As the moderator, I had the pleasure of guiding an engaging conversation with our featured speaker, Dharmendra Ahujaāa multi-cloud Certified Solution Architect, DevSecOps, and Data Engineer with 18+ years of experience. Dharmendraās expertise spans cloud-native architectures, CI/CD, containerization, and Infrastructure-as-Code, making him the perfect guide for this journey.
Best Practices for Scalable CI/CD Pipelines
Dharmendra shared actionable insights on designing pipelines that scale with your team and application needs. From modular pipeline stages to leveraging cloud-native tools, the focus was on building resilient, maintainable workflows.
Automated Testing & Build Automation
We explored how Jenkins and CircleCI streamline automated testing and build processes. Dharmendra emphasized the importance of integrating tests early and often, ensuring every code change is validated before deployment.
Deployment Strategies: Blue/Green & Canary
The session highlighted advanced deployment strategies:
Blue/Green Deployments: Minimize downtime and risk by switching traffic between identical environments.
Canary Releases: Gradually roll out changes to a subset of users, enabling real-time feedback and rapid rollback if needed.
DevSecOps Integration
Security isnāt an afterthoughtāitās baked into the pipeline. Dharmendra discussed proactive DevSecOps practices, from automated vulnerability scanning to policy enforcement, ensuring every release is secure by design.
Real-Time Monitoring with Prometheus & Datadog
Visibility is key! In this session, we learned how integrating Prometheus and Datadog provides real-time monitoring, alerting, and analyticsāempowering teams to detect issues early and optimize performance.
Reducing Time-to-Market by Up to 40%
By adopting these best practices, organizations can dramatically reduce time-to-market, delivering value to customers faster without sacrificing quality or security.
Engaging Q&A
Throughout the session, I asked our presenter questions that sparked lively discussion:
How do you choose the right CI/CD tools for multi-cloud environments?
What are the biggest challenges in integrating security into pipelines?
Can you share a real-world example of a successful blue/green deployment?
Dharmendraās responses were packed with practical advice and real-world stories, making the session both informative and inspiring.
Ready to Elevate Your DevOps Game and watch the full episode?
Whether youāre just starting your DevOps journey or looking to optimize your existing pipelines, the Cloud Marathoner community is here to support you. Letās keep running toward cloud excellenceātogether!
Greetings to all Cloud community and Cloud Marathoner friends!
Did you know that the Cyber Back to School 2025 is started on October first? It is community organized event that you don’t want to miss out.
Cyber Back to School event
Cyber Back to School is an annual community event featuring IT professionals from across the world. This event was started in 2024 by Microsoft MVP and MCT Community Lead, Dwayne Natwick. Microsoft community Leader, Microsoft MCT, blogger, and public speaker, Derek Smith, joined the team as co-organizer in 2025. In 2025, Cloud Marathoner and Microsoft MVP and MCT, Elkhan Yusubov began assisting with social media and promotion of the event. Community members submit sessions, either videos or blog articles, to provide viewers with actionable knowledge. The event takes place every October, from 01 October to 31 October.
This year I submitted two sessions and look forward to sharing the first one on this blog below.
What is covered in my session?
Strong governance is the foundation of a secure, scalable, and cost-effective cloud environment. In this hands-on session, weāll explore together how to use Bicep ā Azureās new infrastructure as code language āalongside GitHub Copilot to streamline and strengthen your Azure governance strategy.
You will learn the following in this session:
ā Azure Governance: policies, role-based access control (RBAC), resource locks, and naming conventions
ā Resource Governance rules with Bicep code
ā GitHub Copilot to the rescue of reduce errors and follow best practices in IaC
ā Real-world examples
ā Automating governance at scale
ā Tips for integrating governance into your CI/CD workflows
This session is designed for early-career cloud engineers and architects looking to build confidence in managing Azure environments with automation and AI-assisted development.
