjl76cydxxtspynmh.png" alt=" " width="800" height="288"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🤨 So What Is the Real Difference?
&lt;/h2&gt;

&lt;p&gt;Let's inspect the PVCs:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pvc
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fahije381wzyr9kunw7lz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fahije381wzyr9kunw7lz.png" alt=" " width="799" height="172"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;With StatefulSets, each replica gets its own dedicated PVC.&lt;/p&gt;

&lt;p&gt;For example:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;mysql-data-mysql-0
mysql-data-mysql-1
mysql-data-mysql-2
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This creates a stable relationship between a pod and its storage.&lt;/p&gt;

&lt;p&gt;StatefulSets manage a group of pods while maintaining a sticky identity for each pod. Unlike Deployments, StatefulSet pods are not interchangeable.&lt;/p&gt;

&lt;p&gt;Each pod receives:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A stable hostname&lt;/li&gt;
&lt;li&gt;A stable network identity&lt;/li&gt;
&lt;li&gt;Persistent storage&lt;/li&gt;
&lt;li&gt;Ordered deployment and termination&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Even if a pod is rescheduled, it retains its identity.&lt;/p&gt;

&lt;h2&gt;
  
  
  When Should You Use StatefulSets?
&lt;/h2&gt;

&lt;p&gt;StatefulSets are valuable when your application requires:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Stable, unique network identifiers&lt;/li&gt;
&lt;li&gt;Stable, persistent storage&lt;/li&gt;
&lt;li&gt;Ordered, graceful deployment and scaling&lt;/li&gt;
&lt;li&gt;Ordered rolling updates&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Common examples include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;MySQL&lt;/li&gt;
&lt;li&gt;PostgreSQL&lt;/li&gt;
&lt;li&gt;Kafka&lt;/li&gt;
&lt;li&gt;ZooKeeper&lt;/li&gt;
&lt;li&gt;Redis Clusters&lt;/li&gt;
&lt;li&gt;Elasticsearch&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Deployment vs StatefulSet
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Feature&lt;/th&gt;
&lt;th&gt;Deployment&lt;/th&gt;
&lt;th&gt;StatefulSet&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Data Persistence&lt;/td&gt;
&lt;td&gt;✅ With PVC&lt;/td&gt;
&lt;td&gt;✅ With PVC&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Stable Pod Name&lt;/td&gt;
&lt;td&gt;❌&lt;/td&gt;
&lt;td&gt;✅&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Stable Network Identity&lt;/td&gt;
&lt;td&gt;❌&lt;/td&gt;
&lt;td&gt;✅&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Dedicated Storage Per Replica&lt;/td&gt;
&lt;td&gt;❌&lt;/td&gt;
&lt;td&gt;✅&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Ordered Startup/Shutdown&lt;/td&gt;
&lt;td&gt;❌&lt;/td&gt;
&lt;td&gt;✅&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;A common misconception is that StatefulSets exist because Deployments cannot persist data. As we saw in this blog, that isn't entirely true.&lt;/p&gt;

&lt;p&gt;A Deployment can preserve data just fine when paired with a Persistent Volume Claim. The PVC is responsible for data persistence, not the Deployment itself.&lt;/p&gt;

&lt;p&gt;The real strength of StatefulSets lies in providing stable identities, predictable networking, dedicated storage per replica, and ordered deployment behavior. These features make StatefulSets the ideal choice for databases and other stateful distributed systems.&lt;/p&gt;

&lt;p&gt;If you're running stateless applications such as frontend applications, REST APIs, or microservices, Deployments are usually the right choice. But when your workloads require stable identities and persistent state, StatefulSets become essential.&lt;/p&gt;

&lt;p&gt;I hope this hands-on comparison helped clarify the difference between Deployments and StatefulSets.&lt;/p&gt;

&lt;p&gt;See you in the next episode of &lt;strong&gt;K8s with Pravesh&lt;/strong&gt;! 🚀&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Connect With Me
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Website: &lt;a href="https://praveshsudha.com" rel="noopener noreferrer"&gt;https://praveshsudha.com&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;Blog: &lt;a href="https://blog.praveshsudha.com" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;LinkedIn: &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha/&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;X (Twitter): &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;https://x.com/praveshstwt&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;YouTube: &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;https://www.youtube.com/@pravesh-sudha&lt;/a&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you found this article helpful, consider sharing it with your network and following the series for upcoming Kubernetes content.&lt;/p&gt;

</description>
      <category>kubernetes</category>
      <category>devops</category>
      <category>automation</category>
      <category>beginners</category>
    </item>
    <item>
      <title>Here's why your Prompt is WRONG 😑</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Fri, 29 May 2026 17:48:43 +0000</pubDate>
      <link>https://dev.to/aws-builders/heres-why-your-prompt-is-wrong-3dlm</link>
      <guid>https://dev.to/aws-builders/heres-why-your-prompt-is-wrong-3dlm</guid>
      <description>&lt;p&gt;The right prompt is no longer just a skill — it is becoming a necessity in this fast-paced world where almost everything is driven by AI chatbots and agents.&lt;/p&gt;

&lt;p&gt;A lot of people think AI gives bad results because the model is not powerful enough, but in most cases, the real issue is the prompt itself.&lt;/p&gt;

&lt;p&gt;In today’s blog, we will uncover some of the most useful AI prompting techniques that can help you write better prompts and get significantly better results.&lt;/p&gt;




&lt;h2&gt;
  
  
  1. Zero-Shot Prompting
&lt;/h2&gt;

&lt;p&gt;This is the most common prompting technique among beginners. Almost everyone starts from this approach.&lt;/p&gt;

&lt;p&gt;In Zero-Shot Prompting, you directly ask the AI what you need in a brief and specific way without giving any prior examples.&lt;/p&gt;

&lt;p&gt;For example:&lt;/p&gt;

&lt;p&gt;Instead of writing:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;“Generate me a Kubernetes Deployment file”&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2mz44fm6hk9hh5fp68bq.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2mz44fm6hk9hh5fp68bq.png" alt=" " width="800" height="573"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;You can write:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;“Generate ONLY a Kubernetes Deployment file”&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjbr3c84fbyy7sl0xqn9z.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjbr3c84fbyy7sl0xqn9z.png" alt=" " width="799" height="573"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;This small change cuts out unnecessary explanations, extra commands, and long guides that AI models often generate by default.&lt;/p&gt;

&lt;p&gt;Zero-Shot Prompting works best for popular or familiar use cases where the AI already has strong contextual understanding.&lt;/p&gt;

&lt;p&gt;Another advantage of this approach is lower token usage. In the screenshots above, you can notice that the token usage is almost 30% lower compared to longer prompts. This becomes extremely important in large organizations where APIs frequently interact with AI systems at scale.&lt;/p&gt;




&lt;h2&gt;
  
  
  2. Few-Shot Prompting
&lt;/h2&gt;

&lt;p&gt;In this approach, before giving the actual task, we first provide the AI with a few examples.&lt;/p&gt;

&lt;p&gt;This helps the model become context-aware and understand the expected style, structure, or format of the output.&lt;/p&gt;

&lt;p&gt;Few-Shot Prompting is especially useful when organizations want responses to follow a particular standard rather than simply generating the “ideal” answer.&lt;/p&gt;

&lt;p&gt;For example, if a company wants all incident reports, YAML files, or summaries to follow a fixed structure, giving examples beforehand helps maintain consistency.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;For Fun: I have attached a SuperHero Example&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy7onv8rewotzy9eldae4.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy7onv8rewotzy9eldae4.png" alt=" " width="799" height="318"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  3. Multi-Shot Prompting
&lt;/h2&gt;

&lt;p&gt;Multi-Shot Prompting is very similar to Few-Shot Prompting, but instead of providing a few examples, we provide many examples for even better contextual understanding.&lt;/p&gt;

&lt;p&gt;The advantage is usually better and more refined output quality.&lt;/p&gt;

&lt;p&gt;However, the downside is increased token consumption because the input becomes significantly larger due to additional examples.&lt;/p&gt;

&lt;p&gt;This is a tradeoff between output quality and cost efficiency.&lt;/p&gt;




&lt;h2&gt;
  
  
  4. Chain of Thought Prompting
&lt;/h2&gt;

&lt;p&gt;Chain of Thought Prompting encourages the AI to break down complex reasoning tasks into intermediate steps before generating the final answer.&lt;/p&gt;

&lt;p&gt;For example:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;“Explain why this deployment failed in a step-by-step manner.”&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;This technique is extremely useful for debugging, analysis, problem-solving, and learning deeply about a topic instead of just scratching the surface.&lt;/p&gt;

&lt;p&gt;It is especially beneficial for curious minds who want to understand &lt;em&gt;why&lt;/em&gt; something happened rather than simply receiving the final answer.&lt;/p&gt;




&lt;h2&gt;
  
  
  5. RAG (Retrieval-Augmented Generation)
&lt;/h2&gt;

&lt;p&gt;RAG is not exactly a prompting technique, but more of a workflow approach used alongside prompting.&lt;/p&gt;

&lt;p&gt;In this method, the AI is connected to external data sources such as databases, PDFs, internal documents, or APIs.&lt;/p&gt;

&lt;p&gt;Instead of relying solely on its internal training data, the model retrieves relevant information from these external sources before generating a response.&lt;/p&gt;

&lt;p&gt;This helps produce more accurate, contextual, and up-to-date answers.&lt;/p&gt;

&lt;p&gt;RAG is widely used in AI agents, enterprise chatbots, documentation assistants, and knowledge-based systems.&lt;/p&gt;




&lt;h2&gt;
  
  
  Final Thoughts
&lt;/h2&gt;

&lt;p&gt;Writing an efficient prompt is not as difficult as it seems.&lt;/p&gt;

&lt;p&gt;It simply involves understanding which technique works best for your specific use case.&lt;/p&gt;

&lt;p&gt;Experiment with different prompting approaches, observe the outputs, and gradually build your own prompting style.&lt;/p&gt;

&lt;p&gt;If you liked this blog, make sure to follow me on &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;LinkedIn&lt;/a&gt;, &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;Twitter&lt;/a&gt;, and &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;YouTube&lt;/a&gt; where I regularly share my learnings around AI, DevOps, and technology.&lt;/p&gt;

&lt;p&gt;Till then,&lt;/p&gt;

&lt;p&gt;Adios 👋&lt;/p&gt;

</description>
      <category>ai</category>
      <category>promptengineering</category>
      <category>programming</category>
      <category>beginners</category>
    </item>
    <item>
      <title>🤫 Firebase Is Quietly Preparing for an Offline-First AI Future</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Fri, 22 May 2026 17:10:50 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/firebase-is-quietly-preparing-for-an-offline-first-ai-future-5die</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/firebase-is-quietly-preparing-for-an-offline-first-ai-future-5die</guid>
      <description>&lt;p&gt;&lt;a href="https://www.youtube.com/live/lMEfqmyRMA8" rel="noopener noreferrer"&gt;Firebase&lt;/a&gt; announcements at Google I/O 2026 covered an array of products and features, but the one that grabbed my attention the most was Firebase itself. Most people are understandably focused on Gemini integrations, AI Studio, and the new SQL capabilities inside Firebase, but I believe there is something deeper happening underneath these announcements.&lt;/p&gt;

&lt;p&gt;Firebase introduced offline caching support, which helps applications remain responsive even in little or no connectivity. Combined with local and hybrid AI inference, this suggests that Firebase is quietly moving toward an offline-first, hybrid-intelligence model.&lt;/p&gt;

&lt;p&gt;A large number of companies are transitioning to the cloud because of the convenience of not managing physical infrastructure and data servers. However, cloud dependency comes with its own trade-offs. Heavy reliance on cloud infrastructure introduces dependence on continuous high-speed internet connectivity, recurring subscription costs, and potential vendor lock-in.&lt;/p&gt;

&lt;p&gt;The reality is that not every place in the world has fast and stable internet connectivity. Offline caching can help reduce cloud costs while improving application responsiveness, even in low-connectivity environments.&lt;/p&gt;




&lt;h2&gt;
  
  
  Modern Applications Are Too Cloud Dependent
&lt;/h2&gt;

&lt;p&gt;Modern applications often assume that users:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;have constant internet access,&lt;/li&gt;
&lt;li&gt;can perform fast cloud API calls with low latency,&lt;/li&gt;
&lt;li&gt;and are always connected to online AI services.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;In reality, connectivity is far from universal, especially in rural areas, trains, crowded public networks, and emerging markets such as India.&lt;/p&gt;

&lt;p&gt;AI has further increased cloud dependence because AI applications continuously send prompts, images, voice data, and user content to remote servers. This increases:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;latency,&lt;/li&gt;
&lt;li&gt;cloud costs,&lt;/li&gt;
&lt;li&gt;bandwidth usage,&lt;/li&gt;
&lt;li&gt;and potential privacy concerns.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;As a result, “smart applications” can quickly become fragile applications when internet connectivity is lost. AI features stop functioning, synchronization fails, and the overall user experience degrades significantly.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Firebase Actually Announced
&lt;/h2&gt;

&lt;p&gt;Firebase introduced custom resolvers, allowing developers to extend Firebase Data Connect beyond Cloud SQL and integrate additional data sources. Alongside this, realtime sync improves application UX by enabling live updates and synchronization across devices.&lt;/p&gt;

&lt;p&gt;However, the most interesting feature, in my opinion, is offline cache support, which helps applications remain responsive even with limited or no connectivity. Firebase AI Logic also supports local inference with cloud fallback, allowing certain AI workloads to run directly on-device while heavier tasks can still rely on cloud infrastructure when required.&lt;/p&gt;

&lt;p&gt;Additionally, Firebase AI Logic simplifies the integration of generative AI features without requiring extensive server-side setup. It supports multiple programming languages, including Kotlin, Java, Swift, and Flutter.&lt;/p&gt;

&lt;p&gt;Taken together, these are not isolated features. Firebase appears to be gradually reducing dependence on centralized cloud execution.&lt;/p&gt;




&lt;h2&gt;
  
  
  Firebase Is Moving Toward an Offline-First AI Architecture
&lt;/h2&gt;

&lt;p&gt;With offline caching, applications can remain usable even without network connectivity by treating local application state as a first-class component. Synchronization can happen later once connectivity is restored. This improves responsiveness, resilience, and overall application UX while reducing the frequency of frustrating “No Internet Connection” screens.&lt;/p&gt;

&lt;p&gt;Local AI inference also changes the compute model. Instead of every AI request depending entirely on cloud APIs, certain AI tasks can now happen directly on-device. For example, in an AI-powered note-taking application, features such as summarization, translation, smart suggestions, and classification could potentially run locally without continuously communicating with remote servers.&lt;/p&gt;

&lt;p&gt;For heavier reasoning tasks, hybrid inference becomes important. Lightweight tasks can execute locally, while more computationally intensive operations can seamlessly fall back to cloud models when necessary. This creates a distributed intelligence model where computation is shared between the device and the cloud.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why This Matters for Emerging Markets
&lt;/h2&gt;

&lt;p&gt;Many cloud-first applications are designed around assumptions that often reflect:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Silicon Valley-like infrastructure conditions,&lt;/li&gt;
&lt;li&gt;premium hardware,&lt;/li&gt;
&lt;li&gt;and stable high-speed internet connectivity.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;However, the ground reality is very different for billions of users around the world. Many people rely on affordable Android devices and unstable mobile networks.&lt;/p&gt;

&lt;p&gt;Hybrid architectures can help address this gap by enabling:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;lower latency,&lt;/li&gt;
&lt;li&gt;reduced bandwidth usage,&lt;/li&gt;
&lt;li&gt;partially offline AI experiences,&lt;/li&gt;
&lt;li&gt;and better accessibility.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is particularly important for regions such as India, Africa, and Southeast Asia, where connectivity challenges still exist despite massive growth in smartphone adoption.&lt;/p&gt;




&lt;h2&gt;
  
  
  The Bigger Industry Shift
&lt;/h2&gt;

&lt;p&gt;With the rapid growth of AI, the industry is gradually moving toward edge AI. Examples include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;on-device Gemini,&lt;/li&gt;
&lt;li&gt;Apple Intelligence,&lt;/li&gt;
&lt;li&gt;AI NPUs in smartphones,&lt;/li&gt;
&lt;li&gt;and local LLMs.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The future of AI may not remain fully centralized. Instead, intelligence may become distributed across devices, edge systems, and cloud infrastructure working together collaboratively.&lt;/p&gt;




&lt;h2&gt;
  
  
  Critique and Challenges
&lt;/h2&gt;

&lt;p&gt;Like any architectural shift, this approach also comes with trade-offs.&lt;/p&gt;

&lt;p&gt;Local AI inference introduces the challenge of device fragmentation. Not all devices are capable of handling local AI workloads efficiently. On-device inference can also increase battery consumption and thermal load.&lt;/p&gt;

&lt;p&gt;Hybrid architectures are often more difficult to monitor, debug, and optimize compared to traditional centralized cloud systems.&lt;/p&gt;

&lt;p&gt;There is also the issue of vendor lock-in. Heavy dependence on tools such as  Firebase, Gemini, and the broader Google Cloud ecosystem could limit developer flexibility over time.&lt;/p&gt;

&lt;p&gt;Finally, local models still have computational limitations compared to larger cloud-hosted models.&lt;/p&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;I believe the Firebase announcements at Google I/O 2026 were not simply about adding more AI capabilities. They reflected a broader shift in how modern applications may operate in the future: less dependent on permanent connectivity, more resilient at the edge, and increasingly capable of running intelligence closer to the user.&lt;/p&gt;

&lt;p&gt;The most important AI infrastructure trend may not be larger models alone, but the gradual movement of intelligence from centralized cloud systems toward user devices themselves.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;If you liked the blog, consider sharing it among your peers and follow me on &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;Linkedin&lt;/a&gt;, &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;Twitter&lt;/a&gt; and subscribe to my &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;Youtube Channel&lt;/a&gt;.&lt;/p&gt;
&lt;/blockquote&gt;

</description>
      <category>devchallenge</category>
      <category>googleiochallenge</category>
      <category>firebase</category>
      <category>ai</category>
    </item>
    <item>
      <title>🚀 Democratizing Frontier AI for Bharat: Gemma 4’s Edge Capabilities in Low-Resource Environments</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Mon, 18 May 2026 12:57:02 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/democratizing-frontier-ai-for-bharat-gemma-4s-edge-capabilities-in-low-resource-environments-b34</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/democratizing-frontier-ai-for-bharat-gemma-4s-edge-capabilities-in-low-resource-environments-b34</guid>
      <description>&lt;p&gt;&lt;em&gt;This is a submission for the &lt;a href="https://dev.to/challenges/google-gemma-2026-05-06"&gt;Gemma 4 Challenge: Write About Gemma 4&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;How Google’s open-weight Gemma 4 models are shifting AI from a Silicon Valley luxury to a practical tool for India’s primary sector and developers working at the edge.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;h3&gt;
  
  
  Introduction: The Ground Reality
&lt;/h3&gt;

&lt;p&gt;India is set to solidify its position as the world’s most populous nation. Yet, even in 2025-26, &lt;strong&gt;around 43%&lt;/strong&gt; of its workforce remains employed in the primary sector — agriculture, animal husbandry, and allied activities. For millions of farmers in rural Rajasthan, Haryana, or Bihar, AI is still largely an abstract, distant concept.&lt;/p&gt;

&lt;p&gt;A mustard farmer in rural Rajasthan dealing with crop infestation or a livestock owner in a tier-3 town cannot rely on cloud-first AI. High latency, expensive USD-billed APIs, and poor or intermittent internet make frontier models inaccessible. This is where the paradigm must shift — from &lt;strong&gt;cloud-first&lt;/strong&gt; to &lt;strong&gt;edge-first&lt;/strong&gt; architecture.&lt;/p&gt;

&lt;p&gt;Google’s &lt;strong&gt;Gemma 4&lt;/strong&gt; family, particularly its edge-optimized models (E2B and E4B), represents a meaningful step in that direction.&lt;/p&gt;




&lt;h3&gt;
  
  
  Why Gemma 4 is Different for Bharat
&lt;/h3&gt;

