Cloud FinOps · Infrastructure · AI Automation
Executive profile & consulting → siebert.cv
GitHub is my technical workspace — code, architecture, issues, and reproducible experiments.
For CV, consulting, publications, and the full story: siebert.cv (DE/EN).
| Project | What it does |
|---|---|
| Tender Agent | Multi-agent EU procurement pipeline — LangGraph, Grok (xAI), human-in-the-loop chapter drafting. Private while in production use; context on siebert.cv. |
| Repo | What it does |
|---|---|
| AWS_grocery | Terraform AWS stack — immutable EC2 rollouts, RDS, CI/CD deployment |
| InstaScraper | Modular scraping with proxy rotation, scheduling, SQLite persistence |
| GitHub-Stats-Visualization | Custom language & activity charts for GitHub profiles |
Other production work (layered-infra, FinOps Lambdas, siebert.cv codebase) stays private — architecture walkthroughs on request.
| Area | Tools |
|---|---|
| Cloud & IaC | AWS, Terraform, Docker, VPC, RDS, Lambda, IAM/OIDC |
| FinOps | Cost Explorer, tagging governance, budgets, auto-stop, right-sizing |
| Engineering | Python, TypeScript, Next.js, PostgreSQL, Playwright |
| AI & automation | LangGraph, Grok, n8n, Obsidian workflows, document pipelines |
| Edge & ops | Caddy, WireGuard, SSH+mTLS, GitHub Actions, k6, Terratest |
Private AWS environments I design around a split edge + app plane — TLS at the edge, east-west traffic in private subnets, FinOps jobs on the control plane:
CI/CD · Control · Data plane (click to expand)
CI/CD PLANE CONTROL PLANE
+------------------+ | +------------------------------+
| Devs / QA | | OIDC trust | IAM / KMS / SSM |
| pull requests | ----> | assumption policy | - Roles for CI & EC2 |
+------------------+ | | - KMS keys for SSM |
v | - SSM params (registry/app) |
+------------------------+ +------------------------------+
| GitHub Actions Runner |
| - Artifact build | DATA PLANE
| - Push to Registry | (east–west & north–south)
+-----------+------------+
|
| HTTPS push/pull (443)
v
============================== AWS VPC (10.0.0.0/16) ====================================
| Public Subnet (10.0.1.0/24) Private (10.0.2.0/24) |
| |
| +------------------------------------------+ mTLS/HTTPS proxy +---------------+ |
| | Edge VM | <------------------------ | App VM | |
| | - Caddy (TLS termination, SNI routing) | | - App | |
| | - Split Registry (ext/int DNS) | outbound through NAT | - PgBouncer | |
| | - NAT (masquerade, src/dst check off) | -----------------------> | - Postgres | |
| | - WireGuard (51820/UDP admin plane) | +---------------+ |
| | - UFW default-deny; fail2ban sshd | |
| +------------------------------------------+ |
=============================================================================================
| | | |
v v v v
Route53/NS TLS issuance SSM param reads FinOps jobs
(A/ALIAS) (internal CA or (pull credentials & (Auto-Stop, Office Hours,
ACME public) runtime config) Orphaned Cleanup, Budgets)
| If you want to… | Go here |
|---|---|
| EU tenders + multi-agent AI | siebert.cv/projects — Tender Agent (private flagship) |
| Infra & FinOps patterns | Reference architecture below |
| Consulting / freelance | siebert.cv/consulting |
| Clone & explore code | Public repos above — e.g. AWS_grocery, InstaScraper |
| Full CV, projects, publications | siebert.cv |
Architecture or EU-tender workflow questions → consulting or email. Code feedback → issues on the public repo that fits.
- Consulting: cal.com/daniel-siebert-for-you
- LinkedIn: daniel--siebert
- Email: daniel@siebert.cv
- Issues & PRs: preferred for anything code-related
Last updated: July 2026



