security - Zimmergren

Protecting your Azure Container Registry by denying all requests except from allowed IP addresses

Tobias Zimmergren / March 22, 2019

With Azure Container Registry, or ACR, we get a lot of great capabilities to host our Docker images in the Azure cloud. With that, as with everything else, comes security concerns we should not overlook. In this post I'm exploring how we can lock down all access to our ACR by default, and then enable access based on an IP address or range of IP addresses. This is similar to what I've already explained in another post about Secure your Azure Storage Accounts with restrictions based on public IP addresses. If you haven't seen that, take a look there how…

Azure Container Instances - Using Managed Identity to access Key Vault secrets with C#

Tobias Zimmergren / February 26, 2019

Azure Container Instances with Azure Managed Identity, accessing data in a Key Vault without using any stored credentials - all done in C# with .NET Core. Tag along!…

Azure Container Instances (ACI) and Secrets - Creating secret volumes and consume secrets using C# .NET Core

Tobias Zimmergren / February 20, 2019

A full guide to how you can define a Secret volume mount to your Azure Container Instances, and how you can read these secrets using C# with .NET Core. Stay secure out there!…

Getting Started with BYOK in Azure Storage - Encrypt data at rest with your own encryption keys

Tobias Zimmergren / October 16, 2018

Many people are using the offerings in Microsoft Azure and hold their data in some type of storage containers. In Azure, this can come in the form of an Azure Storage Account, which this article is focusing on.I'll discuss and walk through how to BYOK (Bring Your Own Keys) to your Azure Storage Accounts, and use a Key Vault to point to the encryption keys that you own yourself.Link tip: Bring Your Own Encryption (Wikipedia)Link tip: Pricing and Restrictions for BYOK in Azure (Microsoft Docs)Link tip: Hardware Encryption vs. Software Encryption: The Simple Guide - Sam…

Secure your data in Azure Storage Accounts using RBAC (Role-Based Access Control)

Tobias Zimmergren / October 08, 2018

Security in the cloud is an essential part of any organization's long-term success. In this post we'll explore how to configure RBAC, or Role-Based Access Control, for resources in Azure.…

Secure your Azure Storage Accounts with restrictions based on public IP addresses

Tobias Zimmergren / October 07, 2018

Hosting data in the cloud is easy. Click, click and done - you're ready to go and put all of your sensitive information in the cloud. But, don't forget about securing that data. In recent years, data breaches have become something of a phrase you see in every organization's map of fears and risks. Not always was the focus on security as intense as it is now. Looking at the significant data breaches the last couple of years, it's evident that the stakes are getting higher and the malicious actors are better than ever before. Just take a look at…