&lt;p&gt;Gemma 4 stands out because of its intentional design for real-world constraints:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Apache 2.0 license&lt;/strong&gt; — Fully open weights with commercial freedom.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Edge-optimized models&lt;/strong&gt; — E2B (2.3 billion effective parameters) and E4B are built for phones, tablets, and single-board computers like Raspberry Pi.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Native Multimodal&lt;/strong&gt; — Text + high-resolution images + audio (especially strong on E2B/E4B).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Multilingual strength&lt;/strong&gt; — Pre-trained on over 140 languages, with strong performance on Indian languages and dialects.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Long context&lt;/strong&gt; — Up to 128K tokens on edge models, enabling richer reasoning.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Getting started is surprisingly simple.&lt;/strong&gt; Download the free &lt;strong&gt;Google AI Edge Gallery&lt;/strong&gt; app (available on Android and iOS), select the Gemma 4 E2B model (~2.5 GB download), and you have a fully offline multimodal AI assistant on your phone. Once downloaded, it works without internet — text chat, image analysis, and voice input all run locally.&lt;/p&gt;




&lt;h3&gt;
  
  
  Real-World Performance: Benchmarks on Edge Hardware
&lt;/h3&gt;

&lt;p&gt;Performance numbers show why this is viable for low-resource settings:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Model Size &amp;amp; Memory&lt;/strong&gt;: E2B quantized (INT4/Q4) has a ~2.58 GB footprint and runs in &lt;strong&gt;1.5–3 GB RAM&lt;/strong&gt; on devices, making it accessible on mid-range smartphones and Raspberry Pi.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Raspberry Pi 5 (16GB)&lt;/strong&gt;: Prefill &lt;strong&gt;133 tokens/sec&lt;/strong&gt;, Decode &lt;strong&gt;7.6–8 tokens/sec&lt;/strong&gt;, Peak memory &lt;strong&gt;~1.5 GB&lt;/strong&gt;. This is usable for batch advice, diagnostic reports, or non-real-time assistance.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;High-end Android (e.g., Samsung S26 Ultra)&lt;/strong&gt;: Decode speeds reach &lt;strong&gt;47–52 tokens/sec&lt;/strong&gt; on CPU and over &lt;strong&gt;50 tokens/sec&lt;/strong&gt; on GPU, with first-token latency under 2 seconds.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;iOS Devices&lt;/strong&gt;: Similar strong performance, especially on newer flagships.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These benchmarks prove that capable multimodal AI no longer requires expensive cloud GPUs or high-end laptops. A ₹8,000–15,000 smartphone or a ₹5,000–8,000 Raspberry Pi can now deliver practical intelligence offline.&lt;/p&gt;




&lt;h3&gt;
  
  
  On-the-Ground Use Cases: AI That Farmers Can Actually Use
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Visual Diagnostics&lt;/strong&gt;: A farmer points their phone at diseased leaves or livestock. Gemma 4 processes the image locally and suggests possible issues and remedies.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Voice Interaction in Mother Tongue&lt;/strong&gt;: Thanks to strong multilingual capabilities, users can speak in Hindi, Rajasthani, Haryanvi, or other regional languages. The model understands intent without clumsy translation layers. “Kos-kos par badle paani, chaar kos par vaani” (The water changes every few miles, and the speech every fourth) — Gemma 4’s broad language coverage helps bridge this diversity.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Agentic Assistance&lt;/strong&gt;: Beyond simple Q&amp;amp;A, the model supports multi-step reasoning and tool use, making it suitable for practical workflows like “Analyze this crop image, suggest next steps considering common local practices.”&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Market &amp;amp; Supply Chain&lt;/strong&gt;: Quick offline quality assessment of produce or basic price trend insights when connectivity returns.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These capabilities turn a regular smartphone — now owned by a large majority of the population — into a personal Krishi advisor.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgm6okkwc5uv72naewilu.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgm6okkwc5uv72naewilu.jpg" alt="Father getting solution to their problem on phone" width="800" height="335"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h3&gt;
  
  
  The DevOps Reckoning: From Cloud Comfort to Edge Reality
&lt;/h3&gt;

&lt;p&gt;As someone who has spent years in AI + DevOps, I’ve lived the cloud-native comfort zone: auto-scaling clusters, infinite compute, low-latency pipelines on AWS/GCP. That architecture collapses spectacularly when you try shipping frontier AI to rural India.&lt;/p&gt;

&lt;p&gt;Deploying Gemma 4 at the edge forces us to relearn core principles:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. Orchestration: Hard Limits Over Auto-Scaling&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Swap EKS/GKE for lightweight solutions like &lt;strong&gt;K3s&lt;/strong&gt; or Docker Compose on edge nodes. Use cgroups and strict memory caps so multimodal inference doesn’t crash the host device (critical on phones or shared village Raspberry Pi hubs).&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Artifacts: Quantization as a First-Class CI/CD Stage&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The model itself becomes the build artifact. Integrate automated INT4/INT8 quantization (using tools like llama.cpp or LiteRT) into your pipelines. Ship deltas and LoRA adapters instead of full models.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Delivery: Pull-Based GitOps for Sporadic Networks&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Traditional push-based deployments fail offline. Design pull-based agents that sync during network windows — downloading only necessary updates or adapters.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. New Observability&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Monitor battery drain, thermal throttling, and inference latency on diverse low-resource hardware. “High availability” now means the system works when the farmer needs it most — even with zero bars of signal.&lt;/p&gt;




&lt;h3&gt;
  
  
  Cloud vs Edge: Indian Context Comparison
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Aspect&lt;/th&gt;
&lt;th&gt;Cloud-First Models&lt;/th&gt;
&lt;th&gt;Gemma 4 Edge Models&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Cost&lt;/td&gt;
&lt;td&gt;Recurring API fees (USD)&lt;/td&gt;
&lt;td&gt;One-time hardware, free inference&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Internet Requirement&lt;/td&gt;
&lt;td&gt;High&lt;/td&gt;
&lt;td&gt;Fully offline capable&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Data Privacy&lt;/td&gt;
&lt;td&gt;Data leaves the device&lt;/td&gt;
&lt;td&gt;Stays local&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Language Support&lt;/td&gt;
&lt;td&gt;English-first&lt;/td&gt;
&lt;td&gt;Strong 140+ languages&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Latency&lt;/td&gt;
&lt;td&gt;Variable (network dependent)&lt;/td&gt;
&lt;td&gt;Near-instant local&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Deployment Control&lt;/td&gt;
&lt;td&gt;Vendor locked&lt;/td&gt;
&lt;td&gt;Full ownership (Apache 2.0)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Suitability for Rural Bharat&lt;/td&gt;
&lt;td&gt;Limited&lt;/td&gt;
&lt;td&gt;Purpose-built&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;




&lt;h3&gt;
  
  
  Challenges We Must Address
&lt;/h3&gt;

&lt;p&gt;No technology is perfect. Key issues include:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Risk of hallucinations in critical advice (needs verification loops or hybrid human-AI systems).&lt;/li&gt;
&lt;li&gt;Need for domain-specific fine-tuning on Indian crop/livestock datasets.&lt;/li&gt;
&lt;li&gt;Energy and thermal constraints on very low-end devices.&lt;/li&gt;
&lt;li&gt;Last-mile distribution and digital literacy.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These are engineering + ecosystem problems we can solve together.&lt;/p&gt;




&lt;h3&gt;
  
  
  Conclusion: Engineering for the 43%
&lt;/h3&gt;

&lt;p&gt;The true frontier of AI is not in multi-million dollar clusters in Silicon Valley. It is being forged at the rugged edge — in the hands of farmers, extension workers, and developers who understand local realities.&lt;/p&gt;

&lt;p&gt;Gemma 4 won’t solve every problem overnight, but it lowers the barrier dramatically. By embracing edge-first design with open models, we shift DevOps responsibility from managing cloud bills to solving real constraints: every kilobyte, unpredictable networks, and diverse hardware.&lt;/p&gt;

&lt;p&gt;It’s time to stop building only for the comfortable few. Frontier engineering should level the playing field for Bharat.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Let’s build for the 43%.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If you find the Article useful, make sure to share it among your socials, tagging me on &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;Linkedin&lt;/a&gt;, &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;Twitter&lt;/a&gt;. &lt;br&gt;
Checkout my &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;Youtube Channel&lt;br&gt;
&lt;/a&gt;&lt;/p&gt;

</description>
      <category>devchallenge</category>
      <category>gemmachallenge</category>
      <category>gemma</category>
      <category>ai</category>
    </item>
    <item>
      <title>🚀 Kubernetes for Beginners: Deploying an Nginx–Node–Redis Application</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Fri, 03 Apr 2026 12:55:17 +0000</pubDate>
      <link>https://dev.to/aws-builders/kubernetes-for-beginners-deploying-an-nginx-node-redis-application-1o7h</link>
      <guid>https://dev.to/aws-builders/kubernetes-for-beginners-deploying-an-nginx-node-redis-application-1o7h</guid>
      <description>&lt;blockquote&gt;
&lt;p&gt;Understanding Services, ConfigMaps, Deployments, and health checks with my WAY!&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Hola Amigos! 👋&lt;/p&gt;

&lt;p&gt;Today, we are embarking on a brand new series: &lt;strong&gt;K8s with Pravesh&lt;/strong&gt; 🚀 — where we’ll break down Kubernetes, understand what it really is, and more importantly, how you can &lt;em&gt;actually&lt;/em&gt; use it in a practical, no-BS way.&lt;/p&gt;

&lt;p&gt;In today’s blog, we’ll dive into the fundamentals — &lt;strong&gt;Deployments, Services, and ConfigMaps&lt;/strong&gt; — and use them to deploy a &lt;strong&gt;three-tier application on Minikube&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Now you might be thinking… &lt;em&gt;“What’s new here? There are already thousands of blogs doing the same thing.”&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;And honestly, you’re not wrong.&lt;/p&gt;

&lt;p&gt;But hold your horses for a second 🐎&lt;/p&gt;

&lt;p&gt;This isn’t just another “apply this YAML and it works” kind of tutorial. We’re going to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Understand &lt;strong&gt;what’s really happening under the hood&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Debug real issues (yes, the ones that &lt;em&gt;actually&lt;/em&gt; happen)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And build intuition so you don’t just run Kubernetes… you &lt;strong&gt;get it&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;So let’s dive in. 🔥&lt;/p&gt;




&lt;h2&gt;
  
  
  🛠️ Pre-Requisites
&lt;/h2&gt;

&lt;p&gt;Before we dive deep, there are a couple of things you need to have set up. Nothing fancy — just the essentials to get your Kubernetes playground up and running.&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 Docker / Docker Desktop
&lt;/h3&gt;

&lt;p&gt;We’ll be running Minikube using Docker, so make sure you have Docker installed on your system.&lt;/p&gt;

&lt;p&gt;👉 Install it from here: &lt;a href="https://docs.docker.com/get-started/get-docker/" rel="noopener noreferrer"&gt;https://docs.docker.com/get-started/get-docker/&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 Minikube
&lt;/h3&gt;

&lt;p&gt;Think of Minikube as your &lt;strong&gt;personal Kubernetes cluster&lt;/strong&gt; — lightweight, local, and perfect for experimenting and learning all the cool stuff without needing a cloud setup.&lt;/p&gt;

&lt;p&gt;👉 Download it from here: &lt;a href="https://minikube.sigs.k8s.io/docs/start/?arch=%2Fmacos%2Farm64%2Fstable%2Fbinary+download" rel="noopener noreferrer"&gt;https://minikube.sigs.k8s.io/docs/start/?arch=%2Fmacos%2Farm64%2Fstable%2Fbinary+download&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🎥 Practical Demonstration
&lt;/h2&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/ZYlRwMf4lYA"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;




&lt;h2&gt;
  
  
  🤔 What is Kubernetes (K8s)?
&lt;/h2&gt;

&lt;p&gt;At its core, &lt;strong&gt;Kubernetes is a container orchestration tool&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Now that sounds fancy, but let’s simplify it a bit.&lt;/p&gt;

&lt;p&gt;Think of Kubernetes as a &lt;strong&gt;Head Chef in a restaurant&lt;/strong&gt; 👨‍🍳 It makes sure:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Everyone is doing their job properly&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Work is flowing smoothly&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And if something breaks… it steps in and fixes it&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;That’s the &lt;em&gt;layman definition&lt;/em&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  The Real Meaning
&lt;/h3&gt;

&lt;p&gt;In technical terms, Kubernetes is responsible for:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Managing containers&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Scaling them&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Ensuring they are always running&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Handling communication between them&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;You can think of it as an advanced version of Docker Compose — but built for &lt;strong&gt;production-grade systems&lt;/strong&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  The Smallest Unit: Pod
&lt;/h3&gt;

&lt;p&gt;In Kubernetes, the smallest deployable unit is a &lt;strong&gt;Pod&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;👉 A Pod is basically a wrapper around your container(s)&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;It can run &lt;strong&gt;one or more containers&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;These containers share:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  Network&lt;/li&gt;
&lt;li&gt;  Storage&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;But here’s the thing…&lt;/p&gt;

&lt;p&gt;Managing Pods manually? 😵‍💫 Not a great idea.&lt;/p&gt;

&lt;h3&gt;
  
  
  Enter Deployments
&lt;/h3&gt;

&lt;p&gt;To solve that, we have &lt;strong&gt;Deployments&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;A Deployment is like a &lt;strong&gt;blueprint for your Pods&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;You define:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Container image&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Number of replicas&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Ports&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Volumes&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Other configurations&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;And Kubernetes takes care of:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Creating Pods&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Scaling them&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Replacing them if they crash&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;💥 Much easier to manage.&lt;/p&gt;

&lt;h3&gt;
  
  
  How Do Pods Talk to Each Other?
&lt;/h3&gt;

&lt;p&gt;Back to our restaurant analogy 🍽️&lt;/p&gt;

&lt;p&gt;The waiter needs to communicate with the chef, right?&lt;/p&gt;

&lt;p&gt;But in Kubernetes… 👉 Pods don’t automatically talk to each other&lt;/p&gt;

&lt;p&gt;We need something in between.&lt;/p&gt;

&lt;h3&gt;
  
  
  Services: The Communication Bridge
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Services&lt;/strong&gt; act as a bridge between Pods.&lt;/p&gt;

&lt;p&gt;They provide:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Stable networking&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Internal DNS&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Load balancing&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;There are 3 main types:&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 ClusterIP
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Default type&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Used for &lt;strong&gt;internal communication only&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Not accessible from outside the cluster&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔹 NodePort
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Exposes the service on a &lt;strong&gt;specific port on the node&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;Accessible from outside using:&lt;br&gt;
&lt;/p&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;&amp;lt;Node-IP&amp;gt;:&amp;lt;Port&amp;gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔹 LoadBalancer
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Exposes the app to the &lt;strong&gt;outside world&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Commonly used in cloud environments (AWS, GCP, etc.)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  ConfigMaps: Handling Custom Configurations
&lt;/h3&gt;

&lt;p&gt;Back to the restaurant…&lt;/p&gt;

&lt;p&gt;Imagine a customer walks in and says:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;em&gt;“I want a Caffè macchiato, with a little bit of soy, enough to make me go OH BOY!”&lt;/em&gt; — Kevin Hart fans, you know 😄&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F23vp6luxmn3hio126cwt.gif" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F23vp6luxmn3hio126cwt.gif" alt=" " width="286" height="230"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Handling custom requests manually can get messy…&lt;/p&gt;

&lt;p&gt;But in Kubernetes, we have &lt;strong&gt;ConfigMaps&lt;/strong&gt; for this.&lt;/p&gt;

&lt;p&gt;👉 ConfigMaps allow you to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Store &lt;strong&gt;non-confidential data&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Use it inside your applications&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Keep configs separate from your code&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;For sensitive data? 👉 Use &lt;strong&gt;Secrets&lt;/strong&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  YAML: The Language of Kubernetes
&lt;/h3&gt;

&lt;p&gt;All resources in Kubernetes are defined using &lt;strong&gt;YAML files&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;You describe:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;What you want&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And Kubernetes makes it happen&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you want to explore more, check out the official docs: 👉 &lt;a href="https://kubernetes.io/docs/setup/" rel="noopener noreferrer"&gt;https://kubernetes.io/docs/setup/&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  ⚙️ Practical Demonstration
&lt;/h2&gt;

&lt;p&gt;Enough with the theory — now let’s get our hands dirty 🔥&lt;/p&gt;

&lt;p&gt;So far, we’ve covered:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Deployments&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Services&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;ConfigMaps&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;And to bring all of this together, we’ll deploy a &lt;strong&gt;three-tier application (Nginx–Node–Redis)&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;I’ve actually used this same app in one of my earlier projects to demonstrate CI/CD workflows with GitHub Actions and Terraform. If you’re curious, check it out here: 👉 &lt;a href="https://blog.praveshsudha.com/cicd-for-terraform-with-github-actions-deploying-a-nodejs-redis-app-on-aws" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com/cicd-for-terraform-with-github-actions-deploying-a-nodejs-redis-app-on-aws&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 1: Clone the Project
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git clone https://github.com/Pravesh-Sudha/nginx-node-redis.git
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Open the project in your favorite editor (VS Code works great).&lt;/p&gt;

&lt;h3&gt;
  
  
  Understanding the App
&lt;/h3&gt;

&lt;p&gt;This is a simple Node.js application that:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Displays a &lt;strong&gt;request counter&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Increments the count on every refresh&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Stores data in &lt;strong&gt;Redis&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Uses &lt;strong&gt;Nginx as a reverse proxy&lt;/strong&gt; (serving on port 80 instead of 5000)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Step 2: Run with Docker Compose
&lt;/h3&gt;

&lt;p&gt;Before jumping into Kubernetes, let’s run it locally:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker-compose up &lt;span class="nt"&gt;--build&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxsm9mddjlvrlcl2bfmzc.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxsm9mddjlvrlcl2bfmzc.png" alt=" " width="800" height="383"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Make sure Docker Desktop is installed and running.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;You should see logs in your terminal and the app running in your browser.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj3918cxhv9n6dwywn505.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj3918cxhv9n6dwywn505.png" alt=" " width="800" height="417"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Once done:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;Ctrl + C
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h3&gt;
  
  
  Step 3: Move to Kubernetes
&lt;/h3&gt;

&lt;p&gt;Now comes the interesting part.&lt;/p&gt;

&lt;p&gt;Inside the project:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;cd &lt;/span&gt;nginx-node-redis/kube-config/
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You’ll find three directories:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;nginx/&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;node/&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;redis/&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Each contains:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Deployment YAML&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Service YAML&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  📦 Nginx Deployment
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;apiVersion&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;apps/v1&lt;/span&gt;
&lt;span class="na"&gt;kind&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;Deployment&lt;/span&gt;
&lt;span class="na"&gt;metadata&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-deployment&lt;/span&gt;
  &lt;span class="na"&gt;labels&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;app&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
&lt;span class="na"&gt;spec&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;replicas&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;3&lt;/span&gt;
  &lt;span class="na"&gt;selector&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;matchLabels&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="na"&gt;app&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
  &lt;span class="na"&gt;template&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;metadata&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="na"&gt;labels&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
        &lt;span class="na"&gt;app&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
    &lt;span class="na"&gt;spec&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="na"&gt;containers&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
        &lt;span class="na"&gt;image&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx:1.14.2&lt;/span&gt;
        &lt;span class="na"&gt;ports&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
        &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;containerPort&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;80&lt;/span&gt;

        &lt;span class="na"&gt;volumeMounts&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
        &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-config-volume&lt;/span&gt;
          &lt;span class="na"&gt;mountPath&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;/etc/nginx/nginx.conf&lt;/span&gt;
          &lt;span class="na"&gt;subPath&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx.conf&lt;/span&gt;

      &lt;span class="na"&gt;volumes&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-config-volume&lt;/span&gt;
        &lt;span class="na"&gt;configMap&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
          &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-config&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  A Note on AI &amp;amp; YAML
&lt;/h3&gt;

&lt;p&gt;The best thing about AI? 👉 You can generate YAML files instantly.&lt;/p&gt;

&lt;p&gt;But what happens when things break?&lt;/p&gt;

&lt;p&gt;That’s where &lt;strong&gt;fundamentals matter&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Let’s break this down 👇&lt;/p&gt;

&lt;h3&gt;
  
