DevOps Engineer · Available Now

Prakhar
Srivastava

Kubernetes · GitOps · Terraform · Observability · DevSecOps

Engineer building secure cloud-native systems and infrastructure workflows. I went full-time into DevOps in March 2025 — no job lined up, just a clear plan. Since then: three production-grade infra projects, an IIT Roorkee certification, and an Automation Hero recognition among 500+ engineers.

↗ LinkedIn ⌥ GitHub ↓ Resume
🏆
Automation Hero — TrainWithShubham #90DaysOfDevOps
Recognised among 500+ engineers for delivering high-impact pipeline automation adopted across the cohort. Verify ↗
system.status.json
$ cat system.status.json
{
"engineer": "Prakhar Srivastava",
"focus": "cloud-native infra",
"location": "Bangalore, India",
"cert": "IIT Roorkee × Intellipaat",
"systems_built": 4,
"blog_posts": 12,
"availability": OPEN_TO_WORK,
"preferred_env": "startup / cloud-native"
}
$
system health
CI pipelines
operational
IaC coverage
85%
sec scan rate
100%
vuln in prod
zero
01 — Featured Systems

Built in public. Every system below is a real operational decision made visible — not just code, but architecture, security posture, and delivery workflow.

SYS-01 · Flagship · WIP
Sentinel AI Platform — Conversational Analytics with Full-Stack Observability
Situation
Needed a production-grade AI analytics platform that could serve conversational queries over structured data — with observability and security baked in from day one, not added later.
Task
Design and ship a full-stack AI platform: Next.js frontend, FastAPI query engine, PostgreSQL backend — containerised, observable, and CI-gated before any image ships.
Action
Multi-stage Docker builds with Trivy scan gates in CI. Wired Prometheus + Grafana + Loki from deployment day one — metrics, dashboards, and log aggregation operational before the first user request. CI/CD pipeline debugged to green through container build, image push, and deployment health checks.
Result
Full-stack platform live with zero unscanned artefacts reaching production. Observability active from first deployment — not bolted on after the fact.
Next.js FastAPI PostgreSQL Docker Prometheus Grafana Loki Trivy
⌥ View on GitHub →
Delivery pipeline
git push Multi-stage build Trivy gate
Push image Deploy Health check
Observability stack
Prometheus Grafana dashboards Loki log aggregation
Architecture decisions
Observability wired from deployment day one — not retrofitted. Trivy scan gates block vulnerable images before they touch a registry. Multi-stage builds keep the production image surface minimal. FastAPI async query engine decoupled from frontend for independent scaling.
SYS-02 · Completed
Multi-AZ AWS Infrastructure — Terraform
terraform plan Review apply
Production-grade 3-tier AWS stack across 2 AZs via modular Terraform. 70% faster provisioning vs manual. Private subnets, ALB ingress, IAM least-privilege, RDS with automated backups. Zero-downtime failover validated under live load.
Terraform AWS VPC ALB ASG RDS CloudWatch
⌥ View on GitHub →
SYS-03 · Completed
Secure DevSecOps Pipeline — Two-Tier Flask App
Commit Bandit Trivy Deploy
6-stage shift-left CI/CD. 100% scan coverage per commit via GitHub Actions + Jenkins. Consolidated Bandit, Trivy, Gitleaks, Hadolint, pip-audit into reusable templates — 40% less maintenance overhead. Vulnerable artefact promotion rate: zero.
GitHub Actions Jenkins Docker Bandit pip-audit
⌥ View on GitHub →
SYS-04 · Completed
AWS Auto Scaling Infrastructure — Modular IaC
6 modules 28 resources single apply
VPC, ALB, ASG, RDS, Security Groups, CloudWatch across 6 Terraform modules. Least-privilege SG chaining (ALB → EC2 → RDS). CPU-based auto scaling with CloudWatch alarms. Zero-downtime, production-grade infra.
Terraform Modular IaC EC2 ASG CloudWatch RDS MySQL
⌥ View on GitHub →
SYS-05 · Starting Soon
AWS 3-Tier HA Architecture — Interactive Diagram
Interactive visual explainer for Cross-AZ Highly Available AWS architecture. Covers Region/AZ/VPC/Subnet concepts with animated traffic flow. Built with React + Vite, deployed on Netlify.
React Cross-AZ HA RDS Multi-AZ Netlify
↗ Live Demo →
02 — Operational Thinking

How I approach infrastructure decisions. These aren't preferences — they're principles I've arrived at by building systems that have to actually work.

