ConfigWatcher

ConfigWatcher – Automated Drift Detection Powered by AWS Lambda.

Comment

🛠️ ConfigWatcher – Project Story

🌟 Inspiration

As a computer science student learning about DevOps and cloud-native development, I kept hearing how a single misconfigured environment variable could break an entire deployment. During one of my side projects, I accidentally left a debug flag enabled in production — and that made me realize how easy it is to let these small mistakes slip through.

I thought, what if I could build a smart assistant that watches over these config files and alerts me automatically? That's how ConfigWatcher was born — a serverless drift detection tool powered entirely by AWS Lambda.

🔍 What it does

ConfigWatcher is a tool that monitors .env files uploaded to an AWS S3 bucket and compares them across environments like local, staging, and production. It automatically detects:

  • ❌ Missing keys
  • ⚠️ Mismatched values

It then sends a clear and easy-to-read drift report to your inbox via Amazon SES, so teams or developers are immediately aware of any issues — before they reach production.

⚙️ How I built it

This project is completely serverless and cloud-native. Here's how I built it as a student:

  • Amazon S3 stores uploaded .env files
  • AWS Lambda does all the heavy lifting — reading files, comparing keys and values, and formatting the report
  • Amazon SES sends the drift alert emails
  • AWS IAM ensures secure access between these services
  • CloudWatch Logs helps debug and monitor Lambda performance

The Lambda function is written in Python. It gets triggered by an S3 event, processes the uploaded files, and emails a drift report automatically.

🧗 Challenges I ran into

  • Parsing .env files accurately, especially when formatting varied
  • Debugging SES email delivery and HTML formatting
  • Learning how to write proper IAM policies as a beginner
  • Testing the full flow — from upload to email — on the AWS Free Tier
  • Making sure it all worked smoothly within the limits of a student account

🏆 Accomplishments I'm proud of

  • I built a real-world DevOps automation tool completely as a student
  • Everything runs on the AWS Free Tier, making it accessible for others like me
  • I got hands-on experience with Lambda, S3, SES, IAM, and event-driven design
  • The tool requires no UI or login — everything is automated and delivered to your inbox

📚 What I learned

  • How powerful serverless architecture can be for automating repetitive tasks
  • Real-life applications of AWS Lambda, IAM, and SES
  • Importance of clear communication — especially through email reports
  • That even as a student, I can build tools that solve real DevOps problems

🚀 What's next for ConfigWatcher

  • Add support for Slack or Teams notifications
  • Allow comparing .yaml or .json configs, not just .env files
  • Build a simple CLI tool for developers to trigger scans from local machines
  • Make it open source so other students and teams can use it and contribute
  • Add auto-fix suggestions in the drift report for faster resolution

Thank you for reading — ConfigWatcher started as a student idea, and it’s now a powerful, serverless DevOps tool ready to grow. 🚀

Built With

Share this project:

Updates