Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 2
Aug 13, 2022 · 6 min read
In this series: Creating an authenticated web application and using Azure Functions to invite guest users to the organization Creating an access package and redeeming it In the last article, we created an application that can be accessed only by the users assigned to it. We also used Azure Functions and Microsoft Graph API to invite guest users to the organization. However, at this point, the guest user can not access the application, and manually adding every new user to the application and periodically reviewing their access is a cumbersome process.
Using Identity Governance and Azure Functions To Build a Self-Service Application Access Management Solution - Part 1
Aug 06, 2022 · 9 min read
In this series: Creating an authenticated web application and using Azure Functions to invite guest users to the organization Creating an access package and redeeming it Azure Active Directory serves two primary use cases: It enables you to grant users and applications access to your Azure resources in a secure and scalable manner. You can set up Azure AD as an authentication provider for your web applications so that only the desired Azure AD users can access your application.
Mar 26, 2022 · 3 min read
After an application is deployed to production, developers should lock down its underlying infrastructure to prevent accidental changes. Some of the commons accidents that can affect the availability of an application in production are: moving, renaming, or deleting the resource crucial to the function of the application. You can use locks that prevent anyone from performing a forbidden action to avoid such mishaps. Creating Locks Almost every resource in Azure supports locks, so you will find the lock option in the settings section of nearly all resources in the portal.
Mar 14, 2022 · 4 min read
You might have noticed that resources comprising some Azure services such as Azure Kubernetes Service (AKS) span multiple resource groups by default. In some cases, you might intentionally want to segregate resources such as disks and network interfaces from VMs by placing them in different resource groups for better management. A common problem arising from the resource spread is that you might find it challenging to delete multiple resources and resource groups to entirely remove a service from a subscription.
Aug 31, 2021 · 5 min read
Security is an important concern for microservices applications. Although security is a broad topic, I want to zoom into a critical aspect: limiting communication between microservices. By default, microservices platforms such as Kubernetes allow unconstrained communication between services. However, to prevent a few compromised services from affecting all the services on the platform, a microservices platform needs to limit the interactions between services. This constraint is enforced by creating network policies in Kubernetes.
Aug 12, 2021 · 10 min read
Simple applications rely on synchronous request-response protocols. It is one of the most common patterns we encounter every day in applications and websites where you press a button and expect a response. As the number of services increases, the number of synchronous interactions between them increases as well. In such a situation, the downtime of a single system also affects the availability of other systems. Synchronous interaction channels between services Google defines a set of principles and practices for attaining a high Service Level Agreement (SLA) by increasing the SLA of individual services.
Jul 17, 2021 · 9 min read
Applications or databases running out of disk space are a common issue that the Operations team addresses regularly. This problem has existed since the days we used to host applications on bare metal servers and is still present in virtualized and container environments. However, since we have reached a stage where the compute and storage systems are decoupled from each other, granting additional storage to applications rarely requires updating the application or modifying the underlying application host infrastructure.
Bulk Copy Data Sharing Pattern for Applications in Azure with Data Explorer, Data Factory & Cosmos DB
Jul 12, 2021 · 12 min read
In the initial stages of a data platform development, data size is small, and you can easily share it via email or services such as Power BI. However, once the platform grows, and different parts of the business become dependent on it, sharing data between systems becomes a big challenge. In a majority of the data-driven systems, one of the two patterns is used for consuming data. Low volume and high frequency: Consuming small amounts of data (usually one or a few records) at very high frequency.
Jun 01, 2021 · 3 min read
Do you want your LinkedIn audience to know what you are up to on Twitter? Here’s how I have set up Power Automate to crosspost specific tweets to LinkedIn. What is Power Automate Power Automate is one of the products of the Microsoft Power Platform family. It is a web-based service that helps you create automated workflows between your favorite apps and services to synchronize files, get notifications, collect data, and more.
May 08, 2021 · 10 min read
In this series: Distributed Tracing with Jaeger Simplifying the setup with Tye (this article) Tye is an experimental dotnet tool from Microsoft that aims to make developing, testing, and deploying microservices easier. Tye’s opinionated nature greatly simplifies the lifecycle of development and deployment of .NET Core microservices. To understand the benefits of Tye, let’s enumerate the steps involved in the development and deployment of the DCalculator application to Kubernetes: