As the moderator, I had the pleasure of guiding an engaging conversation with our featured speaker, Dharmendra Ahuja—a multi-cloud Certified Solution Architect, DevSecOps, and Data Engineer with 18+ years of experience. Dharmendra’s expertise spans cloud-native architectures, CI/CD, containerization, and Infrastructure-as-Code, making him the perfect guide for this journey.
Best Practices for Scalable CI/CD Pipelines
Dharmendra shared actionable insights on designing pipelines that scale with your team and application needs. From modular pipeline stages to leveraging cloud-native tools, the focus was on building resilient, maintainable workflows.
Automated Testing & Build Automation
We explored how Jenkins and CircleCI streamline automated testing and build processes. Dharmendra emphasized the importance of integrating tests early and often, ensuring every code change is validated before deployment.
Deployment Strategies: Blue/Green & Canary
The session highlighted advanced deployment strategies:
Blue/Green Deployments: Minimize downtime and risk by switching traffic between identical environments.
Canary Releases: Gradually roll out changes to a subset of users, enabling real-time feedback and rapid rollback if needed.
DevSecOps Integration
Security isn’t an afterthought—it’s baked into the pipeline. Dharmendra discussed proactive DevSecOps practices, from automated vulnerability scanning to policy enforcement, ensuring every release is secure by design.
Real-Time Monitoring with Prometheus & Datadog
Visibility is key! In this session, we learned how integrating Prometheus and Datadog provides real-time monitoring, alerting, and analytics—empowering teams to detect issues early and optimize performance.
Reducing Time-to-Market by Up to 40%
By adopting these best practices, organizations can dramatically reduce time-to-market, delivering value to customers faster without sacrificing quality or security.
Engaging Q&A
Throughout the session, I asked our presenter questions that sparked lively discussion:
How do you choose the right CI/CD tools for multi-cloud environments?
What are the biggest challenges in integrating security into pipelines?
Can you share a real-world example of a successful blue/green deployment?
Dharmendra’s responses were packed with practical advice and real-world stories, making the session both informative and inspiring.
Ready to Elevate Your DevOps Game and watch the full episode?
Whether you’re just starting your DevOps journey or looking to optimize your existing pipelines, the Cloud Marathoner community is here to support you. Let’s keep running toward cloud excellence—together!
As a Cloud Marathoner, continuous learning is part of the journey. Recently, I renewed my Microsoft 365 Certified: Teams Administrator Associate certification, and I want to share the experience so you can prepare for yours.
Why Renewal Matters
Microsoft certifications are valid for one year, and renewal ensures your skills stay aligned with the latest updates in Microsoft Teams. The renewal process is free, online, and unproctored—perfect for busy professionals who want flexibility.
Eligibility: You can renew within six months before expiration.
Assessment: A short, open-book online assessment focused on recent Teams updates.
Skills Measured:
Implement compliance for Microsoft Teams
Lifecycle management and governance
Manage external access and Teams devices
Configure Teams Phone, auto attendants, and call queues
Manage apps and collaboration experiences for chat and channels
Attempts: Unlimited until expiration, with a 24-hour wait between retakes.
Validity: Passing extends your certification by one year.
Preparation Tips
Microsoft provides a curated learning collection (about 8 hours) to help you prepare. I recommend:
Reviewing Teams governance and compliance modules.
Practicing Teams Phone configuration scenarios.
Exploring device management and external access best practices.
Did i cleared the exam?
Well… not 100% flawlessly! 😅 While preparing for the renewal assessment, I discovered many new features and updates in Microsoft Teams—especially around management and governance. These changes reminded me that staying current is a continuous journey.
I had to catch up on several latest capabilities, and honestly, that was the most exciting part of the process. Despite all the odds, I managed to pass the assessment with a good score! 🎉
Here’s the reality check:
The renewal assessment highlighted areas where I need improvement.
Features like Manage collaboration experiences, advanced compliance settings and Teams phone deserve more attention in my learning plan.
