Recently, I was trying to deploy an Azure App Service which was in need for a couple of certificates, which are stored in Azure Key Vault.
Our ARM template looked very similar to the one below in order to install & configure the certificates in our App Service.
"resources": [ { "type": "Microsoft.Web/certificates", "name": "[parameters('certificateName')]", "apiVersion": "2019-08-01", "location": "[parameters('existingAppLocation')]", "properties": { "keyVaultId": "[parameters('existingKeyVaultId')]", "keyVaultSecretName": "[parameters('existingKeyVaultSecretName')]", "serverFarmId": "[parameters('existingServerFarmId')]" } }, { "type": "Microsoft.
Read more →In my last post, I described how to create a Hugo website and what I did to migrate from my Miniblog platform, along with some details on how to create the build & deployment pipeline.
I started by deploying my Hugo websites to a regular Azure App Service. This is a full-blown web application platform. It’s a bit too overpowered for hosting a simple, static, website. As I mentioned in the earlier post, it makes a lot more sense to host static websites on an Azure Storage Account with the Static website hosting.
Read more →A couple of weeks ago, I was tasked to implement authentication between the services we have in our Azure landscape. I knew this can be done by using the Managed Identity, as we were doing this on a project I was involved with in the past.
However, I had never actually done this myself. Most of the time the System Administrators were configuring everything and I just had to copy-paste some Guids in a configuration file.
Read more →Any now and then you have to make some major changes to the ARM templates of the project you’re working from. While this isn’t hard to do, it can become quite a time-intensive if you have to wait for the build/deployment server to pick up the changes and the actual deployment itself.
A faster way to test your changes is by using PowerShell or the Azure CLI to deploy your templates and see what happens.
Read more →I started working on some internal web applications for a customer. For these types of applications, it makes a lot of sense to use Azure Active Directory to authenticate users and use their AAD groups/roles to authorize them on specific pages.
I wanted to authorize users by the AAD groups they are placed in. Some users can access Production data, while others are only allowed to access data from the Test environment, all based on the groups they are in.
Read more →A couple of weeks ago I was busy creating some proof of concept applications using Blazor, which was still labeled preview at the time.
To get all of this deployed and working in an Azure App Service, I needed the preview .NET Core runtime installed. An App Service is a PaaS offering, which means you don’t have any influence on what version of the software gets installed on the underlying system.
Read more →A couple of weeks ago I’ve passed both the AZ-300 and AZ-301 exams. You’re required to pass both of these exams in to get the Azure Solutions Architect Expert certification. After posting a tweet I got a lot of responses asking if I had any pointers on what to learn. Instead of responding to each person individually it makes more sense to share what I’ve used to study and hopefully it’s helpful to others also.
Read more →If you’ve read my earlier post on authentication of actions invoked in a Microsoft Teams MessageCard, you’ve probably seen the only useful information we get in the user’s token is the Object Id (oid).
{ "iat": 1560799130, "ver": "STI.ExternalAccessToken.V1", "appid": "48afc8dc-f6d2-4c5f-bca7-069acd9cc086", "sub": "bc6c3ca0-5acd-4cd4-b54c-f9c83925e7e3", "appidacr": "2", "acr": "0", "tid": "4b1fa0f3-862b-4951-a3a8-df1c72935c79", "oid": "b26c3c10-5fad-4cd3-b54c-f9283922e7e2", "iss": "https://substrate.office.com/sts/", "aud": "https://serverlessdevops.azurewebsites.net", "exp": 1560800030, "nbf": 1560799130 } While this is nice, it doesn’t really tell us much.
Read more →Being able to create Message Cards or Actionable Messages in Microsoft Teams via a Logic App or an Azure Function is great. Especially if you can use this to invoke logic on your API and update the message in the Teams channel.
However, you don’t want everyone to invoke a management API endpoint you’ve exposed to ‘do stuff’ in your cloud environment. Normally, you’d want to authenticate if the user pressing the button (read: invoking the endpoint).
Read more →In my latest post, I’ve shown you how you can use Azure Functions in your Microsoft Teams flow to handle errors in your environment. This stuff works great in a couple of projects I’ve worked on, but what would be even more awesome is to reply to a message in Teams when an action has completed after a button is pressed.
Well, replying & modifying the original message with a status update is quite possible and I’ll show you how in this post.
Read more →