Introduction In this blog I’ll detail how you can create custom resource set definitions (Azure Policy initiatives) from the Azure Monitor Baseline Alerts (AMBA) resources via Enterprise Policy as Code (EPAC). For those unfamiliar with AMBA – it’s a fantastic initiative by Microsoft that provides recommended metrics and monitoring guidelines for your Azure estate – …
What is deployment stacks? Azure Deployment Stacks allow you to manage a set of resources under one roof by defining a Bicep file within stack management. Deployment Stacks build upon and enhance the current deployment methods. Additionally, Deployment Stacks represent the evolution of Azure Blueprints – something many of you may already be familiar with …
Introduction A quick blog to demonstrate a solution for enforcing that Log Analytic Workspaces in your environment are created with a daily quota property value set. This can be useful if you want to guardrail against workspaces created without this value set, which can in some instances can help stop incurring large ingestion costs unexpectedly. …
Introduction I’ve been diving deep into API Management policies and exploring security around API access recently. It became clear that subscription keys are not secure—they can be easily stolen and used indefinitely if not regularly rotated. With this in mind, I thought it would be useful to outline one of the many ways to secure …
What is APIOps? APIOps is the process of applying DevOps to the Azure API Management (APIM) service. By applying this concept to APIM, you can bring your APIs into version control, and most of the operations that were once done in the Azure Portal can now be achieved through code using CI/CD pipelines with APIOps. The benefits of this method of working …
Introduction – Private Azure DevOps agent If you’re using Azure DevOps as your source control and deployment tooling, you may need to perform CI/CD to Azure resources that have no public access and are on private endpoints. This can pose a particular challenge, as unlike GitHub private runners, which can natively run within the private …
Introduction On May 30th, 2024, Microsoft announced Azure Bastion Premium, featuring the highly anticipated session recording capability. This feature, long requested since Bastion’s general availability in November 2019, marks a significant enhancement. In my view, session recording is an essential addition to Bastion, as it provides superior compliance and security. It enables the direct recording …
In this post, I’ll deep dive Azure Lighthouse from onboarding methods, best practices, lessons learnt and everything in between.
Introduction If you’re trying to deploy Azure SQL Managed Instance in Azure via Azure Bicep you may have stumbled across this ‘Network Intent Policy’ error when trying to redeploy your Azure Bicep template. The problem doesn’t present itself on your first deployment yet when trying your template again this error is present. It seems if …
Just a quick post about Azure Lean Coffee, hosted by Daniel McLoughlin and Rukaya Ogazi-Khan which is streamed live monthly covering a range of discussion topics on Azure of which I was fortunate enough to get involved in their latest episode. In this months episode I was joined along side Michael Durkan and Jeevantika Lingalwar …