Azure

Bridging the Clouds: Back on RunAs Radio

by

It’s hard to believe, but it’s been a couple of years since I last sat down with Richard Campbell on RunAs Radio. Technology moves fast, but the cloud landscape has matured in ways that were only just beginning during my last visit.

I recently joined Richard for my third appearance on the show (Episode #1025) to talk about a challenge that is becoming the “new normal” for major SaaS providers: Expanding a Cloud-Native stack across multiple clouds.

From Single-Cloud Roots to Multi-Cloud Reality

At Jamf, we’ve built a powerful reputation for managing Apple devices at scale. Historically, our SaaS product was rooted in AWS. However, as our customer base grows, now serving over 70k+ customers worldwide the demand for flexibility grows with it.

In this episode, we discuss the journey of bringing those SaaS workloads to Azure and AKS. It isn’t just about “moving” code; it’s about architecting for consistency without losing the unique benefits of each cloud provider.

Kubernetes: The Common Ground (But Not the Whole Story)

One of the key takeaways from our chat is that while Kubernetes (AKS, EKS, GKE) provides the common operating system for the modern cloud, it isn’t a “magic wand” for multi-cloud.

To achieve true consistency, you have to look past the orchestrator and focus on the surrounding ecosystem. We dove into the complexities of:

  • IaC & Deployment: Why tools like OpenTofu are becoming essential for maintaining cloud-agnostic deployments.
  • Observability: Using Prometheus and Grafana to ensure that your SRE teams see the same data regardless of whether the backend is Azure or AWS.
  • Identity: Navigating the friction between different identity providers to ensure a seamless experience for the end user and how platforms like Okta support this.

The Docker & AI Connection

We couldn’t have a conversation in 2026 without touching on the elephant in the room: AI. As a Microsoft MVP focused on AKS and a Docker Captain, I’ve been watching closely how the Kubernetes and container ecosystem is evolving to support AI/ML workloads. Richard and I spent some time discussing how Docker, Inc. is positioning itself in this space and how developers can leverage these tools to build AI-ready applications without getting locked into a single vendor’s proprietary stack.

Reflections on a Maturing Landscape

Coming back to RunAs Radio for a third time allowed me to reflect on just how much our industry has shifted. We’ve moved past the “is the cloud safe?” phase and into the “how do we optimize for a multi-cloud world?” phase.

Whether you are a platform engineer, a developer, or a technical leader, the lessons I’ve learned at Accenture, Microsoft, helping startups, and now at Jamf while scaling across multple clouds are applicable to almost any modern enterprise.

You can listen to the full episode here: RunAs Radio #1025: SaaS on Multiple Clouds with Steve Buchanan

I’d love to hear your thoughts. Is your organization looking at multi-cloud for SaaS, or are you doubling down on a single provider?

Read more

Speaking at Open Source North 2025 on Multi-Cloud

by

I am excited to share that I will be speaking at this year’s Open Source North conference on May 29, 2025, at the University of St. Thomas in St. Paul.

This year, I’m teaming up with my fellow Jamf, Levi McCormick (Director of Engineering at Jamf), for a session that is very close to our daily reality: Multi-Cloud Without the Marketing or Designing for Multi-Cloud Without Losing Your Mind.

Why this talk? In the cloud industry, “Multi-Cloud”, “Cloud Native”, and “Iac via Terraform” are often sold as magic pills for redundancy, cost savings, unifaction and more across clouds. But for the people actually building and maintaining these systems, it can often feel like a recipe for complexity and technical debt.

At Jamf, Levi and I work on our infrastructure efforts across AWS, Azure, and GCP. We’ve learned—sometimes the hard way—what works, what doesn’t, and where the “hype” version of cloud differs from the “production” version. We wanted to build a session that focuses on the practical:

  • How to design for portability without over-engineering.
  • Managing identity, networking, and security across different providers.
  • Avoiding the “lowest common denominator” trap.
  • Keeping your sanity while managing three different clouds.

Open Source North is a great local event to the MN Tech scene because of the high-caliber community and the focus on real-world engineering. Whether you are a cloud veteran or just starting to look at a second provider, we’d love to see you there.

The Details:

If you’re attending, please connect on LinkedIn or find us after the session. We’d love to hear how your team is tackling these same challenges!

