Brian Veldman
@brianveldman.bsky.social
☁️ Cloud Solution Architect at Fellowmind
❤️ Microsoft MVP with a passion for Azure, DevOps, and Infrastructure as Code
🚀 Blogging at cloudtips.nl
💪🏻 Active on Reddit since July 2025 in the Azure and Azure Bicep community as brianveldman
❤️ Microsoft MVP with a passion for Azure, DevOps, and Infrastructure as Code
🚀 Blogging at cloudtips.nl
💪🏻 Active on Reddit since July 2025 in the Azure and Azure Bicep community as brianveldman
💪🏻Together with my colleagues Robert and Wouter, we migrated 100 VMs this weekend, phased out the old RDS farm, introduced AVD with six host pools and 125 VMs, and migrated fourteen locations from IPVPN to fiber and DSL via SDWAN to vWAN. Grateful for the gift and happy to help innovate IT platforms.
December 15, 2025 at 6:01 PM
💪🏻Together with my colleagues Robert and Wouter, we migrated 100 VMs this weekend, phased out the old RDS farm, introduced AVD with six host pools and 125 VMs, and migrated fourteen locations from IPVPN to fiber and DSL via SDWAN to vWAN. Grateful for the gift and happy to help innovate IT platforms.
🎄 It is December at the North Pole. The elves are rushing around, workloads are flying everywhere, and even Santa is complaining that he has too many permissions. It is clearly time to bring some order with a bit of Bicep magic. cloudtips.nl/the-north-po...
The North Pole Azure Landing Zone
🎄It is December at the North Pole. The elves are rushing around, workloads are flying everywhere, and even Santa is complaining that he…
cloudtips.nl
December 15, 2025 at 8:47 AM
🎄 It is December at the North Pole. The elves are rushing around, workloads are flying everywhere, and even Santa is complaining that he has too many permissions. It is clearly time to bring some order with a bit of Bicep magic. cloudtips.nl/the-north-po...
Reposted by Brian Veldman
⚡Adding Intune P2 features to Microsoft 365 E3 and E5 is getting a lot of well-deserved attention, but did you see the blip that isn't? Some Defender for Office P1 features are coming to E3 and E1 in 2026! 📧
www.microsoft.com/en...
www.microsoft.com/en...
December 9, 2025 at 1:16 PM
⚡Adding Intune P2 features to Microsoft 365 E3 and E5 is getting a lot of well-deserved attention, but did you see the blip that isn't? Some Defender for Office P1 features are coming to E3 and E1 in 2026! 📧
www.microsoft.com/en...
www.microsoft.com/en...
🔥 It is here. Microsoft Entra Kerberos authentication for cloud only identities on Azure Files SMB is now available in preview. This makes it possible to access Azure Files without any domain controllers or hybrid identity requirements. cloudtips.nl/microsoft-en...
Microsoft Entra Kerberos authentication for Cloud-only Identities on Azure Files SMB ❤️
Azure Files now allows SMB access through identities that exist entirely in Entra also known as cloud-only accounts. These accounts live in…
cloudtips.nl
November 30, 2025 at 2:08 PM
🔥 It is here. Microsoft Entra Kerberos authentication for cloud only identities on Azure Files SMB is now available in preview. This makes it possible to access Azure Files without any domain controllers or hybrid identity requirements. cloudtips.nl/microsoft-en...
When remote users connect through a Point to Site (P2S) VPN in Azure Virtual WAN, you can route all their traffic including internet bound traffic through Azure Firewall by pushing a default route (0.0.0.0/0). This approach is commonly referred to as forced tunneling. 🔥
cloudtips.nl/secure-your-...
cloudtips.nl/secure-your-...
Secure Your Traffic with Forced Tunneling in Azure Virtual WAN P2S VPN 😍
Secure Your Traffic with Forced Tunneling in Azure Virtual WAN P2S VPN 😍 When remote users connect through a Point to Site (P2S) VPN in Azure Virtual WAN, you can route all their traffic including …
cloudtips.nl
November 23, 2025 at 9:25 AM
When remote users connect through a Point to Site (P2S) VPN in Azure Virtual WAN, you can route all their traffic including internet bound traffic through Azure Firewall by pushing a default route (0.0.0.0/0). This approach is commonly referred to as forced tunneling. 🔥
cloudtips.nl/secure-your-...
cloudtips.nl/secure-your-...
Enjoying vacation 💪🏻
November 21, 2025 at 11:34 AM
Enjoying vacation 💪🏻
Reposted by Brian Veldman
[Share] 🔥 Microsoft Ignite 2025 Next Steps
After attending Microsoft Ignite 2025, your next steps to continue your learning journey!
#msignite #mvpbuzz
After attending Microsoft Ignite 2025, your next steps to continue your learning journey!
