Badges
Tags
Categories
Meta
Author Archives: abatishchev
Reliable and scalable infrastructure: Secrets
This is a series of posts: Introduction Principles Layers Traffic Secrets (this post) In the previous post we’ve discussed probably the most important aspect of running a service – the handling of live traffic. Without it it’s a not a … Continue reading
Posted in Infrastructure
Tagged azure, azure active directory, azure key vault, azure managed identity, book, x509 certificate
Leave a comment
How to get Tenant ID from Subscription ID in Azure using MSAL
This is a series of blog posts: Part 1: using PowerShell Part 2: using ADAL Part 3: using MSAL First you need to install AAD client NuGet package. Note this is MSAL, the modern and recommended way to communicate with … Continue reading
How to get Tenant ID from Subscription ID in Azure using ADAL
This is a series of blog posts: Part 1: using PowerShell Part 2: using ADAL Part 3: using MSAL In previous part we did it this using a script, this time we’ll do it using C#. First you need to … Continue reading
How to get Tenant ID from Subscription ID in Azure using PowerShell
This is a series of blog posts: Part 1: using PowerShell Part 2: using ADAL Part 3: using MSAL In order to do this, you’ll need: Call this Azure Resource Manager API without authentication, I suggest always use the latest … Continue reading
Carnation Anapa Winery, vol 3, day 153: corking
Today I’m bottling my wine. I got a 6-gallom carboy that went down to about 5 during the initial testing. In the first batch I bottled 10 bottles. Each contains about 15g of water where I diluted about 0.8g of … Continue reading
Following circular nested profile path identified
If you’re getting the following error: Circular nested profile definitions are not allowed. Following circular nested profile path identified: example.trafficmanager.net -> example.trafficmanager.net. Then very likely you got an ARM template like this: What means you created a Geographic traffic-routing based … Continue reading
How to get secret from Key Vault using PowerShell and Managed Identity
First you need to acquire a token using Managed Identity by calling the local Instance Metadata Service (IMDS) endpoint: Note that audience must match the service you’re calling and is different from example calling ARM. Then call the Key Vault … Continue reading
Reliable and scalable infrastructure: Traffic
This is a series of posts: Introduction Principles Layers Traffic (this post) Secrets Now you have multiple environments, each consisting of multiple data centers, each consisting of multiple scale units. How do you wire up them all together to be … Continue reading
How to assigned permissions for user-assigned managed identity on multiple subscriptions in bulk
First get the subscriptions you want to assign permissions on: Then get the client id of the identity you to assign permissions for: Now perform the actual permissions assignment: That’s it, folks!
Reliable and scalable infrastructure: Layers
This is a series of posts: Introduction Principles Layers (this post) Traffic Secrets When designing your service’s infrastructure, you need to remember that your deployment (or scale, more below) unit can go down at any point of time for any … Continue reading