Multi-Tenant Daemons with Microsoft Identity platform

June 10, 2021June 10, 2021 Moim Hossain1 Comment

Background I have recently speaking to a customer about the following scenario. Customer has an API that supposed to be consumed by some **trusted** daemon applications built and managed by their partners. It's not the interactive users (no signed in users via an web application) who will be using the API, rather some background process… Continue reading Multi-Tenant Daemons with Microsoft Identity platform

Architecture · Automation · Azure · azure-web-app · azure-web-apps · Command · docker · IAC · Infrastructure As Code

Azure AD App via ARM Template Deployment Scripts

April 3, 2020April 3, 2020 Moim Hossain6 Comments

Background ARM templates offer a great way to define resources and deploy them. However, ARM templates didn’t have any support to invoke or run scripts. If we wanted to carry out some operations as part of the deployment (Azure AD app registrations, Certificate generations, copy data to/from another system etc.) we had to create pre… Continue reading Azure AD App via ARM Template Deployment Scripts

Azure · azure-web-app · AzureFunctions · Functions · server-less · Serverless · ServicePrincipal · Uncategorized

Key Vault as backing store of Azure Functions

February 7, 2020February 8, 2020 Moim Hossain6 Comments

If you have used Azure function, you probably are aware that Azure Functions leverages a Storage Account underneath to support the file storage (where the function app code resides as Azure File share) and also as a backing store to keep Functions Keys (the secrets that are used in Function invocations). Figure: Storage Account containers… Continue reading Key Vault as backing store of Azure Functions

Automation · Azure · azure-web-app · azure-web-apps · CI-CD · Command · Powershell

Azure Web App – Removing IP Restrictions

July 31, 2018August 3, 2018 Moim Hossain2 Comments

Azure Web App allows us to configure IP Restrictions (same goes for Azure Functions, API apps) . This allows us to define a priority ordered allow/deny list of IP addresses as access rules for our app. The allow list can include IPv4 and IPv6 addresses. Source: MSDN Developers often run into scenarios when they want to… Continue reading Azure Web App – Removing IP Restrictions

.NET · .net-core · Automation · Azure · azure-web-app · azure-web-apps · C# · CI-CD · webjob

Deploying Azure web job written in .net core

July 18, 2018August 3, 2018 Moim Hossain1 Comment

Lately I have written a .net core web job and wanted to publish it via CD (continuous deployment) from Visual Studio Online. Soon I figured, Azure Web Job SDK doesn’t support (yet) .net core. The work I expected will take 10 mins took about an hour. If you are also figuring out this, this blog… Continue reading Deploying Azure web job written in .net core

Azure · azure-application-gateway · azure-resource-manager-templates · azure-web-app · azure-web-apps · certificates · compliance · Powershell · rm-templates · ssl · waf · web-application-firewall

Secure Azure Web sites with Web Application Gateway wtih end-to-end SSL connections

March 13, 2018July 15, 2018 Moim Hossain1 Comment

The Problem In order to met higher compliance demands and often as security best practices, we want to put an Azure web site behind an Web Application Firewall (aka WAF). The WAF provides known malicious security attack vectors mitigation's defined in OWASP top 10 security vulnerabilities. Azure Application Gateway is a layer 7 load balancer that provides WAF out of the box. However,… Continue reading Secure Azure Web sites with Web Application Gateway wtih end-to-end SSL connections