Hrvoje (Henry) Tonkovac
Verified Expert in Engineering
DevOps and AWS Developer
Henry is a Certified AWS Solutions Architect, Red Hat Administrator, and Kubernetes Administrator. He excels at DevOps, cloud, and distributed systems and has implemented a complete AWS infrastructure with real-time data streaming and an anonymization ETL pipeline. With extensive development, system administration, and consulting experience, Henry works to the highest standards and tackles specific implementation details, including back-end and infrastructure code.
Amazon Web Services (AWS), Kubernetes, Visual Studio Code (VS Code), MacOS, Integration
The most amazing...
...complete AWS infrastructure I've implemented was for a real-time data streaming and anonymization ETL pipeline from MySQL into a data warehouse.
Fortune 100 Insurance Company
- Deployed a multi-regional Zero-trust Azure landing zone using Terraform. This included configuring Azure Firewall, Web Application Firewalls, zoned network architecture, and on-premise connection. This ensured secure onboarding into the cloud.
- Led the initiative to decommission legacy automation Go tooling. This greatly improved code maintainability and speed of onboarding new engineers and reduced the memory consumption of hourly jobs by over 90%.
- Developed many Terraform modules for use through a self-service developer portal. Enabling developers to provide legal and security-compliant Azure Databases, Web Apps, Storage Accounts, etc.
- Implemented many features and fixed many bugs in an internal Go automation codebase. Most notably, an in-house terraform provider for a cloud API and a custom terraform CLI wrapper (similar to Terragrunt).
- Ensured continuous compliance monitoring by writing automated tests and implementing automated security scanning of Terraform modules.
- Designed and implemented a DNS solution utilizing dnsmasq as a conditional forwarder, enabling DNS resolution between onPrem and Cloud.
- Led the upgrade process of a multi-terabyte MySQL database from version 5.5 to version 5.7. Ensured high availability and an upgrade with minimum downtime. Improved the backup system by using physical back-ups, reducing MTTR by two weeks.
- Designed and implemented the complete infrastructure for an ETL pipeline that anonymized customer data and fed it into a data warehouse in real-time. Fully managed CI/CD and IaC for the project. Ensured perfect environment isolation and parity.
- Cut down AWS costs by over 30% across the organization by carefully analyzing the AWS bills, utilizing reserved instances where appropriate, and removing unused infrastructure.
- Released an application's complete AWS infrastructure and CI/CD processes consisting of half a dozen microservices hosted on AWS ECS and backed by a MongoDB replica set. Ensured high availability and full observability.
- Implemented an authentication and audit system using AWS Systems Manager, Bash, and AppArmor. The system allowed certain users access to production servers without having access to PHI data and ensured user auditability actions on the servers.
Node.js Back-end Developer
- Developed both Dockerized and serverless PHP and Node.js microservices. Implemented a Geolocation microservice using PostGIS and Node.js.
- Developed CI/CD pipelines with Docker and GitLab. Ensured smooth and fast deployments to UAT and production.
- Managed the complete AWS infrastructure with Terraform and CloudFormation.
Detecon International, GmbH.
- Supported partners in the research and presentation of different telecommunications architectures focused on introducing big data, cloud, machine learning, and DevOps concepts in the telecommunications space.
- Shadow-called and provided on-site support in multiple high-stake sales pitches and RFQ processes in telecommunications.
- Attended SAFe (Scaled Agile Framework) and proposal writing training.
- Led a team of students in a startup competition. This included research on both the technical and business sides and the societal impact of new developments in smart grocery stores.
PHP Back-end Developer
- Developed several web applications with an MVC in the Zend Framework (PHP) and Doctrine ORM (MySQL). Wrote object-oriented server-side code and SQL queries.
- Deployed LAMP stack applications manually to on-premises servers. Configured Apache, NGINX, and PHP applications.
- Introduced Docker containerization technology to improve the process of application deployment. Prior to this, version mismatches have sometimes delayed production deployments for up to two weeks.
- Migrated complex data sets to improved database schema by writing PHP data migration scripts.
- Collaborated within a multinational team where all communication was conducted in English.
Android Application Test Laboratory
College Schedule Google Calendar Automation
Many university students had trouble organizing their schedules since the course schedule was released only a week up-front. If the students wanted to use a calendar (e.g., Google Calendar), they had to manually import every event every week (which took more than a hundred manual mouse clicks).
The application had over a hundred users from my university and was in active development for over a year. In the end, it served as a basis for my Bachelor's degree and has motivated the university to implement a proper solution due to the applications' overwhelming popularity and benefit.
