Cloud Architecture Notepad

Notes about AWS, GCP, K8s, AI and Data

Using aws-cli and oathtool
Using aws-cli and oathtool

Using two factor authentication with the AWS CLI is sometimes a pain, you need to get a new token every N minutes then parse the result of this operation and create the corresponding environment variables, I’ve installed the oath-toolkit and configured the AWS CLI to get these OTP dynamically.

Read more about Using aws-cli and oathtool

Published: Oct 27, 2019

Installing Minikube and Hyperkit
Installing Minikube and Hyperkit

I’ve got some problems with Minikube and Virtualbox, everytime I close my laptop it stops working and I need to restart, delete, start, reboot, etc. it’s not very stable for this use case. I’ve installed the HyperKit driver and configured Minikube to use this instead the default Virtualbox.

Read more about Installing Minikube and Hyperkit

Published: Oct 25, 2019

Creating a fault-tolerant NAT instance on AWS
Creating a fault-tolerant NAT instance on AWS

With the new NAT Gateway this looks like something of the past, but recently I had to configure a NAT instance in our deployment. This Cloudformation configuration creates an autoscaling group with 1 instance allows recovery. The following diagram shows the resources created by the stack.

Read more about Creating a fault-tolerant NAT instance on AWS

Published: Oct 21, 2019

Subscribe

Latest Posts

Building an Open Deployment Framework with GitHub Actions
Building an Open Deployment Framework with GitHub Actions

Managing CI/CD pipelines across multiple repositories can quickly become unwieldy. Each project needs versioning, container builds, deployments, and releases—often with subtle variations that lead to duplicated workflow code. This post introduces an open deployment framework built entirely on GitHub Actions, designed to bring consistency and reusability to cloud-native deployments.

Read more about Building an Open Deployment Framework with GitHub Actions

Published: Jan 3, 2026

GCP Managed Kafka Authentication Handler
GCP Managed Kafka Authentication Handler

When working with Google Cloud Platform’s Managed Service for Apache Kafka, you’ll quickly discover that authentication can be surprisingly challenging, especially when using Apache Beam Dataflow pipelines. In this post, I’ll share a utility I created called gcp-kafka-auth-handler that bridges this gap.

Read more about GCP Managed Kafka Authentication Handler

Published: Dec 9, 2024

AWS KMS Key Replication
AWS KMS Key Replication

When architecting cloud-based solutions, one key principle I follow is to isolate resources within their respective regions and avoid sharing or replicating them across regions. This approach consistently provides a more secure and compliant framework for business continuity. Recently, AWS has introduced replication capabilities for various resources. In this post, I will delve into AWS Key Management Service (KMS) and assess whether adopting replication for KMS keys offers tangible benefits.

Read more about AWS KMS Key Replication