Cloud DevOps Engineer  ·  Orillia, Ontario

MATT
SHAW

“Kitchens and cloud systems fail the same way.
I learned to prevent both.”

View Projects Get In Touch
AWS· Terraform· Linux· Docker· Kubernetes· GitHub Actions

// About

20 years in professional kitchens taught me one thing: systems either hold under pressure, or they don't.

I spent two decades managing commercial kitchens — First Cook at Horseshoe Resort, then Food Service at Costco Wholesale Canada. You learn fast that a kitchen at full service and a cloud system at peak load have the same failure modes: unclear ownership, missing redundancy, no recovery plan.

In 2024 I started formally bridging those worlds. Google Cybersecurity Certificate. Then the Level Up In Tech 37-week Cloud DevOps Engineering program, graduating May 2026. Now I build and document infrastructure on AWS — Terraform-provisioned, GitHub Actions deployed, version controlled, and publicly documented.

I write about the transition in my newsletter, Terraforming My Career — currently at 134+ subscribers and growing.

GitHub Medium LinkedIn

Cloud & Infrastructure

AWS EC2S3CloudFrontLambdaIAMCloudWatchBedrock

Infrastructure as Code

TerraformHCLRemote StateS3 Backend

Containers & Orchestration

DockerDocker SwarmKubernetesHelm

CI/CD & Automation

GitHub ActionsJenkinsOIDC AuthBashPython

Systems & Local AI

Ubuntu LinuxsystemdOllamaCrewAI

// Projects

Built. Documented. Shipped.

01
TerraformAWS EC2JenkinsAL2023

The Jenkins Job That Took 6 Tries

Provisioned a Jenkins CI/CD server on EC2 with Terraform. Hit six distinct failure points — hardcoded AMIs, Java version mismatches, AL2023's switch from yum to dnf, GPG key rotation — and documented every one.

6 failures → 1 working pipeline
GitHub → Write-up →
02
Docker SwarmAWS EC2WordPress

Self-Healing WordPress Production Stack

Three-node Docker Swarm cluster on EC2 running a production WordPress stack. When a container dies at 2am, the orchestrator brings it back. No pager, no humans required.

1,555 LinkedIn impressions on launch post
GitHub → Write-up →
03
AWS PollyGitHub ActionsS3

Multilingual TTS Pipeline

AWS Polly neural text-to-speech pipeline with full GitHub Actions CI/CD. Converts text to audio across multiple languages on every push — OIDC auth throughout, zero stored AWS keys.

Neural engine · OIDC auth · Zero stored keys
GitHub → Write-up →
04
GitHub ActionsAWS IAMOIDC

Serverless CI/CD with OIDC Auth

GitHub Actions pipeline authenticating to AWS via OIDC federation — no long-lived access keys stored anywhere. IAM role assumption using signed JWT tokens. The right way to do CI/CD security.

Zero stored credentials · Zero attack surface
GitHub → Write-up →
05
BashLinuxsystemd

Linux Security Audit Script

Automated security audit with systemd timer. First run flagged Apache2 exposed and Open WebUI bound to 0.0.0.0. Reduced flagged services from 3 to 0. Snap storage dropped from 54G to 30G — a 44% reduction.

3 flagged services → 0 · 44% storage reduction
GitHub → Write-up →
06
BashLinuxsystemd

Linux Process Sentinel

Bash service watchdog with autonomous recovery. Monitors critical processes, detects failures, and restarts services without human intervention. Built and tested against live Ubuntu infrastructure.

Autonomous recovery · No pager required
GitHub → Write-up →

// Contact

Currently available for
junior & entry-level Cloud DevOps roles.

Based in Orillia, Ontario  ·  Open to remote and hybrid across Canada

Email Matt.r.shaw4@proton.me GitHub github.com/mattrshaw4 LinkedIn linkedin.com/in/matt-r-shaw- Newsletter medium.com/@matt.r.shaw4