And yes, I’ve got the screenshot from my exam results showing the points I should improve—because growth is all about transparency and learning forward.
Key Takeaways
Passing is great, but the real win is identifying gaps and planning your next learning sprint. That’s what makes us true Cloud Marathoners—always running toward knowledge, not just the finish line.
Are you planning to renew your Teams Admin certification soon?
Drop your thoughts in the comments or share your experience with the Cloud Marathoner community!
Greetings to all Cloud community and Cloud Marathoner friends!
Did you know that the Cyber Back to School 2025 is started on October first? It is community organized event that you don’t want to miss out.
Cyber Back to School event
Cyber Back to School is an annual community event featuring IT professionals from across the world. This event was started in 2024 by Microsoft MVP and MCT Community Lead, Dwayne Natwick. Microsoft community Leader, Microsoft MCT, blogger, and public speaker, Derek Smith, joined the team as co-organizer in 2025. In 2025, Cloud Marathoner and Microsoft MVP and MCT, Elkhan Yusubov began assisting with social media and promotion of the event. Community members submit sessions, either videos or blog articles, to provide viewers with actionable knowledge. The event takes place every October, from 01 October to 31 October.
This year I submitted two sessions and look forward to sharing the first one on this blog below.
What is covered in my session?
Strong governance is the foundation of a secure, scalable, and cost-effective cloud environment. In this hands-on session, we’ll explore together how to use Bicep — Azure’s new infrastructure as code language —alongside GitHub Copilot to streamline and strengthen your Azure governance strategy.
You will learn the following in this session:
✅ Azure Governance: policies, role-based access control (RBAC), resource locks, and naming conventions
✅ Resource Governance rules with Bicep code
✅ GitHub Copilot to the rescue of reduce errors and follow best practices in IaC
✅ Real-world examples
✅ Automating governance at scale
✅ Tips for integrating governance into your CI/CD workflows
This session is designed for early-career cloud engineers and architects looking to build confidence in managing Azure environments with automation and AI-assisted development.
Azure Governance
As a cloud engineer or working professional stepping into the world of Microsoft Azure, one of the most important concepts to grasp early is Azure Governance. Think of it as the set of rules and practices that help organizations manage their cloud resources effectively, securely, and in a cost-efficient way. Let’s break down some of the key components of Azure Governance:
🛡️Azure Policies – Enforcing Rules
Azure Policies are like the rulebook for your cloud environment. They help ensure that resources are created and managed in a way that aligns with your organization’s standards. For example: You can create a policy that only allows resources to be deployed in specific regions (e.g., only in West Europe or East US), or that requires all storage accounts to have encryption enabled.
Why it matters? It helps prevent misconfigurations, ensures compliance, and keeps your environment secure and cost-effective.
👥 Role-Based Access Control (RBAC) – Managing Who Can Do What
RBAC is Azure’s way of controlling who has access to what resources and what actions they can perform. For example: You can give a developer access to manage virtual machines in a resource group but not allow them to delete the resource group itself.
Why it matters? It follows the principle of least privilege, ensuring users only have the permissions they need—nothing more, nothing less.
🔒 Resource Locks – Preventing Accidental Deletion or Changes
Resource Locks are like putting a “Do Not Touch” sign on critical resources. We have following types of locks:
ReadOnly – Users can read the resource but can’t make changes.
CanNotDelete – Users can modify the resource but can’t delete it.
As a use case example: You can lock a production database to prevent accidental deletion during maintenance.
Why it matters? It adds an extra layer of protection for important resources and prevents accidental changes in your important resources.
🏷️ Naming Conventions – Keeping Things Organized
Naming conventions are standardized ways of naming your resources so they’re easy to identify and manage. For example: A virtual machine name like vm-prod-weu-app01 could tell you the following additional information:
It’s a VM
Used in production
Located in West Europe
It’s an app server
Why it matters? It improves clarity, helps with automation, and makes managing large environments much easier.
