IT Support engineer pivoting into Cloud & DevOps. I learn by shipping the real thing, like this site, served to you from an AWS edge right now.
I started in IT Support, fixing problems one ticket at a time. Now I want to fix them at the infrastructure layer, before the ticket gets filed.
Putting AWS Solutions Architect Associate to work on real projects. This site is one: a private S3 bucket behind CloudFront, an ACM cert, OAC instead of a public bucket, DNS on Cloudflare. The whole stack is Terraform, deployed by GitHub Actions over OIDC, no long lived keys anywhere.
Next: Linux on EC2 and CloudWatch, so I own the pipeline end to end.
Turned manual new hire setup into a one click pipeline.
A monthly license audit that pays for itself.
One click repair for a fix that used to be all manual.
Two tools that keep remote access working.
The first build, wired up by hand in the AWS console: S3, CloudFront, OAC, ACM, and Cloudflare DNS.
The same stack as Terraform modules, one terraform apply rebuilds it from zero.
OIDC deploy pipeline, no static keys. CI assumes a role, syncs S3, invalidates CloudFront.
A containerized game server on AWS ECS Fargate, built twice as code, once in Terraform and once in Pulumi, with remote state and a CI preview pipeline.
What I'd actually check when something breaks, help desk instincts on AWS observability.
The help desk skills that transferred to infra work, and the gaps I had to fill.
Click any node. Each box is provisioned by Terraform. The dotted line is the path your browser took to reach this paragraph.
Global CDN sitting in front of S3. Caches the site at AWS edge locations, terminates TLS using the ACM cert, and enforces HTTPS only. Without this layer, S3 would be slower, costlier, and exposed.
aws cloudfront create-invalidation --distribution-id E... --paths "/*"
Stored in S3 once, cached to ~600 CloudFront edges. The green dot is the one serving you.