Some time ago, I shared my experience building a secure bot using the Azure Bot Service and Bot Framework. Since then, I’ve frequently received questions about how the underlying system works. In this post, I’ll walk through the internal architecture of the Azure Bot Service—covering the key components, message flow, and supporting services—to provide a… Continue reading Azure Bot Service & Microsoft Teams – Architecture and Message Flow
Tag: Security
Streamline Azure Lifecycle Management with AI Solutions
Introduction A while ago, I created a proof-of-concept application. It helps LCM (Life Cycle Management for Azure Resources) for a friend of mine. The POC was using all Azure Open AI, Storage Account etc. But the resources where exposed to the internet. Recently, I wanted to update them. I aimed to protect all traffic staying… Continue reading Streamline Azure Lifecycle Management with AI Solutions
Creating Custom Widget for Managing Client Secrets in APIM Developer Portal
In today's rapidly evolving digital landscape, secure and efficient management of client credentials is paramount. Azure API Management (APIM) provides a robust platform for managing APIs, enabling organizations to expose and protect their services. Integrating Azure Active Directory B2C (Azure AD B2C) with the APIM Developer Portal allows API consumers to sign in and manage… Continue reading Creating Custom Widget for Managing Client Secrets in APIM Developer Portal
AKS Workload identity – A Deeper look
Background Recently, I found myself delving into the intricacies of Workload Identity Federation within Azure Kubernetes Service (AKS) while explaining it to some friends. As I delved deeper into the topic, I realized the importance of documenting and summarizing this information for anyone else navigating the same waters - including my future self. So, let's… Continue reading AKS Workload identity – A Deeper look
End-to-End Security: Function, Azure SQL, and API Management
Introduction In the dynamic realm of today's digital environment, safeguarding your applications and data holds utmost importance. This blog post is designed to lead you through the steps of establishing comprehensive security measures for an Azure Function App, Azure SQL database, and API Management. Our approach involves leveraging Azure Virtual Network (VNet) for robust network… Continue reading End-to-End Security: Function, Azure SQL, and API Management
Key Vault as backing store of Azure Functions
If you have used Azure function, you probably are aware that Azure Functions leverages a Storage Account underneath to support the file storage (where the function app code resides as Azure File share) and also as a backing store to keep Functions Keys (the secrets that are used in Function invocations). Figure: Storage Account containers… Continue reading Key Vault as backing store of Azure Functions
Access Control management via REST API – Azure Data Lake Gen 2
Background A while ago, I have built an web-based self-service portal that facilitated multiple teams in the organisation, setting up their Access Control (ACLs) for corresponding data lake folders. The portal application was targeting Azure Data Lake Gen 1. Recently I wanted to achieve the same but on Azure Data Lake Gen 2. At the… Continue reading Access Control management via REST API – Azure Data Lake Gen 2
Reverse Engineering 