Hi - I'm Akuphe DieudonneDEVOPS ENGINEER

Enterprise Cloud Security Governance with Policy-as-Code enforces automated AWS security using OPA/Rego in GitHub Actions to block non-compliant deployments. AWS Config, Security Hub, and Conformance Packs provide continuous compliance, while EventBridge and SSM auto-remediate drift to maintain secure, audit-ready infrastructure.

This project focuses on building and deploying an AI-powered Cybersecurity Threat Detection System using Amazon SageMaker. The solution is designed to detect anomalous network activity that may indicate potential cyberattacks, such as DDoS attacks, unauthorized access attempts, or phishing activities. The system leverages a machine learning pipeline that fully automates data ingestion, preprocessing, model training, deployment, and real-time inference, ensuring scalability and operational efficiency.

This project consists of two AWS Lambda functions and supporting infrastructure. The first Lambda, rotate-and-deactivate-keys, creates a new access key for a target IAM user, deactivates the old key, stores the new key securely in AWS Secrets Manager, and notifies stakeholders via Amazon SNS. The second Lambda, purge-deactivated-keys, is responsible for deleting previously inactive access keys for the same IAM user. Terraform is used to provision all required resources, including IAM roles and policies, the Secrets Manager secret, the SNS topic and subscription, and optional EventBridge schedules for automation. For CI/CD, two GitHub Actions workflows are implemented: infra-provision.yml, which validates, plans, and applies the infrastructure using an S3 + DynamoDB remote backend, and ci-cd-lambda.yml, a multi-job pipeline (lint → test → build → deploy) that creates or updates both Lambda functions with safe AWS waiters to avoid deployment conflicts.

A production‑grade CI/CD pipeline built entirely with AWS native services. It automates the SDLC from code ➜ build ➜ test/quality ➜ artifacting ➜ deploy ➜ observe/notify. The stack is cost‑efficient, scalable, and suitable for EC2 workloads (adaptable to ECS/EKS/Lambda).

End-to-end pipeline on AWS us-east-1 that takes code from commit to production with safety and visibility. A GitHub CI webhook triggers Jenkins to run Maven builds, Checkstyle, and SonarQube quality gates, then publish versioned artifacts to Nexus. Ansible handles deployments to Dev and Staging automatically, with a manual approval gate for Production. Slack posts status at every stage. Prometheus (metrics) and Splunk (logs) feed Grafana dashboards for real-time monitoring and alerting. Integrated with Jira for traceability across the release flow.

This project involves deploying a weather tracker application across AWS and Azure, incorporating disaster recovery capabilities. The app’s front-end (HTML, CSS, JS) is hosted statically on AWS S3 (with CloudFront for CDN) and Azure Blob Storage.