As an experienced professional specializing in Cloud Engineering & Cloud Architecture, my primary focus revolves around Microsoft Azure & Kubernetes. I offer a diverse set of skills capable of tackling complex challenges and creating innovative cloud solutions.
I have a strong passion for DevOps, where I help organizations and teams enhance their collaborative efforts and streamline processes. Specializing in orchestrating efficient development practices with a focus on tools like CI/CD and GitOps, I bring a dedication to excellence, innovation, and continuous improvement.
As a true believer in shift left and zero trust, security should be integral part of any organizational structure. I am dedicated to fostering seamless integration of privacy and security by design, consistently adopting proactive measures to strengthen effective risk management.
We recently completed the second innovation week of this year at my current company, where the focus was on using AI to see how it can transform us and the healthcare industry where we operate. A number of researches we conducted during the innovation week: Azure AI Search We have looked at advanced and effective searching of datasets on a large scale. This can be expanded with AI intelligence, such as natural language processing models, to better understand the intent behind searches.
When using Bicep modules for multiple projects or for diverse clients, an often straightforward approach is to define the modules centrally and replicating those modules in each repository. While this approach allows customization for specific solutions, such as incorporating new features or implementing security configurations for compliance, challenges arise when attempting to propagate these improvements to other solutions while ensuring adherence to the latest standards. This is where the private Bicep module registry steps in.
In this blog post I want to share my knowledge on how we implemented Trivy for our repositories and as part of our CI/CD pipelines. Whether it was our for our Bicep templates in a shared registry or finding vulnerabilities in containers before deploying to production, we where missing proactive security scanning for these resources. As I’ve worked with Trivy before, it was my immediate preference, and I was confident it would help us enhance our holistic security posture.
In a DevOps environment, incorporating testing into a continuous integration (CI) process is crucial. The integration within CI facilitates the early identification of issues before code deployment to any environment. While this practice widely adopted for application code, it is also important to apply this for infrastructure as code templates. In this post I want to explain what PSRule for Azure is, how I have implemented it for our company with GitHub Actions, and providing insights in the configurations that I have used.