AWS HA, Hadoop
Jenkins Pipeline, Node.js, Terragrunt, Google Cloud API, Google Calendar API, Google Maps API, POSIX, Metadata API, Azure Active Directory Graph API
Amazon Virtual Private Cloud (VPC), Terraform, AWS IAM, Azure Web Application Firewall, Git, GitHub, AWS Deployment, Azure Key Vault, Postman, Amazon Elastic Container Registry (Amazon ECR), Azure Kubernetes Service (AKS), Azure Network Security Groups, Docker Hub, Ansible, GitLab CI/CD, Jenkins, Grafana, NGINX, Apache, AWS ELB, Amazon EKS, AWS CloudFormation, GitLab, Google Kubernetes Engine (GKE), Bitbucket, Amazon Elastic Container Service (Amazon ECS), Helm, Kafka Streams, VPN, Amazon CloudWatch, AWS Fargate, Beanstalk, Chef, Puppet, AWS Simple Notification Service (SNS), Azure Active Directory B2C (ADB2C), CircleCI
Continuous Delivery (CD), Continuous Integration (CI), DevOps, REST, Azure DevOps, OLAP, Microservices, Microservices Architecture, Gang of Four (GOF) Design Patterns, ETL, Web Application Architecture, DevSecOps, Serverless Architecture, HIPAA Compliance, Role-based Access Control (RBAC), ABAC
Kubernetes, Linux, Docker, Amazon Web Services (AWS), Azure, Apache2, AWS ALB, Azure PaaS, Unix, Ubuntu, Amazon EC2, Google Cloud Platform (GCP), AWS Lambda, New Relic, OpenShift, Apache Kafka, Azure Event Hubs, Red Hat OpenShift, Blockchain, Android, Azure IaaS
Amazon S3 (AWS S3), Azure Blobs, PostGIS, Azure SQL, OLTP, DB, MySQL, MongoDB, LokiJS, PostgreSQL, Data Pipelines, Databases, Google Cloud, Amazon DynamoDB, NoSQL, Datadog, Database Security, Azure Active Directory, Microsoft SQL Server, Azure SQL Databases, Redis Cache, Azure Cosmos DB, Azure Cloud Services, Redis
ECS, Site Reliability Engineering (SRE), Identity & Access Management (IAM), Kubernetes Administration, Microsoft Azure, CI/CD Pipelines, Cloud Infrastructure, Infrastructure, Infrastructure as Code (IaC), Azure Virtual Networks, Web Application Firewall (WAF), Containers, Secure Containers, Containerization, GitOps, Git Flow, Deployment, System Administration, Container Orchestration, DevOps Engineer, ARM, CORS, Cloud Services, Cloud, APIs, Pipelines, Shell Scripting, Azure Virtual Machines, Load Balancers, Web Development, IT Networking, Linux Administration, Distributed Systems, Operating Systems, Prometheus, Serverless, Cloud Computing, Monitoring, Zero Trust, Google Container Engine, Amazon RDS, Infrastructure Monitoring, Scalability, Cloud Security, Web Security, Red Hat Certified System Administrator (RHCA), Cloud Architecture, Architecture, Azure Data Lake, Google Calendar, Argo CD, AWS DevOps, Pulumi, OWASP Top 10, OWASP, Azure Data Factory, Data Warehousing, Amazon Kinesis, Cloudflare, Content Delivery Networks (CDN), Amazon Route 53, AWS Cloud Architecture, Application Security, ELT, Integration, Data Analysis, AWS Certified Solution Architect, DNS, API Gateways, SSL Certificates, Digital Certificates, Networking, Firewalls, Proxies, Azure Storage, OAuth, Networks, Jira Administration, AWS Cloud Development, AWS Cloud Development Kit (CDK), Big Data, SecOps, Metadata, Active Directory Federation, Active Directory Synchronization, Single Sign-on (SSO), SCIM, User Management, User Roles, AWS Transit Gateway, Data Engineering, NixOS
IT Security, Network Security, Telecommunications, Security, Cybersecurity
Bachelor's Degree in Computer Science
Faculty of Electrical Engineering, Computer Science and Information Technology Osijek - Osijek, Croatia
Microsoft Certified: Identity and Access Administrator Associate
Certified Kubernetes Security Specialist
The Linux Foundation
Certified Kubernetes Administrator
The Linux Foundation
AWS Certified Solutions Architect Associate
Red Hat Certified Systems Administrator