Modern biomedical informatics requires secure computing infrastructures that balance regulatory compliance with operational efficiency. However, automation frameworks addressing regulatory constraints remain underdeveloped in healthcare computing domains. Regulatory mandates traditionally impede DevOps adoption within federally regulated institutions, where manual deployment processes consume excessive operational capacity while introducing configuration inconsistencies. This research presents a novel compliance-aware automation framework that integrates security validation, policy enforcement, and audit trail generation directly into deployment workflows. The framework employs modular pipeline architecture enabling independent component evolution while maintaining system coherence. Infrastructure-as-Code principles codify specifications in version-controlled templates supporting automated policy validation. Declarative configurations eliminate drift through continuous reconciliation comparing actual states against approved specifications. Automated security scanning occurs at multiple pipeline stages including static code analysis, container image validation, and configuration verification. Policy-as-code frameworks transform organizational policies into machine-readable specifications enabling programmatic compliance verification. The originality of this work lies in treating compliance as an architectural enabler rather than an external constraint, fundamentally transforming how regulated biomedical computing infrastructures achieve modernization without compromising auditability or data protection requirements essential for regulated domains.