Cloudninja.nu
Search

Using Azure Key Vault from Bicep

Intro
I have previously written a post on how to use Azure Key Vault with GitHub Actions, and this time I want to show you have to use Key Vault with Bicep deployments in Azure. The reason behind using Key Vault is to avoid having any passwords or secrets stored in templates. Using Key Vault, I can reference a secret that the deployment will look up at deployment time and not display in any log files. Another benefit of using Key Vaults is that the person who deploys the resources does not need to know the password for the resource but only the reference to the Key Vault. Deploying resources using Key Vaults dramatically increases the security and, at the same time, eases the deployments.
Automation Azure Devops Microsoft Automation Azure Azuredevops Microsoft
3 minutes to read
Martin Therkelsen
Read article

Manage route tables and Network Security Groups in Azure with Bicep and Azure DevOps pipelines

Intro
In this blog post, I want to show you how to maintain route tables and network security group (NSG) configurations in Azure using Azure DevOps and pipelines. I have already written a post on the NSG part, but I have updated a few things since then, so I want to show that in this post.

You can find all the files in this post in their full length on my GitHub .

Automation Azure Devops Microsoft Automation Azure Azuredevops Microsoft
6 minutes to read
Martin Therkelsen
Read article

Azure Virtual Network Manager

Intro
In this post, I will guide you through creating an Azure Virtual Network Manager preview (VNM) and describe what the service can do for you. The service is still in preview when writing this post, so please do not deploy any of this into your production environment.
VNM will enable central management of connectivity and security policies across regions and subscriptions. What this actually means will be shown in the guide below, but it does bring something new to the table. The VNM adds yet another rule set to the security stack. These rules will override any Network Security Group (NSG) rules you might have already created. I am not really sure I like yet another ruleset. We already have an Azure Firewall and Network Security Group, so adding one more to the mix will make troubleshooting a bit harder.
Automation Azure Microsoft Azure Microsoft
7 minutes to read
Martin Therkelsen
Read article

Getting Azure Function under source control

Intro
In this post, I want to show you how you can easily set up Azure DevOps to control your Azure Function Apps (AF). Out of the box, AF supports editing in the portal or using VS Code / Visual Studio for both editing and updating. While both methods are fine, I prefer to use Azure DevOps for AF instead, enabling source control. Want to know how I do this? Read on, and I will show you. If you prefer to see it on a video instead, you can find it on my YouTube below.
Automation Azure Devops Microsoft Automation Azure Azuredevops Microsoft
4 minutes to read
Martin Therkelsen
Read article

Windows 365 - Custom images

Intro
In this blog post, I want to show you how easy it is to create a custom image in Azure and use it inside your Windows 365 machines. The process is simple, and hopefully, this guide will help you get started with the basics. And after that, you can start automating all the steps if you want to.

Setup
I first need to create a new virtual machine in Azure with the Windows 10/11 operating system. I will generate mine with Windows 11. Remember that generation 2 VM type is needed to deploy the Windows 11 into the Windows 365 platform. Generation 2 is needed due to the TPM and UEFI requirements of Windows 11.

Azure Microsoft Azure Microsoft Windows365
4 minutes to read
Martin Therkelsen
Read article

Windows 365 - How to get started

Intro
In this post, I want to guide you through the initial setup of Windows 365 (W365) from Microsoft. W365 is also known as Cloud PC and is the new desktop in the Cloud that Microsoft delivers. There are two flavors of W365, a business and an enterprise edition. The business edition will be a standard alone machine with no network connectivity to your on-premises or Azure network. In contrast, the enterprise edition will have a network card inside your Azure subscription so that you have the option of connecting it to internal resources. Nerdio has a good comparison with the two versions and Azure Virtual Desktop, which you can read here .
Azure Microsoft Azure Microsoft Windows365
5 minutes to read
Martin Therkelsen
Read article
Newer posts Older posts