During the onboarding / rollout of Defender for Endpoint and Azure Arc Agent, the network plays a significant role. Communication via the Internet is usually restricted by segmented networks and secured by firewalls and proxies. To prevent errors or communication problems, the required ports & URLs should be opened to ensure seamless onboarding and operational processes.
Read more...Many tasks and processes can be automated quickly and easily using the Microsoft Graph API. This can be implemented with low-code applications such as Logic App or, for example, via Azure Function and PowerShell. Depending on the requirements, complexity, a variety of options are available.
Read more...Azure Kubernetes Services (AKS) and Azure Data Explorer (ADX) clusters are SaaS offerings based on virtual machines. It is probably the oldest way to safe money in the cloud - just turn them off when you do not need them - here are two ways to do this.
Read more...This is the fourth and final part of the blog series on how to move from Azure Pipelines to GitHub Actions.
Read more...This is the third part of the blog series on how to move from Azure Pipelines to GitHub Actions.
Read more...This is the second part of the blog series on how to move from Azure Pipelines to GitHub Actions.
Read more...Lately, I have been working on a lot of migrations from CI/CD environments of Azure Pipelines to GitHub Actions. I have been working with both tools for quiet some time now and I would like to share what I learned along the way.
Read more...One of the first things IT departments do when they start moving workloads to the cloud, is stopping their VMs on a regular basis to safe money. There are plenty of functions and ways to do this, but I thought, a different approach might be fun too - building this as a micro service with several components on Azure.
Read more...Using Terraform has become mainstream at this point and I would like to share with you, how I like to structure my deployments.
Read more...When working with internal container deployments, there are many cases, where applications need to access an internal HTTPS service. If these services use internal certificates from an internal certificate authority (CA), the client (container/pod) needs to trust the certificate chain including the Sub/Issuing CA certificate and the Root CA certificate.
These certificates have to be added to the trusted ROOT CA store, which should not be done at runtime (hence not with a sidecar container or similar constructs). The solution to this problem would be to add them at build time. We will discover how this process can be simplified and automated by using Azure Container Registry (ACR) tasks.