AWS Certified Solutions Architect
Building scalable, secure cloud infrastructure on AWS. 4+ years in enterprise IT, now designing serverless architectures, IaC environments, and event-driven pipelines.
What I Work With
From cloud architecture to scripting — here's my technical toolkit.
Built on AWS
Real-world architectures designed and deployed on AWS — each one showcasing a different set of services and engineering patterns.
Route 53 resolves the custom domain and routes traffic to the correct AWS service.
CloudFront CDN serves the static HTML/CSS/JS frontend files globally with low latency caching.
S3 Bucket stores the static website files and acts as the CloudFront origin.
API Gateway exposes REST endpoints — GET, POST, DELETE — that the frontend calls.
Lambda is triggered by API Gateway and runs the Python business logic — no servers to manage.
DynamoDB stores and retrieves application data. Lambda reads and writes using the AWS SDK.
IAM Roles enforce least-privilege: Lambda only has the permissions it needs, nothing more.
VPC created with CIDR block 10.0.0.0/16, providing isolated network space in AWS.
Public subnet (10.0.1.0/24) hosts internet-facing resources. An Internet Gateway is attached so traffic flows in/out.
Private subnet (10.0.2.0/24) has no direct internet access — it's used for backend servers and databases.
NAT Gateway in the public subnet allows private instances to reach the internet for updates, without exposing them directly.
Route tables control traffic flow: public routes via IGW, private routes via NAT Gateway.
Security Groups act as virtual firewalls — only specific ports (SSH:22, HTTP:80) are allowed per instance.
The entire environment is defined as code (CloudFormation/Terraform), making it reproducible and version-controlled.
EventBridge fires on a cron schedule (daily) to trigger automated backup operations.
Lambda (Python) receives the trigger and uses the AWS SDK to create EBS snapshots of targeted volumes.
EBS Snapshots are stored incrementally in S3 — only changed blocks are stored after the first snapshot.
Lifecycle management logic in Lambda automatically deletes snapshots older than 7 days to control costs.
CloudWatch Logs captures every execution — what ran, what was created, and any errors for debugging.
EC2 instances automatically send metrics to CloudWatch every 60 seconds — CPU, memory, disk I/O, network.
CloudWatch Dashboard visualises all metrics in real time using custom widgets and graphs.
Alarms are configured with thresholds — e.g. trigger when CPU exceeds 80% for 2 consecutive periods.
When an alarm fires, it publishes a message to an SNS Topic linked to email subscribers.
Email notifications are sent instantly with the alarm name, current value, and threshold breached.
CloudWatch Logs Insights allows querying application logs to diagnose the root cause of incidents.
A client uploads a raw file (.csv or .json) to the S3 Input Bucket.
S3 fires an ObjectCreated event notification — this instantly invokes the Lambda function.
Lambda (Python) reads the uploaded file, applies transformation logic (clean, filter, reformat), and processes the data.
The processed output is written to an S3 Output Bucket, ready for downstream consumption.
Optionally, metadata about each file (filename, size, timestamp, status) is stored in DynamoDB for tracking.
CloudWatch Logs captures every execution — duration, memory used, and any errors — for full observability.
Work History
4+ years in enterprise IT, progressing into cloud engineering.
Education & Credentials
Queen Mary University of London
GGSK College
Associate — SAA-C03
IT Infrastructure & Support
Get In Touch
I'm actively looking for Junior Cloud Engineer, AWS Engineer, or DevOps Engineer roles. If you're building something great in the cloud, I'd love to be part of it.
Open to full-time, contract, or hybrid opportunities in cloud engineering and DevOps.