Simon
25-04-2026 
Simon
Hi, I'm Simon Vedder – a Cloud Engineer based in Switzerland, specializing in Microsoft Azure, Terraform, and PowerShell. I work on enterprise-scale cloud infrastructures with a focus on automation, security, and Infrastructure as Code. On this blog I document real-world projects, solutions, and lessons learned – no fluff, just things that actually work.
Simon
25-04-2026 Least Privilege Studio: An Azure RBAC Tool
If you’ve ever set up a service principal in Azure and thought “I’ll just use Contributor for now” — this…
Simon
04-04-2026 Hardening Entra ID with Terraform
A practical implementation guide covering identity baseline, privileged access, conditional access, and monitoring – fully managed as infrastructure as code.…
Simon
03-04-2026 Azure Cloud Adoption: Landing Zones, WAF, and the Big Picture
This post is different from my usual project or solution based posts — no code, no architecture diagrams. Just the…
Simon
23-02-2026 Private Azure Monitoring at Scale — Terraform, Zero Public Traffic
Modern enterprise cloud architectures demand more than just functional monitoring — they demand secure monitoring. By default, the Azure Monitor…
Simon
19-12-2025 Automated Azure VM Power Management with a Tag-Driven Runbook
In a previous post, I introduced a lightweight, tag-driven VM power management solution in Azure that combined an Automation Runbook…
Simon
08-12-2025 Entra ID Login with Azure Bastion (Public Preview)
Managing credentials for virtual machines has always been a balancing act between security, usability, and operational overhead. With the new…
Simon
04-12-2025 Deploying Agents to Azure VMs Using Azure Policy and VM Applications
The Problem: Organizations need to deploy agents, monitoring tools or security agents across all Azure VMs consistently. Traditional approaches often…
Simon
16-11-2025 Using Azure Firewall as a NVA with Terraform
Using Azure Firewall as a Network Virtual Appliance (NVA) provides a powerful alternative to traditional VNet peering in hub-and-spoke designs.…
Simon
01-11-2025 Managing Secrets in Terraform: From Bad to Automated
When it comes to Infrastructure as Code (IaC), Terraform is an incredibly powerful tool. It allows us to define, deploy,…
Simon
13-10-2025 Sending Custom Logs to Log Analytics via HTTP
Centralized logging is a cornerstone of any professional IT or DevOps setup. Azure Log Analytics (LAW) / Azure Monitor provides…