Loading...
Welcome to my Collection of Step-by-Step Azure Cloud Projects
Explore our Azure Cloud projects below, each designed to demonstrate real-world deployments with clear, step-by-step instructions.
Azure Quick Links
Expert-level projects
Advanced Azure Data Pipeline with Synapse Analytics— In this project, we will use Azure Data Lake Storage Gen2, SQL Server, and Azure Data Factory with managed identity, along with Synapse Serverless SQL, to securely store, process, and query data while enabling automated ETL and analytics workflows.
Databricks Analytics—In this project, you’ll create a secure, automated Azure data pipeline that ingests raw data into Azure Data Lake Storage Gen2 (ADLS), transforms it using Azure Databricks, and analyzes it through Azure Synapse Analytics Serverless SQL.
Azure SQL Database — Secure Azure SQL Database with Microsoft Defender, Dynamic Data Masking, Always Encrypted, Data Discovery & Classification, and Auditing.
Azure Sentinel & playbook — Deploy Microsoft Sentinel with a Log Analytics workspace, connect VMs via AMA, enable detections and playbooks (including an RDP brute-force email notification), simulate an RDP attack, query logs for detection, automate PowerShell command detection, deploy PowerShell logging to all VMs, and optionally use a GitHub playbook to block an Entra ID user.
Azure & Power BI Visualizations— Visualize SQL data with Pie and Map charts in Power BI to identify top-selling regions, countries, or sellers, and connect Power BI to Azure Log Analytics via the Kusto connector to display security alerts by severity using a donut chart.
Hybrid Identity Synchronization— Azure AD Connect serves as the essential bridge between your on-premises Active Directory and Microsoft Entra ID (Azure AD). It enables organizations to maintain a single identity for users, allowing seamless access to both on-premises resources and cloud services (single sign-on experience), while supporting hybrid identity, authentication, and security management.
Site-to-Site VPN—In this section, we will build a Site-to-Site (S2S) VPN between Azure and an on-premises environment using Azure VPN Gateway and Windows Server RRAS. This setup securely connects the Azure Virtual Network to the on-premises network over the public internet using IPsec/IKE.
We’ll start by preparing the Azure networking components, then configure the RRAS server as the on-premises VPN device, align the pre-shared key on both sides, and finally verify end-to-end connectivity.
VNet Peering – This guide, Hub-and-Spoke VNet Integration, is an extension of the Site-to-Site VPN from On-Premises to Azure guide. This guide shows how to configure end-to-end connectivity in a hybrid hub-and-spoke topology using Azure VNets and an on-premises network. It covers adding static address spaces to RRAS server, peering the VPN, Hub, and Spoke VNets, and validating connectivity so that traffic can flow seamlessly between Azure VNets and the on-premises DC1 server.
Point-to-Site VPN – This guide demonstrates how to deploy a secure Azure Point-to-Site (P2S) VPN using Microsoft Entra ID authentication. It covers configuring multiple VNets with NSGs, deploying an Azure VPN Gateway, integrating Entra ID, and optionally enforcing access with Conditional Access to provide secure remote access to Azure resources.
Networking
VNet-to-VNet VPN — Establish secure cross-region connectivity by creating two virtual networks, adding gateway subnets, deploying VPN gateways, and verifying the connection between them.
Private Endpoint—Deploy a virtual network, a secure storage account with a private endpoint, and a restricted-access VM; protect its disks with Key Vault encryption keys, then securely access the storage account from the VM.
DNS Name Resolution — Create a DNS zone in Azure, add and manage DNS records securely, configure DNS settings, and validate global name resolution.
Public Load Balancer — Secure Azure Environment — Build a resilient setup with a virtual network, availability set, Bastion, NSGs, ASGs, IIS installation, and a load balancer for high availability and RDP protection.
Security
Azure Firewall Rule — Deploy a segmented Azure VNet with a firewall-enforced outbound path, custom routes, DNS rules, and application rule restrictions.
Container Registry — Build Docker images on an Azure Linux VM by installing Docker, configuring containers, and securely pushing images to a private Azure Container Registry.
Privileged Access and Monitoring— Configure PIM to assign a User Administrator role, set up a Log Analytics workspace, enable PIM audit logs, integrate Monitor and Entra ID logs, and verify them in Log Analytics.
User & Identity Security — Configure MFA with Conditional Access, bypass settings, enable SSPR and Identity Protection, and optionally create groups with role assignments and P2 license assignment.
Microsoft Defender for Cloud — This project walks you through the essential steps to enable, configure, and integrate Microsoft Defender for Cloud within your Azure environment. You’ll learn how to activate Defender plans, manage security policies and recommendations, enable advanced protections like Just-In-Time access and malware detection, and connect alerts to Microsoft Sentinel for centralized monitoring and incident response.
