Skip to content
View f-leroy's full-sized avatar

Block or report f-leroy

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
f-leroy/README.md

Frédéric LEROY

Azure Cloud & Database Automation

MCT AZ-305 AZ-104 DP-300 SC-300 AWS

Hi, I'm Frédéric 👋

I design and run production Azure infrastructure and database platforms — with a focus on automation (Terraform + Ansible), security by design, and Oracle → PostgreSQL migrations. I open-source what I can; the rest is built the same way, privately.


What I'm building

🧱 AethronOps v3IaC stack catalogue (personal project)

  • YAML-driven generation of 10 App Service / Container Apps stacks coupled to PostgreSQL, Azure SQL, Cosmos DB, MySQL and MongoDB — on Azure Verified Modules (pinned versions).
  • Security by design: Key Vault, Managed Identity, Private Endpoints, Backup Vault; a per-stack SECURITY-POSTURE document aligned to CAF / MCSB / NIS2 / GDPR / WAF.
  • Automated build & validate pipeline: Python, Terraform 1.9+, Checkov, preflight scripts.

🗄️ db-platformmulti-engine database automation on Azure (personal project)

  • 3-layer model: Packer (image) + Terraform (infra) + Ansible (config).
  • Oracle 19c — install, CIS hardening, tuning, RMAN, Data Guard (broker + Fast-Start Failover, validated live), golden-image factory, self-verification.
  • SQL Server — validated end-to-end: Always On AG with DNN listener, TDE, hardening (18 Ansible roles, 3 infra stacks).
  • PostgreSQL 17 — dual-distro (EL9 + Ubuntu), Patroni + streaming HA, pgBackRest, air-gapped install — validated on real Azure.
  • Oracle → PostgreSQL migration — a toolkit (ora2pg + oracle_fdw) with a read-only pre-migration risk analyzer, proven end-to-end on real Azure.
  • Runs from a CI runner inside the VNet: OIDC / Managed Identity, remote Terraform state, secrets in Key Vault, GitHub Actions.

📦 Open-source

  • azure-terraform-avm-secure-stacks — 9 production-validated Azure Terraform stacks (App Service / Container Apps × PostgreSQL / SQL / Cosmos / Mongo + a shared platform baseline), apply-validated on real Azure. Apache 2.0.
  • azure-identity-admin-handbook — Production patterns for Microsoft Entra ID: Conditional Access, PIM, AiTM / token-theft / consent-phishing runbooks, hardening checklist, Graph PowerShell, KQL.
  • azure-infrastructure-guide — Breaking changes, compliance frameworks, Terraform best practices for production Azure.
  • awesome-az-305-francais 🇫🇷 — Ressources françaises pour la certification AZ-305.

🛠️ Tech

Terraform · Ansible · Packer · Azure · Oracle 19c · SQL Server · PostgreSQL · MySQL · CosmosDB · Python · GitHub Actions (OIDC) · Key Vault · Docker

Open to Azure infrastructure, database automation and Oracle→PostgreSQL migration work.

Pinned Loading

  1. azure-infrastructure-guide azure-infrastructure-guide Public

    Azure Infrastructure Guide — Breaking changes, compliance frameworks, Terraform best practices for production workloads

  2. f-leroy f-leroy Public

    GitHub profile README