Santhosh Kumar J
Platform & Cloud Engineer and SRE with 14+ years building and operating cloud-native platforms on AWS, Azure, and GCP for systems serving 10M+ users.

By the numbers
14+
Years of experience
50+
Production Kubernetes clusters managed
10M+
Users served by our platforms
99.9%
Availability sustained
Blogs
View allFrom branch to production: automating multi-environment deployments with GitHub Actions and Argo CD on EKS
How I run 20+ developer environments plus testing, staging and production across two AWS accounts with one standalone deploy-pipeline repo whose workflow every microservice reuses — GitHub Actions building images, self-hosted runners reaching private EKS, and per-cluster Argo CD doing the syncs. On-demand dev deploys, auto-drafted releases and a branch-to-production promotion flow that never rebuilds the artefact.
Building a Kubernetes operator in Go: automating SPIFFE workload registration
In the previous post I registered SPIFFE entries by hand with spire-server entry create. Here I build the Kubernetes operator that automates it — a controller-runtime reconciler that watches Deployments and registers them with the SPIRE Entry API, finalizer cleanup and Prometheus metrics included.
Implementing zero trust workload identity with SPIFFE/SPIRE on Kubernetes
Static API keys and shared secrets don't scale, and they all hit the Secret Zero problem. Here's how SPIFFE and SPIRE give every workload a short-lived, attested identity on Kubernetes — with production manifests, go-spiffe mTLS and the operational reality of running it.
GitHub Contributions
132 in the last yearImpact
FinOps governance
Rightsizing, autoscaling, Reserved Instance planning and Karpenter-based Spot optimisation across customer platforms.
35%
cloud costs cut
GitOps delivery
GitOps-driven deployment pipelines built with Argo CD, GitHub Actions, Jenkins and Azure DevOps.
80%
less deploy effort
Infrastructure as Code
Terraform, Kustomize and CloudFormation standards rolled out within 2 months — eliminating configuration drift.
70%
less provisioning
Self-service platform
Developer environments orchestrated in shared Kubernetes clusters with Argo CD and GitHub Actions.
20+
dev environments
Observability adoption
Self-hosted LGTM stack ingesting 20 GB of logs a day and 10M metric series — at 50% lower cost than managed tooling.
15+
teams onboarded
DevSecOps programmes
Vulnerability remediation and CIS-aligned security baselines across 10+ customer environments.
50+
CVEs resolved