The blog of a cloud agnostic professional and craft beer connoisseur

Tag: Azure FastTrack

Create a Private Link Service using Bicep

Original Post Read More Create a Private Link Service using Bicep This sample shows how to use Bicep to create an Azure Private Link Service that can be accessed by a third party via an Azure Private Endpoint. Bicep modules deploy all the Azure resources in the same resource group in the same Azure subscription.

What are Landing Zones?

Original Post Read More Permalink:   What exactly is a landing zone in Microsoft Azure? This three-part series will introduce Azure landing zones, explore the published landing zones, and concepts that software vendors and technologies partners should take into consideration for their cloud environment.   In part one, we discuss

Getting Started with Microsoft Azure Defender for Cloud

Original Post Read More Permalink:   Are you concerned about the security of your Azure resources, but don’t know where to start? Microsoft Azure Defender for Cloud provides you with a Secure Score, which measures the configuration of the resources in your Azure subscription against the Azure Security Benchmark.

Use Azure AD workload identity for Kubernetes in a .NET Standard application

Original Post Read More This article shows how to use Azure AD workload identity for Kubernetes in a .NET Standard application running on Azure Kubernetes Service. It leverages the public preview capability of the Azure AD workload identity federation. You can find the companion code under this GitHub repository.   Azure AD Workload Identity for Kubernetes Workloads

Converting Palo Alto policies to Azure Firewall

Original Post Read More I recently had a project where we had the chance to convert a Palo Alto ruleset to an Azure Firewall Policy. I had recently created a script to generate a Firewall Policy for Microsoft 365 endpoints, so the challenge was using that work as a basis to

Can we make data engineering CI/CD more like code? (Yes we can!)

Original Post Read More Prefix As a CTO, your organization has a development team, they use GitHub or Azure DevOps (or any tool) for new releases, bug fixes, testing. Yet another team is working closely with the development team, the data engineering team. However, you cannot achieve an aligned approach

Security considerations for Azure Kubernetes Service

Kubernetes is a complex system with multiple components working in tandem. Though AKS is a managed Kubernetes offering, it still requires operators to take care of the security across the components. In this context, the document outlines the various security measures recommended across the Host, Cluster, API Server, Pods, and

Using Certificates in Azure API Management

Azure API Management exposes existing back-end services as APIs. Each API Management service is composed of the following key components: Management plane, exposed as an API, used to configure the service via the Azure portal, PowerShell, and other supported mechanisms. Gateway (or data plane) is responsible for proxying API requests, applying