CI/CDの基礎資料が有益すぎるってTL見て、初心者向けにAWSで組む話が出ててふと思った。 外資案件でリリースループ食らってた頃、CodePipelineとかCodeBuild知らなくて手作業でデプロイ繰り返して徹夜続きだったんだよな。隣の席のデブが自動化スクリプト回してるの見ながら肩凝ってた記憶が蘇る。

Just wrapped up 37 important AWS hands-on tasks that every DevOps Engineer and Cloud Engineer should complete or at least understand. It took me 4 months to finish all of them. From networking, security, storage, databases, and monitoring to CI/CD, containers, serverless, and Kubernetes—every single task helped me build a deeper understanding of how AWS services work together in real-world environments. The biggest takeaway wasn’t learning individual services; it was understanding how to design, secure, automate, monitor, and troubleshoot complete cloud solutions. Every task was worth the effort, and the depth of knowledge gained is something no course or certification alone can provide. Now it’s time to go even deeper. 🚀 ✅ Built custom VPCs with Public/Private Subnets, Route Tables & Internet Gateways ✅ Configured VPC Peering and updated Route Tables for cross-VPC communication ✅ Connected multiple VPCs using Transit Gateway (TGW) ✅ Deployed NAT Gateways with Elastic IPs for secure outbound internet access from private subnets ✅ Created VPC Gateway & Interface Endpoints for private access to S3 and SSM ✅ Enabled VPC Flow Logs and stored network traffic logs in S3 ✅ Implemented Security Groups (stateful) and NACLs (stateless) for network security ✅ Automated AMI creation using HashiCorp Packer ✅ Created EC2 Launch Templates with bootstrap User Data scripts ✅ Deployed ALBs & NLBs with path-based routing and cross-zone load balancing ✅ Configured Auto Scaling Groups with CloudWatch-driven dynamic scaling ✅ Implemented Route 53 routing policies: • Failover • Latency-Based • Weighted • Geolocation ✅ Provisioned, formatted, and mounted EBS volumes on Linux EC2 instances ✅ Deployed EFS for shared storage across multiple EC2 instances ✅ Configured FSx Windows File Server integrated with Active Directory ✅ Hosted static websites on S3 with CloudFront CDN and ACM SSL certificates ✅ Mounted S3 buckets as local Linux directories using s3fs-fuse ✅ Implemented S3 Access Points with fine-grained IAM and Bucket Policies ✅ Created Lifecycle Policies to move old data to Glacier Deep Archive ✅ Deployed Multi-AZ RDS MySQL and loaded sample datasets ✅ Built Serverless APIs using Lambda, API Gateway, and DynamoDB ✅ Launched Redshift clusters, queried S3 datasets, and visualized insights with QuickSight ✅ Created IAM Users, Groups, Custom Policies & Permission Boundaries ✅ Implemented Cross-Account Access using IAM Roles and STS ✅ Integrated AWS Managed Microsoft AD with IAM Identity Center (SSO) ✅ Provisioned Amazon WorkSpaces VDI environments ✅ Configured AWS WAF Web ACLs and IP-based/Geo-based filtering ✅ Managed EC2 instances using Systems Manager Run Command & Parameter Store ✅ Installed CloudWatch Agent and configured custom monitoring & SNS alerts ✅ Automated remediation and snapshot scheduling with EventBridge & Lambda ✅ Tracked configuration changes using AWS Config ✅ Built end-to-end CI/CD pipelines with: Cloud9 → CodeCommit → CodeBuild → CodeDeploy → CodePipeline ✅ Performed Rolling & Canary Deployments using Elastic Beanstalk ✅ Containerized applications with Docker, pushed images to ECR, and deployed on ECS EC2 ✅ Deployed serverless containers using ECS Fargate ✅ Hosted React applications with AWS Amplify CI/CD ✅ Built Amazon EKS clusters and deployed multi-tier microservices applications #AWS #DevOps #CloudComputing #CloudEngineer #AWSSAA #Kubernetes #Docker #EKS #ECS #Terraform #LearningInPublic

github actionsでは対処しきれない閉域内のCI/CD拡充のためにcodebuild＋code pipeline触るか… あれほんとに触りたくない…

同じプロジェクトの仕事のできねーおっさん、マジでダメだ… 「AWSのECRにあるイメージ消してからCodeBuildでビルドしてくださいね」 つったのに、ECRリポジトリごと消しやがった😇 分かんなかったら聞けよ😇 分かんなかったら勝手な事すんな😇 もう知らんマジで😇

Valid point, and for a personal project that's exactly the right call. Texlaunch is different, though. It's not one app running in Docker. It's a platform that will run other people's apps. So now your VPS needs to spin up isolated containers per user on demand, provision a TLS subdomain in seconds per deployment, auto-detect runtimes without a Dockerfile, scale build jobs without blocking other users, and handle a container crashing without taking the host down. You can absolutely build that on a VPS, but at that point, you're not just using Docker, you're rebuilding ECS, CodeBuild, and ACM from scratch. AWS already solved those problems. I'd rather ship features. That's why I went with AWS.

