Martin Opedal

Lead Cloud Solution Architect at Microsoft. 15 years building Azure platforms for regulated Nordic enterprises. Patterns, code, and lessons here.

15 years in cloud · Azure Solutions Architect Expert · Public Speaker · Open source on GitHub · Based in Oslo

See selected work Email me
Profile

About

I've been working with Azure, Entra and M365 since 2011. Spent 15 years at Teknograd, Advania, Avanade and Sopra Steria before joining Microsoft.

More about how I got here →

Work

What I Work On

Azure Landing Zones

End-to-end ALZ Corp deployments with Terraform and Bicep. 135+ automated checklist validations via Azure Resource Graph. Security and compliance built in from day one, not bolted on.

See deployment patterns

AKS & Kubernetes

AKS Automatic clusters with ALZ Corp networking. BYO VNet, Application Gateway for Containers, NGINX, Istio with multiple ingress and egress patterns documented with full Terraform parity.

See AKS patterns

IaC Security

Terraform modules built to run inside ALZ Corp landing zones: no public IPs, central firewall egress, managed identity everywhere. PSRule and azqr integrated into CI pipelines.

See security patterns

GitHub Runners & CI/CD

GitHub-hosted and self-hosted runners with Azure VNet integration, Container Apps, and ALZ Corp firewall egress. GHE.com EU data residency patterns.

See runner patterns
Tools I Ship

Open Source

Terraform modules, ARG queries, and tooling that came out of real customer engagements.

Azure Governance & Assessment

PowerShell

azure-analyzer

Bundled assessment runner that unifies azqr, PSRule, AzGovViz, and 135 ALZ graph queries into one portable JSON + HTML report

 PowerShell

alz-graph-queries

Automated ALZ checklist validation: 135 Azure Resource Graph queries that take coverage from 49 to 135 items

GitHub Runners & Private Networking

Terraform

avm-ptn-cicd-agents-and-runners

Official AVM pattern module for self-hosted ADO agents and GitHub runners with PAT and UAMI auth, no public IP egress

 Terraform

ghec-vnet-runners-azure

GitHub-hosted runners with Azure VNet integration for GHE.com, EU data residency and private endpoint connectivity

 Terraform

terraform-azurerm-github-runners-alz-corp

Self-hosted GitHub Actions runners that run inside ALZ Corp landing zones with central firewall egress

Terraform Platform Modules

Terraform

terraform-azapi-aks-automatic

AKS Automatic with ALZ Corp networking, BYO VNet, multiple ingress options (AGC/NGINX/Istio), managed identity everywhere

 Terraform

avm-ptn-aiml-ai-foundry

Official AVM pattern module for Azure AI Foundry (formerly AI Studio) with network isolation and private endpoints

AKS Automation

PowerShell

aks-automatic-ingress-migration

Automated migration from NGINX Ingress to Application Gateway for Containers on AKS Automatic clusters

Other Tooling

Python

linkedin-auto-poster

RSS to LinkedIn pipeline, ingests tech feeds, scores relevance, drafts in your voice, publishes through a GitHub PR approval workflow
All repos

See everything on GitHub →

Terraform modules, ARG queries, MCP servers, and CI/CD tooling from real customer engagements
Talks & Training

Speaking

Upcoming: "Where does code generation stop and InfraOps start?" at Agentic AI & DevOps Days, Oslo, June 16, 2026.

I have previously spoken at Nordic Infrastructure Conference (NIC) (one Level 300, live-streamed session on Terraform, GitHub Copilot, and IaC security, 94% approval), and at Microsoft customer sessions on GHAS, GitHub and Azure DevOps, and Azure Arc and Azure Local.

Session catalog

Talks I am currently pitching. Full abstracts on Sessionize.

English

The Skill Library and the Memory Vault: An Architect's Agentic Workflow That Actually Ships Work

A customer asked for an ALZ design walkthrough on a Monday afternoon. The deck was in their inbox before close of business the same day. Forty-two slides, Fluent design tokens, pre-rendered Mermaid diagrams, accessible...
English

The Azure Architecture Agent That Is Not Allowed To Apply

The first time I let an agent run terraform apply against a customer subscription, I learned something useful. It should never be allowed to do that. An agent that can apply Terraform is a liability. An agent that can...
English

Terraform your way to Azure Landing Zone Success!

Hands on session with field notes on real life use-cases with the Azure Landing Zones Terraform Accelerator
English

No More Spec-ulation: AI Agent Teams Building Production-Grade IaC

"Just describe your infrastructure and the AI writes it." We have all heard the pitch. The reality is hallucinated resource properties, forgotten dependencies, drifted state, and Terraform plans you are afraid to apply....
English

Hand Me a Subscription ID: Sixty Minutes of Live Azure Forensics with azure-analyzer

Hand me a subscription ID. I will tell you in ten minutes what is wrong with your landing zone. Hand me an hour and I will hand you back a Schema 2.2 findings report with MITRE mapping, severity, effort, and remediation...
English

Azure You Can: Simplify Terraform with GitHub Copilot!

Join me for a fun and informative session where we'll explore how GitHub Copilot can streamline your Terraform workflows on Azure. In "Azure You Can: Simplify Terraform with GitHub Copilot!", we'll dive into the...