Showing all posts tagged: 'Azure'

A 66-post collection

Setting up Managed Identities for ASP.NET Core web app running on Azure App Service

A few weeks ago I wrote about Secure application development with Key Vault and Azure Managed Identities which are managed, behind the scenes, by Azure Active Directory. At the end of that blog post, I promised to show you how to take your app from local development to production seamlessly, leveraging Managed Identities on the Azure App Service. What does the app currently doBefore setting things up on Azure, let's remind ourselves quickly what the application does and where Azure Managed Identities and Key Vault fit. The Razor Web App retrieves two secrets from Key Vault without having to configure …[read more]

Secure app development with Azure AD, Key Vault and Managed Identities

‌ Or - How to eliminate your application secrets once and for all. Developing applications using security best practices doesn't have to be hard. And yet, many organizations and developers struggle with this since the space is so vast and it's hard to know where to start. However, if you are developing for Azure, then there are some powerful features in place to ensure that you and your team can develop securely end-to-end. The main component is: Azure Managed Identities, which rely on Azure Active Directory. PrerequisitesAn Azure SubscriptionAzure Active DirectoryIf you don't have an Azure subscription, you can get one …[read more]

.NETConf 2018 - From developers for developers

.NETConf, the virtual Microsoft conference on all this .NET, cloud and mobile is back for another year and it's only a couple of weeks away! This year, the conference is scheduled to run for 3 days but the last day comes with a twist. We plan on having local developers and MVPs from around the world broadcasting live for 24hrs. This is a totally new format and will even feature some non-English talks! We have an excellent line-up of speakers covering everything .NET from local desktop development to Azure Serverless. The goal of the conference is to showcase new features, …[read more]

Enforcing TLS version on Azure WebApps with Resource Manager Policies

Azure Policies are an amazing, albeit well-hidden, feature that allow subscription administrators to define and enforce specific rules on how Azure Resources should be deployed. [Azure Policies](https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction" target="_blank) have been around for a long time, however they only became a first-class feature on Azure recently by getting a dedicated section in the portal. Therefore, when working with Azure Policies in the portal these days, you can now see all the definitions and assignments in one central place, making it easier to manage infrastructure and set explicit rules to enforce …[read more]

Serverless Text Moderation with Azure Functions and the Azure Cognitive Services

I love how Microsoft and Azure is making developers' lives so much easier. Consider the title of this blog post. Now try to think how you would solve this problem 2 or 3 years ago. How much code, infrastructure and data would have to be produced in order to generate a text moderation service that scales, performs and works reliably every single time! Fast forward to today and solving the exact same problem takes no less than 100 lines of code by using the tools that MS has made available to our disposal. The heavy lifting is done by the …[read more]

Using HTTPS with Azure Functions in local development

It's usually the small things that make a big difference. As I was updating my Function Core tools today (the Functions CLI) I was pleasantly surprised to notice some new functionality which was added to the tooling. The Functions team has added the capability to enforce/use HTTPS when developing and debugging in the local development using the Functions Core tools. If you're new to Azure Functions and never used the Core tools, then you may be surprised to find that we now have 2 versions of the tools. I know, but stay with me because they currently server different …[read more]

Using Azure Serverless to copy data from Service Bus to Azure Data Lake

Microsoft's serverless is continually improving with better stability and features. The out-of-the-box integration with many services makes serverless an appealing approach when it comes to solving a problem. I was recently asked by a customer to implement a solution that copies json data posted to a Service Bus Topic into an Azure DataLake in order to run offline analytics and reporting. At this point, I would have suggested using Azure EventGrid instead of Service Bus, since the solution needs to support multiple subscribers and it's a lot more lightweight. However, Service Bus Topics can also accommodate multiple subscribers and, besides, …[read more]

Using 'User Secrets' in .NET Core Console apps

Managing sensitive information and secrets in config files is something we all have to deal with on a daily basis. Unfortunately, this is also something that we still get wrong: a) config files with production secrets/keys b) source controll littered with secrets/keys c) obscure file transformations and processes to update secrets as we move from one environment to another. However, there are a few options available to us. For local development, NET Core has the notion of User Secrets which we can use to store sensitive information outside the application folder and away from source control. Azure Key …[read more]