Featured Post
Passing a Secret Between GitHub Jobs
azure github actions iac security
A detailed walkthrough of securely moving sensitive outputs across jobs in GitHub Actions.
September 10, 2025 by trentsteenholdtLatest Blog Posts
Anti-Pattern 9: Not doing software development lifecycle (SDLC) practices with IaC
azure iac bicep anti-patterns sdlc cicd testing
Treating IaC as an afterthought compared to application code leads to technical debt and deployment failures. Learn how to integrate SDLC practices like CI/CD, testing, version control, code reviews, and proper environment flows for robust IaC deployments.
Unlocking the Power of Azure Verified Modules for Infrastructure as Code and Platform Engineering - Part 2
azure iac PlatformEngineering GitHub
Approach to IaC across both Bicep and Terraform for building and consuming repeatable infra patterns.
Anti-Pattern 8: Relying on Azure `What-If` as a Testing and Validation Tool
azure iac bicep anti-patterns testing validation what-if
Azure `What-If` is a helpful tool but far from comprehensive. Learn why over-relying on it is an anti-pattern and how to adopt robust validation practices for your IaC deployments.
Unlocking the Power of Azure Verified Modules for Infrastructure as Code and Platform Engineering - Part 1
azure iac PlatformEngineering GitHub
Approach to IaC across both Bicep and Terraform for building and consuming repeatable infra patterns.
Anti-Pattern 7: Overcomplicating Networking Configurations
azure iac bicep anti-patterns networking nsg udr
Overcomplicated networking configurations in Azure can create maintenance headaches and lead to avoidable failures. Learn how to simplify NSG rules, utilise service tags, and properly manage UDRs for cleaner and more effective IaC deployments.
Azure Platform Engineering Tools & Capabilities - Part 2
An overview of useful tools across the different capability areas related to Platform Engineering - Part 2/2.
Anti-Pattern 6: Being lazy with IaC and not doing things because it's too hard or gets in the way of things like Azure Policy
azure iac bicep anti-patterns security rbac documentation
Ignoring key practices like RBAC, over-relying on Azure Policy, skipping documentation, and neglecting resource cleanup can expose your infrastructure to risks and inefficiencies. Learn why incorporating these practices into your IaC is crucial for secure and effective deployments.
Azure Platform Engineering Tools & Capabilities - Part 1
An overview of useful tools across the different capability areas related to Platform Engineering - Part 1/2.
Anti-Pattern 5: Passing secrets from pipelines without first storing them in a Key Vault
azure iac bicep anti-patterns security secrets
Bypassing Azure Key Vault for secret management exposes your infrastructure to unnecessary risks and mistakes. Learn why integrating Key Vault into your pipelines is essential for secure and maintainable deployments.