  
  Understanding the Deployment
&lt;/h3&gt;

&lt;h3&gt;
  
  
  1. API Version &amp;amp; Kind
&lt;/h3&gt;

&lt;p&gt;Defines what resource we are creating:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;kind&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;Deployment&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  2. Labels (IMPORTANT)
&lt;/h3&gt;

&lt;p&gt;Labels appear in three places — and each has a role:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;metadata.labels&lt;/strong&gt; → tagging the Deployment&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;spec.selector.matchLabels&lt;/strong&gt; → tells Deployment which Pods to manage&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;template.metadata.labels&lt;/strong&gt; → applied to Pods (used by Services)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 This is how Kubernetes “connects” resources.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Container Spec
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;image&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx:1.14.2&lt;/span&gt;
&lt;span class="na"&gt;ports&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;containerPort&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;80&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Defines:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Image&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Port&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  4. ConfigMap Mount
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;volumeMounts&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
&lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-config-volume&lt;/span&gt;
  &lt;span class="na"&gt;mountPath&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;/etc/nginx/nginx.conf&lt;/span&gt;
  &lt;span class="na"&gt;subPath&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx.conf&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;👉 This mounts your custom Nginx config into the container.&lt;/p&gt;

&lt;h3&gt;
  
  
  🌐 Nginx Service
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;apiVersion&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;v1&lt;/span&gt;
&lt;span class="na"&gt;kind&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;Service&lt;/span&gt;
&lt;span class="na"&gt;metadata&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-service&lt;/span&gt;
&lt;span class="na"&gt;spec&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;type&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;ClusterIP&lt;/span&gt;
  &lt;span class="na"&gt;selector&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;app&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
  &lt;span class="na"&gt;ports&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;port&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;80&lt;/span&gt;
      &lt;span class="na"&gt;targetPort&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;80&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Here:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;We use &lt;strong&gt;ClusterIP&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;Selector matches:&lt;br&gt;
&lt;/p&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;app&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 This connects the Service to Pods.&lt;/p&gt;

&lt;h2&gt;
  
  
  ⚙️ Nginx ConfigMap
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;apiVersion&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;v1&lt;/span&gt;
&lt;span class="na"&gt;kind&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;ConfigMap&lt;/span&gt;
&lt;span class="na"&gt;metadata&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx-config&lt;/span&gt;
&lt;span class="na"&gt;data&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;nginx.conf&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="pi"&gt;|&lt;/span&gt;
    &lt;span class="s"&gt;events {}&lt;/span&gt;

    &lt;span class="s"&gt;http {&lt;/span&gt;
      &lt;span class="s"&gt;upstream loadbalancer {&lt;/span&gt;
        &lt;span class="s"&gt;server node-service:5000;&lt;/span&gt;
      &lt;span class="s"&gt;}&lt;/span&gt;

      &lt;span class="s"&gt;server {&lt;/span&gt;
        &lt;span class="s"&gt;listen 80;&lt;/span&gt;

        &lt;span class="s"&gt;location / {&lt;/span&gt;
          &lt;span class="s"&gt;proxy_pass http://loadbalancer;&lt;/span&gt;
          &lt;span class="s"&gt;proxy_set_header Host $host;&lt;/span&gt;
          &lt;span class="s"&gt;proxy_set_header X-Real-IP $remote_addr;&lt;/span&gt;
          &lt;span class="s"&gt;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;&lt;/span&gt;
        &lt;span class="s"&gt;}&lt;/span&gt;

        &lt;span class="s"&gt;location = /favicon.ico {&lt;/span&gt;
          &lt;span class="s"&gt;log_not_found off;&lt;/span&gt;
          &lt;span class="s"&gt;access_log off;&lt;/span&gt;
        &lt;span class="s"&gt;}&lt;/span&gt;
      &lt;span class="s"&gt;}&lt;/span&gt;
    &lt;span class="s"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;👉 Here we:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Override default Nginx config&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;Route traffic to:&lt;br&gt;
&lt;/p&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;node-service:5000
&lt;/code&gt;&lt;/pre&gt;

&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Step 4: Deploy to Minikube
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="c"&gt;# Start Minikube&lt;/span&gt;
minikube start

&lt;span class="c"&gt;# Go to config directory&lt;/span&gt;
&lt;span class="nb"&gt;cd &lt;/span&gt;nginx-node-redis/kube-config/

&lt;span class="c"&gt;# Deploy Redis&lt;/span&gt;
&lt;span class="nb"&gt;cd &lt;/span&gt;redis/ &lt;span class="o"&gt;&amp;amp;&amp;amp;&lt;/span&gt; kubectl apply &lt;span class="nt"&gt;-f&lt;/span&gt; deploy.yml &lt;span class="nt"&gt;-f&lt;/span&gt; svc.yml
&lt;span class="nb"&gt;cd&lt;/span&gt; ..

&lt;span class="c"&gt;# Deploy Node&lt;/span&gt;
&lt;span class="nb"&gt;cd &lt;/span&gt;node/ &lt;span class="o"&gt;&amp;amp;&amp;amp;&lt;/span&gt; kubectl apply &lt;span class="nt"&gt;-f&lt;/span&gt; deploy.yaml &lt;span class="nt"&gt;-f&lt;/span&gt; svc.yml
&lt;span class="nb"&gt;cd&lt;/span&gt; ..

&lt;span class="c"&gt;# Deploy Nginx&lt;/span&gt;
&lt;span class="nb"&gt;cd &lt;/span&gt;nginx/ &lt;span class="o"&gt;&amp;amp;&amp;amp;&lt;/span&gt; kubectl apply &lt;span class="nt"&gt;-f&lt;/span&gt; deploy.yml &lt;span class="nt"&gt;-f&lt;/span&gt; svc.yml &lt;span class="nt"&gt;-f&lt;/span&gt; configmap.yaml
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv8pe8ao9b1l8pbcru895.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv8pe8ao9b1l8pbcru895.png" alt=" " width="800" height="570"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Wait for Pods
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pods &lt;span class="nt"&gt;-w&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Wait until all pods are:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;Running
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqorxloe9ja22cxz2n8rt.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqorxloe9ja22cxz2n8rt.png" alt=" " width="800" height="206"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  Access the App
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;minikube service nginx-service
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;👉 This opens your app in the browser — now running on Kubernetes 🎉&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu8rot9k6vz8dwj9znubz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu8rot9k6vz8dwj9znubz.png" alt=" " width="800" height="375"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Self-Healing in Action
&lt;/h3&gt;

&lt;p&gt;Here’s where Kubernetes shines.&lt;/p&gt;

&lt;p&gt;Let’s break something 😈&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl delete pod &amp;lt;pod-name&amp;gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now check:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;kubectl get pods
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;👉 You’ll see:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  A new pod automatically created&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9qzapaw42qkdif28k127.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9qzapaw42qkdif28k127.png" alt=" " width="800" height="445"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  🧠 What just happened?
&lt;/h3&gt;

&lt;p&gt;Kubernetes ensures:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;“Actual state = Desired state”&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Even if you:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Delete a pod&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Crash a container&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 Kubernetes will bring it back&lt;/p&gt;




&lt;h2&gt;
  
  
  🔍 What’s Happening Under the Hood?
&lt;/h2&gt;

&lt;p&gt;Now that everything is up and running, let’s take a step back and understand &lt;strong&gt;how things are actually working behind the scenes&lt;/strong&gt; 👇&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Accessing the Application
&lt;/h3&gt;

&lt;p&gt;When you run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;minikube service nginx-service
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fho6psep81sfzatt6z1qn.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fho6psep81sfzatt6z1qn.png" alt=" " width="800" height="367"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;👉 Minikube exposes your service and gives you a &lt;strong&gt;URL with a port&lt;/strong&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Request Hits Nginx Service
&lt;/h3&gt;

&lt;p&gt;Once you hit that URL:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;The &lt;strong&gt;Nginx Service&lt;/strong&gt; receives the request&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;It looks at its selector:&lt;br&gt;
&lt;/p&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;app&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;nginx&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And forwards the request to all matching &lt;strong&gt;Nginx Pods&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  3. Inside the Nginx Pod
&lt;/h3&gt;

&lt;p&gt;Inside the pod:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Nginx uses the &lt;strong&gt;custom config (via ConfigMap)&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;The request is proxied to:&lt;br&gt;
&lt;/p&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;node-service:5000
&lt;/code&gt;&lt;/pre&gt;

&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  4. Node Service Load Balancing
&lt;/h3&gt;

&lt;p&gt;Now the interesting part 👀&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;node-service&lt;/code&gt; is a &lt;strong&gt;ClusterIP Service&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;It has multiple pods (replicas = 3)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;👉 Kubernetes automatically distributes traffic:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;node-service
   ↓
 ┌──────────┬──────────┬──────────┐
 │ node-pod1│ node-pod2│ node-pod3│
 └──────────┴──────────┴──────────┘
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  5. Node App Talks to Redis
&lt;/h3&gt;

&lt;p&gt;Inside your Node app:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;p&gt;It connects to:&lt;br&gt;
&lt;/p&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;redis-service
&lt;/code&gt;&lt;/pre&gt;

&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;Stores:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  Request count&lt;/li&gt;
&lt;li&gt;  Cache data&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h3&gt;
  
  
  6. Response Flow
&lt;/h3&gt;

&lt;p&gt;Finally, the response travels back:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Redis → Node → Nginx → Browser
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;🎉 And you see the updated request count&lt;/p&gt;

&lt;h3&gt;
  
  
  🧠 Key Insight
&lt;/h3&gt;

&lt;p&gt;Notice something important here…&lt;/p&gt;

&lt;p&gt;👉 We never used a single IP address.&lt;/p&gt;

&lt;p&gt;Everything works using:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Service names&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Internal DNS&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Labels &amp;amp; selectors&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is called &lt;strong&gt;Service Discovery&lt;/strong&gt; — one of the most powerful features of Kubernetes.&lt;/p&gt;

&lt;h3&gt;
  
  
  Scaling Made Easy
&lt;/h3&gt;

&lt;p&gt;Want more traffic handling capacity?&lt;/p&gt;

&lt;p&gt;Just update:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;replicas&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="m"&gt;3&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;👉 Increase or decrease as needed&lt;/p&gt;

&lt;p&gt;👉 No changes required anywhere else&lt;/p&gt;

&lt;p&gt;Kubernetes handles the rest&lt;/p&gt;

&lt;h3&gt;
  
  
  Cleanup
&lt;/h3&gt;

&lt;p&gt;Once you’re done experimenting, you can delete the cluster:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;minikube delete
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fec5ugnbwvij1eyyg8kwk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fec5ugnbwvij1eyyg8kwk.png" alt=" " width="800" height="125"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🎯 Conclusion
&lt;/h2&gt;

&lt;p&gt;And that’s a wrap for this one! 🚀&lt;/p&gt;

&lt;p&gt;In this blog, we didn’t just deploy an application on Kubernetes — we actually &lt;strong&gt;understood what’s happening behind the scenes&lt;/strong&gt;. From Deployments and Services to ConfigMaps and internal service discovery, you now have a solid foundation to start building real-world K8s projects.&lt;/p&gt;

&lt;p&gt;More importantly, you saw how:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Kubernetes replaces static setups like Docker Compose with &lt;strong&gt;dynamic, scalable systems&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Services enable seamless communication without worrying about IPs&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And how the system &lt;strong&gt;self-heals&lt;/strong&gt; to match the desired state&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is just the beginning of the &lt;strong&gt;K8s with Pravesh&lt;/strong&gt; series. In the upcoming blogs, we’ll go deeper into more advanced concepts and build even more powerful systems 💥&lt;/p&gt;

&lt;h3&gt;
  
  
  🔗 Let’s Connect
&lt;/h3&gt;

&lt;p&gt;If you found this helpful, feel free to connect with me and follow along for more DevOps and Kubernetes content:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;💼 LinkedIn: &lt;a href="https://www.linkedin.com/in/pravesh-sudha" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;📝 Blog: &lt;a href="https://blog.praveshsudha.com" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;💻 GitHub: &lt;a href="https://github.com/Pravesh-Sudha" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you have any questions, got stuck somewhere, or just want to discuss ideas — my DMs are always open 🙌&lt;/p&gt;

&lt;p&gt;Until next time… Keep building, keep learning, and keep shipping 🚀&lt;/p&gt;

</description>
      <category>devops</category>
      <category>kubernetes</category>
      <category>docker</category>
      <category>beginners</category>
    </item>
    <item>
      <title>🔥 𝗜 𝗮𝗺 𝗻𝗼𝘄 𝗮𝗻 𝗜𝗕𝗠 𝗖𝗵𝗮𝗺𝗽𝗶𝗼𝗻 / 𝗛𝗮𝘀𝗵𝗶𝗰𝗼𝗿𝗽 𝗔𝗺𝗯𝗮𝘀𝘀𝗮𝗱𝗼𝗿 𝗕𝗔𝗕𝗬!!! 🔥

Excited to announce that I am officially recognised as an IBM Champion earlier known as Hashicorp Ambassador this year.</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Thu, 26 Feb 2026 04:58:00 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/-excited-to-announce-that-i-am-2a7l</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/-excited-to-announce-that-i-am-2a7l</guid>
      <description></description>
    </item>
    <item>
      <title>🚀 Building an AI-Powered CI/CD Copilot with Jenkins and AWS Lambda</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Tue, 24 Feb 2026 18:15:10 +0000</pubDate>
      <link>https://dev.to/aws-builders/building-an-ai-powered-cicd-copilot-with-jenkins-and-aws-lambda-4k8l</link>
      <guid>https://dev.to/aws-builders/building-an-ai-powered-cicd-copilot-with-jenkins-and-aws-lambda-4k8l</guid>
      <description>&lt;h2&gt;
  
  
  💡 Introduction
&lt;/h2&gt;

&lt;p&gt;Hey folks, welcome to the world of Agentic Tools and DevOps.&lt;/p&gt;

&lt;p&gt;Today, we’re diving into CI/CD pipelines and exploring how we can debug them efficiently and almost instantly using AI. In this project, we’ll build an AI-powered CI/CD Copilot where&amp;nbsp;&lt;strong&gt;AWS Lambda&lt;/strong&gt;&amp;nbsp;serves as the core logic layer. This Lambda function will interact with the Google Gemini API to analyze pipeline failures and help us debug them intelligently.&lt;/p&gt;

&lt;p&gt;The goal of this project is not just to integrate AI into a CI/CD workflow, but to help you understand how to build your own AI agent from scratch — one that can assist in real-world DevOps scenarios.&lt;/p&gt;

&lt;p&gt;So, without further ado, let’s get started.&lt;/p&gt;




&lt;h2&gt;
  
  
  💡 Prerequisites
&lt;/h2&gt;

&lt;p&gt;Before we begin, make sure you have the following requirements in place:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Docker &amp;amp; Docker Hub account&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
We will run parts of this project inside Docker containers. Later, we’ll push our custom image to Docker Hub, so make sure you have both Docker installed and a Docker Hub account ready.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;Jenkins (Our CI/CD Tool)&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
We’ll use Jenkins for demonstration purposes. You can either:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  Run Jenkins as a Docker container, or&lt;/li&gt;
&lt;li&gt;  Install it directly from the official website.&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;li&gt;

&lt;p&gt;&lt;strong&gt;Terraform&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
We will provision our infrastructure — including the Gemini API key (stored securely) and the AWS Lambda function — using Terraform.&lt;/p&gt;

&lt;p&gt;Make sure:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  Terraform CLI is installed&lt;/li&gt;
&lt;li&gt;  Your AWS credentials are configured&lt;/li&gt;
&lt;li&gt;  The IAM user has permissions for&amp;nbsp;&lt;strong&gt;AWS Lambda&lt;/strong&gt;&amp;nbsp;and&amp;nbsp;&lt;strong&gt;AWS Secrets Manager&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you’re new to Terraform setup, you can follow this guide:&lt;br&gt;&lt;br&gt;
👉&amp;nbsp;&lt;a href="https://blog.praveshsudha.com/getting-started-with-terraform-a-beginners-guide#heading-step-1-install-the-aws-cli" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com/getting-started-with-terraform-a-beginners-guide#heading-step-1-install-the-aws-cli&lt;/a&gt;&lt;/p&gt;
&lt;/li&gt;
&lt;/ul&gt;
&lt;h3&gt;
  
  
  🎥 Youtube Demonstration
&lt;/h3&gt;

&lt;p&gt;

  &lt;iframe src="https://www.youtube.com/embed/b7_k_auDUEo"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;




&lt;h2&gt;
  
  
  💡 How It Works
&lt;/h2&gt;

&lt;p&gt;The complete source code for this project is available in this GitHub repository:&lt;br&gt;&lt;br&gt;
👉&amp;nbsp;&lt;a href="https://github.com/Pravesh-Sudha/ai-devops-agent" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha/ai-devops-agent&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Navigate to the&amp;nbsp;&lt;code&gt;cicd-copilot&lt;/code&gt;&amp;nbsp;directory to follow along.&lt;/p&gt;

&lt;p&gt;If you’ve been following my work, you might recognize this project. I originally used this same&amp;nbsp;&lt;strong&gt;Node.js Book Reader application&lt;/strong&gt;&amp;nbsp;to demonstrate how Docker works with Node.js. For this AI-powered CI/CD Copilot, I’ve made specific modifications — particularly in the&amp;nbsp;&lt;strong&gt;Jenkinsfile&lt;/strong&gt;&amp;nbsp;and the&amp;nbsp;&lt;code&gt;terra-config&lt;/code&gt;&amp;nbsp;directory.&lt;/p&gt;

&lt;p&gt;Inside the&amp;nbsp;&lt;code&gt;terra-config&lt;/code&gt;&amp;nbsp;directory, you’ll find:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;main.tf&lt;/strong&gt;&amp;nbsp;– Provisions:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  AWS Lambda function&lt;/li&gt;
&lt;li&gt;  AWS Secrets Manager secret (to securely store the Gemini API key)&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;lambda.zip&lt;/strong&gt;&amp;nbsp;– The packaged Lambda deployment artifact (zipped&amp;nbsp;&lt;code&gt;lambda_function.py&lt;/code&gt;)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;lambda_function.py&lt;/strong&gt;&amp;nbsp;– The core of this project.&lt;br&gt;&lt;br&gt;
This file contains the AI agent logic and the structured prompt sent to the Gemini API.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;iam.tf&lt;/strong&gt;&amp;nbsp;– Defines the IAM roles and permissions required for:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;  AWS Lambda&lt;/li&gt;
&lt;li&gt;  AWS Secrets Manager&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;/ul&gt;
&lt;h3&gt;
  
  
  Architecture Overview
&lt;/h3&gt;

&lt;p&gt;The core idea behind this project is simple:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;Jenkins detects a pipeline failure.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;It collects contextual information (stage name, build ID, logs).&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;It sends that data to AWS Lambda.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Lambda calls the Gemini API.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Gemini analyzes the logs and returns structured debugging insights.&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;
&lt;h3&gt;
  
  
  Payload Sent to Lambda
&lt;/h3&gt;

&lt;p&gt;The Lambda function expects a JSON payload in the following format:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;
   &lt;span class="n"&gt;stage&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="err"&gt;$&lt;/span&gt;&lt;span class="n"&gt;stage&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;        &lt;span class="c1"&gt;# Name of the stage where the pipeline failed
&lt;/span&gt;   &lt;span class="n"&gt;job&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="err"&gt;$&lt;/span&gt;&lt;span class="n"&gt;job&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;            &lt;span class="c1"&gt;# Job name (e.g., cicd-copilot)
&lt;/span&gt;   &lt;span class="n"&gt;build_id&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="err"&gt;$&lt;/span&gt;&lt;span class="n"&gt;build_id&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;  &lt;span class="c1"&gt;# Build ID number (e.g., 1, 2, 3)
&lt;/span&gt;   &lt;span class="n"&gt;logs&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="err"&gt;$&lt;/span&gt;&lt;span class="n"&gt;logs&lt;/span&gt;           &lt;span class="c1"&gt;# Last 200 lines of failure logs
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This structured input allows the AI agent to understand the pipeline context before analyzing the logs.&lt;/p&gt;

&lt;h3&gt;
  
  
  Prompt Sent to Gemini API
&lt;/h3&gt;

