If you want to get a free copy of the Index, Table of Contents and of Chapter 1, have a look here. Click on the READ AN EXCERPT dropdown and then select the one you would like to review. Figure 1 illustrates how that looks like. Figure 1, how to get a free PDF copy […]
Read More →Tags: Security
MCA Microsoft Certified Associate Azure Data Engineer Study Guide: Exam DP-203
I am proud to announce the publication of my newest book titled, “Microsoft Certified Associate Data Engineer Study Guide” for the DP-203 exam. The example data used in this book consists of my brainwaves. You can download the data and the source code for all the examples in the book on GitHub here . ADLS, […]
Read More →Azure Function Access Restriction
If you wanted to block inbound traffic to your Azure Function, one option is to use an Access Restriction. To check if you have one, navigate to the Networking blade for your Azure Function and check if Access restriction is On. Figure 1, Access Restriction and Azure Functions Take caution that although this let’s you […]
Read More →Machine Keys on an Azure App Service, machineKey multiple, different data centers, regions on Azure
I wrote this article some time ago, Machine Keys on an Azure App Service, machineKey multiple instances Azure, which describes how and why there are no problems running on multiple instances of your App Service Plan, so long as they are in the same region or datacenter. This is because, as part of the App […]
Read More →Blazor WebAssembly TypeError: Failed to fetch
Change is good, it is better than the alternative. There have been a lot of changes over the past few years when it comes to ASP.NET. One change, or should I call it a new product is Blazor Apps. I won’t go into what this is and how it works because there is already plenty […]
Read More →How to get a Bearer access token for Azure
Even though I am not a security expert, it has always interested me. When I worked on the IIS team some years back, pre Azure and pre Cloud days the protocol mostly used for large corporations was Kerberos. Initially, troubleshooting those issues would give me sleepless nights, but over some years you begin to see […]
Read More →Azure Function keys, keys and more keys, regenerated and synced
A very important point you must understand when it comes to working with Azure Functions is that that product is tightly bound to an Azure Storage account. You see, Azure Functions is a compute offering, when you provision that you are getting some CPU, some memory and a host to run the code on. The […]
Read More →Securing an Azure App Service or Azure Function PaaS
A common topic I would like to call out which I see in regards to security has to do with endpoints. I kind of want to call those endpoints “potentially vulnerable attack vectors”. I am a bit nervous writing “vulnerable” because the endpoints I mention here are secure, which is why I also called out […]
Read More →WEBSITE_VNET_ROUTE_ALL and Azure Functions
This would apply to Azure App Services too. This is an interesting feature. To me it resembles or provides the ability to force tunnel. The implementations of forced tunneling I have seen have typically been configured using route tables. Where the route table is a matrix of IP addresses (see Figure 6) that instructs TCP […]
Read More →Microsoft Authenticator App
If you are still using UID and Password as the only means for authentication, you might consider implementing Multi Factor Authentication (MFA). One way to do this is by using the Microsoft Authenticator App which you can read all about it here. I am writing this mostly to help me remember how I configured it […]
Read More →