Safer Infrastructure Changes
Terraform plan review, policy checks, blast-radius analysis, GitHub Actions, approval gates, and audit trails for changes that need discipline before apply.
Product-Minded AWS Infrastructure Engineer
I build cloud systems for real business workflows.
AWS Cloud Engineer | Infrastructure, Automation & Platform Engineering
I design secure AWS infrastructure, automation, and internal platforms that reduce manual work, improve reliability, and turn messy operational problems into production-style systems.
Public AWS portfolio across Terraform, ECS Fargate, EKS/GitOps, Lambda/serverless, CloudOps governance, and business workflow automation.
- Public project evidence with repos, live demos, tests, and teardown documentation.
- Verified credentials across AWS Solutions Architect, AWS Developer, and Terraform.
- Operator context translating real workflows into cloud architecture and automation.
Best fit
AWS Cloud Engineer
Cloud Infrastructure Engineer
Platform Engineer
DevOps Engineer
Infrastructure Automation Engineer
AWS Certified Solutions Architect Associate
AWS Certified Developer Associate
HashiCorp Terraform Associate
Terraform
ECS Fargate
EKS / GitOps
Lambda / Serverless
FastAPI
Next.js
OPA/Rego
CloudWatch
GitHub Actions
Engineering Philosophy
Infrastructure is only valuable when it improves the operation.
Operational systems for real business workflows.
My background as a business operator gives me an owner's view of engineering: infrastructure is not the end goal; better workflows, safer releases, lower costs, clearer visibility, and faster execution are.
- I build around constraints that matter after launch: reliability, cost, workflow speed, governance, visibility, and maintainability.
- I translate business workflow problems into infrastructure, automation, data handoff, and release processes that teams can actually operate.
- I favor production-style patterns: least-privilege access, private networking, auditability, policy checks, observability, and documented teardown paths.
What I Solve
Cloud work tied to operational outcomes.
Operational Visibility
CloudOps control planes, observability, audit logging, dashboards, request replay, answer provenance, and cost review for systems that need trusted visibility.
Production-Style AWS Platforms
ECS Fargate, EKS/GitOps, Lambda/serverless, private networking, RDS, Cognito, WAF, CloudFront, and monitoring with practical operating paths.
Business Workflow Automation
Lead intake, public-record research, CRM/API workflows, document processing, AI-assisted workflows, and structured data handoff for real teams.
Featured Engineering Projects
Production-style AWS systems with public evidence.
Each project is framed around the operational problem, the implementation path, and the value a team could get from the system.
Platform-style risk gate
TerraGate - Terraform PR Risk Gate
A platform-style tool for safer infrastructure change review.
Problem
Infrastructure PRs are hard to review manually, especially when risk, cost, security, and blast radius are unclear.
Solution
Built an AI-assisted Terraform PR review platform using FastAPI, Next.js, PostgreSQL, LangGraph, Terraform plan JSON parsing, deterministic policy checks, GitHub checks/comments, sensitive-value redaction, audit persistence, and approval-gated actions.
Operational Value
Improves release discipline, reduces infrastructure review risk, and gives teams clearer governance before changes are applied.
Stack
TerraformFastAPINext.jsPostgreSQLLangGraphGitHub ActionsDocker ComposeCloudflare WorkersAWS API Gateway/Lambda path
Governed CloudOps control plane
AegisDesk - Self-Hosted CloudOps AI Control Plane
A governed CloudOps control plane for incident triage, access requests, ticket workflows, and cost-review governance.
Problem
Cloud operations can become fragmented across tickets, dashboards, policies, and tribal knowledge.
Solution
Built a live self-hosted CloudOps AI control plane on AWS using Next.js, FastAPI, Cognito/JWKS auth, OPA/Rego, Bedrock routing, DynamoDB, AWS Cost Explorer, OpenTelemetry, MCP tools, and Terraform.
Operational Value
Improves auditability, request visibility, trusted-source grounding, policy enforcement, and operational control.
Stack
AWSTerraformNext.jsFastAPICognitoOPA/RegoBedrockDynamoDBCost ExplorerOpenTelemetry
Fargate business workflow API
Clearpath - AWS Fargate Lead Intelligence API
A production-style ECS Fargate API built around real business workflow requirements.
Problem
Lead intake, source quality, county resolution, and acquisition workflows require structured data pipelines and reliable APIs.
Solution
Built a FastAPI lead-intelligence service using ECS Fargate, Docker, ALB, CloudFront/WAF, private RDS PostgreSQL through RDS Proxy, Secrets Manager, CloudWatch alarms, modular Terraform, tests, Checkov validation, and teardown documentation.
Operational Value
Connects real business workflow requirements with secure, production-style AWS infrastructure.