What happens when you deploy on Texlaunch: 1. You POST a Git URL 2. API returns immediately with a deployment ID 3. CodeBuild clones your repo 4. Railpack auto-detects your runtime (Node, Python, Go, etc.) 5. Docker image built and pushed to ECR 6. ECS Fargate task starts in a private subnet 7. ALB gets a new routing rule for your subdomain 8. Status → RUNNING ✅ Every step streams to your browser in real time. #AWS #DevOps #BuildInPublic

🔬 This seminal exegesis delineates a robust AWS Identity-Driven Pipeline (IDP) architecture, integrating CI/CD orchestration via #CodePipeline, #CodeBuild, & #CodeDeploy. 🛠️ #DevOps #AWS nivelepsilon.com/2023/08/27/…

AWSプロジェクトを過度に考え過ぎないでください。 これらを構築してください： • 静的ウェブサイト → S3 CloudFront • 履歴書ウェブサイト → S3 Route 53 • ウェブサーバー → EC2 Nginx • ブログアプリ → EC2 RDS • サーバーレスAPI → Lambda API Gateway • ファイルアップロードアプリ → S3 IAM • バックアップ自動化 → S3 Lambda • 画像処理アプリ → S3 Lambda • ノートアプリ → DynamoDB Lambda • ログインシステム → Cognito API Gateway • モニタリングダッシュボード → CloudWatch • スケーラブルなアプリ → ALB Auto Scaling • CI/CDパイプライン → CodePipeline CodeBuild • インフラプロジェクト → Terraform AWS AWSを学ぶ最良の方法は？サービスが最終的に理解されるまでプロジェクトを構築してください。

