Lately, I had the requirement to access data from the incoming HTTP body, which was form-urlencoded (Content-Type: application/x-www-form-urlencoded). I assumed this was something simple to do, however it turned out more complex than expected. HttpUtility? My first...
Lately, I had the requirement to access data from the incoming HTTP body, which was form-urlencoded (Content-Type: application/x-www-form-urlencoded). I assumed this was something simple to do, however it turned out more complex than expected. HttpUtility? My first...
Azure API Management's default security mechanism is built on top of subscriptions. Whilst this is a very simple way to protect your APIs, it's often not secure enough. Many scenarios require the APIs to be protected with OAuth2, which is perfectly possible with...
If you follow my blog, it should not be a surprise that I am using Managed Identity where possible, to avoid the need for passwords and secrets. In case these secrets are inevitable, we should store them in Azure Key Vault. Within App Service, you have the ability...
Security is one of my main concerns when building PaaS solutions in Azure. Since private endpoints have GA'd, I always apply network security on my projects. Unfortunately, private endpoints for Service Bus are only available in the Premium tier, which is a huge...
Recently, I wanted to create a Service Bus namespace via Bicep. The simplified resource looked like this: resource serviceBus 'Microsoft.ServiceBus/namespaces@2021-06-01-preview' = { name: 'test-sb' location: resourceGroup().location sku: { name: 'Standard' tier:...
A solid governance is the foundation of a successful Azure implementation. I often refer to it as "freedom within the frame". As an organization, you configure the rules of the game, e.g. allowed locations, no public IPs, restricted service tiers... Within that...