.NET · .net-core · AzureDevOps · C# · CI-CD · Command · docker · IAC · Infrastructure As Code

Azure DevOps security as Code

March 29, 2023March 29, 2023 Moim HossainLeave a comment

Accompanied source code can be found here. A while ago, I have written an application that could simplify managing Azure DevOps security. The idea was that one could define bunch of YAML file that describes numerous security aspect for an Azure DevOps project (for example, security for teams, build and release folders, repositories etc.) and… Continue reading Azure DevOps security as Code

Architecture · Azure · Azure Deployment Environment · azure-resource-manager-templates · Bicep · Cloud Governance · compliance · Dev Box · IAC · Infrastructure As Code · managed-identity · terraform

Accelerate Governance with Deployment Environments

October 27, 2022 Moim HossainLeave a comment

I am super excited to explore and learn this new Azure capability: Azure Deployment Environment. Azure Deployment Environments empowers development teams to quickly and easily spin-up app infrastructure with project-based templates that establish consistency and best practices while maximizing security, compliance, and cost efficiency. This on-demand access to secure environments accelerates the different stages… Continue reading Accelerate Governance with Deployment Environments

.NET · .net-core · AB Testing · Architecture · Automation · Azure · Azure Container Registry · azure-resource-manager-templates · AzureContainerApps · Bicep · Blue-Green Deployment · C# · CI-CD · http · HTTPS · Infrastructure As Code · ServiceMash · Test Strategy

Demystifying Azure Container Apps & Dapr – Part 5

October 25, 2022October 25, 2022 Moim HossainLeave a comment

Read Part 1 here. Read Part 2 here. Read Part 3 here. Read Part 4 here. Today I will be using the traffic-splitting capability of Azure Container Apps. Azure Container Apps implements container app versioning by creating revisions. A revision is an immutable snapshot of a container app version. Revisions in Azure Container App The… Continue reading Demystifying Azure Container Apps & Dapr – Part 5

.NET · Architecture · Azure · Azure Container Registry · AzureContainerApps · Bicep · CI-CD · GitHub-Actions · Infrastructure As Code · managed-identity

Demystifying Azure Container Apps & Dapr – Part 4

October 24, 2022 Moim HossainLeave a comment

Read Part 1 here. Read Part 2 here. Read Part 3 here. Last time, I wrote the backend service (JobListener) which gets triggered by the Dapr pubsub whenever an image is uploaded into the designated blob container in the storage account. It then uses Computer Vision APIs to do the image recognition. Today we will… Continue reading Demystifying Azure Container Apps & Dapr – Part 4

.NET · .net-core · AKS · ASP.net · Azure · AzureContainerApps · Bicep · C# · CI-CD · Event Grid · Identity · Infrastructure As Code · Kubernetes · ServiceMash

Demystifying Azure Container Apps & Dapr – Part 2

October 21, 2022October 21, 2022 Moim HossainLeave a comment

Part 1 of this article is here. Last time, I created an empty Azure Container Apps Environment using Bicep. I also created some required components like Key vaults, Log analytics workspace, Application Insights and Computer vision. Application Architecture Today I want to make progress on that. As I have briefly explained before, I want to… Continue reading Demystifying Azure Container Apps & Dapr – Part 2

.NET · AKS · Architecture · ASP.net · Azure · AzureContainerApps · Bicep · C# · CI-CD · Cluster · IAC · Identity · Infrastructure As Code · Kubernetes

Demystifying Azure Container Apps & Dapr – Part 1

October 20, 2022October 24, 2022 Moim HossainLeave a comment

I have played with Dapr on Kubernetes (AKS to be specific) before and loved it for its ability to simplify distributed applications development with out of the box binding, service to service communications, secret abstractions, actors and observabilities. I have previously worked with LinkerD and Istio as service mesh and ran workload in production, but… Continue reading Demystifying Azure Container Apps & Dapr – Part 1

Automation · Azure · CI-CD · Cluster · GitHub-Actions · IAC · Infrastructure As Code · Kubernetes · Pipeline · terraform

Empower Kubernetes developers with guardrails

June 30, 2021June 30, 2021 Moim HossainLeave a comment

Background A while ago, I wrote a post: Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios. The idea was having a platform team that enforces best practices, security and other compliance aspects to Kubernetes platform and allows one ore more workload-teams (i.e., product teams) build and deploy their workload into the cluster. The previous post suggested… Continue reading Empower Kubernetes developers with guardrails

Automation · Azure · azure-resource-manager-templates · Bicep · CI-CD · IAC · Infrastructure As Code · Security · template-spec · terraform

Azure Resource Governance with Template Specs & Biceps

November 27, 2020 Moim Hossain3 Comments

All the example codes are available in GitHub. Background Governance of cloud estates is challenging for businesses. It’s crucial to enforce security policies, workload redundancies, uniformity (such as naming conventions), simplify deployments with packaged artifacts (i.e., ARM templates), Azure role-based access control (Azure RBAC) across the enterprise. Generally, the idea is, a centralized team (sometimes… Continue reading Azure Resource Governance with Template Specs & Biceps

.net-core · Cluster · compliance · docker · Go · Infrastructure As Code · Kubernetes · SQL-Container

Azure AD Pod Identity – password-less app-containers in AKS

April 19, 2020April 19, 2020 Moim Hossain2 Comments

Background I like Azure Managed Identity since its advent. The concept behind Managed Identity is clever, and it adds observable value to any DevOps team. All concerns with password configurations in multiple places, life cycle management of secrets, certificates, and rotation policies suddenly irrelevant (OK, most of the cases).Leveraging managed identity for application hosted in… Continue reading Azure AD Pod Identity – password-less app-containers in AKS

Architecture · Automation · Azure · azure-web-app · azure-web-apps · Command · docker · IAC · Infrastructure As Code

Azure AD App via ARM Template Deployment Scripts

April 3, 2020April 3, 2020 Moim Hossain6 Comments

Background ARM templates offer a great way to define resources and deploy them. However, ARM templates didn’t have any support to invoke or run scripts. If we wanted to carry out some operations as part of the deployment (Azure AD app registrations, Certificate generations, copy data to/from another system etc.) we had to create pre… Continue reading Azure AD App via ARM Template Deployment Scripts