ES Ejaz Shaikh Cloud DevOps

AWS infrastructure / Kubernetes / automation

Ejaz Shaikh

Cloud DevOps Engineer

Cloud DevOps engineer focused on AWS, Kubernetes, Terraform, CI/CD, and observability. The work below is shaped for the questions interviewers actually ask: how the app is deployed, how traffic moves, how failures are handled, and how the system is operated after launch.

Review project systems Contact me
AWS Kubernetes Terraform CI/CD Observability

Profile

A cloud engineer with an operator's mindset.

My strongest work sits between cloud architecture and DevOps execution. I enjoy taking an application from "it runs on my machine" to a setup with VPC design, IAM boundaries, container builds, Kubernetes manifests, CI/CD, health checks, monitoring, and cost awareness.

The portfolio is written for hiring teams that want evidence, not buzzwords. Each project highlights the infrastructure decisions, security boundaries, deployment path, and operating habits behind the build.

Cloud signal

Hands-on AWS portfolio work across VPC, EC2, S3, RDS, IAM, CloudFront, Route 53, EKS, ECR, CloudWatch, Lambda, and Bedrock fundamentals.

  • Secure network layouts with public/private subnet thinking.
  • Managed database and load-balancing patterns.
  • Cost-aware decisions for small production-style workloads.

DevOps signal

Comfortable with Linux, Docker, Kubernetes, Terraform, GitHub Actions, Jenkins, Prometheus, Grafana, Loki, Python, Bash, and practical release automation.

  • Container builds, orchestration, scaling, and ingress.
  • Infrastructure as Code with repeatable provisioning.
  • Monitoring and troubleshooting habits built into projects.

Main work

Project systems an interviewer can inspect.

The visuals below show system behavior: source to deploy, request path, scaling controls, security points, and operational visibility. The GitHub links are there, but the portfolio leads with engineering signal first.

Project 01 / Kubernetes deployment

Production-Grade Student Attendance System

A full-stack attendance application treated as a real Kubernetes workload: containerized services, ingress, persistent storage, access control, autoscaling, and monitoring.

Open GitHub repo
React Spring Boot Docker Kubernetes Actions Prometheus Grafana
K8s Orchestrated workloads Deployments, Services, Ingress, HPA, RBAC
CI Automated delivery GitHub Actions builds and deployment flow
OBS Operational visibility Prometheus metrics and Grafana dashboards
Source GitHub Actions build, test, image flow
Container Docker images multi-stage builds
Cluster K8s workloads deployments, services, ingress
Operate HPA + Grafana scale and observe
cluster operating snapshot
namespaceattendance-prod replicas3/3 healthy scalingHPA enabled accessIngress + RBAC

Interview signal

  • Containerized React and Spring Boot services with optimized Docker builds.
  • Used Kubernetes Deployments, Services, Ingress, ConfigMaps, Secrets, PV, PVC, RBAC, and HPA.
  • Built CI/CD automation with GitHub Actions and added Prometheus/Grafana observability.
  • Applied cost monitoring habits instead of ignoring infrastructure spend.

Project 02 / AWS 3-tier architecture

Student Attendance Management System

A classic AWS architecture project with a secure VPC layout, public and private subnets, load balancing, EC2 application capacity, managed MariaDB, and CloudWatch visibility.

Open GitHub repo
AWS VPC EC2 ALB RDS CloudWatch MariaDB
AWS Network design VPC, subnets, NAT, NACLs, security groups
ALB Traffic routing Load balancer to scaled EC2 application tier
RDS Managed persistence Private database tier with CloudWatch visibility
Edge Route 53 + ALB domain and traffic entry
Public EC2 app tier auto scaling group
Private Amazon RDS managed MariaDB storage
Control CloudWatch metrics and alarms
aws request path
computeAuto Scaling Group databaseMariaDB on RDS monitoringCloudWatch securityPrivate subnet controls

Interview signal

  • Designed VPC, public/private subnets, NAT Gateway, Network ACLs, and security boundaries.
  • Migrated from a monolithic deployment pattern to a distributed multi-instance architecture.
  • Used ALB and Auto Scaling Groups for availability and controlled traffic routing.
  • Managed persistence with Amazon RDS and monitored infrastructure through CloudWatch.

Project 03 / Infrastructure as Code

Amazon EKS Deployment Using Terraform

Infrastructure provisioning shaped around repeatability: Terraform modules for VPC, subnets, IAM roles, security groups, EKS, worker nodes, and Kubernetes access.

