Blog
Writing
Technical notes, lab writeups, and lessons from work across DevOps, cloud infrastructure, and cybersecurity.
AllDevOpsCI/CDDevSecOpsSOCAnsibleinfrastructurecybersecuritypipeline securityCybersecuritySecurity OnionSIEMdevopsidempotencyLinuxsecurityAWSIncident ResponseZeekSuricataIaCAutomationAzureNginxlinuxubuntupythonmigrationautomationcareer transitionbuilding in publiccloud infrastructureportfolioproductionhardeningSSHauditdfail2bandefence in depthshift-left securitycloud securitycareersystems-thinkinglearningcloudCloudArchitectureSecurityLab
Latest Post
4 min read
The Ansible Play That Catches What Deployment Misses
Three Ansible plays. The third makes no changes — it just asserts the deployment worked. Here's what it caught, and why automated verification is not optional.
AnsibleDevOpsIaCAutomation
Read Post
5 min read
Ansible Idempotency in Practice
Run it again. If anything changed, you have a problem. What idempotency actually means when you apply a playbook to a live system — and the specific places it breaks without warning.
AnsibleDevOpsinfrastructure
3 min read
"No Errors" Is Not the Same as "It Works"
A deployment succeeded. The pipeline went green. The app returned 403. This is the story of two projects, one hard lesson, and why verification is a distinct step from deployment — and where production incidents actually live.
AnsibleDevOpsCI/CD