Last time, we looked at Azure Front Door being used as a reverse proxy in front of Azure App Service. We are going to increase the difficulty level today by looking at how to implement Azure AD authentication(also called easy auth) in Azure App Service behind Azure Front Door. Although that seems like an incremental … More Azure App Service Authentication with Azure Front Door
Azure Front Door service was recently released. Azure Front Door is an interesting service combining the capabilities of: Reverse Proxy (SSL Termination, URL based routing, URL rewrite & session affinity) Web Application Firewall (WAF) Accelerated Global routing Global Load Balancing between geo-distributed backend Some bits of Content Delivery Network (CDN, in the form of caching … More Azure Front Door with App Service
When it comes to using Service Principal in Azure, I always advise using Managed System Identity (MSI). MSI is simpler and safer. MSI handles certificate rotations. We never see the certificate. Remember this: the safest secret is the secret you never see. But in cases we can’t use MSI, we are going to give a … More Authenticating an Azure service principal
Azure Data Lake Storage (ADLS) Generation 2 has been around for a few months now. That new generation of Azure Data Lake Storage integrates with Azure Storage. This makes it a service available in every Azure region. It also makes it easier to access as it is built on foundation well known to Azure users. … More How to use Azure Data Lake Storage REST API
AKS has a nice integration with Azure monitor. Out of the box there are a couple of dashboards for common metrics. What if you need to go beyond those metrics? This is what we’re going to do in this article. I’m going to show how to get the CPU usage per container. Along the way … More Monitoring metrics in AKS
ARM templates are a powerful way to deploy Azure resources. It’s a declarative language which express the target state. It can therefore be used to create or update resources. An ARM template is a JSON file. Once a target is big enough it becomes convenient to split the ARM template into multiple files. This can … More Deploying an ARM template hierarchy
Use case: I have a central thingy that needs to talk to a service protected by a service endpoints (e.g. storage account, Azure SQL DB, Azure Maria DB, etc.). That service is also accessible to another compute in other Virtual Networks. Is that possible? Just to make it a little more concrete, let’s give an … More Multiple Service Endpoints to multiple services
