// Infrastructure as Code

Chris hosts the first live weekly vlog, recapping the Cloud Gaming Notes debut and a candid mental health conversation with Andrew Nathan. He covers Azure Security Center updates including dangling DNS protection for Azure Defender and the secure score API GA, spotlights Project Bicep as a new ARM template authoring experience with a VS Code extension, and highlights GitHub's engineering post on SLO-based deployment pipeline reliability.

Chris recaps a JamStack blog post, an appearance on the MS How-To show covering cloud design patterns, and the gatekeeper and valet key patterns session on API security. He covers Azure updates including AKS automatic cluster upgrade channels and the Secret Store CSI driver for Azure Key Vault, Azure DevOps Delivery Plans 2.0 with YAML manual validation, Pulumi as an infrastructure-as-code tool supporting Python, TypeScript, and Go, and a comprehensive GitHub 2020 year-in-review.

Chris announces his involvement with relaunching the Azure Thames Valley meetup, recaps the static content hosting pattern episode and his open source blog, and previews upcoming talks at AzureIsh Live and a SquaredUp webinar on application observability with Azure Monitor and App Insights. He covers Azure Updates including public IP SKU upgrades, built-in Azure Policy for NSG flow logs, GitHub's availability in Iran, the GitHub Enterprise Server 3.0 release candidate, and Docker Desktop integration with Azure Container Instances.

Before deploying application code, you need cloud infrastructure in place. This episode demonstrates how to deploy Azure infrastructure using ARM templates (Infrastructure as Code) directly from a GitHub Actions workflow—covering ARM template structure, the azure/arm-deploy action, repository organisation, and service principal setup for automated, repeatable Azure deployments.

You have your .NET Core application code and your Azure App Service infrastructure is ready. Now it's time to wire them together with an automated GitHub Actions deployment pipeline. This episode walks through building a multi-job workflow that compiles, publishes, and deploys your .NET Core app to Azure App Service using publish profiles and GitHub Secrets.

The Deployment Stamps pattern is a powerful cloud architecture approach for scaling, resilience, and multi-tenancy. In this episode, Chris Reddington is joined by John Downs — who contributed the pattern to the Azure Architecture Center — to explore how stamping out independent copies of your application stack across regions enables geographic distribution, data sovereignty, isolated failure domains, and deployment rings for staged rollouts. Discover when to use this pattern, how Azure itself relies on it internally, and the key considerations around request routing, cross-stamp querying, and disaster recovery planning.

Hybrid cloud is no longer just a transitional state between on-premises and public cloud — for many enterprises, it is the end state. Chris is joined by Thomas Maurer, Senior Cloud Advocate at Microsoft, to explore how Azure Arc, Azure Stack Hub, Azure Stack HCI, and Azure IoT Edge help organisations run workloads wherever they make sense: from data centres and factory floors to the network edge and other cloud providers.

In my spare time, I work on a pet project called Theatreers. The aim of this is a microservice based platform focused on Theatre / Musical Theatre (bringing a few of my passion areas together). I've recently re-architected the project to align to a multi-region serverless technology stack.

When designing a solution, you want to be sure that your communications are secure and that your users can trust your application. Typically, SSL certificates can be useful for this purpose.That is well and good from a design and development perspective, but there may some management headaches when operating and governing the solution. How do you keep track of the certificates? How do you guarantee that they are kept secure? How do you ensure that certificates renew on time?