Notes from the build.
Architecture decisions, benchmark write-ups, and the occasional retrospective on what I got wrong. Every post is grounded in a real project on this site.
All writing
The Security Boundary Is Not The Prompt
Multi-tenant AI systems should enforce tenant scope before retrieval. Tenant Lens uses tenant-scoped ingestion, per-tenant indexes, and authorization before data access.
Shiny AI Demos Need Promotion Gates
A working AI demo is not the same thing as a promotable workflow. AgentOps Lab explores quality, trace, latency, and cost gates for RAG and agentic systems.
RAG Retrieval Tuning
Tenant Lens improved from 48.57% to 94.29% by treating retrieval as an engineering problem, not by swapping the language model.
Honestly, How Long Does It Really Take to Provision an AWS Landing Zone?
Control Tower can start an AWS landing zone in under two hours. A production-ready landing zone with identity, logging, security, networking, automation, and account vending usually takes weeks.
A Model Deprecation Validated My Platform Design
Anthropic deprecated Claude 3 Haiku on Bedrock mid-benchmark. The reusable challenger lane absorbed the full swap to Nova Lite as a config change. The replacement was 28× cheaper and 6× faster than Textract.
Building a Multi-Tenant RAG Platform on AWS
Tenant Lens is a production-shaped RAG MVP with tenant isolation, reliable ingestion, authorization before retrieval, hybrid search, grounded answers, and measured retrieval quality.