Welcome to DevJev.nl: Your Guide to Azure, Cloud Security, and DevOps Mastery

In my previous Decoding Microsoft Azure post, 🔍 Decoding Microsoft Azure: Understanding Platform, Landing Zones, Workloads, and Utilities ⚙️ , I introduced the house analogy to conceptually explain Microsoft Azure . Part of this analogy covered the Application Landing Zone and the Platform Landing Zone.

In this post, I’ll take a deeper dive into Landing Zones. We’ll explore what they are, how they’re defined by Microsoft, and how I believe we can improve upon the concept. By the end, you’ll have a clearer understanding of Azure Landing Zones and how they fit into a broader cloud adoption strategy.

In this post, I’ll demonstrate how to quickly and easily deploy Microsoft Sentinel to an existing Log Analytics workspace using Bicep. This step-by-step guide simplifies the process, showing that deploying Microsoft Sentinel doesn’t have to be complicated—whether you’re an experienced cloud professional or new to Azure.

What is Microsoft Sentinel?

If you’re new to Microsoft Sentinel, here’s a brief introduction. Feel free to skip this section if you’re already familiar with it.

In today’s cloud-driven landscape, security is a shared responsibility for developers and engineers alike. Azure Bastion’s Developer SKU offers a lightweight way to securely connect to virtual machines—and did I mention it’s free? 🎉 In this post, we’ll walk through setting up Azure Bastion Developer SKU using Bicep Infrastructure as Code, fostering a “security is everyone’s responsibility” mindset as we go.

What is Azure Bastion?

Let’s start with a quick recap for those who are unfamiliar with Azure Bastion.

With this post I want to share a lazy and a hacky way for finding the Azure DevOps Project Id of any project in your Azure DevOps Organization.

The lazy API query

It can feel a bit daunting to start using Azure DevOps API. But what most folks are not aware of is that data retrieval API’s can be queried using your favorite browser. To get the Project Id we can do this with the projects LIST and GET API’s.

The task of explaining concepts of the Microsoft Azure Cloud befalls to us Cloud consultants. Usually we have to explain these concepts to stakeholders with varying levels of technical expertise. So using a simple analogy often helps to clarify complex ideas. In this post I want to share my favorite analogy. The house analogy! I am sure that I am not the first to come up with this analogy, however if you like my variation, feel free to use it in your own presentations or discussions.

Back in 2022 I wrote a blog post I am in your pipeline reading all your secrets! about how secrets can be leaked in Azure Pipelines. I think it’s time to offset that blog post and have a look at how compliance of all pipelines in a single Azure DevOps Project can be achieved. This is done by using a feature called Pipeline Decorators .

What are pipeline decorators?

In most organizations there are certain required compliance and security policies. For example; to be compliant with corporate policies a static code analysis tool must to be executed on all pipelines before executing the actual pipeline tasks. This is where pipeline decorators come in, pipeline authors don’t need to remember to add that step. We as Azure DevOps Organization owners create a decorator that automatically injects the step into all pipelines during their runtime. Ensuring on an Azure DevOps Organization level that all pipelines are compliant with our organization’s policies.