Skip to content
View szelese's full-sized avatar

Block or report szelese

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
szelese/README.md

Ervin Wallin

Cloud & DevOps Engineer
LinkedIn | GitHub


CKAD AWS Certified Developer Terraform Associate

v3 Kubernetes v2 44ms Latency v1 NIÜ Award


Cloud Architecture Evolution

From PaaS → Serverless → Kubernetes-native delivery
2025–2026 | BSc Computer Science

Version Architecture Technologies Key Achievements
v1 Django Monolith Elastic Beanstalk, GitHub Actions NIÜ/HSUP selected project, automated CI/CD
v2 Cloud-agnostic Serverless Core Lambda, Docker, Hexagonal 63% faster (120ms → 44ms), OWASP ZAP 0 alerts
v2.1 Full IaC Layer Terraform, OIDC Zero manual steps, least-privilege IAM
v3 Kubernetes-native Runtime FastAPI, Docker, kind, Helm, Kustomize Local K8s baseline, Ingress, HPA, NetworkPolicy, runtime hardening, CI

The portfolio shows a deliberate progression: starting from traditional PaaS, advancing to high-performance cloud-agnostic serverless, adding full infrastructure automation, and now extending into container orchestration with Kubernetes.

Next milestone (v3.1): Terraform-managed AWS EKS, ECR, GitHub OIDC and Helm-based deployment path.


Highlighted Projects

v3 – Kubernetes-Native Core

github.com/szelese/v3-k8s-core

A Kubernetes-native delivery project that extends my earlier serverless portfolio into container orchestration.

Key features:

  • Isolated Python business core with FastAPI HTTP adapter
  • Non-root Docker runtime with Kubernetes security hardening (read-only filesystem, dropped capabilities)
  • Local Kubernetes with kind, Kustomize and reusable Helm chart
  • Ingress, Horizontal Pod Autoscaler, NetworkPolicy
  • Prometheus-compatible /metrics endpoint + structured JSON logging
  • Full GitHub Actions CI (pytest, Trivy scan, smoke tests, Helm validation)

This project is intentionally presented as a local Kubernetes runtime portability baseline, not as a full production platform yet.


v2.1 – Full Terraform IaC Layer

github.com/szelese/v2.1-agnostic-lambda-core-terraform

A Terraform-based infrastructure automation layer around the v2 serverless core.

Key features:

  • Fully automated AWS infrastructure provisioning
  • Terraform-managed IAM, ECR, Lambda, CloudWatch alarms and SNS notifications
  • GitHub Actions deployment workflow
  • GitHub OIDC authentication
  • Least-privilege IAM design
  • Automatic GitHub Secrets management
  • Smart smoke tests after deployment
  • Zero manual infrastructure steps

v2 – Agnostic Serverless Lambda Core

github.com/szelese/v2-agnostic-lambda-core

A cloud-agnostic Python application core adapted to AWS Lambda container runtime.

Key features:

  • Hexagonal / clean architecture style separation
  • Environment-agnostic business logic
  • Dockerized Lambda runtime
  • Performance improvement from approximately 120 ms to 44 ms average response time
  • Around 63% faster response time compared to the original v1 system
  • OWASP ZAP security audit with zero alerts
  • Automated tests and validation pipeline

v1 – CI/CD with AWS Elastic Beanstalk

github.com/szelese/ci-cd-gha-aws

The original monolithic Django project and deployment baseline.

Key features:

  • GitHub Actions CI/CD pipeline
  • AWS Elastic Beanstalk deployment
  • OIDC-based AWS authentication
  • Automated deployment workflow
  • Post-deploy hooks for database migration and static file collection
  • Selected for further development by the Hungarian National Innovation Agency / HSUP

Core Competencies

Cloud & Infrastructure
AWS (Lambda, ECR, IAM, CloudWatch, Elastic Beanstalk) • Terraform IaC

Kubernetes & Containers
Docker • FastAPI • kind • Kustomize • Helm • Ingress • HPA • NetworkPolicy • Security contexts

CI/CD & Automation
GitHub Actions + OIDC • Trivy scanning • Smoke testing • Helm validation

Security & Observability
Least-privilege • Non-root containers • Prometheus-compatible metrics • Structured logging

Architecture
Hexagonal design • Cloud-agnostic core


Certifications

  • Certified Kubernetes Application Developer — CKAD
  • AWS Certified Developer – Associate
  • HashiCorp Certified: Terraform Associate
  • AWS Certified Cloud Practitioner

Open to new opportunities in Hungary & EU & worldwide Cloud • DevOps • Platform Engineering • Infrastructure as Code roles

📩 ervin.wallin at gmail dot com | Let's build scalable, secure and fully reproducible cloud systems together!


20 years in high-stakes logistics → reliability-first approach to cloud infrastructure.

Profile views
© 2026 Ervin Wallin

Pinned Loading

  1. ci-cd-gha-aws ci-cd-gha-aws Public

    CI/CD pipeline with GitHub Actions + AWS Elastic Beanstalk. OIDC keyless auth, DORA Elite metrics. Hungarian National Innovation Agency selected thesis project.

    Python

  2. v2-agnostic-lambda-core v2-agnostic-lambda-core Public

    Cloud-agnostic serverless core on AWS Lambda. Hexagonal design, 44ms latency, OWASP ZAP 0-alert, Dockerized.

    Python

  3. v2.1-agnostic-lambda-core-terraform v2.1-agnostic-lambda-core-terraform Public

    Full Terraform IaC layer for v2 Lambda core. Zero manual steps, least-privilege IAM, GitHub Secrets auto-sync.

    HCL

  4. v3-k8s-core v3-k8s-core Public

    Kubernetes-native FastAPI runtime with Docker, kind, Kustomize, Helm, Ingress, HPA and GitHub Actions CI.

    Python