Azure DevOps Container agents without PAT

April 4, 2023 Moim HossainLeave a comment

Azure DevOps now supports Service principals and Managed identities for authentication. This is currently (at the time of writing) in Public Preview. This is quite an interesting feature and addresses many concerns related to personal access tokens (PATs). I have a self-hosted container agent runs on Docker which needs PAT to spin up. With the new development… Continue reading Azure DevOps Container agents without PAT

.NET · .net-core · Azure · AzureDevOps · AzureFunctions · C# · Certificate · certificates · CI-CD · Functions · Identity · Serverless · ServicePrincipal

Secure your pipelines by frequently rotating secrets

May 28, 2021May 31, 2021 Moim HossainLeave a comment

TL; DR: This article and accompanying source codes helps you setting up an automated secret or certificate rotations for Azure service principals and Azure DevOps service connections. Jump into the technical part here. Background If you are deploying applications on Azure from Azure DevOps service connections (or GitHub actions) you are most likely using a… Continue reading Secure your pipelines by frequently rotating secrets

Azure · azure-web-app · AzureFunctions · Functions · server-less · Serverless · ServicePrincipal · Uncategorized

Key Vault as backing store of Azure Functions

February 7, 2020February 8, 2020 Moim Hossain6 Comments

If you have used Azure function, you probably are aware that Azure Functions leverages a Storage Account underneath to support the file storage (where the function app code resides as Azure File share) and also as a backing store to keep Functions Keys (the secrets that are used in Function invocations). Figure: Storage Account containers… Continue reading Key Vault as backing store of Azure Functions

.NET · .net-core · Azure · C# · DataLakeAnalytics · DataLakeStore · HTTPS · REST · Security · ServicePrincipal

Access Control management via REST API – Azure Data Lake Gen 2

September 20, 2019 Moim Hossain1 Comment

Background A while ago, I have built an web-based self-service portal that facilitated multiple teams in the organisation, setting up their Access Control (ACLs) for corresponding data lake folders. The portal application was targeting Azure Data Lake Gen 1. Recently I wanted to achieve the same but on Azure Data Lake Gen 2. At the… Continue reading Access Control management via REST API – Azure Data Lake Gen 2

.NET · Architecture · Automation · Azure · azure-resource-manager-templates · ServicePrincipal

Zero-Secret application development with Azure Managed Service Identity

July 15, 2018July 18, 2018 Moim Hossain6 Comments

Committing the secrets along with application codes to a repository is one of the most commonly made mistakes by many developers. This can get nasty when an application is developed for Cloud deployment. You probably have read the story of checking in AWS S3 secrets to GitHub. The developer corrected the mistake in 5 mins,… Continue reading Zero-Secret application development with Azure Managed Service Identity