I'm an aspiring cybersecurity and cloud engineer with a strong focus on Identity and Access Management, cloud infrastructure (AWS), and automation through tools like Terraform. My work combines hands-on project experience, a passion for security, and a growing portfolio of real-world implementations.
I'm currently pursuing entry into the industry and sharing my journey through projects, open-source work, and continuous learning.
Provisioned an EC2 instance with restricted access to a private S3 bucket using IAM roles and policies. Managed the entire infrastructure via Terraform, emphasizing secure-by-default configurations. Demonstrates foundational AWS identity access management and infrastructure-as-code skills.
View Project on GitHubUsed AWS IAM Policy Simulator to identify dangerous permissions in an intentionally over-permissive IAM policy. Demonstrates real-world privilege escalation detection.
Key Features: Deployed test IAM policy with Terraform, simulated risky actions via AWS CLI, validated exposure to actions like s3:DeleteObject and iam:PassRole.
View ProjectReusable Terraform module for creating IAM roles with support for trust relationships, managed policies, tag inputs, and optional permission boundary enforcement.
Key Features: Custom role name + trust policy, AWS-managed or custom policies, permissions boundary support, clean input/output structure.
View ProjectProvisioned an EC2 instance with a CloudWatch alarm to monitor CPU usage. Automatically triggers an SNS email notification when CPU utilization exceeds 70%, demonstrating real-world alerting and infrastructure observability using Terraform.
View Project on GitHubBuilt a permission boundary policy in AWS that prevents privilege escalation and restricts S3 access, even when AdministratorAccess is applied. Shows strong understanding of IAM policy scope and least-privilege enforcement.
View Project on GitHubBuilt and deployed a static website to AWS S3 with HTTPS enabled via CloudFront and ACM. Configured Route 53 with a custom domain and validated TLS certificates through DNS. Project showcases infrastructure automation and DNS management for public-facing web services.
View Project on GitHub