Tag: Azure

Designing Safe Azure App Registration Secret Rotation (With Guardrails)

Automating Azure App Registration secret rotation is often discussed as a best practice, but implementing it safely is where the real challenge begins.

In many Azure environments, client secrets are stored in Azure Key Vault, expiry alerts are configured, and operational processes are defined. From a governance perspective, everything appears under control.

But monitoring secret expiration is not the same as designing a safe, deterministic rotation model.

Recently, I worked with a customer who had a mature Azure environment.

They had:

  • Azure Key Vault properly configured
  • Monitoring in place for secret expiry
  • Clear ownership of application registrations
  • Good operational discipline

So this wasn’t a “wild west” environment.

The problem was different.

Continue reading “Designing Safe Azure App Registration Secret Rotation (With Guardrails)”

Building an Azure “Super-Assistant” with Azure MCP (Preview)

Introduction

AI assistants for Azure are everywhere right now. Most of them fall into one of two categories:

  • Chatbots with documentation knowledge, but no access to your environment
  • ChatGPT + Azure CLI wrappers, which still require credentials, tokens, and a lot of trust

I wanted to explore something different:

Can we build a genuinely useful Azure assistant that can see my environment, query real data, and still be safe by design?

Continue reading “Building an Azure “Super-Assistant” with Azure MCP (Preview)”

Azure Health Check – A Free Script to Audit and Visualise Cloud Hygiene

Are you running Azure subscriptions and want a quick, human-friendly overview of your governance, compute, storage, network and Key Vault hygiene?
The Azure Health Check PowerShell script gives you exactly that — scanning multiple subscriptions, flagging weak spots, and producing a clean interactive HTML report (with charts!).

Why this matters

Large and growing Azure estates can easily drift into insecure or unsupported configurations: unprotected VMs, public storage blobs, missing resource locks, orphaned disks, exposed network ports — all of which can lead to security, availability or compliance issues.

Yet manually auditing each subscription is time-consuming. That’s where automation helps. With this script, you get a multi-subscription health summary, scored, visualised and exportable — ideal for periodic reviews, customer readiness checks, or even compliance audits.

Continue reading “Azure Health Check – A Free Script to Audit and Visualise Cloud Hygiene”

I Became a Microsoft MVP — A Personal Milestone in My Azure Journey

Today, I want to share something very special and meaningful for me — I have been recognised as a Microsoft MVP in Azure Compute Infrastructure.

For those who don’t know, the Microsoft MVP programme recognises people who contribute to the technical community through knowledge-sharing, guidance, content creation, support, mentoring, and helping others grow.

This became part of who I am many years ago.

Continue reading “I Became a Microsoft MVP — A Personal Milestone in My Azure Journey”

Azure Private Link Service Direct Connect – Simplified Private Connectivity (Public Preview)

Azure Private Link Service (PLS) has long been the go-to option for exposing your services privately to consumers across Azure — ensuring that traffic never crosses the public internet.
Until recently, this required a Standard Load Balancer to sit in front of your service. That setup worked well, but it added complexity and limited flexibility, especially in hybrid or custom routing scenarios.
Now, with Private Link Service Direct Connect, Microsoft has simplified the model. You can route traffic directly to any privately routable IP address, removing the dependency on load balancers altogether.
This new feature opens the door to several use cases — from simplifying secure hybrid connections to enabling private access to third-party SaaS and appliances.

Continue reading “Azure Private Link Service Direct Connect – Simplified Private Connectivity (Public Preview)”