https://larryjameshenry.com/posts/azure-landing-zone-guide/2026-04-02T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgEnterprise Azure Landing Zone: The Complete GuideBuild a production-grade Azure Landing Zone from scratch. Covers all 8 CAF design areas with Terraform and Bicep AVM code examples.https://larryjameshenry.com/posts/azure-landing-zone-guide/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-management-group-design/2026-04-03T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgDesign Your Azure Management Group and Subscription HierarchyDesign and deploy a production Azure management group hierarchy with Terraform and Bicep AVM. Covers CAF topology, subscription strategy, and naming.https://larryjameshenry.com/posts/azure-management-group-design/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-hub-spoke-networking/2026-04-06T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Landing Zone Hub-and-Spoke: Firewall, Bastion, DNSBuild a production hub-and-spoke network for Azure landing zones. Covers Azure Firewall, Bastion, Private DNS Zones, and VNet peering with Terraform and Bicep.https://larryjameshenry.com/posts/azure-hub-spoke-networking/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-identity-access-architecture/2026-04-07T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Landing Zone Identity: Entra ID, RBAC, and PIMDesign the identity layer of an Azure landing zone. Covers Entra ID vs Azure RBAC, MG-scoped role assignments, PIM, and OIDC for pipelines.https://larryjameshenry.com/posts/azure-identity-access-architecture/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-policy-governance-scale/2026-04-08T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Policy as Code: Governance with Terraform and BicepDeploy Azure Policy definitions and assignments as code using Terraform and Bicep. Covers compliance benchmarks, DINE effects, and exemptions.https://larryjameshenry.com/posts/azure-policy-governance-scale/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-subscription-vending-automation/2026-04-09T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Subscription Vending: Automated Workload OnboardingAutomate Azure subscription provisioning with a PR-based vending workflow. Deploy spoke networking, RBAC, and monitoring baselines using Terraform and Bicep.https://larryjameshenry.com/posts/azure-subscription-vending-automation/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/azure-monitor-centralized-logging/2026-04-10T00:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Centralized Monitoring: Log Analytics and WorkbooksDesign a centralized logging architecture for your Azure Landing Zone using Log Analytics, automated Diagnostic Settings via Policy, and Monitor Workbooks.https://larryjameshenry.com/posts/azure-monitor-centralized-logging/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/landing-zone-cicd-pipeline/2026-04-13T15:00:00+00:00https://larryjameshenry.com/images/featured.jpgCI/CD for Azure Landing Zones: GitHub Actions & AVMBuild a production-grade CI/CD pipeline for your Azure Landing Zone. Automate AVM module deployment using GitHub Actions with Terraform plans and Bicep previews.https://larryjameshenry.com/posts/landing-zone-cicd-pipeline/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/landing-zone-cost-governance/2026-04-14T15:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Cost Governance: Tagging, Budgets, and FinOpsMaster Azure cost governance by automating tagging enforcement, budget alerts, and anomaly detection. Build a FinOps-ready landing zone using Terraform and Bicep.https://larryjameshenry.com/posts/landing-zone-cost-governance/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/posts/landing-zone-day-2-ops/2026-04-15T15:00:00+00:00https://larryjameshenry.com/images/featured.jpgAzure Landing Zone Day-2 Ops: Maintenance and EvolutionOperate and evolve your Azure Landing Zone. Covers automated drift remediation, RBAC reviews, and migrating to Azure Verified Modules (AVM).https://larryjameshenry.com/posts/landing-zone-day-2-ops/images/featured.jpgimages/featured.jpghttps://larryjameshenry.com/tags/avm-migration/2026-04-15T15:00:00+00:00https://larryjameshenry.com/categories/azure/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/azure-landing-zone/2026-04-15T15:00:00+00:00https://larryjameshenry.com/series/azure-platform-engineering-build-an-enterprise-landing-zone-from-scratch/2026-04-15T15:00:00+00:00https://larryjameshenry.com/categories/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/day-2-operations/2026-04-15T15:00:00+00:00https://larryjameshenry.com/categories/devops/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/drift-detection/2026-04-15T15:00:00+00:00https://larryjameshenry.com/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/policy-remediation/2026-04-15T15:00:00+00:00https://larryjameshenry.com/posts/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/rbac-review/2026-04-15T15:00:00+00:00https://larryjameshenry.com/series/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/2026-04-15T15:00:00+00:00https://larryjameshenry.com/tags/azure-budgets/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/azure-cost-management/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/azure-tagging-policy/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/finops/2026-04-14T15:00:00+00:00https://larryjameshenry.com/categories/finops/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/focus/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/iac/2026-04-14T15:00:00+00:00https://larryjameshenry.com/tags/avm/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/bicep/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/github-actions/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/iac-pipeline/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/oidc/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/terraform/2026-04-13T15:00:00+00:00https://larryjameshenry.com/tags/azure-diagnostic-settings/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-landing-zone-monitoring/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-log-analytics/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-monitor-workbooks/2026-04-10T00:00:00+00:00https://larryjameshenry.com/tags/azure-subscription-vending/2026-04-09T00:00:00+00:00https://larryjameshenry.com/tags/platform-engineering/2026-04-09T00:00:00+00:00https://larryjameshenry.com/tags/subscription-automation/2026-04-09T00:00:00+00:00https://larryjameshenry.com/tags/azure-governance/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/azure-policy/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/azure-policy-as-code/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/compliance/2026-04-08T00:00:00+00:00https://larryjameshenry.com/tags/azure-pim/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/azure-rbac/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/entra-id/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/managed-identity/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/workload-identity/2026-04-07T00:00:00+00:00https://larryjameshenry.com/tags/azure-bastion/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/azure-firewall/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/azure-hub-spoke-networking/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/private-dns-zones/2026-04-06T00:00:00+00:00https://larryjameshenry.com/tags/azure-caf/2026-04-03T00:00:00+00:00https://larryjameshenry.com/tags/azure-management-groups/2026-04-03T00:00:00+00:00https://larryjameshenry.com/tags/azure-subscription-hierarchy/2026-04-03T00:00:00+00:00https://larryjameshenry.com/tags/enterprise-azure/2026-04-02T00:00:00+00:00https://larryjameshenry.com/gallery/2022-06-25T18:35:46+05:30https://larryjameshenry.com/about/https://larryjameshenry.com/images/larryjameshenry.pngAbout Larry James HenrySenior DevOps Engineer and Azure Solutions Architect specializing in Platform Engineering and PowerShell automation.