Here are the 507 .si domains owned by PremiumDoms.io. PremiumDoms.io owns build.si. The WHOIS information is from register.si. barrier .si brb .si brilliant .si build .si building .si catch .si coding .si contribute .si deadline .si deliverable .si difficult .si disrupt .si draw .si glyph .si hkr .si how .si illustrative .si imaginative .si implementation .si improve .si install .si integrate .si krnl .si manage .si merge .si obj .si ofc .si portrait .si predict .si publish .si qualify .si regex .si sdlc .si shellcode .si something .si spectacular .si splash .si sure .si terrific .si underscore .si accessories .si accessory .si accomodation .si acknowledge .si adaptor .si additional .si addon .si addons .si addr .si adlc .si adorable .si affordable .si agas .si agentium .si aias .si aislop .si allowance .si almost .si already .si alright .si amend .si amid .si announce .si announcement .si announcements .si answered .si anybody .si anymore .si anyway .si appearance .si append .si appetite .si appetizer .si applaud .si appraising .si appropriate .si appscan .si appsec .si arbitrary .si attribute .si attributes .si audited .si auditor .si autistic .si await .si backorders .si baddie .si baddies .si barrier .si bday .si beartrap .si beetroot .si beginner .si behalf .si beige .si beside .si between .si bigger .si biggest .si bitrate .si biv .si bizarre .si bizz .si blogger .si bluid .si bnkr .si bohemia .si bottom .si bounties .si brb .si briefcase .si brightness .si brilliant .si broadcasting .si brochure .si brownie .si browsing .si btfd .si btwn .si bubl .si buckle .si buffett .si bugs .si buidl .si build .si buildable .si building .si buildx .si builtin .si bulldozer .si bulls .si bulltrap .si cag .si calcium .si calif .si called .si callstack .si caloric .si calorie .si calories .si calorific .si calory .si camelcase .si candlestick .si candlesticks .si canonical .si capitalize .si capitulate .si capitulation .si captivating .si capturing .si caramel .si careful .si catch .si catcher .si catching .si catchy .si caught .si cauliflower .si cautious .si cav .si cease .si cellar .si cereal .si cereals .si cerebras .si ceremony .si certainly .si certainty .si challenging .si changer .si characteristic .si characteristics .si charcoal .si checkbox .si checked .si checkmark .si cheddar .si cheerful .si cherish .si chernobyl .si chg .si chge .si chili .si chipset .si chromatic .si cig .si cinematic .si circulate .si circulation .si civ .si clarification .si clarifications .si clause .si clauses .si clientless .si clipboard .si clipping .si closet .si closing .si closings .si cno .si coat .si codebuild .si codename .si coding .si commits .si communicative .si compatibility .si completely .si concurrent .si conditional .si conductive .si connective .si consistency .si const .si constraint .si contactless .si contextually .si contractual .si contrib .si contribute .si contribution .si contributor .si correction .si corrective .si correlation .si correlative .si correspond .si could .si countdown .si cov .si cpus .si crawling .si cronjob .si crontab .si crontask .si crwd .si cryptographic .si csp .si cumulative .si darkmode .si dbn .si deadline .si deeply .si defeat .si definitely .si deliverable .si deliverables .si demonstrative .si denominator .si depart .si departure .si depict .si deserve .si designate .si desirable .si details .si dichotomy .si difficult .si difficulty .si diffuse .si digitally .si directional .si directly .si disable .si disappear .si discard .si disconnect .si discrete .si disrupt .si dissect .si distinctive .si distinguish .si disturb .si diversify .si divide .si downtrend .si draw .si dropping .si duration .si earlier .si easier .si easily .si editing .si eligibility .si eligible .si eliminate .si elimination .si elseif .si elsewhere .si emblematic .si enquire .si enquiry .si entrance .si eod .si except .si exception .si executable .si exhaustive .si exotic .si expensive .si expiration .si expiry .si explosive .si extensive .si extremely .si figurative .si firework .si flaw .si flaws .si footer .si forgive .si frontpage .si frontrun .si furious .si furry .si furtive .si fuzz .si fuzzer .si fuzzing .si fyp .si glyph .si gosh .si gpus .si grayhat .si greyhat .si hakr .si hckr .si header .si hel .si hkr .si horizontal .si how .si however .si hyperactive .si identifier .si illustrative .si imaginative .si implementation .si importance .si improve .si incredibly .si increment .si incremental .si indexfund .si inflight .si insecure .si insecurity .si install .si integrate .si intrusive .si jrny .si kickoff .si krnl .si kwrd .si kyb .si largest .si launching .si leak .si lecturer .si lifecycle .si lightmode .si loader .si logarithmic .si looking .si loopback .si manage .si marketcap .si markup .si mcps .si merge .si meth .si multifactor .si n3 .si namespace .si naturally .si necessary .si negative .si netsec .si niet .si normalize .si nyet .si obj .si obtain .si ofc .si officially .si operand .si optimized .si optimizer .si others .si percentage .si persistence .si playback .si pmx .si portrait .si prebuild .si predict .si predicts .si prefetch .si preload .si premarket .si presale .si probably .si proc .si properly .si publish .si puts .si qualify .si qualitative .si qub .si rather .si recently .si recurrent .si regex .si regexp .si regression .si rnbw .si robotical .si robotive .si robustness .si rocking .si rootkit .si rugpull .si ruler .si satisfaction .si scalp .si scalper .si scalping .si scarcity .si scary .si scraping .si sdlc .si selector .si sensitive .si sequential .si several .si severity .si shellcode .si should .si shut .si siaas .si situation .si slippage .si slop .si sniping .si snooze .si socials .si someone .si something .si spectacular .si speculative .si splash .si spyware .si statement .si stonks .si storyline .si strict .si successive .si succinct .si such .si superapp .si supertrend .si sure .si taint .si taken .si terrific .si thick .si topsecret .si trendline .si trustless .si twap .si uhd .si undefeated .si undefined .si underscore .si unreleased .si until .si upcoming .si updated .si updates .si uptrend .si usual .si validity .si various .si vdo .si views .si volume .si vrfd .si vrfi .si vrfy .si vwap .si websec .si whenever .si whom .si wick .si withdraw .si withdrawal .si within .si without .si wize .si wrkr .si xbuild .si yld .si zero-day .si zln .si zyber .si

One AWS CI/CD mistake that cost me 3 hours: Built a full pipeline. CodePipeline → CodeBuild → CodeDeploy → EC2. Everything green. Deployment failing. The problem? Ubuntu 24.04. CodeDeploy agent only supports Ubuntu 22.04 and AL2023. Nobody tells you this until your deployment dies silently. Bonus trap: discard-paths: true in buildspec flattens your scripts/ folder and breaks every hook path. Read the supported OS list BEFORE launching the instance. Not after.