// OBSERVABILITY_FIRST
Instrument before you ship
If you can't measure it, you can't operate it. Metrics, logs, and traces belong in the design phase — not bolted on after the first incident at 3am.
// GITOPS_OVER_DRIFT
Git is the source of truth
Every production change should trace to a commit. Drift is a silent failure mode. ArgoCD and declarative manifests remove the ambiguity between what's deployed and what's intended.
// SECURITY_INTEGRATED
Shift security left, not later
Security gates at commit time cost milliseconds. Security gates at production cost customers. Bandit, Trivy, Gitleaks — all run before any artefact touches a registry.
// IaC_OVER_CONSOLE
Infrastructure is code, not clicks
The AWS console is for exploration. Production infrastructure lives in Terraform — versioned, reviewed, and reproducible. Remote state and modules are non-negotiable past project one.
// AUTOMATE_REPETITION
If you do it twice, automate it
Manual steps are incidents waiting to happen. Pipeline templates, reusable modules, and documented runbooks turn tribal knowledge into reproducible systems.
// LEAST_PRIVILEGE
Deny by default, grant explicitly
IAM roles, security group chaining, namespace isolation — every system I build assumes breach. Blast radius minimisation is an architectural decision, not a compliance checkbox.
03 — Infra Stack
Cloud
AWS EC2 VPC RDS ALB ASG IAM S3 ECR ECS SNS
Infrastructure as Code
Terraform Modules Remote State Workspaces CloudFormation
Containers & Orchestration
Docker Kubernetes Helm kind kubectl Docker Compose Nginx
CI/CD & GitOps
GitHub Actions Jenkins ArgoCD Git
Observability
Prometheus Grafana Loki Promtail CloudWatch
Security & Scanning
Trivy Bandit Gitleaks Hadolint pip-audit
Networking
VPC Design Subnetting NAT Gateway Security Groups Route Tables
OS & Scripting
Linux / Ubuntu Bash Ansible Python (basic)
04 — Currently Exploring
01
AI infrastructure workflows
Inference serving, model registries, GPU scheduling on Kubernetes
02
Kubernetes networking internals
CNI plugins, eBPF, network policies, service mesh fundamentals
03
OPA / Gatekeeper policy enforcement
Admission control, Rego policies, cluster-wide guardrails
04
Observability-first backend systems
OpenTelemetry, distributed tracing, SLO-based alerting
05
Platform engineering practices
Internal developer platforms, golden paths, self-service infra
05 — Technical Writing

Not tutorials. Real problems encountered while building, written down while they were still fresh.

01
The app ran. The data didn't survive.
What Kubernetes PVCs actually do — learned the hard way when 5 healthy pods silently ate all my data on restart.
12 min · Kubernetes
02
Variables, Outputs, Remote State — Terraform features that matter in production
Why hardcoding everything works until it doesn't — and how remote state changed how I think about infra.
11 min · Terraform
03
Providers, State, and Building Real AWS Infrastructure with Terraform
The moment I stopped clicking through the AWS console. What state files actually are and why they matter.
11 min · AWS · IaC
04
Infrastructure as Code with Terraform: From Concept to First Infrastructure
From clicking dashboards to declarative infrastructure you can version, review, and destroy safely.
4 min · Terraform
05
From Servers to Cloud: How I Finally Understood the Basics of AWS
What "deploy to the cloud" actually means — without the buzzwords that confused me at the start.
4 min · AWS
→ All posts on Hashnode
06 — Certification
🎓
Advanced Cloud & DevOps Program
IIT Roorkee × Intellipaat — iHUB DivyaSampark
Covers AWS, Kubernetes, Terraform, CI/CD pipelines, and DevSecOps workflows. Issued by IIT Roorkee's Technology Innovation Hub — not a vendor certificate, an engineering program.
ID: IPTIH26030271 · Completed 2025
✓ Verify →
🏅
GitHub Actions & Kubernetes Masterclass
TrainWithShubham — CertDirectory
Hands-on masterclass covering GitHub Actions CI/CD pipelines, Kubernetes orchestration, and GitOps delivery workflows — completed under real project constraints as part of the #90DaysOfDevOps cohort.
ID: CRD-DEMEF6VC · TrainWithShubham
✓ Verify →
07 — Contact
Available immediately

Let's talk
infrastructure.

Looking for a DevOps or Infrastructure Engineer role where I can contribute from day one. Give me a take-home task. Startups, cloud-native teams, companies that take shift-left security seriously — that's exactly where I want to be.

@
Emailsrivprak0106@gmail.com
 in
LinkedInlinkedin.com/in/heyyprakhar1
GitHubgithub.com/Heyyprakhar1
 #
Blogheyyprakhar01.hashnode.dev
✓ Message sent. I'll get back to you shortly.
✗ Something went wrong. Try emailing directly.