Enhancing the security of Azure Automation Webhooks in an Azure DevSecOps context

Hi,   Webhooks are a very convenient way to integrate APIs in general and to call Azure Automation runbooks but while they are very useful and easy to work with, they raise some security concerns. To give a concrete example, if you create a webhook against a runbook that leverages Azure Automation Hybrid Workers, causing…


Implementing Multiple Identities in your .NET Core Web App – Part 2

Last week we got started implementing multiple identities in a .NET Core web app by using Azure AD B2C: https://blogs.msdn.microsoft.com/azuredev/2018/09/03/implementing-multiple-identities-in-your-net-core-web-app-part-1/ We were able to very quickly get going logging in with both social and corporate identities by clicking through guided wizards. However this approach fell short when we decided to support multiple Azure AD tenants…

5

Docker in Azure VM

Getting started in a new technology can be frustrating when things go wrong, and Docker is no exception. The purpose of this post is to highlight some common issues faced when getting started with Docker in Azure. Choose the right VM for the job It is hard to put into words regarding the feeling you…

1

Azure Content Spotlight – Where is the market opportunity for developers of IoT solutions?

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. This weeks content spotlight is Diego Tamburini’s post Where is the market opportunity for developers of IoT solutions?. Diego, Principal Manufacturing Industry Lead – Azure Industry Experiences Team, discusses opportunities for developers arising from IoT. The article…

0

Implementing Multiple Identities in your .NET Core Web App – Part 1

Software developers have been dealing with the concept of users in their apps for many years, and many of us have implemented simple schemes for computing a hash of the password and rolling our own mechanisms and identity stores to support this. I don’t think I have seen anyone recommend as a best practice that…

4

Azure Content Spotlight – Migrate Apps to Azure

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. This weeks content spotlight is about App migration to Azure. The Cloud is changing the way applications are architected. Instead of monoliths, applications are decomposed into smaller services. These services communicate with each other through…

0

Azure Functions and Serverless Computing

In my previous blog post, WebJobs in Azure with .NET Core 2.1, I briefly mentioned Azure Functions. Azure Functions are usually small (or somewhat larger) bits of code that run in Azure and are triggered by some event. Azure takes complete care of the entire infrastructure of your Functions making it a so-called serverless solution. The…

6

Azure Content Spotlight – API Management Suite – VSTS extension v2.0

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community. This week’s spotlight is for a VSTS extension: the API Management Suite. The purpose of the extension to VSTS is to bring API Management into the release lifecycle allowing you to do many of…

3

WebJobs in Azure with .NET Core 2.1

WebJobs aren’t new to Azure or .NET. There’s even a default Azure WebJob template in Visual Studio 2017 for the full .NET Framework. However, a similar template for WebJobs in .NET Core is somehow missing from Visual Studio. In this post, I’m using .NET Core 2.1. Creating a WebJob in .NET Core isn’t hard, but…

10

Azure Content Spotlight – Secure DevOps Kit for Azure (AzSK)

Welcome to another Azure Content Spotlight! These articles are used to highlight items in Azure that could be more visible to the Azure community The Secure DevOps Kit for Azure (AzSK) offers a set of scripts, tools, extensions, automations, etc. for dev ops teams which are using automation and are integrating security into native dev ops workflows. The following…

2