TL; DR: This article and accompanying source codes helps you setting up an automated secret or certificate rotations for Azure service principals and Azure DevOps service connections. Jump into the technical part here. Background If you are deploying applications on Azure from Azure DevOps service connections (or GitHub actions) you are most likely using a … Continue reading Secure your pipelines by frequently rotating secrets
UpdateThere is a follow up post with some updates, you can read here. Introduction If you are using Azure Pipelines, then you surely have used Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. However, there are times when self-hosted agents are needed (i.e. customized images, network connectivity requirements etc.). … Continue reading Elastic self-hosted pool for Azure DevOps (on Kubernetes)
In this article I would document my journey on setting up Linkerd Service Mesh on Azure Kubernetes service. Background I have a tiny Kubernetes cluster. I run some workload there, some are useful, others are just try-out, fun stuffs. I have few services that need to talk to each other. I do not have a … Continue reading Linkerd in Azure Kubernetes Service cluster
TL;DR: URL: CloudOven Use Google account or sign-up Google Chrome please! (I've not tested on other browsers yet) Background In recent years I have spent fair amount of time in design and implementation of Infrastructure as code in larger enterprise context. Terraform seemed to be a tool of choice when it comes to preserve the … Continue reading CloudOven – Terraform at ease!
What is API management Publishing data, insights and business capabilities via API in a unified way can be challenging at times. Azure API management (APIM) makes it simpler than ever. Businesses everywhere are looking to extend their operations as a digital platform, creating new channels, finding new customers and driving deeper engagement with existing ones. … Continue reading Continuously deliver changes to Azure API management service with Git Configuration Repository
Lately I have written a .net core web job and wanted to publish it via CD (continuous deployment) from Visual Studio Online. Soon I figured, Azure Web Job SDK doesn’t support (yet) .net core. The work I expected will take 10 mins took about an hour. If you are also figuring out this, this blog … Continue reading Deploying Azure web job written in .net core
Committing the secrets along with application codes to a repository is one of the most commonly made mistakes by many developers. This can get nasty when an application is developed for Cloud deployment. You probably have read the story of checking in AWS S3 secrets to GitHub. The developer corrected the mistake in 5 mins, … Continue reading Zero-Secret application development with Azure Managed Service Identity