Make Azure Container Registry and Azure Kubernetes Service instance talk to each other secure.
We need to grant permission to our Kubernetes cluster service principal to be able to pull docker images from our private container registry.
Continue readingDeploying a Kubernetes cluster in Azure using command line interface is an easy task. We will deploy a k8s cluster with custom nodes configuration specified for Elasticsearch.
Elastic stack in AKS. Part 1 Provisioning Kubernetes with Terraform
Source code is available at repository https://github.com/mchudinov/K8sAzureAzCli
Let’s get started.
Continue readingThis is part 1 of a serious of blog posts about deploying Elastic stack in Azure Kubernetes Service.
Related GitHub repository with Terraform source code K8sAzurTerraform
Continue readingAzure Web App supports deployment slots. Production slot is the main one and there can be a couple of others. In order to follow a principle of least privileges different slots should have different security principals for deployment.
A service principal with deployment permissions for only a dedicated slot is useful in order to limit access to production deployment.
Continue readingSometimes we need to restrict access to some URL-path of a Web application from Internet while allow to access the whole web site. This kind of restriction might be relevant for example for a administrative user interface or a special API that should not be accessed from Internet.
How to integrate a classic (MVC 5 and before) ASP.NET MVC application and a new type ASP.NET MVC (6?) OWin with an Azure Access Control Service (ACS). Users are authenticated outside of an application by third party authentication providers such as Facebook, Google, Yahoo etc. This process is called federated authentication.
A classic ASP.NET MVC project can be downloaded here https://github.com/mchudinov/AspMvcACSClassic
A new OWin-based ASP.NET MVC project can be downloaded here https://github.com/mchudinov/AspMvcACSOwin
