Welcome to DevJev.nl: Your Guide to Azure, Cloud Security, and DevOps Mastery

Understanding the Need for Management Group Automation

Managing Azure subscriptions at scale can become challenging. Management groups provide a powerful way to organize and govern resources, but manually configuring them introduces inefficiencies and risks. A common pitfall is hardcoding management group structures into deployment code, which reduces flexibility and can compromise governance. This post introduces Management Group Vending, a reusable Bicep solution inspired by Microsoft’s Subscription Vending . This solution enables you to deploy any management group hierarchy, considering Azure’s limitations while adhering to Cloud Adoption Framework (CAF) principles.

In my previous Decoding Microsoft Azure post, 🔍 Decoding Microsoft Azure: Understanding Platform, Landing Zones, Workloads, and Utilities ⚙️ , I introduced the house analogy to conceptually explain Microsoft Azure . Part of this analogy covered the Application Landing Zone and the Platform Landing Zone.

In this post, I’ll take a deeper dive into Landing Zones. We’ll explore what they are, how they’re defined by Microsoft, and how I believe we can improve upon the concept. By the end, you’ll have a clearer understanding of Azure Landing Zones and how they fit into a broader cloud adoption strategy.

In this post, I’ll demonstrate how to quickly and easily deploy Microsoft Sentinel to an existing Log Analytics workspace using Bicep. This step-by-step guide simplifies the process, showing that deploying Microsoft Sentinel doesn’t have to be complicated—whether you’re an experienced cloud professional or new to Azure.

What is Microsoft Sentinel?

If you’re new to Microsoft Sentinel, here’s a brief introduction. Feel free to skip this section if you’re already familiar with it.

In today’s cloud-driven landscape, security is a shared responsibility for developers and engineers alike. Azure Bastion’s Developer SKU offers a lightweight way to securely connect to virtual machines—and did I mention it’s free? 🎉 In this post, we’ll walk through setting up Azure Bastion Developer SKU using Bicep Infrastructure as Code, fostering a “security is everyone’s responsibility” mindset as we go.

What is Azure Bastion?

Let’s start with a quick recap for those who are unfamiliar with Azure Bastion.

With this post I want to share a lazy and a hacky way for finding the Azure DevOps Project Id of any project in your Azure DevOps Organization.

The lazy API query

It can feel a bit daunting to start using Azure DevOps API. But what most folks are not aware of is that data retrieval API’s can be queried using your favorite browser. To get the Project Id we can do this with the projects LIST and GET API’s.

The task of explaining concepts of the Microsoft Azure Cloud befalls to us Cloud consultants. Usually we have to explain these concepts to stakeholders with varying levels of technical expertise. So using a simple analogy often helps to clarify complex ideas. In this post I want to share my favorite analogy. The house analogy! I am sure that I am not the first to come up with this analogy, however if you like my variation, feel free to use it in your own presentations or discussions.