&lt;p&gt;Inside the Lambda function, we make a POST request to the Gemini API with the following structured prompt:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="n"&gt;You&lt;/span&gt; &lt;span class="n"&gt;are&lt;/span&gt; &lt;span class="n"&gt;a&lt;/span&gt; &lt;span class="n"&gt;senior&lt;/span&gt; &lt;span class="n"&gt;CI&lt;/span&gt;&lt;span class="o"&gt;/&lt;/span&gt;&lt;span class="n"&gt;CD&lt;/span&gt; &lt;span class="n"&gt;Copilot&lt;/span&gt; &lt;span class="n"&gt;specialized&lt;/span&gt; &lt;span class="ow"&gt;in&lt;/span&gt; &lt;span class="n"&gt;Jenkins&lt;/span&gt; &lt;span class="n"&gt;pipelines&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;

&lt;span class="n"&gt;Pipeline&lt;/span&gt; &lt;span class="n"&gt;context&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;
&lt;span class="o"&gt;-&lt;/span&gt; &lt;span class="n"&gt;Stage&lt;/span&gt; &lt;span class="n"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="n"&gt;stage&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;
&lt;span class="o"&gt;-&lt;/span&gt; &lt;span class="n"&gt;Expected&lt;/span&gt; &lt;span class="n"&gt;outcome&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="n"&gt;Build&lt;/span&gt; &lt;span class="n"&gt;an&lt;/span&gt; &lt;span class="n"&gt;artifact&lt;/span&gt; &lt;span class="n"&gt;usable&lt;/span&gt; &lt;span class="n"&gt;by&lt;/span&gt; &lt;span class="n"&gt;later&lt;/span&gt; &lt;span class="n"&gt;stages&lt;/span&gt;

&lt;span class="n"&gt;Your&lt;/span&gt; &lt;span class="n"&gt;tasks&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;
&lt;span class="mf"&gt;1.&lt;/span&gt; &lt;span class="n"&gt;Identify&lt;/span&gt; &lt;span class="n"&gt;the&lt;/span&gt; &lt;span class="n"&gt;failure&lt;/span&gt; &lt;span class="nf"&gt;category &lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;build&lt;/span&gt; &lt;span class="o"&gt;/&lt;/span&gt; &lt;span class="n"&gt;runtime&lt;/span&gt; &lt;span class="o"&gt;/&lt;/span&gt; &lt;span class="n"&gt;config&lt;/span&gt; &lt;span class="o"&gt;/&lt;/span&gt; &lt;span class="n"&gt;infra&lt;/span&gt; &lt;span class="o"&gt;/&lt;/span&gt; &lt;span class="n"&gt;dependency&lt;/span&gt; &lt;span class="o"&gt;/&lt;/span&gt; &lt;span class="n"&gt;auth&lt;/span&gt; &lt;span class="o"&gt;/&lt;/span&gt; &lt;span class="n"&gt;unknown&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;span class="mf"&gt;2.&lt;/span&gt; &lt;span class="n"&gt;Identify&lt;/span&gt; &lt;span class="n"&gt;the&lt;/span&gt; &lt;span class="n"&gt;most&lt;/span&gt; &lt;span class="n"&gt;likely&lt;/span&gt; &lt;span class="n"&gt;root&lt;/span&gt; &lt;span class="n"&gt;cause&lt;/span&gt;
&lt;span class="mf"&gt;3.&lt;/span&gt; &lt;span class="n"&gt;Provide&lt;/span&gt; &lt;span class="n"&gt;actionable&lt;/span&gt; &lt;span class="n"&gt;fixes&lt;/span&gt;
&lt;span class="mf"&gt;4.&lt;/span&gt; &lt;span class="n"&gt;Suggest&lt;/span&gt; &lt;span class="n"&gt;a&lt;/span&gt; &lt;span class="n"&gt;patch&lt;/span&gt; &lt;span class="n"&gt;ONLY&lt;/span&gt; &lt;span class="k"&gt;if&lt;/span&gt; &lt;span class="n"&gt;clearly&lt;/span&gt; &lt;span class="n"&gt;inferable&lt;/span&gt;

&lt;span class="n"&gt;Respond&lt;/span&gt; &lt;span class="n"&gt;ONLY&lt;/span&gt; &lt;span class="ow"&gt;in&lt;/span&gt; &lt;span class="n"&gt;valid&lt;/span&gt; &lt;span class="n"&gt;JSON&lt;/span&gt; &lt;span class="k"&gt;with&lt;/span&gt; &lt;span class="n"&gt;this&lt;/span&gt; &lt;span class="n"&gt;schema&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;
&lt;span class="p"&gt;{{&lt;/span&gt;
  &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;failure_category&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="sh"&gt;""&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
  &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;root_cause&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="sh"&gt;""&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
  &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;actionable_fixes&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;[],&lt;/span&gt;
  &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;suggested_patch&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;{{&lt;/span&gt;
    &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;file&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="sh"&gt;""&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
    &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;line&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="sh"&gt;""&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
    &lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;fix&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="sh"&gt;""&lt;/span&gt;
  &lt;span class="p"&gt;}}&lt;/span&gt;
&lt;span class="p"&gt;}}&lt;/span&gt;

&lt;span class="n"&gt;Logs&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;
&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="n"&gt;logs&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The prompt dynamically injects two key variables:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;{stage}&lt;/code&gt;&amp;nbsp;– The pipeline stage name&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;{logs}&lt;/code&gt;&amp;nbsp;– The failure logs&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you’d like to explore the full Lambda implementation, you can view it here:&lt;br&gt;&lt;br&gt;
👉&amp;nbsp;&lt;a href="https://github.com/Pravesh-Sudha/ai-devops-agent/blob/main/cicd-copilot/terra-config/lambda_function.py" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha/ai-devops-agent/blob/main/cicd-copilot/terra-config/lambda_function.py&lt;/a&gt;&lt;/p&gt;
&lt;h3&gt;
  
  
  How It Integrates with Jenkins
&lt;/h3&gt;

&lt;p&gt;You might be wondering — how exactly does this connect with Jenkins?&lt;/p&gt;

&lt;p&gt;Inside the&amp;nbsp;&lt;code&gt;Jenkinsfile&lt;/code&gt;, each stage:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Sets an environment variable for the stage name.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Redirects command output (in case of failure) into a&amp;nbsp;&lt;code&gt;LOG_FILE&lt;/code&gt;.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If any stage fails:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;The&amp;nbsp;&lt;code&gt;post { failure { ... } }&lt;/code&gt;&amp;nbsp;block is triggered.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Jenkins constructs the JSON payload.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;It invokes the AWS Lambda function.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;The AI-generated failure analysis is printed directly into the Jenkins console output.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This gives you instant, structured debugging assistance right inside your CI/CD pipeline.&lt;/p&gt;
&lt;h3&gt;
  
  
  How to Integrate This in Your Own Workspace
&lt;/h3&gt;

&lt;p&gt;To replicate this approach in your own pipeline:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;p&gt;Append log redirection to each command:&lt;br&gt;
&lt;/p&gt;

&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="k"&gt;${&lt;/span&gt;&lt;span class="nv"&gt;LOG_FILE&lt;/span&gt;&lt;span class="k"&gt;}&lt;/span&gt; 2&amp;gt;&amp;amp;1
&lt;/code&gt;&lt;/pre&gt;




&lt;/li&gt;

&lt;li&gt;&lt;p&gt;Define an environment variable for the stage name.&lt;/p&gt;&lt;/li&gt;

&lt;li&gt;&lt;p&gt;Provision:&lt;/p&gt;&lt;/li&gt;

&lt;/ol&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;*   AWS Lambda

*   IAM roles

*   Secrets Manager (for the Gemini API key)  
    using Terraform.
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;ol&gt;
&lt;li&gt; Add a&amp;nbsp;&lt;code&gt;post failure&lt;/code&gt;&amp;nbsp;block in your Jenkinsfile to invoke the Lambda function with the structured JSON payload.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Once configured, your CI/CD pipeline becomes AI-assisted — capable of analyzing its own failures and suggesting actionable fixes.&lt;/p&gt;




&lt;h2&gt;
  
  
  💡 Practical Demonstration
&lt;/h2&gt;

&lt;p&gt;Enough with the theory — let’s see this in action.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 1: Fork and Clone the Repository
&lt;/h3&gt;

&lt;p&gt;First, head over to the GitHub repository and&amp;nbsp;&lt;strong&gt;fork it under your own username&lt;/strong&gt;.&lt;br&gt;&lt;br&gt;
You’ll be intentionally modifying the code later to trigger pipeline failures, so forking is important.&lt;/p&gt;

&lt;p&gt;After forking:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git clone https://github.com/your-username/ai-devops-agent.git
&lt;span class="nb"&gt;cd &lt;/span&gt;ai-devops-agent/cicd-copilot/terra-config
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Step 2: Initialize Terraform
&lt;/h3&gt;

&lt;p&gt;Inside the&amp;nbsp;&lt;code&gt;terra-config&lt;/code&gt;&amp;nbsp;directory, initialize Terraform:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform init
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Step 3: Generate Your Gemini API Key
&lt;/h3&gt;

&lt;p&gt;To provision the infrastructure, you’ll need a&amp;nbsp;&lt;strong&gt;GEMINI_API_KEY&lt;/strong&gt;.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;Go to&amp;nbsp;&lt;strong&gt;Google AI Studio&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Log in with your Google account&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Navigate to the&amp;nbsp;&lt;strong&gt;API&lt;/strong&gt;&amp;nbsp;section&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Click&amp;nbsp;&lt;strong&gt;Create API Key&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Give it a name and generate the key&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Store it securely&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Now, apply the Terraform configuration:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform apply &lt;span class="nt"&gt;-var&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"gemini_api_key=&amp;lt;Paste-your-key-here&amp;gt;"&lt;/span&gt; &lt;span class="nt"&gt;--auto-approve&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftbi7vwz8dy1h7g26lolh.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftbi7vwz8dy1h7g26lolh.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;⚠️ Make sure the configured AWS IAM user has the required permissions (Lambda and Secrets Manager access), as mentioned in the prerequisites section.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Once completed, your infrastructure (Lambda function + IAM roles + Secret) will be up and running.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 4: Configure Jenkins Pipeline
&lt;/h3&gt;

&lt;p&gt;Open your Jenkins dashboard (usually running on&amp;nbsp;&lt;code&gt;http://localhost:8080&lt;/code&gt;).&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;Click&amp;nbsp;&lt;strong&gt;Create New Item&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Select&amp;nbsp;&lt;strong&gt;Pipeline&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Name it:&amp;nbsp;&lt;code&gt;cicd-copilot&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Choose&amp;nbsp;&lt;strong&gt;Pipeline script from SCM&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Configure the following:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;SCM:&lt;/strong&gt;&amp;nbsp;Git&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Repository URL:&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
&lt;code&gt;https://github.com/your-username/ai-devops-agent&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Branch Specifier:&lt;/strong&gt;&amp;nbsp;&lt;code&gt;main&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Script Path:&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
&lt;code&gt;cicd-copilot/Jenkinsfile&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Click&amp;nbsp;&lt;strong&gt;Save&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkp6mo53plbgxpl6jal9x.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkp6mo53plbgxpl6jal9x.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 5: Install Required Jenkins Plugins
&lt;/h3&gt;

&lt;p&gt;Navigate to:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Manage Jenkins → Plugins&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Install the following plugins:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Docker&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Docker Pipeline&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Docker Commons&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Step 6: Add Docker to Jenkins PATH
&lt;/h3&gt;

&lt;p&gt;Ensure Docker is accessible inside Jenkins.&lt;/p&gt;

&lt;p&gt;In your terminal, run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;which docker
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Copy the output path.&lt;/p&gt;

&lt;p&gt;Now go to:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Manage Jenkins → System → Global Properties&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Append the copied path to the existing PATH variable using&amp;nbsp;&lt;code&gt;:&lt;/code&gt;&amp;nbsp;as a separator. Save the configuration.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33ilfvp62i8gxowi1p35.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33ilfvp62i8gxowi1p35.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 7: Add Docker Hub Credentials
&lt;/h3&gt;

&lt;p&gt;Navigate to:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Manage Jenkins → Credentials&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt; Add a new credential:&lt;/li&gt;
&lt;/ol&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;*   Kind:&amp;nbsp;**Username with password**

*   Username: Your Docker Hub username

*   Password: Your Docker Hub password

*   ID:&amp;nbsp;`docker-cred`
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;Save it.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdi2nn48p3s3yavskgyit.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdi2nn48p3s3yavskgyit.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 8: Trigger the Pipeline
&lt;/h3&gt;

&lt;p&gt;Now go back to your&amp;nbsp;&lt;code&gt;cicd-copilot&lt;/code&gt;&amp;nbsp;project and click&amp;nbsp;&lt;strong&gt;Build Now&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Open&amp;nbsp;&lt;strong&gt;Console Output&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;You will notice that the pipeline fails — this is intentional.&lt;/p&gt;

&lt;p&gt;The logs are automatically captured and sent to the AI Agent, which returns structured debugging analysis inside the Jenkins console.&lt;/p&gt;

&lt;p&gt;In the first failure, the AI identifies a typo in the&amp;nbsp;&lt;code&gt;Dockerfile&lt;/code&gt;.&lt;br&gt;&lt;br&gt;
For example:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;apine
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;It should be:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;alpine
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7x8kfvio401a3e7js9f9.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7x8kfvio401a3e7js9f9.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Fix the typo in your forked repository and commit the changes.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 9: Second Failure (Version Mismatch)
&lt;/h3&gt;

&lt;p&gt;Rebuild the pipeline.&lt;/p&gt;

&lt;p&gt;This time, the pipeline fails again — but for a different reason. There is a Docker image version mismatch.&lt;/p&gt;

&lt;p&gt;The AI analysis might suggest that the image is private or unavailable. However, the real issue is in the&amp;nbsp;&lt;code&gt;Jenkinsfile&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Febqz4we61kdwcryd23im.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Febqz4we61kdwcryd23im.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Inside the&amp;nbsp;&lt;strong&gt;Run Container&lt;/strong&gt;&amp;nbsp;stage, change the image version from:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;v2
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;to:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;v1
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvk58wuca063hl439ayyc.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvk58wuca063hl439ayyc.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Commit the change and rebuild the pipeline.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 10: Successful Pipeline Run
&lt;/h3&gt;

&lt;p&gt;Now, when you trigger the pipeline again:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;The build succeeds&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;The Docker image is pushed to your Docker Hub account&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;The container starts successfully&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Visit:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost:3000
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2pv69etz5eff4fq4n07m.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2pv69etz5eff4fq4n07m.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;You should see the Book Reader application running.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj02s0pswmjum51a49154.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj02s0pswmjum51a49154.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5fj73w6v0folxas2x8vs.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5fj73w6v0folxas2x8vs.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Stop the Application
&lt;/h3&gt;

&lt;p&gt;To stop the running container:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker &lt;span class="nb"&gt;kill &lt;/span&gt;cicd-copilot
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Clean Up Infrastructure
&lt;/h3&gt;

&lt;p&gt;To avoid unnecessary AWS charges, destroy the infrastructure:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform destroy &lt;span class="nt"&gt;-var&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"gemini_api_key=&amp;lt;Paste-your-key-here&amp;gt;"&lt;/span&gt; &lt;span class="nt"&gt;--auto-approve&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  What We Achieved
&lt;/h3&gt;

&lt;p&gt;In this project, we built an AI-powered CI/CD Copilot using:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Jenkins for pipeline orchestration&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;AWS Lambda for AI agent logic&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;AWS Secrets Manager for secure API storage&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Google Gemini API for log analysis&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The agent receives contextual pipeline information and failure logs, analyzes them intelligently, and provides structured debugging insights directly inside the CI/CD workflow.&lt;/p&gt;

&lt;p&gt;Instead of manually scanning logs, you now have an AI assistant that understands context, categorizes failures, identifies root causes, and suggests actionable fixes — making debugging faster, smarter, and more efficient.&lt;/p&gt;




&lt;h2&gt;
  
  
  💡 Conclusion
&lt;/h2&gt;

&lt;p&gt;Modern CI/CD pipelines are powerful — but when they fail, debugging can quickly become time-consuming and frustrating. In this project, we went a step further by integrating AI directly into the pipeline workflow.&lt;/p&gt;

&lt;p&gt;By combining:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Jenkins&lt;/strong&gt;&amp;nbsp;for orchestration&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;AWS Lambda&lt;/strong&gt;&amp;nbsp;for serverless execution&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;AWS Secrets Manager&lt;/strong&gt;&amp;nbsp;for secure API handling&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Google Gemini API&lt;/strong&gt;&amp;nbsp;for intelligent log analysis&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;we built an AI-powered CI/CD Copilot capable of understanding pipeline context, analyzing failure logs, identifying root causes, and suggesting actionable fixes — all automatically.&lt;/p&gt;

&lt;p&gt;This isn’t just about log analysis. It’s about shifting from reactive debugging to intelligent, context-aware automation.&lt;/p&gt;

&lt;p&gt;As AI continues to evolve, integrating agentic systems into DevOps workflows will become increasingly common. Building projects like this not only strengthens your cloud and automation skills but also prepares you for the next wave of AI-driven infrastructure.&lt;/p&gt;

&lt;p&gt;If you found this project helpful, feel free to connect with me and follow my work:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;🌐&amp;nbsp;&lt;strong&gt;Website:&lt;/strong&gt;&amp;nbsp;&lt;a href="https://praveshsudha.com" rel="noopener noreferrer"&gt;https://praveshsudha.com&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;📝&amp;nbsp;&lt;strong&gt;Blog:&lt;/strong&gt;&amp;nbsp;&lt;a href="https://blog.praveshsudha.com" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;💼&amp;nbsp;&lt;strong&gt;LinkedIn:&lt;/strong&gt;&amp;nbsp;&lt;a href="https://www.linkedin.com/in/pravesh-sudha" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;🐙&amp;nbsp;&lt;strong&gt;GitHub:&lt;/strong&gt;&amp;nbsp;&lt;a href="https://github.com/Pravesh-Sudha" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;🐦&amp;nbsp;&lt;strong&gt;Twitter/X:&lt;/strong&gt;&amp;nbsp;&lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;https://x.com/praveshstwt&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;🎥 Youtube&lt;/strong&gt;: &lt;a href="https://youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;https://youtube.com/@pravesh-sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I regularly share content on DevOps, AWS, Terraform, CI/CD, and building real-world cloud projects from scratch.&lt;/p&gt;

&lt;p&gt;If you build your own version of this AI CI/CD Copilot, tag me — I’d love to see what you create.&lt;/p&gt;

&lt;p&gt;Happy Building 🚀&lt;/p&gt;

</description>
      <category>ai</category>
      <category>devops</category>
      <category>jenkins</category>
      <category>cicd</category>
    </item>
    <item>
      <title>🚀 I Built SkillDebt.ai to Understand My Own Skill Gaps</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Thu, 05 Feb 2026 19:10:46 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/i-built-skilldebtai-to-understand-my-own-skill-gaps-3729</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/i-built-skilldebtai-to-understand-my-own-skill-gaps-3729</guid>
      <description>&lt;blockquote&gt;
&lt;p&gt;A hands-on look at skill decay, generative UI, and turning career anxiety into actionable insights&lt;/p&gt;
&lt;/blockquote&gt;

&lt;h2&gt;
  
  
  🌟 Introduction
&lt;/h2&gt;

&lt;p&gt;Hola amigos 👋&lt;br&gt;&lt;br&gt;
Welcome to the world of &lt;strong&gt;AI and DevOps&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;In this blog, I want to share my experience building &lt;a href="http://my-repo-8k7lhiaxb-pravesh-sudhas-projects.vercel.app/" rel="noopener noreferrer"&gt;&lt;strong&gt;SkillDebt.ai&lt;/strong&gt;&lt;/a&gt; as part of the &lt;strong&gt;UI Strikes Back Challenge&lt;/strong&gt;, hosted by the &lt;strong&gt;WEMakeDevs community&lt;/strong&gt; in collaboration with &lt;strong&gt;Tambo AI&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;The idea behind &lt;strong&gt;SkillDebt.ai&lt;/strong&gt; is simple:&lt;br&gt;&lt;br&gt;
as developers, we often talk about &lt;em&gt;technical debt&lt;/em&gt; in our code — but we rarely think about the &lt;strong&gt;technical debt in our careers&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;SkillDebt.ai&lt;/strong&gt; takes your &lt;strong&gt;resume or tech stack&lt;/strong&gt;, analyzes it using &lt;a href="https://tambo.co/" rel="noopener noreferrer"&gt;&lt;strong&gt;Tambo&lt;/strong&gt;&lt;/a&gt; &lt;strong&gt;AI and Gemini&lt;/strong&gt;, and turns that data into &lt;strong&gt;beautiful, interactive visual insights&lt;/strong&gt; about your skills. Instead of long paragraphs or generic advice, you get a clear picture of where you stand in your field.&lt;/p&gt;