Azure Governance
As a cloud engineer or working professional stepping into the world of Microsoft Azure, one of the most important concepts to grasp early is Azure Governance. Think of it as the set of rules and practices that help organizations manage their cloud resources effectively, securely, and in a cost-efficient way. Letās break down some of the key components of Azure Governance:
š”ļøAzure Policies ā Enforcing Rules
Azure Policies are like the rulebook for your cloud environment. They help ensure that resources are created and managed in a way that aligns with your organizationās standards. For example: You can create a policy that only allows resources to be deployed in specific regions (e.g., only in West Europe or East US), or that requires all storage accounts to have encryption enabled.
Why it matters? It helps prevent misconfigurations, ensures compliance, and keeps your environment secure and cost-effective.
š„ Role-Based Access Control (RBAC) ā Managing Who Can Do What
RBAC is Azureās way of controlling who has access to what resources and what actions they can perform. For example: You can give a developer access to manage virtual machines in a resource group but not allow them to delete the resource group itself.
Why it matters? It follows the principle of least privilege, ensuring users only have the permissions they needānothing more, nothing less.
š Resource Locks ā Preventing Accidental Deletion or Changes
Resource Locks are like putting a āDo Not Touchā sign on critical resources. We have following types of locks:
ReadOnly ā Users can read the resource but canāt make changes.
CanNotDelete ā Users can modify the resource but canāt delete it.
As a use case example: You can lock a production database to prevent accidental deletion during maintenance.
Why it matters? It adds an extra layer of protection for important resources and prevents accidental changes in your important resources.
š·ļø Naming Conventions ā Keeping Things Organized
Naming conventions are standardized ways of naming your resources so theyāre easy to identify and manage. For example: A virtual machine name like vm-prod-weu-app01 could tell you the following additional information:
Itās a VM
Used in production
Located in West Europe
Itās an app server
Why it matters? It improves clarity, helps with automation, and makes managing large environments much easier.
Imagine youāre building a cloud environment for a company. With Azure Governance you can achieve the following mission:
Define rules (Policies)
Control access (RBAC)
Protect critical resources (Locks)
Stay organized (Naming Conventions)
Together, these tools ensure your cloud environment is secure, compliant, and manageableāeven as it grows. Mastering Azure Governance early will set you up for success as you build scalable, secure, and well-managed cloud solutions.
Resource governance with Bicep Code
Resource governance with Azure Bicep empowers organizations to manage cloud resources consistently and securely through declarative infrastructure-as-code. By defining policies, role assignments, and resource configurations in Bicep templates, teams can enforce compliance, reduce configuration drift, and automate deployments across environments. This approach enhances visibility and control, ensuring that resources adhere to organizational standards from the moment they’re provisioned.
Additionally, Bicep simplifies governance by integrating seamlessly with Azure Policy and management groups, enabling scalable enforcement of rules across subscriptions. Its modular structure promotes reuse and collaboration, allowing teams to build standardized templates for tagging, cost management, and security controls. Ultimately, Bicep streamlines governance workflows, reduces manual overhead, and fosters a culture of accountability and best practices in cloud operations.
GitHub Copilot to the rescue
Related content of content
Automating governance
Related content of content
integrating governance into your CI/CD
Related content of content
Demo and references
Related content of content
Updates coming soon
Stay tuned for details, as the complete post is in-progress and be available on the week of Oct 7, 2025
If you are into managed Kubernetes services and Infrastructure as a Code implementation on Microsoft Azure, then keep reading.
Session Announcement
Next week. join our tech-savvy workshop with Kasun Rajapakse, an Azure MVP and Docker Captain. In this festive session for the Festive Tech Calendar event, we will unwrap the wonders of Azure Kubernetes Service (also known as AKS) provisioning using the Bicep language and showcase the latest AKS features.
What will be covered?
In this jolly session, we’ll delve into the secrets of deploying AKS clusters with Bicep, turning your cloud infrastructure into a winter wonderland of efficiency and scalability. Whether you’re an experienced elf or a newbie on Santa’s list, this session is perfect for everyone eager to harness the power of Azure Kubernetes Service.
What you need to do before session?
Get ready to sleigh your cloud game with our festive demonstrations of AKS features. Deck the halls with knowledge and cheer as we bring the magic of AKS and Bicep to life!
