Tag: Azure Security

Azure Resources CMK Encryption with Azure Bicep

Azure Customer Managed Key (CMK) Encryption is quite used feature across Azure resources in order to make sure you are compliant against various certifications and increase your security posture. I have been configuring this feature via IaC since there was only ARM Templates and Bicep was not available. If you have the same experience with me you will notice that the input required for this feature varies from one resource to another. If have to summarize what is required as information that would be:

  • Key Vault
  • A key from Key Vault
  • A version for a key. Some might not require a version.
  • Identity that will be used to access the key from the Key Vault. Most resources will offer the ability to choose between system assigned or user assigned identity although there are sill some resources that will use the identity of the account that is configuring the feature.

With that said in this blog I would like to show you how I used to configured the feature when using ARM templates and how I think it is the better approach when using Bicep code.

Continue reading “Azure Resources CMK Encryption with Azure Bicep”

Do not use tags for filtering security related Azure Policies

I spend a lot of time on Microsoft Q&A trying to help people by not just providing with answers but also educating them and pushing them to learn more. Recently I was asked to help with Azure Policy rule and I did.

Continue reading “Do not use tags for filtering security related Azure Policies”

Speaking at Inside Azure Management Virtual Summit

As you know we recently have released the fourth edition of Inside Azure Management book. What is better then free book? – A free book and free virtual summit. Yes that is right we are organizing a free virtual summit titled Inside Azure Management. I must say the actual organization is mainly led by Peter Zerger so once again I would like to thank him for his efforts. The virtual summit will take place on 23rd of July. If you want to register you can check the official web site of the event. You will find some interesting sessions and speakers that you might not see so much on other events. I will be delivering a session titled "Exploring Configuration Management in Azure" which will focus on showing you the different configuration management options within Azure with focus on Azure Policy and Azure Resource Manager Deployments.

It is also important to say that if you like the summit and you want to help people you can check one of the causes we are supporting with this event.

Enjoy the summit!!!

Inside Azure Management v4 – Chapter 2: Implementing Governance in Azure

These are challenging times for the whole world but to stay true to ourselves we are preparing for the release of the 4th edition of Inside Azure Management book. We expect to be ready no later than 15th of May but as you can understand many of us are busy supporting our customers from home. The book as always will be free download but of course you will be able to purchase it via Amazon as well if you want to. Return to this blog post in a few days to check for the Amazon link. We have worked hard to update the content to the latest changes inside Azure but also to give you some new scenarios.

Continue reading “Inside Azure Management v4 – Chapter 2: Implementing Governance in Azure”

Free Book: Inside Azure Management v3

For the last several months Pete Zerger, Tao Yang, Kevin Greene, Anders Bengtsson and me have been working hard to update Inside OMS book. With the latest changes we are now on version 3 of the book and with new name: Inside Azure Management

Continue reading “Free Book: Inside Azure Management v3”