Bicep - Azure Key Vault Deployments in Multiple Environments
·1035 words·5 mins· 100 views · 5 likes
Hi folks, I sincerely hope you are all doing great. You are probably aware of the importance of Azure Key Vault in securely and centrally managing secrets, encryption keys, and certificates.
Terraform - Deploying and Managing Azure Log Analytics Workspace
·1336 words·7 mins· 100 views · 5 likes
Hi! As cloud architectures become more complex, Infrastructure as Code (IaC) has become increasingly important. By using tools like Terraform, IaC allows you to manage intricate infrastructures in a text-based, repeatable, and automated manner.
Bicep - Deploying keys with rotation policies in Azure Key Vault
·860 words·5 mins· 100 views · 5 likes
Hi! This week, we’re talking about security, specifically how to use automatic key rotation in Azure Key Vault. In case you didn’t know, Azure Key Vault’s automated key rotation improves security by creating new key versions at set intervals and sending expiration alerts via Event Grid.
Bicep - Enabling Malware Scanning & Sensitive Data Discovery in Storage Accounts
·888 words·5 mins· 100 views · 5 likes
Microsoft’s Defender for Storage has recently unveiled a significant security update, with two standout features being near-real-time malware scanning and sensitive data discovery. In this article, I will guide you on how to enable these features across all your Azure storage accounts using Bicep.
Terraform - Deploy Azure Firewall into Virtual Network
·1425 words·7 mins· 100 views · 5 likes
Hello everyone! Azure offers a variety of security solutions, and Azure Firewall is a particularly effective tool. It is a fully managed cloud-native network firewall that provides top-notch protection for our virtual network resources.
Bicep - Deploying Microsoft Sentinel with Azure AD Connector
·997 words·5 mins· 100 views · 5 likes
Hi there! As you know, Microsoft Sentinel is an advanced SIEM tool that provides a comprehensive view of your organization’s security landscape. One of its superpowers comes from its integration with Azure AD connector.
Terraform - Deploy Azure Bastion into Virtual Network
·1532 words·8 mins· 100 views · 5 likes
Hi there! In a previous article, we discussed the deployment of an Azure Bastion host in an existing Virtual Network (VNet) using Azure CLI and PowerShell. While those methods are effective, there’s an opportunity to simplify the entire process.
Terraform - Deploying Azure Hub-Spoke Networking
·1516 words·8 mins· 100 views · 5 likes
In this blog post, I want to show you how to implement a hub-spoke network architecture on Azure using Terraform, one of my favorite infrastructure as code (IaC) tools. The hub-spoke model is a widely adopted networking strategy that allows you to simplify management, increase scalability, and improve the security of your Azure resources.
Logging into an Azure Linux VM using an Azure AD account
·876 words·5 mins· 100 views · 5 likes
Today I want to show you how you can improve the security of your Linux virtual machines in Azure by integrating with Azure Active Directory (Azure AD) authentication. In this post, I’ll show you how to set up a Linux virtual machine and log in with Azure AD using openSSH certificate-based authentication.
How to route Subscription Activity logs to Azure Log Analytics workspace
·674 words·4 mins· 100 views · 5 likes
Sending resource logs to a Log Analytics workspace allows us to consolidate log entries from multiple resources and query the logs for complex analysis. In this post, I want to show you how to manage diagnostic settings for your subscription and send the Activity logs data to your Log Analytics workspace.
How to convert an Azure AD B2B user from guest to member
·453 words·3 mins· 100 views · 5 likes
By default, when an Azure AD B2B collaboration user is added to a tenant, the UserType property of the user is set to “Guest.” However, it may be the case that the host organization wants to treat the invited user as a member rather than a guest.
How to use a VM system-assigned managed identity to access Azure Key Vault
·1070 words·6 mins· 100 views · 5 likes
Hi, In a previous post, I showed you how to enable system-assigned managed identity on an Azure virtual machine. Today, I want to show you how to assign a managed identity to access an Azure resource securely.
How to enable the system-assigned managed identity on an Azure VM
·696 words·4 mins· 100 views · 5 likes
Hi, Jorge is back. In this post, I want to show you How to enable the system-assigned managed identity on an Azure VM using Powershell and Azure CLI. When you enable a system-assigned managed identity, Azure creates an identity associated with the instance and stores it to the Azure AD tenant associated with the subscription where you created the service instance.
How to create IP Groups for Azure Firewall rules
·944 words·5 mins· 100 views · 5 likes
Hi everyone, In a previous post, I showed you how to deploy an Azure Firewall. Today I will show you how to create and manage IP Groups in your Azure Firewall using PowerShell and Azure CLI.
How to configure Azure Bastion host to send logs and metrics to Log Analytics workspace
·793 words·4 mins· 100 views · 5 likes
Hi, In a previous post, I showed you how to configure Azure Bastion diagnostic parameters to send logs and metrics to a storage account. But suppose you already have a log analysis workspace.
How to configure Azure Bastion diagnostic settings
·781 words·4 mins· 100 views · 5 likes
Hello! everybody. Today I will show you how to configure Azure Bastion Diagnostic to send logs and metrics to a storage account using PowerShell and Azure CLI. Once this configuration is established, you can use the stored information to find out which users connected through Azure Bastion, when, from where, and metric information about the workloads of the Azure Bastion host.
How to enable the Key vault's firewall
·854 words·5 mins· 100 views · 5 likes
One of the security recommendations established by Microsoft in Azure Security Center is to enable the key vault’s firewall to prevent unauthorized traffic from reaching your key vault. This post will show you how to enable the firewall to ensure that only traffic from permitted networks can access your key vault using PowerShell and the Azure CLI.
How to configure Azure Firewall diagnostic settings
·778 words·4 mins· 100 views · 5 likes
Hey, guys, following the series of publications on Azure Firewall, today I’ll show you How to configure Azure Firewall Diagnostics to send logs and metrics to a storage account using PowerShell and the Azure CLI.
How to deploy an Azure Firewall in an existing VNet
·1051 words·5 mins· 100 views · 5 likes
This is the first post in a series of articles where I will show you how to manage an Azure Firewall using PowerShell and Azure CLI. In this first post, I want to show you how to deploy an Azure Firewall in an existing virtual network.
How to set the Password Expiration Policy in Microsoft 365
·375 words·2 mins· 100 views · 5 likes
If you have not yet implemented any identity protection mechanisms, such as multi-factor authentication (MFA), or to satisfy your company’s security regulations, you should establish a password expiration policy. In that case, this article will interest you.