I had the pleasure to present an introduction to Azure Kubernetes Service (AKS) to a customer crowd yesterday. A big part of the presentation was a demo of basic functionalities where I went through the creation of pods, deployments, services & looked at monitoring. The demo is on GitHub here. I thought I would share … More Introduction to AKS
Azure API Management is a fully managed API Gateway service. In my last article we looked at the anatomy of the service. Today I wanted to demonstrate how to use OAuth with JWT token to protect an API Front End. I also wanted to show how we can access backend APIs on private networks. There … More API Management – OAuth and private back-ends
When I want to wrap my head around a non-trivial Azure service with a few moving parts, I like to draw a diagram. That might be from my UML days or it might just be that I reason better with boxes that concepts spread in documentation and APIs. In general, it helps me clear out … More Anatomy of API Management
Last time, we looked at Azure Front Door being used as a reverse proxy in front of Azure App Service. We are going to increase the difficulty level today by looking at how to implement Azure AD authentication(also called easy auth) in Azure App Service behind Azure Front Door. Although that seems like an incremental … More Azure App Service Authentication with Azure Front Door
Azure Front Door service was recently released. Azure Front Door is an interesting service combining the capabilities of: Reverse Proxy (SSL Termination, URL based routing, URL rewrite & session affinity) Web Application Firewall (WAF) Accelerated Global routing Global Load Balancing between geo-distributed backend Some bits of Content Delivery Network (CDN, in the form of caching … More Azure Front Door with App Service
When it comes to using Service Principal in Azure, I always advise using Managed System Identity (MSI). MSI is simpler and safer. MSI handles certificate rotations. We never see the certificate. Remember this: the safest secret is the secret you never see. But in cases we can’t use MSI, we are going to give a … More Authenticating an Azure service principal
Azure Data Lake Storage (ADLS) Generation 2 has been around for a few months now. That new generation of Azure Data Lake Storage integrates with Azure Storage. This makes it a service available in every Azure region. It also makes it easier to access as it is built on foundation well known to Azure users. … More How to use Azure Data Lake Storage REST API
