Saturday, November 19, 2022

Creating an Reading Ledger Entries in Azure Confidential Ledger

In my previous article I gave an introduction to Azure Confidential Ledger. In this article I am trying to publish a .NET code sample. There is already an example in MSDN which is not working as expected. Therefore I tried to build one while exploring API.  

I have created a .Net 6.0 based console application and will be using the default Program.cs class. 

Following Nuget packages are required to be installed. 

First get the ledger Uri, Collection Id and a console input as a message to be published. 

Saturday, November 12, 2022

Getting started with Azure Confidential Ledger

Azure Confidential Ledger is one of the most interesting Confidential Computing offering on Azure. It offers you the capability store data in a secure blockchain with private and public ledger type options. In the back of it, it uses blocks in blobs stored in Azure Storage Account. Data in transit is secured with TLS 1.3 and allowed via verified certificate users as well as Azure AD users. 

Currently you can have Administrator, Contributor and Reader access levels assigned via Azure RBAC. Confidential Ledger runs on Trusted Execution Environments (TEEs) of Azure Confidential Computing. All the administrators and cloud providers are kept outside a Trusted Computing Base and it prevents anyone having access. 

Sunday, October 23, 2022

4 Takeaways from Azure Savings Plan for Compute

Purchasing consumption in advance can be extremely effective not only considering the large discounts get applied. With the business market trends that are fluctuating and swinging at such an unpredicted fashion and the market forces are unknown to which be accounted in, having a 3 year predictability is a bonus. Reserved instances have been very helpful with Azure but it came with certain limitations. Here are my top 4 takeaways from Azure Savings Plan for Compute. 

1. More flexibility over Reserved Instances

Reserved instances came with a few restrictions that were not much capable of moving things around. Even some of the available flexibility will be reduced by next year. Savings Plan for Compute can be activated at many different scopes and can be changed even after purchase. Also it allows using a vast range of services ranging from Azure Functions (Premium, Dedicated) to VMs to VMSS. 

Nevertheless, Reserve Instances are unannounced to be decommissioned anytime soon.

Wednesday, October 12, 2022

Service Connectors in Azure App Services

Are we ready to say bye to the connection strings when connecting to a database? Yes we were when the managed identities came in. It reduced the hassle of storing connection strings with passwords and provided the opportunity for the infra team to set them up. All the developers have to setup is the url and the authentication mechanism. 

Service connectors just allow regulate these connections in a much better way. It is a feature add-on that available for App Services, Container Apps and Spring Apps. There are multiple targeted services that include DB services and necessary Azure services. 

Creating a connection in Portal is simple as a few clicks. Although the same can be done with Azure CLI.

Saturday, July 23, 2022

What makes Container Apps easier to begin?

Containers will play a major role in enterprise application development in the years to come. Although the terms enterprise and containers together had much love-hate relationship over the skill gaps with container operations such as Kubernetes, that gap has been significantly reduced with the introduction of cloud capabilities such as Azure Kubernetes Services(AKS). 

It still makes it difficult as orchestration is still a learning curve. This is simplified with the recent release with the Azure Container Apps. I see quite a lot of advantages over other options for hosting containers. 

1. Easy to begin.

2. Networking boundaries can be defined. 

3. Ingress can be controlled. 

4. Revisions can be managed. 

Saturday, June 25, 2022

Azure Compute Decision Tree Simplification for Modern Applications

Azure Compute Decision Tree is a simplified decision making assistant that lets you decide which compute resources to choose based on your compute requirements. It is a comprehensive decision tree considering the lift and shifts and new developments. But developing new applications are much simpler given most services support multiple runtimes as well as containerisation. 

Azure Functions

Ideal for event-driven short live processes such as HTTP requests, multiple service triggers or simpler schedulers. Gives you ability to host as managed code as well as containers. So if you are thinking of long term expansions, containers is an option to consider. 

Functions is a famous option when you pay for number of executions which is available with Standard pricing. But if you need to extend networking you have to select another pricing level. 

Monday, March 7, 2022

What are CIS Hardened Images on Azure?

Center of Internet Security (CIS) is a non-profit organisation that is intended to provide best practices. related to security threats. They do provide benchmarks and standards that are industry accepted and can be used to ensure the cloud resources are secured to a greater extend. CIS has worked with leading cloud vendors to bring the Virtual Machine image templates that. 

You can browse them in the Azure Marketplace via here.

Sunday, February 27, 2022

Using Application Insights Rest API

Application Insights itself has great set of features that allows consumers to do many analysis on the application performance and monitoring. But there can be situations where you do need to find them located outside in external web applications. This is simplified by having support for different APIs and libraries to access Application Insights. In this article, we will focus on the REST API. 

Step 1: Aquire an API Access Key

Monday, February 14, 2022

What is Bridge to Kubernetes?

Azure Dev Spaces was the choice for setup micro service based multi-branched developer environments on Azure. As it is retiring, Bridge to Kubernetes comes in as a replacement for Dev Spaces. It is said to be light weight as it runs as extensions to Visual Studio and VS Code.  

Problem Statement

In a world where solutions are distributed for multiple micro-services, it is important to have the agility to be part of teams where everyone rapidly contributes to solution changes. Gone are the days where we stay for a Pull Request to complete, sync code and run on our local environments. Bridge to Kubernetes provides to keep everything synced in and work on only the required portion of the code once branched. 

Sunday, January 16, 2022

Bicep Setup for Log Analytics and App Insights

Bicep makes us human again. After all Json ARM templates, we can now write something with less brackets. I have written a few articles on Bicep and some templates related to APIM before as well. In this article,  I will explain how to setup a Log Analytics workspace and bind App Insights instances to it. 

Monday, January 3, 2022

Understanding the Azure Security Benchmark

Security in IT can keep people awake at nights. There are many new services and features introduced to Azure every year. It is not easy to keep a track of everything as an administrator or even as a team. Sudden exploits at any level can cost organisations valuable money and thereafter their credibility. So how can we make sure our services on cloud are secure as best it can get? 

This is answered with Azure Security Benchmark.

There are three main guidelines provide security standards. 

  1. Center of Internet Security (CIS)
  2. National Institute of Standards and Technology (NIST)
  3. Payment Card Industry Data Security Standards (PCI - DSS)