🧩 Bringing It All Together
Imagine you’re building a cloud environment for a company. With Azure Governance you can achieve the following mission:
Define rules (Policies)
Control access (RBAC)
Protect critical resources (Locks)
Stay organized (Naming Conventions)
Together, these tools ensure your cloud environment is secure, compliant, and manageable—even as it grows. Mastering Azure Governance early will set you up for success as you build scalable, secure, and well-managed cloud solutions.
Resource governance with Bicep Code
Resource governance with Azure Bicep empowers organizations to manage cloud resources consistently and securely through declarative infrastructure-as-code. By defining policies, role assignments, and resource configurations in Bicep templates, teams can enforce compliance, reduce configuration drift, and automate deployments across environments. This approach enhances visibility and control, ensuring that resources adhere to organizational standards from the moment they’re provisioned.
Additionally, Bicep simplifies governance by integrating seamlessly with Azure Policy and management groups, enabling scalable enforcement of rules across subscriptions. Its modular structure promotes reuse and collaboration, allowing teams to build standardized templates for tagging, cost management, and security controls. Ultimately, Bicep streamlines governance workflows, reduces manual overhead, and fosters a culture of accountability and best practices in cloud operations.
GitHub Copilot to the rescue
Related content of content
Automating governance
Related content of content
integrating governance into your CI/CD
Related content of content
Demo and references
Related content of content
Updates coming soon
Stay tuned for details, as the complete post is in-progress and be available on the week of Oct 7, 2025
As a Cloud Marathoner, the journey never stops! Recently, I renewed my Microsoft Certified: Power BI Data Analyst Associate certification, and I want to share the experience so you can prepare for yours.
Why Renewal Is Important
Microsoft certifications are valid for one year, and renewal ensures your skills stay aligned with the latest Power BI updates. The renewal process is free, online, and proctored—perfect for professionals who want flexibility without scheduling hassles.
What an energizing experience to speak at the Microsoft Azure Community User Group! This week, our session was all about exploring Azure Bicep innovation and the powerful new Microsoft Graph extension—with a focus on hands-on learning, community growth, and practical cloud skills.
The Cloud Marathoner Community
We kicked off by sharing the vision behind the Cloud Marathoner community—a movement to help both beginners and seasoned pros upskill, inspire each other, and support underrepresented groups in IT. The goal? To motivate everyone to keep running their cloud learning journey and celebrate each milestone together.
Azure Bicep: The latest advancement in Infrastructure as Code
Azure Bicep is a domain-specific language designed to simplify resource management in Azure. Unlike traditional ARM templates, Bicep offers:
Easy-to-read syntax
Day-zero support
Deep integration with Azure
Code reusability through modules
Production-ready deployments
We explored how Bicep abstracts over ARM templates, making infrastructure as code more accessible and enjoyable for everyone.
Modularization: Reusability and Teamwork
One of the session’s core themes was modularization—breaking down your infrastructure code into reusable modules. This approach brings:
Type safety and IntelliSense
Standardization across teams
Easier maintenance and deployment
Integration with Azure Bicep Registry and Azure Verified Modules
We walked through demos showing how to build and deploy modular Bicep files, highlighting the benefits for both individuals and organizations.
Microsoft Graph Extension: Expanding Bicep’s Power
The latest innovation is the Microsoft Graph extension for Azure Bicep. This extension lets you:
Reference and deploy resources beyond native ARM scope (like Microsoft Graph resources)
Combine Azure and non-Azure resources in a single Bicep file
Simplify complex deployment scenarios with unified declarative modules
We demonstrated how to use the extension to create security groups and managed identities in Microsoft Entra ID, showing the practical steps and best practices for real-world deployments.