Don’t overthink AWS projects. Build these: • Static website → S3 CloudFront • Resume website → S3 Route 53 • Web server → EC2 Nginx • Blog app → EC2 RDS • Serverless API → Lambda API Gateway • File upload app → S3 IAM • Backup automation → S3 Lambda • Image processing app → S3 Lambda • Notes app → DynamoDB Lambda • Login system → Cognito API Gateway • Monitoring dashboard → CloudWatch • Scalable app → ALB Auto Scaling • CI/CD pipeline → CodePipeline CodeBuild • Infrastructure project → Terraform AWS The best way to learn AWS? Build projects until the services finally connect in your head.

Stack decisions for Texlaunch: Backend → NestJS (TypeScript, structured, testable) Database → PostgreSQL on RDS Compute → AWS ECS Fargate (serverless containers) Build → AWS CodeBuild Routing → AWS ALB with dynamic listener rules CI/CD → GitHub Actions with OIDC (zero long-lived keys) Every choice has a reason. None of them is accidental. #AWS #DevOps

AWS — MASTER TREE AWS │ ├── 01. Cloud Foundations │ ├── What is Cloud Computing? │ ├── AWS Global Infrastructure │ ├── Regions │ ├── Availability Zones │ ├── Edge Locations │ └── Shared Responsibility Model │ ├── 02. Compute Services │ ├── EC2 │ ├── Lambda │ ├── ECS │ ├── EKS │ ├── Elastic Beanstalk │ └── Auto Scaling │ ├── 03. Storage Services │ ├── S3 │ ├── EBS │ ├── EFS │ ├── Glacier │ ├── Storage Classes │ └── Backup & Recovery │ ├── 04. Networking │ ├── VPC │ ├── Subnets │ ├── Route Tables │ ├── Internet Gateway │ ├── NAT Gateway │ └── Load Balancers │ ├── 05. Databases │ ├── RDS │ ├── Aurora │ ├── DynamoDB │ ├── ElastiCache │ ├── Redshift │ └── Database Migration Service │ ├── 06. Security & Identity │ ├── IAM │ ├── IAM Roles │ ├── Cognito │ ├── KMS │ ├── Secrets Manager │ └── Security Groups │ ├── 07. DevOps & Automation │ ├── CodeCommit │ ├── CodeBuild │ ├── CodeDeploy │ ├── CodePipeline │ ├── CloudFormation │ └── Systems Manager │ ├── 08. Monitoring & Observability │ ├── CloudWatch │ ├── CloudTrail │ ├── X-Ray │ ├── Config │ ├── Trusted Advisor │ └── Cost Explorer │ ├── 09. Data & AI Services │ ├── Athena │ ├── Glue │ ├── EMR │ ├── SageMaker │ ├── Bedrock │ └── OpenSearch │ ├── 10. Serverless Architecture │ ├── Lambda │ ├── API Gateway │ ├── DynamoDB │ ├── EventBridge │ ├── Step Functions │ └── SQS │ └── 11. Future of AWS ├── Generative AI ├── Agentic Workflows ├── Multi-Cloud ├── Edge Computing └── AI-Native Infrastructure Most people learn AWS services. Top cloud engineers learn how services work together. Follow: Ophir-Cloud Academy for more resources like this. _______________________________________________________________ 𝐃𝐞𝐯𝐎𝐩𝐬 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠, 𝐂𝐨𝐡𝐨𝐫𝐭 𝟓. If you're serious about becoming a world-class DevOps engineer in 2026, this is your path. ophircloud.com 𝐉𝐨𝐢𝐧 𝐭𝐨𝐝𝐚𝐲 👉docs.google.com/forms/d/1iqq…

