Erwin Staal
Solution Architect @ Xebia, Author of 'Azure Infrastructure as Code'
Assen, The Netherlands
Actions
I am a Tech Lead and Azure Solution Architect at Xebia in the Netherlands, with over a decade of experience spanning startups, enterprise organizations, and international teams. I thrive at the intersection of technology, strategy, and leadership, helping companies deliver software to customers using DevOps practices and Cloud-Native architectures.
Being on the line between IT and business is where I feel most at home—creating technical solutions that address real user needs while driving teams toward success. I enjoy coaching and leading teams to embrace new technologies and ways of working, fostering collaboration and continuous improvement.
Outside of my work at Xebia, I have a passion for sharing knowledge. I am a co-author of Azure Infrastructure as Code (https://www.manning.com/books/azure-infrastructure-as-code), occasionally write blogs, and regularly speak at international conferences.
Links
Badges
Area of Expertise
Topics
Smooth Sailing to Azure: Streamlining Datacenter Workload Migration
In today's rapidly evolving technological landscape, the allure of cloud-native deployments is undeniable. However, the reality of migrating existing resources to the cloud often presents significant challenges and complexities. Transitioning existing resources to the cloud can be challenging due to factors like unsupported Commercial Off-The-Shelf (COTS) products, outdated networking setups, and complex database dependencies. In this session, we'll explore the latest best practices to ease this process, even for the most traditional organizations.
Attendees will gain insights into common obstacles hindering successful cloud migrations and learn strategies to overcome them. We'll also cover techniques for evaluating and prioritizing cloud migration needs, along with assessing various lift-and-shift patterns to identify the most suitable approach for specific workloads and organizational goals. Join us to equip yourself with the knowledge and strategies needed to successfully migrate to the cloud and unlock its full potential for your organization.
Efficient and Secure Software Delivery with Azure Deployment Environments and Dev Box
DevOps has accelerated software development, but organizations still struggle to provide secure, compliant, and agile infrastructure. Azure Deployment Environments offers a solution by enabling quick setup of app environments with built-in security, compliance, and cost controls, aligning with the self-service platform engineering trend. Platform engineers can define environment types, simplifying deployments for developers. The service integrates seamlessly with CI/CD pipelines, ensuring smooth transitions to production.
Additionally, Azure Dev Box streamlines development by providing pre-configured environments, ensuring consistency and fast onboarding. This session will demonstrate Azure Deployment Environments, its integration with Dev Box, and CI/CD pipelines to enhance software delivery efficiency and security.
Infrastructure as Code on Azure: Bicep vs Terraform vs Pulumi
On Azure, three of the most obvious choices for Infrastructure as Code are Bicep, Terraform, and Pulumi. Bicep is Microsofts own domain-specific language, whereas Terraform is the open-source tool being cloud agnostic. Where Bicep and Terraform both have their own language, Pulumi allows you to write your Infrastructure as Code using your favorite language like C#, Python, or Go. In this session, we will discover where they are similar and where they are not and see their pros and cons. We will look at the ecosystems for these tools to see how well they integrate with other tools like security scanners and CI/CD pipelines. At the end of this talk, you can make a well-founded decision on which tool to use in your next project!
Landscaping your infrastructure garden: Terraform 101
Landscaping is the art and craft of growing plants to create beauty within your garden. Don't worry; you won't get your hands dirty during this talk! However, we will discover how Terraform can help you create a perfectly crafted infrastructure landscape. We will cover the basics of Terraform, look at the language specifics, and cover what Terraform state is and how to store that securely. We will review the typical developer workflow, see the plan and apply commands in action. A pipeline will be put in place to automatically deploy infrastructure changes to your environments and ensure they are repeatable, reliable, and traceable. While most other Infrastructure as Code tools focus on a single cloud vendor, Terraform allows you to configure many more systems. You will see how Terraform can be used beyond cloud providers by, for example, also configuring your DNS provider or on-call system.
Govern your Azure environment through Azure Policy
When your Azure environment is relatively small, it is straightforward to keep track of what resources you have running in Azure and make sure that your solution is secure, compliant, and cost-effective. When your cloud workload gets bigger, and you have a lot of subscriptions and multiple management groups, that is much harder to do. Luckily, Azure has a built-in feature called Azure Policy that can help you govern your Azure resources. But how do we implement policies, guarantee compliance and security, without decreasing developer agility? This session will teach you how to deploy policies using Infrastructure as Code. You will see how to use the built-in policies and how to create your own. We will look at all the different effects that a policy can have and which should be used when. You will learn how to assign policies on different scopes and finally how to review the compliance status. All with the goal to enforce security, being compliant, monitoring that continuously, and keep costs at bay.
Take your network security to the next level on Azure PaaS
Ever used SQL-server in Azure? If you did, you probably added your IP address to the firewall whitelist to be able to access it from your dev machine. You checked the ‘allow azure services checkbox’ which allows a web app, for example, to access your database. I believe in the layered security model, where we add different layers on top of each other to strengthen our security. By enabling that ‘allow...’ checkbox we just peeled off one important layer of security. All a hacker needs to get your data is a service on Azure and a leaked password.
In this session, I will show you how to add additional security layers using virtual networks, Azure Private Endpoints, Service endpoints, VPN connections, and more. I will tell you how to get started and what limitations you can expect for all of these services. You see me build a demo in which we lock down a database and API and let a front-end application securely access that.
