App Service Resource Provider Access to Keyvault

Recently, I was trying to deploy an Azure App Service which was in need for a couple of certificates, which are stored in Azure Key Vault. Our ARM template looked very similar to the one below in order to install & configure the certificates in our App Service. "resources": [ { "type": "Microsoft.Web/certificates", "name": "[parameters('certificateName')]", "apiVersion": "2019-08-01", "location": "[parameters('existingAppLocation')]", "properties": { "keyVaultId": "[parameters('existingKeyVaultId')]", "keyVaultSecretName": "[parameters('existingKeyVaultSecretName')]", "serverFarmId": "[parameters('existingServerFarmId')]" } }, { "type": "Microsoft. Read more →

Static Site With Azure Cdn and Cloudflare

In my last post, I described how to create a Hugo website and what I did to migrate from my Miniblog platform, along with some details on how to create the build & deployment pipeline. I started by deploying my Hugo websites to a regular Azure App Service. This is a full-blown web application platform. It’s a bit too overpowered for hosting a simple, static, website. As I mentioned in the earlier post, it makes a lot more sense to host static websites on an Azure Storage Account with the Static website hosting. Read more →

Using an Azure Managed Identity to authenticate on a different App Service

A couple of weeks ago, I was tasked to implement authentication between the services we have in our Azure landscape. I knew this can be done by using the Managed Identity, as we were doing this on a project I was involved with in the past. However, I had never actually done this myself. Most of the time the System Administrators were configuring everything and I just had to copy-paste some Guids in a configuration file. Read more →

Deploying your ARM template with linked templates from your local machine

Any now and then you have to make some major changes to the ARM templates of the project you’re working from. While this isn’t hard to do, it can become quite a time-intensive if you have to wait for the build/deployment server to pick up the changes and the actual deployment itself. A faster way to test your changes is by using PowerShell or the Azure CLI to deploy your templates and see what happens. Read more →

Getting the group claims when authenticating with Azure Active Directory

I started working on some internal web applications for a customer. For these types of applications, it makes a lot of sense to use Azure Active Directory to authenticate users and use their AAD groups/roles to authorize them on specific pages. I wanted to authorize users by the AAD groups they are placed in. Some users can access Production data, while others are only allowed to access data from the Test environment, all based on the groups they are in. Read more →