New Latest article: Least Privilege Studio: An Azure RBAC Tool

Cloud engineering
notes from production.

Real-world Azure infrastructure patterns. Documented after deployment, not before. Focus on automation, security, and the things that actually break at scale.

Azure

Terraform

PowerShell

Security

Automation

The Archive

Latest writing

Built with

The stack I write about

Az

Microsoft Azure

// Cloud platform

TF

Terraform

// HCL & modules

Bi

Bicep

// Native Azure IaC

PS

PowerShell

// Scripts & tooling

Id

Identity

// Entra ID & RBAC

Se

Security

// Hardening & policy

Au

Automation

// CI/CD & runbooks

Nw

Networking

// VNets & firewalls

Things I build

Tools & projects

One free tool I run, plus a steady stream of smaller automations and scripts I’ve open-sourced along the way.

Live

Least Privilege Studio

A free tool that helps you find exactly the Azure RBAC permissions you need — nothing more. Browse, search, and combine roles based on real Azure data.

Azure

RBAC

Free & OSS

leastprivilegestudio.com

Open tool ↗

About

Cloud engineer based in Zürich, Switzerland.

I work on enterprise-scale Azure infrastructure with a focus on automation, security, and Infrastructure as Code. Most of what I write here comes from problems I had to solve at work — where the documentation ran out and I had to figure things out the hard way.

If something here saved you a few hours, that’s the whole point.

Years on Azure

6+

Articles published

24

Primary stack

Azure · Terraform

Location

Zürich, CH

Status

Open to chat