Amar Gujeti

Serve as a Subject Matter Expert in AWS services, DevOps tools, Terraform (IAC) , Solution Design , CICD , Networking , Scripting ,Containerization and best practices. Stay updated with the latest developments in cloud technology and share knowledge with the team and extensive troubleshooting skills.

• Developed key solutions to mitigate risks and streamline approval processes, reducing project delays and enhancing efficiency.
• Recently implemented a reverse proxy solution to securely direct traffic from trusted IP addresses to OAuth servers, enhancing network security and simplifying access management.
• Designed and implemented highly available, fault-tolerant, and scalable cloud architectures using AWS services such as EC2, S3, RDS, Lambda, and CloudFront.
• Applied AWS security best practices, including configuring IAM roles and policies, implementing VPCs, setting up AWS WAF, and enforcing encryption using KMS and SSL/TLS.
• Analyzed and optimized cloud resource usage to minimize costs, leveraging features like AWS Cost Explorer, Reserved Instances, and auto-scaling policies.
• Implemented secure and efficient network architectures using VPC, VPN, Direct Connect, and AWS Transit Gateway, while ensuring robust routing and traffic control.
• Developed and deployed serverless solutions using AWS Lambda, API Gateway, and Step Functions, optimizing performance and reducing operational overhead.
• Implemented data replication and failover across AWS accounts and regions, ensuring high availability and disaster recovery.
• Designed and managed Kafka streaming solutions for seamless data streaming between on-premise and AWS as well as on-premise to on-premise environments using the sink and source connectors through confluent, ensuring reliable and low-latency data transfers.
• Integrated AWS public-facing domains with Akamai for enhanced content delivery, caching, and security, following organizational standards for optimized performance and global reach.
• Implemented Akamai's edge security services, such as WAF and DDoS protection, to secure AWS public-facing domains from external threats.
• Designed and implemented a seamless app data pipeline using GitHub Actions to automate deployment and continuous integration.
• Set up a robust infrastructure pipeline using GitHub Actions to automate provisioning, deployment, and monitoring of infrastructure resources.
• Integrated AWS with GitHub Actions using OIDC authentication to securely access AWS resources without storing credentials.
• Managed versioning of code and configuration across environments using Git tags and release branches to ensure traceable deployments.
• Configured SonarCloud with GitHub to automatically enforce code quality and security checks for each pull request and main branch push.
• Integrated Snyk into GitHub workflows to automatically scan for vulnerabilities, provide remediation guidance, and prevent insecure code deployments.
• Implemented and optimized GitHub Actions for automating build, test, and deployment workflows, ensuring faster and more reliable releases.
• Created and managed custom GitHub workflows to automate CI/CD processes for various project pipelines.
• Configured and maintained self-hosted GitHub runners for faster and more cost-effective CI/CD execution on custom hardware.
• Integration Strategy between Different Environments with Approvals Established an integration strategy using GitHub Actions to deploy code to different environments with automated approval processes to ensure governance and security.
• Expertise in troubleshooting the problems generated while building and deploying. Working Experience on Git, GitHub, CICD, Cloud Deploy. Debugging issues as L2 supported activities if there is any failure in broken Github build and maintaining Github build pipeline.
• Designed and implemented reusable, modular components to streamline infrastructure management and promote code reusability (Modularization ).
• Separate Workflow Created distinct and isolated workflows for different environments to minimize risk and simplify deployments.
• Adhered to industry best practices and organizational standards for coding, security, and infrastructure management.
• Managed Terraform statefiles securely using remote backends s3 for consistent and synchronized state tracking.
• Tagging and Naming Standards: Enforced consistent tagging and naming conventions to improve resource identification, cost management, and governance.
• Implemented statefile locking mechanisms to prevent simultaneous updates and ensure consistency using solutions like DynamoDB.
• Established robust disaster recovery plans, including regular backups and automated recovery procedures, to ensure business continuity.
• Regularly back up our Terraform state files to ensure you can recover our infrastructure in case of a failure using s3 versioning.
• Container Orchestration with Kubernetes EKS: Designed and managed highly available and scalable containerized applications using Amazon EKS, implementing best practices for POD deployment and resource management.