#msignite #mvpbuzz
GitHub - microsoft/ignite25-next-steps
Contribute to microsoft/ignite25-next-steps development by creating an account on GitHub.
github.com
November 20, 2025 at 10:50 AM
In this blog, I will demonstrate how to use Azure Container App Jobs to automate tasks with Microsoft Graph. For example, you might want to back up your Conditional Access rules from Entra ID to a secure location, such as an Azure Storage Account. 🔥 cloudtips.nl/automate-mic...
Automate Microsoft Graph Tasks with Azure Container App Jobs! ❤️
Azure Container Apps Jobs allow you to run containerized tasks that execute for a finite duration and then exit. You can use jobs for…
cloudtips.nl
November 10, 2025 at 8:49 AM
In this blog, I will demonstrate how to use Azure Container App Jobs to automate tasks with Microsoft Graph. For example, you might want to back up your Conditional Access rules from Entra ID to a secure location, such as an Azure Storage Account. 🔥 cloudtips.nl/automate-mic...
In this blog, I’ll demonstrate how to automate Privileged Identity Management (PIM) in Azure Landing Zones using Azure Bicep and the Microsoft Graph Provider, powered by Microsoft Entra ID Governance. cloudtips.nl/microsoft-en...
Microsoft Entra ID Governance — Automating Privileged Identity Management in Azure Landing Zones…
Azure Landing Zones provide a solid foundation for deploying workloads in the cloud by integrating best practices across governance…
cloudtips.nl
November 2, 2025 at 8:20 AM
In this blog, I’ll demonstrate how to automate Privileged Identity Management (PIM) in Azure Landing Zones using Azure Bicep and the Microsoft Graph Provider, powered by Microsoft Entra ID Governance. cloudtips.nl/microsoft-en...
Bring Microsoft Learn content straight into your AI assistant or app with the Microsoft Learn Model Context Protocol (MCP). cloudtips.nl/why-you-shou...
Why You Should Start Using Microsoft Learn MCP Today
The way we learn is changing quickly. In the past we relied on manuals and static documentation, but today we expect direct and interactive…
cloudtips.nl
October 21, 2025 at 6:18 PM
Bring Microsoft Learn content straight into your AI assistant or app with the Microsoft Learn Model Context Protocol (MCP). cloudtips.nl/why-you-shou...
Reposted by Brian Veldman
October 19, 2025 at 12:02 PM
🚨 The Terraform MSGraph provider is a gamechanger. Today, I will show how you can use it to improve your Entra ID configuration and strengthen your security posture. cloudtips.nl/managing-ent...
Managing Entra ID Configuration and Security using the Terraform MSGraph Provider ❤️
Recently, I wrote a blog about using the new Terraform MSGraph provider. This provider, currently in public preview, allows you to describe…
cloudtips.nl
October 15, 2025 at 4:36 AM
🚨 The Terraform MSGraph provider is a gamechanger. Today, I will show how you can use it to improve your Entra ID configuration and strengthen your security posture. cloudtips.nl/managing-ent...
Reposted by Brian Veldman
I just sent out this week's Entra newsletter.
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
October 12, 2025 at 1:47 AM
I just sent out this week's Entra newsletter.
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🔥 Want to know how you can segment remote users in Azure Virtual WAN when they connect over Point to Site (P2S) VPN? cloudtips.nl/how-to-confi...
How to Configure Multi-Pool P2S VPN Using Azure VWAN
When remote users connect through a Point to Site (P2S) VPN in Azure Virtual WAN, you can assign them to specific Entra ID groups, for…
cloudtips.nl
October 6, 2025 at 7:50 PM
🔥 Want to know how you can segment remote users in Azure Virtual WAN when they connect over Point to Site (P2S) VPN? cloudtips.nl/how-to-confi...
Today, @merill.net I are thrilled to announce the release of the new version of Maester on Azure Web App. cloudtips.nl/new-version-...
New version of Maester on Azure Web App — Microsoft Security Test Automation Framework
Some time ago, I showcased how to deploy Maester on Azure Web App. For anyone unfamiliar, Maester is a PowerShell-based Microsoft Security…
cloudtips.nl
September 29, 2025 at 9:40 AM
Today, @merill.net I are thrilled to announce the release of the new version of Maester on Azure Web App. cloudtips.nl/new-version-...
Reposted by Brian Veldman
September 28, 2025 at 9:02 PM
☁️ Want to know how you can add an extra layer of protection to your Azure Backup setup? cloudtips.nl/keep-hackers...
Keep Hackers Out with Multi-User Authorization for Azure Backups 🔥
Multi-User Authorization in Azure Backup protects sensitive actions on Recovery Services vaults and Backup vaults by requiring approval…
cloudtips.nl
September 22, 2025 at 8:29 PM
☁️ Want to know how you can add an extra layer of protection to your Azure Backup setup? cloudtips.nl/keep-hackers...
