The blog of a cloud agnostic professional and craft beer connoisseur

Tag: Azure FastTrack

Security considerations for Azure Kubernetes Service

Kubernetes is a complex system with multiple components working in tandem. Though AKS is a managed Kubernetes offering, it still requires operators to take care of the security across the components. In this context, the document outlines the various security measures recommended across the Host, Cluster, API Server, Pods, and

Using Certificates in Azure API Management

Azure API Management exposes existing back-end services as APIs. Each API Management service is composed of the following key components: Management plane, exposed as an API, used to configure the service via the Azure portal, PowerShell, and other supported mechanisms. Gateway (or data plane) is responsible for proxying API requests, applying

Leveraging Azure Data Box Disks to Support your M365 SharePoint Online Migration

Article Problem Statement   The consumption of Software as a Service (SaaS) such as Microsoft 365 (M365) for collaboration and productivity has become an enterprise standard than just a few years ago was viewed with skepticism. The data on the economics, capabilities, and flexibility of leveraging SaaS versus an equivalent

Azure Identity for ISVs

permalink: https://aka.ms/FTAISVIdentity  reference links permalink: Microsoft identity platform overview – Azure – Microsoft identity platform | Microsoft Docs   Microsoft Azure Identity includes many features that can help an independent software vendor (ISV) with setting up identity management for their solution on Azure.  In this set of two video presentations, I

Deploy DISA Stig Compliant Azure Virtual Machines

Purpose The purpose of this post is to walk through the available automated options to deploy VM’s that are compliant with DISA Stig standards.   Assumptions General knowledge of Azure Virtual Machines, DISA Stigs, and automation will be very helpful.   Description Many organizations and US Government agencies are well

Azure Policy to Enforce Azure Services to comply with DoD CC SRG Audit Scope IL5

Article Summary    This article provides the technical controls leveraging Azure Policy (Azure Policy)  to enforce compliance with FedRAMP and the  Azure Services in FedRAMP and DoD SRG Audit Scope – Azure Government | Microsoft Docs . This solution is being provided as an additional architectural option for evaluation for

Simplifying the Options When Creating an Azure File Share

Purpose:   The purpose of this post is to discuss the “options” available when creating an Azure File Share.  There is quite a bit of documentation that discusses Storage Accounts and Azure Files but it can be confusing to reconcile all of the docs with the terms, levels, and the

Create Private AKS Cluster using Bicep

Overview This is a blog on how to use a modular approach for Infrastructure as Code (IaC) in provisioning a private AKS cluster and other related resources. The Bicep modules in the repository are designed keeping the AKS baseline architecture in mind. You can start using these modules as is

Using A Function App with a Dedicated Static IP

Create an HTTP Trigger Function Create an HTTP Trigger C# function with a name of your liking. Use an App Service Hosting Plan SKU or Standard or Premium, both support VNET integration. You may use Standard plan for this set up, as it is cheaper. Replace the out of the