Short project overview
AWS INFRASTRUCTURE DESIGN
Design AWS Infrastructure for SaaS offering. Design AWS Accounts structure and implement security best practices to accounts. Implement cross-accounts CI/CD setup and monitoring. Optimize cache behaviors
Technology: AWS, API Gateway, CloudFront, Route53, ACM, SSM, CloudFormation, Lambda, IAM, AWS Pipeline, AWS CodeBuild, AWS Backup
MIGRATION OF MICRROSOFT WORKLOADS TO AWS
Review the current On-Prem Infrastructure. Design AWS Accounts structure and implement security best practices to accounts. Migrate whole DC services to AWS and optimize Infrastructure
Technology: AWS, Windows, Route53, ACM, SSM, CloudFormation, Lambda, IAM, Docker, AWS Pipeline, AWS Backup
AWS INFRASTRUCTURE IMPROVEMENT
Review the current AWS Infrastructure. Fix security issues and implement a various proxy solution. Improve current Infrastructure and work on new projects
Migrate solutions from DC to Cloud. Automatize Infrastructure with Jenkins
Optimize cache behaviors
Act as a trusted person for all Cloud and DevOps questions
Scope: Enterprise customer, media
Technology: AWS, CloudFront, Route53, ACM, SSM, CloudFormation, Lambda, IAM, Docker, Jenkins, SonarQube
MICROSERVICE AND INFRASTRUCTURE MIGRATION TO AWS
Setup AWS Infrastructure (AWS Organization, billing, Accounts).
Setup basic security/compliance services like cross-account CloudTrail, Config, etc.
Migrate on-premise data to Cloud.
Migrate data from Google storage to s3
Create networking resources and ECS cluster
Migrate on-premise docker environment to ECS and create a hybrid solution
Fulfill all other customer needs
Scope: mid-size customer
Technology: AWS, Docker, ECS, CloudFormation, App Load Balancer, CloudWatch, SSM, python, ACM, EFS
AWS INFRASTRUCTURE AUDIT
Audit existing Infrastructure against security “best practices” on the AWS cloud. Suggest improvements. Scope: Enterprise customer
MICROSERVICE MIGRATION TO AWS
Migrate on-premise docker environment to ECS. Develop cross-account CI/CD pipelines using AWS native services (CodeCommit, CodeBuild, CodePipeline, etc.) for easy cross-account ECS environment and services deployments. Scope: Enterprise customer Technology: Docker, ECS, ECR, CloudFormation, APP Load balancer, CloudWatch, CI/CD, CodeCommit, CodeBuild, CodePipeline, AWS ElasticSearch, IAM TAG ENFORCEMENT IN AWS ENVIRONMENT Develop the solution for compliance check (check if resources have required tags like a cost center, department, etc.) Scope: Enterprise customer (>150 AWS accounts)
Technology: AWS Organization, Lambda, Config, SNS, CloudFormation
DOCKER MIGRATION TO AWS
Migrate on-premise docker environment to ECS. Develop IaC CloudFormation templates for deploying Infrastructure from 0 to production in an automated way. Migrate on-premise docker applications to ECS cluster (WordPress and Modx). Scope: Enterprise customer
Technology: Docker, ECS, EFS, ECR, CloudFormation, APP Load balancer, CloudWatch, RDS
CORE INFRA AND SECURITY
Build AWS core Infrastructure for enterprise size costumer. Build ADFS federation between on-premises AD and AWS accounts. Build a central audit account, send CloudTrail logs from all AWS accounts to a central s3 bucket, make alarms for alerting. Build a central backup account Develop lambda function for automatic backup with rotation Develop lambda function for automatic instance stop/start (depending on work hours) Develop config rule and lambda function for a tag compliance check Create CF template for Bastion host creation and automatic join to the on-premise AD domain Scope: Enterprise customer
Technology: CloudFormation, AWS Organization, AWS account configuration, Lambda, CloudTrail, CloudWatch, Config, AD, ADFS, IAM
OTHER (SMALLER) AWS PROJECTS (US-based, healthcare companies)
QUALYS IMPLEMENTATION (AWS)
Implement a Qualys security tool (agent-based) to AWS Infrastructure. Develop security and compliance check and weekly reports
NEW RELIC IMPLEMENTATION (AWS)
Implement NewRelic agent-based monitoring tool to AWS Infrastructure
AWS SECURITY REVIEW AND RECOMMENDATION FOR IMPROVEMENT
Check if AWS Infrastructure is created according to AWS best practices Close unnecessary ports etc.
AWS S3 INTEGRATION WITH GOOGLE DRIVE
Develop the Lambda function for file transferring from S3 to Google Drive
BATTERY LOGS IN POSTGRESQL
Develop Lambda function for writing battery logs from remote devices to the PostgreSQL database Develop regex to retrieve SQL format logs from CloudWatch logs
IT CONSULTANT
Work as IT Consultant (Windows Infrastructure, traditional on-premise environment) in mayor enterprise company in Munich