Project Portfolio

CLOUD SECURITY

8 workloads · 0 downtime · 5 clusters

AWS EKS Pod Identity Migration

Migrated 8 application workloads from shared IAM user credentials to per-workload EKS Pod Identity roles using IRSA replacement. Zero-downtime migration across five clusters with Terraform-managed IAM role lifecycle.

AWS EKSPod IdentityIAMTerraform

DEVOPS AUTOMATION

4 environments · <8 min pipeline · 0 manual deploys

End-to-End GitLab CI/CD Pipeline

Designed and implemented full GitLab CI/CD for a Go microservice — SAST scanning, Trivy container scan, ECR push, Argo Events webhook trigger and ArgoCD progressive deployment across dev → staging → preprod → prod.

GitLab CI/CDArgoCDGoECRArgo Events

DATABASE PERFORMANCE

94% query time reduction · SEV-1 resolved in 2h

PostgreSQL SEV-1 Recovery & Optimisation

Diagnosed PostGIS GiST index degradation causing P0 outage on production — ST_DWithin query time from 48s to 160ms. Implemented CloudWatch alarms, Datadog DBM and query-level SLOs to prevent recurrence.

PostgreSQLRDSDatadogPostGISCloudWatch

KUBERNETES

92 manifests → 1 chart · 5 environments · 90% overhead reduction

Universal Helm Chart Migration

Refactored 92 individual Kubernetes manifests across 9 microservices and 5 environments into a single parameterised universal Helm chart with environment-specific value overrides. Reduced manifest maintenance overhead by 90%.

HelmKubernetesKustomizeGitOps

NETWORKING

3 environments fixed · Root cause in <2h · 0 recurrence

NGINX Ingress CORS Resolution

Diagnosed and resolved CORS policy failures on the ops portal login across all EKS clusters. Root cause: add_header without always directive stripping headers on error responses. Fixed NGINX VirtualServer CRDs across all environments.

NGINXCORSEKSVirtualServer

GITOPS

5 clusters · 0 downtime · Full rollback plan

FluxCD Upgrade — 5 EKS Clusters

Planned and executed FluxCD upgrade from v2.7.2 to v2.8.8 across experiment → sandbox → staging → preprod → prod clusters. Designed cluster isolation strategy, CRD migration scripts and MR lifecycle for zero-risk rollout.

FluxCDEKSK8sCRD Migration

OBSERVABILITY

48 monitors · 100% coverage · <2 min alert to page

Datadog Full-Stack Observability Setup

Designed and deployed Datadog agent on Kubernetes, configured APM for Node.js and Python services, set up Database Monitoring for RDS PostgreSQL, built SLO dashboards and configured PagerDuty escalation policies.

DatadogAPMRDSKubernetesPagerDuty

IT TRAINING

12 engineers · 8 weeks · 100% completion

Corporate Azure DevOps & GitOps Bootcamp

Delivered 8-week hands-on DevOps bootcamp for a 12-engineer team at a Chennai SaaS company. Covered Azure DevOps Server (on-premise & cloud), GitLab CI/CD, Terraform, Kubernetes, ArgoCD and Datadog — all on their hybrid infrastructure. 100% completion rate.

Corporate TrainingDevOpsAzure DevOpsKubernetesTerraform

FULL-STACK DEVELOPMENT

3 months · Full-stack · Production launch

Multi-Tenant SaaS Platform Build

Built complete SaaS platform — React + Next.js frontend, Node.js REST API, PostgreSQL with row-level security for multi-tenancy, Stripe payments, Docker containerisation and GitLab CI/CD to AWS ECS.

ReactNode.jsPostgreSQLAWS ECSStripe

SECURITY

100% CIS compliant · 0 critical CVEs · Runtime protection

Kubernetes Security Hardening

Full security audit and hardening of a 3-cluster EKS environment — Pod Security Admission, NetworkPolicies, OPA Gatekeeper policies, Falco runtime security, Trivy image scanning in CI, and CIS Kubernetes benchmark compliance.

EKSPod SecurityOPAFalcoTrivyCIS