Cloud

Entra Workload Identity on AKS: No More Secrets

Learn how to eliminate Kubernetes secrets by configuring Entra Workload Identity on AKS using OIDC federation, with Bicep and Terraform IaC examples.

Adam Bertram 10 min. read

Fix Azure Cost Reporting with a FinOps Tagging Strategy

Build an Azure resource tagging taxonomy, enforce it with Azure Policy, and automate remediation of untagged resources to enable accurate FinOps cost allocation and chargebacks.

Adam Bertram 8 min. read

Azure

Secure Azure OpenAI Deployments for the Enterprise

Learn how to deploy Azure OpenAI securely for enterprise use: configure private endpoints, replace API keys with Managed Identities, set up content filtering policies, and build comprehensive audit logging with Azure API Management.

Adam Bertram 5 min. read

Automate SOC 2 Compliance with PowerShell and Azure

Learn how to use Azure Policy, the EPAC framework, and PowerShell to automate SOC 2 compliance evidence collection, enforce controls across subscriptions, and build a continuous audit trail.

Adam Bertram 8 min. read

Entra Workload Identity on AKS: No More Secrets

Learn how to eliminate Kubernetes secrets by configuring Entra Workload Identity on AKS using OIDC federation, with Bicep and Terraform IaC examples.

Adam Bertram 10 min. read

Avoid Entra ID Lockouts: Migrate Legacy MFA Policies

Learn how to migrate legacy MFA and SSPR policies to the unified Entra ID Authentication Methods policy, including audit, NPS extension fixes, and validation.

Adam Bertram 8 min. read

Azure

Secure Azure OpenAI Deployments for the Enterprise

Learn how to deploy Azure OpenAI securely for enterprise use: configure private endpoints, replace API keys with Managed Identities, set up content filtering policies, and build comprehensive audit logging with Azure API Management.

Adam Bertram 5 min. read

Microsoft 365 E7: Is the $99/User Price Tag Worth It?

Evaluate whether Microsoft 365 E7's $99 price justifies Agent 365 governance using PowerShell scripts to assess Copilot usage and automation risk exposure.

Adam Bertram 7 min. read

Stop Shadow AI with Microsoft Purview

With 80% of Fortune 500 companies now using active AI agents, employees are increasingly using unapproved generative AI tools that process sensitive corporate data outside of governance controls. This post demonstrates how to use Microsoft Purview and Defender for Cloud Apps to discover shadow AI usage, classify sensitive data, enforce data loss prevention policies, and build an AI governance framework that satisfies compliance requirements.

Adam Bertram < 1 min. read

Build Production Multiagent AI Systems with Azure AI Foundry

Learn the orchestration patterns, security practices, and production engineering decisions for building multiagent AI systems on Azure AI Foundry.

Adam Bertram 11 min. read

Build Auto-Migration Systems for Azure Spot VMs in AKS

Build automated migration systems to handle Azure Spot VM evictions in AKS, keeping workloads running within the 30-second window.

Adam Bertram 8 min. read

Azure Databricks Serverless Cost Optimization Guide

Learn to reduce Azure Databricks costs with serverless compute, Liquid Clustering, auto-termination tuning, and budget controls.

Adam Bertram 9 min. read

Transition from SysAdmin to Cloud Engineer

System administrators already have the networking, Linux, and operational expertise that cloud engineering demands. This guide maps the philosophy shift, technical domains, certifications, and portfolio steps to make the transition.

Adam Bertram 7 min. read

How to Migrate SQL Server to Azure SQL Database

Learn how to migrate SQL Server to Azure SQL Database using Azure DMS and SqlPackage, covering assessment with Azure Arc, schema migration, data movement, and post-migration validation.

Adam Bertram 6 min. read