Read more

Azure Hub-and-Spoke Architecture Explained and Automated with OpenTofu

by

This is my first blog of the new year (2026)! Since being re-awarded as a Microsoft MVP, Microsoft provided me with a fresh set of Azure credits. One of the first things I wanted to do was rebuild my Azure lab environment. This time, I wanted to do it the right way. I wanted it to mirror how I would design and deploy a real enterprise environment, including running fully on private endpoints and following a proper hub-and-spoke network model.

Just as importantly, I wanted everything defined in Infrastructure as Code (IaC) so I could spin environments up and down whenever I needed. That also aligns perfectly with what my team at Jamf is working on right now. We are making some changes to our underlying Azure architecture, including deeper network isolation, security controls, intergration with Jamf security cloud security products, and a shift from Bicep to OpenTofu. We will also be using AI agents to do a lot of the heavy lifting in that refactor. I will be sharing more about that in future blogs and talks as much as I am able to publicly.

Because OpenTofu is at the center of that work, I decided to build my entire Azure lab using OpenTofu and a full hub-and-spoke architecture. This gives my team a real, working reference base implementation that we can build on for production designs. I also want to share this with the larger tech community.

If you are note familiar with OpenTofu it is an open source infrastructure-as-code engine based on Terraform that lets you define, deploy, and manage cloud infrastructure using declarative configuration files, and you can learn more at https://opentofu.org.

You can access the GitHub Repository of my “OpenTofu Azure Hub and Spoke” solution here: https://github.com/Buchatech/OpenTofu-Azure-HubSpoke-public

Lets break down whats in the solution I built.

Solution Architecture

The solution deploys a production-style Azure network and platform foundation that includes:

  • Hub VNet with Azure Firewall, VPN Gateway, and DNS Private Resolver
  • Spoke VNet with peering and default routes through the firewall
  • Key Vault and Azure Container Registry using private endpoints
  • Optional Jumpbox VM for secure management access
  • GitHub Actions CI/CD pipeline using OIDC authentication

How the Automation Works

This is a multi-part solution built around a bootstrap Bash script (bootstrap.sh) and a fully generated OpenTofu repository.

The bootstrap script creates everything you need to get started:

  1. It creates an Azure Storage Account to store your OpenTofu remote state.
  2. It generates a complete OpenTofu project, including modules, variables, and environment structure.
  3. It configures the backend so OpenTofu uses Azure Storage for state.
  4. It creates a ready-to-use GitHub Actions pipeline for CI/CD.

Once the repository is generated, you can deploy your Azure environment by running OpenTofu locally or by pushing the repo to GitHub and letting the pipeline handle deployments for you. Within minutes, you can have a fully functional Azure hub-and-spoke environment up and running, and you can customize the generated modules to fit your own requirements.

Deployment Modes

The bootstrap bash script supports two deployment modes depending on how advanced and locked-down you want the environment to be.

FULL Mode (Default)
This is the enterprise-grade option.

  • Hub VNet with Azure Firewall, VPN Gateway, and DNS Private Resolver
  • Spoke VNet with peering and default route through the firewall
  • Private endpoints for Key Vault and Azure Container Registry
  • Optional Jumpbox VM for secure management
  • GitHub Actions CI/CD pipeline with OIDC authentication

BASIC Mode
This is a simpler version for learning or labs.

  • Hub VNet with Azure Firewall only
  • Spoke VNet with peering and default route through the firewall
  • Public access for Key Vault and Azure Container Registry
  • No Jumpbox, VPN Gateway, or DNS Private Resolver
  • GitHub Actions CI/CD pipeline with OIDC authentication

What the bootstrap.sh Script Does

When you run the bootstrap script, it will:

  1. Prompt you to select FULL or BASIC deployment mode
  2. Create an Azure Storage Account for OpenTofu remote state in rg-tfstate
  3. Generate the full OpenTofu repository structure based on your choice
  4. Configure the OpenTofu backend to use the storage account
  5. Create GitHub Actions workflow files for CI/CD
  6. Output the storage account details and the GitHub secrets you need to configure

From there, you are ready to deploy and customize the script and OpenTofu based on your Azure hub-and-spoke environment entirely through code.

Here is the Readme from the repo. It goes even more in depth into my “OpenTofu Azure Hub and Spoke” solution. I hope you find it useful!

********************************************************************************

Azure Hub-Spoke with OpenTofu

Azure base network architecture solution

This repository contains a production-ready, modular OpenTofu configuration that deploys Azure hub-spoke network topology with two deployment modes (private or public) to match your requirements and budget.

