Seite 2 von 4
Various resources can be reserved in Azure, whereby use is guaranteed for 1 or 3 years. This can reduce the price of these resources by up to 72%. In the portal you can see these reduced costs for the reservations:… Weiterlesen →
The Defender for Cloud offers are used to receive notifications and alerts about Azure Services. To do this, it can be activated per subscription and per Azure Service (e.g. with Set-AzSecurityPricing or in the portal). However, what is not supported… Weiterlesen →
To set up a budget with warning in Azure, the Az.Billing PowerShell Module offers the cmdlets New-AzConsumptionBudget. Unfortunately, the PowerShell commands don’t seem to be implemented correctly in version 2.0.0 at the Az Module 8.3.0 or newer (currently 9.0.1): The… Weiterlesen →
As described in the previous article, private endpoints can be used to securely access Azure services. With App Services there is an additional possibility to control the outgoing traffic. Specifically, when configuring the app service in the network area, 2… Weiterlesen →
Most Azure services are accessible via a public URL. However, to provide a higher level of protection and a direct connection, various options are available in Azure. The two most common approaches are Service Endpoints and Private Endpoint/Private Link. Service… Weiterlesen →
APIs are available for most functionality and information in Azure. A token, which must be sent with the request, is usually required to retrieve the information. Generating a token dynamically or retrieving it via a service principal is often a… Weiterlesen →
Azure App Services are often placed behind an Application Gateway. Routing is easier to control, your own certificates can be stored centrally and data traffic can be checked and attacks detected. However, if the App Service responds with redirects, the… Weiterlesen →
As a starting point, there should be an API with a GET operation to retrieve (flight) data from a Cosmos DB. How the token can be generated to access the Cosmos DB was shown in the previous post Calculating CosmosDB… Weiterlesen →
To retrieve data from a Cosmos DB, its REST API can be used. The query is transmitted in the body of a POST request. Based on the current date, an authorization string must be calculated and supplied. The calculation is… Weiterlesen →
If workloads are to be set up in the Azure, there are various options. To make the choice easier, Microsoft provides the Compute Decision Guide (see picture above). It differentiates between Lift&Shift and Cloud Native and gives recommendations for individual… Weiterlesen →
„Blazor lets you build interactive web UIs using C# instead of JavaScript. Blazor apps are composed of reusable web UI components implemented using C#, HTML, and CSS.“ The application can be run directly in the browser as a WebAssembly. It… Weiterlesen →
In the blog post about endless running Azure Functions on Consumption Plan, normal Azure Functions can run without time limit with the help of the functionTimeout property. The same option is also available for the durable functions. The same timeout… Weiterlesen →
Standard Azure Functions (not Durable Functions) have a maximum timeout of 10 minutes on a consumption plan. This is the same timeout for the new Function Runtime ~4 (missing in the link). With the Function Runtime ~3, however, the timeout… Weiterlesen →
I had problems with the instructions from my post, because Lets Encrypt is switching from ACME API v1 to ACME API v2. So I switched to acme.sh to generate Let’s Encrypt certificates in manual DNS mode. The steps are simple… Weiterlesen →
Keycloak is a comprehensive and free open source identity provider. It is also offered in numerous Docker variants, which makes deployment very easy. Access to the shell is necessary for the configuration, e.g. if the first user has to be… Weiterlesen →
Lately people have been talking about Azure Landing Zones. This primarily refers to the environment in Azure into the workloads be migrated or new workloads are introduced. This means the preparation of the Azure environment. Specifically, the basic structure in… Weiterlesen →
For one project we use a Gremlin DB in Azure (Cosmos DB). Various libraries are available for use. Unfortunately, no REST is supported, which is why a corresponding simple interface had to be provided here. The most elegant way would… Weiterlesen →
Azure governance describes the guard rails and degrees of freedom for working in Azure. On the one hand, requirements are defined, such as how resources are to be deployed or how authorizations are assigned in order to set general requirements… Weiterlesen →
VMs are often used in Azure because sometimes higher-quality services such as Platform Services are not suitable. For each VM, there is basic monitoring such as network traffic and corresponding visualizations (e.g. under Metrics) directly in the portal. Often, the… Weiterlesen →
My challenge was to start a runbook as soon as a new file was stored in Azure Blob Storage. Unfortunately there is no direct configuration option in the storage account for such notifications. One way would be to poll the… Weiterlesen →
The cost of data transfer inside and outside Azure has become more and more complicated and confusing in recent years. This is due to various factors, so there are always new services with new prices, new Azure regions are emerging… Weiterlesen →
Many customers have problems choosing the right Azure Region for their workload. Especially since the German Region is available, but not all Azure services are available yet, the selection has become even more difficult. To simplify the selection, the workflow… Weiterlesen →
Azure Automation can automatically send emails through alerts when a runbook fails. Unfortunately, these alert mails cannot be adjusted and it is often necessary to send further information. In this case SendGrid is a good alternative because the mail service… Weiterlesen →
Should files are uploaded or downloaded from an Azure Storage Account Blob, there are corresponding PowerShell commands. Specifically, Get-AzStorageBlobContent or Set-AzStorageBlobContent can be used. Both commands always require the specification of a local file. In some cases, however, it may… Weiterlesen →
Azure provides a good way with Cost Management to report the costs and consumption of Azure Services. It offers various filtering, aggregation and export options. In some cases, however, it is still necessary to call up and process the data… Weiterlesen →
Most customers have a risk management, but with the new cloud area, there are new risks too. Every customer has to assess them for himself and work out possible compensation strategies. The following is my personal assessment of the most… Weiterlesen →
Anyone who has activated the Premium Plan 2 role of Azure Active Directory, for example for using Privilaged Identity Management (PIM), starts with a free 30-day trial period. If period has expired, the emails shown above follow daily and there… Weiterlesen →
The Application Gateway v2 has considerable advantages over the v1. Support for autoscaling, zone redundant operation or use as an ingress in the AKS are just a few features from the list. The re-encryption of the back-end data traffic is… Weiterlesen →
The Azure Application Gateway is a load balancer with some additional features, such as path-based routing, a web application firewall or SSL termination. However, if the traffic to the backend has to be encrypted also, (it has to be re-encrypted),… Weiterlesen →
VPN tunnels are often set up between on-premises environments and Azure. Sometimes these break off regularly and have to be restarted. However, there is often an incorrect configuration between the Azure VPN gateway and the on-premises gateway. The following are… Weiterlesen →