Prior to work on this company I was able to get four AWS certifications and also participating in a few projects that required knowledge in AWS, but nothing compared with what I was able to achieve during this time.

You might be thinking how I end up collaborating with architecture and infrastructure if I was originally hired to fill a position as a backend engineer, the truth is that I was extremely lucky, there were some managerial changes in the company and after a few months of starting my journey here, a new CTO was introduced to the team, we also were a pretty small team and always needed an extra pair of hands.

During a 1-on-1 with the CTO and at some point in the conversation we were talking about hiring someone to help us with DevOps, and to be honest, I’m glad I got the courage to ask if I could help with some tasks related, in that moment he didn’t know what I was capable of but he took the chance and gave me the opportunity to work on something.

I remember first offering to work on moving our main application from EC2 servers to containers as I had worked with dockerizing the app during my first months, in that moment deploying our EC2 servers was a mess and also moving to containers will help us with scalabilty and availability, so I got the green light and started working on it.

I’m really grateful the CTO trusted me the task of working on architecture and infrastructure, this was a real game changer for my professional career. Below you will find a list of contributions I made to the company in different areas like Observability, Costs Savings, Security and DevOps and more, they are not written in a particular order but the cost savings ones will be grouped on the bottom so it is easier to check the numbers:

The following posts tell the story on how I was able to complete the challenges and reducing significantly the billing.

Index

[!attention] Not all the posts are written yet and my goal is to post them the fast as I can.

Observability

  • Grafana Implementation.
  • Datadog Frontend Implementation.
  • Datadog Backend Implementation.
  • Uptime Kuma Implementation.

Security

  • Fraud Mitigation.
  • CSRF Tokens implementation.
  • Google reCaptcha Enterprise.
  • WAF Implementation.
  • Bot Control with Captcha.
  • SQL Injection rules.
  • Block requests based on Regex Patterns.
  • Block Requests based on IP.
  • Fraud Detection Panel on Grafana.
  • Content Security Policies.

DevOps & CI/CD

  • No Blame Culture.
  • Cloudformation Implementation.
  • Make Pattern.
  • App Containerization.
  • Pipelines.
  • Trunk-based deployments.
  • Feature Branch deployments.
  • Hotfix Deployments.
  • Docker Multi Stage Pipelines.
  • Empowering QA.
  • Empowering non technical users.
  • Sonarqube.
  • AB environment.

Cost Savings - Saving 160k yearly.

  • Feature Branch environments removal schedule.
  • Removing unused IP addresses.
  • Optimization - CDN implementation.
  • Optimization - Image Transformations.
  • Optimization - SQL Queries Optimization.
  • Security - OpenVPN implementation.
  • Security - Migrate apps to containers.
  • Security - Migrate Databases to private subnet.
  • Security - SSH Access from external Big Data Apps.
  • How I avoided the company to pay $100k yearly on Aurora RDS
  • Database Engine Migration.
  • Reserved Instances for EC2.
  • Reserved Instances for RDS.
  • Optimizations - Removing Load balancers
  • Total Costs Savings - $160k Yearly.

These are a few of the remarkable stories I have collected during my time with the company and they are proof of what we can achieve when willing to improve.