About this blog

I’m Timo. I’ve spent the last years building cloud infrastructure, automation, and security at Netcloud in Switzerland. This blog is where I write about what I’ve learned working with Azure: the good parts, the painful parts, and the things I wish I’d known sooner.

Expect new posts most weeks, mostly on infrastructure as code, governance, and security.

What you’ll find here

Infrastructure as Code: Terraform modules that actually work, pipeline patterns that scale, and the edge cases nobody talks about until you hit them. The EPAC introduction is a good starting point for Azure Policy as code.

Azure Governance: Policy frameworks that don’t fight you, compliance strategies that hold up, and automation that keeps your environment secure without blocking developers. Start with the governance framework.

Security & Compliance: Zero trust, least privilege, and monitoring that catches problems before they become incidents. See quantum-safe cryptography for an example of forward-looking security planning.

Cloud Architecture: Landing zone designs, subscription patterns, networking, and the architectural decisions that decide whether your environment scales or turns into tech debt. The cloud foundation post covers the building blocks.

What I believe

  • Automation over manual processes. If you do it twice, automate it.
  • Security by design. Governance should enable teams, not block them.
  • Sharing knowledge. The cloud community works when we help each other.
  • Practical over theoretical. Theory is interesting. Solutions that work in production matter more.

Stay in touch

Browse the blog archive for specific topics. There are also a few tools I’ve built that you can poke at: the subnet calculator, the Azure name validator, and the service limits checker.

Connect with me on LinkedIn for shorter updates.

If you’ve got feedback, questions, or disagree with something I wrote, reach out. And if there’s a topic you’d like me to cover, tell me. Your problem might be the next article.

Azure is powerful and complex. The docs are detailed but rarely tell the whole story. This blog tries to fill that gap with real examples and what worked (or didn’t) in production.