Introduction For most businesses using some kind of firewall in Azure is not optional , these firewalls could be a cloud native offering such as Azure Firewall or a Network Virtual Appliance (NVA) running on IaaS such as Palo Alto, Checkpoint, Fortigate etc etc. A popular and common networking model in Azure that utilises some form of firewall is the hub and spoke network design which uses a centralised firewall or maybe even multiple centralised firewalls behind a load balancer for high availability .

I’m not exactly a Linux newbie but nor can I claim be at sysadmin level of Linux knowledge. Linux however, is a definite area I want to improve my knowledge and skills in. I wanted Ubuntu as my daily OS but a VM on my laptop just wasn’t doing it for me. I therefore decided to have my Surface Book dual boot Ubuntu 18.04 and Windows. Turns out this was fairly simple to accomplish.

So Terraform 0.12 was just released. I sat down this morning to have a quick play with it. I strongly recommend following the upgrade guide and make a separate branch of your TF files before testing 0.12. After getting everything setup and ready to test I ran a plan and apply using Terraform 0.11.14 and got my infrastructure to a state where no further changes were required. I then ran terraform.

Having been inspired by Gregor Suttie’s post ‘Replacing Azure Automation using Azure CLI and Azure Devops’ I decided to do something similar with Powershell. My requirement was to power off VMs with a certain tag and value at a certain time. The PowerShell for this is fairly simple: Get-AzVM | Where-Object {$_.tags[‘shutDown’] -eq “19:00”} | Stop-AZVM -Force I then created build pipeline in Azure Devops and added an ‘Azure PowerShell (Preview)’ task to the pipeline.

Really short and straight to the point post. 😀 I use the ‘Terraform Tasks for Azure DevOps’ extensions which makes using Terraform with Azure Devops an absolute breeze I have a build pipleline which initiates the remote storage for the Terraform state file, perfoms the Terraform init and the Terraform plan, all relevant files are then published as an artifact. A release pipeline then picks up the published artificat, performs another Terraform init and then a Terraform apply

Azure Security Center is a good thing to have as part of your Azure resources and it comes in two tiers: Free or Standard. By default it is enabled in your Azure subscription at the free tier and changing that to standard unlocks additional features and comes with some costs . So you’ve upgraded Security Center to standard and you have enabled data collection and you chose the option ‘Use workspace(s) created by Security Center (default)’.

I had to enable disk encryption on some existing Azure VMs this morning but I kept hitting a snag even though I had done this before and was using the same powershell as before. Here’s the PowerShell: $rgName = ‘MySecureRg’; $vmName = ‘MySecureVM’; $KeyVaultName = ‘MySecureVault’; $KeyVault = Get-AzureRmKeyVault -VaultName $KeyVaultName -ResourceGroupName $rgname; $diskEncryptionKeyVaultUrl = $KeyVault.VaultUri; $KeyVaultResourceId = $KeyVault.ResourceId; Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgname -VMName $vmName -DiskEncryptionKeyVaultUrl $diskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId; Now when I ran Set-AzureRMVMDiskEncryptionExtension it kept prompting me for an AADClient.

I’ve been increasingly using Terraform for my Infrastructure as Code deployments to Azure and I really like it and prefer it to using ARM templates. The thing I like most about Terraform is that it’s simple to use yet very powerful in its capabilities. This post is not intended to be an in-depth introduction to using Terraform on Azure, there are many sites around who have done that already and do it very well.

I’ve recently had the opportunity to start playing with Azure Devops and as I’m historically and primarily an infrastructure guy I wondered how Azure Devops can help me with such things as Infrastructure as Code. What I’ll show in this post is how to deploy ARM infrastructure resources such as VMs and vnets using ARM templates and Azure Devops. I’m not going to go into how you can purchase Azure Devops, there are many ways to gain access to it https://azure.

In part one we setup a project in Azure Devops, create an Azure repo, added an ARM template to the repo and created a build pipeline. In this post we’ll create a release pipeline to actually deploy our resources in Azure. Within Azure Devops open our project and select ‘Releases’ and select ‘New Pipeline’ On the next page choose under select template choose ‘Start with an empty job’ By default the stage is called Stage 1 as per the above screenshot, I’ve renamed mine to Deployment