Anji Yarra

Cloud & DevOps Engineer  ·  4+ Years IT  ·  AWS SAA-C03

Designing secure, production-grade AWS infrastructure from the ground up

View Projects 📩 Contact
4+
Years in IT
2
Certifications
10+
AWS Services
1
Live AWS Deploy

About Me

IT professional with 4+ years of hands-on experience in infrastructure, networking, and Linux systems — now specialising in AWS cloud architecture. I hold the AWS Solutions Architect Associate (SAA-C03) and SRE certifications, and I build production-grade cloud environments from scratch.

My approach is security-first and architecture-driven. I don't just deploy services — I design systems with deliberate decisions: why each subnet exists, why traffic flows the way it does, and what happens when something fails. Every resource in my AWS environment has a reason.

Currently building and expanding crushoncloud.com — a live, HTTPS-secured production deployment running on a full AWS 3-tier architecture. Actively pursuing cloud engineering and DevOps roles where I can apply both my IT foundation and cloud expertise.

AWS Solutions Architect Associate — SAA-C03 Site Reliability Engineer — DevOps Institute

Experience

IT Engineer

Infrastructure & Cloud Operations
4+ Years

AWS Cloud Architecture — Designed and deployed production VPC environments with public/private subnet segmentation, NAT Gateway, IGW, ALB, and EC2 across multiple Availability Zones

Security & Networking — Implemented least-privilege Security Groups across all tiers, enforced HTTPS via ACM, configured Route 53 with Alias records for production domains

Linux Administration — Managed Amazon Linux and RHEL servers, Nginx configuration, troubleshooting, system hardening, and performance optimisation

Infrastructure Operations — Maintained high uptime across critical systems, supported deployments, and implemented monitoring and incident response processes

Projects

crushoncloud.com — AWS 3-Tier Architecture

A production-grade AWS deployment I designed from scratch — every architectural decision was deliberate.

Custom VPC — public/private subnet segmentation, IGW for inbound, NAT Gateway for private outbound-only traffic

ALB + Target Group — single internet entry point, health checks, HTTPS termination via ACM. EC2 has no public IP.

Route 53 Alias A record — points crushoncloud.com → ALB. Alias chosen over CNAME for apex domain support and zero query cost

Security Groups — ALB accepts 443/80 from internet; EC2 accepts traffic from ALB SG only; defence-in-depth at every layer

STACK:
VPCEC2ALB Route 53ACMNAT Gateway IGWSecurity GroupsNginx Amazon Linux
🔗 View Live Site

AWS Architecture

Full request flow — every hop is deliberate, every security boundary is enforced

👤 User
📡 Route 53 — Alias A Record
🔒 ACM — HTTPS/SSL
🌐 Internet Gateway (IGW)
⚖️ ALB — Public Subnet
↓   SG: ALB → EC2 only
🖥️ EC2 + Nginx — Private Subnet
🔀 NAT Gateway — Outbound only
✓ No public IP on EC2 ✓ HTTPS enforced end-to-end ✓ Least-privilege Security Groups ✓ Multi-AZ ready ✓ NAT for private outbound

Skills

☁️ AWS — Cloud

EC2VPC ALBTarget Groups Route 53ACM NAT GatewayIGW Security GroupsNACLs SubnetsS3

🔧 DevOps & Systems

Linux Administration Nginx Git Bash SSH System Troubleshooting

🔐 Networking & Security

DNS HTTPS / TLS Subnetting Security Groups Least Privilege VPC Design

Contact

Email
anjiyarra.aws@gmail.com
LinkedIn
linkedin.com/in/anjiyarra
GitHub
github.com/anji-yarra