Latest Posts

Every engineer eventually gets bitten by DNS. A service starts timing out, and three hours later you realize your pod has been hammering the per-ENI 1024-PPS link-local budget. Or you spend an afternoon debugging a stale record only to discover the browser was happily ignoring your perfectly configured resolv.conf. DNS is invisible when it works and devastating when it doesn’t.

Recently I was working on a project where we needed to use AWS Nitro Enclaves as a Trusted Execution Environment (TEE) to handle highly sensitive cryptographic keys. The challenge was straightforward to describe but tricky to solve: we needed an asymmetric key pair that multiple enclave instances could share for encrypting and decrypting files, but the private key could never be accessible outside the enclave – not to the host machine, not to operators, not to anyone.

Introduction

Hey there! Welcome to my tech blog. I’m Rafael, a Engineer passionate about cloud architecture and automation. Here, I’ll be sharing insights about AWS,DevOps practices, and emerging technologies.

Introduction