Cloud Architecture Azure OK 6 manuals

Build what matters.
Secure what
counts.

A practical command center for Microsoft cloud architecture, identity, Zero Trust security, deployment projects, and the signals worth watching.

$ cat ./vardesyn/mission.md
# sort the news, keep the tools close, ship the useful things.
# lifecycle: build → ship → scale → secure → observe → maintain.
~/
Tools News Projects

Operating Manual

The Shipit-Buildit-Secureit HTML set is folded into this front page as an expandable lifecycle map. Each volume can grow into a full guide later without changing the landing-page structure.

Deployables
  • §01Toolkit
  • §02Architecture tiers
  • §03Build matrix
  • §04Dev loop
  • §05Decision log
  • §06Pre-commit check
  • §01Stack
  • §02Hosting tiers
  • §03Deploy matrix
  • §04Pipeline
  • §05Decision log
  • §06Pre-ship check
  • §01Toolkit
  • §02Scale tiers
  • §03Scaling matrix
  • §04Optimization loop
  • §05Decision log
  • §06Pre-scale check
  • §01Toolkit
  • §02Security tiers
  • §03Threats x mitigations
  • §04IR loop
  • §05Decision log
  • §06Pre-launch check
  • §01Toolkit
  • §02Observability tiers
  • §03Watch matrix
  • §04Detection loop
  • §05Decision log
  • §06Pre-rollout check
  • §01Toolkit
  • §02Maintenance tiers
  • §03Debt strategy
  • §04Refactor loop
  • §05Decision log
  • §06Pre-merge check

Signals, Tools, Deployables

A compact front-page view of the sorted things: local operator tools, watched news sources, and open-source solutions ready to grow into one-click deploys.

All tools All news
Operator Toolbox Base64, URL, JWT, hash, CIDR, and time helpers. local Microsoft Change Watch Roadmaps, release notes, and documentation trackers. 18 sources Security Intel Sources MSRC, KEV, exploit pressure, ransomware, and DFIR feeds. 14 feeds
3 things leaders need to know from Microsoft Build 2026 Curated from ranked cloud and security feeds. Azure Blog Microsoft Defender email security benchmarking: Key insights from one year of data Curated from ranked cloud and security feeds. MS Security CVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages Curated from ranked cloud and security feeds. MSRC Who Runs the Ransomware Group ‘The Gentlemen?’ Curated from ranked cloud and security feeds. Krebs on Security
Entra-Audit-Exporter
PowerShell module that pulls Microsoft Entra ID audit logs via Graph API and exports them to JSON, CSV, or Azure Log Analytics — useful for compliance evidence collection and long-term retention beyond the 30-day portal window.
PowerShell Entra ID Graph API
CAF-LandingZone-Baseline
Bicep templates for a production-ready Azure CAF Landing Zone with policy assignments, RBAC, Defender for Cloud settings, and budget alerts — opinionated defaults you can override via parameter files.
Bicep Azure CAF
ConditionalAccess-Toolkit
A set of Graph API-backed scripts to export, diff, import, and document Conditional Access policies. Enables GitOps-style CA management with human-readable YAML representations of policy state.
PowerShell Entra ID Zero Trust
? shortcuts