Executive summary
I built a modular infrastructure-as-code platform with Terraform and Ansible spanning AWS, Azure, and GCP — replacing manual, drift-prone provisioning with reproducible, secure landing zones that cut manual configuration effort by 50% and cloud cost by 30%.
The problem
- Provisioning was manual and inconsistent across three cloud providers, causing configuration drift and slow environment stand-up.
- Inconsistent environments made security and compliance hard to verify.
- Over-provisioned, untracked resources drove up cloud spend.
The solution
- Built reusable Terraform modules and Ansible roles to codify highly available, secure architectures across AWS, Azure, and GCP.
- Centralized remote state and standardized environments to eliminate drift and make changes reviewable.
- Applied right-sizing and automation to reduce cloud cost while preserving reliability.
- Baked security defaults (IAM, network segmentation) into the modules so every environment starts hardened.
Technical architecture
How the system fits together - each layer reflects technology used on the real build.
IaC core
Reusable modules & remote state
Configuration
Provisioning & config management
Cloud providers
Highly available landing zones
Governance
Security defaults & cost controls
Engineering challenges
One platform, three clouds
Abstracting provider differences into clean, reusable modules without leaking complexity to the teams consuming them.
Eliminating drift
Centralized state and disciplined workflows were essential to keep environments identical and auditable.
Cost without compromise
Right-sizing and automation had to cut spend while holding availability and security targets.
Outcomes & impact
Less hands-on configuration through automation.
Savings from right-sizing and automation.
Consistent, auditable across AWS, Azure & GCP.
IAM and segmentation baked into modules.