Database Patterns with Azure Kubernetes Service Part 2: Azure SQL DB and Managed Identity

My Blog Post: An ASP .NET Core app hosted in Azure Kubernetes Service (AKS) that is accessing an Azure SQL Database using Azure AD Managed Identity. The benefit is the ability for the application code not to use conventional SQL credentials of username and password stored in configuration files. Also, not use Azure Key vault to retrieve any user name and password credentials. There is nothing wrong with these techniques, but using Managed Identity is more streamlined and is a security best practice. #AKS #Kubernetes #Security #managedidentity #azureAD #AzureSQL

How to get the Secret from an Output of an Azure Key Vault ARM Template Deployment to the Main ARM Template

The Scenario I have a set of ARM templates that deploys an azure app service solution with Azure Key Vault and a secret value. The main template is calling out via the linked template resource reference to the Key Vault resource template. ... snippet ... }, "resources": [ { "apiVersion": "2018-05-01", "name": "linkedTemplate-keyvault", "type": "Microsoft.Resources/deployments", …

Continue reading How to get the Secret from an Output of an Azure Key Vault ARM Template Deployment to the Main ARM Template

Issue Resolution: App Gateway returning ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY in Chrome

Background: I have an Azure App Gateway with the Web Application Firewall that is fronting an Azure App Service for http traffic. Issue: Visiting the public URL of my web app in IE works fine, but in Chrome, I get an error ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY What is the general cause? According to this article, "By default, IIS …

Continue reading Issue Resolution: App Gateway returning ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY in Chrome

My Practical Intro to Azure Resource Graph

The Azure Resource Graph is attractive to me for its ability to query Azure resources at scale. I find this relevant in situations where you are managing a large number of subscriptions, resource groups and resources. And you are in situations to analyze and report on them. Without Azure Resource Graph, I would use Azure …

Continue reading My Practical Intro to Azure Resource Graph

Penetration Testing Your Web App with Azure Application Gateway WAF Part 1: Intro

In setting up an application with appliances that provide protections from cyber threats, it is always necessary to have penetration testing and monitoring throughout the solution's lifecycle management. I will demonstrate the following scenario: Protect your web app using Azure Application Gateway’s Web Application Firewall features. Enable and configure the WAF The web app is …

Continue reading Penetration Testing Your Web App with Azure Application Gateway WAF Part 1: Intro

Auto-scaling Azure App Service Part 2 of 2

In the Part 1 blog post, I have shown configuration of auto scale of 2 auto-scale profiles. I will show the operation of scaling out and scaling in. Upon a load test to simulate high load on the app service to trigger the auto-scale, here are the timelines and operations of the auto scale out …

Continue reading Auto-scaling Azure App Service Part 2 of 2

Visual Studio 2017 Load Testing of an Azure Web App with Application Insights Part 2 of 2

In continuation from my blog post Visual Studio 2017 Load Testing of an Azure Web App with Application Insights Part 1 of 2 , I have shown the web app and azure environment setup that is prepared for a load test of 10,000 simulated users. In this post, I will show the execution, some of the …

Continue reading Visual Studio 2017 Load Testing of an Azure Web App with Application Insights Part 2 of 2