Stop Reusing the Same CIDR Everywhere: VPC Peering Will Bite You
Overlapping CIDRs block VPC peering and make growth painful. Hereβs a practical plan for org-wide CIDR design, Terraform guardrails, and zero-downtime migration.
Articles by Andrew Ghobrial
π§ Cognito in Multi-Region AWS Architectures β Whatβs the Right Approach?
Cognito is AWSβs managed authentication service, but it comes with a critical limitation: user pools are region-bound. In this post, I explore why this matters in multi-region designs and the approaches you can take to solve it.
π Ways to Access Your Database in a Private Subnet in AWS VPC
Databases should live in private subnets for security β but how do you access them when theyβre not exposed to the internet? In this post, I cover bastion hosts, Session Manager, VPC peering, VPN/Direct Connect, and PrivateLink.
π The Power of Tagging Resources in AWS
Learn how AWS resource tagging can improve cost management, operations, security, and compliance in your cloud environment.
π How I Decreased Docker Image Size by Half with Distroless Images
Discover how switching to distroless images can drastically reduce Docker image size, improve security, and accelerate deployments.
How I Cut AWS Deployment Time in Half with GitHub Actions Matrix Strategy
Discover how leveraging the GitHub Actions matrix strategy helped streamline multi-region AWS deployments, cut deploy times by 50%, and keep workflows maintainable.
π¨ Docker on ECR Costs Alert! π¨ Managing Hidden Storage Charges
ECR charges $0.10 per GB/month for stored Docker images. Learn how lifecycle policies can keep your costs under control and prevent runaway storage bills.
π¨ AWS Lambda Costs ALERT! π¨ Optimizing Memory and Node.js Garbage Collection
Learn how improper memory allocation in AWS Lambda with Node.js can lead to crashes and inflated costs, and how tuning memory with NODE_OPTIONS can save you money.
πΈ When AWS NAT Gateway Costs Spike Out of Control (and How to Be Prepared)
A sudden spike in AWS NAT Gateway costs can be painful β and without VPC Flow Logs, youβre left in the dark. Hereβs why it happens, how to investigate, and what to do next.