Using Postman with Azure Resource Manager API – Commercial and Government

Cloud resources are provisioned and managed in Azure using the Azure Resource Manager, which is really an API that you can access using HTTP requests. There are a number of front-end tools that can be used to interact with this API such as the Azure Portal, AzureRM PowerShell modules, or the Azure CLI. These are…


Configuring and Testing SSL Settings on App Service Environment (ASE)

Azure App Service Environment (ASE) is a private deployment of Azure Web Apps in a virtual network. Because it allows virtual network isolation, it is ideally suited for Government Web Apps and it is now available in Azure Government. It has been recommended by NIST that TLS 1.0 be disabled for Government web sites. I…


Web App with Vnet Only Access using App Gateway – PowerShell Automation

Azure Web Apps provide a managed environment (PaaS) for hosting web applications. These environments have low operations and management overhead, which makes them a popular choice when moving applications to the cloud. The standard Web App offering is a multi-tenant environment configured for public access (with a publically accessible endpoint). When organizations want to host…


Developing and Debugging Desired State Configuration Scripts for Azure VMs

PowerShell Desired State Configuration (DSC) scripts are a popular way to configure Virtual Machines in Azure. In previous blog posts, I have made extensive use of them to configure SQL Server Always On and Team Foundation Server in Azure among other scenarios. These deployments use a combination of Azure Resource Manager templates and DSC scripts….


Team Foundation Server 2015 CI/CD Pipeline for Web App in Azure Government

Azure Web Apps is a managed hosting environment for modern web applications in the cloud. An important part of developing and delivering modern web applications is Continuous Integration (CI) and Continuous Delivery (CD) using tools such as Visual Studio Team Services (VSTS), Team Foundation Server (TFS), Jenkins, Buildbot, etc. As I have discussed in several other blog…


Azure Web App with Let’s Encrypt Certificate – Powershell Automation

UPDATE Jan 28, 2018 Niiraj Kumar made me aware that there is actually a Web App site extension that gets a Let’s Encrypt cert and renews it as needed with a Web Job. You can find the extension here. It is written by a fellow Dane Simon J. K. Pedersen, whom I will buy a…


Using Azure Commercial AAD Authentication and Graph API in Azure Government Web App – PowerShell Automation

In a previous blog post, I showed how it is possible to use commercial/GCC Azure Active Directory (AAD) authentication for an Azure Web App deployed in Azure Government. This scenario is relevant for organizations that have a commercial/GCC AAD tenant for Microsoft Office 365 but they also have a tenant in Azure Government for cloud…


Managing Github URLs for Azure Resource Manager Template Deployments

Have you ever tried the following: You push an Azure Resource Manager template to GitHub and try to deploy using the GitHub URL. Unfortunately, you had a bug or typo in your template and you get an error. You quickly fix the error and push a revised version and try again, but the Resource Manager…


Ensuring HTTP Strict Transport Security (HSTS) Compliance without System Modification – Powershell Automation

On June 8, 2015, the White House Office of Management and Budget issued memorandum M-15-13, “A Policy to Require Secure Connections across Federal Websites and Web Services” ( This policy requires that federal agencies make all existing websites and services accessible through a secure connection (HTTPS-only, with HTTP Strict Transport Security, HSTS) by December 31,…


Disabling TLS 1.0 in Azure Web App using Application Gateway – PowerShell Automation

Azure Web Apps are a great way to deploy modern web applications in a Platform as a Service (PaaS) environment. One of the main advantages is that you do not need to manage your own server. There are, however, some situations where you need more control over the environment than a Web App will allow….