Daily DevOps & .NET - Where Code Meets Culture

Hybrid AKS: Bridging Cloud and On-Prem with Azure Arc

Published on 3/25/26 5:00 pm by Jendrik Brack

Most organizations run Kubernetes across cloud and on-prem simultaneously. This article covers practical patterns for hybrid AKS: ExpressRoute and VPN connectivity, Azure Arc for unified management, consistent policy enforcement, DNS resolution, and identity federation without duplicating systems.

Privacy Health Checks: Beyond Database Connectivity

Published on 3/24/26 5:00 pm by Martin Stühmer

Your health checks verify database connectivity every 30 seconds. Great. But do they know that 15% of your users have expired consents? Privacy compliance isn’t a documentation exercise—it’s an operational discipline. Same IHealthCheck interface, different questions. Two queries, one ratio, three possible outcomes. Here’s how to build privacy health checks that turn audit questions into dashboard demos.

Green Dashboard, Dead Application

Published on 3/19/26 5:00 pm by Martin Stühmer

Your application just crashed in production. Azure App Service kept routing traffic to the failing instance for ninety seconds. Users saw timeouts. Your monitoring dashboard stayed green because the web server responded with HTTP 200 while the database connection pool was exhausted.

I’ve watched this exact scenario play out at three different organizations in the past year. Each time, the post-mortem revealed the same root cause: health checks that verified the process was breathing without checking whether it could actually do its job. ISO/IEC 27001 Control A.17.2.1 exists precisely for this reason—availability is a security control, not an operational afterthought.

Your Azure SQL Backups Won’t Save You (Here’s Why)

Published on 3/17/26 5:00 pm by Martin Stühmer

“We have backups” is the IT equivalent of “thoughts and prayers.” Comforting words that mean nothing when disaster strikes. I’ve watched teams discover their Azure SQL Database backups expired just before an audit, or worse, during an actual outage. The default seven-day retention feels generous until you need data from day eight.

Compliance standards demand information backup in cloud environments, but no standard can enforce what most teams ignore: actually testing those backups. The gap between “we configured backups” and “we can restore our data” has ended careers and companies. This isn’t about checking compliance boxes. It’s about whether your business survives the next outage.

Your Stack Traces Are Love Letters to Attackers

Published on 3/12/26 5:00 pm by Martin Stühmer

Your exception handler returns detailed stack traces to be “helpful.” Congratulations, you’ve just handed attackers your internal file paths, database technology, and architecture details. This guide shows how to implement error handling that satisfies security audits: comprehensive internal logging paired with generic client responses, correlation IDs for support, and environment-aware middleware.