A map of the work: what was built, how it was documented, and where to find it.
AWS Cost Management — right-sizing a personal estate
A billing audit that found $59/month accumulating in a personal AWS account that was supposed to cost nearly nothing — idle EIPs, orphaned snapshots, and test secrets nobody cleaned up. Reduced to $3.63/month.
| Stage | What | Post | Status |
|---|---|---|---|
| 5.1 | What $59/month looks like on a personal site — idle EIPs, orphaned snapshots, secret accumulation | Post 1 — what $59/month looks like | Complete |
Traffic Analytics — CloudFront logs and Athena
Server-side traffic analytics for tacedata.ca using AWS-native tooling — no JavaScript, no cookies, no third parties. Design proved sound; closed when the CloudFront Free pricing plan blocked all logging features.
| Stage | What | Post | Status |
|---|---|---|---|
| 4.1 | Free plan logging wall — CloudFront and WAF logging both gated behind the Pro tier | Post 1 — what the Free plan doesn’t tell you | Closed |
Economic Indicators Dashboard
Eight Canadian economic indicators translated into plain-English mortgage rate signals. Tracks the indicators most relevant to the fixed vs. variable rate decision.
| Stage | What | Post | Status |
|---|---|---|---|
| 2.6 | Threshold alerting — SNS email on signal crossings | Post 6 — threshold alerting | Complete |
| 2.5 | Historical storage — DynamoDB snapshots, extended sparklines | Post 5 — historical storage | Complete |
| 2.4 | Data source upgrades — replace ETF proxies | Post 4 — data source upgrades | Complete |
| 2.3 | Server-side data fetching — Lambda pipeline | Post 3 — server-side data fetching | Complete |
| 2.2 | Hugo integration — dashboard into the site | Post 2 — Hugo integration | Complete |
| 2.1 | Document origin — what was built and why | Post 1 — what and why | Complete |
Security Remediation — public repo cleanup
A post-launch security review uncovered AWS resource identifiers committed to a public repository. Full account of what was exposed, how it was found, and what it took to fix it — including a git-filter-repo history rewrite across 46 commits.
| Stage | What | Post | Status |
|---|---|---|---|
| 3.2 | Internet cache and the Wayback Machine | Post 2 — internet cache and the wayback machine | Complete |
| 3.1 | Cleaning sensitive data out of git history | Post 1 — cleaning sensitive data out of git history | Complete |
tacedata.ca — this site
Personal portfolio and professional development site. Hugo static site hosted on AWS S3 + CloudFront, deployed via GitHub Actions. Documented as a staged build from scratch.
| Stage | What | Post |
|---|---|---|
| 1.7 | Scheduled rebuild — publishing future-dated posts automatically | Scheduled publishing |
| 1.6 | Site monitoring with AWS CloudWatch | Site monitoring with aws cloudwatch |
| 1.5 | Cutting over a website | Stage 5: cutting over a website |
| 1.4 | Building the site itself | Stage 4: building the site itself |
| 1.3 | Deploying a static site on AWS | Stage 3: deploying a static site on aws |
| 1.2 | Migrating email before touching DNS | Stage 2: migrating email before touching dns |
| 1.1 | Choosing a static site generator | Stage 1: choosing a static site generator |