projects
Side projects — the stuff I build on evenings and weekends to stay sharp. Each links to a full writeup on Hashnode where one exists.
Terraform Ecosystem Reference for Regulated Environments
buildingPR-driven infrastructure changes with approval gates, suitable for teams that need auditable IaC. Demonstrates Terraform, Terragrunt, Terratest, and Atlantis running locally via Docker Compose, with a multi-agent build workflow.
Multi-Account AWS Security Platform with AI-Driven Insights
buildingThree-part security portfolio spanning YAML-driven account vending on AWS Organizations + IAM Identity Center, golden-AMI hardened EKS baselines, and a multi-account security platform with an AI-enriched operational newsletter pipeline.
Multi-Agent AWS Cost Analysis Pipeline
shippedFour-agent pipeline — ingestor, analyzer, recommender, reporter — that processes AWS cost and usage data and produces actionable optimisation recommendations. Deployed on Lambda with DynamoDB for cross-run memory.
RAG-Powered Domain Query System on Aurora pgvector
shippedRetrieval-augmented generation reference architecture using pgvector on Aurora Serverless v2, private API Gateway, and a Streamlit frontend on ECS Fargate. Demonstrates secure VPC-only RAG with Amazon Bedrock.
Hub-and-Spoke GitOps Platform for Multi-Cluster EKS
shippedSix-repository platform design separating platform concerns from application concerns. Demonstrates Kustomize-based configuration management and ArgoCD delivering to multiple clusters from a central hub, suitable for small platform teams running multi- tenant workloads.
Multi-Agent Pull Request Intelligence Platform
shippedParallel-execution agent system analysing pull requests for security risk, cost impact, code quality, and release risk. Orchestrated via Step Functions with Bedrock Nova Pro.