🔥 Want to know how you can securely call Microsoft Graph from your Azure DevOps pipeline without relying on long lived secrets? cloudtips.nl/automating-m...
Automating Microsoft Graph Deployments Using Azure DevOps
Automating Microsoft Graph Deployments Using Azure DevOps Not long ago, someone asked me how you can securely call Microsoft Graph from an Azure DevOps pipeline. Think about situations where you want ...
cloudtips.nl
September 15, 2025 at 8:53 AM
🔥 Want to know how you can securely call Microsoft Graph from your Azure DevOps pipeline without relying on long lived secrets? cloudtips.nl/automating-m...
cloudtips.nl/expanding-az...
It is now also possible to create Azure Maintenance Configurations for Virtual Network Gateway and Azure Firewall. In this blog I will explain why this is important and how to deploy it using Infrastructure as Code with Azure Bicep. 💪🏻
It is now also possible to create Azure Maintenance Configurations for Virtual Network Gateway and Azure Firewall. In this blog I will explain why this is important and how to deploy it using Infrastructure as Code with Azure Bicep. 💪🏻
Expanding Azure Maintenance Configurations: Now for Firewalls and Virtual Network Gateways ❤️
Azure Maintenance Configurations allow you to control when updates are applied to your Azure resources. Previously, this capability was…
cloudtips.nl
September 8, 2025 at 4:19 PM
cloudtips.nl/expanding-az...
It is now also possible to create Azure Maintenance Configurations for Virtual Network Gateway and Azure Firewall. In this blog I will explain why this is important and how to deploy it using Infrastructure as Code with Azure Bicep. 💪🏻
It is now also possible to create Azure Maintenance Configurations for Virtual Network Gateway and Azure Firewall. In this blog I will explain why this is important and how to deploy it using Infrastructure as Code with Azure Bicep. 💪🏻
Reposted by Brian Veldman
September 7, 2025 at 2:19 PM
Time to enjoy vacation time in France! 🇫🇷
September 5, 2025 at 1:47 PM
Time to enjoy vacation time in France! 🇫🇷
🚨 New in Maester! A dedicated Azure configuration section is now available to help you monitor and secure your Azure setup with automated tests. In my latest blog, I show you how to get started and walk you through the tests available today.
cloudtips.nl/monitor-your...
cloudtips.nl/monitor-your...
Monitor your Azure Security with Maester ❤️
Maester is a PowerShell-based Microsoft Security test automation framework designed to help you maintain control over your Microsoft tenant’s security configuration. It was created by Merill…
cloudtips.nl
September 1, 2025 at 6:20 AM
🚨 New in Maester! A dedicated Azure configuration section is now available to help you monitor and secure your Azure setup with automated tests. In my latest blog, I show you how to get started and walk you through the tests available today.
cloudtips.nl/monitor-your...
cloudtips.nl/monitor-your...
💪🏻 Want to supercharge your Azure Bicep deployments? GitHub Copilot Custom Instructions are the key! I tested the Bicep Best Practices instruction from the official repository and it’s a real gamechanger. cloudtips.nl/power-azure-...
Power Azure Bicep with Best Practices Using GitHub Copilot
GitHub Copilot’s custom instructions are essential for enhancing your coding experience. As many of you know, I have a passion for…
cloudtips.nl
August 25, 2025 at 2:48 PM
💪🏻 Want to supercharge your Azure Bicep deployments? GitHub Copilot Custom Instructions are the key! I tested the Bicep Best Practices instruction from the official repository and it’s a real gamechanger. cloudtips.nl/power-azure-...
🔥 It’s here! The new msgraph Terraform provider is in public preview, letting you define your Microsoft Entra tenant setup directly in Terraform files. cloudtips.nl/terraform-fo...
Terraform for Microsoft Graph resources 😍
As many of you know, I love working with Infrastructure as Code and Microsoft Graph. So why not combine both worlds? With the new msgraph Terraform provider, which is currently in public preview, you…
cloudtips.nl
August 18, 2025 at 6:08 AM
🔥 It’s here! The new msgraph Terraform provider is in public preview, letting you define your Microsoft Entra tenant setup directly in Terraform files. cloudtips.nl/terraform-fo...
In this video, I will demonstrate how to deploy a Microsoft Entra External ID tenant using Azure Bicep and configure authentication for an Azure App Service that uses it. 💪🏻 youtu.be/Ub2zXbbqJXE
Deploy and configure Microsoft Entra External ID!
YouTube video by Brian Veldman
youtu.be
August 15, 2025 at 3:49 PM
In this video, I will demonstrate how to deploy a Microsoft Entra External ID tenant using Azure Bicep and configure authentication for an Azure App Service that uses it. 💪🏻 youtu.be/Ub2zXbbqJXE