My Projects
AWS Cloud Penetration Test: Real-World Risk Assessment on Production-Grade Infrastructure
Redacted Report | LinkedIn Article
This penetration test evaluated the security posture of an AWS production-grade system across IAM, S3, TLS configurations, and compliance alignment. Findings included overly permissive IAM policies, public S3 buckets, and TLS misconfigurations. All findings were mapped to CIS Level 1 & 2 benchmarks using Prowler, with tooling support from Cloudsplaining, S3Scanner, SSLyze, and AWS CLI.
The project demonstrates expertise in threat modeling, reconnaissance, audit automation, and practical remediation strategies for cloud-native architectures.
FinBankOps: Secure, Multi-Region Kubernetes Infrastructure for Fintech on AWS
GitHub Repo | LinkedIn Article
This project implements a production-grade, secure Kubernetes infrastructure for fintech using Amazon EKS. It supports multi-region deployment, blue/green releases, and GitOps-driven workflows via ArgoCD. Istio handles ingress traffic and internal service mesh routing, while security is reinforced using External Secrets Operator and kube-bench/kubescape audits.
Observability is ensured via Prometheus, Grafana, and CloudWatch. The platform enables PCI-DSS-aligned compliance while providing scalable deployment for containerized microservices stored in Amazon ECR.
Design, Training, and Deployment of a DevOps-Enabled Real-Time ML Fraud Detection System
Infra Repo | App Repo | LinkedIn Article
This project showcases the complete pipeline for a real-time fraud detection system using a containerized microservices architecture on AWS. Ingestion, inference, and action microservices are deployed to Amazon ECS (Fargate), and their Docker images are stored in ECR. Machine learning inference is based on a trained model that detects anomalous financial transactions in real-time.
Infrastructure is managed with Terraform, CI/CD is orchestrated via GitHub Actions, and observability is achieved through Amazon CloudWatch. Fraud alerts are published via Amazon SNS, and the architecture is extensible to support compliance audit logging using Amazon RDS.
Secure Three-Tier Web Application Deployment on Kubernetes with AWS Monitoring
GitHub Repo | LinkedIn Article
This project focused on deploying a secure, scalable three-tier web application using AWS and Kubernetes. I provisioned a robust EKS cluster and built Docker containers for both frontend and backend services, hosted securely via AWS ECR. To route traffic efficiently, I configured an ALB Ingress Controller. For observability, I enabled CloudWatch control plane logs to track API server activities, authenticator logs, and audits. The infrastructure was designed to scale dynamically, with IAM roles enforcing principle of least privilege across services.
Secure Three-Tier Web Application with GitHub Actions CI/CD, S3 Hosting, Deployment to Dev and Prod Servers, and Comprehensive Monitoring
GitHub Repo | LinkedIn Article
In this project, I built a fully automated, environment-aware deployment pipeline for a three-tier web application. The frontend was hosted on S3 while the backend (Node.js) ran on EC2 within a VPC. GitHub Actions orchestrated CI/CD pipelines across dev and prod branches. Infrastructure was provisioned with Terraform, including private/public subnets and NAT gateways. For monitoring, I installed the CloudWatch agent and configured AWS Managed Grafana dashboards with real-time CPU, memory, and disk usage metrics. Alerts were created for SLA-sensitive events. This setup exemplifies production-grade DevOps and cloud architecture.
Deploying, Securing, and Monitoring a Cloud-Native Recipe-Sharing Application with AWS, Prometheus, and Grafana
GitHub Repo | LinkedIn Article
To modernize the way I share culinary recipes, I developed and deployed a cloud-native FastAPI application integrated with a React frontend hosted on S3. The backend API was containerized and deployed to EC2, exposed via API Gateway. CloudFormation handled infrastructure provisioning. To ensure performance visibility, I configured Prometheus to scrape FastAPI metrics and visualized real-time traffic using Grafana dashboards. I designed two access layers: a user interface and an admin portal, reflecting real-world content management workflows.
End-to-End DevOps Pipeline Implementation: Automated Infrastructure, CI/CD, and Monitoring with GitHub Actions, AWS EKS, and ELK Stack
GitHub Repo | LinkedIn Article
This project implemented a full-stack DevOps solution using GitHub Actions for CI, Terraform for infrastructure automation, and Kubernetes on AWS EKS for orchestration. Dockerized applications were built and deployed with Kubernetes manifests. Logs were centralized using the ELK stack, while Prometheus and Grafana enabled detailed performance monitoring and alerting. Security was reinforced through IAM policies, encrypted storage, and TLS via ACM certificates.
Automated Cloud Disaster Recovery and Business Continuity Solution
GitHub Repo | LinkedIn Article
This disaster recovery project leveraged AWS infrastructure to build a resilient architecture that could handle regional failover, backup, and restoration. Using Terraform for reproducible infrastructure and GitHub Actions for automation, I integrated Datadog for system observability and alerting to ensure readiness in business continuity scenarios.
Containerizing, Automating, and Monitoring a WebApp with Docker, GitHub, CI/CD, Prometheus, and Grafana
GitHub Repo | LinkedIn Article
This project involved containerizing a Node.js web app, deploying it using a CI/CD pipeline built with GitHub Actions, and configuring Prometheus and Grafana to provide visibility into app health and performance. The goal was to streamline releases and provide real-time monitoring of container behavior and HTTP requests.
Comprehensive Deployment and Monitoring of a Machine Learning Model with Flask on AWS Using Prometheus and Grafana
GitHub Repo | LinkedIn Article
I deployed a Flask-based ML model as a production API on EC2 using Terraform and GitHub Actions. AWS CloudFormation and S3 were used for configuration and storage. Monitoring was integrated with Prometheus and Grafana, and AWS Security Hub was configured for compliance audits and vulnerability detection.
CI/CD Pipeline for Scalable Web App using AWS Amplify, AWS CodeBuild, AWS CodePipeline, Terraform, Lambda, and CloudWatch
GitHub Repo | LinkedIn Article
This project centered on building a CI/CD pipeline for a React-based web application. The frontend was deployed using AWS Amplify, and backend logic was handled with AWS Lambda. CodePipeline and CodeBuild automated deployments, and CloudWatch monitored performance metrics and logs.
Automated CI/CD for a Full-Stack Application on Google Cloud Platform Using Docker, Terraform, GitHub Actions, and Google Cloud Operations Suite
GitHub Repo | LinkedIn Article
I deployed a full-stack application on GCP using Docker containers, Terraform for infra provisioning, and GitHub Actions for CI/CD. Monitoring and alerting were set up using the Google Cloud Operations Suite, providing clear visibility into deployments and runtime behavior.
Efficient CI/CD Implementation for a Node.js App using Jenkins and Amazon S3 for Artifact Management
GitHub Repo | LinkedIn Article
This project focused on implementing an efficient Jenkins-based CI/CD pipeline for a Node.js application. Artifacts were managed and stored using S3. GitHub served as the version control system, and automated builds ensured fast feedback loops.
AWS Infrastructure Compliance Audit System with AWS Config and Lambda
This compliance audit system utilized AWS Config to evaluate resource conformance across services. Lambda functions were triggered on non-compliant rules, enabling proactive remediation and alerting via SNS.
AWS Cloud Security Dashboard
I designed a web-based dashboard to visualize and monitor key AWS security metrics, including IAM role usage, open security groups, and policy violations, offering centralized oversight for cloud posture management.