Hands-On Demos and Best Practices
Throughout the session, we switched between slides and live demos in Visual Studio Code, showing:
How to visualize Bicep deployments with the Bicep Visualizer
Quick deployment options via right-click in VS Code
Scripted deployments using Azure CLI and PowerShell
Troubleshooting common issues (like managed identity delays)
How to redeploy for idempotent results
We also discussed leveraging GitHub Copilot for code generation and the importance of baseline knowledge to get the most out of AI tools.
Community Resources and session recording
To keep your marathon going, check out these resources:
The Cloud Marathoner community is all about sharing, growing, and supporting each other. Whether you’re just starting out or looking to master the latest Azure innovations, there’s a place for you.
Connect with us, share your feedback, and let’s keep running toward cloud excellence — together!
Becoming a Microsoft MVP isn’t about chasing a title—it’s about embracing a mission.
As the community lead of Cloud Marathoner, I’ve had the privilege of walking alongside cloud engineers, architects, and passionate tech enthusiasts who are building, sharing, and growing together. Many of them ask me: “How do I become a Microsoft MVP?”
The answer is both simple and profound: do what you love and give back.
🧭 What Is a Microsoft MVP?
The Microsoft Most Valuable Professional (MVP) award recognizes exceptional community leaders who share their expertise, uplift others, and contribute meaningfully to the tech ecosystem. It’s not a certification—it’s a celebration of consistent, authentic impact.
According to the official Microsoft MVP site, the MVPs are selected for their contributions across blogs, talks, open-source projects, user groups, and more. They are the spark that keeps the community thriving.
🛤️ My Journey: From Passion to Purpose
When I started Cloud Marathoner, it was just a blog. But it quickly became a movement—a space where cloud professionals could learn, share, and grow together. I didn’t set out to become an MVP. I set out to help others to succeed in their unique Cloud journey. And that’s the secret.
As Betsy Weber, Microsoft Program Manager beautifully put it:
“Don’t follow the crowd—find your gap and fill it with passion, creativity, and community.”
🎉 Celebrating Microsoft AWARD
This year, I’m incredibly honored to celebrate my 4th consecutive Microsoft MVP award recognition from Microsoft. It’s a meaningful milestone that reflects the many community events, sessions, and contributions I’ve wholeheartedly delivered over the last year. My focus remains strong on Infrastructure as Code and Cloud Optimization, while I continue to explore and share innovations in AI and GitHub Copilot to empower and uplift our community of cloud engineers, architects, and tech enthusiasts.
🧩 Find Your Gap, Fill It with Passion
You don’t need to be the loudest voice. You need to be the most authentic one.
🎨 Like MVP Luise Freese, who turned technical content into sketchnotes that even Satya Nadella noticed.
🌍 Like Sharon Weaver, who kept her user group alive through the pandemic.
🎤 Like Lee Englestone, who built a Visual Studio tips site that led to talks and a book.
Each of them found a unique way to give back. So can you.
🧱 actionable Steps to Becoming a Microsoft MVP
Be an Expert Master your craft. Stay current. Share what you learn.
Be a Leader Start a user group. Mentor others. Create inclusive spaces.
Be an Advocate Provide feedback to Microsoft. Champion tools that help others.
Be Consistent MVP is a marathon, not a sprint. Keep showing up.
Be Visible Blog, speak, stream, post—whatever suits your style. Just share.
💬 Final Thoughts: Your Spark ✨ Matters
You don’t need permission to start. You don’t need a title to lead. You just need to care enough to contribute.
Whether you’re streaming your learning journey, launching a user group, or writing your first blog post—you’re already on the path.
So go ahead. Share your knowledge. Be helpful. Look for gaps to fill. The community is waiting for your spark. ✨
Last week, we had an interesting session with Rodrigue Yengo on how you could transform data management in Dynamics 365 Sales through Data Mesh architecture!
This session was different as Cloud Lunch and Learn welcomed our #CloudMarathoner friend Martin Dimovski into studio to drive session as we did the discussions together by asking questions to our speaker from France.
