Learn what the publisher verification status is, and how to set it up in your organization. Azure AD comes with Consent Policies, enabling your organizations to only trust verified publishers. Users will then only be able to consent to applications that are verified.…
Have you ever wondered why a service or asset stopped working, or what could have caused a different behavior in your applications, although you didn't deploy any new code? I know I have. Use the Azure Application Change Analysis to learn all about it!…
The Windows Package Manager is fantastic. I have tried it out, and I like it. Here's how to get up and running with it, and run your first commands. I'll walk through a couple of things: Installing winget on a Windows Insider editionInstalling winget on a non-insider Windows editionInstalling winget on a Windows Insider editionWhen I am publishing this article, in May 2020, the winget tool is in preview. If you are on a Windows Insider build, you can install it from the Microsoft Store. You will most likely know if you're on the Insider build, and therefore I'll leave…
If you are building web applications with ASP.NET Core Blazor, make sure you do not remove the HTML comments. Avoid HTML minification, otherwise the web sockets used for SignalR does not work.…
Learn about some of my key scenarios for using the Azure Resource Graph to gain a better understanding of my Azure resources. This is a great tool for your Azure Governance toolkit.…
I love automation. Part of the glory of seeing a green build is to also know that it has passed some type of quality gates. In this post I'll talk a bit about some of my favorite Code Analysis tools for .NET Core. I use them in both personal as well as work projects, in a varietal mix depending on project. It's not an exhaustive list, and by no means the only tools that can be used. These are a select part of my arsenal to ensure I stay on the right path when developing software. Someone asked me recently…
In this article, I am exploring the capabilities of Bring Your Own Key with the Azure Container Registry. A way for you to get better control of the full Key Lifecycle Management process, should you need to. I am detailing a few of my thoughts that come up around different scenarios. I would be happy to hear about your own experiences and reasons for why BYOK helps you and your organization. Feel free to leave a comment or reach me on Twitter. ScenariosInstead of publishing purely technical piece guidelines, I am trying to angle some of my reasons and thoughts…
I have previously written about various Container-topics on this site. Recently, I also published a post about "Best Practices for security in Azure Container Registry." In this post, I want to bring awareness to how we can make use of one of the tips from that post, namely the Repository-scoped permissions. We can now create more fine-grained permission for our ACR. Time-limited access to help block any access after a specific point in time.Granular permission control helps restrict or allow specific actions on the registry. Actions are usually things like Read (pull), Write (push), Delete.Help your organization delegate…