Deploying Blob Containers with ARM Templates

2nd of August, 2018 / / 2 Comments

ARM templates are a great way to programmatically deploy your Azure resources. They act as declarative descriptions of the desired state of an Azure resource group, and while they can be frustrating to work with, overall the ability to use templates to deploy your Azure resources provides a lot of value.

One common frustration with ARM templates is that certain resource types simply can’t be deployed with them. Until recently, one such resource type was a blob container.… [Keep reading] “Deploying Blob Containers with ARM Templates”

Azure ExpressRoute Public and Microsoft peering changes, notes from the field

27th of July, 2018 / / No Comments

I’ve been trying to piece all this together and get a single, concise blog post that covers all bases around the changes that have happened and are going to be happening for Microsoft ExpressRoute peering. That’s been a bit of a challenge because, I hope I don’t harp on this too much, but, communication could be a bit better from the product group team. With that said, though, it’s no secret for those that use ExpressRoute, Microsoft is looking to simply it’s configuration.… [Keep reading] “Azure ExpressRoute Public and Microsoft peering changes, notes from the field”

Azure AD Connect: How to run custom Sync scheduler with multiple on-premise AD connectors

24th of July, 2018 / / No Comments

Hello All,
I was recently involved on a project where I did some PowerShell scripts to remotely connect to an Azure AD (AAD) Connect server and run custom manual synchronization cycles (Delta Import & Delta Sync) using AAD Connect’s Custom Scheduler component.
The primary reason we had to do this was due to AD migration of users from one AD forest to another AD forest. Both these AD forest users were being synchronized (using a single AADConnect in target AD forest) to a common Azure AD tenant.… [Keep reading] “Azure AD Connect: How to run custom Sync scheduler with multiple on-premise AD connectors”

IaaS Application Migration Principles and Process – Consideration

20th of July, 2018 / / No Comments

What is IaaS Application Migration

Application migration is the process of moving an application program or set of applications from one environment to another. This includes migration from an on-premises enterprise server to a cloud provider’s environment or from one cloud environment to another. In this example, Infrastructure as a Service (IaaS) application migration.
It is important to consider some migration principles to guide your application migration that will allow to complete your transition successfully. At the same time, having too many principles can impact the overall delivery of the transition.… [Keep reading] “IaaS Application Migration Principles and Process – Consideration”

Querying against an Azure SQL Database using Azure Automation Part 1

5th of July, 2018 / / 1 Comment

What if you wanted to leverage Azure automation to analyse database entries and send some statistics or even reports on a daily or weekly basis?
Well why would you want to do that?

  • On demand compute:
    • You may not have access to a physical server. Or your computer isn’t powerful enough to handle huge data processing. Or you would definitely do not want to wait in the office for the task to complete before leaving on a Friday evening.
[Keep reading] “Querying against an Azure SQL Database using Azure Automation Part 1”

Securing your Web front-end with Azure Application Gateway Part 2

4th of July, 2018 / / No Comments

In part one of this post we looked at configuring an Azure Application Gateway to secure your web application front-end, it is available here.
In part two we will be looking at some additional post configuration tasks and how to start investigating whether the WAF is blocking any of our application traffic and how to check for this.
First up we will look at configuring some NSG (Network Security Group) inbound and outbound rules for the subnet that the Application Gateway is deployed within.… [Keep reading] “Securing your Web front-end with Azure Application Gateway Part 2”

Securing your Web front-end with Azure Application Gateway Part 1

3rd of July, 2018 / / 2 Comments

I have just completed a project with a customer who were using Azure Application Gateway to secure their web front-end and thought it would be good to post some findings.
This is part one in a two part post looking at how to secure a web front-end using Azure Application Gateway with the WAF component enabled. In this post I will explain the process for configuring the Application Gateway once deployed. You can deploy the Application Gateway from an ARM Template, Azure PowerShell or the portal.… [Keep reading] “Securing your Web front-end with Azure Application Gateway Part 1”

'Strong Name Verification' Issue with adding new Connectors in AAD Connect

21st of May, 2018 / / No Comments

I’ve been updating and installing the latest versions of AAD Connect recently (v1.1.750.0 to the latest v1.1.819.0) and noticed that I could not create a brand new custom ‘Connector’ using any of the following out of the box Connector templates:

  • Generic SQL
  • Generic LDAP (didn’t happen to me but I’ve seen reports it’s impacting others)
  • PowerShell
  • Web Service

The message in the AAD Connect Synchronisation Engine would appear as:
“The extension could not be loaded”
each time I tried to create a Connector with any of the above templates.… [Keep reading] “'Strong Name Verification' Issue with adding new Connectors in AAD Connect”

Key Vault Secrets and ARM Templates

15th of May, 2018 / / No Comments

What is Azure Key Vault

Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services. By using Key Vault, you can encrypt keys and secrets (such as authentication keys, storage account keys, data encryption keys, .PFX files, and passwords) using keys protected by hardware security modules (HSMs).
Key Vault streamlines the key management process and enables you to maintain control of keys that access and encrypt your data. Developers can create keys for development and testing in minutes, and then seamlessly migrate them to production keys.… [Keep reading] “Key Vault Secrets and ARM Templates”

Demystifying Managed Service Identities on Azure

13th of April, 2018 / / 5 Comments

Managed service identities (MSIs) are a great feature of Azure that are being gradually enabled on a number of different resource types. But when I’m talking to developers, operations engineers, and other Azure customers, I often find that there is some confusion and uncertainty about what they do. In this post I will explain what MSIs are and are not, where they make sense to use, and give some general advice on how to work with them.… [Keep reading] “Demystifying Managed Service Identities on Azure”