Favorite Visual Studio Code Extensions for Azure

Favorite Visual Studio Code Extensions for Azure

I spend much time with Microsoft Azure. Architecture and Design, Solution Architecture, Development, Security, Operations, and more. The extensions below can serve both Developers, Administrators, and anyone in between. In this post, we're looking at some of my favorite Visual Studio Code extensions for working with Azure in various ways. Perhaps you can find some new favorites yourself. Share your favorites in the comments below! Azure AccountThis extension lets you sign in to your subscription and manage aspects of it within Visual Studio Code. This extension is beneficial and productive when working with development subscriptions. I don't use it for…

Read More

Discover issues with Azure Functions and App Service using Application Insights

Discover issues with Azure Functions and App Service using Application Insights

In recent years, I have built and operated distributed cloud systems. With these systems comes various challenges. A key thing I've learned  is to keep a close eye on metrics and insights, to learn how our applications are behaving at scale. This post will be about how to make use of Azure Application Insights to learn about performance and execution issues in Azure Functions, and ultimately in Azure App Services. We will take a look at these things: Use cases. Some favorites from my professional experiences.Favorite KQL (Kusto Query Language) queries. Querying the telemetry and logs for insightful data.…

Read More

Get notified of changes in Azure Key Vault by using Event Grid

Get notified of changes in Azure Key Vault by using Event Grid

There are numerous ways to secure and audit your Azure Key Vault setup and usage. In 2019, I wrote Who accessed my Azure Key Vault?, which is still relevant. In this article, I want to talk about how to set up automatic notifications when something change related to your secrets. Events in Key VaultsBefore we drill into the steps to get this done, I want to talk about events in general, and things we might want to think about before we dive in. What events can we subscribe to? The Azure Key Vault uses EventGrid for events. The currently supported…

Read More

Use Application Insights for Worker Service applications in .NET Core console apps, containers, and any non-HTTP apps

Use Application Insights for Worker Service applications in .NET Core console apps, containers, and any non-HTTP apps

Relying on Application Insights to provide great data has always been a core component of anything I create. Recently, I upgraded my projects to .NET Core 3.1, and in few cases I also upgraded to .NET 5 (Preview). A lot of my code is executed in containers, or other background processes that may not have a native Application Insight integration. With the upgrade to .NET Core 3.1, we noticed after a while that no logs were persisted to the cloud anymore. I could see telemetry being created when debugging, and from that perspective all the unit tests were…

Read More

Create a custom Azure Security Center recommendation with Azure Policy

Create a custom Azure Security Center recommendation with Azure Policy

In Azure Security Center you get a lot of built-in recommendations based on various compliance- and security controls. These are based on industry standards and include things like Azure CIS, PCI DSS, SOC TSP, ISO 27001, and more. However, many organizations have different requirements than the defaults, and sometimes want to introduce additional or modified checks. With Azure Security Center we get the capability to use custom recommendations together with Azure Policy, where we now can define our corporate policies and roll them out as recommendations in ASC. A great way to tailor the experience according to our use cases.…

Read More

Programmatically create Azure Container Instances and connect a Managed Identity

Programmatically create Azure Container Instances and connect a Managed Identity

"This feature is currently in preview. Previews are made available to you on the condition that you agree to the supplemental terms of use. Some aspects of this feature may change prior to general availability (GA). Currently, managed identities on Azure Container Instances, are only supported with Linux containers and not yet with Windows containers." - Microsoft DocsPreviously I wrote about a post explaining how to programmatically create new Azure Container Instances (ACI) that are connected to a specific Virtual Network, allowing communication with services and data that resides inside that network. In this post I'm sharing a brief additional…

Read More

Programmatically create Azure Container Instances in an existing Virtual Network

Programmatically create Azure Container Instances in an existing Virtual Network

In recent years I've worked extensively with various approaches to create ACI's, also known as Azure Container Instances. I have these standard approaches for various scenarios: Define a YAML file, and create ACI from the command line.Define an ARM template and create ACI using a Resource Deployment.Programmatically create ACI using the Azure Fluent SDK.In various use cases in my daily work, I have to rely on some of these approaches for spinning up new workloads, for short- or long-term tasks. Use caseI have Azure Functions and Azure App Services for everyday background tasks and web front-end. It…

Read More