A while ago I was confronted with the fact one of our Azure App Services needed multiple hostname bindings.
I was planning to do this by making multiple Microsoft.Web/sites/hostNameBindings resources, for this specific App Service, in our ARM template. When deploying I was confronted with the following error
{ "ErrorEntity": { "Code": "Conflict", "Message": "Cannot modify this site because another operation is in progress. [some more details]", "ExtendedCode": "59203", "MessageTemplate": "Cannot modify this site because another operation is in progress.
Read more →With all of the great services in Azure, it’s easy to set up a nice event-driven architecture. You have Storage Queues, Service Bus Queues & Topics, Event Grid and even more services which can help you accomplish great stuff.
I like the three services mentioned here and most of the time they cover the basics of my messaging infrastructure. One thing you need to do yourself is think about the boundaries of your domains and how to organize all of the services.
Read more →Recently, I was trying to deploy an Azure App Service which was in need for a couple of certificates, which are stored in Azure Key Vault.
Our ARM template looked very similar to the one below in order to install & configure the certificates in our App Service.
"resources": [ { "type": "Microsoft.Web/certificates", "name": "[parameters('certificateName')]", "apiVersion": "2019-08-01", "location": "[parameters('existingAppLocation')]", "properties": { "keyVaultId": "[parameters('existingKeyVaultId')]", "keyVaultSecretName": "[parameters('existingKeyVaultSecretName')]", "serverFarmId": "[parameters('existingServerFarmId')]" } }, { "type": "Microsoft.
Read more →In my last post, I described how to create a Hugo website and what I did to migrate from my Miniblog platform, along with some details on how to create the build & deployment pipeline.
I started by deploying my Hugo websites to a regular Azure App Service. This is a full-blown web application platform. It’s a bit too overpowered for hosting a simple, static, website. As I mentioned in the earlier post, it makes a lot more sense to host static websites on an Azure Storage Account with the Static website hosting.
Read more →A couple of weeks ago, I was tasked to implement authentication between the services we have in our Azure landscape. I knew this can be done by using the Managed Identity, as we were doing this on a project I was involved with in the past.
However, I had never actually done this myself. Most of the time the System Administrators were configuring everything and I just had to copy-paste some Guids in a configuration file.
Read more →Any now and then you have to make some major changes to the ARM templates of the project you’re working from. While this isn’t hard to do, it can become quite a time-intensive if you have to wait for the build/deployment server to pick up the changes and the actual deployment itself.
A faster way to test your changes is by using PowerShell or the Azure CLI to deploy your templates and see what happens.
Read more →I started working on some internal web applications for a customer. For these types of applications, it makes a lot of sense to use Azure Active Directory to authenticate users and use their AAD groups/roles to authorize them on specific pages.
I wanted to authorize users by the AAD groups they are placed in. Some users can access Production data, while others are only allowed to access data from the Test environment, all based on the groups they are in.
Read more →A couple of weeks ago I was busy creating some proof of concept applications using Blazor, which was still labeled preview at the time.
To get all of this deployed and working in an Azure App Service, I needed the preview .NET Core runtime installed. An App Service is a PaaS offering, which means you don’t have any influence on what version of the software gets installed on the underlying system.
Read more →A couple of weeks ago I’ve passed both the AZ-300 and AZ-301 exams. You’re required to pass both of these exams in to get the Azure Solutions Architect Expert certification. After posting a tweet I got a lot of responses asking if I had any pointers on what to learn. Instead of responding to each person individually it makes more sense to share what I’ve used to study and hopefully it’s helpful to others also.
Read more →If you’ve read my earlier post on authentication of actions invoked in a Microsoft Teams MessageCard, you’ve probably seen the only useful information we get in the user’s token is the Object Id (oid).
{ "iat": 1560799130, "ver": "STI.ExternalAccessToken.V1", "appid": "48afc8dc-f6d2-4c5f-bca7-069acd9cc086", "sub": "bc6c3ca0-5acd-4cd4-b54c-f9c83925e7e3", "appidacr": "2", "acr": "0", "tid": "4b1fa0f3-862b-4951-a3a8-df1c72935c79", "oid": "b26c3c10-5fad-4cd3-b54c-f9283922e7e2", "iss": "https://substrate.office.com/sts/", "aud": "https://serverlessdevops.azurewebsites.net", "exp": 1560800030, "nbf": 1560799130 } While this is nice, it doesn’t really tell us much.
Read more →