Ignite 2025 just wrapped up, and while the headlines are screaming “AI Agents,” I’m actually relieved to see a ton of solid, “meat and potatoes” infrastructure updates. Yes, AI is cool, but if your...

As everyone know, Microsoft forced MFA for every user who want to access Azure portal. From my side I absolutely agree with this direction, I would say it is a must have for everyone. If you use on...

FinOps first step: create an assessment. Easy to say but if your organization has hundreds of subscriptions, you can’t do it manually. That’s why I wrote a KQL query that calculates how many CPUs y...

Continuing the Service Endpoint Policy Improvement series with an Azure Policy: this time, I want to enforce that whenever users enable a Storage Account service endpoint on a subnet, they must als...

With a service endpoint policy, you can limit access to Storage accounts. When you enable a service endpoint on a specific subnet, only the Storage accounts allowed by the policy are reachable. By ...

The Service Endpoint vs. Private Endpoint debate is a never ending story. I believe both have their place in the Azure ecosystem, and I use both, as each has its own advantages and disadvantages. I...

I just migrated my VPN from OpenVPN to Global Secure Access (GSA), so I thought I would share my experience with you. One of the most important things for me is to reach my HomeLab and Azure resour...

In Azure, we have “Virtual Network”, which is a software-defined network. With this network, you can do many things, including creating a Service Endpoint. A Service Endpoint allows you to extend y...

Did you know that you can use a central certificate for your Azure Application Gateway? You don’t need a Key Vault in every subscription—you can use a central Key Vault in a central subscription an...

Azure PostgreSQL Flexible Server is a fully managed database service that allows you to run, manage, and scale PostgreSQL databases in the cloud. It provides built-in high availability, automated b...