Azure Anti-Malware File Scanner is a must-have when clients/users upload files to the system. With this solution, you can enable an anti-malware scan for the uploaded files and take appropriate actions. In this entry, you will find the complete Terraform code for infrastructure setup and an Azure Function for handling the scan results. Azure Defender for Storage – Terraform setup Some time ago, Azure Defender for Storage was difficult to […]
Running Azure Functions in Container Apps with Terraform
Running Azure Functions in Container Apps with Terraform was released on May 24, 2024, and that allows you to run Azure Functions in Container Apps using Terraform. In this article, I’ll guide you through the steps to set up and deploy Azure Functions in Container Apps with Terraform. Additionally, for those new to Container Apps, I’ve included a brief overview of their benefits. Terraform script for Azure Function in Container […]
Azure DevOps self-hosted agent using prebuilt images
Azure DevOps self-hosted agent using prebuilt images is the second article in the series. The whole solution is based on GitHub Actions runner images, which you can find on GitHub. In this article, you will get information on how you can obtain prebuilt images for an Azure Virtual Machine or Azure Virtual Machine Scale Set. This means you can create an Azure DevOps agent with all the necessary tools in […]
Retrieval Augmented Generation (RAG) Free for app Everyone! Chat with your data
Explore the power of Retrieval Augmented Generation (RAG) with my sample application deployed on Azure. You can easily add your files and interact with them using chat, powered by the advanced GPT-4 model. Uploading new files has limited access. To obtain permissions, please comment and react on my LinkedIn profile. Following my profile is also much appreciated. Once permissions are assigned, you will receive a response to your comment. After […]
Azure Event Grid Namespaces – Terraform setup
Azure Event Grid Namespaces – Terraform Setup is the second article in the series. I would like to show you how to use Terraform to create all the necessary components: Event Grid Namespace, Topic, and Subscription. A detailed description of the Azure Event Grid Namespace service can be found here. Azure Event Grid Namespaces – Terraform script As of April 12, 2024, the AzureRM provider does not support the creation […]
Azure Event Grid Namespace: An Introductory Guide
The Azure Event Grid namespace introduces a fresh take on this service for me. Historically, I’ve seen Azure Event Grid as a tool that sends events to my applications, a function that notably distinguishes it from Azure Service Bus. Now, we’re presented with a groundbreaking update: Namespaces in Azure Event Grid. What do these namespaces offer? Why might they prompt a move from Azure Service Bus? My article aims to […]
Abusing Azure Managed Identity tokens
Abusing Azure Managed Identity tokens is surprisingly easy when your environment isn’t configured correctly. But what does ‘correct configuration’ entail? What risks are you exposed to, and what can these tokens achieve? Most importantly, how can you safeguard your data against such threats? Please find all the answers in my comprehensive article! Abusing Azure Managed Identity tokens – generation Utilizing Azure Managed Identity offers significant advantages: no need for managing […]
Azure DevOps self-hosted agent using Packer and VMSS
You’ve probably encountered situations where a self-hosted agent is necessary, perhaps for security reasons. Azure Container Instances offer a quick and simple way to run these agents, but this method has limitations. For instance, you cannot build Docker images with it. In a production setting, this might not be suitable for all purposes. Additionally, regular cleaning of the agent is required to avoid issues from using the same instance repeatedly. […]
Azure Container Registry – repository permissions
Azure Container Registry – repository permissions, to manage access to specific repositories within your Azure Container Registry, you can utilize repository-scoped tokens for more detailed control. While Role-Based Access Control (RBAC) allows you to assign permissions for the entire Container Registry, these repository-scoped tokens enable you to tailor access at a more granular level to individual repositories. Use Cases Here are some scenarios where repository-scoped tokens are ideal: Azure Container […]