Automation & Infrastructure as Code

Course Overview

This training focuses on the transition from manual, error-prone deployments to repeatable, version-controlled Infrastructure as Code (IaC) and automated workflows. The curriculum addresses the architectural decisions behind modular code design, idempotent scripting, and the integration of security guardrails directly into CI/CD pipelines. The focus remains on building production-ready automation that reduces technical debt and eliminates configuration drift.

Delivery & Duration

Two primary formats are available to align with team expertise and automation goals. Both are delivered online (live) or in-person.

  • The 1-Day Intensive: For senior engineers and leads needing rapid proficiency in automation fundamentals. Focus is placed on automation strategy, tool selection (Bicep/Terraform), and modular infrastructure design.
  • The Multi-Day Implementation Workshop: Provides comprehensive hands-on labs building multi-stage pipelines and solving complex automation scenarios. Includes advanced scripting, secure CI/CD implementation, and an optional DevSecOps integration module.
  • Modular Delivery: Options exist to split sessions into 4-hour blocks to allow teams to apply concepts to their own repositories between sessions.

Prerequisites: Basic understanding of Azure infrastructure and deployment processes. Familiarity with Git version control recommended. No prior IaC or DevOps experience required.

Program Curriculum

Module 1: Automation Strategy & IaC Fundamentals

  • The transition from imperative scripting to declarative infrastructure models.
  • Idempotency and immutability: Why repeatability is the primary goal.
  • Tooling landscape: Deep dive into Bicep, Terraform, ARM, and the role of Azure CLI/PowerShell.
  • Git-first workflows: Version control as the single source of truth for infrastructure.
  • Understanding the lifecycle of a resource: From initial deploy to Day-2 updates.

Module 2: Modular IaC Design & State Management

  • Modular template design: Building reusable, parameter-driven infrastructure units.
  • Handling environment-specific configurations (Dev/Test/Prod) without code duplication.
  • State and drift detection: Managing the gap between code and reality.
  • Secure handling of parameters and secrets using Azure Key Vault integration.
  • Workload Identity & OIDC: Modern, secret-less authentication for automation tasks.

Module 3: Operational Scripting & Task Automation

  • Advanced PowerShell and Azure CLI: When to script vs. when to use IaC.
  • Error handling, logging, and robust authentication patterns for long-running tasks.
  • Combining imperative logic with declarative deployments for complex migrations.
  • Cross-platform automation: Managing resources across Windows, Linux, and Cloud Shell.
  • Building idempotent scripts that safely handle pre-existing resource states.

Module 4: CI/CD Pipelines & Secure Deployment

  • Integrating IaC into GitHub Actions and Azure DevOps pipelines.
  • Multi-stage deployment workflows: Validation, linting, and preview (What-If).
  • Policy-as-Code: Integrating Azure Policy and compliance checks into the pipeline.
  • Secret-less deployment: OIDC and Workload Identity implementation.
  • Pipeline governance: Protecting production environments through branch policies and approvals.

Module 5: DevSecOps Integration & Operations at Scale (Optional)

  • DevSecOps foundations: Shift-Left philosophy and integrating security early.
  • Security as Code: SAST scanning for IaC templates and vulnerability detection.
  • Supply chain security: Verifying integrity of external modules and templates.
  • Secure change workflows: Branching strategies, peer review, and audit trails.
  • Operating at scale: Drift remediation, incident response, and operational ownership.
  • Common anti-patterns and avoiding the siloed DevOps trap.

Key Takeaways

Participants will be equipped to:

  • Eliminate Manual Tasks: Replace “Click-Ops” with version-controlled, automated deployments.
  • Build Reusable Code: Design modular Infrastructure-as-Code libraries that can be shared across the entire organization.
  • Implement Secure Pipelines: Deploy infrastructure using secret-less authentication and automated validation.
  • Manage Configuration Drift: Use automation to detect and remediate unauthorized changes to production environments.
  • With Optional DevSecOps Module: Integrate security as code, implement SAST scanning, and operate secure infrastructure at enterprise scale.

Engagement Details

Delivery Format: Online (live) or in-person
Duration: 1-day intensive or 2-3 day implementation workshop
Customization: Training depth and content focus can be adjusted based on team requirements and specific business context
Investment: Starting from €1,200 per day. Final quote based on format, duration, number of participants, and specific requirements (provided following brief discussion).

Next Steps

Ready to transform your infrastructure operations with automation and secure practices?

BOOK AN INTRO CALL
ASK A QUESTION

Both options go directly to me. No sales funnel, no account managers.