Call to Action
Please come prepared to our session with your great questions on gears and skills that elves need to learn about. Your help to get them prepared will be appreciated very deeply.
Join elves for a holly jolly tech adventure session with the details below:
This issue originated from the fact that git by default uses the “Linux” crypto backend.
However, there is a simple solution, from the beginning of version Git on Windows 2.14, you can configure Git to use SChannel. This is a built-in Windows networking layer as the crypto backend. In other words, the Windows networking layer will be used with the Windows certificate storage mechanism and you are not required to configure the curl CA storage mechanism.
Fortunately, you don’t have to change anything in your Windows environment, just run the following Git command: “git config –global http.sslbackend schannel”.
Let me know if that helped with your problem and keep me in the loop if you had a similar problem.
Let’s focus on answering the main question of this post. And some of you may suspect that we will allude to Azure Arc, right?
Microsoft Azure Arc
Yes, with the Microsoft Azure Arc, you can manage servers running on-premises, at the edge, and in multi-cloud environments. And with the latest updates, now, you also get SSH access to your Linux and Windows Servers running anywhere using Azure Arc-enabled servers.
Direct Network Connectivity
Even though direct network connectivity (like SSH connection into the server) can be a challenge in hybrid and multi-cloud environments, Azure Arc-enabled servers enable this unique capability for you.
What are the Helpful References?
Well, let me mention the following important three references that will get you going in your Azure Arc journey, ok?
I hope this provides you with a good overview and resources of how you can manage and SSH access your Linux and Windows Servers anywhere using Azure Arc. And if you feel like you got a question, please, feel free to leave a comment on my LinkedIn post.
We started the #CloudMarathoner community and cloud learning journey approximately 3.5 years ago with few posts and followers. My main intention in starting this hashtag is to help everyone learn the #cloudcomputing and share training resources that could help you in your awesome #cloud journey.
We continuously GROWING
Thank you for your continued feedback and support! Our community is almost 1400+ members string and we are able to reach and empower more people now.
Many Thanks to each of you, who has #shared and commented on #CloudMarathoner posts on social media.
summary
Thank you.. Thank you… Thank you.. For being a trueĀ #cloudmarathoner in learning theĀ #cloud and sharing it with your community!
In this post, I will be addressing a common an error that could be seen in your GitHub actions, once in a while, called “Error: Az CLI Login failed. Please check the credentials and make sure az is installed on the runner”.
We are a vibrant worldwide community with a passion to learn and grow our career with Cloud technologies! We are also a growing community who are dedicated to giving back and sharing with #community as well!
We are more than 1040+ members strong and continue to grow while supporting the community members with online, #free content on a variety of cloud technologies.
I would like to thank everyone who has followed and #shared the #CloudMarathoner posts and announcements.
As you already know, this is the beginning of something āGREATā that we need to carry on by spreading the goodness and power of #knowledge that empowers people.
Summary
Thank you for stopping by and checking the announcement and celebrating this “HUGE” milestone with us. Please, check our architecture, cloud infrastructure as code, and overall, Azure videos in the #CloudMarathone YouTube channel.
This week, I had an opportunity to join a meeting in order to share my experience with military veterans on how to get them ready for the first cloud position interview. We had really awesome participation and a number of questions that benefited all attendees.
Thank you,Ā DouglasĀ for an opportunity to help the transitioning service members and veterans with critical technical and career skills development and tips.
The MSSAĀ provides technical training that enables the service members to leverage their core skills and interests to chartāand startātheir career journey in IT.
Summary
It was truly a unique event to help our transitioning service members and veterans and Thank You to everyone who took some time in providing follow-up feedback on the following LinkedIn post.
Are you looking for a simpler, more efficient way to author infrastructure resources in Azure?
Azure Bicep First Look course
If so, youāre in luck. Azure Bicep is here to help. Bicep is a new domain-specific language (DSL) for deploying resources in Azure. Itās also a much cleaner, more concise language than ARM JSONācloud admins and DevOps professionals, rejoice!