• Configured and deployed microservices-based architectures using Amazon ECS (Elastic Container Service), optimizing resource usage with efficient task and service definitions.
• Built and managed CI/CD pipelines using tools like AWS CodePipeline, Jenkins, or GitHub Actions, automating the deployment process for both infrastructure and containerized applications.
• Deployed applications in EKS and ECS using Elastic Load Balancers (ALB/NLB) to distribute traffic evenly, ensuring high availability and fault tolerance.
• Implemented various deployment strategies for Kubernetes, such as Rolling Updates and Canary Deployments and ECS Blue/Green Deployment.
• Configured VPC networking for EKS and ECS clusters, enabling secure and efficient communication between services. Implemented security groups, network policies, and IAM roles for secure access control.
• Deployed monitoring solutions like Prometheus, Grafana, and AWS CloudWatch to track the performance and health of EKS and ECS clusters. Configured centralized logging with Fluentd or AWS CloudWatch Logs.
• Managed container images using Amazon ECR (Elastic Container Registry), setting up automated image scanning and versioning to enhance security and manage rollbacks.
• Configured Kubernetes Horizontal Pod Autoscaler (HPA) and ECS service auto-scaling to dynamically adjust resources based on load, optimizing performance and cost.
• Successfully performed end-to-end migration of PostgreSQL and SQL Server databases from on-premise infrastructure to AWS, ensuring minimal downtime and data integrity.
• Activites like DB refreshment and migrating the snapshot from one account to another account.
• Achieved GCP Associate Cloud Engineer certification, demonstrating expertise in deploying, managing, and securing applications on Google Cloud.
• Have hands on expirence , Cloudfunctions , Cloud loggin , GKE , Cloud compute , Storage etc ..
• Having good understanding practiaclly on IP ranges, subnetting, routing, transit gateway propogation and VPNs.
• Configured and managed AWS CloudFront to serve static and dynamic content with low latency, improving end-user experience by leveraging a globally distributed network of edge locations.
• Utilized CloudFront Functions and Lambda@Edge to implement custom logic for path-based routing, directing API requests to the appropriate resources with efficiency.
• Developed and implemented caching strategies to minimize origin load, including custom cache behaviors for specific content types and setting appropriate cache-control headers.
• Configured HTTPS-only traffic and enforced SSL/TLS certificates to ensure secure content delivery, protecting data in transit and meeting compliance requirements.
• I have set up custom error responses in CloudFront to provide user-friendly feedback.
• Configured geographic restrictions to manage content access based on regional rules .
• Additionally, integrated and managed AWS WAF to secure APIs against common web threats.
• Actively monitored AWS Security Hub to identify and prioritize security findings across AWS accounts, implementing necessary patches and security configurations to mitigate vulnerabilities.
• Integrated Amazon GuardDuty and Amazon Inspector with AWS Security Hub to centralize security findings and streamline the vulnerability remediation process across all AWS environments.
• Performed risk assessments based on findings from Amazon Inspector and GuardDuty, mitigating vulnerabilities by applying security best practices, such as enabling encryption and restricting access to sensitive resources.
• I will ensure both transit and data are encrypted end to end.
• Wrote Python scripts to invoke URLs and trigger actions based on events, enabling event-driven architecture in cloud applications.
• Developed and maintained basic Python scripts to automate tasks, process data, and interact with AWS services via Boto3.
• Managing the certificates installed in ACM. Ensure the certificates are renewed before the expiry date.
• Configured Amazon Route 53 for DNS delegation, setting up hosted zones and NS (Name Server) records to delegate domain authority across multiple AWS accounts or external DNS providers, ensuring seamless domain name resolution.
• Implemented custom domain names for AWS API Gateway to provide user-friendly and branded URLs, associating them with REST, WebSocket, or HTTP APIs.
• Managed CNAME and A record mappings in Route 53 to route traffic efficiently, ensuring high availability and optimized performance of APIs.
• Worked on SSL/TLS Certificate Management , Traffic Routing Policies based on weighted and goelocating routing .
• Handson experience in with Kafka and IBM MQ for data integration.
• Provisoning sink connectors to push data to destination.
