Shaun | AWS Cloud Engineer

Portfolio

Selected AWS Projects

Each project is deployed on AWS with architecture docs, trade-off notes and working infrastructure.

01

Static · Edge

Portfolio Site (this site)

Private S3 bucket served globally via CloudFront with OAC. Custom domain on Route 53 with ACM TLS, automated deploys via CodePipeline + CodeBuild, and CloudWatch alarms for 5xx monitoring.

S3 (private + OAC) CloudFront Route 53 + ACM CodePipeline CloudWatch

Code Live

02

VPC · 3-Tier

Blog App · Three-Tier Architecture

React SPA on S3/CloudFront, Node.js/Express on EC2 Auto Scaling behind an internal ALB, RDS PostgreSQL in isolated subnets. API Gateway entry, Cognito JWT, bastion host, full CI/CD with CodePipeline + ECR.

VPC (6 subnets, 2 AZs) ALB + Auto Scaling API Gateway RDS PostgreSQL Cognito Terraform

Code

03

Serverless · Full-Stack

Serverless Blog Platform

Two frontends, two API Gateways with separate auth levels, 6 single-purpose Lambdas with per-function IAM, DynamoDB, EventBridge async decoupling, canary deploys via CodeDeploy. 100% Terraform.

Lambda (×6) API Gateway (×2) DynamoDB Cognito EventBridge X-Ray Terraform

Code Live

04

Event-Driven · Saga

Serverless Ordering System

High-scale order pipeline handling 10k+ orders/min. Saga pattern via Step Functions Express with automatic compensation. SQS buffering, DynamoDB dual-layer idempotency, EventBridge domain events.

Step Functions Lambda DynamoDB SQS + DLQ API Gateway EventBridge Terraform

Code

Expertise

Skills & Tools

AWS cloud services and DevOps tools I use to architect, build and ship production workloads.

Compute & Networking

EC2 Auto Scaling Groups VPC & Subnets Route Tables & NAT ALB / NLB CloudFront CDN Route 53 DNS ACM (TLS)

Storage & Databases

S3 + OAC RDS PostgreSQL DynamoDB Multi-AZ Replication Lifecycle Policies Encryption at Rest

Serverless & Event-Driven

Lambda API Gateway (REST & HTTP) Step Functions EventBridge SQS / SNS Cognito DLQ & Retry

DevOps & Tooling

Terraform / IaC CodePipeline CodeBuild CodeDeploy (canary) CloudWatch Alarms X-Ray Tracing IAM & Policies WAF

Languages & Frameworks

Node.js Python JavaScript / React HTML / CSS Bash scripting HCL (Terraform)

Security & Best Practices

Least Privilege IAM Private Subnets Security Groups WAF Rules Cognito JWT Auth Secrets Manager

Philosophy

Architecture Approach

Core principles that guide every design decision — from subnet layout to deployment strategy.

Security by Default

Least-privilege IAM with no wildcard permissions. Private subnets for compute and data tiers, Cognito for authentication, and WAF rules as standard — not afterthoughts.

Layered Architecture

Clear separation between presentation, application, and data tiers. Each layer scales independently and can be swapped without touching the rest of the stack.

Observability First

CloudWatch dashboards, X-Ray distributed tracing, structured logging, and 5xx alarms wired in from day one — not bolted on once something breaks in production.

Infrastructure as Code

Every resource defined in Terraform with remote state locking, modular structure, and tagged for cost tracking. Zero click-ops in any environment.

Automated Delivery

Git push triggers build, test and deploy — CodePipeline orchestrates, CodeBuild compiles, CodeDeploy runs canary releases. Rollbacks are automatic, not manual.

Blast Radius Reduction

Failures stay contained — DLQs catch poison messages, Step Functions compensate failed saga steps, and multi-AZ deployments ensure no single point of failure.

Let's talk about AWS & cloud engineering

Looking for someone who builds and documents cloud infrastructure end-to-end? I'd love to connect.

Email me LinkedIn

Based in Dublin · Open to remote / hybrid across Ireland & EU

Building real AWS systems, not just diagrams.