πŸš€ Projects

Microsoft 365 OAuth Email Integration Standard

Designed a secure, vendor-agnostic Microsoft Graph email integration standard for third-party SaaS applications using Microsoft Entra ID and Exchange Online.

Implemented: June 2026

Microsoft Entra ID Microsoft Graph Exchange Online OAuth 2.0 PowerShell FastAPI Python MSAL Microsoft 365 Exchange Online RBAC
View Details β†’

Controlling High-Risk Authentication Paths in Microsoft Entra ID

Implemented Conditional Access controls to restrict high-risk authentication flows vulnerable to phishing and unmanaged device access.

Implemented: May 2026

Microsoft Entra ID Conditional Access Microsoft 365 Azure AD Sign-in Logs Zero Trust Security Model
View Details β†’

Containerized Web Application Deployment Pipeline

End-to-end CI/CD pipeline for deploying containerized web applications using either GitHub, AWS, or Azure DevOps tools.

Implemented: May 2026

AWS Azure Terraform CI/CD Load Balancers Docker Hub GitHub
View Details β†’

Google Workspace to Exchange Online Migration

Planned and executed a secure mailbox migration from Google Workspace to Microsoft 365 Exchange Online using Microsoft’s native migration tooling.

Implemented: May 2026

Microsoft 365 Exchange Online Google Workspace Google Cloud Platform Exchange Admin Center Gmail API OAuth 2.0
View Details β†’

Microsoft Teams API Integration for Automated Meeting Scheduling

Integration enabling third-party applications to programmatically create Microsoft Teams meetings.

Implemented: May 2026

MS Teams MS Graph Entra ID 3rd-party Apps
View Details β†’

Federated Socials Login via Microsoft Entra External ID (CIAM)

Cloud-based identity architecture extended to support external users through Microsoft Entra External ID.

Implemented: April 2026

Microsoft Entra ID External Entra ID Tenant SAML 2.0 Facebook Google Apple ID
View Details β†’

SSO Integration with 3rd-Party WebApps

Entra ID-based Single Sign-On integration for Enterprise Application access.

Implemented: April 2026

Entra ID SAML 2.0 Identity Federation
View Details β†’

Azure Web Application Custom URL Routing with Azure Functions Proxy

Designed and implemented a custom domain access solution for Azure-hosted web applications using Azure DNS, Function Apps, and reverse proxy routing.

Implemented: November 2023

Microsoft Azure Azure Function Apps Azure DNS Azure App Service
View Details β†’

AWS Single Sign-On Integration with Azure Active Directory

Implemented centralized SAML-based authentication between Azure Active Directory and AWS multi-account environments using AWS SSO and automated identity provisioning.

Implemented: June 2022

AWS SSO Azure Active Directory SAML 2.0 SCIM Provisioning AWS IAM AWS Organizations
View Details β†’

Active/Passive Disaster Recovery Architecture Across AWS Regions

Designed and implemented a multi-region Active/Passive disaster recovery strategy to improve business continuity, service resilience, and recovery readiness for critical cloud workloads.

Implemented: June 2022

AWS Multi-Region Architecture Amazon S3 Amazon EC2 Disaster Recovery Strategy AWS Networking Failover Design Business Continuity Planning
View Details β†’

Multi-Account AWS Network Architecture with Centralized VPN Connectivity

Designed and implemented a segmented AWS multi-account network architecture with centralized connectivity, secure remote access, and shared transit routing.

Implemented: June 2022

AWS VPC AWS Transit Gateway AWS Client VPN AWS Site-to-Site VPN AWS Multi-Account Architecture
View Details β†’

AWS CI/CD Pipeline for Containerized Application Deployment

Designed and implemented an automated CI/CD pipeline on AWS to build, package, and deploy containerized applications across cloud environments.

Implemented: June 2022

AWS CodePipeline AWS CodeBuild AWS CodeDeploy AWS Fargate Amazon ECR
View Details β†’

AWS Static Website Hosting and Secure Web Application Deployment Architecture

Designed and deployed a scalable AWS-hosted web application platform combining static website hosting, containerized workloads, CDN delivery, and layered security services.

