TCH
SecurityCloud Infrastructure · Zero Trust · DevSecOps · IAM

My Projects 🚀

A collection of projects showcasing cloud security solutions, innovative tools, and technical experiments. Each project represents a journey of learning and problem-solving.

IAM Cleanup

IAM Cleanup

A fully serverless, Terraform-deployed tool that automatically detects, tags, and removes unused IAM roles and policies in AWS before they become a security liability. Features a configurable grace period, SNS notifications, and dry-run mode.

VPC Lattice Migration

VPC Lattice Migration

A Terraform infrastructure that replaces a Transit Gateway with Amazon VPC Lattice to provide private cross-VPC database connectivity. Features a service network, Resource Gateway, and Aurora Resource Configuration — eliminating all cross-VPC route table entries.

Boundary Kubernetes Access POC

Boundary Kubernetes Access POC

A zero-trust access POC using HCP Boundary Essentials with a self-managed Boundary worker on Minikube to broker SSH and MySQL access without exposing targets directly. Includes Kubernetes manifests and Terraform-managed Boundary configuration.

Vault + Boundary: Dynamic Credentials on Kubernetes

Vault + Boundary: Dynamic Credentials on Kubernetes

Extends the Boundary Kubernetes POC with HashiCorp Vault: replaces static MySQL passwords with ephemeral Vault-issued credentials and short-lived SSH certificates signed per session. Full Terraform configuration for Vault engines, credential libraries, and Boundary integration.

Have a Project Idea? 💡

I'm always interested in collaborating on exciting projects, especially in cloud security and innovative tech solutions.

Let's Collaborate 🤝