Repository link coming later
Terraform AWS EKS IAM Security Groups kubectl
TF Repeatable builds Terraform modules and state-backed changes
IAM Access boundaries AWS IAM roles aligned with cluster access
EKS Managed Kubernetes Worker nodes, networking, and kubectl operations
Plan Terraform state repeatable changes
Network VPC + subnets cluster foundation
Platform EKS + IAM secured cluster access
Deploy K8s workloads kubectl operations
terraform delivery flow
networkVPC + subnets identityIAM roles clusterEKS workers controlstate-managed changes

Interview signal

  • Provisioned AWS infrastructure as code instead of manual console setup.
  • Connected VPC, IAM, node networking, and EKS cluster configuration into one deployment path.
  • Used Terraform state and modules to keep the infrastructure reproducible.
  • Connected AWS IAM permissions with Kubernetes access controls for safer operations.

Project 04 / Security product build

Project Enigma - AI-Powered Scam Detection Browser Extension

A privacy-focused browser security project that checks website risk before users interact with suspicious pages. The current build combines a Manifest V3 extension, local heuristics, FastAPI backend design, rate limiting, and a path toward AI-assisted risk scoring.

Open GitHub repo
Chrome MV3 JavaScript FastAPI Python Docker AWS Generative AI
SEC Privacy-first checks URL risk analysis without storing browsing data
API Controlled backend FastAPI, CORS, rate limiting, security headers
AI AI-ready scoring Path from heuristics to generated risk analysis
Browser Extension minimal permissions
Local URL analyzer first-pass checks
API FastAPI risk service validated requests
User Warning UI actionable risk signal
risk analysis flow
extensionManifest V3 privacyNo form-value storage backendFastAPI risk service securityRate limit + headers

Interview signal

  • Designed a security-first extension flow with minimal permissions and no form-value collection.
  • Built the API direction with CORS controls, rate limiting, security headers, and health checks.
  • Separated local URL heuristics from backend analysis so the product can mature in phases.
  • Shows product thinking beyond infrastructure: user trust, privacy, risk messaging, and scale path.

Technical stack

Medium-size tool icons with the signal behind each one.

Recruiters can scan the names quickly. Technical interviewers can hover or tab through the icons to see where each tool appears in the projects.

Experience

Built from hands-on training, operations, and disciplined execution.

Sep 2025 - Jun 2026

Cloud DevOps Trainee - Cloud Blitz

Built practical experience across AWS, Linux, Docker, Kubernetes, Terraform, CI/CD automation, monitoring, logging, and cloud security fundamentals.

  • Designed and deployed cloud-native infrastructure and containerized application workloads.
  • Practiced Infrastructure as Code and deployment automation patterns.
  • Worked with observability, logging, and security controls as part of project delivery.
2022 - 2024

Inventory Manager - NS Production

Managed stock movement, procurement tracking, documentation, audits, and coordination across suppliers and internal teams.

  • Kept records accurate through audits, reconciliation, and process discipline.
  • Built operational habits that now carry into infrastructure documentation and delivery work.
2022 - Present

Investment Advisor - Part Time

Supported individual clients with research, risk assessment, portfolio monitoring, and decision-making based on financial objectives.

  • Developed a habit of explaining risk, tradeoffs, and data in plain language.

Credentials

Education, certification, and extra signals.

Certification

AWS Cloud and DevOps Training - Cloud Blitz

Education

B.Sc. in Zoology - HPT Arts & RYK Science College, graduated 2020.

Higher Secondary Science - Yews National Junior College, 2016.

Secondary Education - Yews Nation High School, 2014.

Achievements

Represented India in King of Iron Fist Tournament, Tekken 7 Online 2021, and secured 4th position.

Built and deployed cloud-native applications using AWS, Docker, Kubernetes, Terraform, and CI/CD automation.

Volunteering

Participated in the 100 Santa Project with Sound of Silence Foundation, supporting outreach for orphaned and differently abled individuals.

AWS hosting recommendation

Use S3 + CloudFront for this portfolio, not EC2.

This website is static, so an always-running server is unnecessary. Host the files in Amazon S3, serve them through CloudFront, attach a free ACM certificate for HTTPS, and point ejazshaikh.sbs to the distribution with Route 53 or your current DNS provider.

Recommended

S3 + CloudFront

  • Lowest cost for a static portfolio.
  • No server patching, SSH, uptime work, or OS hardening.
  • CloudFront gives HTTPS, caching, global edge delivery, and faster recruiter load times.
  • Good fit for your 2-month goal and AWS credits.
Use only if needed

EC2

  • Useful if you later run a backend, database, CMS, or server-rendered app.
  • More operational work for a portfolio: instance security, patches, Nginx, TLS renewal, and monitoring.
  • Can still be free-tier eligible, but it is not the cleanest choice for static files.

Contact

Looking for cloud and DevOps roles.

If the role needs someone who can learn fast, build hands-on, and care about the operational details, I would be happy to talk.

shaikhejaz810@outlook.com LinkedIn GitHub ejazshaikh.sbs