Go to top
Create an Automatic Service Principal Azure RM Service Connection in Azure DevOps via Azure CLI
Archive
Category: Azure Devops
10 Jul
2020

Create an Automatic Service Principal Azure RM Service Connection in Azure DevOps via Azure CLI

With more and more of our development and infrastructure projects being built and released via Azure DevOps, I find myself creating a few DevOps projects which, at creation time, share identical configs like service connections, permissions, repository names etc. Therefore, this week I have been trying to automate the creation of Azure DevOps projects. Many of the configs are easily configurable with AzureCLI and the Devops extension of it, but one thing I was struggling with was the creation of the service connections to our Azure subscriptions the way we do it from the GUI. We are using the Automatic Option when setting up the service connections for each one of our Azure subscriptions.

07 Jun
2020

Setting an Azure AD group to Azure SQL Database with ARM templates

  • 07 Jun, 2020
  • Alexandre Verkinderen
  • 62 views

I was recently looking at a way to automatically set an Azure AD group as the SQL admin for our Azure SQL databases with ARM tempplates. We use SQL authentication and Azure AD authentication for our SQL databases. The password for the SQL admin gets generated randomly as part of our pipeline and stored in Keyvault. We also have a dedicated team of SQL DBAs who would need to connect to the deployed SQL resources using their Azure AD credentials. Technically it is possible as per this link to set an Azure AD group as the SQL admins but I could not find a good example on how to do this with ARM.

28 May
2020

New Book: Inside Azure Management V4

  • 28 May, 2020
  • Alexandre Verkinderen
  • 64 views

Super proud to announce that our new book Inside Azure Management V4 has been released! This book is the 4th edition and covers a broad range of Azure Management related topics like cloud governance, process automation, infrastructure updates, application, and container monitoring. Writing an ebook was something new to me and definitely a refreshing experience compared to paperback System Center Unleashed series.

15 May
2020

Use Azure DevOps Self Hosted agents with Azure App Service access restrictions

  • 15 May, 2020
  • Alexandre Verkinderen
  • 72 views

By default, when you deploy a new Azure WebApp, Function app or API app it will be publicly available to the internet. For the current customer I’m working on we made it a standard that all webapps should not be directly publicly available. To enhance our security we deploy Azure Frontdoor and Azure API Management Service for our APIs and also enable IP restrictions. As mentioned in my previous blog post we currently use Azure DevOps with Microsoft hosted agents to build and release all of our web apps and API apps.

26 Apr
2020

Dynamically create README Files from Azure DevOps Pipeline and Commit to Repository

Bernie White has a Powershell Module (PSDocs) that can generate mark down files (*.md) and Stefan Stranger’s blog post shows us how to upload these to Azure DevOps Wiki. We started investigating this as we saw this being a great feature to automate the creation and maintenance of our README.md files within our IaC Templates. The only issue is that our README.md files live side by side with our ARM Templates in the Azure DevOps Repositories and not in the Wiki section that Stefan’s post updates. So the challenge is, how do we make our Azure Pipelines write back the README.md files it dynamically creates on the build agent to the repository?