AWS Cloud Expertise
Tap into focused topics below to explore specific areas of my work in AWS cloud engineering.
AWS EC2 Instances
Deploying scalable, secure, and automated compute infrastructure with Amazon EC2.
- Provisioned and managed Amazon EC2 instances for web servers, databases, and automation workloads.
- Utilized AMI-based deployments, user data scripts, and launch templates for consistent provisioning.
- Automated infrastructure using Terraform, managing IAM roles, security groups, and EBS volumes.
- Enabled Auto Scaling Groups and Elastic Load Balancers (ELB) for high availability and elasticity.
- Secured access with SSH key management, VPC subnet planning, and bastion hosts.
- Monitored instances using CloudWatch metrics, status checks, and custom alarms.
- Leveraged AWS Systems Manager (SSM) for remote management, patching, and inventory tracking.
- Backed up instances via EBS snapshots and applied lifecycle policies for storage optimization.
AWS Identity and Access Management (IAM)
Enforcing secure, scalable, and automated access control across AWS environments.
- Designed and maintained IAM policies, roles, users, and groups to uphold least-privilege access principles.
- Authored custom IAM policies in JSON to define fine-grained, resource-level permissions.
- Assigned IAM roles to EC2, Lambda, ECS, and other services for scoped identity-based access.
- Automated IAM provisioning and policy attachment via Terraform for CI/CD and IaC workflows.
- Enabled SAML 2.0 federation using Entra ID (Azure AD) as an identity provider for seamless access.
- Enforced MFA for privileged accounts and implemented access key rotation policies.
- Monitored and audited access using CloudTrail, Access Analyzer, and IAM credential reports.
- Implemented tag-based access control and governance using policy conditions and automation.
Amazon CloudWatch
Comprehensive observability and proactive alerting across AWS infrastructure and applications.
- Configured Amazon CloudWatch for real-time monitoring, logging, and alerting across services like EC2, RDS, Lambda, and ECS.
- Set up CloudWatch Alarms for CPU, memory, disk, and latency metrics with automated notifications and remediation triggers.
- Collected and analyzed logs via CloudWatch Logs to troubleshoot issues and maintain audit trails.
- Built custom CloudWatch Dashboards to visualize performance trends, service health, and KPIs.
- Integrated CloudWatch with AWS SNS and Lambda functions for event-driven alerting and self-healing workflows.
- Implemented metric filters, log retention policies, and cross-account log ingestion for unified observability and compliance.
- Utilized CloudWatch Logs Insights for advanced querying and anomaly detection in high-volume log data.
- Monitored application uptime and user journeys with CloudWatch Synthetics and ServiceLens for end-to-end visibility.
CI/CD on AWS
Automating infrastructure and application delivery with scalable, secure pipelines.
- Designed and implemented end-to-end CI/CD pipelines using Bitbucket, Jenkins, and Terraform for automated deployments.
- Integrated Jenkins with EC2, S3, CodeDeploy, and CloudFormation to orchestrate cloud-native deployment workflows.
- Reduced deployment times by 35% through pipeline optimization—parallel stages, caching, and event-driven triggers.
- Configured Bitbucket Pipelines for pre-deployment code validation, linting, and static analysis to maintain code quality.
- Adopted infrastructure-as-code and blue/green deployment strategies to ensure zero-downtime releases.
- Secured secrets using AWS Secrets Manager and Jenkins credentials store for safe credential management.
- Monitored pipelines with CloudWatch metrics, Jenkins dashboards, and Slack notifications for real-time visibility.
- Enforced branch protection, PR approvals, and implemented automated rollback for fault-tolerant delivery.