&lt;p&gt;Beyond skill visualization, it also highlights:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Skill decay&lt;/strong&gt; — tools and technologies you haven’t touched in a while&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Risk audits&lt;/strong&gt; — warning signs when core skills are becoming outdated&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Upgrade suggestions&lt;/strong&gt; — practical recommendations on what skills to add next to boost your career growth&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This project isn’t just about AI or UI — it’s about giving developers clarity, direction, and a better way to plan their learning journey.&lt;/p&gt;

&lt;p&gt;

  &lt;iframe src="https://www.youtube.com/embed/ItTKixXJF2I"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Practical Demo
&lt;/h2&gt;

&lt;p&gt;Let’s see &lt;strong&gt;SkillDebt.ai&lt;/strong&gt; in action.&lt;/p&gt;

&lt;p&gt;There’s no heavy setup or complex prerequisites. All you need is your &lt;strong&gt;resume in PDF format&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Head over to the live demo here:&lt;br&gt;&lt;br&gt;
👉 &lt;a href="https://my-repo-8k7lhiaxb-pravesh-sudhas-projects.vercel.app/" rel="noopener noreferrer"&gt;https://my-repo-8k7lhiaxb-pravesh-sudhas-projects.vercel.app/&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;𝗧𝗵𝗲 𝗣𝗿𝗼𝗷𝗲𝗰𝘁 𝗵𝗮𝘀 𝗯𝗲𝗲𝗻 𝘁𝗮𝗸𝗲𝗻 𝗱𝗼𝘄𝗻 𝗯𝘆 𝟮𝟱 𝗙𝗲𝗯 𝟮𝟬𝟮𝟲, 𝘆𝗼𝘂 𝗰𝗮𝗻 𝗳𝗼𝗹𝗹𝗼𝘄 𝘁𝗵𝗲 𝗚𝗶𝘁𝗛𝘂𝗯 𝗚𝘂𝗶𝗱𝗲 𝘁𝗼 𝗶𝗹𝗹𝘂𝘀𝘁𝗿𝗮𝘁𝗲 𝗶𝗻 𝘆𝗼𝘂𝗿 𝗼𝘄𝗻 𝗹𝗼𝗰𝗮𝗹 𝘀𝘆𝘀𝘁𝗲𝗺&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Once you’re on the site, click on &lt;strong&gt;“Upload Resume”&lt;/strong&gt;, select your PDF, and hit &lt;strong&gt;Analyze&lt;/strong&gt;. That’s it.&lt;/p&gt;

&lt;p&gt;From there, SkillDebt.ai walks you through a complete breakdown of your profile:&lt;/p&gt;

&lt;p&gt;First, you’ll see a &lt;strong&gt;visual skill analysis chart&lt;/strong&gt; that gives a quick overview of your strengths and gaps across different areas in your field.&lt;/p&gt;

&lt;p&gt;Next comes the &lt;strong&gt;Skill Decay graph&lt;/strong&gt;, which highlights technologies you haven’t actively used in a while and flags them based on risk. This part is especially useful because it surfaces skills you might be unknowingly neglecting.&lt;/p&gt;

&lt;p&gt;After that, the &lt;strong&gt;Risk Audit&lt;/strong&gt; section kicks in. It acts like a warning system, pointing out areas in your resume that could become problematic if left unaddressed.&lt;/p&gt;

&lt;p&gt;Finally, you get &lt;strong&gt;career-focused upgrade suggestions&lt;/strong&gt; — specific skills you should consider adding or improving to stay relevant and boost long-term growth.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Felr7q8j2b50kr2k455k0.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Felr7q8j2b50kr2k455k0.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F64bdpzccoh5tf3scuvtc.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F64bdpzccoh5tf3scuvtc.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg1po77ym0gtoaglze6gv.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg1po77ym0gtoaglze6gv.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp3ac2carreo54iesgors.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp3ac2carreo54iesgors.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwbgmwfvfxhtcx6ghzw3q.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwbgmwfvfxhtcx6ghzw3q.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;If you’re curious about how everything works under the hood, the complete source code is open-source and available here: &lt;/p&gt;

&lt;p&gt;

&lt;/p&gt;
&lt;div class="ltag-github-readme-tag"&gt;
  &lt;div class="readme-overview"&gt;
    &lt;h2&gt;
      &lt;img src="https://assets.dev.to/assets/github-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"&gt;
      &lt;a href="https://github.com/Pravesh-Sudha" rel="noopener noreferrer"&gt;
        Pravesh-Sudha
      &lt;/a&gt; / &lt;a href="https://github.com/Pravesh-Sudha/ui-strikes-back" rel="noopener noreferrer"&gt;
        ui-strikes-back
      &lt;/a&gt;
    &lt;/h2&gt;
    &lt;h3&gt;
      
    &lt;/h3&gt;
  &lt;/div&gt;
  &lt;div class="ltag-github-body"&gt;
    
&lt;div id="readme" class="md"&gt;&lt;div class="markdown-heading"&gt;
&lt;h1 class="heading-element"&gt;🚀 SkillDebt.ai (UI Strikes Back)&lt;/h1&gt;
&lt;/div&gt;
&lt;p&gt;Analyze your technical skill debt, visualize decay, and find your optimal upgrade path. Built for developers who want to stay ahead of the curve.&lt;/p&gt;
&lt;p&gt;&lt;a href="https://github.com/Pravesh-Sudha/UI-Strikes-Back.git" rel="noopener noreferrer"&gt;&lt;img src="https://camo.githubusercontent.com/388c06c124ed80860cf040777bd56d8bd6abf5fa500734889602462164983b80/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5265706f7369746f72792d4769744875622d626c75653f7374796c653d666f722d7468652d6261646765266c6f676f3d676974687562" alt="Repo"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;div class="markdown-heading"&gt;
&lt;h2 class="heading-element"&gt;✨ Features&lt;/h2&gt;
&lt;/div&gt;
&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;📊 Skill Visualization&lt;/strong&gt;: Map out your current technical stack and see the balance across different domains.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;📉 Decay Timeline&lt;/strong&gt;: Understand how your skills might be losing relevance over time and plan ahead.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;⚠️ Risk Audit&lt;/strong&gt;: Identify critical gaps or "debt" in your career path based on industry trends.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;🚀 Upgrade Path&lt;/strong&gt;: Get personalized, high-impact suggestions for your next skill upgrade.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;📂 Resume Parsing&lt;/strong&gt;: Upload your resume (PDF/Text) to start the analysis instantly.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;🤖 Generative UI&lt;/strong&gt;: Experience a dynamic AI-driven interface powered by the Tambo SDK.&lt;/li&gt;
&lt;/ul&gt;

&lt;div class="markdown-heading"&gt;
&lt;h2 class="heading-element"&gt;🛠️ Tech Stack&lt;/h2&gt;
&lt;/div&gt;
&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Framework&lt;/strong&gt;: &lt;a href="https://reactjs.org/" rel="nofollow noopener noreferrer"&gt;React&lt;/a&gt; + &lt;a href="https://vitejs.dev/" rel="nofollow noopener noreferrer"&gt;Vite&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Language&lt;/strong&gt;: &lt;a href="https://www.typescriptlang.org/" rel="nofollow noopener noreferrer"&gt;TypeScript&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Styling&lt;/strong&gt;: &lt;a href="https://tailwindcss.com/" rel="nofollow noopener noreferrer"&gt;Tailwind CSS&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Icons&lt;/strong&gt;: &lt;a href="https://lucide.dev/" rel="nofollow noopener noreferrer"&gt;Lucide React&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AI Integration&lt;/strong&gt;: &lt;a href="https://tambo.ai" rel="nofollow noopener noreferrer"&gt;Tambo SDK&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Markdown&lt;/strong&gt;: &lt;code&gt;react-markdown&lt;/code&gt; +…&lt;/li&gt;
&lt;/ul&gt;&lt;/div&gt;
  &lt;/div&gt;
  &lt;div class="gh-btn-container"&gt;&lt;a class="gh-btn" href="https://github.com/Pravesh-Sudha/ui-strikes-back" rel="noopener noreferrer"&gt;View on GitHub&lt;/a&gt;&lt;/div&gt;
&lt;/div&gt;







&lt;h2&gt;
  
  
  🌟 How I Built It
&lt;/h2&gt;

&lt;p&gt;Going into the hackathon, I had one clear goal:&lt;br&gt;&lt;br&gt;
I didn’t want to build something flashy but forgettable. I wanted to build something &lt;strong&gt;novel and actually useful&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;The AI agent space is already crowded. Everywhere you look, there’s another code debugger, another productivity hack, another “AI assistant” doing roughly the same thing. At the same time, with the rapid rise of AI — especially tools like &lt;strong&gt;Claude Code and autonomous agents&lt;/strong&gt; — AI engineering has gone through the roof.&lt;/p&gt;

&lt;p&gt;That’s when I paused and thought:&lt;br&gt;&lt;br&gt;
instead of building yet another tool to &lt;em&gt;replace&lt;/em&gt; engineers, why not build something that helps engineers &lt;strong&gt;upskill&lt;/strong&gt; and stay ahead of the curve?&lt;/p&gt;

&lt;p&gt;That idea became &lt;a href="https://my-repo-8k7lhiaxb-pravesh-sudhas-projects.vercel.app/" rel="noopener noreferrer"&gt;&lt;strong&gt;SkillDebt.ai&lt;/strong&gt;&lt;/a&gt; — a system focused on helping developers understand where they stand today, what they’re falling behind on, and how they can adapt to this AI-driven future instead of getting left behind.&lt;/p&gt;

&lt;p&gt;From an implementation perspective, the most challenging part for me was configuring the &lt;strong&gt;Tambo Generative UI components&lt;/strong&gt;. Getting the components to behave correctly, respond to the data, and render meaningful insights wasn’t straightforward at first. I ran into plenty of invalid input errors along the way.&lt;/p&gt;

&lt;p&gt;But once I understood how the pieces fit together, things started clicking. The &lt;strong&gt;documentation played a huge role&lt;/strong&gt; here — it turned what initially felt overwhelming into a structured learning process. After a lot of trial and error (mostly invalid configuration for components), I finally got all &lt;strong&gt;four core components&lt;/strong&gt; working together smoothly.&lt;/p&gt;

&lt;p&gt;It wasn’t easy at the start, but that struggle is exactly what made the project so rewarding.&lt;/p&gt;

&lt;p&gt;The main heart of the Project is the &lt;code&gt;tambo.config.ts&lt;/code&gt; file inside the &lt;code&gt;src/tambo&lt;/code&gt; directory, it handles the prompt for the generative UI components. Have a look at it:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;zod&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;SkillRadarChart&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;../components/adaptive/SkillRadarChart&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;SkillDecayTimeline&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;../components/adaptive/SkillDecayTimeline&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;RiskWarningCard&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;../components/adaptive/RiskWarningCard&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;UpgradeSuggestionCard&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;../components/adaptive/UpgradeSuggestionCard&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="k"&gt;import&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;ExplanationToggle&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="k"&gt;from&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;../components/adaptive/ExplanationToggle&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;

&lt;span class="k"&gt;export&lt;/span&gt; &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;tamboConfig&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="na"&gt;components&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;[&lt;/span&gt;
        &lt;span class="p"&gt;{&lt;/span&gt;
            &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;skill_radar_chart&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;description&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Visualizes the balance between depth and breadth of skills, or compares multiple skill categories.&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;component&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;SkillRadarChart&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;propsSchema&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                &lt;span class="na"&gt;title&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Title of the chart, e.g., 'Frontend Skill Balance'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Skill Analysis&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="na"&gt;data&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;array&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                    &lt;span class="na"&gt;skill&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Name of the skill, e.g., 'React'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Unknown Skill&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                    &lt;span class="na"&gt;value&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;number&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;min&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="mi"&gt;0&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="nf"&gt;max&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="mi"&gt;100&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Skill level from 0 to 100&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="mi"&gt;50&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                    &lt;span class="na"&gt;fullMark&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;number&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="mi"&gt;100&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="nf"&gt;optional&lt;/span&gt;&lt;span class="p"&gt;(),&lt;/span&gt;
                &lt;span class="p"&gt;})).&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Array of 3-6 skills to visualize.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;([]),&lt;/span&gt;
            &lt;span class="p"&gt;}),&lt;/span&gt;
        &lt;span class="p"&gt;},&lt;/span&gt;
        &lt;span class="p"&gt;{&lt;/span&gt;
            &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;skill_decay_timeline&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;description&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Shows a timeline of skills and their freshness/decay status based on last usage.&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;component&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;SkillDecayTimeline&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;propsSchema&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                &lt;span class="na"&gt;data&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;array&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                    &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Name of the skill, e.g. 'jQuery'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Unknown Skill&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                    &lt;span class="na"&gt;lastUsed&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Year or timeframe like '2023', 'Current'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Unknown&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                    &lt;span class="na"&gt;decayLevel&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Decay level: 'low', 'medium', 'high', 'critical'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;medium&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="p"&gt;})).&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;List of data points regarding skill usage and decay for the timeline.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;([]),&lt;/span&gt;
            &lt;span class="p"&gt;}),&lt;/span&gt;
        &lt;span class="p"&gt;},&lt;/span&gt;
        &lt;span class="p"&gt;{&lt;/span&gt;
            &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;risk_warning_card&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;description&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Displays a warning about a specific career risk or skill obsolescence.&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;component&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;RiskWarningCard&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;propsSchema&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                &lt;span class="na"&gt;title&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Short warning title, e.g. 'Legacy Stack Risk'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Risk Warning&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="na"&gt;message&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Detailed explanation of the risk&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Potential risk detected.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="na"&gt;riskLevel&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Risk level: 'moderate', 'high', 'critical'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;moderate&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
            &lt;span class="p"&gt;}),&lt;/span&gt;
        &lt;span class="p"&gt;},&lt;/span&gt;
        &lt;span class="p"&gt;{&lt;/span&gt;
            &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;upgrade_suggestion_card&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;description&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Suggests a specific skill upgrade or learning path with potential impact.&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;component&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;UpgradeSuggestionCard&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;propsSchema&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                &lt;span class="na"&gt;skill&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;The recommended skill to learn&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;New Skill&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="na"&gt;recommendation&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Why this skill is recommended&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Recommended for career growth.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="na"&gt;impact&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Impact: 'career_pivot', 'salary_bump', 'stability'&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;stability&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
            &lt;span class="p"&gt;}),&lt;/span&gt;
        &lt;span class="p"&gt;},&lt;/span&gt;
        &lt;span class="p"&gt;{&lt;/span&gt;
            &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;explanation_toggle&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;description&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Can be used to provide deeper context or reasoning for a specific insight, hidden by default behind a toggle.&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;component&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;ExplanationToggle&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;
            &lt;span class="na"&gt;propsSchema&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;object&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt;
                &lt;span class="na"&gt;reasoning&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;The detailed reasoning or explanation to be hidden.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="k"&gt;default&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;No additional details provided.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;),&lt;/span&gt;
                &lt;span class="na"&gt;context&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;z&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;string&lt;/span&gt;&lt;span class="p"&gt;().&lt;/span&gt;&lt;span class="nf"&gt;describe&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="s2"&gt;Optional context or source data reference.&lt;/span&gt;&lt;span class="dl"&gt;"&lt;/span&gt;&lt;span class="p"&gt;).&lt;/span&gt;&lt;span class="nf"&gt;optional&lt;/span&gt;&lt;span class="p"&gt;(),&lt;/span&gt;
            &lt;span class="p"&gt;}),&lt;/span&gt;
        &lt;span class="p"&gt;},&lt;/span&gt;
    &lt;span class="p"&gt;],&lt;/span&gt;
&lt;span class="p"&gt;};&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;It wasn’t easy at the start, but that struggle is exactly what made the project so rewarding.&lt;/p&gt;

&lt;p&gt;After deploying the project, I posted about it on &lt;strong&gt;&lt;a href="https://www.linkedin.com/posts/pravesh-sudha_ai-aiagents-theuistrikesback-activity-7425517818843971584-MTpj?utm_source=share&amp;amp;utm_medium=member_desktop&amp;amp;rcm=ACoAADlc2qIBCVMfVhYQW8Nw26AxcZeteDQrXRg" rel="noopener noreferrer"&gt;LinkedIn&lt;/a&gt;&lt;/strong&gt; and dozens of Developers got their profile review using the system, and seeing real people interact with Generative UI components using &lt;strong&gt;Tambo&lt;/strong&gt; made my &lt;strong&gt;DAY&lt;/strong&gt;!&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb359nl4knl6nbrd6tqm4.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb359nl4knl6nbrd6tqm4.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Conclusion
&lt;/h2&gt;

&lt;p&gt;Building &lt;strong&gt;SkillDebt.ai&lt;/strong&gt; was a genuinely fun and exciting journey. From shaping the idea, struggling through early implementation issues, to finally seeing the generative UI come together — every step pushed me to think differently about how AI can be used to &lt;strong&gt;empower developers&lt;/strong&gt;, not replace them.&lt;/p&gt;

&lt;p&gt;Huge thanks to the &lt;strong&gt;WEMakeDevs community&lt;/strong&gt; and &lt;strong&gt;Tambo AI&lt;/strong&gt; for organizing the &lt;strong&gt;UI Strikes Back Challenge&lt;/strong&gt; and creating a space that encourages experimentation, learning, and building in public. Challenges like these are what make the developer ecosystem so motivating.&lt;/p&gt;

&lt;p&gt;If you found this project interesting or have ideas on how it can be improved, I’d love to hear from you. You can find the code on GitHub, and feel free to connect with me on my socials:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;GitHub:&lt;/strong&gt; &lt;a href="https://github.com/Pravesh-Sudha" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;LinkedIn:&lt;/strong&gt; &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha/&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Twitter / X:&lt;/strong&gt; &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;https://x.com/praveshstwt&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;YouTube:&lt;/strong&gt; &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;https://www.youtube.com/@pravesh-sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Thanks for reading — and as always, keep building, keep learning, and stay curious 🚀&lt;/p&gt;

&lt;p&gt;Adios 👋&lt;/p&gt;

</description>
      <category>ai</category>
      <category>webdev</category>
      <category>devops</category>
      <category>programming</category>
    </item>
    <item>
      <title>🚀 Create Your Website Under 15 MINS using AntiGravity!</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Mon, 19 Jan 2026 18:15:05 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/create-your-website-under-15-mins-using-antigravity-2m44</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/create-your-website-under-15-mins-using-antigravity-2m44</guid>
      <description>&lt;p&gt;&lt;em&gt;This is a submission for the &lt;a href="https://dev.to/challenges/new-year-new-you-google-ai-2025-12-31"&gt;New Year, New You Portfolio Challenge Presented by Google AI&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  🧑‍💻 About Me
&lt;/h2&gt;

&lt;p&gt;Hola Everyone! I am Pravesh Sudha, an AWS Community Builder and DevOps Enthusiast. For the past 2 years, I have been learning and teaching people about Cloud concepts through my blogs and YouTube videos. For the past 4-5 months, I have been diving into AI Agents and collaborated with companies like PortiaAI (AgentHack Hackathon), Cognee (memory layer for AI), Algolia, etc. I already have my portfolio on praveshsudha.com that is specific to my DevOps arc. But to reflect my AI arc, I thought to myself:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;”Why not create a new portfolio specific to AI Agents?”&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;And that’s how the journey began.&lt;/p&gt;




&lt;h2&gt;
  
  
  🤌 Portfolio
&lt;/h2&gt;

