Azure Web App for Containers: Pulling a Container Image from ACR Without Exposing Credentials
Hello dear readers! My name is Daniel Ribeiro and I am a Customer Engineer working with Microsoft Mission Critical Team (SfMC). The Problem A customer of mine recently reported that when deploying a container using the Azure Web App, the ... continue reading
How-To: Deploy Microservice Application with Secrets Store CSI Driver Using Helm Chart
In the last blog we discussed AKS Pod Identity and how we utilize this feature in our application and establish a secure access to Azure resources using Azure SDK libraries. One of disadvantage of using Pod Identity is in case ... continue reading
Microsoft SQL Server Linux-based container images to be available only from the Microsoft Container Registry
Traditionally, SQL Server Linux container images could be downloaded from Microsoft Container Registry (mcr.microsoft.com) and mssql-server-linux. However, as you might be aware, we stopped updating the old repo, Microsoft/mssql-server-linux, a couple of years ago, as part of our move to ... continue reading
How-To: Deploy Microservice Application with Pod Identity Using Helm Chart
In the last blog we discussed how to deploy AKS fully integrated with AAD. Also we discussed deploying add-on for Azure Pod Identity and Azure CSI driver. In the article we will discuss how to create an application that using ... continue reading
HOW-TO: Deploy AKS with POD Managed Identity and CSI using Terraform and Azure Pipeline
Today as we develop and run application in AKS, we do not want credentials like database connection strings, keys, or secrets and certificates exposed to the outside world where an attacker could take advantage of those secrets for malicious purposes ... continue reading
Secure containerized environments with updated threat matrix for Kubernetes
Last April, we released the first version of the threat matrix for Kubernetes. It was the first attempt to systematically map the threat landscape of Kubernetes. As we described in the previous post, we chose to adapt the structure of ... continue reading
What's the difference between Azure Security Center, Azure Defender and Azure Sentinel?
It's common to have a pre-defined perspective when you hear the word "security". Some people think of applications being configured correctly or insecure coding practices. Some people think of identity concepts like password spray attacks, phishing or multi factor authentication ... continue reading
OPS113: From WS2008 to Azure with containers – An Ops view
IT Pros around the globe are trying to figure out how to modernize existing applications. End of Support for Windows Server 2008, how to move applications to the cloud, and how to leverage new technologies such as Kubernetes have become ... continue reading
Modernize Windows Server Apps on Microsoft Azure using Containers with Windows Admin Center and AKS!
Today we are looking at how you can modernize Windows Server Apps on Microsoft Azure using Containers with Windows Admin Center and Azure Kubernetes Service (AKS). We will see how we can create a new custom Docker container image using ... continue reading
Setup Azure Shell locally of on a local network – part 2
Hello Folks, In my last post I discussed how you can run the managed image that the Azure Cloud Shell is based on locally. It allows you to leverage the Azure Shell managed environment without being subject to the limitations ... continue reading
