The IDP Adoption Problem: Why Most Platforms Fail
Most IDPs fail because they solve the wrong problem: they build self-service portals instead of standardizing the work developers already do. We measured this in production. Teams spend six months…
Posts tagged aws.
ZopDev writing tagged aws. Engineering and FinOps notes, post-mortems, and benchmarks.
AWS Savings Plans vs Reserved Instances: The Break-Even Model Before Every Commitment
AWS Savings Plans vs Reserved Instances: The Break-Even Model Before Every Commitment AWS offers two ways to commit compute spend in exchange for a discount: Savings Plans and Reserved Instances.…
Cross-VPC Datastore Connectivity: When VPC Peering Works and When You Need PSC
A team provisions a Cloud SQL Postgres instance in one GCP VPC and wants to connect it to a GKE cluster in a different VPC. The team's instinct, learned from AWS habits, is to set up VPC peering…
The 4-Way Compute Tradeoff: Reserved vs Spot vs Savings Plan vs On-Demand After 3 Years of FinOps Data
Three years of cost retrospectives across mixed AWS fleets keep landing on the same finding. Teams that pick one compute commitment model and apply it across the whole fleet (all-Savings-Plan,…
FinOps Right-Sizing Without Vibes: The 5-Number Recipe That Cuts $200k of Idle EC2
The average mid-size production EC2 fleet runs at 12 to 23 percent utilization. The remaining 77 to 88 percent is idle compute that ran continuously, billed continuously, and produced nothing. On a…
The Shadow Cloud Spend: $50k a Month FinOps Audit of Forgotten Dev Accounts
Every mid-size engineering organization has 5 to 15 AWS accounts that nobody actively owns. The "POC" account from 2024. The "team-old-name" account that survived the 2025 reorg. The…
Closed-Loop IAM Remediation: Auto-Fixing Security Misconfigurations Without a Human in the Loop
The average time to remediate an IAM misconfiguration in ticket-driven teams is 14 days. The fix takes 4 minutes. The DERA loop — Detect, Evaluate, Remediate, Audit — closes the gap automatically. Here's the full AWS architecture.
Multi-Region Disaster Recovery: What Your RPO/RTO Decisions Actually Cost
Every DR design decision has a precise dollar figure. Active-active vs active-passive, cross-region replication cadence, failover automation. Here is the full cost breakdown.
Serverless FinOps: Why Lambda Cost Models Break Every Assumption You Learned from VMs
Most teams apply VM cost intuition to Lambda and end up paying more, not less. This covers the real billing math, the memory-speed paradox, the cold start trap, and the framework for deciding when Lambda wins.
AWS Control Tower vs. Custom Landing Zones: Which Governance Model Actually Scales
Most teams pick their multi-account governance model the wrong way. Here's a technical breakdown of AWS Control Tower vs custom landing zones — guardrails, Account Factory, SCP structure, and when each model actually scales.
How We Cut AWS NAT Gateway Costs by 52%
NAT Gateway silently compounds costs through $0.045/GB processing fees and cross-AZ charges. We reduced our bill from $4,200 to $2,016/month with two targeted fixes — per-AZ gateways and free VPC endpoints.
S3 Storage Class Automation: Stop Paying Hot Prices for Cold Data
70-80% of S3 objects are never accessed after upload yet sit in Standard at $0.023/GB. Here's the cost math, when Intelligent-Tiering breaks even, and how to automate lifecycle policies with guardrails.
Policy-Driven Auto Tagging on AWS and Azure: Moving From Reactive to Automated
Manual tagging strategies have a consistent failure mode: they work at the start and break down within six months. Here's how to build enforcement at the point of creation and automated remediation on AWS and Azure.
AWS’s European Sovereign Cloud: What It Promises, and Why Trust Still Takes Time
AWS launched its European Sovereign Cloud to address data control and legal jurisdiction. Explore the technical controls, legal skepticism, and the shift in cloud trust.
Get the weekly in your inbox.
One post a week. Sundays. No "10 ways to think about cloud" listicles, just the engineering and FinOps notes we'd want to read.