Experience Projects Writing Gallery Visibility Resume Contact
← Case Studies

Azure | AWS | GCP | DevSecOps | Migration

IBM

IBM

Junior Tech Lead - DevOps · Navi Mumbai, India · November 2021 - February 2024

Led multi-client DevOps delivery across Azure, AWS, and GCP for H&M, Siemens, Nokia, and Südzucker, including migration planning, reusable Terraform, CI/CD, hardened images, and secure release automation.

AzureAWSGCPTerraformGitHub ActionsAzure DevOpsHelmPythonDevSecOpsOIDCCloud MigrationConfluence

Business Context

IBM client engagements required migration and DevSecOps delivery across multiple clouds for retail, manufacturing, telecom, and GCP proof-of-concept workloads.

The Challenge

Each client needed different migration paths, deployment automation, security remediation, private connectivity, and operational handover materials without losing governance or delivery consistency.

Approach & Architecture

For H&M, planned GitHub Actions and reusable Terraform modules, migrated 100+ legacy applications, automated VM, AKS, Azure Web App, and Azure Function deployments, and secured Terraform state with Azure Storage private endpoints. For Siemens, modernized dependent legacy applications with custom base images, Helm charts, Terraform modules, and OIDC-secured GitHub Actions. For Südzucker, created Azure DevOps OIDC service connections and a GCP Terraform proof of concept.

Architecture notes

H&M used reusable Terraform modules, GitHub Actions, private endpoints, Azure Storage remote state, AKS, Web Apps, Functions, Key Vault, and hardened deployment patterns. Siemens used custom base images, Helm charts, Terraform modules, and OIDC-based GitHub Actions. Südzucker used Azure DevOps OIDC service connections and Terraform modules for GCP resources.

Tools & Stack

AzureAWSGCPTerraformGitHub ActionsAzure DevOpsHelmPythonBashAKSAzure Web AppsAzure FunctionsSonarQubeCoverityKey VaultOIDCConfluence

What I Owned

  • Multi-client DevOps delivery across Azure, AWS, and GCP
  • H&M migration planning and automation for 100+ legacy applications
  • Terraform remote state, versioning, and private endpoint setup for secure internal communication
  • Python/Bash automation for dynamic GitHub Actions IP allowlisting and removal during deployments
  • DevSecOps quality gates with SonarQube, Coverity, hardcoded secret checks, and vulnerability checks
  • Architecture, SOP, SLO, SKA/knowledge, and handover documentation in Confluence

Outcomes

  • Automated cloud deployments across VM, AKS, Azure Web App, and Azure Function targets
  • Strengthened Azure infrastructure and application security with encryption, Key Vault retrieval, Azure AD app setup, and hardened deployment patterns
  • Improved release repeatability through Terraform modules, Helm charts, GitHub Actions, Azure DevOps, and OIDC connections
  • Supported operational readiness with clear documentation and handover materials

Lessons Learned

Migration programs are smoother when automation, security controls, and documentation are built together rather than treated as separate tracks.

Explore more