Defender for Cloud: How It All Fits Together

A clear breakdown of the three pillars of Microsoft Defender for Cloud: Defender Plans, MCSB, and Compliance Initiatives, and how they relate to Secure Score and the Regulatory Compliance blade.

Traefik v3 + Gateway API on K3s with cert-manager and Let's Encrypt

A practical guide to setting up Traefik v3 as a Gateway API ingress controller on K3s, with cert-manager automating Let's Encrypt TLS certificates — including the pitfalls around CRD ordering, internal port conflicts, and Gateway configuration.

The Sense and Nonsense of Azure Compliance Frameworks

A critical look at Azure compliance frameworks, exploring why green scores don't always mean secure environments and how to build meaningful security posture beyond dashboard metrics.

From ingress-nginx to AKS App Routing: A Phased Migration Guide

Learn how to migrate from the community ingress-nginx controller to Microsoft's AKS App Routing add-on with minimal downtime using a phased approach that runs both controllers side by side.

The Silent Revolution: AI and the Future of Cloud Engineering

How AI is fundamentally changing the landscape of cloud engineering, from manual work to orchestration, from execution to direction. A look at what this means for the future of the profession.

Enterprise Policy as Code (EPAC) — Managing Azure Policy Exemptions

Learn how to create, manage, and deploy Azure Policy exemptions using EPAC for compliant exceptions to your governance policies.

Enterprise Policy as Code (EPAC) — Policy Documentation

Enterprise Policy as Code (EPAC) — Structuring and Deploying Your First Policy Assignments

Enterprise Policy as Code (EPAC) — Multi-tenant management

Enterprise Policy as Code (EPAC) — Introduction & Setup Guide

Configuring Azure Firewall Rules for Managed DevOps Pools with VNET Injection

Import a VHD from a Storage Account as a Managed Disk

Safely Replacing an Azure VM OS Disk Using PowerShell