Building a solid foundation on Azure: Landing Zones best-practices
What is the main purpose of DevOps teams? Delivering value for the business! That means these DevOps teams should not worry about the most basic infrastructure they need to run their workloads in Azure. In this technical deep dive, we explore the core elements of designing a robust foundation on Azure. We'll start by demystifying the Cloud Adoption Framework and will dig into one of its area's in which we find the Azure Landing Zones. We will discuss their role as the foundation for secure and compliant cloud adoption and learn all best practices based on experience in the field. We will cover resource organisation, networking, security, role based access control, different operating models and more!
By the end of this session, attendees will be equipped with the knowledge and insights needed to craft efficient network architectures and leverage Landing Zones to build a solid foundation in Azure.
Azure Networking Essentials: A foundation for Cloud Success
As organizations migrate their infrastructure to the cloud, understanding the fundamentals of networking in Azure is crucial for architects, developers, and IT professionals. The ones who grasp the fundamentals of networking in Azure are better equipped to create high-performing, secure, and scalable applications while reducing operational risks and costs. This knowledge is invaluable in the cloud-centric era, where networking is vital to the success of applications and services.
This session comprehensively explores Azure's essential networking concepts and tools, catering to beginners and those looking to deepen their knowledge.
Participants will embark on a journey that starts with an introduction to Azure's global network infrastructure, regions, and availability zones, ensuring a foundational understanding of high availability and redundancy. The session covers key components, such as Virtual Networks, Private Endpoints, and routing. Participants will also gain insights into load balancing techniques, hybrid networking solutions using Azure Virtual WAN, and securing networks using the Azure Firewall. Since there is truth in the infamous meme “It’s always DNS.”, we need to talk about DNS management. This talk will empower participants to design, deploy, and manage robust Azure network architectures effectively.
Infrastructure from Code: The Next Generation of Cloud Management
While Infrastructure as Code (IaC) has become the standard for managing cloud resources using tools like Terraform or Bicep, writing templates can still be a time-consuming and complex task. But what if infrastructure could be automatically inferred from your application code? In this session, we’ll explore the emerging concept of "Infrastructure from Code". We will take a tour of different tools like Radius, Pulumi, Nitric and more and evaluate their maturity. Are these tools ready to replace traditional IaC? Join me to find out if it’s time to make the leap to a more seamless infrastructure experience.
Digital Sovereignty on the Azure Cloud
For organizations in the EU, moving to the cloud raises important questions about control, data protection, and compliance with European laws like the GDPR. In this session, we’ll explore what digital sovereignty means in the context of Microsoft Azure.
We’ll look at how to keep control over your data by classifying it based on sensitivity and securing it with tools like Azure Information Protection and Managed HSM. We’ll also cover how Azure supports compliance through data residency guarantees, policies, confidential compute, and the EU Data Boundary. Finally, we’ll examine Azure Local to check if it can help us in this context? We will learn if all that is enough to ensure that personal data stays within Europe.
Update Conference Prague 2025 Sessionize Event Upcoming
Øredev 2025 Sessionize Event Upcoming
Techorama 2025 Netherlands Sessionize Event Upcoming
DevBcn 2025 Sessionize Event Upcoming
NDC Oslo 2025 Sessionize Event
devCampNoord 2025 Sessionize Event
AzureDay Poland 2025 Sessionize Event
Bitbash 2025 Sessionize Event
NIC Empower 2024 Sessionize Event
devNetNoord 2024 Sessionize Event
2024 All Day DevOps Sessionize Event
Experts Live Netherlands 2024 Sessionize Event
DotNetFriday User group Sessionize Event
Techorama Netherlands 2023 Sessionize Event
Azure Fest 2023 Sessionize Event
WeAreDevelopers World Congress 2023 Sessionize Event
Azure Day Roma 2023 Sessionize Event
NDC Oslo 2023 Sessionize Event
DOTNED SATURDAY 2023 Sessionize Event
devCampNoord Sessionize Event
Cloud Technology Townhall Tallinn 2023 Sessionize Event
Virtual Azure Community Day Sessionize Event
Update Conference Prague 2022 Sessionize Event
Techorama Netherlands 2022 Sessionize Event
devNetNoord The Revival Sessionize Event
DevConf 2022 Sessionize Event
Developer Week '22 Sessionize Event
Scottish Summit 2022 Sessionize Event
NIC X Edition Sessionize Event
DOTNED SATURDAY 2022 Sessionize Event
Techorama 2022 BE Sessionize Event
TEQnation 2022 Sessionize Event
Azure Bootcamp Switzerland 2022 Sessionize Event
Update Conference Prague 2021 Sessionize Event
AzureLive Sessionize Event
Virtual NetCoreConf 2021 Sessionize Event
Virtual Scottish Summit 2021 Sessionize Event
Azure Lowlands Sessionize Event
VISUG Sessionize Event
Virtual Azure Community Day Sessionize Event
AzConf Sessionize Event
2020 All Day DevOps Sessionize Event
Build Stuff 2020 Lithuania Sessionize Event
.NET DeveloperDays 2020 Sessionize Event
Developer Week '20 Sessionize Event
Azure Day Rome 2020 Sessionize Event
Microsoft Techdays 2020 Sessionize Event
DOTNED SATURDAY 2020 Sessionize Event
Update Conference Prague 2019 Sessionize Event
DevOps Summit Amsterdam 2019 - Two days DevOps experience Sessionize Event
Erwin Staal
Solution Architect @ Xebia, Author of 'Azure Infrastructure as Code'
Assen, The Netherlands
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top