Introduction I’ve been diving deep into API Management policies and exploring security around API access recently. It became clear that subscription keys are not secure—they can be easily stolen and used indefinitely if not regularly rotated. With this in mind, I thought it would be useful to outline one of the many ways to secure …
Introduction 🤖 In this blog, I’ll detail how you can integrate GitHub Dependabot with Azure DevOps at no cost, ensuring you can proactively monitor vulnerabilities in your project dependencies and keep them up-to-date in your .NET projects! For those unaware, Dependabot is a bot designed to help developers keep their software dependencies up-to-date by scanning …
Shifting FinOps left Not too long ago, I discovered an open source project on GitHub called InfraCost. It aims to help cloud teams shift left FinOps by helping provide Terraform Azure cost estimations, into Pull Request comments within GitHub/Azure DevOps, including a fancy VS Code extension. And whilst I was excited to try it out, …
What is APIOps? APIOps is the process of applying DevOps to the Azure API Management (APIM) service. By applying this concept to APIM, you can bring your APIs into version control, and most of the operations that were once done in the Azure Portal can now be achieved through code using CI/CD pipelines with APIOps. The benefits of this method of working …
Introduction – continuous deployment with Azure Bicep Continuous deployment with Azure Bicep using Azure DevOps provides a streamlined approach to deploying your resources. This method leverages Infrastructure as Code, harnessing the power of Azure DevOps tools such as source control, Azure Pipelines, and Azure Artifacts, all while maintaining environment control and auditing. In this article, …
Introduction Eliminate old API versions in your Azure Bicep templates – did you know we can leverage the linting features within the bicepconfig.json file to notify you when old ARM API versions are detected? It can be a great addition to your Azure Bicep repository to ensure all cloud engineers can keep track of older …
Introduction – Private Azure DevOps agent If you’re using Azure DevOps as your source control and deployment tooling, you may need to perform CI/CD to Azure resources that have no public access and are on private endpoints. This can pose a particular challenge, as unlike GitHub private runners, which can natively run within the private …
Introduction On May 30th, 2024, Microsoft announced Azure Bastion Premium, featuring the highly anticipated session recording capability. This feature, long requested since Bastion’s general availability in November 2019, marks a significant enhancement. In my view, session recording is an essential addition to Bastion, as it provides superior compliance and security. It enables the direct recording …
In this post, I’ll deep dive Azure Lighthouse from onboarding methods, best practices, lessons learnt and everything in between.