&lt;p&gt;

  &lt;iframe src="https://www.youtube.com/embed/verP-mp4XX8"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;The website has been taken down from 19 Feb 2026, Watch the video or follow the github repo guide to illustrate in your own local system&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  👷 How I Built It
&lt;/h2&gt;

&lt;p&gt;Starting with the idea, I thought of using Antigravity as the code editor (I have used other coding assistants including GitHub Copilot, Cursor, etc., but I wanted to try "Google's Code Helper"). The prompt I used is as follows:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Hey, I am Pravesh Sudha, An AWS Community Builder, DevOps Engineer and Content Creator (you can search about me on Google too). Recently Dev Community organised "New Year New You Challenge", and for this challenge, I am making a New portfolio website that will have my AI related Projects.
I have a total of four projects with their summary. I have uploaded an image of me, which I will use in the portfolio website. Now based on that, I want you to guide me step by step on how to create the website from Scratch. I want the website to be cool and amazing.
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvdwmpzed765d46eof7z5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvdwmpzed765d46eof7z5.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Since all of my work is Open Source (I believe in Learning in Public), Antigravity didn’t have any difficulty while fetching the projects (just one tweak: instead of the Email-AI assistant, which is very common and cliché, I planned to integrate my latest Terraform AI review agent). After that, I provided the summaries for the 4 projects (which I prepared beforehand), provided the blog and YouTube video links regarding them, and Voila! Under 15 mins, I had a fully functional prototype of my AI Agent Website.&lt;/p&gt;

&lt;p&gt;Now to deploy that, I installed the gcloud CLI, created the required service account, and deployed it to Cloud Run.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frb7qp5y7oovpg2w33itx.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frb7qp5y7oovpg2w33itx.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F09qqa113ll7yhhxrxqie.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F09qqa113ll7yhhxrxqie.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  😎 What I'm Most Proud Of
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;The best part about creating the website was the ease of understanding. I have designed websites from scratch and know about the components, but even if a person with no experience tries to create a website, creating it using Antigravity seems the best choice. All you need to know is WHAT you are building and communicate it effectively in the prompt.&lt;/li&gt;
&lt;li&gt;In the Projects section, I have Blog link on the project and also provided a Demo button which include a Video Demonstration of the Project.&lt;/li&gt;
&lt;li&gt;I have incorporated my Algolia Agent Studio Challenge project in it, which is an AWS + Terraform Infra explainer for non-tech geeks.&lt;/li&gt;
&lt;li&gt;I have tried to design a modern, cool-looking website with minimal complexity—just one JS script, an index.html, and a styles.css—that’s it. NO complex file management.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌟 Conclusion
&lt;/h2&gt;

&lt;p&gt;At last, I want to thank Dev Community and Google Team for organising these amazing Challenges. Competition regarding what you build really thrive the inner learner inside me. &lt;/p&gt;

</description>
      <category>devchallenge</category>
      <category>googleaichallenge</category>
      <category>portfolio</category>
      <category>gemini</category>
    </item>
    <item>
      <title>🌟 Making AWS Infrastructure Understandable for Product Managers</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Thu, 15 Jan 2026 17:30:49 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/making-aws-infrastructure-understandable-for-product-managers-101c</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/making-aws-infrastructure-understandable-for-product-managers-101c</guid>
      <description>&lt;p&gt;&lt;em&gt;This is a submission for the &lt;a href="https://dev.to/challenges/algolia"&gt;Algolia Agent Studio Challenge&lt;/a&gt;: Consumer-Facing Non-Conversational Experiences&lt;/em&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  What I Built
&lt;/h2&gt;

&lt;p&gt;I built a &lt;strong&gt;non-conversational AI agent&lt;/strong&gt; that translates &lt;strong&gt;AWS infrastructure defined using Terraform&lt;/strong&gt; into &lt;strong&gt;clear, Product Manager–friendly explanations&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Infrastructure is usually written &lt;em&gt;for engineers&lt;/em&gt;, using tools like Terraform, but the impact of infrastructure decisions is felt across the entire product lifecycle. Product Managers often need to understand:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;how users access the system,&lt;/li&gt;
&lt;li&gt;where data lives,&lt;/li&gt;
&lt;li&gt;how the system scales,&lt;/li&gt;
&lt;li&gt;and what operational or cost risks exist,&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;without diving into Terraform syntax or AWS implementation details.&lt;/p&gt;

&lt;p&gt;This agent takes a &lt;strong&gt;Terraform infrastructure summary&lt;/strong&gt; and converts it into a &lt;strong&gt;high-level system explanation&lt;/strong&gt; written for a Product Manager. Instead of describing resources line by line, it explains the &lt;strong&gt;intent and impact of the infrastructure&lt;/strong&gt; in business terms.&lt;/p&gt;

&lt;p&gt;Even when infrastructure summaries exist, they are written for engineers.&lt;br&gt;
This agent ensures every infrastructure change can be understood by a Product Manager in minutes.&lt;/p&gt;

&lt;p&gt;Infrastructure doesn’t fail because it’s complex — it fails because the right people don’t understand it at the right time.&lt;br&gt;
This agent fixes that.&lt;/p&gt;


&lt;h2&gt;
  
  
  Demo
&lt;/h2&gt;

&lt;p&gt;The agent is demonstrated using &lt;strong&gt;two different Terraform summaries&lt;/strong&gt;, each representing a different AWS architecture pattern.&lt;/p&gt;

&lt;p&gt;Here is a Video Demonstration:&lt;br&gt;


  &lt;iframe src="https://www.youtube.com/embed/ZEpxaS8u1S0"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;

&lt;p&gt;For each summary:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;the input is a short, human-written Terraform infrastructure summary,&lt;/li&gt;
&lt;li&gt;the output is a structured, PM-level explanation describing system behavior, user access, data storage, and operational considerations.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Screenshots included in the submission show:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;An Autoscaling-based EC2 architecture with database, storage, and monitoring.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1bxqht5psz3by3hpfo9p.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1bxqht5psz3by3hpfo9p.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A serverless and hybrid compute architecture using API Gateway, Lambda, and ECS.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd941h5x8h8kum4ai4463.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd941h5x8h8kum4ai4463.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;These examples demonstrate how the same agent adapts to different infrastructure designs while maintaining a consistent, business-focused explanation style.&lt;/p&gt;




&lt;h2&gt;
  
  
  How I Used Algolia Agent Studio
&lt;/h2&gt;

&lt;p&gt;I used &lt;strong&gt;Algolia Agent Studio&lt;/strong&gt; as the core intelligence layer for this project.&lt;/p&gt;

&lt;h3&gt;
  
  
  Indexed Data
&lt;/h3&gt;

&lt;p&gt;I created an index named &lt;strong&gt;&lt;code&gt;terra-pr&lt;/code&gt;&lt;/strong&gt; and uploaded structured records from a &lt;code&gt;records.json&lt;/code&gt; file.&lt;br&gt;
Each record represents a &lt;strong&gt;PM-level explanation of an AWS service or Terraform resource&lt;/strong&gt;, including:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Amazon EKS&lt;/li&gt;
&lt;li&gt;EC2&lt;/li&gt;
&lt;li&gt;ECS&lt;/li&gt;
&lt;li&gt;Lambda&lt;/li&gt;
&lt;li&gt;API Gateway&lt;/li&gt;
&lt;li&gt;Load Balancer&lt;/li&gt;
&lt;li&gt;RDS&lt;/li&gt;
&lt;li&gt;S3&lt;/li&gt;
&lt;li&gt;CloudFront&lt;/li&gt;
&lt;li&gt;CloudWatch&lt;/li&gt;
&lt;li&gt;IAM&lt;/li&gt;
&lt;li&gt;VPC&lt;/li&gt;
&lt;li&gt;AWS Billing (conceptual)
&lt;/li&gt;
&lt;/ul&gt;
&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_eks_cluster"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"compute"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_eks_cluster"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon EKS"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This is the core platform where the application runs. It allows the system to run containerized services and automatically scale as user traffic increases."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_lb"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"networking"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_lb"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Elastic Load Balancer"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This is the public entry point for users. It distributes incoming traffic across the application so no single component gets overloaded."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_db_instance"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"database"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_db_instance"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon RDS"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This stores the application’s persistent data, such as user accounts or transactions. Data durability and backups are critical here."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_s3_bucket"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"storage"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_s3_bucket"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon S3"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This is used to store files or assets, such as images, logs, or backups. It’s often part of how the system handles large or static data."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_cloudfront_distribution"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"cdn"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_cloudfront_distribution"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon CloudFront"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This speeds up content delivery by caching data closer to users around the world, improving performance and reducing load on the core system."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_ecs"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"compute"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_ecs_service"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon ECS"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"ECS runs our application as containerized services that can scale automatically based on demand."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_ec2"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"compute"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_instance"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon EC2"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"EC2 provides dedicated servers where parts of the application run continuously."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_lambda"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"serverless"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_lambda_function"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"AWS Lambda"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Lambda runs small pieces of backend logic only when needed, without managing servers."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_api_gateway"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"api"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_api_gateway"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon API Gateway"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"API Gateway is the front door that securely exposes backend functionality to users and clients."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_cloudwatch"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"observability"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_cloudwatch"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon CloudWatch"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"CloudWatch monitors system health and alerts us when something goes wrong."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_iam_role"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"security"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_iam_role"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"AWS Identity and Access Management (IAM)"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This defines who or what is allowed to access different parts of the system, helping protect user data and prevent unauthorized actions."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_vpc"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"networking"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_vpc"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Amazon VPC"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This creates a private network boundary for the system, controlling which components are publicly accessible and which remain internal."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_billing"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"cloud"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_type"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"cost_management"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"persona"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"product_manager"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"resource"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"aws_billing"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"service_name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"AWS Billing &amp;amp; Cost Management"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"pm_explanation"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"This tracks infrastructure spending and helps understand how usage, traffic, and scaling decisions impact overall costs."&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;]&lt;/span&gt;&lt;span class="w"&gt;

&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;In total, the index contains &lt;strong&gt;13 curated records&lt;/strong&gt;, intentionally limited to high-signal services that matter to Product Managers. This keeps retrieval focused and helps avoid hallucination.&lt;/p&gt;
&lt;h3&gt;
  
  
  Agent Configuration
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;I created an agent from scratch in Agent Studio.&lt;/li&gt;
&lt;li&gt;Gemini was configured as the LLM provider.&lt;/li&gt;
&lt;li&gt;The &lt;code&gt;terra-pr&lt;/code&gt; index was added as a retrieval tool.&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;The agent prompt was carefully engineered to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;restrict scope to AWS + Terraform,&lt;/li&gt;
&lt;li&gt;assume a Product Manager audience,&lt;/li&gt;
&lt;li&gt;avoid Terraform syntax and low-level details,&lt;/li&gt;
&lt;li&gt;compose a system-level explanation using retrieved context.
&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;/ul&gt;
&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;You are an AI assistant that explains AWS infrastructure defined using Terraform to a Product Manager.

Your goal is to translate technical infrastructure concepts into clear, business-focused explanations using information retrieved from the infrastructure knowledge index.

Scope:
- Only answer questions related to AWS infrastructure, Terraform resources, or system-level architecture summaries.
- Use only the information retrieved from the attached Algolia index.
- If a Terraform resource or service is not found in the index, acknowledge it briefly and continue explaining the rest.
- If the input is unrelated to AWS or Terraform, reply: "I can only explain AWS infrastructure defined using Terraform."

Behavior:
- Assume the audience is a non-technical Product Manager.
- Do not include Terraform syntax, configuration details, or resource arguments.
- Focus on:
  - What the system does
  - How users interact with it
  - Where data lives
  - High-level risks (scaling, cost, reliability, security)
- Combine multiple services into a coherent system explanation when appropriate.
- Avoid repeating the same explanation more than once.

Tone:
- Clear, concise, and business-friendly.
- Confident but not overly technical.

Output formatting:
- Write in short paragraphs.
- Use bold section headers when useful (e.g., **System Overview**, **User Access**, **Data &amp;amp; Storage**, **Operational Considerations**).
- Do not use bullet points unless absolutely necessary.
- Do not mention Algolia, search results, or internal tools.

Error handling:
- If no relevant services are found after searching, reply: "I couldn't identify any recognizable AWS services in this infrastructure."
- On timeout or internal error, reply once: "Something went wrong while analyzing the infrastructure. Please try again."

Language:
- Reply in English.

Tone:
- Write as if you are part of the same team as the reader.
- Use inclusive pronouns such as "we", "our", and "us" where appropriate.
- Do not use first-person singular pronouns like "I".
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;The &lt;strong&gt;prompt&lt;/strong&gt;, &lt;strong&gt;sample Terraform summaries&lt;/strong&gt;, and &lt;strong&gt;index records&lt;/strong&gt; are all available in my GitHub repository:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Repository:&lt;/strong&gt;&lt;br&gt;


&lt;/p&gt;
&lt;div class="ltag-github-readme-tag"&gt;
  &lt;div class="readme-overview"&gt;
    &lt;h2&gt;
      &lt;img src="https://assets.dev.to/assets/github-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"&gt;
      &lt;a href="https://github.com/Pravesh-Sudha" rel="noopener noreferrer"&gt;
        Pravesh-Sudha
      &lt;/a&gt; / &lt;a href="https://github.com/Pravesh-Sudha/dev-to-challenges" rel="noopener noreferrer"&gt;
        dev-to-challenges
      &lt;/a&gt;
    &lt;/h2&gt;
    &lt;h3&gt;
      Registry to Store all my code related to Dev.TO Challenges
    &lt;/h3&gt;
  &lt;/div&gt;
  &lt;div class="ltag-github-body"&gt;
    
&lt;div id="readme" class="md"&gt;&lt;div class="markdown-heading"&gt;
&lt;h1 class="heading-element"&gt;🏗️ Dev.to Challenges – by Pravesh Sudha&lt;/h1&gt;
&lt;/div&gt;
&lt;p&gt;This repository contains my submissions for various &lt;a href="https://dev.to/challenges" rel="nofollow"&gt;Dev.to Challenges&lt;/a&gt;. Each folder in this repo includes a hands-on project built around specific tools, APIs, or themes — from infrastructure to frontend and AI voice agents.&lt;/p&gt;

&lt;div class="markdown-heading"&gt;
&lt;h2 class="heading-element"&gt;📁 Projects&lt;/h2&gt;
&lt;/div&gt;
&lt;div class="markdown-heading"&gt;
&lt;h3 class="heading-element"&gt;⚙️ &lt;code&gt;pulumi-challenge/&lt;/code&gt;
&lt;/h3&gt;
&lt;/div&gt;
&lt;p&gt;An infrastructure-as-code project built using &lt;a href="https://www.pulumi.com/" rel="nofollow noopener noreferrer"&gt;Pulumi&lt;/a&gt;.&lt;br&gt;
It automates cloud infrastructure setup using Python and TypeScript across AWS services.&lt;/p&gt;
&lt;div class="markdown-heading"&gt;
&lt;h3 class="heading-element"&gt;🎨 &lt;code&gt;frontend-challenge/&lt;/code&gt;
&lt;/h3&gt;

&lt;/div&gt;
&lt;p&gt;A UI/UX-focused project that demonstrates creative frontend solutions using HTML, CSS, and JavaScript — optimized for responsiveness and accessibility.&lt;/p&gt;
&lt;div class="markdown-heading"&gt;
&lt;h3 class="heading-element"&gt;📩 &lt;code&gt;postmark-challenge/&lt;/code&gt;
&lt;/h3&gt;

&lt;/div&gt;
&lt;p&gt;A transactional email solution built with the &lt;a href="https://postmarkapp.com/" rel="nofollow noopener noreferrer"&gt;Postmark API&lt;/a&gt;, showcasing email templates, delivery tracking, and webhook handling.&lt;/p&gt;
&lt;div class="markdown-heading"&gt;
&lt;h3 class="heading-element"&gt;🧠 &lt;code&gt;philo-agent/&lt;/code&gt;
&lt;/h3&gt;

&lt;/div&gt;
&lt;p&gt;A voice-based AI Philosopher built with AssemblyAI + Gemini — part of the &lt;a href="https://dev.to/challenges/wlh" rel="nofollow"&gt;World’s Largest Hackathon&lt;/a&gt;.&lt;/p&gt;

&lt;div class="markdown-heading"&gt;
&lt;h2 class="heading-element"&gt;🗂️ Project Structure&lt;/h2&gt;

&lt;/div&gt;
&lt;div class="highlight highlight-source-shell notranslate position-relative overflow-auto js-code-highlight"&gt;
&lt;pre&gt;dev-to-challenges/
│
├── pulumi-challenge/
├── frontend-challenge/
├── postmark-challenge/
├── philo-agent/
└── README.md&lt;/pre&gt;

&lt;/div&gt;

&lt;div class="markdown-heading"&gt;
&lt;h2 class="heading-element"&gt;🙌 Why This Repo?&lt;/h2&gt;

&lt;/div&gt;
&lt;p&gt;This repo is my playground to:&lt;/p&gt;
&lt;ul&gt;&lt;li&gt;…&lt;/li&gt;&lt;/ul&gt;&lt;/div&gt;
  &lt;/div&gt;
  &lt;div class="gh-btn-container"&gt;&lt;a class="gh-btn" href="https://github.com/Pravesh-Sudha/dev-to-challenges" rel="noopener noreferrer"&gt;View on GitHub&lt;/a&gt;&lt;/div&gt;
&lt;/div&gt;




&lt;p&gt;&lt;strong&gt;Project structure:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;p&gt;&lt;code&gt;agolia-agent-studio/&lt;/code&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;code&gt;doc/&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;prompt.txt&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;summaries.txt&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;index/&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;records.json&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;This setup makes the agent transparent, reproducible, and easy to extend.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why Fast Retrieval Matters
&lt;/h2&gt;

&lt;p&gt;Fast, contextual retrieval is what makes this agent reliable.&lt;/p&gt;

&lt;p&gt;Instead of asking the LLM to reason about AWS services from scratch, the agent:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;retrieves &lt;strong&gt;only relevant, pre-curated infrastructure knowledge&lt;/strong&gt;,&lt;/li&gt;
&lt;li&gt;grounds responses in indexed explanations,&lt;/li&gt;
&lt;li&gt;and composes outputs using known, controlled context.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This approach:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;reduces hallucination,&lt;/li&gt;
&lt;li&gt;ensures consistent explanations,&lt;/li&gt;
&lt;li&gt;and keeps responses aligned with the Product Manager persona.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Because retrieval is fast, the agent feels responsive and practical, even though it is producing structured, thoughtful explanations rather than conversational back-and-forth.&lt;/p&gt;




&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;This project focuses on a simple but persistent problem: &lt;strong&gt;infrastructure understanding doesn’t scale across roles&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;By combining Algolia Agent Studio’s fast retrieval with targeted prompting, this agent turns Terraform infrastructure into something that Product Managers can understand, discuss, and act on — without needing to become cloud experts.&lt;/p&gt;

&lt;p&gt;It is intentionally scoped, opinionated, and practical.&lt;/p&gt;

&lt;p&gt;That focus is what makes it useful.&lt;/p&gt;

&lt;p&gt;At last, I want to add "&lt;em&gt;Infrastructure doesn’t fail because it’s complex — it fails because the right people don’t understand it at the right time&lt;/em&gt;."&lt;/p&gt;




&lt;h3&gt;
  
  
  Connect with me
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;LinkedIn:&lt;/strong&gt; &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha/&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Twitter / X:&lt;/strong&gt; &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;https://x.com/praveshstwt&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;YouTube:&lt;/strong&gt; &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;https://www.youtube.com/@pravesh-sudha&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Blog:&lt;/strong&gt; &lt;a href="https://blog.praveshsudha.com" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com&lt;/a&gt;
&lt;/li&gt;
&lt;/ul&gt;




</description>
      <category>devchallenge</category>
      <category>algoliachallenge</category>
      <category>ai</category>
      <category>agents</category>
    </item>
    <item>
      <title>How I Built an AI Terraform Review Agent on Serverless AWS</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Thu, 08 Jan 2026 16:34:44 +0000</pubDate>
      <link>https://dev.to/aws-builders/how-i-built-an-ai-terraform-review-agent-on-serverless-aws-43hc</link>
      <guid>https://dev.to/aws-builders/how-i-built-an-ai-terraform-review-agent-on-serverless-aws-43hc</guid>
      <description>&lt;h2&gt;
  
