[2026-02-20 08:14:01] ▶ terraform init -backend-config=prod.hcl
Initializing modules...
Downloading registry.terraform.io/gebalamariusz/vpc/aws 1.0.0...
Downloading registry.terraform.io/gebalamariusz/subnets/aws 1.1.0...
Initializing provider plugins...
- Finding hashicorp/aws versions matching "~> 5.0"...
- Installing hashicorp/aws v5.82.2...
Terraform has been successfully initialized!

[2026-02-20 08:14:18] ▶ terraform plan -out=tfplan
module.vpc.aws_vpc.this: Refreshing state... [id=vpc-0a3f8e2c1b4d5f6a7]
module.subnets.aws_subnet.this["10.0.1.0/24"]: Refreshing state...
module.subnets.aws_subnet.this["10.0.2.0/24"]: Refreshing state...
module.nat.aws_nat_gateway.this[0]: Refreshing state...
module.alb.aws_lb.this: Refreshing state...
module.ecs.aws_ecs_cluster.this: Refreshing state...

Plan: 3 to add, 1 to change, 0 to destroy.

[2026-02-20 08:15:02] ▶ terraform apply tfplan
module.security_group.aws_security_group.this: Creating...
module.security_group.aws_security_group.this: Creation complete [id=sg-0f4a8b2c3d5e6f7a8]
module.ecs.aws_ecs_service.this: Modifying... [id=arn:aws:ecs:eu-central-1:***:service/prod/api]
module.ecs.aws_ecs_service.this: Modifications complete

Apply complete! Resources: 3 added, 1 changed, 0 destroyed.

[2026-02-20 08:16:33] ▶ kubectl get pods -n production
NAME                          READY   STATUS    RESTARTS   AGE
api-gateway-7f8d4b6c9-x2k4p  1/1     Running   0          4h
auth-service-5c9a8e3f1-m7n2q 1/1     Running   0          4h
worker-pool-8b3e5d7a2-j9k1r  3/3     Running   0          2h
redis-master-0                1/1     Running   0          12h

[2026-02-20 08:16:41] ▶ kubectl apply -f deploy/production/
deployment.apps/api-gateway configured
service/api-gateway unchanged
horizontalpodautoscaler.autoscaling/api-gateway configured
ingress.networking.k8s.io/api-gateway unchanged

[2026-02-20 08:17:05] ▶ docker build -t hait/api:v2.4.1 --platform linux/amd64 .
[+] Building 42.3s (14/14) FINISHED
 => [internal] load build definition from Dockerfile
 => [internal] load .dockerignore
 => [stage-1 1/5] FROM node:20-alpine@sha256:a1b2c3d4...
 => [stage-1 2/5] WORKDIR /app
 => [stage-1 3/5] COPY package*.json ./
 => [stage-1 4/5] RUN npm ci --production
 => [stage-1 5/5] COPY dist/ ./dist/
 => exporting to image
 => => writing image sha256:9f8e7d6c5b4a3...
Successfully tagged hait/api:v2.4.1

[2026-02-20 08:18:22] ▶ aws ecs update-service --cluster prod --service api --force-new-deployment
{
    "service": {
        "serviceName": "api",
        "status": "ACTIVE",
        "desiredCount": 3,
        "runningCount": 3,
        "deployments": [{ "status": "PRIMARY", "rolloutState": "IN_PROGRESS" }]
    }
}

[2026-02-20 08:19:44] ▶ helm upgrade --install monitoring prometheus-community/kube-prometheus-stack -n monitoring
Release "monitoring" has been upgraded. Happy Helming!
NAME: monitoring
NAMESPACE: monitoring
STATUS: deployed
REVISION: 7

[2026-02-20 08:20:11] ▶ ansible-playbook -i inventory/prod site.yml --tags=deploy
PLAY [webservers] ****************************************************
TASK [Gathering Facts] ***********************************************
ok: [web-01.prod.internal]
ok: [web-02.prod.internal]
TASK [nginx : Deploy configuration] **********************************
changed: [web-01.prod.internal]
changed: [web-02.prod.internal]
PLAY RECAP ***********************************************************
web-01.prod.internal : ok=8  changed=2  unreachable=0  failed=0
web-02.prod.internal : ok=8  changed=2  unreachable=0  failed=0

[2026-02-20 08:21:38] ▶ git log --oneline -8
f4a8b2c feat(ecs): add circuit breaker deployment config
d3e5f7a fix(alb): health check grace period for slow starts
b2c4d6e refactor(vpc): simplify flow logs conditional
a1b3c5d ci: add tfsec scanning to pipeline
9e8d7c6 feat(nat): support single NAT gateway mode
8f7e6d5 docs: update module compatibility matrix
7a6b5c4 fix(subnets): route table association ordering
6d5e4f3 feat(security-group): add rule description support

[2026-02-20 08:22:05] ▶ gitlab-runner exec docker deploy-production
Using Docker executor with image alpine:latest...
Pulling docker image registry.gitlab.com/hait/infra:latest...
$ terraform workspace select prod
Switched to workspace "prod"
$ terraform apply -auto-approve
Apply complete! Resources: 0 added, 2 changed, 0 to destroy.
Job succeeded