Architecture Overview

This solution deploys a hub-and-spoke network architecture (visual shows full-private deployment):

Enterprise-grade Azure network architecture lab environment with Site-to-Site VPN, Azure Firewall, DNS Private Resolver, and core services

This repository contains a production-ready, modular OpenTofu (Terraform) configuration that deploys a complete Azure hub-spoke network topology designed for hybrid cloud scenarios, connecting your on-premises network (e.g., UniFi network) to Azure.

Architecture Overview

This lab deploys a hub-and-spoke network architecture following Azure best practices (visual shows full private deployment):

┌──────────────────────────────────────────────────────────────────────┐
│                            AZURE CLOUD                                │
│                                                                        │
│  ┌─── HUB VNet (rg-lab-hub-network) ────────────────────────┐        │
│  │ 10.10.0.0/16                                              │        │
│  │                                                            │        │
│  │  ┌──────────┐  ┌───────────┐  ┌────────────┐  ┌───────┐ │        │
│  │  │  Azure   │  │    VPN    │  │    DNS     │  │Jumpbox│ │        │
│  │  │ Firewall │  │  Gateway  │  │  Private   │  │  VM   │ │        │
│  │  │(10.10.1.0│  │(10.10.2.0)│  │  Resolver  │  │(Mgmt) │ │        │
│  │  │)+ DNAT   │  │           │  │(10.10.4-5.0│  │subnet │ │        │
│  │  │SSH:2222  │  │           │  │)           │  │       │ │        │
│  │  └─────┬────┘  └─────┬─────┘  └────────────┘  └───────┘ │        │
│  │        │             │                                     │        │
│  │        │             │  Site-to-Site VPN                  │        │
│  └────────┼─────────────┼─────────────────────────────────────┘        │
│           │             │                                               │
│           │  VNet Peering + Gateway Transit                            │
│           │             │                                               │
│  ┌────────▼─ SPOKE VNet (rg-lab-spoke1-network) ──────┐               │
│  │ 10.20.0.0/16                                        │               │
│  │                                                      │               │
│  │  ┌──────────┐  ┌──────────┐  ┌──────────────────┐ │               │
│  │  │   Apps   │  │   APIs   │  │   Data/Services  │ │               │
│  │  │ Subnet   │  │ Subnet   │  │     Subnet       │ │               │
│  │  │          │  │          │  │  - ACR (Private) │ │               │
│  │  │          │  │          │  │  - Key Vault     │ │               │
│  │  └──────────┘  └──────────┘  └──────────────────┘ │               │
│  │                                                      │               │
│  │  Traffic routed through Azure Firewall ─────────────┘               │
│  └──────────────────────────────────────────────────────               │
│                                                                         │
│  ┌─── Management RG (rg-lab-management) ────────────┐                 │
│  │  - Azure Container Registry (ACR)                 │                 │
│  │  - Azure Key Vault                                 │                 │
│  │  - Private Endpoints in Spoke Data subnet         │                 │
│  └────────────────────────────────────────────────────┘                 │
│                                                                         │
└─────────────────────────────┬───────────────────────────────────────────┘
                              │
                      S2S VPN Tunnel (IPsec)
                              │
              ┌───────────────▼──────────────┐
              │   ON-PREMISES NETWORK        │
              │   (e.g., UniFi Router)       │
              │   192.168.1.0/24             │
              │                              │
              │   SSH → Azure Firewall:2222  │
              │   → DNAT → Jumpbox:22        │
              └──────────────────────────────┘

Read more

It’s Been a Year – Microsoft MVP for the 11th Time!

by

What a ride this year has been. Back in May, my entire team was eliminated and I was laid off from Microsoft. Not long after, I was honored to be named a Docker Captain, and soon after that I landed a new role leading Azure and AKS at Jamf, helping run their SaaS products in the cloud.

And yesterday, I found out that I’ve been re-awarded as a Microsoft MVP! This marks my 11th year as an MVP, all in the span of just a few months of major ups and downs. After a short detour (just under four years) working at the mothership, I’m excited to be back in the MVP community.

I never take this recognition for granted. It’s an honor to return to the MVP ranks and continue contributing as a community champion in the worlds of Microsoft, Azure, Azure Kubernetes Service, AI, and Open Source.

To all the other MVPs who were renewed—and to the new awardees announced on October 1—congratulations!

Stay tuned!

