Azure

Published on
June 1, 2026
Azure networking fundamentals — VNet, subnet, NSG, peering explained
azure
Azure networking is nested — VNet, subnet, NIC, NSG, each with one job. Here is the mental model that finally clicked for me, plus the one peering gotcha that bites everyone the first time.
Published on
May 25, 2026
How Azure Workload Identity works on AKS — OIDC tokens, no client secrets
azure kubernetes security
Workload Identity replaces shared client secrets with per-pod OIDC tokens. Here is the mental model that finally clicked for me, plus the four pieces you need to wire it up on AKS.
Published on
May 18, 2026
Azure identities explained — Service Principal vs Managed Identity vs App Registration
azure security
Four names that look like four different things. Really, they are two real objects and two portal views. Here is the short version — what each one actually is, and which one to use in which situation.
Published on
May 14, 2026
Dropping connection strings in AKS — DefaultAzureCredential + Workload Identity
azure kubernetes security
Workload Identity gives every pod its own Azure identity. So why are we still passing connection strings around? Here is how I dropped them for SQL, Storage, and Service Bus — using DefaultAzureCredential and a single pattern.

Azure networking fundamentals — VNet, subnet, NSG, peering explained