Vincent-Philippe Lauzon’s

Azure, Apps & Data

  • Authenticating an Azure service principal

    When it comes to using Service Principal in Azure, I always advise using Managed System Identity (MSI).

    MSI is simpler and safer. MSI handles certificate rotations. We never see the certificate. Remember this: the safest secret is the secret you never see.

    But in cases we can’t use MSI, we are going...

  • Deploying an ARM template hierarchy

    ARM templates are a powerful way to deploy Azure resources.

    It’s a declarative language which express the target state. It can therefore be used to create or update resources.

    An ARM template is a JSON file. Once a target is big enough it becomes convenient to split the ARM template into multiple files....

  • Multiple Service Endpoints to multiple services

    Use case: I have a central thingy that needs to talk to a service protected by a service endpoints (e.g. storage account, Azure SQL DB, Azure Maria DB, etc.). That service is also accessible to another compute in other Virtual Networks.

    Is that possible?

    Just to make it a little more concrete, let’s...