App Service / Azure

Abusing Azure Managed Identity tokens

Posted on:

Abusing Azure Managed Identity tokens is surprisingly easy when your environment isn’t configured correctly. But what does ‘correct configuration’ entail? What risks are you exposed to, and what can these tokens achieve? Most importantly, how can you safeguard your data against such threats? Please find all the answers in my comprehensive article! Abusing Azure Managed Identity tokens – generation Utilizing Azure Managed Identity offers significant advantages: no need for managing […]

Container Registry

Azure Container Registry – repository permissions

Posted on:

Azure Container Registry – repository permissions, to manage access to specific repositories within your Azure Container Registry, you can utilize repository-scoped tokens for more detailed control. While Role-Based Access Control (RBAC) allows you to assign permissions for the entire Container Registry, these repository-scoped tokens enable you to tailor access at a more granular level to individual repositories. Use Cases Here are some scenarios where repository-scoped tokens are ideal: Azure Container […]

Api Management / App Service / Azure / Azure pipelines / Terraform

Expert Summit 2023 – REST API with private API Management Access

Posted on:

I had the pleasure of delivering a presentation at the Expert Summit 2023 on a network-isolated REST API, made accessible through API Management. For those interested in the source code from the live coding session, it is available for you to explore. Have fun! Below, you can view the architecture that was developed during the live session: The recording of the session can be found here! I truly hope you […]

Azure / Terraform

Azure Container Registry – cost optimization

Posted on:

Azure Container Registry – cost optimization can be straightforward once you’re familiar with the service’s capabilities. The key is implementing an effective scheduling system to reduce costs associated with storage usage. The solution involves configuring a clean-up task. Ready to learn how to set it up? Let’s dive in! Azure Container Registry – cost optimization – terraform Anticipate a guide on setting up clean-up tasks with a Terraform script. A […]

Azure / Container Apps / Terraform

Azure Container Apps – service bus [part 6]

Posted on:

Azure Container Apps – service bus, works together like a perfect couple! Achieving integration is a breeze, and the impact on performance is truly remarkable. In this guide, I’ll walk you through the steps to set up this integration and share the results of my performance tests. Rest assured, all the necessary resources are at your disposal. You can access the entire series on Azure Container Apps right here. If […]

Container Apps / KeyVault / Terraform

Azure Container Apps – secrets [part 5]

Posted on:

Azure Container Apps – secrets, every application typically needs to reference some secrets. To achieve this, I’ll demonstrate how to load secrets into Azure Container Apps using Azure KeyVault. While it’s not currently feasible to do this solely with Terraform due to the absence of a provider for adding secrets from Key Vault, I’ll guide you through the process in this article. You may view all of the series’ about […]

Container Apps / Terraform

Azure Container Apps – traffic splitting [part 4]

Posted on:

Azure Container Apps – traffic splitting, or having multiple revisions of your application and sharing traffic between them. You can specify the weight for each route, so the traffic load can be adjusted properly. The total of all weights must be 100. In my configuration, I assign a revision suffix to each deployment. You may view all of the series’ articles here. Azure Container Apps – traffic splitting – Terraform setup […]

Container Apps

Azure Container Apps – scaling [part 3]

Posted on:

Azure Container Apps – scaling, is the most powerful feature of this service. You have the option of scaling your application from 0 to 300 instances! Awesome. You may view all of the series’ articles here. There are three scaling rules that can be used; let’s go over them briefly: Unfortunately, there is no option to use Terraform to set Azure Container Apps scaling, you can use AzApi to do this, […]

Container Apps

Azure Container Apps – pricing [part 2]

Posted on:

Azure Container Apps – pricing will be discussed in this article, as a part of Azure Container Apps services. You may view all of the series’ articles here. I will compare prices against the Azure App Service, but firstly let’s focus on the pricing tier in Azure Container Apps. So we have two tiers: Consumption and Dedicated, look at the table below: Feature Consumption Dedicated Free workload Yes No Network […]

Container Apps / Terraform

Azure Container Apps – Creating using Terraform [part 1]

Posted on:

Azure Container Apps – Creating using Terraform, which used to be challenging. Why? Because a lot of tasks required the usage of the notoriously difficult-to-use AzApi, we recently began to be able to develop Azure Container Apps utilizing only resources from the AzureRM provider. This is wonderful news! All sources are included in this article and are available for download. Enjoy! Let’s begin with the developed architecture: Azure Container Apps […]