AFAtif Farrukhindevopsunlocked.hashnode.dev·Mar 12 · 15 min readThe Terraform State Time Bomb: How to Defuse it Before Your Infra CollapsesThe Call You Don't Want to Get at 2 AM I've walked into this exact situation twice in my career, and it's the same story both times. A promising startup, six engineers, moving fast. Terraform was intr00
AFAtif Farrukhindevopsunlocked.hashnode.dev·Mar 11 · 12 min readStop Writing Spaghetti Terraform: The Module Architecture That Scales to 50 TeamsI've walked into enough platform engineering engagements to recognise the smell. It hits you before you even open a single `.tf` file. Someone says something like: _"We have a `main.tf` that's getting00
AFAtif Farrukhindevopsunlocked.hashnode.dev·Sep 11, 2025 · 5 min readYour Tools Are Sharp, But Is Your Culture? The Missing Link in Least PrivilegeLast week, I laid out a pretty prescriptive blueprint for a least-privilege IAM strategy in AWS. The feedback was exactly what I expected. It split into two camps. The first camp said, “Finally. A real-world pattern we can actually implement.” They g...00
AFAtif Farrukhindevopsunlocked.hashnode.dev·Sep 9, 2025 · 8 min readThe Azure Role That Won’t Get You Fired: A Least-Privilege RBAC Strategy for Your DevOps TeamI’ve seen it happen more times than I can count. I’ll walk into an organization using Azure, and the subscription looks like a digital Wild West. Every developer, contractor, and their dog has the Contributor role assigned at the subscription scope. ...00
AFAtif Farrukhindevopsunlocked.hashnode.dev·Sep 3, 2025 · 7 min readThe Strategic IAM Policy: Mitigating High-Stakes Risks with Least Privilege for Your DevOps TeamI’ve walked into more than one new consulting gig to find the AWS account is a minefield of over-permissioned IAM users. It usually starts with a familiar, stomach-dropping story. A junior engineer, armed with PowerUserAccess, tries to terminate a te...00
