Security is a topic that should be on top of everyone's mind. Particularly security in software is vital, given the enormous growth in threats targeting online resources. I previously wrote about other developer-oriented security aspects that you might find interesting: Embrace a Security Development Lifecycle (SDL) for AzureAutomate Azure DevOps code security analysis with MSCAToday I want to highlight another approach: vulnerability checks on systems running in the cloud or on your servers. That is, not during development, but in the system where they are operating. In this post, I'm discussing how we can do this using GitHub Actions and…
Relying on Application Insights to provide great data has always been a core component of anything I create. Recently, I upgraded my projects to .NET Core 3.1, and in few cases I also upgraded to .NET 5 (Preview). A lot of my code is executed in containers, or other background processes that may not have a native Application Insight integration. With the upgrade to .NET Core 3.1, we noticed after a while that no logs were persisted to the cloud anymore. I could see telemetry being created when debugging, and from that perspective all the unit tests were…
Do you also feel that there is an exponential growth of resources in your cloud environments? In my job, I have had to plan, design, architect, and develop solutions for the cloud ecosystem. When it is time to operate and maintain them, it gets a bit trickier if you have many departments. Demands will vary by department, and requirements on the technology you use might look different in other parts of the organization. A key thing I've learned over the years is that you need a proper governance plan. It would help if you allowed the business to thrive. Operations…
In Azure Security Center you get a lot of built-in recommendations based on various compliance- and security controls. These are based on industry standards and include things like Azure CIS, PCI DSS, SOC TSP, ISO 27001, and more. However, many organizations have different requirements than the defaults, and sometimes want to introduce additional or modified checks. With Azure Security Center we get the capability to use custom recommendations together with Azure Policy, where we now can define our corporate policies and roll them out as recommendations in ASC. A great way to tailor the experience according to our use cases.…
"This feature is currently in preview. Previews are made available to you on the condition that you agree to the supplemental terms of use. Some aspects of this feature may change prior to general availability (GA). Currently, managed identities on Azure Container Instances, are only supported with Linux containers and not yet with Windows containers." - Microsoft DocsPreviously I wrote about a post explaining how to programmatically create new Azure Container Instances (ACI) that are connected to a specific Virtual Network, allowing communication with services and data that resides inside that network. In this post I'm sharing a brief additional…
I've been an avid user of Ghost Pro for years. I absolutely love the service, support and simplicity. It comes with great themes and extensibility, too, if that's your thing. Recently I had some discussions with community peers who are considering new platforms for their blogs. There are many options, and we'll not address the reasons or arguments for one or the other now - we will focus on setting up a local development environment for Ghost, so you can easily customize your themes and work with your deployment without impacting your production environment. Install pre-requisitesThe one pre-requisite we have…
In recent years I've worked extensively with various approaches to create ACI's, also known as Azure Container Instances. I have these standard approaches for various scenarios: Define a YAML file, and create ACI from the command line.Define an ARM template and create ACI using a Resource Deployment.Programmatically create ACI using the Azure Fluent SDK.In various use cases in my daily work, I have to rely on some of these approaches for spinning up new workloads, for short- or long-term tasks. Use caseI have Azure Functions and Azure App Services for everyday background tasks and web front-end. It…
I already wrote about "Diagnosing and troubleshooting configuration and application errors in Azure App Services" in October 2019. Today, I am seeing an update to the service and I wanted to bring this new experience to light - it comes with an improved UX, and I really like it. In my daily work, I deal with production workloads every day. I have built, designed and am operating distributed applications and systems, and some are hosted in Azure App Services. Sometimes we see performance degradation. In other cases we experience intermittent errors that we can't easily understand. Enter Azure App Service…