Terraform
- One module block per service per tenant
- Every tool I've ever used is a CloudFormation frontend
- from feature_flags import *
- Zero-touch multi-tenant deploys: removing myself from the critical path
- IAM trust policies silently accept wildcards in principals — and silently deny everything
- The Over-Mighty Subject: why your site repos have too much power
- I replaced $489/mo in AWS Client VPN with a $3 t4g.nano running Headscale
- Self-healing race conditions: when your CI/CD fails on purpose
- Cross-repo auto-deploy with GitHub Actions: the orchestrator pattern
- Your terraform apply is silently rolling back your container images
- Terraform module for multi-provider DNS: define once, deploy to Route53 + Cloudflare
- ElastiCache auth-token to RBAC migration has a Terraform provider bug
- SimpleAD is Samba 4 — you can create users with ldapadd instead of ClickOps
- 90 AWS resources in 5 minutes — automating multi-tenant SaaS tenant lifecycle