Cloud Engineer focused on AWS infrastructure delivery, Terraform-based Infrastructure as Code, cloud migration execution, enterprise networking, and operational readiness for production platforms.

I have 5+ years of hands-on AWS experience delivering infrastructure across compute, data, storage, networking, security, automation, and observability layers. My work spans EC2, ECS/Fargate, RDS, S3, VPC, ALB, Route 53, IAM, CloudWatch, Transit Gateway, Site-to-Site VPN, Direct Connect Gateway, and multi-account network patterns.

I am comfortable joining active cloud migration engagements mid-stream, reading existing Terraform, understanding inherited architecture decisions, extending infrastructure safely, and keeping delivery moving without unnecessary redesign. I focus on practical execution: clear plans, controlled changes, rollback awareness, operational handoff, and documentation that engineering and support teams can actually use.

My background includes lift-and-shift migrations, phased workload transitions, infrastructure assessment, dependency mapping, sprint-based delivery, customer-facing standups, sprint reviews, and production handoff activities.

I also bring experience in AWS multi-account networking, including hub-and-spoke architecture, Transit Gateway route segmentation, centralized inspection VPCs, BGP-based hybrid connectivity, FortiGate Firewall, and FortiWeb WAF integration for ingress, egress, and east-west traffic control.

• AWS infrastructure engineering for production and enterprise environments.
• Terraform Infrastructure as Code for repeatable and controlled delivery.
• Cloud migration execution for existing workloads moving into AWS.
• Multi-account AWS networking and hybrid connectivity.
• Operational readiness, documentation, runbooks, and handoff.
• Observability, deployment control, and infrastructure supportability.
• Security-aware infrastructure design using IAM, segmentation, and guardrails.

• Provisioning and supporting AWS infrastructure across compute, storage, database, networking, security, and monitoring layers.
• Production deployment patterns using EC2, ECS/Fargate, RDS, S3, VPC, ALB, Route 53, IAM, and CloudWatch.
• Backend infrastructure support for application and fullstack teams.
• Infrastructure design aligned with operational ownership, supportability, and handoff.
• Environment separation, deployment controls, rollback awareness, and change discipline.
• Documentation of technical decisions, implementation notes, runbooks, and support procedures.

• Support for lift-and-shift and phased migration approaches.
• Workload migration planning, dependency tracking, and infrastructure readiness.
• Coordination with application, infrastructure, security, and customer teams.
• Validation of cloud environments before and after migration activities.
• Support for sprint-based migration delivery.
• Operational handoff documentation for migrated workloads.
• Ability to ramp onto active engagements without losing delivery pace.

• Reading, maintaining, and extending existing Terraform repositories.
• Terraform-based infrastructure standardization across AWS and multicloud environments.
• Module-based infrastructure design for networking, IAM, compute, and application hosting components.
• Terraform workflows:
  • terraform init
  • terraform fmt
  • terraform validate
  • terraform plan
  • terraform apply
• Remote state, backend configuration, state locking, variables, outputs, and providers.
• Pull-request-based infrastructure review using GitHub.
• Controlled infrastructure changes with documentation and rollback awareness.
• Practical IaC discipline: improve what exists without redesigning everything just to leave fingerprints.

• Multi-account VPC design and network segmentation.
• Hub-and-spoke network architecture.
• CIDR planning, subnet segmentation, routing domains, and cross-account connectivity.
• Transit Gateway architecture:
  • VPC attachments
  • Route table segmentation
  • Route propagation
  • Centralized routing
  • Multi-account connectivity
• Site-to-Site VPN:
  • Customer Gateway configuration
  • Redundant tunnel setup
  • BGP routing
  • Third-party connectivity
• Direct Connect Gateway:
  • Transit VIF association
  • Hybrid cloud connectivity
  • BGP-based routing
• Centralized inspection VPC design.
• FortiGate Firewall and FortiWeb WAF integration.
• East-west, ingress, and egress traffic inspection patterns.
• Network security controls using Security Groups, NACLs, route tables, and segmentation.

I build cloud infrastructure with a bias toward clarity, control, and long-term operability.

My approach is simple:

• Understand the existing architecture before changing it.
• Extend Terraform safely instead of redesigning without cause.
• Keep infrastructure changes reviewable, documented, and reversible.
• Communicate status, blockers, risks, and decisions clearly.
• Design for production support, not just successful deployment.
• Treat observability, security, and documentation as part of delivery.
• Leave behind infrastructure that another engineer can operate without archaeology.

Good infrastructure is not just deployed. It is understood, monitored, documented, and supportable.

Provisioning and maintaining AWS infrastructure across compute, storage, database, networking, IAM, and monitoring layers using Terraform and GitHub-based workflows.

Supporting workload migrations into AWS through infrastructure assessment, dependency mapping, phased delivery, validation, rollback awareness, and operational handoff.

Reading and extending existing Terraform repositories, improving module structure where appropriate, and maintaining delivery continuity during active engagements.

Designing and supporting AWS network foundations using hub-and-spoke architecture, Transit Gateway, segmented route tables, hybrid connectivity, centralized inspection VPCs, and firewall integration.

Implementing CloudWatch metrics, logs, alarms, dashboards, runbooks, and support documentation to improve visibility and reduce operational ambiguity.

• AWS cloud migration engineering
• Terraform module design and IaC governance
• Multi-account AWS networking
• Transit Gateway and hybrid connectivity
• Cloud resilience and operational readiness
• Observability and incident response workflows
• Security guardrails and infrastructure governance
• Automation for infrastructure operations

• GitHub: github.com/ferkuellar
• Website: kuellarfer.com
• LinkedIn: linkedin.com/in/cuellar-fernando
• Email: kuellarfer@gmail.com

I help teams deliver AWS infrastructure with discipline, continuity, and operational clarity.

My strength is working where cloud engineering gets real: inherited Terraform, active migrations, production constraints, networking complexity, delivery pressure, customer-facing communication, and the need to leave behind infrastructure that can be operated confidently after the migration is complete.