Art of Infra Art of Infra
Sign up

Content Hub

A guide to bingeing our best content

About Art of Infra

Art of Infra is an independent publication and creative playground for people who care about how tech shapes their world. Whether you're self-hosting at home, wrestling with AWS & Cloud, or looking for a guide for your favourite network infra partner, you're in the right place. Our mission is to help people build, defend, and explore technology. No fluff, no corporate nonsense - just honest and creative infrastructure for the rest of us.

About this Guide/ Page

This page is your central reference point for key topics we're building around at Art of Infra. Think of it as the control panel for our content - a living, breathing index of guides, tools, experiments, and resources that reflect our mission to break down the walls around complex tech and make infrastructure approachable, creative, and fun.

It’s constantly updated as we publish new pieces or update older ones. If you see a [TBA], that means something good is brewing, it’s already on the content calendar and will be released soon. We’re building a library of real, no-BS infrastructure content, and this is where you’ll find it all in one place.

Bookmark it. Check back often. Explore creativity. You’re among friends here.

Supporting Us

If you’d like to support what I’m building here, the best way is to read the blog, follow along, and share posts with others who might find them useful. Your attention and curiosity mean more than anything, that’s what keeps this going.

If you’d like to go a step further (strictly optional, but always appreciated), you can support Art of Infra and my work through tips or donations. It helps cover the time, tools, and caffeine that go into keeping this site alive and full of useful content. There are a few ways to do that:

  • KoFi
  • Crypto
  • Subscribing to the blog.
Support Us

AWS - Networking & Content Delivery

What is AWS Networking?

This section contains details on the suite of services and tools designed to help you manage your cloud resources' communication, connectivity, and security. Key components include Virtual Private Cloud (VPC), subnets, routing tables, and security groups.

These services enable you to create isolated networks, control traffic flow, and establish secure connections between resources.

  1. Understanding AWS VPCs
  2. Configuring Security Groups and NACLs [TBA]
  3. Designing Subnets for Scalability and Security [TBA]

What is AWS Content Delivery?

This section focuses on the distribution of data, applications, and content to end users with low latency and high transfer speeds. The key service used in most CDN efforts in AWS is Amazon CloudFront, a global content delivery network (CDN) that caches content at edge locations worldwide, ensuring fast and secure delivery to users.

  1. How AWS CloudFront Works & It's Use Cases [TBA]
  2. Best Practices for Security Content Delivery on AWS [TBA]

AWS Networking Services

AWS VPC (Virtual Private Cloud)

Amazon VPC enables you to create isolated networks within AWS. It's the foundation of AWS networking, allowing you to define IP address ranges, subnets, and routing rules for your resources.

AWS Direct Connect (DX)

AWS Direct Connect provides a dedicated, private connection between your on-premises environment and AWS. It's ideal for applications requiring consistent, high-bandwidth connectivity.

  • Setting up AWS Direct Connect for Enterprise Workloads [TBA]
  • How to Combine Direct Connect with VPN for Hybrid Cloud Solutions [TBA, VPN over DX)

AWS Load Balancing

Elastic Load Balancing automatically distributes incoming application/ network traffic across multiple targets, such as EC2 instances or containers, to improve application availability and fault tolerance.

  • Setting up an ELB in AWS [TBA]
  • ALB vs Gateway Load Balancing vs Network Load Balancer [TBA]
  • Utilising ELB with Auto-Scaling Groups [TBA]
  • AWS Load Balanacer Controllers and Kubernetes [TBA]

AWS Transit Gateway (TGW)

AWS Transit Gateway simplifies network management by acting as a central hub for connecting VPCs, on-premises networks, and other AWS services.

  • VPC Peering vs Transit Gateway
  • BGP and AWS
  • AWS Transit Gateway Use Cases and Setup Guide [TBA]
  • Optimising Network Traffic with Transit Gateway Routing Policies [TBA]
  • Segregating Domains in AWS Using Transit Gateway (Security/ Inspection VPC etc) [TBA]
  • Transit Gateway Routing and Propagation
  • VIFs [TBA]

AWS WAF, AWS Shield, Network Firewall [TBA AREAS]

AWS Content Delivery

AWS CloudFront

Amazon CloudFront accelerates the delivery of static and dynamic web content by caching it at edge locations near end users.

  • Integrating CloudFront with S3 for Static Website Hosting [TBA]
  • Configure CloudFront Functions for Custom Content Delivery Logic [TBA]

AWS Global Accelerator

AWS Global Accelerator improves the availability and performance of your applications by directing traffic to optimal AWS endpoints based on health and geography.

  • When to use AWS Global Accelerator vs CloudFront [TBA]
  • Configure Global Accelerator for Multi-Region Applications [TBA]

Fault Finding in AWS Networking

  • Cloud Map [TBA]
  • Trace etc [TBA]
  • CloudWatch Metrics [TBA]
  • VPC Reachability Analyser [TBA]

Best Practices for AWS Networking & Content Delivery

AWS - Security

What is AWS Security?

AWS Security encompasses services, features, and practices designed to ensure the confidentiality, integrity, and availability of your systems and data in the cloud. From identity management to encryption and compliance, AWS provides the tools you need to build secure applications and meet regulatory requirements.

  • ELI5 - [AWS Shared Responsibility Model Explained] [TBA]
  • [How to Implement Multi-Factor Authentication (MFA) in AWS] [TBA]
  • [Understanding AWS Compliance Programs: A Beginner's Guide] [TBA]

AWS Security Services

AWS IAM (Identity and Access Management)

IAM allows you to securely manage access to AWS services and resources. You can create and manage users, groups, and roles, and define fine-grained permissions for them.

  • [Best Practices for AWS IAM Policies] [TBA]
  • [How to Use IAM Roles for Cross-Account Access] [TBA]
  • [IAM vs. Resource Policies: Key Differences] [TBA]

AWS KMS (Key Management Service

KMS enables you to create and manage encryption keys used to protect your data. It integrates with other AWS services to provide seamless encryption and decryption.

  • [Setting Up AWS KMS for Data Encryption] [TBA]
  • [How to Rotate Keys in AWS KMS] [TBA]
  • [Encrypting S3 Buckets with KMS: Step-by-Step Guide] [TBA]

AWS CloudTrail

CloudTrail provides detailed logging of API calls and activity in your AWS account, enabling you to monitor and audit actions for security and compliance purposes.

  • [Getting Started with AWS CloudTrail Logging] [TBA]
  • [How to Analyse CloudTrail Logs for Security Insights] [TBA]
  • [Using CloudTrail with Amazon S3 for Long-Term Log Storage] [TBA]

AWS GuardDuty

GuardDuty is an intelligent threat detection service that continuously monitors your AWS environment for malicious activity and unauthorised behavior.

  • [Configuring Amazon GuardDuty for Threat Detection] [TBA]
  • [GuardDuty vs. AWS Security Hub: When to Use Each] [TBA]
  • [Responding to GuardDuty Findings: Best Practices] [TBA]

AWS Security Hub

Security Hub provides a centralised view of your security posture across AWS accounts and services. It aggregates findings from various AWS security tools and compliance checks.

  • [Integrating AWS Security Hub with GuardDuty and Inspector] [TBA]
  • [How to Automate Compliance Checks in AWS Security Hub] [TBA]
  • [Using Security Hub for Multi-Account Security Management] [TBA]

Best Practices for AWS Security

Kubernetes

Kubernetes Networking [TBA]