"What agent will you build with these tools?" Steven put it best in his blog. 👌🏾 https://lnkd.in/dx_GzjYj The Azure Resource Manager MCP Server is a remote MCP server that provides tools to give AI agents first-class access to Azure infrastructure operations through Azure Resource Manager (ARM). AI agents can now be equipped with tools to generate, validate, and execute Azure Resource Graph (ARG) queries, plus tools to deploy and manage ARM template deployments! Try it NOW and share your feedback 🚀 Your journey begins here �� https://aka.ms/JoinARMMCP

🏢 Azure's management hierarchy confused me for weeks. Now it's my superpower. Here's the 4-level model explained simply: 🌐 Tenant — your organisation’s identity boundary 📁 Management Groups — group subscriptions, apply policies at scale 💳 Subscriptions — billing + trust boundary (e.g. Dev / Prod) 📦 Resource Groups — logical containers for workloads ✨The real power: Policies and RBAC assigned at higher levels automatically inherit downward. Example: Set a policy at the Management Group level: “No resources outside UK South” ➡️ Every subscription and resource group beneath it inherits compliance automatically. Pro tip: use separate subscriptions for Prod vs Dev — not just separate resource groups. Subscription = strongest isolation boundary. What's your favourite Azure governance tip? #Azure #CloudGovernance #AzurePolicy #RBAC #LearningInPublic #AZ104

1. Azure NetApp Files now automatically enables backup during volume creation in public preview, enhancing data protection for users. 2. Azure Databricks introduces a unified workspace view to simplify management and reduce complexity for data engineers. 3. Azure launches cert-manager for Arc-enabled Kubernetes in public preview, automating TLS certificate management for improved security. 4. Microsoft Fabric debuts a Schedule failures page in the monitoring hub, allowing users to manage failure notifications from a single location. Stay sharp. Stay cloudy. #NerdieCloud #CloudNews #CloudUpdates #Azure #Microsoft #Kubernetes

Introducing cert-manager for Azure Arc-enabled Kubernetes: now in Public Preview. Today we’re releasing a public preview of cert-manager for Azure Arc-enabled Kubernetes. It’s an Arc extension that automates TLS certificate and trust bundle management for edge Kubernetes clusters.  If you’re running Kubernetes at the edge: in factories, retail stores, remote sites, you’ve probably hit the certificate problem already. Certificates expire. Each cluster has its own tooling. Nobody owns the renewal process until something breaks. We routinely hear from customers that certificate issues are a common source of unplanned outages and last-minute firefighting, especially as workload counts grow.  This extension packages the open-source cert-manager and trust-manager into a managed Arc extension with Microsoft support. You get automated lifecycle management and trust distribution without having to run and maintain these tools yourself. ... #techcommunity #azure #microsoft https://lnkd.in/ecrtzvN7

Understanding the deployment quota limitation (800) Error in Azure Bicep and ARM Deployments. Understanding deployment quota limitation (800) Error in Azure Deployments (Bicep/ARM) Introduction When working with Infrastructure as Code (IaC) using Azure Bicep or ARM templates, deployment failures are a common part of day-to-day operations—especially in large-scale enterprise environments. One such frequently encountered but often misunderstood issue is the quota limitation (800) error, which typically occurs during repeated or automated deployments. Figure: Azure Bicep deployment failure showing DeploymentQuotaExceeded error after reaching the 800 deployment history limit, with reference to aka.ms/800 for remediation.   { "code": "DeploymentFailed", "target":... #techcommunity #azure #microsoft https://lnkd.in/eubtzKgG

🚀 Moving from theory to architecture: My first Azure Portfolio Project is officially live! Instead of just memorizing documentation to pass a certification, I’ve started building out the core infrastructure domains of the AZ-104 certification track to demonstrate true enterprise capability. For Domain 1 (Identity & Governance), I built a secure financial department perimeter inside the Azure Portal focusing on governance and the Principle of Least Privilege: 🔹 Identity Infrastructure: Provisioned custom users and groups using Microsoft Entra ID. 🔹 Access Management: Assigned granular RBAC permissions (Contributor vs Reader roles) to strictly segregate corporate responsibilities. 🔹 Environmental Compliance: Deployed regional Azure Policies to prevent shadow IT and unexpected cloud spend. 🔹 Business Uptime Protection: Enforced explicit Delete Resource Locks to mitigate accidental deletion risks. I’ve fully documented the design layout and included live verification screenshots inside my public GitHub repository:  https://lnkd.in/eSJbZAxd Next up: Deconstructing Domain 2 and tackling Azure Cloud Storage Solutions! 💻🛡️ #Azure #CloudEngineering #SystemsAdministration #InformationTechnology #GitHub #Infrastructure #AZ104

☁️ AZ-900 — My understanding of Azure fundamentals 👇 After exploring Azure, I tried to break it down into how a real cloud system is built: 🔷 Compute (Virtual Machines) Run applications on-demand without managing physical servers. Scalable based on workload needs. 🔷 Networking (VNets & Subnets) Provide secure communication between resources. Subnets help segment and organize workloads. 🔷 Storage (Blob, File, Disk) Different storage types depending on usage: • Blob → unstructured data • File → shared access • Disk → VM storage 🔷 Identity & Security (Microsoft Entra ID + RBAC) Control authentication (who you are) and authorization (what you can do). Essential for securing cloud environments. 🔷 High Availability & Reliability Regions and Availability Zones ensure services stay available even during failures. 🔷 Monitoring (Azure Monitor) Track metrics and logs to detect issues and maintain performance. 🔷 Pricing & Cost Management Pay-as-you-go model with tools to track and optimize usage. 🔷 Azure Structure • Subscription → billing & access • Resource Group → organization • Region → deployment location 💡 How I see Azure now: 👉 Deploy → Connect → Store → Secure → Monitor → Optimize 💡 What changed for me: Cloud is not about isolated services… it’s about designing systems that are scalable, secure, and reliable. #Azure #CloudComputing #AZ900 #CloudEngineering #IT

