Detailed Cloud and DevOps Experience report - 2016-

This is a sampling of some of the projects I’ve completed in the past 7 years.
Most of the following projects were done for large enterprises, including multiple Fortune 500 companies.

  • Designed and built a foundational multi-account architecture in AWS using Infrastructure as Code tooling (Terraform), configuration management (Puppet), and automation (scripting in Bash, Python, etc.). This was prior to landing zone or Control Tower solutions being commonly available.

  • Built automation (in Python) to extract data from Excel spreadsheets and generate Terraform variables files that plugged into Terraform templates that could take an unknown # of elements (i.e. 3 EC2 instances, 2 S3 buckets and 0 RDS databases). This code was built prior to Terraform having looping capabilities. Built similar automation targeting a wide set of core native services in both AWS and Azure.

  • Used Terraform as the underlying IaC language to build products in AWS Service Catalog.

  • Security audit of AWS environment, Prisma rulesets, and analysis of pipeline-based deployment of IaC code with recommendations for automatic security scans using a policy-as-code tool (Bridgecrew’s Checkov).

  • Deployed and updated multi-account foundational architectures using the AWS Landing Zone solution (prior to the availability of the Control Tower service).

  • Deployed and updated multi-account foundational architectures using the AWS Control Tower service.

  • Migration of a large-scale application to AWS, architected with a Disaster Recovery (DR) failover region. Application was a complex, multi-service architecture spread across over 20 EC2 servers running both Windows & Linux, multiple S3 buckets, an RDS Oracle database, an FSx share and other ancillary services.

    • Terraform codebase for production environment of over 3000 SLoC.
    • Over 200 TB of data was transferred and synchronized from on-prem.
    • Documented detailed DR failover runbook and successfully tested failover of the production environment in AWS from the primary region to the DR region.
  • Wrote a Python3 package that reads in a set of GCP labels (from a YAML file), compares it to the resources in a GCP Project(s) and updates the labels on those resources. This is valuable for labeling un-labeled resources in projects for the purposes of billing, auditing, reporting, etc.

  • Built a custom GitHub Actions pipeline for validating, planning and applying Terraform IaC with a Pull Request-based authorization before the Apply phase. The pipeline built environments based on whether or not there were actual changes to code and/or variables.

  • Built the infrastructure (using Terraform IaC) for a data lake environment that included the use of these AWS services: S3, Redshift, SFTP, Lambda, Glue, Athena, SageMaker and more.

  • Coded system to deploy a SQL Server cluster running in AWS on EC2 servers. This used a combination of Terraform, SSM documents (AWS Systems Manager), and PowerShell DSC to install and configure SQL Server.