Recent Discussions
Service Discovery in Azure Dynamically Finding Service Instances
Modern cloud-native applications are built from microservices—independently deployable units that must communicate with each other to form a cohesive system. In dynamic environments like Azure Kubernetes Service (AKS), Azure App Service, or Azure Container Apps, service instances can scale up, scale down, or move across nodes at any time. This creates a challenge: How do services reliably find and talk to each other without hardcoding IP addresses or endpoints? The answer lies in the Service Discovery architecture pattern. https://dellenny.com/service-discovery-in-azure-dynamically-finding-service-instances/Common Security & Governance Blind Spots in Azure Integration
"Hello everyone, I'm starting a discussion to gather insights on a critical topic: security and governance for Azure Integration Services (AIS). As environments grow with dozens of Logic Apps, Functions, APIM instances, etc., it becomes harder to maintain a strong security posture. I’d like to hear from your experience: What are the most common security and governance blind spots people miss when building out their integration platforms on Azure? To get us started, here are a few areas I'm thinking about: Secret Management: Beyond just "use Key Vault," what are the subtle mistakes or challenges teams face? Network Security: How critical is VNet integration and the use of Private Endpoints for services like Service Bus and Storage Accounts in your opinion? When is it overkill? Monitoring & Observability: What are the best ways to get a single, unified view of a business transaction that flows through multiple Azure services for security auditing? Looking forward to a great discussion and learning from the community's collective experience!"
AZ-900 exam free voucher Azure
Hello, I recently finished Azure Fundamentals (https://learn.microsoft.com/en-us/credentials/certifications/azure-fundamentals/?practice-assessment-type=certification) But I see, to take final exam and then claim certificate, it is needed to pay around $50-$90 based on region. So my question is, are there currently any absolutely free vouchers for that exam? -100% I have been looking for it for around month, still no clue. Please help, and best regards to You Microsoft Learners.Building a Fully Secure Architecture Integrating Azure OpenAI
As AI adoption accelerates, organizations must ensure that AI services are secure, scalable, and compliant with enterprise security policies. Azure OpenAI Service provides powerful AI capabilities, but securing access to it is crucial when integrating with applications. In this blog, we will explore how to build a fully secure architecture by integrating Azure OpenAI Service with Azure API Management (APIM), Private Endpoints, and Applications. https://dellenny.com/building-a-fully-secure-architecture-integrating-azure-openai-with-apim-private-endpoints-and-applications/Extracting Information from PDFs and Storing in a Database Using Azure AI Services
Handling documents efficiently is a critical requirement for many businesses. Extracting structured data from PDF files and storing it in a database can streamline operations in finance, legal, healthcare, and other industries. Azure AI Services provides robust tools for automating this process, including Azure AI Document Intelligence (formerly Form Recognizer) and Azure Cognitive Services. In this blog, we’ll walk through how to: Read a PDF document Extract relevant data Store the extracted information in a database https://dellenny.com/extracting-information-from-pdfs-and-storing-in-a-database-using-azure-ai-services/Azure AI Adoption Framework A Strategic Guide for Organizations
As organizations accelerate their digital transformation, Azure AI offers powerful capabilities for automation, decision-making, and business intelligence. However, successful AI adoption requires a structured approach that balances strategy, governance, security, and operational excellence. The Azure AI Adoption Framework provides a comprehensive roadmap to help businesses integrate AI effectively while ensuring scalability, security, and responsible AI practices. https://dellenny.com/azure-ai-adoption-framework-a-strategic-guide-for-organizations/Creating and Using an Azure Automation Custom Runtime Environment
A custom runtime environment is a way of defining a specific job execution environment for Azure Automation runbooks, including Microsoft Graph PowerShell SDK runbooks. In this article, we create a new environment for PowerShell V7.4, load in some SDK modules, switch a runbook from a system-generated environment, and run some code. https://office365itpros.com/2025/08/29/custom-runtime-environment/Service Mesh Architecture Pattern in Azure
As organizations modernize applications using microservices and cloud-native architectures, managing how these services communicate becomes increasingly complex. Microservices often run across distributed environments, scaling dynamically, and interacting over the network. This is where the Service Mesh architecture pattern comes in — providing a dedicated infrastructure layer for service-to-service communication, security, and observability. In the Azure ecosystem, implementing a Service Mesh can simplify operational challenges while improving reliability and control of microservices deployments. https://dellenny.com/service-mesh-architecture-pattern-in-azure-handling-service-to-service-communication-security-and-observability/