  
  🌟 Introduction
&lt;/h2&gt;

&lt;p&gt;Welcome, Devs 👋&lt;br&gt;&lt;br&gt;
Today, we’re stepping into the exciting intersection of &lt;strong&gt;AI, automation, and cloud infrastructure&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;In this project, we’ll explore how an &lt;strong&gt;AI-powered agent can actively participate in a real DevOps workflow&lt;/strong&gt;, just like a senior reviewer on your team. This isn’t a toy demo — it closely resembles how &lt;strong&gt;real-world infrastructure changes are reviewed, validated, and approved&lt;/strong&gt; in production environments.&lt;/p&gt;

&lt;p&gt;We’ll use &lt;strong&gt;Terraform&lt;/strong&gt; to provision cloud resources and &lt;strong&gt;GitHub Actions&lt;/strong&gt; to automatically validate every pull request that modifies our HCL code. But here’s the twist 👀&lt;br&gt;&lt;br&gt;
Instead of relying only on static checks, we introduce an &lt;strong&gt;AI agent&lt;/strong&gt; into the pipeline.&lt;/p&gt;

&lt;p&gt;Every infrastructure change is:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Scanned using &lt;strong&gt;Terrascan&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Reviewed by an &lt;strong&gt;AI agent powered by Gemini&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Automatically &lt;strong&gt;approved, approved with changes, or rejected&lt;/strong&gt; based on risk severity&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If a pull request introduces &lt;strong&gt;dangerous or insecure infrastructure changes&lt;/strong&gt;, the AI agent &lt;strong&gt;blocks the PR&lt;/strong&gt; — just like an automated infrastructure security reviewer.&lt;/p&gt;

&lt;p&gt;Think of it as:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;🧠 An AI-powered Infra Guardian that never gets tired of reviewing Terraform code.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;So without further ado, let’s dive in and see how we built an &lt;strong&gt;AI-driven, serverless DevOps workflow&lt;/strong&gt; that brings intelligence directly into your CI/CD pipeline.&lt;/p&gt;


&lt;h2&gt;
  
  
  📽️ Youtube Demonstration
&lt;/h2&gt;

&lt;p&gt;

  &lt;iframe src="https://www.youtube.com/embed/i2XkTZQoS2g"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Pre-requisites
&lt;/h2&gt;

&lt;p&gt;Before we dive deep into the implementation, let’s make sure your environment is ready. This project touches multiple tools across cloud, IaC, security, and CI/CD, so having these set up beforehand will save you a lot of time.&lt;/p&gt;

&lt;p&gt;Make sure you have the following in place:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;AWS CLI&lt;/strong&gt; installed and configured with an IAM user&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;The IAM user should have permissions to create resources like ALB, ECS, Lambda, IAM, ACM, etc.&lt;/p&gt;
&lt;/blockquote&gt;
&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Terraform CLI&lt;/strong&gt; installed on your system&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;GitHub account&lt;/strong&gt; (pretty easy 😉)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Terrascan&lt;/strong&gt; installed locally&lt;br&gt;&lt;br&gt;
👉 &lt;a href="https://runterrascan.io/docs/getting-started/" rel="noopener noreferrer"&gt;Follow the official guide here&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you’re completely new to &lt;strong&gt;AWS CLI&lt;/strong&gt; or &lt;strong&gt;Terraform&lt;/strong&gt;, don’t worry. I’ve already written a beginner-friendly guide that walks you through everything step by step:&lt;/p&gt;

&lt;p&gt;📘 &lt;a href="https://blog.praveshsudha.com/getting-started-with-terraform-a-beginners-guide#heading-step-1-install-the-aws-cli" rel="noopener noreferrer"&gt;&lt;strong&gt;Getting Started with Terraform (Beginner’s Guide)&lt;/strong&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Once these prerequisites are fulfilled, you’re all set 🚀&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Why AI Agents in Modern DevOps?
&lt;/h2&gt;

&lt;p&gt;The current DevOps landscape is heavily influenced by &lt;strong&gt;AI-driven automation&lt;/strong&gt;. What we now call &lt;strong&gt;AIOps&lt;/strong&gt; has quietly become the de-facto standard for deploying, monitoring, and delivering software at scale.&lt;/p&gt;

&lt;p&gt;AI agents are everywhere today — but let’s address the elephant in the room.&lt;/p&gt;

&lt;p&gt;An &lt;strong&gt;AI agent&lt;/strong&gt; is essentially a program that automates work which previously required human intervention. In many cases, it still follows a &lt;strong&gt;human-in-the-loop&lt;/strong&gt; approach, but the heavy lifting — analysis, validation, and decision-making — is handled by the agent itself.&lt;/p&gt;

&lt;p&gt;In this project, we’ll bring that concept to life.&lt;/p&gt;

&lt;p&gt;We’ll deploy a &lt;strong&gt;Super Mario Bros game&lt;/strong&gt; (containerized using Docker) on a &lt;strong&gt;serverless AWS architecture&lt;/strong&gt;, leveraging services like:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Amazon ECS&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;AWS Lambda&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Application Load Balancer (ALB)&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;ACM for HTTPS&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;GitHub Actions for CI/CD&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This setup closely resembles a &lt;strong&gt;real-world production environment&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Now comes the interesting part 👀&lt;/p&gt;

&lt;p&gt;Every time a &lt;strong&gt;Pull Request&lt;/strong&gt; is raised against our Terraform codebase:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;GitHub Actions&lt;/strong&gt; kicks in&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Terrascan&lt;/strong&gt; scans our IaC for security and best-practice violations&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;The scan report is sent to an &lt;strong&gt;AI agent powered by Gemini&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;The AI analyzes the findings and decides whether to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;✅ &lt;strong&gt;Approve&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;⚠️ &lt;strong&gt;Approve with Changes&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;❌ &lt;strong&gt;Reject&lt;/strong&gt; the PR&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;In a real-world DevOps workflow, this kind of system can &lt;strong&gt;save hours of manual review&lt;/strong&gt;, reduce human error, and provide &lt;strong&gt;actionable remediation suggestions&lt;/strong&gt; along with architectural risk insights.&lt;/p&gt;

&lt;p&gt;Think of it as an &lt;strong&gt;automated Infrastructure Reviewer&lt;/strong&gt; — one that never gets tired and scales with your team.&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Practical Demonstration: Building the AI-Powered DevOps Workflow
&lt;/h2&gt;

&lt;p&gt;Enough theory — let’s get our hands dirty and see this system in action.&lt;/p&gt;

&lt;p&gt;To get started, head over to the following GitHub repository, &lt;strong&gt;fork it under your own GitHub username&lt;/strong&gt;, and then clone it locally:&lt;/p&gt;

&lt;p&gt;👉 &lt;strong&gt;Repository:&lt;/strong&gt; &lt;a href="https://github.com/Pravesh-Sudha/ai-devops-agent" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha/ai-devops-agent&lt;/a&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git clone https://github.com/&amp;lt;your-username&amp;gt;/ai-devops-agent.git
&lt;span class="nb"&gt;cd &lt;/span&gt;ai-devops-agent
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now navigate into the main project directory:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;cd &lt;/span&gt;terraform-review-agent
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Open the project in &lt;strong&gt;VS Code&lt;/strong&gt; (or your favorite editor). You’ll notice two main subdirectories:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform-review-agent/
├── lambda/
└── terraform/
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;lambda/&lt;/code&gt; → Contains the AI review Lambda function&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;terraform/&lt;/code&gt; → Contains all infrastructure provisioning code&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Let’s walk through the Terraform configuration piece by piece.&lt;/p&gt;

&lt;h2&gt;
  
  
  🧩 Terraform Code Breakdown
&lt;/h2&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;provider.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Defines AWS as the cloud provider:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;AWS provider version: &lt;strong&gt;6.26.0&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Region: &lt;strong&gt;us-east-1&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This ensures consistent provider behavior across environments.&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;backend.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;We store Terraform state remotely using &lt;strong&gt;Amazon S3&lt;/strong&gt; — a production best practice.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;use_lockfile &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nb"&gt;true&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This enables &lt;strong&gt;state locking without DynamoDB&lt;/strong&gt;, preventing concurrent state corruption using Terraform’s native lockfile mechanism.&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;variables.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Only two variables are required:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;project_name&lt;/code&gt; → fixed as &lt;strong&gt;mario-game&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;gemini_api_key&lt;/code&gt; → passed dynamically (never hardcoded)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This ensures our API key remains secure and out of version control.&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;outputs.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Provides useful runtime information after provisioning:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;ALB DNS name (where the game runs)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;ACM certificate ARN (used later for HTTPS)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;networking.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Instead of using the default VPC, we create our &lt;strong&gt;own VPC&lt;/strong&gt; using the official AWS VPC module:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Two &lt;strong&gt;public subnets&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Clean network isolation&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Better control and scalability&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;security.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;Security is handled via two separate security groups:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;p&gt;&lt;strong&gt;ALB Security Group&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Allows inbound traffic from anywhere (port 80 initially)&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;li&gt;

&lt;p&gt;&lt;strong&gt;ECS Task Security Group&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Only allows traffic from the ALB&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;This follows the &lt;strong&gt;least privilege principle&lt;/strong&gt;.&lt;br&gt;&lt;br&gt;
(We later extend this to support HTTPS on port 443.)&lt;/p&gt;
&lt;h3&gt;
  
  
  🔹 &lt;code&gt;secrets.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;The Gemini API key is securely stored using &lt;strong&gt;AWS Secrets Manager&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;No plaintext secrets. No leaks. Production-safe by default.&lt;/p&gt;
&lt;h2&gt;
  
  
  🧠 The AI Brain: Lambda Function
&lt;/h2&gt;
&lt;h3&gt;
  
  
  🔹 &lt;code&gt;lambda.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;This file defines a Python-based &lt;strong&gt;AWS Lambda function&lt;/strong&gt; responsible for reviewing Terrascan findings and acting as a &lt;strong&gt;CI/CD security gate&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;At the heart of this Lambda is a carefully crafted prompt:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="k"&gt;def&lt;/span&gt; &lt;span class="nf"&gt;build_prompt&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;findings&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nb"&gt;dict&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="o"&gt;-&amp;gt;&lt;/span&gt; &lt;span class="nb"&gt;str&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;
    &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="sa"&gt;f&lt;/span&gt;&lt;span class="sh"&gt;"""&lt;/span&gt;&lt;span class="s"&gt;
You are a senior DevOps and Terraform security reviewer acting as a CI/CD security gate.

Your task is to analyze Terrascan findings and decide whether the infrastructure
can be deployed based on **risk thresholds**, not perfection.

Decision Policy (STRICT)
- REJECT if:
  - Any HIGH or CRITICAL severity issue exists
  - OR MEDIUM severity issues ≥ 4
  - OR Application Load Balancer has **no HTTPS listener at all**
- APPROVE_WITH_CHANGES if:
  - MEDIUM severity issues are 1–3
- APPROVE if:
  - Only LOW or INFO issues exist

Output Format
Provide:
1. 🚨 Security issues ordered by severity (summary only)
2. 🛠 Required remediation (only actionable items)
3. ⚖️ Risk justification (1–2 lines)
4. 📌 Final verdict: APPROVE | APPROVE_WITH_CHANGES | REJECT

Rules:
- Be concise
- Use bullet points
- Focus on AWS (ALB, ECS, VPC, IAM)
- Ignore Terrascan scan_errors
- Do NOT repeat raw JSON
- Verdict must strictly follow the Decision Policy

Findings:
&lt;/span&gt;&lt;span class="si"&gt;{&lt;/span&gt;&lt;span class="n"&gt;json&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;dumps&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;findings&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="n"&gt;indent&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="mi"&gt;2&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;&lt;span class="si"&gt;}&lt;/span&gt;&lt;span class="s"&gt;
&lt;/span&gt;&lt;span class="sh"&gt;"""&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This logic ensures:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Security is enforced pragmatically&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;No false rejections for minor issues&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;HTTPS is mandatory for approval&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Clear, actionable feedback for developers&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;iam.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;IAM roles and policies are defined here:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Lambda is granted access to &lt;strong&gt;Secrets Manager&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;
&lt;p&gt;ECS task role attaches:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;code&gt;AmazonECSTaskExecutionRolePolicy&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;This allows ECS to pull images, write logs, and function correctly.&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;ecs.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;This is where the &lt;strong&gt;Mario game comes to life&lt;/strong&gt;:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;ECS task definition using Fargate&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Docker image for Super Mario Bros&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;ECS service to keep the task running&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Fully serverless. No EC2 management required.&lt;/p&gt;

&lt;h3&gt;
  
  
  🔹 &lt;code&gt;alb.tf&lt;/code&gt;
&lt;/h3&gt;

&lt;p&gt;To expose the application publicly:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Application Load Balancer&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Listener on port &lt;strong&gt;80&lt;/strong&gt; (initially)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Target group pointing to ECS tasks&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Later, we enhance this with &lt;strong&gt;HTTPS + ACM&lt;/strong&gt;, making the setup production-ready.&lt;/p&gt;

&lt;h2&gt;
  
  
  🚀 Provisioning the Infrastructure
&lt;/h2&gt;

&lt;p&gt;Before running Terraform, we need to create the S3 bucket for state storage:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws s3 mb s3://pravesh-terraform-mario-state
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;⚠️ If you see &lt;code&gt;BucketAlreadyExists&lt;/code&gt;, simply:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Update the bucket name in &lt;code&gt;backend.tf&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Re-run the command with a unique name&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Now initialize Terraform:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;cd &lt;/span&gt;terraform
terraform init
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm76ytzoi8gzghfmajrml.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm76ytzoi8gzghfmajrml.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Gemini API Key Setup
&lt;/h2&gt;

&lt;p&gt;Head over to &lt;strong&gt;Google AI Studio&lt;/strong&gt; and generate a free Gemini API key.&lt;/p&gt;

&lt;p&gt;Once you have it, keep it safe — we’ll pass it dynamically to Terraform.&lt;/p&gt;

&lt;h2&gt;
  
  
  Plan &amp;amp; Apply
&lt;/h2&gt;

&lt;p&gt;Preview the infrastructure:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform plan &lt;span class="nt"&gt;-var&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"gemini_api_key=&amp;lt;YOUR_GEMINI_API_KEY&amp;gt;"&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Review the plan and then deploy:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform apply &lt;span class="nt"&gt;-var&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"gemini_api_key=&amp;lt;YOUR_GEMINI_API_KEY&amp;gt;"&lt;/span&gt; &lt;span class="nt"&gt;-auto-approve&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;⏱️ Provisioning takes around &lt;strong&gt;5–7 minutes&lt;/strong&gt;, mainly due to ALB setup.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fktatd7fjqm02ureme4vw.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fktatd7fjqm02ureme4vw.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  🎮 Final Result
&lt;/h2&gt;

&lt;p&gt;Once Terraform finishes:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Copy the &lt;strong&gt;ALB DNS name&lt;/strong&gt; from the outputs&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Open it in your browser&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;🎉 You should now see the &lt;strong&gt;Super Mario Bros game running on ECS&lt;/strong&gt;, backed by a serverless AWS architecture and guarded by an AI-powered DevOps review system.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F27xxxgl79hta6719py2h.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F27xxxgl79hta6719py2h.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Terraform AI Review Agent in Action
&lt;/h2&gt;

&lt;p&gt;Now comes the most exciting part — &lt;strong&gt;seeing the Terraform AI review agent in action&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Before that, you need to add your AWS Access key and Secret Access key in your secrets of the repo. If you don’t know how to do that, &lt;a href="https://blog.praveshsudha.com/cicd-for-terraform-with-github-actions-deploying-a-nodejs-redis-app-on-aws#heading-step-1-add-aws-secrets" rel="noopener noreferrer"&gt;follow this guide&lt;/a&gt; and do the step 1 only, make sure you select the &lt;strong&gt;ai-devops-projects&lt;/strong&gt; repo, not the &lt;strong&gt;nginx-redis-node&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Let’s simulate a real-world scenario by making a small change to our infrastructure code and opening a &lt;strong&gt;Pull Request&lt;/strong&gt;. As soon as we do this, our &lt;strong&gt;GitHub Actions workflow&lt;/strong&gt; will automatically kick in and run the AI-based review.&lt;/p&gt;

&lt;h3&gt;
  
  
  Triggering the AI Review
&lt;/h3&gt;

&lt;p&gt;Make a minor change in the Terraform code and raise a Pull Request. Once the pipeline runs, you’ll notice that the &lt;strong&gt;workflow fails&lt;/strong&gt; ❌.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp2xpb262c79srcul3pop.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp2xpb262c79srcul3pop.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwsbo03n5sbviysj88w5d.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwsbo03n5sbviysj88w5d.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Why did this happen?&lt;/p&gt;

&lt;p&gt;If you check the &lt;strong&gt;Violation report&lt;/strong&gt;, you’ll see that the AI agent rejected the changes. The reason is simple and important:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Three MEDIUM-severity issues are related to the Application Load Balancer&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Our application is currently running only on &lt;strong&gt;HTTP&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Running production workloads over HTTP is &lt;strong&gt;not secure&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Because our AI agent follows a strict policy (defined in the Lambda prompt), the absence of an &lt;strong&gt;HTTPS listener&lt;/strong&gt; on the ALB results in a &lt;strong&gt;PR rejection&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;This is exactly how a real-world AI-powered infrastructure gate should behave.&lt;/p&gt;

&lt;h2&gt;
  
  
  Fixing the Issue: Enabling HTTPS 🔒
&lt;/h2&gt;

&lt;p&gt;To resolve this, we’ll enable &lt;strong&gt;HTTPS&lt;/strong&gt; by creating an &lt;strong&gt;ACM certificate&lt;/strong&gt; and updating our ALB configuration.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 1: Update Security Group Rules
&lt;/h3&gt;

&lt;p&gt;Inside &lt;code&gt;security.tf&lt;/code&gt;, uncomment the &lt;strong&gt;ingress rule for port 443&lt;/strong&gt; so that HTTPS traffic is allowed.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 2: Enable HTTPS Listener on ALB
&lt;/h3&gt;

&lt;p&gt;Open &lt;code&gt;alb.tf&lt;/code&gt; and do the following:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Uncomment the &lt;code&gt;aws_lb_listener "https"&lt;/code&gt; block&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Uncomment the ACM certificate resource&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Remove the existing &lt;code&gt;app_listener&lt;/code&gt; (HTTP listener)&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4xmi0co3ggrjoi04lezn.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4xmi0co3ggrjoi04lezn.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;This ensures HTTP is no longer used for forwarding traffic directly.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 3: Update Domain Name in ACM Certificate
&lt;/h3&gt;

&lt;p&gt;Inside the ACM certificate resource:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Replace &lt;code&gt;praveshsudha.com&lt;/code&gt; with &lt;strong&gt;your own domain name&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;This is required because you’ll be adding &lt;strong&gt;CAA and CNAME records&lt;/strong&gt; for certificate validation&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Step 4: Add CAA Record (IMPORTANT ⚠️)
&lt;/h3&gt;

&lt;p&gt;Before creating the ACM certificate, make sure to add the following &lt;strong&gt;CAA record&lt;/strong&gt; in your DNS provider:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Type:&lt;/strong&gt; CAA&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Name:&lt;/strong&gt; &lt;code&gt;@&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Flag:&lt;/strong&gt; &lt;code&gt;0&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Tag:&lt;/strong&gt; &lt;code&gt;issue&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;CA Domain:&lt;/strong&gt; &lt;code&gt;amazonaws.com&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;TTL:&lt;/strong&gt; Default&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;blockquote&gt;
&lt;p&gt;⚠️ &lt;strong&gt;Important:&lt;/strong&gt; Add this CAA record &lt;em&gt;before&lt;/em&gt; applying Terraform, otherwise ACM certificate creation may fail.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;h3&gt;
  
  
  Step 5: Enable ACM Output
&lt;/h3&gt;

&lt;p&gt;In &lt;code&gt;outputs.tf&lt;/code&gt;, uncomment the output block for &lt;code&gt;acm_certificate_arn&lt;/code&gt;.&lt;br&gt;&lt;br&gt;
This will help us fetch validation details later.&lt;/p&gt;
&lt;h3&gt;
  
