In our previous blog post, we discussed how we can write custom Azure Policies in accordance with Organization’s Strategic and Compliance Requirements. We also learned how to apply policies at different scope levels in Azure. While planning, writing and applying compliance requirements in the form of Azure Policies is important, it is equally important to audit existing resources for appropriate configurations and settings, evaluate the results and take certain actions. One needs to be evaluate how many resources are compliant with the defined requirements, what resources are non-compliant, what corrective actions can be taken to bring them in compliance and also remove any false positives.
Read More »
Tag: PowerShell
Create and Assign Custom Azure Policies for Azure Governance
In our previous blog post, we discussed on using Azure Policies for Azure Governance and staying compliant with the same. We also discussed how we can use built-in Azure Policies to meet the governance criteria and start easily. However, the relationship between business and IT varies a lot from Organization to Organization. So from time to time, you’ll need to create your own Azure Policies and applying them to a scope. Custom Azure policies allows you to be lot more compliant and a lot more flexible. In this blog post, we are going to discuss the same. Read More »
Working with Audit logs in Azure DevOps
With the arrival of the Sprint 154 updates, auditing has been introduced in the Azure DevOps. This has been a long standing demand from various enterprises (including Ours !). We wanted to observe activities and monitor changes that have occurred in the Azure DevOps across the Organization. It is in the preview phase as of this writing of this blog post, but it is very useful in the preview phase as well. In this blog post, we are going to see what is recorded in the Azure DevOps as part of the auditing, how we can access it and what we can do with the same.
Read More »
Return Multiple Values from PowerShell Function
In PowerShell functions, by default, you can return only one object at a time. Since PowerShell does not apply any restriction on data type returned, it created a lot of possibilities on what can be returned as an output of the function. So if one needs to return multiple values or objects, it is generally suggested to create an array of the objects and then return the array. If the underlying values are simple strings, some would create a custom PSObject and then return the PSObject. In this blog post, we will discuss the other methods to return the multiple values from PowerShell functions.
Read More »
Implement Pipeline Support by making proper use of begin, process and end blocks in PowerShell functions
Of many things that make PowerShell stand apart in the world of scripting languages, perhaps two are most fundamental to it: first, its treats everything as Objects and second, the ability to pipe objects from one cmdlet to another. Using this capability, we can effortlessly link multiple cmdlets together. Doing this will also throttle the amount of memory that is being allocated (in most cases) that the current session is using for the commands. So, its very natural that you would want to implement pipeline support for your own function, that you just wrote.
Read More »
Write Advanced functions in PowerShell using various Write Cmdlets
PowerShell has become de-facto tool of choice for automation in Microsoft world from long time and slowly it is winning over hearts of the Linux administrators as well. Just like with other programming languages, there are many ways to do the same thing in PowerShell. However they differ in little subtle ways. You may or may not notice them in your day to day usage, but if you learn those subtleties, you can quickly improve the performance and results of your automation. This blog post is about one of the such cases only.
Read More »
Share variables across definitions in Azure Pipelines by using variable groups
It is easy to create variables in the Azure Pipelines and they make the pipelines more generic in nature. Therefore, we can customize the release steps as per the context of the stage used. Same goes for the build definitions. Now sometimes, it may happen that the variables are common across multiple build and release definitions. In such a case, instead of defining them again and again, we can use a variable group. A variable group allows us to store values that we want to make available across multiple build and release pipelines. It also prevent duplication of values, making it easier to update all occurrences as one operation.
Read More »
Store the app secrets in Azure Key Vault and use during Azure Pipelines
You can easily store your environment related secrets in the Azure Pipelines releases as variables and mark them as secrets which will encrypt and hide them. So anyone having access to the release definition would be not able to view them. Most of the times, it suffices as once set, they become encrypted and can not be viewed in text form.
However, sometimes it may happen that the person who keeps the secret would not be the same person as who is creating the release definition. Think of that as a way of segregating the responsibilities between the two. Also, it may be possible that the person who has provisioned the environment is not comfortable to share the secrets with anyone in plain text. After all, the best way to keep a secret is not to tell anyone about it. This is where the Azure Key Vault fits in very nicely. It can be used to store and transfer the secrets/certificates needed for your environment in a secure way.
Read More »
