Introduction On May 30th, 2024, Microsoft announced Azure Bastion Premium, featuring the highly anticipated session recording capability. This feature, long requested since Bastion’s general availability in November 2019, marks a significant enhancement. In my view, session recording is an essential addition to Bastion, as it provides superior compliance and security. It enables the direct recording of Bastion sessions into a Storage Account, bolstering its compliance and security capabilities. For the uninitiated, Azure Bastion serves as a ‘jumpbox’ for virtual machines hosted on A ..read more

Introduction As someone who’s gone through the spawning and evolution of an MSP (Managed Service Provider) looking to enhance the way they control, manage and delegate customer resources in Azure, I thought I’d collate all my thoughts, experiences, lessons learnt and knowledge dump for Azure Lighthouse with a comprehensive guide for MSPs. Whether you’re a new MSP, small or large, who may already use Azure Lighthouse, maybe we can learn from each other and in turn help steer Microsoft to enhance this tooling through our experiences and feedback – but also shout about how great it is. In this p ..read more

Introduction I’ve been dabbling into the world of Pester as of late to beef some unit tests with Azure Bicep modules. I thought it would be great if I can enhance the continuous integration pipeline in Azure DevOps for my Azure Bicep repository. With this, I thought I’d share this solution I came up with which may be of use to others in the community who could benefit or take inspiration from. As part of a previous blog, I detailed how to reliably scan against your Azure Bicep templates with PSRule here. This blog in particular takes this concept further, but instead applies Pester unit tests ..read more

Introduction Microsoft released into public preview in Q4 last year, workload identity federation service connections for Azure DevOps. This was very welcomed, as it greatly improves your security posture by using short-lived authentication tokens with no persistent secret to manage. For the most part, all my Service Principals to workload identity conversions in Azure DevOps for customers and internal service connections have been smooth sailing. However, I recently hit a few errors in a row with the same message cropping up: Automatic authentication conversion failed. Your service connecti ..read more

Just a quick post about Azure Lean Coffee, hosted by Daniel McLoughlin and Rukaya Ogazi-Khan which is streamed live monthly covering a range of discussion topics on Azure of which I was fortunate enough to get involved in their latest episode. In this weeks episode I was joined along side Michael Durkan and Jeevantika Lingalwar to talk about all things Azure. Some great topics were covered in this episode such as Women In Tech, VMs vs Cloud Native, Chocolate easter eggs & more! Check it out on YouTube: https://www.youtube.com/watch?v=2VYFcm4GdN8 The post Azure Lean Coffee – Episode 3 appe ..read more

Introduction Deploying to Azure Container Apps with Azure DevOps and want a quick start reference to get going? I’ll detail how you can quick start continuous deployment to your Azure Container App revision in single revision mode with Azure DevOps, featuring a quick start YAML pipeline that will build your container, publish to Azure Container Registry and lastly deploy it to the Container App itself! Multi-revision scope deployments are not in scope for this example. What are Azure Container Apps? Azure Container Apps is a fully managed Kubernetes-based application platform that helps you ..read more

Introduction The GitHub Actions Certification is a newly available cert, as of January 2024 from GitHub. It’s designed to test your proficiency in workflows: from CI/CD, customisations, efficiency, task automation and more. I took and passed the GitHub Actions exam on 26th Jan 2024 and thought I’d detail my experience and learning material that helped me on the study path. You can checkout all the available GitHub certifications here: Highlight your expertise with GitHub Certifications – GitHub Resources. Additionally, you can register for exams by logging into examregistration.github.com with ..read more

Here’s my top 5 Azure Bicep tips & tricks to get you started! Be sure to have the VSCode extension installed. If you’re interested in checking out some real world examples for Bicep please checkout my GitHub project Bicepify where I break down concepts into friendlier learning chunks. I update the repository frequently so be sure to star if you find it useful! Now onto the first Azure Bicep tips & tricks: 1. Auto load required parameters from Bicep modules Did you know you can auto-load module parameters in module blocks by simply using CNTRL+SPACE to auto load the 'params:‘. This sho ..read more

Introduction The Bicep template to deploy this is uploaded to my GitHub here. Deploys in minutes! Azure Front Door Premium allows Private Link connections to Azure PaaS services such as Azure Storage, App services and even AKS/Azure Container Apps. Private Endpoints allow us to securely send traffic via the Azure backbone network with Microsoft directly to your virtual network without leaving and going via the internet. In this post I’ll detail the benefits of Azure Front Door Premium integration to your Azure App service, what the deployment looks like and an Azure Bicep template to quick sta ..read more

Introduction Shared variable file patterns with Azure Bicep, what is it and what does it mean? How can you benefit from this? What problems can it solve? Without regurgitating too much from the Microsoft Docs on this at a high-level it’s a great way to utilise a JSON file to put common variables you want to reuse in your Bicep files. In this post, we’ll cover some basics of how this can be useful and expand on the Microsoft examples to inspire more adoption of this where you see necessary for your own Bicep configurations. All code examples in this post are in my GitHub project Bicepify, where ..read more