https://larryjameshenry.com/posts/ultimate-guide-yaml-expressions/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpThe Ultimate Guide to Azure DevOps YAML ExpressionsMaster Azure DevOps YAML expressions: understand the exact evaluation order of ${{ }}, $[ ], and $( ) to build pipelines that never silently fail.https://larryjameshenry.com/posts/ultimate-guide-yaml-expressions/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-landing-zone-guide/2026-04-02T00:00:00+00:00https://larryjameshenry.com/images/featured.webpEnterprise Azure Landing Zone: The Complete GuideBuild a production-grade Azure Landing Zone from scratch. Covers all 8 CAF design areas with Terraform and Bicep AVM code examples.https://larryjameshenry.com/posts/azure-landing-zone-guide/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-landing-zone-guide/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/debugging-silent-pipeline-failures/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpDebugging Silent Azure DevOps YAML if Statement FailuresWhy Azure DevOps ${{ if }} blocks silently skip steps when given runtime variables — and how to diagnose and refactor broken conditions using the Expanded YAML view.https://larryjameshenry.com/posts/debugging-silent-pipeline-failures/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-management-group-design/2026-04-03T00:00:00+00:00https://larryjameshenry.com/images/featured.webpDesign Your Azure Management Group and Subscription HierarchyDesign and deploy a production Azure management group hierarchy with Terraform and Bicep AVM. Covers CAF topology, subscription strategy, and naming.https://larryjameshenry.com/posts/azure-management-group-design/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-management-group-design/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/escaping-parameter-hell/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpEscaping Parameter Hell: Nested Template PatternsStop re-declaring every parameter across 5+ template layers. Learn object bundling, templateContext, and Facade patterns that scale to 100+ YAML files.https://larryjameshenry.com/posts/escaping-parameter-hell/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-hub-spoke-networking/2026-04-06T00:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Landing Zone Hub-and-Spoke: Firewall, Bastion, DNSBuild a production hub-and-spoke network for Azure landing zones. Covers Azure Firewall, Bastion, Private DNS Zones, and VNet peering with Terraform and Bicep.https://larryjameshenry.com/posts/azure-hub-spoke-networking/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-hub-spoke-networking/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/templatecontext-deep-dive/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webptemplateContext Deep Dive: Bundling Job MetadataA complete reference for Azure DevOps templateContext — how to attach custom metadata to jobList and stageList entries without breaking the YAML schema.https://larryjameshenry.com/posts/templatecontext-deep-dive/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-identity-architecture/2026-04-07T00:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Landing Zone Identity: Entra ID, RBAC, and PIMDesign the identity layer of an Azure landing zone. Covers Entra ID vs Azure RBAC, MG-scoped role assignments, PIM, and OIDC for pipelines.https://larryjameshenry.com/posts/azure-identity-architecture/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-identity-architecture/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/advanced-each-looping-iterating-complex-nested-objects/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpAdvanced each Looping: Iterating Complex Nested ObjectsGo beyond simple string arrays in Azure DevOps YAML. Master ${{ each }} over nested objects, key-value maps, and filtered iterations to generate dynamic stages.https://larryjameshenry.com/posts/advanced-each-looping-iterating-complex-nested-objects/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-policy-governance/2026-04-08T00:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Policy as Code: Governance with Terraform and BicepDeploy Azure Policy definitions and assignments as code using Terraform and Bicep. Covers compliance benchmarks, DINE effects, and exemptions.https://larryjameshenry.com/posts/azure-policy-governance/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-policy-governance/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/dynamic-matrix-test-strategies/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpDynamic Matrix Strategies: Generating Runtime TestsCombine Azure DevOps compile-time ${{ each }} with runtime strategy.matrix to build self-scaling test suites that adapt to parameters without YAML edits.https://larryjameshenry.com/posts/dynamic-matrix-test-strategies/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-subscription-vending/2026-04-09T00:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Subscription Vending: Automated Workload OnboardingAutomate Azure subscription provisioning with a PR-based vending workflow. Deploy spoke networking, RBAC, and monitoring baselines using Terraform and Bicep.https://larryjameshenry.com/posts/azure-subscription-vending/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-subscription-vending/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/cross-job-communication-mastering-dependencies-output-variables/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpCross-Job Communication: Dependencies and Output VariablesMaster Azure DevOps output variables: set data in one job and consume it in another stage or matrix leg with the exact syntax for every reference path.https://larryjameshenry.com/posts/cross-job-communication-mastering-dependencies-output-variables/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-monitor-logging/2026-04-10T00:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Centralized Monitoring: Log Analytics and WorkbooksDesign a centralized logging architecture for your Azure Landing Zone using Log Analytics, automated Diagnostic Settings via Policy, and Monitor Workbooks.https://larryjameshenry.com/posts/azure-monitor-logging/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-monitor-logging/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/expression-security-hardening/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpExpression Security: Preventing Azure DevOps YAML InjectionHow attackers exploit Azure DevOps YAML expressions to inject commands — and the typed parameters, env-block patterns, and extends templates that stop them.https://larryjameshenry.com/posts/expression-security-hardening/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-security-baseline/2026-04-16T15:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Security Baseline: Defender for Cloud and SentinelEstablish a security baseline by deploying Microsoft Defender for Cloud and Microsoft Sentinel as code. Automate CSPM and SIEM across your landing zone.https://larryjameshenry.com/posts/azure-security-baseline/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-security-baseline/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/solving-initialization-lag/2026-04-29T00:00:00+00:00https://larryjameshenry.com/images/featured.webpSolving Azure DevOps Pipeline Initialization LagWhy Azure DevOps pipelines take 30+ seconds before the first task runs — and the template flattening, hierarchy reduction, and caching strategies that fix it.https://larryjameshenry.com/posts/solving-initialization-lag/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-landing-zone-cicd/2026-04-13T15:00:00+00:00https://larryjameshenry.com/images/featured.webpCI/CD for Azure Landing Zones: GitHub Actions & AVMBuild a production-grade CI/CD pipeline for your Azure Landing Zone. Automate AVM module deployment using GitHub Actions with Terraform plans and Bicep previews.https://larryjameshenry.com/posts/azure-landing-zone-cicd/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-landing-zone-cicd/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-landing-zone-costs/2026-04-14T15:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Cost