Systems / cloud
Cloud Architecture
Design fault-tolerant, secure architectures on AWS (and GCP).
What I Can Do
- Multi-AZ VPCs with public / private subnet isolation
- Auto Scaling Groups behind Application Load Balancers
- Serverless APIs on Lambda + API Gateway + DynamoDB
- Least-privilege IAM roles for compute and CI/CD
- AWS Certified Solutions Architect – Associate
Featured Project
PitchPulse26: Full-Stack World Cup Prediction Platform
Built an end-to-end prediction platform for World Cup 2026 group-stage matches. The frontend runs on AWS Amplify, the backend is an Express API on Lambda behind API Gateway, and Prisma + Neon PostgreSQL power match, prediction, standings, and leaderboard data. Infrastructure is managed with Terraform, DNS is handled through Route 53 for a Namecheap-purchased domain, deployments run through GitHub Actions, and operations are supported by CloudWatch dashboards, alarms, and a documented rollback runbook.
More Projects
Cloud-Native Node API: ECS Fargate & EKS Deployments
Deployed the same Node.js + Express API to AWS two ways. ECS Fargate behind an ALB, and Amazon EKS with a managed node group and a LoadBalancer Service to compare the operational surface, networking model, and cost shape of both AWS container platforms end to end. Documented the build to ECR, both deployment paths, and end-to-end traffic verification with side-by-side console and kubectl evidence.
Terraform AWS Platform: Multi-AZ, ALB, Auto Scaling
Provisioned a reusable AWS infrastructure baseline with Terraform for highly available application hosting. The stack includes a multi-AZ VPC, public and private subnets, an ALB, an Auto Scaling Group, NAT gateways, IAM roles for SSM access, and CloudWatch alarms tied to scaling behavior. GitHub Actions handles CI/CD for infrastructure changes without static cloud credentials.
GCP Infrastructure Automation (Terraform + Ansible)
Provisioned a full GCP environment (VPC, subnets, firewalls, Compute Engine) with Terraform, using GCS remote state and workspaces for environment isolation. Ansible handles post-provision configuration, OS bootstrapping through Docker runtime setup. End-to-end infrastructure lifecycle automation.