Hey, I'm Sabin Joshi
DevOps Engineer with 3 years of getting my hands dirty with AWS, infrastructure, and automation. This is where I write down everything I learn — so future me (and maybe you) don't have to figure it out the hard way.
Monitoring & Alerting a Web App on AWS: The Minimal Setup That Actually Works
Stop drowning in CloudWatch noise. Here's the lean, opinionated monitoring stack — ALB, RDS, SQS, and budget alerts — that keeps your team sane and your customers happy.
Stop Paying for Idle EC2: Automate Underutilization Reports with Bash & CloudWatch
A Bash script that queries CloudWatch for 7-day CPU and memory averages across every running EC2 instance, flags the underutilized ones, emails an HTML report with a CSV attachment, and runs itself every morning via cron — so you never miss a wasteful instance again.
Kill Your EC2 Cron Jobs: Serverless Scheduling with Lambda, EventBridge & Terraform
That EC2 instance running your cron jobs costs $45/year, needs OS patches, and is a single point of failure. Here's the complete Terraform-based migration to Lambda + EventBridge — with 99.8% cost savings and zero server management.
AWS VPC Deep Dive: Advanced Networking Patterns for Production
CIDR planning, NAT Gateway HA per AZ, VPC PrivateLink for service isolation, Transit Gateway, and Flow Logs for forensics.
Production Observability Stack: Logs, Metrics, Traces on AWS
Unified observability with OpenTelemetry, CloudWatch, Prometheus + Grafana, X-Ray tracing, and SLO-based alerting.
AWS IAM Mastery: Least Privilege at Scale with Permission Boundaries
Permission boundaries for safe delegation, ABAC with tags, SCPs as guardrails, Access Analyzer, and eliminating static credentials.
Aurora PostgreSQL at Scale: Replication, Failover & Performance Tuning
Deep dive into Aurora architecture — RDS Proxy connection pooling, read replica auto-scaling, parameter tuning, and failover under 30s.
From Docker Compose to Kubernetes: A Production Migration Guide
Mapping Compose concepts to K8s objects — Deployments, ConfigMaps, Ingress, health probes, resource limits, and HPA.
Container Security Hardening: Docker, Kubernetes & Supply Chain
Dockerfile hardening, Trivy scanning in CI, Pod Security Standards, Falco runtime detection, and cosign supply chain security.
CloudFront & S3: Building a Global CDN for High-Traffic Web Apps
From 42% to 96% cache hit rate — multi-origin CloudFront, Lambda@Edge for auth and security headers, WAF, and OAC.
Platform Engineering: Building an Internal Developer Platform on AWS
IDP with Backstage, golden path Terraform modules, and DORA metrics — cut deployment lead time from 3 days to 47 minutes.
Serverless at Scale: AWS Lambda, API Gateway & Event-Driven Patterns
Production serverless at 150M+ invocations/month — cold start optimization, concurrency management, SQS/SNS patterns, and Powertools.
Designing a PCI-DSS Compliant Platform on AWS
Architecting a PCI-DSS Level 1 compliant platform on AWS — featuring network segmentation, encryption everywhere, comprehensive audit logging, and continuous compliance monitoring.
Multi-Region AWS Infrastructure for Resilience: A Terraform Deep Dive
Learn how to architect highly available, multi-region AWS infrastructure using Terraform, Transit Gateway, Network Load Balancers, and intelligent routing strategies for enterprise-grade applications.
Automating Mobile App Releases with Fastlane: iOS & Android CI/CD
A comprehensive guide to setting up Fastlane for automated iOS TestFlight and Android Play Store deployments with GitHub Actions, including code signing, version management, and release automation.
Cloud FinOps Framework: AWS Cost Intelligence Dashboard and Cost Anomaly Detection
Architecting a FinOps framework that reduced cloud costs by 30% — featuring Cost Intelligence Dashboard, automated anomaly detection, chargeback mechanisms, and executive-level cost visibility.
Unifying GitOps for AWS: ArgoCD, Terraform, and Crossplane
Crafting a GitOps-driven infrastructure platform combining ArgoCD for application delivery, Terraform for foundational infrastructure, and Crossplane for Kubernetes-native AWS resource management.
Zero-Downtime EKS Upgrades in Production
Implementing a blue-green node group strategy for EKS cluster upgrades with automated rollback, PodDisruptionBudgets, and Terraform orchestration — achieving zero customer impact.