Skip to content
inskillClaudeMethodCurriculumSkillsPDFsArticlesResourcesPricingGame
inskillClaude
Discord
Sign in

Cloud Stack for AI Apps — Mastery7 / 8

Secrets, Env & Config Across Environments

Five services, three environments, one leaked key away from a bad week. Config discipline is unglamorous and non-negotiable.

Published May 16, 20261 min readHaythem Rehouma · Claude Mastery
Secrets, Env & Config Across Environments

A five-service stack means a pile of keys, in three environments, with exactly one rule you cannot break. This is the unglamorous discipline that prevents a very bad week.

The public/secret boundary

Know which keys are publishable (Stripe pk_, Supabase anon key — safe in the client) and which are secret (sk_, service-role — server only).

Per-environment keys

Use separate keys per environment: Stripe test vs. live, a dev Supabase project vs. prod. Vercel scopes env vars to Preview / Production — set them there, not in code. A test key in production (or worse, the reverse) is a classic outage.

Never commit a secret

Keep secrets in .env.local (git-ignored) and in the platform's env settings — never in the repo. If a key ever lands in git history, rotate it; deleting the commit isn't enough.

Config done. Finale: the wiring playbook that ships the whole thing in days.

Reusable SKILL.md playbooks scored against this article. Install one with a single command in Claude Code, Cursor, Codex CLI or Gemini CLI.

cloudamazon-alexaIntegracao completa com Amazon Alexa para criar skills de voz inteligentes, transformar Alexa em assistente com Claude como cerebro (projeto Auri) e integrar com AWS ecosystem (Lambda, DynamoDB, Polly, Transcribe, Lex, Smart Home).cloudaws-cost-cleanupAutomated cleanup of unused AWS resources to reduce costscloudaws-cost-optimizerComprehensive AWS cost analysis and optimization recommendations using AWS CLI and Cost Explorercloudaws-penetration-testingProvide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.cloudaws-serverlessSpecialized skill for building production-ready serverless applications on AWS. Covers Lambda functions, API Gateway, DynamoDB, SQS/SNS event-driven patterns, SAM/CDK deployment, and cold start optimization.cloudaws-skillsAWS development with infrastructure automation and cloud architecture patterns

Share this article

#Cloud #AI #DevTools

LinkedInX / TwitterBlueskyThreadsRedditHacker NewsWhatsAppEmail

Series — Cloud Stack for AI Apps — Mastery

  1. Part 01The Opinionated AI Product StackChoosing infrastructure is where weeks vanish. Here is a default stack that lets a small team ship an AI product in days — and when to deviate.
  2. Part 02Next.js on Vercel — The App LayerOne framework for UI, API and server rendering; one platform that deploys on git push. The app layer should be the part you never think about.
  3. Part 03Supabase — Postgres, Auth & Storage in OneReal Postgres, auth, file storage and pgvector behind one SDK. For an AI product, having your data and your vectors in the same database is a quiet superpower.
  4. Part 04Stripe — Payments & SubscriptionsCharging money is a solved problem — if you let Stripe solve it. Checkout, subscriptions, and the webhook that is the real source of truth.
  5. Part 05Resend — Transactional Email That LandsThe receipt, the download link, the password reset — if they hit spam, your product feels broken. Deliverability is a feature.
  6. Part 06AWS — When You Outgrow the Managed PathThe managed stack covers 90% of an AI product. AWS is the escape hatch for the other 10% — long jobs, GPU inference, large files. Use it surgically.
  7. Part 07Secrets, Env & Config Across Environmentsyou are hereFive services, three environments, one leaked key away from a bad week. Config discipline is unglamorous and non-negotiable.
  8. Part 08Shipping in Days — The Wiring PlaybookThe whole stack assembled into a build order: from empty repo to a paid, emailing, AI-powered product in a working week.

Keep learning

PDF — lifetime

Settings & Permissions

Configure settings.json and take control of the permission system.

See the PDF →

Course

The Claude Mastery course

12 modules · 5 languages · certificate · 3-day free trial.

See plans →
LinkedInX / TwitterBlueskyThreads