Badges
Tags
Categories
Meta
Category Archives: Infrastructure
How to set access policy on Key Vault in another subscription aka How to deploy to resource group in another subscription using ARM template?
The model for my Service Fabric infrastructure consists of two major parts: Data Center (think Azure region) Scale Unit (think Service Fabric cluster and its child resources) But today due to the limitation around AAD first party application we decided … Continue reading
How to split array into string for Service Fabric cluster ARM template
In order to use a certificates for Service Fabric cluster issues by custom, non publicly trusted CA you’d need to supply a list of thumbprints of intermediate CAs. In a form of a comma-separated string. What means if you have … Continue reading
How to deploy Traffic Manager to a Sovereign cloud using ARM template
On other day I tried to deploy Azure Traffic Manager profile to a sovereign aka national aka government cloud but got an error: Code: BadRequestMessage: A policy with the requested domain name could not be created because the name example.trafficmanager.net … Continue reading
How to combine Key Vault access policy for AAD application and user-assigned managed identity in single ARM template
On other day I was exploring how to grant access for a user-assigned managed identity to a key vault. But here’s a more advanced scenario: let’s say legacy code uses an AAD application to access the key vault and modern … Continue reading
How to create user-assigned managed identity, Key Vault, assign access policy using ARM template
There is already a plenty of materials about managed identities in Azure. But how to create a user-assigned managed identity and grant it the access to a key vault using an ARM template? I tried to find any references but … Continue reading
How to find out the latest ARM api version for given resource type
If you’d like to find this out, for instance, for Service Fabric applications, then use this query: which would yield this result: 2017-07-01-preview2016-09-012016-03-01 what means that you now can go to the GitHub repo with all ARM schemas and find … Continue reading
How to deploy Service Fabric application using ARM template
You can deploy a Service Fabric application using an ARM templat with a number very different mechanisms, whichever you’d like: PowerShell the CLI the Portal But first you need the actual ARM template. Here’s an example of an application consisting … Continue reading
How to package Service Fabric application into SFPKG using custom MSBuild task
This task wouldn’t require much efforts but: Service Fabric doesn’t support packaging its “package” (which is not a real package but just a directory) into .sfpkg out-of-the-box. Only suggests to use ZipFile.CreateFromDirectory. MSBuildTasks doesn’t support .NET Core so we can’t … Continue reading
How to extract private key from pfx and remove passphrase using OpenSSL
When I tried to enable SSL for BitTorrent Sync installed on my new NAS Synology 215j it turned out it requires not pfx but private and public keys separately in base64 encoded form. Here’s the command to extract certificate itself. … Continue reading
How to support different domain names in SSL behind reverse-proxy in IIS ARR
When you don’t want to enable SSL offloading so both internet facing web site and the one behind reverse proxy are access over SSL you will receive domain name mismatch. The solution is simple. Either: enable SSL Offloading enable Require … Continue reading
Alexander Batishchev's Blog 