Mine your Azure backup data, it could save you 💰💡
Your data has a story to tell. Mine it, decipher it, and turn it into actionable outcomes. 📊🔍 Azure backups can become orphaned in several ways (I'll dive into that in a future post). But here’s a key point: orphaned doesn’t always mean useless, hence the word “Potential” in the title of my Power BI report. Each workload needs to be assessed individually. If a backup is no longer needed, you might be paying for it - unnecessarily and unknowingly. 🕵️♂️💸 To uncover these hidden costs, I combined data from the Azure Business Continuity Center with a PowerShell script I wrote to extract LastBackupTime and other metadata. This forms the foundation of my report, helping visualize and track backup usage over time. This approach helped me identify forgotten one-time backups, VMs deleted without stopping the backup, workloads excluded due to policy changes, and backups left behind after resource migrations. If you delete unneeded backups and have soft-delete enabled, the backup size drops to zero and Azure stops charging for it. ✅🧹 💡 Do your Azure backups have their own untold story to tell? 📸 Here's a snapshot of my report that helped me uncover these insights 👇Azure Storage
You've asked for something about Azure Storage, and there's a wealth of information both from your own work and from trusted external sources. Here's a tailored overview that blends your contributions with broader context: 🔹 What Is Azure Storage? Azure Storage [1] is Microsoft’s cloud-based solution for storing modern data workloads. It offers: High availability and durability through redundancy and geo-replication. Massive scalability to support everything from small apps to enterprise-scale systems. Security with built-in encryption and fine-grained access control. Global accessibility via REST APIs, SDKs, Azure CLI, and Azure Storage Explorer. Azure Storage supports multiple data services: Azure Blob Storage: For unstructured data like images, videos, and backups. Azure Files: Managed file shares accessible via SMB or NFS. Azure Queues: For message-based communication between components. Azure Tables: A NoSQL store for structured data. Azure Disks: Persistent block storage for Azure VMs. Azure Elastic SAN and Azure Container Storage: For advanced storage orchestration and container-native workloads. 🔹 Your Contributions on Azure Storage You've made significant contributions to the Azure community, especially through your blog and event series: In your MVP Contributions tracker, you’ve documented multiple sessions and blog posts covering: Types of Azure Storage (e.g., Blob, File, Queue, Table) [2] Cost optimization strategies for Azure Storage [2] Azure Files and file sharing capabilities [2] Your presentation A COMPREHENSIVE GUIDE TO AZURE COST MANAGEMENT dives into how Azure Storage fits into broader cloud cost strategies, emphasizing budget control, resource allocation, and ROI [3]. 🔹 Practical Use Cases Azure Storage is ideal for: Backup and disaster recovery with geo-redundant storage. Big data analytics using Data Lake Storage. Web and mobile app content delivery via Blob Storage. Enterprise file sharing with Azure Files. IoT and telemetry ingestion using Queues and Tables. Would you like help turning this into a blog post, presentation, or training module? I can also summarize your past Azure Storage sessions or help you prepare new ones. References [1] Introduction to Azure Storage - Cloud storage on Azure [2] MVP Contributions [3] A COMPREHENSIVE GUIDE TO AZURE COST MANAGEMENTKickstart Conditional Access in Microsoft Entra: Free Starter Pack with Policies & Automation
Introduction Conditional Access (CA) is the backbone of Zero Trust in Microsoft Entra ID. It helps you enforce security without compromising productivity. But rolling out CA can feel risky what if you lock out admins or break apps? To make this easier, I’ve created a free starter pack with: Ready-to-use policy templates (JSON) PowerShell scripts for deployment via Microsoft Graph GitHub Actions workflow for automation Safe rollout strategy using report-only mode Why This Matters Block legacy authentication to reduce attack surface. Require MFA for admins to protect privileged accounts. Handle high-risk sign-ins with compliant device + MFA. Validate impact before enforcing using report-only mode. What’s Inside the Starter Pack ✔ Policies Block legacy authentication Require MFA for admin roles High-risk sign-ins → compliant device + MFA Safety-net report-only baseline ✔ Scripts Deploy policies (deploy-conditional-access.ps1) Export existing policies Toggle report-only mode ✔ Automation GitHub Actions workflow for CI/CD deployment ✔ Docs Usage guide Safe rollout checklist How to Use It Download the repo: GitHub Repo: https://github.com/soaeb7007/entra-ca-starter-pack Install Microsoft Graph PowerShell SDK: Install-Module Microsoft.Graph -Scope CurrentUser Connect-MgGraph -Scopes 'Policy.ReadWrite.ConditionalAccess','Directory.Read.All' Select-MgProfile -Name beta Deploy policies in report-only mode: ./scripts/deploy-conditional-access.ps1 -PolicyPath ./policies -ReportOnly Validate impact in Sign-in logs before enforcing. Safe Rollout Checklist Exclude break-glass accounts, Start with report-only, Validate for 48–72 hours, Roll out to pilot group before org-wide Next Steps Enable report-only mode for new policies. Explore Conditional Access templates in Entra portal. Watch for my next post: “Optimizing Conditional Access for Performance and Security.” What’s your biggest challenge with Conditional Access? Drop it in the comments, I’ll cover the top 3 in my next post.Azure Entra Security Copilot: How It’s Changing Identity Protection
