Citadel DataKeep Secure Access

S3 Identity Gateway: Designed and built DataKeep, a secure HTTP service with a management UI that mapped internal Active Directory users to datasets on-premise and in AWS.
Ephemeral Data Permissions: DataKeep dynamically generated short-lived IAM credentials and routed traffic through a set of secure S3 proxies, ensuring developer workstations could query data without storing static credentials.
AWS Network Architecture: Co-designed Citadel's foundational AWS VPC topology, subnetting patterns, direct-connect links, and resource access policies.