Implemented: June 2022

Amazon S3 Amazon Route 53 Amazon CloudFront AWS WAF Amazon ECS
View Details β†’

Enterprise Wi-Fi Authentication Platform using Microsoft NPS, RADIUS, and 802.1X EAP-TLS

Implemented a certificate-based enterprise wireless authentication platform using Microsoft NPS and RADIUS to satisfy fintech security and compliance requirements.

Implemented: January 2022

Microsoft NPS RADIUS 802.1X EAP-TLS Active Directory Wireless Access Points Windows Server Enterprise LAN Architecture
View Details β†’

AWS Transit Gateway Deployment for Multi-Account VPC Connectivity

Designed and implemented a centralized AWS Transit Gateway architecture to provide secure, scalable connectivity across multiple AWS accounts and VPC environments.

Implemented: November 2020

AWS Transit Gateway Amazon VPC AWS Organizations Route Tables VPC Attachments AWS Networking AWS RAM
View Details β†’

Centralized AWS CloudWatch Monitoring for Multi-Account Cloud Environments

Implemented a centralized monitoring and observability platform using Amazon CloudWatch to provide unified visibility across multiple AWS accounts and regions.

Implemented: August 2020

Amazon CloudWatch AWS Organizations IAM CloudWatch Dashboards CloudWatch Alarms AWS Monitoring Multi-Account AWS Architecture
View Details β†’

Microsoft Entra ID and AWS IAM Federation for Multi-Account Single Sign-On

Implemented federated identity and Single Sign-On (SSO) between Microsoft Entra ID and AWS IAM to provide centralized access management across a multi-account AWS environment.

Implemented: August 2020

Microsoft Entra ID AWS IAM SAML 2.0 AWS Organizations AWS Control Tower RBAC Identity Federation
View Details β†’

AWS Site-to-Site VPN Integration for Secure Fintech Partner Connectivity

Designed and implemented a secure AWS Site-to-Site VPN solution to enable encrypted communication between AWS-hosted services and third-party Fintech partner networks.

Implemented: July 2020

AWS Site-to-Site VPN Amazon VPC Virtual Private Gateway (VPG) Customer Gateway (CGW) IPSec IKE AWS Networking
View Details β†’

AWS Control Tower Landing Zone Deployment for Multi-Account Fintech Operations

Designed and implemented an AWS Control Tower landing zone spanning 20 AWS accounts and 17 isolated environments to support secure, compliant, and scalable fintech operations across multiple business units and countries.

Implemented: March 2020

AWS Control Tower AWS Organizations AWS Transit Gateway AWS Security Hub AWS CloudTrail Amazon VPC IAM AWS Landing Zone Architecture
View Details β†’

Enterprise Active Directory Infrastructure Deployment for Identity and Device Management

Designed and implemented a centralized Active Directory infrastructure to provide identity management, authentication, device administration, and security policy enforcement across the enterprise.

Implemented: May 2019

Microsoft Active Directory Windows Server DNS Group Policy Active Directory Domain Services Windows Endpoints
View Details β†’

Enterprise LAN Topology Upgrade with Sophos Firewall Integration

Migrated a legacy 2-tier LAN architecture to a scalable 3-tier network design with centralized security enforcement using Sophos Firewall.

Implemented: May 2019

Sophos Firewall VLANs Layer 2 Switching Layer 3 Routing Network Segmentation Enterprise LAN Architecture
View Details β†’

Resilient Small Business Network Infrastructure Deployment

Designed and implemented a secure dual-WAN office network infrastructure with centralized firewall management and scalable wireless connectivity.

Implemented: November 2017

Firewall Switching Routing Subnetting IPS
View Details β†’

Read-Only Domain Controller (RODC) Deployment for Distributed Authentication Resilience

Implemented a Read-Only Domain Controller (RODC) solution to improve authentication availability, reduce branch-site dependency on core infrastructure, and strengthen Active Directory security.

Implemented: July 2016

Microsoft Active Directory RODC Windows Server Active Directory Domain Services DNS Group Policy Enterprise Identity Infrastructure
View Details β†’
© 2026 AK Techno Services Ltd.
Developed by AK Udofeh using Astrofy