Overview Azure Entra Security Copilot is revolutionizing how organizations approach identity protection. By combining the power of generative AI with Microsoft’s deep security insights, it enables faster threat detection, smarter policy recommendations, and simplified incident response. Hands-On Experience After integrating Security Copilot into our Azure Entra environment, here’s what stood out: Natural Language Queries: You can ask things like “Show me risky sign-ins from last week” and get instant, actionable insights. Automated Investigations: It correlates signals across Entra ID, Defender, and Sentinel to surface threats. Policy Recommendations: Based on your environment, it suggests Conditional Access policies to reduce risk. Use Cases 1. Breach Detection Detects anomalies like impossible travel, unfamiliar sign-in patterns, and token theft. Automatically flags high-risk users and suggests remediation steps. 2. Policy Optimization Recommends Conditional Access policies tailored to your org’s risk profile. Helps reduce over-permissive access and enforce least privilege. 3. Incident Response Generates incident summaries and timelines. Suggests next steps and integrates with Microsoft Sentinel for deeper investigation. Comparison with Traditional SIEM Workflows Discussion Starter Have you tried Security Copilot in your environment yet? What use cases have you explored? How does it compare with your existing SIEM or XDR tools? Let’s share insights and build a stronger identity protection strategy together!Understanding Architecture Patterns A Guide for Software Architects
In the world of software development, architecture patterns play a crucial role in designing scalable, maintainable, and high-performing systems. As an architect, choosing the right pattern for your application can significantly impact its success. This blog explores common architecture patterns, their use cases, and when to apply them. https://dellenny.com/understanding-architecture-patterns-a-guide-for-software-architects/Event Based Design Architecture Pattern in Azure
Event-driven architecture (EDA) is a design pattern that enables applications to respond to real-time events rather than relying on traditional request-response communication. In the cloud-native ecosystem, EDA is particularly powerful for building scalable, loosely coupled, and resilient solutions. Azure provides a robust set of services to implement event-based design, ensuring seamless integration and high availability. https://dellenny.com/event-based-design-architecture-pattern-in-azure/👉 Securing Azure Workloads: From Identity to Monitoring
Hi everyone 👋 — following up on my journey, I want to share how I approach end-to-end security in Azure workloads. - Identity First – Microsoft Entra ID for Conditional Access, PIM, and risk-based policies. - Workload Security – Defender for Cloud to monitor compliance and surface misconfigurations. - Visibility & Monitoring – Log Analytics + Sentinel to bring everything under one pane of glass. Through my projects, I’ve been simulating enterprise scenarios where security isn’t just a checklist — it’s integrated into the architecture. Coming soon: - A lab demo showing how Defender for Cloud highlights insecure configurations. - A real-world style Conditional Access baseline for Azure workloads. Excited to hear how others in this community are securing their Azure environments! #Azure | #AzureSecurity | #MicrosoftLearn | #ZeroTrust | #PerparimLabs
Optimizing Azure DevOps Jira Integration: 5 Practical Use Cases for DevOps Teams
Many teams rely on Azure DevOps (ADO) for development and Jira for project or product management. While each tool is powerful on its own, things often get messy when work items, statuses, and updates live in separate systems. Integrating the two platforms can remove a lot of friction. Below are six common use cases I have seen from real teams, with concrete problems and solutions to make the connection between Jira and Azure DevOps work smoothly. 1. Keeping User Stories and Bugs in Sync Challenge: Teams use Jira for user requests and Azure DevOps for development tasks. Manually updating both systems is tedious and error-prone. Solution: Enable two-way synchronization so that changes in Jira automatically reflect in Azure DevOps and vice versa (including comments and status updates). This keeps bugs and stories aligned without duplicate work. “Before we integrated Jira with Aure DevOps, I spent too much time manually updating task statuses in both systems. Now, with the automatic sync, my team is focused on actual coding work instead of managing project statuses across platforms.” — DevOps Engineer 2. One-Way Sync for Project Management–First Teams Challenge: Some organizations plan and track everything in Jira but manage code exclusively in Azure DevOps. Developers only need the essentials pushed across. Solution: