If you want to control where Azure AI model inference can run, blocking only Global deployments is a good start, but it is not the full governance story. In many environments, the real requirement...

Corrected policy The original logic had two issues. First, ipRangeContains cannot be used as a policy operator here, it must be evaluated as a function inside a value expression. Second, the curre...

If your organization operates in Europe, using Azure AI is not only a technical decision. It is also a data residency decision. This matters a lot when teams start deploying models in Azure AI Fou...

The VM access always a pain point in Enterprise environments, mostly when we talk about productive environments. Until now, the username and password were the primary method for accessing Azure VMs...

I summarized the corrected, error-free PowerShell command sequence based on the latest Microsoft Graph SDK (v2+) syntax. This process creates the application, assigns the Sites.Selected permission,...

In Preview, Microsoft just presented a new feature to restrict SPN access to specific tenants. If you’ve ever managed a multi-tenant app, you know the struggle. Usually, “multi-tenant” is an all-or...

I beleive, one of the most important things the good userexperience. We should build the world best architected solutions, but if the user experience is bad, nobody will use it. When I build a solu...

Time to time I loose access to different tenants. We finish projects, we move on to other projects, and sometime I forget that tenant my default tenant. So when I open the Azure portal, I am in a l...

To restrict Multifactor Authentication (MFA) registration so it can only be completed from managed, trusted devices, create a Microsoft Entra Conditional Access policy that targets the “Register se...

I often start with a quick recap when discussing Entra device join types with colleagues or customers, so I decided to write it down for future reference. This article compares the three most comm...