19GB me han quedao’ Cosa que con el CodeBuild lo habría evitado xD

AWS — MASTER TREE ☁️ AWS │ ├── 01. Cloud Foundations │ ├── What is Cloud Computing? │ ├── AWS Global Infrastructure │ ├── Regions │ ├── Availability Zones │ ├── Edge Locations │ └── Shared Responsibility Model │ ├── 02. Compute Services │ ├── EC2 │ ├── Lambda │ ├── ECS │ ├── EKS │ ├── Elastic Beanstalk │ └── Auto Scaling │ ├── 03. Storage Services │ ├── S3 │ ├── EBS │ ├── EFS │ ├── Glacier │ ├── Storage Classes │ └── Backup & Recovery │ ├── 04. Networking │ ├── VPC │ ├── Subnets │ ├── Route Tables │ ├── Internet Gateway │ ├── NAT Gateway │ └── Load Balancers │ ├── 05. Databases │ ├── RDS │ ├── Aurora │ ├── DynamoDB │ ├── ElastiCache │ ├── Redshift │ └── Database Migration Service │ ├── 06. Security & Identity │ ├── IAM │ ├── IAM Roles │ ├── Cognito │ ├── KMS │ ├── Secrets Manager │ └── Security Groups │ ├── 07. DevOps & Automation │ ├── CodeCommit │ ├── CodeBuild │ ├── CodeDeploy │ ├── CodePipeline │ ├── CloudFormation │ └── Systems Manager │ ├── 08. Monitoring & Observability │ ├── CloudWatch │ ├── CloudTrail │ ├── X-Ray │ ├── Config │ ├── Trusted Advisor │ └── Cost Explorer │ ├── 09. Data & AI Services │ ├── Athena │ ├── Glue │ ├── EMR │ ├── SageMaker │ ├── Bedrock │ └── OpenSearch │ ├── 10. Serverless Architecture │ ├── Lambda │ ├── API Gateway │ ├── DynamoDB │ ├── EventBridge │ ├── Step Functions │ └── SQS │ └── 11. Future of AWS ├── Generative AI ├── Agentic Workflows ├── Multi-Cloud ├── Edge Computing └── AI-Native Infrastructure Most people learn AWS services. Top cloud engineers learn how services work together. ☁️🚀

AWS — MASTER TREE ☁️ AWS │ ├── 01. Cloud Foundations │ ├── What is Cloud Computing? │ ├── AWS Global Infrastructure │ ├── Regions │ ├── Availability Zones │ ├── Edge Locations │ └── Shared Responsibility Model │ ├── 02. Compute Services │ ├── EC2 │ ├── Lambda │ ├── ECS │ ├── EKS │ ├── Elastic Beanstalk │ └── Auto Scaling │ ├── 03. Storage Services │ ├── S3 │ ├── EBS │ ├── EFS │ ├── Glacier │ ├── Storage Classes │ └── Backup & Recovery │ ├── 04. Networking │ ├── VPC │ ├── Subnets │ ├── Route Tables │ ├── Internet Gateway │ ├── NAT Gateway │ └── Load Balancers │ ├── 05. Databases │ ├── RDS │ ├── Aurora │ ├── DynamoDB │ ├── ElastiCache │ ├── Redshift │ └── Database Migration Service │ ├── 06. Security & Identity │ ├── IAM │ ├── IAM Roles │ ├── Cognito │ ├── KMS │ ├── Secrets Manager │ └── Security Groups │ ├── 07. DevOps & Automation │ ├── CodeCommit │ ├── CodeBuild │ ├── CodeDeploy │ ├── CodePipeline │ ├── CloudFormation │ └── Systems Manager │ ├── 08. Monitoring & Observability │ ├── CloudWatch │ ├── CloudTrail │ ├── X-Ray │ ├── Config │ ├── Trusted Advisor │ └── Cost Explorer │ ├── 09. Data & AI Services │ ├── Athena │ ├── Glue │ ├── EMR │ ├── SageMaker │ ├── Bedrock │ └── OpenSearch │ ├── 10. Serverless Architecture │ ├── Lambda │ ├── API Gateway │ ├── DynamoDB │ ├── EventBridge │ ├── Step Functions │ └── SQS │ └── 11. Future of AWS ├── Generative AI ├── Agentic Workflows ├── Multi-Cloud ├── Edge Computing └── AI-Native Infrastructure Most people learn AWS services. Top cloud engineers learn how services work together. ☁️🚀

開発環境はCodeBuildのエラーが昼過ぎまで出てたけど、15時過ぎくらいに出なくなった気がする。 朝市で試してた本番環境はUPDATE_ROLLBACKが終わらなくてまださわれてないんだけど、そろそろ応急処置を考え始めたほうがいいかも知れない。

朝一でリリース作業してたんだけど、AWS CodeBuildのエラーで中断。きびしい。 Signature not yet current: 20260607T232945Z is still later than 20260607T231137Z (20260607T230637Z 5 min.) (Service: Lambda, Status Code: 403, Request ID: eeaf2c09-b0cd-4....) (SDK Attempt Count: 2)

CodeBuild で動かしているジョブでこれめっちゃ出るんだけど時刻ずれているホストいない？ Signature not yet current: 20260607T201636Z is still later than 20260607T175722Z (20260607T175222Z 5 min.)