Practical cloud engineering runbooks, patterns, and weekly change notes with a UK voice.https://cloudrunbook.com/https://cloudrunbook.com/blog/defender-for-cloud-baseline/https://cloudrunbook.com/blog/defender-for-cloud-baseline/A practical Defender for Cloud baseline for Azure landing zones: plan coverage decisions, auto-provisioning, and closing the loop with policy-backed guardrails.Wed, 14 Jan 2026 00:00:00 GMThttps://cloudrunbook.com/blog/private-endpoints-dns-baseline/https://cloudrunbook.com/blog/private-endpoints-dns-baseline/A practical baseline for Azure Private Endpoints and DNS: ownership, zone design, resolver routing, and onboarding patterns that prevent midnight outages.Wed, 14 Jan 2026 00:00:00 GMThttps://cloudrunbook.com/blog/identity-first-azure-baseline/https://cloudrunbook.com/blog/identity-first-azure-baseline/A practical identity baseline for secure Azure architecture: admin separation, PIM, Conditional Access, workload identities, and secrets. Written as a runbook you can implement.Mon, 12 Jan 2026 00:00:00 GMThttps://cloudrunbook.com/blog/secure-azure-networking-baseline/https://cloudrunbook.com/blog/secure-azure-networking-baseline/A runbook-style secure networking baseline for Azure: hub/spoke vs vWAN, DNS ownership, private endpoints, egress control, and inbound protection. Built to scale.Mon, 12 Jan 2026 00:00:00 GMThttps://cloudrunbook.com/blog/secure-landing-zone/https://cloudrunbook.com/blog/secure-landing-zone/A hands-on walkthrough of Azure Landing Zones (ALZ): what they are, why they matter, and a runbook-style path to deploying a secure platform foundation.Mon, 12 Jan 2026 00:00:00 GMThttps://cloudrunbook.com/blog/weekly-azure-change-2026-01-vpn-gateway-basic-ip-migration/https://cloudrunbook.com/blog/weekly-azure-change-2026-01-vpn-gateway-basic-ip-migration/Azure VPN Gateway introduces portal-based migration for Basic Public IP on active-active gateways (planned Jan 2026). What it means, who’s affected, and the runbook to prepare.Mon, 12 Jan 2026 00:00:00 GMT