TL;DR
Operators on IPv4 addresses can optimize your Azure Firewall kusto queries!
... Continue ReadingTL;DR
Enable connector in Defender for Cloud. Add analyze workflow. See scan results in dashboard.
... Continue ReadingTL;DR Security awareness month is upon us again!
Background
Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace.
... Continue Reading
TL;DR Some identity gotchas when deploying an AKS Application Gateway Ingress Controller with an existing Application Gateway using Terraform
... Continue ReadingTL;DR
You can run Azure Functions with Managed Identity for assigning Azure and API permissions.
TL;DR
Connect Subscription Activity Log with Azure Event Hubs for sending logs to third party SIEM using Terraform. Reduced scope for RBAC permission on Auth rule.
TL:DR; Both the AzureRM provider and the Remote Backend (if applicable) require authentication. I recommend using Environment variables/Azure AD or OpenID Connect where possible in pipelines. Azure CLI should be used locally. Avoid plaintext secrets, and never commit any secrets to version control!
... Continue ReadingTL:DR; Use Terraform AzApi provider to deploy an Azure Firewall Policy Rule Collection Group containing Mssql type application rule. Full AzApi example here. Attempted module for re-use here.
... Continue ReadingTL:DR; You can use checkov to scan your Terraform Iac for misconfigurations adding some level of DevSecOps. It can also be integrated with pre-commit. If you want, it can be applied to Bicep, Kubernetes or other supported frameworks.
... Continue ReadingHave you ever wanted to do a lab with Azure Firewall? Don’t want to delete the resource each time, just to recreate when you need it again? Allocation of an Azure Firewall can take a little while, though not nearly as long as a VPN gateway..
... Continue Reading