When establishing good security processes around your software release pipeline it’s important to ensure that secrets are handled with care. As a best practice, I always ensure secrets that need to be used in a CI / CD pipeline are stored in Key Vault and imported into an Azure DevOps Variable Group. This allows the … Continue reading Terraform + Azure DevOps Environment Variable Piping Tips
Security
Azure Serverless Architecture Automation with Terraform Explained
Here is a higher level view of the architecture and all the things that Terraform is provisioning. Based on my previous post, we know that certain things still require manual intervention but Terraform can provision a lot of stuff: Resource Group Event Grid Topics (but no Topics Subscriptions due to Function Access Key limitation) CosmosDB … Continue reading Azure Serverless Architecture Automation with Terraform Explained
Attaching the Bearer Token to Claims Identity in ASP.NET Core to implement On-Behalf-Of Flow
When you setup an ASP.NET Core web API project and go through the wizard to associate it with an Azure Active Directory tenant it will add the necessary plumbing within your project to get it all working. However, if you are ever in a place where you need to use on-behalf-of flow to obtain another … Continue reading Attaching the Bearer Token to Claims Identity in ASP.NET Core to implement On-Behalf-Of Flow
Sky Cliffs 