Azure Bicep Snapshots – Test and Validate Your Code and Deployments

Azure Bicep Snapshots is a new preview feature introduced in v0.36.1 release. The feature allows you to generate the definition of a resource as it appears in ARM or in the Azure Portal for that particular resource when you click on the JSON view option, producing a JSON file as the result. Once you have that JSON file you can execute the snapshot command again to get results in what-if format. All this is done locally without doing an actual deployment against Azure. This means you can see how changes either in code or in the input impact your end results without having to deploy resources or make sure any referenced resources exist. This blog post will focus on showing you the capabilities of Bicep Snapshots in a complex real-world module and its bicep parameters configuration.

Continue reading →

Deploying A2A API in API Management with Azure Bicep

After introducing MCP servers. within Azure API Management and me blogging about it, now we have A2A API support. This makes APIM a very good choice for protecting, accelerating and observing your AI apps. Obviously I was tempted to find out how this new API type can be deployed via Bicep as proper documentation is lacking.

Continue reading →

Azure Policy Little Secrets

Azure Policy checks Azure resources and operations by matching their properties against defined business rules. It helps to enforce organizational standards and to assess compliance at-scale. Azure Policy is commonly used to enforce governance across Azure, ensuring consistency, regulatory compliance, security controls, cost management, and operational standards. Unfortunately, Azure Policy has its secrets; it has some limitations that are either not documented or the documentation is not so easy to find. With this blog post, I am not trying to bash on Azure Policy as I love the service and I think its architecture is very good, but due to the way some Azure APIs are written it can limit what Azure Policy can do.

Continue reading →

Do not use Azure Front Door metric OriginHealthPercentage in Log Analytics

Azure Front Door is a global, scalable service that acts as a content delivery network (CDN) and application load balancer to improve application performance and availability. The way you expose application on Azure FD is by creating origins. For each origin you have to add one or more origins. When configuring the origin you have the option to configure health probe. The health probe makes sure the origins are up. If an origin is not up it will traffic will not be sent to it. The results from the health probes is visible via OriginHealthPercentage metric. Now let’s have a closer look to metric OriginHealthPercentage as the results from it might be a little bit confusing, especially when you send the metric to Log Analytics workspace and viewed there.

Continue reading →

Enabling Defender for APIs on Azure APIM APIs with Azure Bicep

Azure APIM is essential feature in building AI applications. Being part of that it is important to protect your APIs and couple years ago Azure has provided such capability in Defender for Cloud called Defender for APIs. Previously I have demonstrated how to configure Defender for Cloud plans in Enable Defender for Cloud Auto provisioning agents via Bicep. For Defender for APIs plan it is the same resource type Microsoft.Security/pricings but the name of the resource is ‘Api’. Additionally, you will set pricingTier to Standard to enable it and subPlan to P1, P2, P3, P4 or P5. As this is the initial configuration only in this blog post we will look at what to do next.

Continue reading →

Spread the word:

Spread the word:

Spread the word:

Spread the word:

Spread the word: