Building Cloud,
hands on

IT Support engineer pivoting into Cloud & DevOps. I learn by deploying the real thing, including this site, which is served to you from an AWS edge right now.

Connect on LinkedIn View GitHub

Live edge → resolving… ttfb → … ms via CloudFront

01 · About

From the help desk to production.

I started in IT Support solving people's problems one ticket at a time. Now I want to solve them at the infrastructure layer, the layer that keeps tickets from being filed in the first place.

What I'm doing right now

Putting AWS Solutions Architect Associate into practice on small, production style projects. This portfolio is one of them: a private S3 bucket behind CloudFront, an ACM issued cert, OAC instead of a public bucket policy, DNS through Cloudflare.

Next up: getting the same comfort with Terraform, GitHub Actions, and Linux on EC2 so I can own the whole pipeline end to end.

The journey

Before IT

CompTIA A+

Formalised the fundamentals before stepping into the field. Picked up Linux on the side.

IT job

Started in IT Support

Help desk, hardware, Windows / macOS / network triage.

May 2026

AWS Solutions Architect Associate

VPC, IAM, S3, EC2, CloudFront, Route 53, DNS, top to bottom.

Now

Pivoting into Cloud / DevOps

Building this site, scripting in bash + Python, picking up Terraform & CI/CD.

02 · How this site works

The page you're reading, traced live.

Click a node. Every box is something I configured by hand. The dotted arrows are the path your browser took to reach this paragraph.

CloudFront Edge

Global CDN sitting in front of S3. Caches the site at AWS edge locations, terminates TLS using the ACM cert, and enforces HTTPS only. Without this layer, S3 would be slower, costlier, and exposed.

aws cloudfront create-invalidation --distribution-id E... --paths "/*"

03 · Lab notes

What I'm building & writing about next.

A live look at the bench. Some of these are notebooks I'm cleaning up into proper write ups. The rest are projects in flight.

● Drafting

Shipping a static site the AWS way

Walking through this very site: S3, CloudFront, OAC, ACM, Cloudflare DNS. Why each piece exists and the gotchas I hit.

~ 1,800 words ETA · This week

◐ Researching

Terraforming what I clicked together

Re-deploying this same stack as Terraform modules. Goal: nuke the AWS console and have one terraform apply rebuild it from zero.

Repo · sebrcg/portfolio-tf ETA · 2 weeks

◐ Researching

GitHub Actions → S3, no long lived keys

Wiring a deploy pipeline that uses OIDC instead of an IAM access key. CI assumes a role, syncs the bucket, invalidates CloudFront.

4 part series ETA · This month

○ Queued

Reading CloudWatch like a sysadmin

What I'd actually look at when something breaks. Mapping the help desk troubleshooting muscle onto AWS observability.

Notes · 600 words ETA · Soon

○ Queued

VPC by hand, the slow way

Building a VPC, subnets, route tables, and a NAT gateway without copying a template. Aimed at folks who passed SAA-C03 and still feel fuzzy.

Diagrams + lab ETA · Soon

● Drafting

IT Support → Cloud: what carried over

An honest list of the help desk skills that translate directly to infra work, and the gaps I had to fill. For other people making the same jump.

~ 1,200 words ETA · This week

Full posts ship at seba.sh/blog when each draft clears review. Subscribe via RSS or ping me on LinkedIn to get notified.

04 · Edge map

Where this page lives.

The site sits in S3 once and is replicated to ~600 CloudFront edges. The green dot is the one currently serving you.

Origin · S3 (us-east-1)

Edge · resolving…

Distance to origin · … mi

05 · Contact

Looking for a Cloud / DevOps junior who already ships?

I'm actively interviewing for entry level Cloud, infrastructure, and DevOps roles. I bring a help desk troubleshooter's instinct and a habit of putting everything I learn into production.

Reach out on LinkedIn seba@02f.pw

Building Cloud, hands on