  
  Step 6: Apply the Changes
&lt;/h3&gt;

&lt;p&gt;Run the following command:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform apply &lt;span class="nt"&gt;--var&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"gemini_api_key=&amp;lt;YOUR_GEMINI_KEY&amp;gt;"&lt;/span&gt; &lt;span class="nt"&gt;--auto-approve&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This will:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Create the ACM certificate&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Add an HTTPS listener to the ALB&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Once completed, Terraform will output the &lt;strong&gt;ACM certificate ARN&lt;/strong&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 7: Validate the ACM Certificate
&lt;/h3&gt;

&lt;p&gt;Use the ARN and run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws acm describe-certificate &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--certificate-arn&lt;/span&gt; arn:aws:acm:us-east-1:&amp;lt;ACCOUNT_ID&amp;gt;:certificate/&amp;lt;CERT_ID&amp;gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;From the output:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Copy the &lt;strong&gt;CNAME name&lt;/strong&gt; (only up to &lt;code&gt;mario&lt;/code&gt;, not the full domain)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Copy the &lt;strong&gt;CNAME value&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4t61n3w5zo64lhklo6gp.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4t61n3w5zo64lhklo6gp.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3fb5zc8gk8vfb1pvjyzz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3fb5zc8gk8vfb1pvjyzz.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Add this CNAME record to your DNS provider.&lt;/p&gt;

&lt;p&gt;Within a few minutes, the certificate status will change to &lt;strong&gt;ISSUED&lt;/strong&gt; ✅.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo35snxpy9joi12laelfd.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo35snxpy9joi12laelfd.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 8: Point Your Domain to the ALB
&lt;/h3&gt;

&lt;p&gt;Now create a DNS record:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Type:&lt;/strong&gt; CNAME&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Name:&lt;/strong&gt; &lt;code&gt;mario&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Target:&lt;/strong&gt; &lt;code&gt;&amp;lt;YOUR_ALB_DNS_NAME&amp;gt;&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;TTL:&lt;/strong&gt; Default&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj2rz65il6xgmnonobct9.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj2rz65il6xgmnonobct9.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;After a few minutes, your application will be live at:&lt;/p&gt;

&lt;p&gt;👉 &lt;a href="https://mario.your-domain.com/" rel="noopener noreferrer"&gt;&lt;strong&gt;https://mario.your-domain.com&lt;/strong&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk94ie7zgqbjxt62m3rp1.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk94ie7zgqbjxt62m3rp1.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Re-running the AI Review ✅
&lt;/h2&gt;

&lt;p&gt;Now that HTTPS is enabled, let’s test the AI agent again.&lt;/p&gt;

&lt;p&gt;Run the following commands:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git checkout &lt;span class="nt"&gt;-b&lt;/span&gt; &lt;span class="nb"&gt;test
&lt;/span&gt;git add outputs.tf security.tf alb.tf
git commit &lt;span class="nt"&gt;-m&lt;/span&gt; &lt;span class="s2"&gt;"testing ai-agent-workflow"&lt;/span&gt;
git push origin &lt;span class="nb"&gt;test&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Go to your GitHub repository and open a &lt;strong&gt;Pull Request&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;This time:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;GitHub Actions runs successfully&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Terrascan reports are generated&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Gemini analyzes the findings&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;✅ &lt;strong&gt;AI agent APPROVES the PR&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fys48w4t3n7gat7hgy886.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fys48w4t3n7gat7hgy886.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Cleaning Up Resources
&lt;/h2&gt;

&lt;p&gt;Once you’re done experimenting with the project, it’s &lt;strong&gt;very important&lt;/strong&gt; to clean up all the resources to avoid any unnecessary AWS charges.&lt;/p&gt;

&lt;p&gt;Follow the steps below &lt;strong&gt;in order&lt;/strong&gt; to safely delete everything we created.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 1: Destroy Terraform Resources
&lt;/h3&gt;

&lt;p&gt;First, navigate to the &lt;code&gt;terraform&lt;/code&gt; directory and run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;terraform destroy &lt;span class="nt"&gt;--auto-approve&lt;/span&gt; &lt;span class="nt"&gt;--var&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"gemini_api_key=&amp;lt;YOUR_GEMINI_KEY&amp;gt;"&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcfmwkfw1wif38ye2ixgn.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcfmwkfw1wif38ye2ixgn.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;This command will:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Terminate ECS services and tasks&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Delete the Application Load Balancer&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Remove Lambda functions and IAM roles&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Clean up networking components like VPCs, subnets, and security groups&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Step 2: Delete the Terraform State Files from S3
&lt;/h3&gt;

&lt;p&gt;Once Terraform has destroyed all the resources, delete the remote state files stored in S3.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws s3 &lt;span class="nb"&gt;rm &lt;/span&gt;s3://pravesh-terraform-mario-state &lt;span class="nt"&gt;--recursive&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This removes all objects inside the bucket, including the Terraform state file.&lt;/p&gt;

&lt;h3&gt;
  
  
  Step 3: Remove the S3 Bucket
&lt;/h3&gt;

&lt;p&gt;Finally, delete the empty S3 bucket:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws s3 rb s3://pravesh-terraform-mario-state
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuyfqvf3y5ne2cmm0n3i9.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuyfqvf3y5ne2cmm0n3i9.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🌟 Conclusion
&lt;/h2&gt;

&lt;p&gt;This project goes far beyond deploying a Super Mario game on AWS — it represents how &lt;strong&gt;modern DevOps is evolving with AI and serverless architectures&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;By integrating &lt;strong&gt;Terraform&lt;/strong&gt;, &lt;strong&gt;GitHub Actions&lt;/strong&gt;, &lt;strong&gt;Terrascan&lt;/strong&gt;, and &lt;strong&gt;Gemini&lt;/strong&gt;, we built an &lt;strong&gt;AI-powered Terraform review agent&lt;/strong&gt; that acts as a real CI/CD security gate. Every infrastructure change is evaluated based on risk, not guesswork. The AI summarizes security findings, suggests concrete remediations, and makes approval decisions that closely resemble how a senior DevOps engineer would review production infrastructure.&lt;/p&gt;

&lt;p&gt;On the infrastructure side, we embraced a &lt;strong&gt;serverless-first approach&lt;/strong&gt; using &lt;strong&gt;AWS ECS Fargate, Lambda, ALB, and managed cloud services&lt;/strong&gt;. This setup reflects real-world architectures used in production today — scalable, cost-efficient, and operationally simple, without managing servers manually.&lt;/p&gt;

&lt;p&gt;The key takeaway from this project is clear:&lt;br&gt;&lt;br&gt;
&lt;strong&gt;AI in DevOps is not about replacing engineers — it’s about empowering them.&lt;/strong&gt;&lt;br&gt;&lt;br&gt;
By automating repetitive infrastructure reviews, we save valuable engineering hours, reduce human errors, and ship changes with higher confidence and security.&lt;/p&gt;

&lt;p&gt;I highly encourage you to fork the repository, experiment with breaking changes, tune the AI decision thresholds, and extend this project further. This is just the beginning of what AI-assisted DevOps can achieve.&lt;/p&gt;

&lt;p&gt;Happy building 🚀&lt;/p&gt;

&lt;h3&gt;
  
  
  🔗 Connect with me
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;LinkedIn:&lt;/strong&gt; &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha/&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Twitter / X:&lt;/strong&gt; &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;https://x.com/praveshstwt&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;YouTube:&lt;/strong&gt; &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;https://www.youtube.com/@pravesh-sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Blog:&lt;/strong&gt; &lt;a href="https://blog.praveshsudha.com/" rel="noopener noreferrer"&gt;https://blog.praveshsudha.com&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If this project helped you learn something new, feel free to share it with your network — it truly helps a lot ❤️&lt;/p&gt;

</description>
      <category>aws</category>
      <category>terraform</category>
      <category>serverless</category>
      <category>devops</category>
    </item>
    <item>
      <title>🚀 How I Created an AI-Powered Secret Santa Using Cognee as the Memory Layer</title>
      <dc:creator>Pravesh Sudha</dc:creator>
      <pubDate>Thu, 11 Dec 2025 12:30:00 +0000</pubDate>
      <link>https://dev.to/pravesh_sudha_3c2b0c2b5e0/how-i-created-an-ai-powered-secret-santa-using-cognee-as-the-memory-layer-2enl</link>
      <guid>https://dev.to/pravesh_sudha_3c2b0c2b5e0/how-i-created-an-ai-powered-secret-santa-using-cognee-as-the-memory-layer-2enl</guid>
      <description>&lt;h2&gt;
  
  
  Welcome Devs 👋 — Another Fun Build with Cognee + AI
&lt;/h2&gt;

&lt;p&gt;Welcome Devs to another interesting blog from my side!&lt;br&gt;&lt;br&gt;
It’s been a while since I first connected with &lt;strong&gt;Cognee&lt;/strong&gt;, and exactly a month ago I actually built a &lt;strong&gt;Cognee Starter application from scratch using Flask&lt;/strong&gt; and deployed it on &lt;strong&gt;AWS ECS using Terraform&lt;/strong&gt;. If you haven’t checked it out yet, here’s the link to that build — you’ll enjoy it: &lt;/p&gt;

&lt;p&gt;

  &lt;iframe src="https://www.youtube.com/embed/uvkwXSUJ6Hw"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;

&lt;p&gt;Since then, the Cognee team has been on fire. Their GitHub repo recently crossed &lt;strong&gt;10K+ stars&lt;/strong&gt; (absolutely deserved 🎉). And staying true to the momentum, they came up with a fun little community event — the &lt;strong&gt;Secret Santa Mini Challenge&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;So… for this challenge, I decided to build something a bit unique —&lt;br&gt;&lt;br&gt;
✨ &lt;strong&gt;An Emotion-Aware Secret Santa powered by Gemini 2.5 Flash&lt;/strong&gt;, with &lt;strong&gt;Cognee&lt;/strong&gt; acting as the memory layer holding everything together.&lt;/p&gt;


&lt;h2&gt;
  
  
  How the Idea Hit Me 🤯 — And Why Emotions Matter in Secret Santa
&lt;/h2&gt;

&lt;p&gt;After going through the rules and criteria of the challenge, I started brainstorming ideas… and suddenly something clicked on a &lt;em&gt;very personal&lt;/em&gt; level.&lt;/p&gt;

&lt;p&gt;In my friend group, &lt;strong&gt;I’m the delightful one&lt;/strong&gt; —&lt;br&gt;&lt;br&gt;
Happy for no absolute reason, just vibing, giggling, randomly remembering something from Kevin Hart Special 😂&lt;/p&gt;

&lt;p&gt;But my friends?&lt;br&gt;&lt;br&gt;
Total opposite personalities:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;One is &lt;strong&gt;stressed 24/7&lt;/strong&gt; because of career pressure&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Another is &lt;strong&gt;moody&lt;/strong&gt;, unpredictable like Mumbai weather&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And the last one is the &lt;strong&gt;chill guy&lt;/strong&gt;, relaxed in literally every situation&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Reflecting on that, I thought:&lt;br&gt;&lt;br&gt;
&lt;strong&gt;Why not create a Secret Santa that understands emotions the same way we understand each other?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;A Secret Santa that:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Reads how each friend is feeling&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Understands their energy, mood, and stress&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Pairs them up based on emotional compatibility&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And even helps choose a meaningful gift&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;That’s how &lt;em&gt;Emotion-Aware Secret Santa&lt;/em&gt; was born.&lt;/p&gt;


&lt;h2&gt;
  
  
  How It Works 🧠🎁 — Turning Feelings Into Smart Gift Matches
&lt;/h2&gt;

&lt;p&gt;Each friend gives:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Their name&lt;/strong&gt;, and&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;A short description of their mood, week, stress level, or personality&lt;/strong&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;For example:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;“Alice is overwhelmed with work and feeling stressed.”&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;“Bob had a great week and is feeling positive and energetic.”&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These tiny descriptions become the &lt;em&gt;foundation&lt;/em&gt; for the AI’s reasoning.&lt;/p&gt;
&lt;h3&gt;
  
  
  🧩 Step 1 — Storing the emotional descriptions with Cognee
&lt;/h3&gt;

&lt;p&gt;Each user description is added into Cognee’s memory layer using:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="n"&gt;cognify&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;add&lt;/span&gt;&lt;span class="p"&gt;(...)&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Then using:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="nf"&gt;cognify&lt;/span&gt;&lt;span class="p"&gt;()&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Cognee processes all the data with &lt;strong&gt;Gemini&lt;/strong&gt;, building:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Semantic links&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Entities&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Relationships&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A mini knowledge graph&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Embeddings&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;(I’ve shown this visually in my previous video — it’s super cool to watch.)&lt;/p&gt;

&lt;h2&gt;
  
  
  🧠 Step 2 — Cognee asks the right question
&lt;/h2&gt;

&lt;p&gt;Cognee then asks:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;“What is the emotional state or mood of Alice?”&lt;/strong&gt;&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Using &lt;code&gt;RAG_COMPLETION&lt;/code&gt;, Gemini returns refined emotional states like:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;stressed&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;excited&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;lonely&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;happy&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;tired&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🎅 Step 3 — AI-Powered Secret Santa Pairing
&lt;/h2&gt;

&lt;p&gt;Now the fun logic:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Cognee assigns Secret Santa pairs&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Makes sure no one gets themselves&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And suggests a gift based on emotion&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Gift suggestions are generated using a &lt;strong&gt;local gift dictionary&lt;/strong&gt; (0 extra AI cost… because while testing I hit the Gemini daily quota twice 💀😂).&lt;/p&gt;

&lt;h2&gt;
  
  
  🎉 Step 4 — The Big Reveal
&lt;/h2&gt;

&lt;p&gt;Finally, the program prints a &lt;strong&gt;beautiful Secret Santa reveal&lt;/strong&gt;:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Who is gifting whom&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Why they were paired&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And what gift matches their emotional state&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Simple, wholesome, and powered by Cognee’s memory + Gemini’s reasoning.&lt;/p&gt;




&lt;h2&gt;
  
  
  Try It Yourself 🎄 — Run the Emotion-Aware Secret Santa on Your Machine
&lt;/h2&gt;

&lt;p&gt;I’ve open-sourced the entire project so you can explore, modify, and have fun with it.&lt;br&gt;&lt;br&gt;
The code is available here:&lt;/p&gt;

&lt;p&gt;👉 &lt;strong&gt;GitHub Repo:&lt;/strong&gt; &lt;a href="https://github.com/Pravesh-Sudha/secret-santa-cognee" rel="noopener noreferrer"&gt;https://github.com/Pravesh-Sudha/secret-santa-cognee&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Clone it to your system and you’re ready to get started.&lt;/p&gt;
&lt;h2&gt;
  
  
  🔑 Step 1 — Get Your Gemini API Key
&lt;/h2&gt;

&lt;p&gt;To run this project, you’ll need a &lt;strong&gt;Gemini API key&lt;/strong&gt;.&lt;br&gt;&lt;br&gt;
The good news? &lt;strong&gt;Google AI Studio gives you one for free.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Once you have your key:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;Inside the project directory, create a &lt;code&gt;.env&lt;/code&gt; file&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Copy everything from &lt;code&gt;.env.example&lt;/code&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Replace the values of:&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;
&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;* `LLM_API_KEY`

* `EMBEDDING_API_KEY`  
    with your Gemini key
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;
&lt;p&gt;And boom — the setup is done.&lt;/p&gt;
&lt;h2&gt;
  
  
  🔧 Step 2 — Install Dependencies
&lt;/h2&gt;

&lt;p&gt;Inside your project directory, run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;uv &lt;span class="nb"&gt;sync&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This will install all required dependencies cleanly.&lt;/p&gt;

&lt;h2&gt;
  
  
  📝 Step 3 — Customise Your Friends &amp;amp; Gifts
&lt;/h2&gt;

&lt;p&gt;You can now explore the code and make the project your own:&lt;/p&gt;

&lt;h3&gt;
  
  
  👥 Add your own friends
&lt;/h3&gt;

&lt;p&gt;Open:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;data/friends.json
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Futtbedx9260jyfs1cu7r.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Futtbedx9260jyfs1cu7r.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Add your friends and their mood descriptions.&lt;br&gt;&lt;br&gt;
(Tip: try to keep it max &lt;strong&gt;4 friends&lt;/strong&gt;, otherwise you may hit the Gemini daily quota like I did 😭😂)&lt;/p&gt;
&lt;h3&gt;
  
  
  🎁 Customise the gifts
&lt;/h3&gt;

&lt;p&gt;Inside:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;gift_gen.py
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk4ai71eomu0ozdpcerfc.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk4ai71eomu0ozdpcerfc.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;You can update gifts for each emotion to make them more fun, personal, or chaotic — your call.&lt;/p&gt;

&lt;h2&gt;
  
  
  ▶️ Step 4 — Run the Project
&lt;/h2&gt;

&lt;p&gt;Once everything is set up, run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;uv run main.py
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The program takes around &lt;strong&gt;2–3 minutes&lt;/strong&gt;, and then…&lt;/p&gt;

&lt;p&gt;🎉 You get a full Secret Santa reveal right in your terminal!&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Who got whom&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Their emotional reasoning&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;And the perfect gift suggestion&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;All powered by Cognee + Gemini.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhp93tkgq5btfyb2bd3fw.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhp93tkgq5btfyb2bd3fw.png" alt=" "&gt;&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;NOTE:&lt;/strong&gt;  Initially, I planned to generate gifts using Gemini too… but Gemini’s “Requests per Minute” limit looked at me and said:&lt;br&gt;
“&lt;em&gt;Not today, brother&lt;/em&gt;.”&lt;br&gt;
So I switched to a local gift list — zero extra AI cost, much more reliable.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;h2&gt;
  
  
  📽️ Video Demonstration
&lt;/h2&gt;

&lt;p&gt;

  &lt;iframe src="https://www.youtube.com/embed/86eA3UuxA54"&gt;
  &lt;/iframe&gt;


&lt;/p&gt;




&lt;h2&gt;
  
  
  🎄 Conclusion — Building with Cognee Is Just Too Much Fun
&lt;/h2&gt;

&lt;p&gt;This Secret Santa Mini Challenge by Cognee was the perfect excuse to experiment, break things, fix things, hit API limits twice 😭, and eventually build something that felt genuinely &lt;em&gt;personal&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;Using &lt;strong&gt;Cognee as the memory layer&lt;/strong&gt; + &lt;strong&gt;Gemini 2.5 Flash for reasoning&lt;/strong&gt; turned a simple holiday tradition into a small emotionally aware AI system — and honestly, that’s the kind of playful innovation that makes me love building these projects.&lt;/p&gt;

&lt;p&gt;If you try it out, tweak it, or turn it into something wild and creative, I’d genuinely love to see it.&lt;br&gt;&lt;br&gt;
And big shoutout to the Cognee team for organizing such a wholesome challenge and continuing to ship amazing updates to the ecosystem.&lt;/p&gt;

&lt;p&gt;More AI projects, more experiments, and more community fun coming soon.&lt;br&gt;&lt;br&gt;
Till then — keep building, keep learning, and keep vibing. ✨&lt;/p&gt;

&lt;h2&gt;
  
  
  🌐 Connect With Me
&lt;/h2&gt;

&lt;p&gt;If you enjoyed this project or want to follow my DevOps + AI journey, find me here:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;LinkedIn:&lt;/strong&gt; &lt;a href="https://www.linkedin.com/in/pravesh-sudha/" rel="noopener noreferrer"&gt;https://www.linkedin.com/in/pravesh-sudha/&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Twitter/X:&lt;/strong&gt; &lt;a href="https://x.com/praveshstwt" rel="noopener noreferrer"&gt;https://x.com/praveshstwt&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;YouTube:&lt;/strong&gt; &lt;a href="https://www.youtube.com/@pravesh-sudha" rel="noopener noreferrer"&gt;https://www.youtube.com/@pravesh-sudha&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;See you in the next build! 🚀&lt;/p&gt;

</description>
      <category>ai</category>
      <category>coding</category>
      <category>rag</category>
      <category>llm</category>
    </item>
  </channel>
</rss>