Governance: Tagging, Budgets, and FinOpsMaster Azure cost governance by automating tagging enforcement, budget alerts, and anomaly detection. Build a FinOps-ready landing zone using Terraform and Bicep.https://larryjameshenry.com/posts/azure-landing-zone-costs/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-landing-zone-costs/images/featured.webpimages/featured.webphttps://larryjameshenry.com/posts/azure-landing-zone-ops/2026-04-15T15:00:00+00:00https://larryjameshenry.com/images/featured.webpAzure Landing Zone Day-2 Ops: Maintenance and EvolutionOperate and evolve your Azure Landing Zone. Covers automated drift remediation, RBAC reviews, and migrating to Azure Verified Modules (AVM).https://larryjameshenry.com/posts/azure-landing-zone-ops/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-landing-zone-ops/images/featured.webpimages/featured.webphttps://larryjameshenry.com/tags/azure-devops/2026-04-29T00:00:00+00:00https://larryjameshenry.com/series/azure-devops-yaml-expression-masterclass/2026-04-29T00:00:00+00:00https://larryjameshenry.com/categories/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/ci/cd/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/compile-time/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/compile-time-expressions/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/conditional-insertion/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/cross-job-variables/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/cross-stage-variables/2026-04-29T00:00:00+00:00https://larryjameshenry.com/categories/devops/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/devops/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/devops-architecture/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/devsecops/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/dynamic-matrix/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/dynamic-stages/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/enterprise-pipelines/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/expression-injection/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/initialization-lag/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/joblist/2026-04-29T00:00:00+00:00https://larryjameshenry.com/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/looping-objects/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/matrix-strategy/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/nested-templates/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/output-variables/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/parallel-jobs/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-automation/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-debugging/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-dependencies/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-expressions/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-hardening/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-performance/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/pipeline-security/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/platform-engineering/2026-04-29T00:00:00+00:00https://larryjameshenry.com/posts/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/runtime/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/runtime-conditions/2026-04-29T00:00:00+00:00https://larryjameshenry.com/series/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/stagelist/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/template-optimization/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/template-parameters/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/templatecontext/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/test-automation/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/yaml/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/yaml-each/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/yaml-expressions/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/yaml-injection/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/yaml-pipelines/2026-04-29T00:00:00+00:00https://larryjameshenry.com/tags/yaml-templates/2026-04-29T00:00:00+00:00https://larryjameshenry.com/series/azure-platform-engineering-build-an-enterprise-landing-zone-from-scratch/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/azure-security/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/cspm/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/defender-for-cloud/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/iac/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/microsoft-sentinel/2026-04-16T15:00:00+00:00https://larryjameshenry.com/categories/security/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/siem/2026-04-16T15:00:00+00:00https://larryjameshenry.com/tags/avm-migration/2026-04-15T15:00:00+00:00https://larryjameshenry.com/categories/azure/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/azure-landing-zone/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/day-2-operations/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/drift-detection/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/policy-remediation/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/rbac-review/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/azure-budgets/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/azure-cost-management/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/azure-tagging-policy/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/finops/2026-04-14T15:00:00+00:00https://larryjameshenry.com/categories/finops/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/focus/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/avm/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/bicep/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/github-actions/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/iac-pipeline/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/oidc/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/terraform/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/azure-diagnostic-settings/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-landing-zone-monitoring/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-log-analytics/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-monitor-workbooks/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-subscription-vending/2026-04-09T00:00:00+00:00https://larryjameshenry.com/tags/subscription-automation/2026-04-09T00:00:00+00:00https://larryjameshenry.com/tags/azure-governance/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/azure-policy/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/azure-policy-as-code/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/compliance/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/azure-pim/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/azure-rbac/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/entra-id/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/managed-identity/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/workload-identity/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/azure-bastion/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/azure-firewall/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/azure-hub-spoke-networking/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/private-dns-zones/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/azure-caf/2026-04-03T00:00:00+00:00https://larryjameshenry.com/tags/azure-management-groups/2026-04-03T00:00:00+00:00https://larryjameshenry.com/tags/azure-subscription-hierarchy/2026-04-03T00:00:00+00:00https://larryjameshenry.com/tags/enterprise-azure/2026-04-02T00:00:00+00:00https://larryjameshenry.com/gallery/2022-06-25T18:35:46+05:30https://larryjameshenry.com/about/https://larryjameshenry.com/images/larryjameshenry.webpAbout Larry James HenrySenior DevOps Engineer and Azure Solutions Architect specializing in Platform Engineering and PowerShell automation.