I am preparing for my AZ-104 Microsoft Azure Administrator certification, and instead of just studying theory, I built a complete hands-on lab series covering every single exam domain. 5 labs. Every topic. Real Azure environment. Real configurations. Here is everything I built: Lab 01: Manage Azure Identities and Governance Entra ID users and guest accounts, dynamic and assigned security groups, RBAC role assignments, Azure Policy enforcement, resource locks, and Self-Service Password Reset Lab 02: Implement and Manage Storage Storage accounts, blob containers, access tiers, lifecycle management policies, shared access signatures, and Azure File Shares Lab 03: Deploy and Manage Azure Compute Resources Virtual machines, availability sets, VM scale sets, Azure App Service, container instances, and ARM template deployments Lab 04: Implement and Manage Virtual Networking Virtual networks, subnets, network security groups, peering, Azure DNS, VPN Gateway, and load balancers Lab 05: Monitor and Maintain Azure Resources Azure Monitor, Log Analytics, alerts, diagnostic settings, Azure Backup, and Recovery Services Vault Every lab includes step-by-step Portal and CLI/PowerShell walkthroughs, real screenshots from my Azure environment, and the reasoning behind every configuration so it actually makes sense, not just for the exam but for real-world work. This repo is open for anyone studying for AZ-104 or looking to get hands-on with Azure. Use it, fork it, build on it. 👉 GitHub link in the comments This is how I grow as a cloud engineer. Build first, understand deeply, certify with confidence. #Azure #AZ104 #MicrosoftAzure #CloudEngineering #EntraID #RBAC #VirtualNetworking #AzureMonitor #HandsOnLearning #OpenSource #CloudSecurity

🚨 𝗔𝘇𝘂𝗿𝗲 𝗕𝗶𝗰𝗲𝗽 / 𝗔𝗥𝗠 𝗗𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 𝘀𝘂𝗱𝗱𝗲𝗻𝗹𝘆 𝗳𝗮𝗶𝗹𝗶𝗻𝗴 𝘄𝗶𝘁𝗵 𝗗𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁𝗤𝘂𝗼𝘁𝗮𝗘𝘅𝗰𝗲𝗲𝗱𝗲𝗱? I recently hit this interesting error while deploying infrastructure through Azure Bicep: "𝘤𝘰𝘥𝘦": "DeploymentQuotaExceeded", "𝘮𝘦𝘴𝘴𝘢𝘨𝘦": "Creating the deployment would exceed the quota of '800'." At first glance, it looks like: ❌ Resource limit issue ❌ Subscription quota issue ❌ Bicep/ARM template problem But the real reason is much simpler — and surprisingly common in long-running CI/CD environments. 🔍 What’s actually happening? Every ARM/Bicep deployment creates a deployment history record inside the Resource Group, Subscription, or Management Group scope. Azure keeps these deployment records… until you clean them up. Once the count reaches 800 deployments, new deployments start failing even though your actual resources are perfectly fine. 💡 The tricky part: Many teams automate deployments aggressively but never monitor deployment history growth. This becomes especially visible in: Dev/Test environments Frequent pipeline runs Modular Bicep deployments Nested deployments ✅ Quick Fix: Delete older deployment history entries. ✅ Better Fix: Implement automated cleanup or retention strategy in CI/CD pipelines. One small quota limit… but it can completely block infrastructure delivery pipelines unexpectedly. 𝗥𝗲𝗳𝗲𝗿𝗲𝗻𝗰𝗲: https://lnkd.in/gYXRXq_X #Cloud #Azure #CloudComputing #MicrosoftAzure #ARM #bicep

Board meeting this morning. The P&L is under pressure, and the CEO raises the question: "Cloud costs are up again, where are we actually spending, and is it under control?"   Silence. Then: "We will get the full picture to you by end of week." That answer costs trust. Every single time. But honestly? It's not their fault. The data exists. It is just scattered across cost management consoles, compliance reports, infrastructure state files only 3 engineers can read, and a spreadsheet someone built in Q3 last year that may or may not be up to date.   So when the CISO asks "are we compliant with our cloud policies?", someone spends days pulling data from Security Center, Defender, and a handful of custom scripts to produce a PDF that's already outdated by the time it lands in their inbox.   When the CFO asks "why did our cloud bill jump 18% last month?", the answer comes back 48 hours later, full of resource IDs and subscription-level breakdowns that raise more questions than they answer.   When the CTO asks "does what's actually running match what our Terraform config says?", nobody is fully sure. Drift happens silently. It gets caught late, or not at all.   And the CEO just wants one thing: a clear answer. Not a ticket. Not a meeting. Not a spreadsheet. Just: are we in control of our cloud infrastructure, yes or no? The answer should take seconds, not days.   If any of this sounds familiar, feel free to reach out. We've been working on exactly this problem, across AWS and Azure, and we would love to show you what we have built. No pitch deck. No sales call. Just a conversation.   #CloudGovernance #FinOps #CTO #CFO #CISO #COO #Infrastructure #CLevel #AWS #Azure #DevOps