Read more

Guest on Code To Cloud Podcast – AI, Cloud, Career Resilience, and Farming

by

I’m excited to share that I recently sat down again with former colleuage at Microsoft Kevin Evans on the “Code to Cloud” podcast for a conversation titled “AI, Cloud, and Career Resilience.” It has been a couple of years since I was on as a guest on his podcast. This discussion was super fun and goes all over the place from personal finance (Dave Ramsey we are coming for the top spot!), leaving tech to farm, to the recent layoffs at Microsoft, what AI means for all of us, and more.

You can listen on Spotify, Apple Podcasts, or watch the full episode on YouTube.

Spotify: https://open.spotify.com/episode/1jMf7mRZNxew6trsWt8e96

Apple Podcasts link: https://podcasts.apple.com/us/podcast/ai-cloud-and-career-resilience-with-steve-buchanan/id1788423999?i=1000729123487

YouTube: https://www.youtube.com/watch?v=vmo7MdmGj-s

In this post, I wanted to share some of the highlights, key takeaways, and a few behind-the-scenes thoughts from recording.

On the podcast, Kevin and I dug into several topics, especially in today’s rapidly evolving tech landscape. Some of the themes we touched on are:

Leadership & owning your narrative
I shared lessons I’ve learned in leadership like how to set vision, how to manage through change, and how leaders can help their teams navigate ambiguity.
We also talked about taking control of your narrative rather than letting circumstances or others define it for you.

My journey in tech
We walked through my career path over the years. The ups, the challenges, the moments of uncertainty. And I shared about recently being laid off from Microsoft, pivoting roles, and how those moments shaped and continue to shape my approach to owning my career.

Career resilience and mindset
One of the things I emphasized is that resilience is not just bouncing back, it’s proactively preparing, adapting, and taking charge of your trajectory. We talked about strategies to stay relevant: continuous learning, building a network, personal branding, and leaning into uncertainty instead of resisting it.

AI + Cloud: Opportunities and disruption
We explored how AI is weaving into cloud-native infrastructure and application stacks, and what that means for technologists.
We also addressed how to stay grounded amidst hype and understanding what’s real, what’s emerging, and how to plug into it in a practical, impactful way.

Key Takeaways and Advice for You

If you are reading this, here are a few of the ideas I hope will stick with you:

Do not wait for perfect context. The ideal job or environment might not exist yet. Instead, start shaping it yourself. Build the skills, forge relationships, and create momentum where you are.

Be purposeful in how you show up. Your personal brand is not about vanity. It is a vector for opportunities, trust, and alignment. Share your journey, your thinking, your work, even when it feels vulnerable.

Stay curious with humility. In fields like AI and cloud, change is constant. Curiosity keeps you relevant and humility keeps you open to learning when you do not know the answer.

Focus on bridges, not walls. Whether you are navigating careers, organization changes, or technical disruption, build bridges between peers, between domains, and across teams. Avoid insulating yourself.

Your resilience is in your habits. It is not just how you react in a crisis. It is how you cultivate consistency, reflection, incremental growth, and adaptability.

Behind the Mic; A Few Reflections

Recording with Kevin is always fun. His questions push guests to think more deeply than just the “what happened” stories. It was gratifying to revisit earlier chapters in my career after recently being laid off and exploring themes like uncertainty, adaptation, and ownership recurred over time.
I always find it special when conversations like these inspire me as much as I hope they inspire listeners and the host as well! Preparing, sharing, and telling stories helps us all get a little more confident in this unknown tech market.

If you have 45 to 60 minutes to spare, I encourage you to give the episode a listen! You will find not just stories from me but hopefully a few ideas or sparks you can take into your own path!

You can also watch the episode right here:

Read more

My 27th Pluralsight Course: “Generative AI Concepts for DevOps” Has Published

by

I am excited to share that my 27th overall course and 3rd AI related course has published! This course is titled “Generative AI Concepts for DevOps“.

This course will help you to learn how to integrate generative AI into DevOps workflows for tasks such as generating IAC code in YAML Terraform scripts, and more. Here are the modules in the course:

Here is the full description of the course: Generative AI is revolutionizing how DevOps teams approach software development and operations by offering powerful tools to automate tasks, optimize workflows, and tackle challenges with remarkable speed and precision.

In this course, Generative AI Concepts for DevOps, you’ll learn how generative AI can help DevOps teams work faster and smarter by exploring key tools, understanding how they fit into workflows, and applying them to real-world DevOps problems.

