Security
Using GPG Keys to sign Git Commits - Part 3
Okay, part 3! At this point, I'm assuming that you have already familiarised yourself with [part 1](./blog/gpg-git-part-1) and [part 2](./blog/gpg-git-part-2) of the series. As a quick recap, part 1 focused on why we would consider using GPG Keys in general. Part 2 focused on how to generate GPG keys along with some recommended practices on splitting out our master (Certification) key, from our specific purpose-driven keys. This post (part 3) focuses on using those keys as part of our usual development workflow using Git. We'll be assuming that GitHub is our end target, as GitHub supports [commit signature verification using GPG Keys](https://docs.github.com/en/github/authenticating-to-github/managing-commit-signature-verification).

V010 - Weekly Technology Vlog #10 (Episode backlog until Mid-July! New Microphone, Ignite Content!)
Vlog #10 is a milestone episode: Chris celebrates his birthday and a full year of Cloud With Chris with a new Shure SM7B microphone upgrade. The bulk of the episode is a walkthrough of Microsoft Ignite announcements, covering Azure Arc-enabled Machine Learning for on-premises data sovereignty scenarios, the Azure Communication Services and Microsoft Teams interoperability story, and significant security updates including Azure Key Vault Managed HSM (preview) and Trusted Launch for VMs. GitHub Actions fans also get a bonus segment on four lesser-known platform capabilities, including semantic release note generation and bring-your-own-environment workflows.
Using GPG Keys to sign Git Commits - Part 2
Hopefully by now you've had a chance to read [part 1](gpg-git-part-1) of this series, which explains why you may be interested in using GPG keys to sign your commits. Congratulations on getting to the second part! In part two, we're going to focus on how I worked through setting up GPG in my Windows environment, and generating a set of keys for use. There were some challenges/hurdles along the way, and we'll talk through those too!

V009 - Weekly Technology Vlog #9 (1 year of Cloud With Chris, Azure Retirements, Microsoft Ignite)
Week nine of the vlog coincides with the one-year anniversary of the Cloud With Chris podcast. Chris kicks off a multi-part blog series on GPG key signing for Git commits, demonstrating how trivially easy it is to spoof a contributor's identity in Git without verification — and how GitHub's GPG validation feature closes that gap. Azure news this week is lighter than usual, covering serverless and low-code scenarios with PowerApps, the new Private Azure Marketplace, and the Azure Quota REST API, plus a significant list of retirement notices from the Azure Updates page all targeting 29 February 2024.
28 - Intro to Landing Zones
What exactly is an Azure Landing Zone, and why does every cloud architect keep talking about it? In this episode, Chris Reddington is joined by Karim Fahmy — an Azure Solutions Architect with over 12 years of IT experience — to demystify Azure Landing Zones and their place within the Cloud Adoption Framework. Learn how landing zones provide the structured foundation covering networking topology, identity, governance, subscriptions, and security that your workloads need to succeed in the cloud. The episode also covers Azure Blueprints, Terraform automation, and real-world strategies for incrementally building and evolving your cloud foundation over time.
Using GPG Keys to sign Git Commits - Part 1
For a while now, I've been using GPG Keys to sign my Git Commits to prove that my commits on GitHub are genuine and from me. Over the last few weeks, I've been inspired by a couple of colleagues (Kudos to Adrian and Julie if you're reading this) to dig out my YubiKey and use these for my key signing activities. While there are several blog posts on the topic already, I encountered a number of roadblocks along the way. The intent of this blog post is to be the first of a series, where we'll explore what GPG is, why it may be valuable to you and how you can get going using them. We'll then take this forwards an additional step, and show how you can use YubiKeys as a second factor of verification and the benefits of this approach. By no means am I the world's expert in cryptography, and some of these topics, but I wanted to document my own understanding for posterity, as I'll inevitably need to repeat/review the process in the future. I hope that this may be useful to you.

V008 - Weekly Technology Vlog #8 (Changing Role, Guest Appearances, LOTS of Azure News)
Chris marks two months of weekly vlogging with a big career update: leaving FastTrack for Azure to become a Cloud Solution Architect in Microsoft's UK Customer Success Unit, focusing on the Manufacturing & Resources industry. The cloudwithchris.com site is also refreshed with a PodScribe-powered interactive transcript player that highlights spoken words in real time and enables crowd-sourced corrections — a meaningful accessibility improvement. Azure news is substantial this week, headlined by Azure RBAC for Key Vault data plane reaching GA (enabling secret- and certificate-level access control) and Azure Front Door Standard & Premium entering preview with private origin support via Private Link.

27 - The Compute Resource Consolidation Pattern (Optimise for Cost!)
Are you running dedicated compute for every tenant, microservice, or application instance — and paying for it? The Compute Resource Consolidation pattern shows you how to consolidate tasks onto shared infrastructure, such as a single AKS cluster with namespace isolation or an Azure SQL elastic pool, to reduce costs and management overhead. This episode explores the key trade-offs: blast radius containment, noisy neighbour contention, scalability profiles, and multi-tenancy strategies. Part of the "Architecting for the Cloud, One Pattern at a Time" series.

V007 - Weekly Technology Vlog #7 (Recap, NEW SITE, NEWS!)
Chris recaps his AzureIsh Live guest appearance and the messaging patterns episode with Will Eastbury covering pub-sub, priority queues, and pipes-and-filters. He showcases the Cloud with Chris v2 website prototype built in Hugo with AI-generated transcripts via Podscribe for accessibility, covers the npm dependency confusion attack vector affecting Azure Artifacts and GitHub packages, and highlights Azure's deployment to the International Space Station in partnership with HPE.
CGN1 - Cloud Gaming Notes Episode 1 - Hosting a Game Server
Ever thought about what it takes to host a game in the Cloud? Well, this is the series for you! On the first Wednesday of every month, we explore Cloud Concepts that impact your journey to a connected multiplayer gaming experience! In this first session, we'll play some Minecraft and talk to the concept of a hosted game server.