If you want to use custom assemblies as NuGet packages in Visual Studio and your DevOps pipelines, you will have to add your assembly to the Assemblies folder in DevOps first. Next go to the NuGet Package Manager settings in Visual Studio.
In Azure we can deal with secret values using Azure Key Vault. In this post we call Azure Key Vault four times. First from an api app or function, then from a logic app, then from an ARM template and finally from API Management.
You can secure an Azure web app with cookie-based authentication using OpenID Connect. Or you can use a hardware based solution with access restrictions.
The Azure Command Line Interface (CLI) can be used to delete all blobs from a blob container. It’s an easy-to-use interactive interface. You might want to check out other commands as well.
You can store the application setting for an Azure Web App at two places: in the web.config and in the Azure Portal (under Configuration). In the DevOps release pipeline / Deploy Azure App Service task, you can specify the AppSettings under Application and Configuration Settings. You can change AppSettings and Connection Strings in the web.config by enabling XML variable substitution.
You can use Split DNS to either call API Management directly (internall calls) or via the Web Application Gateway (external calls). Split DNS is the facility of a Domain Name System (DNS) implementation to provide different IP addresses, depending on the source address of the DNS request.
This post shows an ARM template excerpt that first creates an EventGrid topic and then creates an API Connection for that EventGrid topic by retrieving the access key.
The main advantage of using a managed identity is that you don’t need to specify any credentials in your code. You don’t have to look for ways to store your credentials securely. Unfortunately there’s one problem. Managed identities can only be used with the HTTP connector. Use the HTTP connector with a managed identity to access Azure Key Vault. Use a service principal to access Azure Event Grid.
It’s tempting to import the Swagger file of a backend service into API Management and make it easy for yourself. It’s better to define the contract first and then ask the service providers to conform to this definition as much as possible.
The traditional approach to parameterize logic apps and/or API Management services is to use parameter files. As an alternative to parameter files, you can use variable groups in your DevOps release definition. Variable groups can be maintained by operators who have access to your DevOps team project.