Skip to content
View VikramBabariya's full-sized avatar

Block or report VikramBabariya

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
VikramBabariya/README.md

Vikram Babariya

Cloud & DevSecOps Engineer | Site Reliability Engineering (SRE)

📍 Gujarat, IN | ☁️ AWS Certified Cloud Practitioner | 🌐 vikram-sre.dev | 💼 LinkedIn


⚙️ Operational Mandate

Cloud & DevSecOps Engineer transitioning from a Python backend foundation to high-availability infrastructure. Specializes in architecting zero-trust AWS serverless ecosystems, enforcing immutable CI/CD delivery pipelines, and applying Shift-Left SRE quality gates to strictly reduce Total Cost of Ownership (TCO) and Mean Time To Recovery (MTTR).

🏗️ Architectural Competencies

  • Cloud Infrastructure & Security: AWS (IAM, S3, API Gateway, DynamoDB, Lambda), OIDC Identity Federation, Zero-Trust Network Segmentation.
  • Pipeline Automation & DevSecOps: GitHub Actions, Multi-Stage Docker Builds, Container Hardening (PoLP, Non-Root), Semantic Validation (ajv-cli, yamllint).
  • FinOps & Observability: AWS CloudWatch, Budget Hard-Capping (₹500 INR/mo limit enforcement), Immutable Infrastructure Patterns.
  • Backend Execution: Python, Node.js, FastAPI, Django, PostgreSQL.

🚀 Flagship Infrastructure

  • Architecture: Serverless AWS delivery pipeline enforcing blast radius containment via OIDC identity federation, completely deprecating vulnerable, long-lived IAM keys.
  • Outcome: Guaranteed flawless artifact hygiene and zero-downtime delivery utilizing idempotent S3 state synchronizations and automated CloudFront edge network invalidations.
  • Architecture: Multi-tier Docker bridge networking enforcing zero-route database isolation, restricting PostgreSQL access to the backend tier via explicit network topology.
  • Outcome: Slashed production Docker artifacts by 90% (3.5 GB → 364 MB) utilizing multi-stage builds and enforcing the Principle of Least Privilege (PoLP) across all container runtimes.

🔄 Current Architectural Sprint

Actively architecting the AWS cloud deployment for the containerized Inventory System. Enforcing rigorous VPC subnetting logic (RFC 1918) and mapping explicit NAT Gateway routing paths to guarantee strict private database isolation prior to provisioning production compute.


Executing idempotent infrastructure, absolute cost governance, and zero-trust delivery.

Pinned Loading

  1. zero-trust-rac-platform zero-trust-rac-platform Public

    An SRE-hardened Zero-Trust RaC Delivery Platform leveraging OIDC federation and idempotent CI/CD to mathematically enforce blast radius containment and the Principle of Least Privilege (PoLP) at th…

    Jinja 1

  2. inventory-system inventory-system Public

    Containerized inventory platform built with a production-grade, security-first architecture. Demonstrates multi-tier Docker network isolation, an immutable ledger pattern for audit-safe stock track…

    Python 1