In this session, Rodrigue will walk us through: 🔹 How to decentralize data ownership 🔹 Strategies to improve data accessibility across teams 🔹 Seamless integration of new Business Units (BUs) 🔹 Maintaining governance and data quality at scale 🔹 Data Fabric vs Dynamics 365 for Sales?
what we covered as well?
💡 A practical use case will bring these concepts to life and show how Data Mesh principles can be effectively applied in a Dynamics 365 environment.
In addition, we sparked discussion around Data Fabric and how it is related or different from the Dynamics 365. Which tool is for what and how to navigate those questions.
When and Where
📅 Date: June 4th, 2025 🕒 Time: 5 PM UTC 📍 Recorded session URL
check the recording
Whether you’re a data architect, Dynamics 365 professional, or just passionate about modern data strategies, this session is for you!
Last week, we had a very interesting session focused on cybersecurity.
Our guest speaker Brian Contos, shared his expertise on the following critical cybersecurity topics:
✅ Real-life stories from the trenches, drawn from years of cloud-based incident response. ✅ Exploration of various hacks to illustrate how breaches occur, what happens following a breach, and why organizations struggle to detect and respond. ✅ Mitigation strategies to proactively prepare for a breach, discover malicious activity, and respond effectively.
Malicious actors are counting on your passivity, your blind spots, and your inability to detect and respond to attacks in the cloud. Break their hearts!
Are you ready to learn more about hacking 🔐 ⛔ the cloud and how to prevent it ⁉️ 🤔 Tune in to hear and learn from real-world stories.
Real-World Examples
Crypto mining on hacked security cameras in a casino.
$15 million wire fraud via compromised Office 365 and fake domains.
MongoDB ransomware where attackers lied about stealing data.
Robot hack demo showing how easy it is to control industrial devices with no authentication.
When and Where
📅 Date: May 7th, 2025 🕒 Time: 5 PM UTC 📍 Recorded session URL
Don’t miss out on this amazing hacking session. Let’s make the cloud a safer place together!
Last week, we had a great discussion with our guest speaker – Microsoft MVP, Håkan Silfvernagel. Our topic was Azure Ai services using the Semantic Kernel with simple, yet insightful demos.
Don’t miss an opportunity to learn about 🚀 #AzureAI services using Semantic Kernel today at the Cloud Lunch and Learn session 🤩
What WILL YOU learn?
By checking this session, you will learn how to build your own CoPilot experience using the Semantic Kernel released as an open-source project. Our speaker has demonstrated how you can use skills, memories, connectors, and plugins in order to enhance the experience for your users.
Greetings to all #CloudMarathoner community members!
Last week, we had an exhilarating session with a Microsoft Certified Trainer (MCT), André M.D. Melancia – who shared his invaluable insights on Hacking Azure AI.
meet our Speaker
Our dynamic speaker, André, is a seasoned Developer, DBA, and security consultant with a wealth of hands-on experience. He is dedicated to helping organizations thrive. This demo-driven session was a must-attend for developers, data engineers, data scientists, and security consultants eager to learn about the security aspects of using Generative AI in their daily work.
Highlights from the Session
André captivated us with his demonstrations of exploits and security recommendations for various tools, including ChatGPT. He provided practical advice on avoiding mistakes that could expose your projects or organizations to cyber threats.
Demos on Azure AI Foundry
Our speaker incorporated interesting demos on Azure AI Foundry services, including an explanation of different AI models, Chat playground with examples on how to create filters and block specific types of content.
AI Application Workflow Demos
Another interesting demo is on a typical AI services application that are used in application where an application is using Azure AI services to return responses. This demo screenshot below emphasis a need for protection and/or filtering before returning results back to the requester application – which an end-user or cybercriminal may exploit with your AI system data.
Watch the Recorded Session
If you missed the live session or want to revisit the insights shared, check out the full recording on our Cloud Lunch and Learn YouTube channel. Don’t miss this opportunity to enhance your knowledge and skills in Azure AI security!
