security

Setting up and using private endpoints in Azure with a storage account example in Terraform

by
High-Level Diagram (HLD) illustrating a virtual machine subnet successfully connecting to an Azure Storage Account via a private IP address, with no public internet access. The diagram shows the virtual machine within its subnet, the private endpoint for the Azure Storage Account, and the private IP connection path, emphasising that the connection is made securely and entirely within the Azure network without exposure to the public internet.

Azure Private endpoints have been around for some time, in this blog post I will be looking at how to setup and begin using them – will also include a storage account example in Terraform. As your cloud environment continually grows, security is and should be pretty much top priority and utilising private endpoints will … Read more

Azure DevOps – 6 recommendations to help with securing your branches

by

Using Azure DevOps daily on a continuous basis but, have you thought about the security of your branches? In this blog post, I will give 6 recommendations to help you with securing your Azure DevOps branches! There is quite a number of ways and configurations you can do in relation to the security; these 6 … Read more

Azure Hub-Spoke Network Configuration with Azure Firewall DNAT using PowerShell

by

I am going to show you how to create a Hub-Spoke network configuration with Azure Firewall using PowerShell. What is a Hub-Spoke network? Think of the Hub-Spoke as two different networks, network1 is hub, network2 is spoke. Network1 acts as the central point of connectivity and perimeter for your network where all traffic has to … Read more

Azure Bastion – First thoughts on Preview

by

A preview I have been waiting on, Azure Bastion – a PaaS service provided by Azure that will allow you to seamlessly and securely RDP/SSH to your virtual machines within a Virtual Network, the connections are completed in the Azure Portal over SSL. When a Bastion is configured, no additional Public IP addresses are required … Read more

Azure Key Vault:- 5 ways to secure

by

Using Azure Key Vault to store your secrets , encryption keys or even certificate data? Have a read of this blog, I will be discussing 5 ways on how to secure your Key Vault from network restriction to key rotation. As mentioned by Microsoft, access to a key vault is controlled via two types of … Read more

Securing your secrets using Azure Key Vault and Virtual Machine Managed Identity

by

In my previous blog I gave an overview of Azure Managed Identity, specifically around virtual machines and managed identities. In this, I will be detailing the process of implementing a secure use of Key Vault with this virtual machine and how Identity Management can be used to retrieve secrets. There are two types of managed … Read more