Use a one-way sync from Jira → Azure DevOps to bring over metadata like titles, statuses, sprints, and due dates. Developers see the context they need without cluttering both systems with manual updates. “We rely on Jira for all project planning and management, but the developers need a clean workspace in Azure DevOps. A one-way sync from Jira to ADO helps us keep things efficient and ensures developers always have the latest information without double entry.” — Product Owner 3. Creating Jira Tickets from Azure DevOps Tasks or Bugs Challenge: External partners or stakeholders may only work in Jira Service Management to manage tickets. Developers in Azure DevOps often need their work mirrored for transparency. Solution: Configure automated ticket creation in Jira when certain ADO tasks are tagged. Both teams can track progress in their preferred tool without duplicating effort. “We use Azure DevOps internally, but our external stakeholders only work in Jira. Automating the creation of Jira tickets based on Azure DevOps tasks or bugs has made collaboration seamless and ensured no work is lost in translation.” — DevOps Lead 4. Syncing Epics, Features, and Work Items Challenge: High-level epics might live in Jira, while features and tasks are managed in Azure DevOps. Without integration, visibility across systems is fragmented. Solution: Sync epics and features so Jira provides portfolio-level visibility, while Azure DevOps remains the system of record for detailed development work. This keeps roadmaps and execution aligned. “Tracking epics in Jira while managing the technical work in Azure DevOps used to cause us to lose visibility. Now, everything from high-level epics to individual tasks is in sync, so we always know where we stand.” — Azure DevOps Product Manager 5. Managing Multiple Jira Projects with One Azure DevOps Project Challenge: Large organizations often run multiple Jira projects (by teams or business units) but only one Azure DevOPs project for development. Syncing everything consistently is tough. Solution: Map multiple Jira projects to a single Azure DevOps project, syncing only the key data (titles, statuses, sprints, custom fields). This creates a unified development view without losing project-specific details. “We have multiple teams using different Jira projects, but we consolidate all development work into a single Azure DevOps project. Syncing across these platforms used to be a nightmare, but now everything stays aligned, and we’re able to track all initiatives in one place.” — Azure DevOps Engineer 💬 Have you integrated Jira with Azure DevOps in your team? What worked well, and what challenges did you run into?Hello from a future Azure MVP!
Hello everyone! I’m Sai Min Thu from Thailand, currently working at a Taiwanese IT company. I’m certified as an Azure Administrator Associate and Azure Solutions Architect Expert, and I’m excited to share and learn with this community. Looking forward to connecting! #AzureFamily 😍Unlocking the Power of AI with Azure Cognitive Services
enhance customer experiences, streamline operations, and gain insights from their data. Microsoft’s Azure Cognitive Services offers one of the most accessible ways to integrate powerful AI capabilities into applications without needing deep expertise in machine learning or data science. In this post, we’ll explore what Azure Cognitive Services are, the different categories they cover, and how organizations can leverage them for real-world use cases. https://dellenny.com/unlocking-the-power-of-ai-with-azure-cognitive-services/Detect Human Faces and Compare Similar Ones with Face API in Azure
https://dellenny.com/detect-human-faces-and-compare-similar-ones-with-face-api-in-azure/Facial recognition is becoming an integral part of modern applications—from authentication systems and security cameras to customer experience personalization. Microsoft Azure’s Face API provides powerful cloud-based capabilities to detect human faces, extract facial features, and compare them with remarkable accuracy. In this blog, we’ll walk through how to detect human faces and compare similar ones using Azure Face API.Unleashing Productivity with Azure Virtual Desktop (AVD) A Modern Workspace Strategy
In today’s hybrid world, organizations are reimagining how and where work gets done. Enter Azure Virtual Desktop (AVD)—Microsoft’s flexible, secure, and scalable desktop virtualization service built on Azure. Whether you’re supporting remote workers, enabling BYOD policies, or running high-performance apps in the cloud, AVD has become a central player in the modern workplace strategy. https://dellenny.com/unleashing-productivity-with-azure-virtual-desktop-avd-a-modern-workspace-strategy/
Events
Maximize the value of your cloud and AI investments by adopting the Microsoft marketplace. In this Office Hours session, you’ll learn how to strategically plan your Microsoft Cloud investments and ...
Online
Recent Blogs
- What’s New? The updated experience introduces a dedicated App Service Quota blade in the Azure portal, offering a streamlined and intuitive interface to: View current usage and limits across th...Sep 04, 2025
- When we think about human intelligence, memory is one of the first things that comes to mind. It’s what enables us to learn from our experiences, adapt to new situations, and make more informed decis...Sep 04, 2025
