open to opportunities

// junior-devops-engineer

Sachin

I build calm production systems: shipped pipelines, watchful AWS infrastructure, and deployments that do not turn into midnight archaeology.

sachin@brexy-prod:~

Terminal command: whoami role junior DevOps engineer, focus production infrastructure at Cloudastra.

region: noida, in focus: aws · terraform · ecs based: agra, up, india

01 / about.log

Summary

// profile

Junior DevOps engineer trained through the MyGurukulam DevOps Ninja Program, now running production AWS infrastructure at Cloudastra Technologies. Comfortable diagnosing live ECS failures at 2am, writing the Terraform import block that brings a manually-built resource under version control without touching a running service, and explaining both to a non-technical teammate afterward. Focused on CI/CD, container orchestration, and infrastructure that doesn't page anyone at night.

// metric

3

production incidents diagnosed & resolved on Brexy — IAM, ALB health checks, container health checks

// metric

6

services under active CI/CD — backend, admin, scrapers, strapi, frontend, landing

// metric

0

production resources destroyed while importing infra into Terraform

02 / pipeline.yml

Experience

Career, run as a deploy pipeline — each role is a stage that has to pass before the next one starts.

  1. ● running Jun 2026 — Present

    DevOps Intern · Cloudastra Technologies

    Noida, India — production AWS infrastructure for Brexy.ai

    • Supported production migration from waisabi.com → brexy.ai: DNS, ACM certificates, and Amplify domain cut-over with zero downtime.
    • Built and maintained CI/CD pipelines across GitHub Actions, CodePipeline, CodeBuild, ECR, ECS, and Amplify.
    • Deployed and administered ECS Fargate services, RDS PostgreSQL, ElastiCache Redis, Secrets Manager, and ALBs in a live production account.
    • Diagnosed and resolved production ECS failures — IAM permission gaps, ALB health-check misconfigurations, container health-check bugs.
    • Traced a staging server intrusion attempt through log analysis, then hardened SSH and deployed Fail2ban to block malicious IPs.
    • Bringing manually-created AWS resources under Terraform management via import blocks — without disrupting live infrastructure.
  2. ✓ passed Apr 2026 — Jun 2026

    DevOps Intern · MyGurukulam — Powered by OpsTree

    Remote — OT-Microservices production-grade platform

    • Handling POC setup, cloud deployment, and JIRA-documented delivery on the OT-Microservices project.
    • Deployed the Attendance API and Frontend to the cloud, ran reviewer demos, and documented handoff notes.
    • Set up ScyllaDB locally and on cloud, explored HA configuration, prepared POC docs to team standard.
    • Provisioned VPC, subnets, ALB, IAM, and EC2 with Terraform; automated config with Ansible playbooks.
    • Designed Jenkins CI/CD pipelines that cut manual deployment effort significantly.
  3. ✓ passed Oct 2024 — Mar 2025

    DevOps Trainee · DevOps Ninja Program, OpsTree Solutions

    Remote — 12-week, 14–16 hrs/week live instruction

    • Linux fundamentals, Bash scripting, SSH, process & package management.
    • Git & GitLab workflows applied on real project scenarios.
    • Jenkins CI/CD — pipeline design, distributed builds, shared libraries, security & authorization.
    • Ansible — playbooks, roles, Galaxy, Vault, inventory, ad-hoc automation.
    • AWS & Terraform — VPC, EC2, Load Balancers, Auto Scaling, IAM, S3, CloudFront, Route 53.
    • Docker fundamentals and Kubernetes basics — Pods, ReplicaSets, Deployments, Services.

03 / stack.tf

Stack

stack.tf
cloud:
  - AWS // ECS Fargate, ECR, EC2, S3, IAM, VPC, ALB
  - RDS PostgreSQL, ElastiCache Redis
  - Secrets Manager, Lambda, Route 53, Amplify, CloudFront

containers:
  - Docker, Docker Compose

iac_and_config:
  - Terraform // remote backend, state locking, import blocks
  - Ansible // provisioning & config automation

ci_cd:
  - GitHub Actions
  - AWS CodePipeline & CodeBuild
  - Jenkins

monitoring:
  - CloudWatch, Prometheus, Grafana, Loki, Uptime Kuma

security:
  - Fail2ban, IAM policy hardening, SSH hardening
  - incident investigation & log tracing

version_control:
  - Git, GitHub, Bitbucket

scripting:
  - Bash // automation & server management

currently_learning:
  - Kubernetes // kind/minikube, HPA, Ingress
  - GitOps patterns

04 / projects/

Projects

● active

Brexy.ai Production Infrastructure

AWS ECS Fargate · Terraform · CodePipeline · Amplify

  • Supported the production cut-over from waisabi.com to brexy.ai across DNS, ACM, Amplify, and service health checks.
  • Maintained CI/CD paths through GitHub Actions, CodePipeline, CodeBuild, ECR, ECS, and Amplify.
  • Diagnosed ECS production failures across IAM permissions, ALB routing, and container health checks.
  • Started importing manually-created AWS resources into Terraform with zero production resources destroyed.
✓ shipped

Production-Grade AWS Infra Automation

Terraform · Ansible · Jenkins · Docker

  • Provisioned a VPC with 2 public / 2 private subnets, route tables, and VPC peering for secure comms.
  • Remote Terraform backend — S3 state storage + DynamoDB state locking.
  • Deployed an ALB with 2 target groups, integrated with Route 53 for DNS routing.
  • Jenkins pipeline automating full provisioning and a 4-container Docker Compose deployment.
✓ shipped

OT-Microservices Deployment

Jenkins · MySQL · ScyllaDB · Bitbucket

  • Manually deployed the Attendance API and Frontend to cloud infra; ran reviewer demos and validated end-to-end.
  • Set up ScyllaDB locally and on cloud; explored HA configuration for production readiness.
  • Documented VCS strategy — Feature Branch Workflow, branch protection, and access policies.
  • Researched GitOps concepts, SSL/DNS setup, and AWS Cost Explorer tag-based cost optimization.
✓ shipped

HA Nginx Infra with CloudFront CDN

EC2 · ALB · Auto Scaling · S3

  • Designed a self-healing, highly available architecture using EC2, ALB, and Auto Scaling Groups.
  • Secured S3 access via IAM policy + CloudFront OAC, cutting load times noticeably.
  • Path-based routing with a private-subnet architecture behind a bastion host.
  • Load-tested to validate zero-downtime deploys and correct auto-scaling behavior.

05 / credentials.json

Education & Certifications

// education

B.Tech — Computer Science & Engineering

Hindustan College of Science & Technology, Mathura

2021 – 2025 · Mathura, UP

// certifications

  • AWS — Well-Architected Proficient
  • Linux Foundation — Intro to Linux Kernel Development
  • SimpliLearn — Getting Started with Ansible in DevOps
~/contact

$ contact --sachin

Open to junior / entry-level DevOps roles. Reach out — happy to talk infrastructure, pipelines, or why an ECS task exited 143.