Available for projects

Your AWS account has blind spots. I find them.

I architect and harden AWS environments for companies that need security, compliance, and reliability. Start with a free review to see where your setup stands.

30 min of your time - report with exact fix commands in 48h

10+
Years in DevOps
AWS & Azure
Certified Architect
12+
Terraform Modules
Featured
Help Net Security
AWSAzureTerraformKubernetesDockerGitLab CIAI Integrations
01 – Services

How I can help

Your project as a pipeline – from first contact to production.

Contact Get in touch

Infrastructure Audit

running

Comprehensive review of your cloud setup – cost analysis, security assessment, and architecture review with actionable recommendations.

AWSAzureCost optimizationSecurity

CI/CD & Automation

running

Design and implementation of deployment pipelines. GitLab CI, GitHub Actions, Jenkins – full lifecycle automation with GitOps.

GitLab CIGitHub ActionsArgoCDIaC

Cloud Architecture

running

Architecture design from scratch or migration of existing systems. VPC networking, security baseline, multi-cloud strategy.

VPCTerraformMulti-cloudCompliance
Review Quality check
Deployed In production
02 – Stack

Technologies & certifications

Tools I use daily to build scalable, secure infrastructure.

namespace: cloud 3
AWS
Expert
Azure
Expert
GCP
Advanced
namespace: iac-config 2
Terraform
Expert
Ansible
Advanced
namespace: ci-cd 4
GitLab CI
Expert
Jenkins
Expert
GitHub Actions
Advanced
ArgoCD
Advanced
namespace: containers 3
Kubernetes
Advanced
Docker
Advanced
Helm
Advanced
namespace: other 4
Python
Advanced
Linux
Advanced
Palo Alto
Expert
AI Integrations
Expert

AWS Solutions Architect

Amazon Web Services

Azure Administrator

Microsoft

PCNSA

Palo Alto Networks

03 – Work

Selected projects

Anonymized examples across different industries and scales.

cloud-audit
Featured in Help Net Security MIT

cloud-audit

Open-source AWS security scanner with Terraform remediation

47 curated checks across 15 AWS services. Every finding includes copy-paste CLI commands and Terraform code to fix it. 16 MITRE ATT&CK attack chain rules correlate individual findings into exploitable attack paths. Built-in diff command tracks drift between scans - no other open-source CLI scanner has this.

security python aws terraform sarif mitre-attack
47 checks
16 attack chains
100% remediation
18 stars
$ cloud-audit scan --format terminal
CRITICAL Root account has no MFA enabledIAM-001
HIGH S3 bucket lacks Public Access BlockS3-002
HIGH Security group allows 0.0.0.0/0 on port 22EC2-003
MEDIUM CloudTrail not enabled in all regionsCT-001
LOW EBS volume encryption not defaultEC2-005
Attack Chain: Public SG + IMDSv1 + Admin Role = Account Takeover
Scanned 63 resources in 28s Health Score: 34/100
+5,840 -312 68 files
View on GitHub
cloud-audit demo video

See cloud-audit in action - attack chains, remediation, and scan diff in 60 seconds

Prowler alternative Full scanner comparison
Merged
!14

Cloud Security Architecture for Enterprise

security awspalo-altoterraformvpc

Designed and implemented Security VPC architecture with Palo Alto NGFW for enterprise clients across automotive, government, and cultural sectors.

+847 -23 12 files
Merged
!9

Self-Managing Jenkins Platform on AWS

ci/cd jenkinsaws-ecsjcascdocker

Fully automated Jenkins on AWS ECS with Configuration as Code. Dynamic agents, self-updating pipeline, zero-touch deployment.

+1243 -89 24 files
Merged
!7

Production Terraform Modules

infrastructure terraformawsopen-sourceiac

12 production-ready Terraform modules published to the Terraform Registry. Reusable networking, compute, and storage components.

+3420 -156 48 files
Merged
!3

GitOps Pipeline for Kubernetes

devops kubernetesargocdhelmeks

GitOps workflow with Amazon EKS, ArgoCD, and Helm. Continuous delivery for microservices with full audit trail.