• Source connectors to receive the data from source , Successfully achieved to get the data from onpremise to kafka topics.
• Configured AWS CloudWatch Log Forwarder to stream logs to Datadog using logs subscription, ensuring real-time visibility into application and infrastructure logs.
• Configured Datadog Lambda monitoring using the Datadog Lambda extension and environment variables to collect and visualize key metrics, including invocation count, duration, metrices and errors.
• Integrated Datadog monitoring using the Datadog Lambda Layer.
• Deployed and configured the Datadog ECS agent on Amazon ECS clusters to collect container-level metrics, including CPU usage, memory consumption, and network activity.
• Integrated AWS API Gateway with Datadog to monitor API request count, latency, and error rates, setting up alerts for critical thresholds.
• Configured Datadog's AWS integration to monitor Amazon RDS databases, tracking key performance metrics like CPU utilization, storage space, and database connections.
• Developed and applied content type mappings to support and correctly route requests for JPEG and multimedia formats, enhancing API flexibility and user experience.
• Implemented API Gateway Integration with on-premises systems and legacy applications, using AWS VPC links and private endpoints for secure data transmission.
• Token authorization using mechanisms like API keys and lambda authorizers.
• Configured AWS API Gateway for various types of APIs, including REST, WebSocket, and HTTP APIs, in both public and private settings.
• Implemented Redis & Elastic Cache as an in-memory data store for caching, session management, and real-time data processing, significantly improving application performance.
• Verified an external domain in Amazon SES by adding the required TXT records to the domain's DNS settings, enabling email sending from the domain.
• Configured DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) for the external domain to improve email deliverability and protect against spoofing.

• Experienced in Amazon Cloud Services like: EKS, IAM, VPC, CloudFront, VPC peering, Endpoints, Transit Gateway, Cloud-Formation, EC2, AMI, CloudTrail, S3, ECS, RDS, SNS, SES, Security Groups and NACLs, ELB, CloudWatch, Kubernetes, EFS, Storage Gateway, CloudTrail, Guard duty, Trust advisor, WAF, API Gateway , etc
• Google cloud Components
• Shell scripting, Terraforms
• Cloud Architecture Design
• Configuration and automation CloudWatch and centralization the dashboards
• Configuration Elastic search service automation of snapshots and restoration
• Centralized the endpoints and route53 resolvers to save the cost
• Experience in Creating Organization Unit and Cross account using IAM (role and policies)
• File systems, mounting file systems, unmounting file systems and troubleshooting Disk space issues
• Efficiency in installing, configuring
• Knowledge about API gateway and CloudFront
• Patching using Patch Management
• Deploying Application using Docker containers services like ECS, Kubernetes
• Basic Knowledge of JENKINS
• Extended EBS volumes according to the business and application needs
• Created AWS CloudFront for content distribution
• Co-ordinate with application team in installing and configuring many applications on EC2 instance
• Shell scripting for pushing custom matrix on CloudWatch and monitoring infrastructure health
• Created load balancers (alb/elb),Target groups as per application requirement
• Red hat Satellite Patching and Installing and Hardening of Linux OS ( Red hat , Centos , Amazon ec2) , Package Installing with RPM , SOURCE CODE AND YUM
• Logical Volume Management (LVM), creating, reducing , extending and removing , Swap partition and User Administration, backup using rsync, cp, scp tar, zip ,bzip2 ,gzip
• Partitioning the disks using fdisk
• Expertise in file system concepts LVM, creating new file systems, increasing and decreasing Configured S3 buckets with various life cycle policies to archive the infrequently accessed data to storage classes based on requirement
• Created NAT gateways and instances to allow communication from the private instances to the internet through bastion hosts
• Deployed ECS cluster using task definitions and containers
• Configured worker node and deployed containers in Kubernetes
• Basics python
• Linux server, Webserver, Apache, MySQL, SSL, SSF, FTP, SFTP, and DNS configuration
• Operating Systems on EC2 Ubuntu, Red Hat Enterprise Linux, CentOS Linux, and Amazon Linux
• Installed, Configured, Managed Monitoring Tools such as cloud watch, cloud trail, awslogs and SNS topics