List all RBAC permissions for all resources in Azure

I wanted to figure out how to obtain a list of all Resource Based Access ControlRBAC permissions for all the resources in one of my Azure subscription. This is a great way for Azure administrators to run reports that can quickly identify any issues with wrongly assigned permissions. To do this quickly and efficiently while automating the whole process I'll use PowerShell. The PoSH script is fairly straightforward and only requires a few steps: Login to Azure Select the right subscription (optional, if more than one) Retrieve all resources Iterate through each one and retrieve the RBAC permissions The script …[read more]


2016 in review

2016, what a year! I know that for many, including celebrities, it hasn’t been the best of years. We lost quite a few along the way. However, I'll try to put a positive spin as I look back through 2016. I like to do this because it sets the tone for 2017, the year to come. So, this is my retrospective on 2016, a year that has been incredible for me, from many perspectives. I've included both my failures and successes as I hold myself accountable to my promises. 2016 promises and resolutions My primary goal was to intensify …[read more]


Create .gitignore and other hidden files on Windows

If you ever needed to create a hidden file (.)filename on Windows then you'll have noticed that it's not particularly intuitive or easy to do. By default, Windows Explorer does not allow you do this in the GUI. Why? No idea! Solution 1 One easy and fast way to create files with a prepending (.) in the name (e.g .gitignore) is to open the Command Prompt and navigate to the directory you need to create your file. Alternatively, if you're already on the desired directory in the Explorer, you can Alt+RighClick and use Open Command Prompt from the context …[read more]


Working with the Azure DocumentDB REST API Authorization headers

DocumentDB is Azure's NoSQL offering that provides an exception service when it comes to working with non relational data. I've recently had a request to work on a project that uses DocumentDB but relies solely on the REST API to interact with the service. This is absolutely fine, since every service on Azure is built on top of a corresponding REST Api. Even the SDKs seem to be thin wrappers around the REST Api hiding away all the "ugliness" and complexity. Why did I say ugliness and complexity? Because if you ever had to work with the Azure REST API …[read more]


Being a guest at the .NET Rocks podcast

2016 has been crazy! I'll blog about it near the end of the year but for now let's focus on this. I was a guest at the .NET Rocks podcast. This is something that has been on my "to-do" list for some time and last week became a reality. I'm too excited and humbled to have been invited to take part at the show and talk about the amazing work we do in my team at Microsoft. But let's take it from the beginning I've been a long term fan and listener of the show. I've learned a lot from …[read more]


Service Principals in Microsoft Azure

What is a service principal? Azure has a notion of a Service Principal which, in simple terms, is a service account. On Windows and Linux, this is equivalent to a service account. These accounts are frequently used to run a specific scheduled task, web application pool or even SQL Server service. In a cloud context, Service Principals are the new paradigm. They are great because they allow you to provision an account that only has enough permissions and scope to run a task within a predefined set of Azure resource. It is vital that you don’t use your own …[read more]