First, you’ll explore the foundational concepts of transformer-based generative AI models and self-attention mechanisms in DevOps. Next, you’ll dive into the tools and platforms for generative AI, such as GitHub Copilot, Duet AI, Amazon Q, and more, learning how they can be integrated into DevOps workflows using YAML and manifests. Finally, you’ll discover how to apply generative AI techniques to solve DevOps challenges, leveraging tools and platforms like Terraform and Kubernetes to drive efficiency and innovation.

By the end of this course, you’ll be equipped with the knowledge and tools to harness generative AI in your DevOps workflows, driving greater efficiency, scalability, and innovation in your operations.

You can access this new course here:

http://www.pluralsight.com/courses/generative-ai-concepts-devops

I hope this course serves as a valuable resource in your tech education. Thank you for your continued support, and Be sure to follow my profile on Pluralsight so you will be notified as I release new courses

Here is the link to my Pluralsight profile to follow me:

https://www.pluralsight.com/authors/steve-buchanan

Read more

Lead Developer Career Guide

by

Exciting times! I’ve had a lot to share lately, and here’s another update. Shelley Benhoff‘s new book, “Lead Developer Career Guide“, has officially gone to print—huge congratulations to Shelley! 🎉

Published by Manning Publications Co., this book is a comprehensive resource for anyone aspiring to excel as a Lead Developer.

I’m incredibly honored to have written the foreword for this fantastic book!

In the Lead Developer Career Guide you’ll discover:

  • The key responsibilities of a lead developer
  • Techniques for writing effective technical documentation
  • Strategies for improving development processes
  • Best practices for communicating with non-technical clients
  • Methods for mentoring and inspiring a team
  • Approaches for delivering negative feedback constructively

The Lead Developer Career Guide is filled with interviews and real-world case studies from industry professionals and esteemed tech experts. You’ll learn how to become the public face for your development team, gathering feedback from your coworkers and communicating with clients and stakeholders. Plus, you’ll find proven techniques to reliably calculate project estimates, plan a project from scratch, and mentor junior developers and peers alike.

You can check it out here:

https://www.manning.com/books/lead-developer-career-guide?a_aid=shelley&a_bid=8e03047e

and here:

https://www.amazon.com/Developer-Career-Guide-Shelley-Benhoff/dp/1633438074

Read more

1st Course Published on O’Reilly: AKS Essentials

by

I am very excited to announce my 1st ever course with O’Reilly has been published. This course is titled: “Azure Kubernetes Service (AKS) Essentials: Cloud Kubernetes for Developers and IT Professionals“.

It consists of: 9 modules of 4 hours of content, many demos, 7 practice quizes, and 1 final quiz.

Azure Kubernetes Service (AKS) Essentials is a comprehensive video course designed to take IT professionals and developers from beginner level to proficiency in utilizing Azure Kubernetes Service (AKS). 

Here are the: Module Learning Objectives:

  • Module 1: Understand the core concepts and benefits of Azure Kubernetes Service.
  • Module 2: Learn how to set up and configure Azure AKS.
  • Module 3: Gain proficiency in deploying containerized applications on Azure AKS using popular tools such as Docker, Kubernetes manifests, and kubectl.
  • Module 4: Explore monitoring and logging capabilities on Azure AKS, leveraging Azure Monitor, Container Insights, and Log Analytics for efficient application management.
  • Module 5: Understand and be able to configure networking components and manage network policies, as well as implement load balancing, Ingress Controllers, and service mesh for microservice architectures on Azure AKS.
  • Module 6: Implement robust security measures, including Azure AD integration, RBAC, network security groups, and secrets management, to protect applications and data within AKS.
  • Module 7: Learn to automate application deployment and updates through continuous integration and deployment (CI/CD) pipelines using GitHub Actions and GitOps.
  • Module 8: Discover high availability and disaster recovery strategies for AKS, including multi-region deployments, backups, and restoration techniques.
  • Module 9: Explore best practices and advanced topics, such as autoscaling, cluster management, and service mesh integration with AKS.

This AKS course is for you if:

  • You’re an IT professional who wants to learn how to effectively deploy and manage containerized applications using AKS.
  • You’re a Cloud Architect who designs and implements cloud-based solutions and are interested in incorporating AKS as part of your application deployment strategies.
  • You’re a Kubernetes enthusiast with a basic understanding who wants to explore AKS specifically and deepen your knowledge of managing containerized applications in the Azure ecosystem.
  • You’re a DevOps Engineer who wants to enhance your skills in managing containerized workloads using AKS and integrating CI/CD pipelines for seamless application deployment.
  • You’re a Software Developer or Engineer who is responsible for building and deploying applications and you want to harness the power of AKS for container orchestration, scalability, and automation.

