AWS Fundamentals for Agents

Calendar February 22, 2026
Cloud-Services
Intermediate
Aws-Resource-Management, Aws-Networking, Aws-Identity-Management
Aws, Iam, Vpc, Ec2, S3, Rds, Eks, Route53, Cloudwatch
Aws-Cli, Aws-Iam, Aws-Ec2, Aws-S3, Aws-Rds, Aws-Eks

IAM: Identity and Access Management#

IAM controls who can do what in your AWS account. Everything in AWS is an API call, and IAM decides which API calls are allowed. There are three concepts an agent must understand: users, roles, and policies.

Users are long-lived identities for humans or service accounts. Roles are temporary identities that can be assumed by users, services, or other AWS accounts. Policies are JSON documents that define permissions. Roles are always preferred over users for programmatic access because they issue short-lived credentials through STS (Security Token Service).

Cloud Behavioral Divergence Guide: Where AWS, Azure, and GCP Actually Differ

Calendar February 22, 2026
Cloud-Services
Intermediate, Advanced
Multi-Cloud-Operations, Cloud-Migration-Planning, Infrastructure-Debugging, Cross-Cloud-Translation
Aws, Azure, Gcp, Multi-Cloud, Iam, Irsa, Workload-Identity, Managed-Identity, Vpc, Vnet, Networking, Storage, Ebs, Csi-Drivers, Rds, Cloud-Sql, Azure-Sql, Dns, Load-Balancers, Behavioral-Divergence
Aws-Cli, Gcloud, Az-Cli, Kubectl, Terraform

Cloud Behavioral Divergence Guide#

Running the “same” workload on AWS, Azure, and GCP does not produce the same behavior. The Kubernetes API is portable, application containers are portable, and SQL queries are portable. Everything else – identity, networking, storage, load balancing, DNS, and managed service behavior – diverges in ways that matter for production reliability.

This guide documents the specific divergence points with practical examples. Use it when translating infrastructure from one cloud to another, when debugging behavior that differs between environments, or when assessing migration risk.

Terraform Cloud Architecture Patterns: VPC/EKS/RDS on AWS, VNET/AKS on Azure, VPC/GKE on GCP

Calendar February 22, 2026
Infrastructure
Intermediate
Multi-Cloud-Terraform, Cloud-Architecture, Eks-Setup, Aks-Setup, Gke-Setup
Terraform, Aws, Azure, Gcp, Eks, Aks, Gke, Rds, Cloud-Sql, Vpc, Vnet, Multi-Cloud, Architecture-Patterns
Terraform, Aws-Cli, Az, Gcloud

Terraform Cloud Architecture Patterns#

The three-tier architecture — networking, managed Kubernetes, managed database — is the most common pattern for production deployments on any major cloud. The concepts are identical across AWS, Azure, and GCP. The Terraform code is not. Resource names differ, required arguments differ, default behaviors differ, and the gotchas that catch agents and humans are cloud-specific.

This article shows the real Terraform for each layer on each cloud, side by side, so agents can write correct infrastructure code for whichever cloud the user deploys to.

Choosing a Database Strategy: On Kubernetes vs Managed Service, and PostgreSQL vs MySQL vs CockroachDB

Calendar February 21, 2026
Databases
Intermediate, Advanced
Database-Architecture, Platform-Strategy, Data-Layer-Design
Postgresql, Mysql, Cockroachdb, Database-Operators, Rds, Cloud-Sql, Kubernetes
Psql, Mysql, Cockroach, Kubectl, Cloudnativepg, Terraform

Choosing a Database Strategy#

Every Kubernetes-based platform eventually faces two questions: should the database run inside the cluster or as a managed service, and which database engine fits the workload? These decisions are difficult to reverse. A database migration is one of the highest-risk operations in production. Getting the initial decision roughly right saves months of future pain.

Where to Run: Kubernetes vs Managed Service#

This is not a technology question. It is an organizational question about who owns database operations and what tradeoffs the team will accept.