Using Key Vault references with Azure App Configuration

When working in Azure, storing secrets in Key Vault is a good idea. And to make it better, there’s the Key Vault Reference notation. This feature makes sure no one can read the secret(s) unless someone grants permission. For storing configuration, values a different service is available, called Azure App Configuration. Both services are excellent for storing & sharing the values of your cloud services. Wouldn’t it be great to be able to combine the two? Read more →

Using an Azure Managed Identity to authenticate on a different App Service

A couple of weeks ago, I was tasked to implement authentication between the services we have in our Azure landscape. I knew this can be done by using the Managed Identity, as we were doing this on a project I was involved with in the past. However, I had never actually done this myself. Most of the time the System Administrators were configuring everything and I just had to copy-paste some Guids in a configuration file. Read more →

Getting the group claims when authenticating with Azure Active Directory

I started working on some internal web applications for a customer. For these types of applications, it makes a lot of sense to use Azure Active Directory to authenticate users and use their AAD groups/roles to authorize them on specific pages. I wanted to authorize users by the AAD groups they are placed in. Some users can access Production data, while others are only allowed to access data from the Test environment, all based on the groups they are in. Read more →

Authentication of Microsoft Teams MessageCards actions in your API

Being able to create Message Cards or Actionable Messages in Microsoft Teams via a Logic App or an Azure Function is great. Especially if you can use this to invoke logic on your API and update the message in the Teams channel. However, you don’t want everyone to invoke a management API endpoint you’ve exposed to ‘do stuff’ in your cloud environment. Normally, you’d want to authenticate if the user pressing the button (read: invoking the endpoint). Read more →

Update your Microsoft Teams notifications via an Azure Function

In my latest post, I’ve shown you how you can use Azure Functions in your Microsoft Teams flow to handle errors in your environment. This stuff works great in a couple of projects I’ve worked on, but what would be even more awesome is to reply to a message in Teams when an action has completed after a button is pressed. Well, replying & modifying the original message with a status update is quite possible and I’ll show you how in this post. Read more →

Using MSI with Azure Functions and Key Vault

There’s a relative new feature available in Azure called Managed Service Identity. What it does is create an identity for a service instance in the Azure AD tenant, which in its turn can be used to access other resources within Azure. This is a great feature, because now you don’t have to maintain and create identities for your applications by yourself anymore. All of this management is handled for you when using a System Assigned Identity. Read more →

Using log4net in your Azure Functions

As I mentioned in my earlier post, there are 2 options available to you out of the box for logging. You can either use the TraceWriter or the ILogger. While this is fine when you are doing some small projects or Functions, it can become a problem if you want your Azure Functions to reuse earlier developed logic or modules used in different projects, a Web API for example. In these shared class libraries you are probably leveraging the power of a ‘full-blown’ logging library. Read more →

Loading certificates with Azure Functions

Using certificates to secure, sign and validate information has become a common practice in the past couple of years. Therefore, it makes sense to use them in combination with Azure Functions as well. As Azure Functions are hosted on top of an Azure App Service this is quite possible, but you do have to configure something before you can start using certificates. Adding your certificate to the Function App Let’s just start at the beginning, in case you are wondering on how to add these certificates to your Function App. Read more →

Enable SSL for your Azure Functions

You might remember me writing a post on how you can set up your site with SSL while using Let’s Encrypt and Azure App Services. Well, as it goes, the same post applies for Azure Functions. You just have to do some extra work for it, but it’s not very hard. Simon Pedersen, the author of the Azure Let’s Encrypt site extension, has done some work in explaining the steps on his GitHub wiki page. Read more →

Use bindings with Azure Functions

(Almost) No one likes writing code meant to store data to a repository, queues, blobs. Let alone triggering your code when some event occurs in one of those areas. Luckily for us the Azure Functions team has decided to use bindings for this. By leveraging the power of bindings, you don’t have to write your own logic to store or retrieve data. Azure Functions provides all of this functionality out of the box! Read more →