7 posts tagged with "well architected framework"

Managing costs in the cloud is crucial to avoid unexpected expenses.
How many times have I read "Azure just charged me 1k dollars because of a misconfiguration".
Did it happen to you as well? Me too. And I know how stupid you feel after that. Sometimes it is not even our fault. (cough* strange defaults from Azure *cough)

So to avoid that, we can setup budgets and get notified when we reach certain thresholds.
It's important to know which scope you want to set the budget on. It can be at management group level, subscription level or resource group level. Choose the scope you are responsible for and want to monitor costs for.

What are the options? Let's explore them.

Organizing Azure resources is one of those rare tasks that sounds straightforward until you actually start doing it.
Suddenly you’re trying to balance cost allocation, security boundaries, governance rules, domain ownership, deployment pipelines, and team autonomy. All while the number of services grows faster than your architecture diagram can keep up.

If designing cloud boundaries feels like organizing a city while it’s still being built, that’s because it is.
And like any good city, Azure needs structure: districts, buildings, addresses, zoning rules, and a way to understand who owns what. Why? Because moving buildings (or Azure resources) is not always easy.

This guide takes a practical look at how to design resource boundaries in Azure—using concepts from Domain-Driven Design (DDD), Team Topologies, CAF, Well-Architected Framework.

Workload Identity Federation is the recommended approach for Service Connection. So why would I use the old approach with an app registration where I need to rotate the secret by myself? Well, there are some pipeline tasks which doesn't support Workload Identity Federation.
And in this case, you have to use the old approach.
And today was the day of rotation.
And a team member tried to renew the secret but didn't know how to do it, because the problem is still not fixed correctly in the UI.

Let's check the steps to fix it.