The official Azure Synapse Analytics deployment extension for Azure Pipelines still ships without Workload Identity Federation (WIF) support, and there is no public ETA for when that capability will land. Rather than wait, I pulled down the same codebase Microsoft uses and produced a like-for-like variant that lights up WIF so anyone who is blocked… Continue reading Synapse deployments with Workload Identity from Azure Pipeline
Category: Automation
Securely Trigger GitHub Workflows from Azure Logic Apps Using GitHub App Authentication
In this tutorial, we'll explore how to trigger GitHub Actions workflows from Azure Logic Apps without relying on Personal Access Tokens (PATs). Instead, we'll utilize GitHub App authentication, which offers enhanced security and scalability for automated workflows. 🧩 Prerequisites Before we begin, ensure you have the following: An Azure Logic App (Standard). A GitHub App… Continue reading Securely Trigger GitHub Workflows from Azure Logic Apps Using GitHub App Authentication
Orion-Guardian: Azure DevOps Security Management at Scale
Introduction In the ever-evolving landscape of software development, ensuring the security and autonomy of your projects is paramount. Azure DevOps has become a cornerstone for many development teams, providing a robust set of tools for collaboration and project management. However, managing security at scale can be a daunting task. Enter Orion Guardian – a game-changing… Continue reading Orion-Guardian: Azure DevOps Security Management at Scale
Demystifying Azure Container Apps & Dapr – Part 5
Read Part 1 here. Read Part 2 here. Read Part 3 here. Read Part 4 here. Today I will be using the traffic-splitting capability of Azure Container Apps. Azure Container Apps implements container app versioning by creating revisions. A revision is an immutable snapshot of a container app version. Revisions in Azure Container App The… Continue reading Demystifying Azure Container Apps & Dapr – Part 5
Empower Kubernetes developers with guardrails
Background A while ago, I wrote a post: Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios. The idea was having a platform team that enforces best practices, security and other compliance aspects to Kubernetes platform and allows one ore more workload-teams (i.e., product teams) build and deploy their workload into the cluster. The previous post suggested… Continue reading Empower Kubernetes developers with guardrails
Bridge to Kubernetes – be confident on shipping software
Bridge to Kubernetes is a successor of Azure Dev Space. Distributed software’s are comprised of more than one services (often referred as micro-services), they depend on each other (one service invoking APIs of another service) to deliver capabilities to end users. While separations of services bring flexibility in delivering features (or bug fixes) faster, it… Continue reading Bridge to Kubernetes – be confident on shipping software
Azure Resource Governance with Template Specs & Biceps
All the example codes are available in GitHub. Background Governance of cloud estates is challenging for businesses. It’s crucial to enforce security policies, workload redundancies, uniformity (such as naming conventions), simplify deployments with packaged artifacts (i.e., ARM templates), Azure role-based access control (Azure RBAC) across the enterprise. Generally, the idea is, a centralized team (sometimes… Continue reading Azure Resource Governance with Template Specs & Biceps
Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios
Background Multi-Stage Azure pipelines enables writing the build (continuous integration) and deploy (continuous delivery) in Pipeline-as-Code (YAML) that gets stored into a version control (Git repository). However, deploying in multiple environments (test, acceptance, production etc.) needs approvals/control gates. Often different stakeholders (product owners/Operations folks) are involved into that process of approvals. In addition to that,… Continue reading Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios
Azure AD App via ARM Template Deployment Scripts
Background ARM templates offer a great way to define resources and deploy them. However, ARM templates didn’t have any support to invoke or run scripts. If we wanted to carry out some operations as part of the deployment (Azure AD app registrations, Certificate generations, copy data to/from another system etc.) we had to create pre… Continue reading Azure AD App via ARM Template Deployment Scripts
Terraforming Azure DevOps
Background In many organizations, specially in large enterprises there’s a need to automate Azure DevOps projects and Teams members. Manually managing large number of Azure DevOps projects, Teams for these projects and users to the teams, on-boarding and off-boarding team members are not trivial. Besides managing the users sometimes, we just need to have an… Continue reading Terraforming Azure DevOps
Reverse Engineering 