Protecting your Azure Container Registry by denying all requests except from allowed IP addresses

Protecting your Azure Container Registry by denying all requests except from allowed IP addresses

With Azure Container Registry, or ACR, we get a lot of great capabilities to host our Docker images in the Azure cloud. With that, as with everything else, comes security concerns we should not overlook. In this post I'm exploring how we can lock down all access to our ACR by default, and then enable access based on an IP address or range of IP addresses. This is similar to what I've already explained in another post about Secure your Azure Storage Accounts with restrictions based on public IP addresses. If you haven't seen that, take a look there how…

Read More

Azure Container Instances (ACI) and Secrets - Using Secure Environment Variables

Azure Container Instances (ACI) and Secrets - Using Secure Environment Variables

In this post I'm talking about how you can use something called secureValue, or secure environment variables, with your Azure Container Instance. Given the sensitive nature of some data you put into the variables, it is a good idea to understand different ways to protect some of that data - with secure environment variables you can hide the values from the UI and API calls to the ACI, and from the Azure Portal. BackgroundRunning your applications in the cloud has become increasingly popular. Migrating your .NET applications to .NET Core and hosting them as Docker images in the cloud is…

Read More

How to: Mount an Azure Storage File Share to containers in Azure Kubernetes Services (AKS)

How to: Mount an Azure Storage File Share to containers in Azure Kubernetes Services (AKS)

In this article, I am talking about how to share a mounted Azure file share across multiple containers in your deployments in Microsoft's hosted Kubernetes offering, AKS. This is a mini-series with two parts. (this post) How to: Mount an Azure Storage File share to containers in AKS.Processing data from SQLite hosted in an Azure File share, running in Azure Kubernetes Services.Step by stepTo get started, we'll need an Azure Storage account and an Azure Kubernetes Services cluster up and running. Create an Azure file shareFor the sake of ease and to keep a somewhat visual appeal in…

Read More