@brianveldman
☁️ Cloud Solution Architect at Fellowmind ❤️ Microsoft MVP with a passion for Azure, DevOps, and Infrastructure as Code 🚀 Blogging at cloudtips.nl 💪🏻 Active on Reddit since July 2025 in the Azure and Azure Bicep community as brianveldman
🔥 Azure Bastion has introduced support for signing in with Microsoft Entra ID when using RDP to access Windows virtual machines directly from the Azure portal. cloudtips.nl/entra-id-sup...
🔥Azure Service Groups make it possible to bring resources together and manage them, even when they are spread across multiple subscriptions and resource groups, without being tied to the default Azure hierarchy. cloudtips.nl/azure-servic...
In this blog, I will show you how to get started with the Bicep console and how it supports my daily development workflow, so it can save you time as well. cloudtips.nl/the-azure-bi...
What if I told you that you can export your Conditional Access policies to PowerPoint, providing a high-level overview of your security posture? youtu.be/ANZLw1jkX8s?...
🔥 It is here. The unified tenant configuration management (UTCM) APIs allow administrators to control and manage configuration settings across a single workload or multiple workloads within the organization. cloudtips.nl/unified-tena...
How do we combine strong governance with automation in a structured way? This is where Enterprise Policy as Code, or EPAC, comes into play. cloudtips.nl/deploy-azure...
Recently, in a customer project, I had to switch from Passthrough Authentication to Password Hash Synchronization. That experience inspired me to write this blog for anyone who receives the same assignment but is unsure how to approach it. 💪🏻 cloudtips.nl/microsoft-en...
Many organizations deploy AI solutions on Microsoft Azure with a strong focus on innovation and speed. What is often underestimated is the importance of a well designed foundation. cloudtips.nl/this-is-why-...
🔥 Curious how the future of secure access with Managed Identities and Workload Identity Federation helps you move beyond risky secrets and certificates? medium.com/microsoftazu...
Super nice!
🔥 Want to know how to protect your Microsoft Entra External ID tenant against bad bots and malicious attackers? cloudtips.nl/protect-your...
Did somebody said snow? ⛄️❄️
First of all, I have to say that 2025 was an incredible year. I am truly grateful for everyone who supported my community contributions and helped me grow along the way. cloudtips.nl/reflecting-o...
In this blog I will show how to configure Microsoft Entra Private Access to tunnel selected application traffic through a private network in order to meet the access control policy of an application that depends on network based restrictions. cloudtips.nl/source-ip-an...
💪🏻Together with my colleagues Robert and Wouter, we migrated 100 VMs this weekend, phased out the old RDS farm, introduced AVD with six host pools and 125 VMs, and migrated fourteen locations from IPVPN to fiber and DSL via SDWAN to vWAN. Grateful for the gift and happy to help innovate IT platforms.
🎄 It is December at the North Pole. The elves are rushing around, workloads are flying everywhere, and even Santa is complaining that he has too many permissions. It is clearly time to bring some order with a bit of Bicep magic. cloudtips.nl/the-north-po...
⚡Adding Intune P2 features to Microsoft 365 E3 and E5 is getting a lot of well-deserved attention, but did you see the blip that isn't? Some Defender for Office P1 features are coming to E3 and E1 in 2026! 📧
www.microsoft.com/en...
🔥 It is here. Microsoft Entra Kerberos authentication for cloud only identities on Azure Files SMB is now available in preview. This makes it possible to access Azure Files without any domain controllers or hybrid identity requirements. cloudtips.nl/microsoft-en...
When remote users connect through a Point to Site (P2S) VPN in Azure Virtual WAN, you can route all their traffic including internet bound traffic through Azure Firewall by pushing a default route (0.0.0.0/0). This approach is commonly referred to as forced tunneling. 🔥
cloudtips.nl/secure-your-...
Enjoying vacation 💪🏻
[Share] 🔥 Microsoft Ignite 2025 Next Steps
After attending Microsoft Ignite 2025, your next steps to continue your learning journey!
#msignite #mvpbuzz
In this blog, I will demonstrate how to use Azure Container App Jobs to automate tasks with Microsoft Graph. For example, you might want to back up your Conditional Access rules from Entra ID to a secure location, such as an Azure Storage Account. 🔥 cloudtips.nl/automate-mic...
In this blog, I’ll demonstrate how to automate Privileged Identity Management (PIM) in Azure Landing Zones using Azure Bicep and the Microsoft Graph Provider, powered by Microsoft Entra ID Governance. cloudtips.nl/microsoft-en...
Bring Microsoft Learn content straight into your AI assistant or app with the Microsoft Learn Model Context Protocol (MCP). cloudtips.nl/why-you-shou...
This week's Entra newsletter is out.
Get it at https://entra.news
🚨 The Terraform MSGraph provider is a gamechanger. Today, I will show how you can use it to improve your Entra ID configuration and strengthen your security posture. cloudtips.nl/managing-ent...
I just sent out this week's Entra newsletter.
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🔥 Want to know how you can segment remote users in Azure Virtual WAN when they connect over Point to Site (P2S) VPN? cloudtips.nl/how-to-confi...
Today, @merill.net I are thrilled to announce the release of the new version of Maester on Azure Web App. cloudtips.nl/new-version-...
We just sent out this week's Entra news.
Check it out at entra.news/p/entra-n...