DevOps
App Service Deployment — Deploy ASP.NET 4.8 App to Azure — Configure deployment settings via Visual Studio and test on a live Azure Web App.
Agents, Pipelines & Secrets — A complete DevOps setup for configuring self-hosted agents, running YAML pipelines, managing secrets, and sending secure notifications via SendGrid.
DevOps IaC Pipeline — Deploy and manage Azure resources using IaC with Azure DevOps. Learn to run pipelines, use Bicep templates, and manage updates via pull requests.
Compute & Storage
Azure File Sync — Deploy Azure File Sync by connecting an SMB file share to two Windows Servers using Storage Sync Service, sync groups, and endpoint validation.
Azure AI services — Securely Build and Deploy Intelligent Azure AI Applications in Visual Studio by Integrating Azure Key Vault for Credential, Secret Management and output verification.
Storage with Terraform — Provision, Configure, Deploy, and Fully Manage a Secure and Highly Available Azure Storage Account End-to-End Using Terraform Infrastructure as Code.
ARM Template — Create a virtual machine, load balancer, Azure Static Web Apps, Batch account, Azure DNS zone and record using an Azure ARM (Azure Resource Manager) template.
Bicep Template — Create a Windows Virtual Machine, NIC, Subnet, Storage Account, Public IP, NSG, Azure DNS Zone and Record and VNet using a Bicep file.
Azure Data Factory & Synapse Pipeline — In this project, we will use Azure Data Lake Storage Gen2, SQL Server, and Azure Data Factory with managed identity, along with Synapse Serverless SQL, to securely store, process, and query data while enabling automated ETL and analytics workflows.
Multi-region disaster recovery plan — This guide shows how to use Visual Studio Code to deploy and manage Azure resources, set up disaster recovery to another region, test failover, and assign a public IP to the replicated VM. It provides hands-on experience with Azure resource management and DR workflows.
Active Directory Lab for Hybrid Azure — This guide walks you through building a functional Windows Active Directory lab from scratch. It covers the complete process, from obtaining official Microsoft evaluation images to deploying domain controllers, joining client machines, and enabling internet connectivity within the domain. This lab serves as a prerequisite foundation for upcoming Hybrid Azure guides, where the on-premises Active Directory environment will be integrated with Microsoft Entra ID, Azure services, and cloud-based security controls. Having this lab in place ensures you are prepared to follow along with hybrid identity, synchronization, and Azure security hardening scenarios in a realistic enterprise setup.
Power BI
Advanced Data Preparation in Power BI — connecting to CSV data sources, transforming and cleaning datasets, applying consistent naming conventions, resolving inconsistencies and null values, and optimizing column data types. The work also included appending and merging queries, pivoting and unpivoting data, creating conditional columns, performing data profiling to detect errors, and importing data from folders and Azure SQL using both Import and DirectQuery modes, ensuring reliable, analysis-ready data for reporting and visualization.
Model the Data with power BI – In this project, I built and optimized a structured data model by creating relationships in Model View, configuring table and column properties, and developing Date tables using both Power Query and DAX. I established relationships between Date, Sales, and Cost tables, defined data granularity, and created DAX measures and calculated columns.
I also used CALCULATE for advanced filter context control, implemented Year-to-Date (YTD) revenue using Time Intelligence, and analyzed performance with Performance Analyzer.
Visualization & Report Creation – Creating compelling reports in Power BI goes beyond connecting to data, it’s about turning numbers into clear insights. This guide covers building tables, matrices, charts, treemaps, combo, donut, pie, card, scatter, and map visuals, customizing and formatting them, applying slicers and filters, synchronizing slicers across pages, using themes for consistency, and implementing page navigation to create interactive, professional reports that drive informed decisions.
Report Deployment & Management – This guide walks you through the key steps to publish, secure, and share your Power BI reports effectively. From signing in and publishing your reports to configuring dashboards, RLS, and dataset access, these instructions ensure that your team can collaborate securely and gain insights from your data efficiently. The guide also covers connecting on-premises CSV data to Power BI using a standard mode data gateway, so you can refresh and analyze local data seamlessly. Whether you are creating dashboards for desktop or mobile, this guide covers best practices for managing access, automating alerts, and leveraging Power BI’s analytical features.
Microsoft Fabric
Fabric Data Engineering & Analytics Pipeline – This project demonstrates an end-to-end Microsoft Fabric implementation, covering workspace setup, Lakehouse creation, and data ingestion using CSV and JSON files with Delta tables and Dataflow Gen2. It includes querying data through the SQL Analytics endpoint, building visual queries, managing shortcuts, and configuring access, permissions, and sharing. The project also integrates OneLake File Explorer, SSMS (SQL Server Management Studio) , and Power BI Desktop to enable a complete analytics workflow from data storage to visualization.