Oliver Bühler
obue.de · Issue 01 · 2026Stuttgart · eu-central-1

I'm Oliver.Cloud Architect& Specialist.

I think out loud about cloud architecture. About Landing Zones that hold thousands of accounts, security that convinces auditors, and running AWS at enterprise scale: what breaks, and how to prevent it.

Read the BlogWhat I've built
Portrait Oliver Bühler
Senior Cloud Security Architect
Tallence AG
AWS Certifications
Solutions Architect ProDevOps Engineer ProSecurity SpecialtyAdvanced NetworkingMachine LearningSolutions Architect Assoc.Developer Assoc.SysOps Admin Assoc.AI PractitionerCloud Practitioner
Selected Work

What I've worked on.

See all
012021–2024
Deutsche Telekom

DTAG Group-Wide AWS Landing Zone

2,000 accounts. 40 organizations. −20% cloud costs.

Control TowerTerraform
022019–2020
Deutsche Telekom

MagentaGaming Cloud Platform

AAA cloud gaming from zero to Gamescom launch in 5 months.

ECS FargateAPI Gateway
032024–now
Tallence AG

AWS Security & C5-Attestierung

500+ security controls. C5 moderate. ISO 27001 ready.

Security HubCIS
Deep-Dives from Practice

What I write about.

Go to Blog
aws

AWS Landing Zone: Multi-Account Strategy for Enterprise Environments

A well-designed multi-account strategy is the foundation of any scalable AWS environment. In this article I explain how AWS Control Tower and AWS Organizations work together and which design decisions truly matter when building a Landing Zone.

3 min
terraform

Terraform State Management with S3 and DynamoDB: The Production-Ready Approach

Local Terraform state is an anti-pattern. Anyone working in a team or using CI/CD needs a remote backend. S3 + DynamoDB is the proven combination on AWS — here is the complete configuration.

3 min
aws

AWS Cost Optimisation: Quick Wins That Work Immediately

Before introducing complex FinOps processes, there are a handful of measures that immediately reduce costs in any AWS account. Here are the five quick wins I implement first in every project.

2 min
Topics I think about

What this site is about.

All Posts
01Landing Zone

Multi-account architectures that scale.

Why governance and developer experience don't have to conflict, and how Control Tower makes both work.

02Security & Compliance

Security architectures that convince auditors.

CIS benchmarks, ISO 27001, C5: thought of as code rather than PDF, and what that means in practice.

03Serverless Platforms

Platforms that launch fast and scale cleanly.

Lambda, Fargate, Step Functions, API Gateway: where the limits are and where they're not.

04FinOps

Cloud costs you understand and control.

Reserved Instances, Savings Plans, tagging discipline: why most teams fail at tagging.

Now · May 2026
May means Hamburg: AWS Summit - talks, networking, and a pulse check on what's moving in the cloud world right now. At the same time, I'm excited about the launch of Tallence AG's new Cloud Portfolio - a milestone I contributed to that reflects how we approach enterprise cloud projects today.
→ read latest posts
→ follow LinkedIn
→ subscribe RSS
Colophon

Write to me about AWS, architecture, or anything.

This site is not a service offering. I work full-time at Tallence as an AWS architect. For a technical exchange, a review, a talk, or a community conversation, get in touch.

E-Mailhello@obue.deLinkedInlinkedin.com/in/olibhlrGitHubgithub.com/obueBlogobue.de/blogRSSobue.de/feed.xml