Projects
A mix of client engagements, internal tools, and open source. Some details are abstracted to respect NDAs.
Designed and deployed a secure Azure landing zone with hub-spoke networking, policy-driven governance, and centralized logging for a multi-subscription enterprise.
Lifted and reshaped legacy workloads into Azure — VMs, file shares, and a SQL estate — with minimal downtime and a clean cutover plan.
Built reusable GitHub Actions workflows and Terraform modules for client teams to ship Azure infrastructure changes safely and consistently.
A growing collection of PowerShell modules to kill repetitive consultancy tasks: bulk Entra ID user ops, tenant audits, resource tagging sweeps, and 'why is this RG still here?' cleanup scripts.
Opinionated, reusable Bicep modules for the patterns I deploy most: networking, Key Vault, storage with private endpoints, and monitoring. Less copy-paste, more shipping.
Production-ready AKS setup with private cluster, ingress, secrets management, and observability baked in from day one.
Personal AWS lab environment to study for the SAA-C03: VPCs, IAM patterns, Lambda, and CloudFormation experiments.
OCI tenancy used to explore compartments, networking, IAM, and compute as part of the Foundations Associate prep.