DevOps Cloud Engineer - 01/02/2023

I'm currently working as a DevOps Cloud Engineer at Bemyvega

Projects

During my time at Bemyvega, I have learned a lot of useful skills and have been given the opportunity to manage the entire infrastructure of the company. I have always been able to make the decisions that I felt were right. This has resulted in a total restructuring of the company’s infrastructure to a fully efficient and cost-effective serverless model.

While managing and fixing the infrastructure left behind by the company’s previous DevOps (let’s be honest: it was disastrous, expensive, not secure, not scalable, not documented and a disgrace to every industry professional at every level) I was able to learn a multitude of skills.

Among my roles and milestones during this time are:

The complete restructuring of the infrastructure that I undertook resulted not only in increased scalability and reliability, but also in increased security and reduced costs. The savings were up to 850€ per month in miscellaneous expenses.

During this new phase, my company contracted AWS Professional Service (https://aws.amazon.com/es/professional-services/), so I was able to work closely with qualified and experienced AWS personnel, as well as learn and become familiar with their work methodology and infrastructure best practices (https://aws.amazon.com/architecture/well-architected).

Among the functions I performed and milestones I achieved were:

Ok, now that I’ve talked in broad strokes about my tasks during the deployment of the company’s new serverless infrastructure, I want to talk about my role in the integration of one of the company’s main products into the AWS Marketplace.

Long story short, my company wanted to integrate the web widget we developed (https://www.goviewser.com/) into the AWS Marketplace. Since I am the AWS manager at my company, I was in charge of developing all the necessary documentation for our indicated incorporation into the FTR (https://aws.amazon.com/marketplace/pp/prodview-knhdb46b4cjrc). Subsequently, once I wrote all the documentation and defined everything necessary (such as the RPO and RTO of our products), I made a multitude of changes to meet the necessary security standards in the SecurityHub service.

I would emphasize that I am a polite, but sincere person. If I see that there is something that can be improved or is inefficient in the work environment, I will highlight the negative points and work to improve the situation in the work environment…

During the infrastructure deployment, a series of bad decisions were imposed on me for the first time (and subsequently I had to undo everything, because I was not listened to). Well, disagree and commit (https://medium.com/@voicemod/disagree-and-commit-the-importance-of-disagreement-in-decision-making-4c654bb06a) as they say in AWS.

Among the bad decisions that were made against my will are:

1. I had to set up the entire infrastructure with Terraform, but instead of using s3 and dynamoDB as backend (option recommended by AWS) I was forced to use Terraform Cloud. Finally, as I already warned, we had to export the state files when we exceeded the free tier.

Finally, as I already warned, we had to export the state files when we exceeded the free tier. Now we use a s3 bucket as backend with dynamoDB table. Both deployed with a cloudformation stack.

I ended up creating a Github Actions workflow that we used as a template for each infrastructure repository. This workflow deploys the infrastructure using terraform, passing chekov security checks (https://www.checkov.io/) and checking the terraform plans with atlantis (https://www.runatlantis.io/).

2. We deployed a whole infrastructure to check the veracity of the requests coming from our clients’ frontends. As I already warned, putting security checks in frontend is like “poner puertas al campo” as we say in Spain.

For this purpose, we deployed infrastructure with lambda, lambda layers, a dynamoDB table, and a cloudfront distribution.

This translated into more than 5 seconds of load time each time someone wanted to use the web widget. It was a disastrous user experience, and all for not listening to me and doing what the competition does.

Technologies used

In the course of my duties, I have used and continue to use multiple tools at Bemyvega. The most outstanding ones are: Kubernetes, Docker, Terraform, CloudFormation, Gitlab CI, Github Actions, AWS.

Personal opinion

In my opinion, this is the best company I have ever worked for. I have been able to learn enormously, always accompanied by great friends.

I have been able to learn from AWS professionals with many years of experience.

I have always enjoyed the full confidence of the company’s management team. Moreover, I would like to emphasize the good time, vacation and salary conditions that I enjoy in the company. It really stands out from other companies in the sector, and I recognize that I am inclined to want to work in such a healthy environment.

Rating: 10/10. I highly recommend working for this company. The conditions are impressive, and the management team is really open-minded and communicative. The work environment is positive, healthy and relaxed.