In our previous blog post, we discussed how we can write custom Azure Policies in accordance with Organization’s Strategic and Compliance Requirements. We also learned how to apply policies at different scope levels in Azure. While planning, writing and applying compliance requirements in the form of Azure Policies is important, it is equally important to audit existing resources for appropriate configurations and settings, evaluate the results and take certain actions. One needs to be evaluate how many resources are compliant with the defined requirements, what resources are non-compliant, what corrective actions can be taken to bring them in compliance and also remove any false positives.
Read More »
In our previous blog post, we discussed on using Azure Policies for Azure Governance and staying compliant with the same. We also discussed how we can use built-in Azure Policies to meet the governance criteria and start easily. However, the relationship between business and IT varies a lot from Organization to Organization. So from time to time, you’ll need to create your own Azure Policies and applying them to a scope. Custom Azure policies allows you to be lot more compliant and a lot more flexible. In this blog post, we are going to discuss the same. Read More »
If you are responsible for managing multiple Azure subscriptions, you would have notice that there are lot of issues maintaining consistency in resource deployment, organization and management across subscriptions. This is primarily because different subscriptions are designed to target different needs such as products or departments and therefore the Azure Resources being used by different set of people everywhere. To help with bringing consistency across subscriptions, one can use recently launched Azure Management Groups. Azure Management Groups helps to apply governance controls based on access controls, policies and compliance.
Read More »
With the arrival of the Sprint 154 updates, auditing has been introduced in the Azure DevOps. This has been a long standing demand from various enterprises (including Ours !). We wanted to observe activities and monitor changes that have occurred in the Azure DevOps across the Organization. It is in the preview phase as of this writing of this blog post, but it is very useful in the preview phase as well. In this blog post, we are going to see what is recorded in the Azure DevOps as part of the auditing, how we can access it and what we can do with the same.
Read More »
You can easily store your environment related secrets in the Azure Pipelines releases as variables and mark them as secrets which will encrypt and hide them. So anyone having access to the release definition would be not able to view them. Most of the times, it suffices as once set, they become encrypted and can not be viewed in text form.
However, sometimes it may happen that the person who keeps the secret would not be the same person as who is creating the release definition. Think of that as a way of segregating the responsibilities between the two. Also, it may be possible that the person who has provisioned the environment is not comfortable to share the secrets with anyone in plain text. After all, the best way to keep a secret is not to tell anyone about it. This is where the Azure Key Vault fits in very nicely. It can be used to store and transfer the secrets/certificates needed for your environment in a secure way.
Read More »
Few days back, we learned about how to publish Azure Container Instances where-in we can deploy either a container or group of containers and use the same. Azure Web App for Containers allows you to not only run your containers but it also brings forth the PaaS innovations for the Web App. So it brings best of the both worlds together. It also allows you to not worry about the maintaining an container orchestrator mechanism. You can prefer to package their code and dependencies into containers using various CI/CD systems like Jenkins, Maven, Travis CI or VSTS, alongside setting up continuous deployment web hooks with App Service.
In this blog post we’ll learn more about how to deploy .NETCore application packaged as docker container and using CI/CD in Azure Pipelines (Formerly VSTS).Read More »
While trying to create the Azure Container Instances on one of the newly created Azure Subscription, we came across this strange error, “ERROR: The subscription is not registered to use namespace ‘Microsoft.ContainerInstance'”. So we checked our configuration and the way we were creating the Azure Containers, and it all seemed okay. So we dig a little around by using PowerShell, authenticate to Azure using Login-AzureRmAccount and fire few commands.
The first command we fired was classic Get-Command to check if there are any existing cmdlets to help with Azure Resources and sure enough, there it was:
Read More »
Recently while deploying the source code using our CI/CD pipelines, we have got this error:
There were errors in your deployment. Error code: DeploymentQuotaExceeded.
2018-05-30T04:52:38.0042831Z ##[error]Creating the deployment ‘azuredeploy-20180430-045236-1abd’ would exceed the quota of ‘800’. The current deployment count is ‘800’, please delete some deployments before creating a new one. Please see https://aka.ms/arm-deploy for usage details.
2018-05-30T04:52:38.0051084Z ##[error]Task failed while creating or updating the template deployment.
One of the steps used by our release pipelines uses ARM template to make sure that resource being targeted has required azure configuration.
Read More »