Clear, opinionated recovery notes for SaaS infrastructure

ArgoCD CVE-2022-24348: a Secret leak that hid in log volume

How a ConfigMap path traversal under ArgoCD CVE-2022-24348 leaked a cross-namespace Keycloak Secret for 3 days, and the recovery sequence that actually stopped it.

Why Grafana OnCall acknowledgments hang after a Helm upgrade migration

A partial Django migration left Grafana OnCall with a missing column. Acks returned 500 for 72 hours while alerts piled into zombie incidents. Here's the fix.

Why a deleted backup Lambda kept billing 9,400 EBS snapshots

An EBS Snapshot line of $1,830 a month came from a Lambda deleted a year earlier. Here is how we found the 9,408 orphans and the tagging rule we wrote.

Why one shared Terraform module made every PR a 14-service change

A consolidated Terraform module turned every PR into 14 service plans with 1,400 resource changes. How we pinned, tiered, and split it back apart.

When ArgoCD shows Healthy but Keycloak silently strips JWT claims

ArgoCD synced a Keycloak realm ConfigMap with OVERWRITE strategy and silently stripped JWT claims across six clients. Here is how we recovered without dropping sessions.

Why a Terraform apply hangs 90 minutes on a custom provider with no timeout

A 200-entry destroy hung for 90 minutes because a custom Terraform provider skipped context timeouts. How we recovered the half-updated state and fixed the provider.

Grafana 'No Data' after migration: 7 reconcilers we had to kill first

Grafana dashboards went blank post-migration and every fix reverted in minutes. Here is how we found the reconcilers and restored the observability stack.

When MinIO Deny Wins Cause Silent Upload Failure

A MinIO bucket policy with an explicit Deny silently swallowed 12k uploads while the SDK returned 200. Here is how we found it and the audit alert we added.

ArgoCD Drift: Three Namespaces, One JWT Hotfix

A JWT rotation hotfix left three ConfigMaps in three different states and Git stale. Here is how we found the canonical truth and committed it back without breaking auth.

How we recovered tfstate after force-unlock raced a CI apply

A force-unlock collided with a running CI apply and corrupted tfstate. Here is how we restored the S3 version and re-imported the drifted resources.

Why terraform apply fails when plan passes: the map(any) trap

A 15th map(any) input collided with an existing key three module layers down. plan passed, apply failed. Here is how we traced it and untangled the root.

Why a forgotten RDS replica added $8,600 to one AWS bill

How a cross-AZ RDS read replica left over from a load test retried writes every 50ms and quietly tripled an AWS bill in six days.

Init container cascade when every kubectl patch reverts in 10 seconds

Three init containers stuck in cascade and every kubectl patch reverted within ten seconds. Here is how we found the source of truth and fixed it.

Infrastructure change control checklist for audit-ready SaaS teams

A practical checklist for approvals, validation evidence, rollback discipline, and audit-ready change control.

GitOps drift triage checklist for production teams

A fast triage sequence for classifying GitOps drift, comparing rendered output, and restoring sync trust.

Migration blast radius mapping framework for SaaS platforms

A practical framework to map hidden migration dependencies and contain post-cutover reliability risk.

ArgoCD sync failed recovery playbook for production teams

A recovery sequence for repeated ArgoCD sync failures, drift reconciliation, and safer release flow.

Terragrunt vs Terraform for growth-stage SaaS: decision framework

A practical decision framework for selecting IaC structure based on ownership and change safety.

Audit evidence pack for SaaS infrastructure teams

A practical evidence-pack structure for audit readiness without slowing product delivery.

Cloud cost spike triage framework for engineering leads

A systems-first triage flow to isolate spend drivers and reduce cost safely.

Kubernetes release stabilization runbook

A practical runbook to make rollouts deterministic and rollback paths reliable.

Post-migration stabilization checklist for SaaS teams

A 30-day stabilization sequence for teams whose platform got shakier after migration.

Terraform drift detection workflow teams actually maintain

A practical drift detection workflow with ownership, triage, and reconciliation rules that hold up under pressure.

Terraform module refactor strategy for growth-stage SaaS

A phased module refactor strategy that lowers coupling and avoids production disruptions.

Failed Terraform apply incident response checklist

A practical incident sequence to contain impact, reconcile state, and prevent repeat failures.

Terraform state recovery playbook for SaaS teams

A practical sequence to repair state trust, reduce blast radius, and restore predictable infrastructure changes.

Safe Terraform apply guardrails for production SaaS

A guardrail system for CI/CD, review, and rollback that makes Terraform applies boring again.

Infrastructure review checklist for SaaS teams under pressure

A fast decision guide for when to request a review and what to prepare so the response is actionable.

Terraform drift recovery: stabilize IaC without stalling delivery

A practical recovery plan for drift, fear-of-apply, and brittle modules with guardrails that last.