Stack
AWS ECS FargateFastAPIDockerALBCloudFrontWAFRDS PostgreSQLRDS ProxySecrets ManagerCloudWatchTerraform
Validated Kubernetes platform
Pulpit V2 - Validated EKS/GitOps Platform
A validated Kubernetes/GitOps platform on AWS.
Problem
Teams need repeatable, observable platform deployments with clear tenant separation and GitOps workflows.
Solution
Validated an EKS/GitOps platform using Terraform, ECR, Helm, ArgoCD app-of-apps, tenant namespaces, External Secrets backed by SSM, Prometheus, Grafana, tenant ALB ingress, and Cloudflare frontend integration.
Operational Value
Demonstrates Kubernetes platform engineering, GitOps delivery, observability, and teardown discipline.
Stack
EKSTerraformHelmArgoCDECRExternal SecretsSSMPrometheusGrafanaALB ingressCloudflare Pages
Additional Cloud Projects
Supporting project evidence across serverless, AI, data, and workflow automation.
PhotoScribe AI - Governed Serverless Media Search
Governed media search with Bedrock, Lambda, S3, DynamoDB, SQS ingest, Cognito groups, and Terraform-managed observability.
BedrockLambdaS3 VectorsCognito
Pulpit - Live Serverless Bedrock RAG Application
Cloudflare Pages frontend with AWS serverless retrieval, Cognito-protected API routes, DynamoDB cache/audit records, and S3 transcript index.
BedrockLambdaAPI GatewayDynamoDB
DocuFlow OCR - Serverless OCR Workflow
Invoice processing workflow with presigned S3 intake, API Gateway, Step Functions, Textract async analysis, Lambda parsing, DynamoDB, and SQS DLQ.
TextractStep FunctionsLambdaSQS
FaceID - Private Event Gallery With Serverless Face Matching
Private event photo workflow with Cognito auth, API Gateway, Lambda, S3 presigned uploads/previews, Rekognition comparison, and DynamoDB records.
CognitoLambdaS3Rekognition
Super Transcriber - Serverless Audio Transcription
Cost-aware transcription app using browser-to-S3 uploads, Lambda/API Gateway, Amazon Transcribe async jobs, EventBridge completion, and DynamoDB tracking.
TranscribeLambdaEventBridgeDynamoDB
Market Scout - Static Market Intelligence App
Python data pipeline that transforms public market data into compact static JSON artifacts for city, ZIP, and county comparison on low-cost hosting.
PythonGitHub ActionsCloudflare PagesJSON
Technical Skills
Tools grouped by how they support operations.
Cloud and AWS
VPCIAMECS FargateEKSLambdaAPI GatewayStep FunctionsS3DynamoDBRDS PostgreSQLRDS ProxyBedrockTextractCognitoCloudFrontWAFALBECRSQSEventBridgeCloudWatchCloudTrailSecrets ManagerSSMCost Explorer
Infrastructure and CI/CD
Terraformmodular IaCTerraform plan reviewGitHub ActionsOIDC role assumptionDockerDocker ComposeCloudflare PagesCheckovTFLintrunbooksADRs
Containers and Platform
KubernetesAmazon EKSHelmArgoCDIRSAExternal SecretsPrometheusGrafanaGitOps patternsALB ingress
Programming and Data
PythonTypeScriptJavaScriptReactNext.jsFastAPIPostgreSQLSQLBashREST APIsdata pipelines
Security and Operations
least-privilege IAMprivate subnetssecurity groupsOPA/RegoJWT/Cognito authpresigned S3 URLsWAF/rate limitingsecrets managementaudit loggingOpenTelemetryapproval gatesCloudWatch alarmscost controls
Operator Background
Built from real operational problems.
My engineering path started by building systems I needed to run real businesses: lead intake, public-record research, CRM/API workflows, client-facing websites, automation, and structured data handoff.
That operator experience now informs how I design cloud systems: practical, reliable, cost-aware, and built around actual workflows.
- Founder / Automation & Systems LeadClearpath Property Group / Boston Probate Solutions, including lead intake, county research, CRM/API automation, AI prompt orchestration, and structured handoff.
- 200+ client projectsPhotography and visual business operations with technical delivery, vendor coordination, client communication, and workflow ownership.
- Web and infrastructure operationsWeb properties, DNS, SSL/TLS, Cloudflare, hosting, GitHub-based deployments, Supabase/Netlify, and WordPress administration.
- Automation rootsPython ingestion workflows, CRM/API automation, data normalization, public-record research, and AI-assisted workflow design.
Resume / Contact
Need an AWS engineer who can connect infrastructure to real operational value?
I am open to cloud infrastructure, platform engineering, DevOps, and AWS engineering roles where ownership, reliability, automation, and business context matter.