Check out the course here:

https://learning.oreilly.com/course/azure-kubernetes-service/0636920982777

Here is the link to my O’Reilly profile to stay up to date on future courses, books, and more:

https://www.oreilly.com/pub/au/8326

Read more

Presenting at Experts Live Europe 2024 (SaaS and AKS)

by

I’m thrilled to be returning to Experts Live Europe this year! 🎉 In September 2024, I’ll be back presenting once again—this time with even more to share around Azure and AKS. I’ll be co-leading one of the pre-conference sessions with Jonah Andersson, and I’m also excited to deliver a session during the main conference schedule. 🌍🎤”

You can check out the conference website here: https://www.expertslive.eu

I will be presenting a pre-con session on building a SaaS solution on Azure 🚀 and a session on how to use Chaos Studio with AKS to boost the resiliency of your AKS clusters 🔧. I hope you can make it to the conference 🙌! Here is more info about my sessions:

PRE-CON MICROSOFT AZURE: Laying the Foundation: Building Your SaaS on Azure

Join Steve and Jonah for this pre-conference session where they unravel the mysteries of building a SaaS on Azure. They will start with the basics of running a SaaS in the cloud through the foundations of SaaS, then dive deep into the nitty-gritty of tech side of SaaS on Azure through tech foundations of SaaS. In this session we will take a journey together exploring best practices, patterns, and anti-patterns, along with strategies for managing multi-tenancy, tenant isolation, data isolation, identity in multi-tenancy, and more. Plus, we’ll show you how to turbocharge your SaaS architecture and build with the Azure SaaS Development Kit. Don’t miss out!

Ask The Experts: Data & AI | Business Applications

Join us at the Speakers Booth in the Expo Hall to find your favorite speakers hanging out here during conference breaks and ask your questions. Take this opportunity to get the answers you are looking for!

Azure Kubernetes Resiliency: Safeguarding Your Deployments

Dive into the world of Azure Kubernetes Resiliency in this comprehensive session that delves into crucial aspects of safeguarding your deployments. From robust backup strategies to effective disaster recovery plans and the strategic chaos engineering approach, this session has it all. Join us for a deep exploration of the tools and techniques that ensure your Kubernetes environment remains resilient in the face of challenges. Walk away empowered with the knowledge to fortify your applications and infrastructure against unforeseen circumstances.

Read more

Azure Friday: Safeguard your containerized workloads using AKS backupAzure Friday:

by

I am happy to share a new episode of Azure Friday. It was an honor to appear along side Senior Product Manager Rajat Shrivastava in this episode to talk about AKS Backup. I this episode we joined Scott Hanselman to explore the functionality of AKS backup in safeguarding containerized apps and their data on AKS.

Backup is frequently overlooked, only gaining significance when a failure necessitates recovery. In the realm of Containers and Kubernetes, it is often perceived as unnecessary. However, the reality is that backups are essential even for containerized environments. Microsoft has introduced a backup solution for Azure Kubernetes Service (AKS) and its workloads, leveraging Azure Backup.

In this episode we dove into the importance of backing up containers, even when they are predominantly stateless. The episode sheds light on why safeguarding containers is crucial and provides insights into the workings of AKS backup in ensuring the protection of workloads running on AKS.

In the episode we also explore questions you may have about backing up K8s and we dive into demos showing how to protect AKS with AKS backup and how to do a restore. We even took time to answer this common question “Do I really need to backup my K8s cluster if I am running stateless apps & have everything in code i.e. IaC, CI/CD, or GitOps?”. The answer is yes. In fact one should think of it this way: “GitOps & K8s Backup are like Seatbelts & Airbags”. Here is a graphic to break this down further:

You can check out the episode here:

Addtional resources on AKS and AKS Backup:
■ Backup for AKS: Cloud native, Enterprise ready, Kubernetes aware backup – https://aka.ms/azfr/766/01
■ What is Azure Kubernetes Service backup? – https://aka.ms/azfr/766/02
■ Cluster extensions – https://aka.ms/azfr/766/03
■ Prerequisites for Azure Kubernetes Service backup using Azure Backup – https://aka.ms/azfr/766/04
■ Create a Pay-as-You-Go account (Azure) – https://aka.ms/azfr/766/payg
■ Create a free account (Azure) – https://aka.ms/azfr/766/free

Read more