[2026-02-20 08:23:17] ▶ aws cloudwatch get-metric-statistics --namespace AWS/ECS \
    --metric-name CPUUtilization --period 300 --statistics Average
{
    "Label": "CPUUtilization",
    "Datapoints": [
        { "Timestamp": "2026-02-20T08:15:00Z", "Average": 23.4, "Unit": "Percent" },
        { "Timestamp": "2026-02-20T08:20:00Z", "Average": 18.7, "Unit": "Percent" }
    ]
}

[2026-02-20 08:24:02] ▶ trivy image hait/api:v2.4.1
2026-02-20T08:24:02.891Z  INFO  Vulnerability scanning is enabled
Total: 0 (HIGH: 0, CRITICAL: 0)

[2026-02-20 08:24:30] ▶ curl -s https://api.haitmg.pl/health | jq .
{
  "status": "healthy",
  "version": "2.4.1",
  "uptime": "4d 12h 33m",
  "services": { "database": "ok", "cache": "ok", "queue": "ok" }
}

Available for projects

Cloud Infrastructure, Engineered.

I design and automate cloud environments for companies that need reliability, security, and speed.
From architecture to CI/CD — everything as code.

Book a consultation View work

Years in DevOps

AWS & Azure

Certified Architect

Terraform Modules

Palo Alto

Official Contributor

AWSAzureTerraformKubernetesDockerGitLab CIAI Integrations

01 — Services

How I can help

Your project as a pipeline — from first contact to production.

Contact Get in touch

Infrastructure Audit

running

Comprehensive review of your cloud setup — cost analysis, security assessment, and architecture review with actionable recommendations.

AWSAzureCost optimizationSecurity

CI/CD & Automation

running

Design and implementation of deployment pipelines. GitLab CI, GitHub Actions, Jenkins — full lifecycle automation with GitOps.

GitLab CIGitHub ActionsArgoCDIaC

Cloud Architecture

running

Architecture design from scratch or migration of existing systems. VPC networking, security baseline, multi-cloud strategy.

VPCTerraformMulti-cloudCompliance

Review Quality check

Deployed In production

02 — Stack

Technologies & certifications

Tools I use daily to build scalable, secure infrastructure.

namespace: cloud 3

AWS

Expert

Azure

Expert

GCP

Advanced

namespace: iac-config 2

Terraform

Expert

Ansible

Advanced

namespace: ci-cd 4

GitLab CI

Expert

Jenkins

Expert

GitHub Actions

Advanced

ArgoCD

Advanced

namespace: containers 3

Kubernetes

Advanced

Docker

Advanced

Helm

Advanced

namespace: other 4

Python

Advanced

Linux

Advanced

Palo Alto

Expert

AI Integrations

Expert

AWS Solutions Architect

Amazon Web Services

Azure Administrator

Microsoft

PCNSA

Palo Alto Networks

03 — Work

Selected projects

Anonymized examples across different industries and scales.

Merged

!14

Cloud Security Architecture for Enterprise

security awspalo-altoterraformvpc

Designed and implemented Security VPC architecture with Palo Alto NGFW for enterprise clients across automotive, government, and cultural sectors.

Merged

Self-Managing Jenkins Platform on AWS

ci/cd jenkinsaws-ecsjcascdocker

Fully automated Jenkins on AWS ECS with Configuration as Code. Dynamic agents, self-updating pipeline, zero-touch deployment.

Merged

Production Terraform Modules

infrastructure terraformawsopen-sourceiac

12 production-ready Terraform modules published to the Terraform Registry. Reusable networking, compute, and storage components.

Merged

GitOps Pipeline for Kubernetes

devops kubernetesargocdhelmeks

GitOps workflow with Amazon EKS, ArgoCD, and Helm. Continuous delivery for microservices with full audit trail.

Details available under NDA during consultation.

04 — Open Source

Terraform modules

Production-ready AWS modules designed to work together. Published to the Terraform Registry.

Terraform Registry

12 published modules

Complete set of AWS modules — from VPC networking to ECS container orchestration. Designed as composable building blocks.

View on Registry

Palo Alto Networks

Official contributor

Contributor to official Palo Alto Networks Terraform modules for deploying Software Firewalls on AWS.

View on GitHub

terraform graph 12 modules · 11 dependencies

View on Registry →

Networking Compute Load Balancing Storage

VPC VPC, IGW, DHCP, Flow Logs Subnets Subnets, Route Tables, tiers Sec Group Flexible SG rules NAT GW NAT, single or multi-AZ EC2 EC2 with EBS, userdata ALB ALB with listeners & rules NLB NLB configuration Routes TGW, Peering, VPN routes EIP Elastic IPs management ECS ECS Fargate & EC2 EFS EFS with mount targets Secrets Secrets with rotation

05 — About

identity

Mariusz Gebala

Cloud & DevOps Engineer

Torun, Poland · 100% Remote

profile

10+ years in IT infrastructure — from server administration and industrial automation to modern cloud solutions.

Specializing in AWS & Azure architecture, Terraform, CI/CD pipelines, and enterprise network security with Palo Alto NGFW.

Official contributor to Palo Alto Networks Terraform modules on GitHub.

stats

10+ Years in DevOps

3 Cloud Certifications

12 Terraform Modules

50+ Enterprise Deployments

links GitHub LinkedIn Terraform Registry

06 — Contact

Let's build something

Have a project in mind? I respond within 24 hours.

kontakt@haitmg.pl

Phone

+48 667 947 494

Location

Torun, Poland

100% remote

Links

GitHub LinkedIn Terraform Registry