+692 -41 18 files

Details available under NDA during consultation.

Interested in working together?

Start with a free security review of your AWS setup - report in 48h.

Get my free review
04 – Open Source

Terraform modules

Production-ready AWS modules designed to work together. Published to the Terraform Registry.

Terraform Registry

12 published modules

Complete set of AWS modules – from VPC networking to ECS container orchestration. Designed as composable building blocks.

View on Registry

Palo Alto Networks

Open-source contributor

Contributed to Palo Alto Networks Terraform modules for deploying Software Firewalls on AWS.

View on GitHub
terraform graph 12 modules · 11 dependencies
VPC Subnets Sec Group NAT GW EC2 ALB NLB Routes EIP ECS EFS Secrets
View on Registry →
Networking Compute Load Balancing Storage
VPC VPC, IGW, DHCP, Flow Logs Subnets Subnets, Route Tables, tiers Sec Group Flexible SG rules NAT GW NAT, single or multi-AZ EC2 EC2 with EBS, userdata ALB ALB with listeners & rules NLB NLB configuration Routes TGW, Peering, VPN routes EIP Elastic IPs management ECS ECS Fargate & EC2 EFS EFS with mount targets Secrets Secrets with rotation
05 – About
identity

Mariusz Gebala

Cloud & DevOps Engineer
Torun, Poland · 100% Remote
profile

10+ years in IT infrastructure – from server administration and industrial automation to modern cloud solutions.

Specializing in AWS & Azure architecture, Terraform, CI/CD pipelines, and enterprise network security with Palo Alto NGFW.

Contributor to Palo Alto Networks Terraform modules on GitHub.

Mariusz Gebala - Cloud & DevOps Engineer, AWS and Palo Alto consultant
stats
10+ Years in DevOps
3 Cloud Certifications
12 Terraform Modules
50+ Enterprise Deployments
links GitHub LinkedIn Terraform Registry
"Between searching through the legacy codebase jungle, heated brainstorm or precise feature deployment rollout, you're able to quickly catch up on a topic, or lead a given scope in autonomy. You were a great resource for the team, and I recommend you for your versatility."
J

Joey

Former teammate

06 – Blog

Latest posts

Practical articles on cloud infrastructure, security, and DevOps engineering.

· 6 min read

Debugging AWS IAM and Privilege Escalation Using Multi-Model AI

How to debug IAM Access Denied errors, spot OIDC privilege escalation, and write Terraform fixes using multi-model AI consensus - querying multiple LLMs simultaneously to eliminate hallucinations.

awsiamsecurity
· 7 min read

CIS AWS v3.0 in 60 Seconds: Automate Compliance with Terraform

Run a full CIS AWS Foundations Benchmark v3.0 assessment from your terminal. 62 controls, 55 automated, per-control Terraform remediation.

awssecuritycompliance
· 17 min read

Prowler vs ScoutSuite vs cloud-audit: Best AWS Security Scanner [2026]

Side-by-side comparison: compliance, speed, remediation, CI/CD support. I ran all 3 scanners on the same AWS account - here's which fits your workflow.

awssecuritydevops
View all posts
07 – Free Quick Review

Find out what's exposed in your AWS account

A free 30-minute review of your AWS setup. I check the things that usually slip through the cracks – and send you a prioritized list of what to fix first.

IAM & identity review

Root MFA, stale access keys, overprivileged roles, missing permission boundaries

Network & firewall assessment

Open security groups, public RDS, VPC architecture, egress filtering gaps

Prioritized remediation plan

Ranked findings with fix commands, Terraform snippets, and estimated effort

Get my free security review
12
Terraform modules on the
public registry
Featured in HelpNetSecurity
Palo Alto Networks
certified practitioner
AWS Solutions Architect
Associate certified
08 – Contact

Let's build something

Have a project in mind? I respond within 24 hours.

~/contact --new-project
I respond within 24h
Location

Torun, Poland

100% remote