Search results

Linux Azure AD authentication options

Introduction There are several ways to do Linux Azure AD authentication. In other words you can log in to your Linux hosts Azure Active Directory ("Azure AD") credentials in various ways. Azure, Microsoft's public Cloud, builds on top of Azure AD. In fact, your Azure users, groups, roles and role assignments are stored in Azure […]

Terraform downloads the deprecated azure provider

You are 100% sure that all your Terraform resources are using terraform-provider-azurerm, yet Terraform attempts to download the deprecated "azure" provider: You grep the state file and find no references to the "azure" provider. You assume that the cause is some nested module that depends on it, but no, that's not it. You run "terraform […]

Azure Private DNS and VPN Gateway

What is Azure Private DNS? Azure Private DNS is a DNS service for Azure virtual networks. You can register a private DNS zone to Azure Private DNS and then link that zone with one or more virtual networks. If you enable DNS auto-registration for a virtual network, a new resource (e.g. virtual machines and VPN […]

Azure function monitoring with Azure Monitor and Application Insights

Microsoft Azure provides a metrics and monitoring framework called Azure Monitor. With it you can monitor your Cloud infrastructure and services running there. You can view graphs of the metrics, alert on threshold and all that usual stuff, just like in AWS Cloudwatch. Some Cloud resources like Azure Functions expose "a limited number of useful […]

Enabling Azure Backup on Linux VMs with Terraform

This article shows you how to enable Azure Backup on Linux VMs. It is recommended to read the Understanding Azure Backup for Linux VMs article first before trying to enable backups with Terraform. Terraform AzureRM provider has three relevant resources: azurerm_linux_virtual_machine: parameters provision_vm_agent and allow_extension_operations should be true or enabling backups will fail (with or […]

Understanding Azure Backup for Linux VMs

Azure Backup is an Azure service that allows, among other things, backing up Windows and Linux VMs in Azure. The backups are essentially virtual machine snapshots, but backing up and/or restoring individual files is also possible. This article tries to explain how Azure Backup and Linux VMs interact and what is required for them to […]

Terraform, Azure and MissingSubscriptionRegistration

When deploying with Terraform to Azure you may sometimes encounter errors such as this: The problem is that in Azure you may need to register the provider for the service you intend to manage with Terraform. If you add resources from Azure Portal this registration part is handled automation. In the above case the Azure […]

Modern cronjob part 1: Azure Automation with Terraform

Microsoft Azure has a nice service for scheduling tasks called Azure Automation. While Azure Automation is able to other things as well, such as being able to act as a Powershell DSC pull server, we'll focus on the runbooks and scheduling. Runbooks are scripts that do things, e.g. run maintenance and reporting tasks. Runbooks often, […]

Windows domain in Azure

I wrote this article to better understand all the pieces called "AD" or "Active Directory" in Microsoft Azure fit together. The pieces are as follows: Active Directory (AD): The is the classic on-premise Active Directory with LDAP, Kerberos, group policies and all that. Traditionally Windows machines in larger environments have been domain-joined to on-premise AD. […]

Managing OpenVPN-based Azure VPN Gateway certificates with easyrsa3

The Azure VPN Gateway supports the OpenVPN protocol (except the "Basic SKU"). Unlike, for example, the commercial Access Server, the VPN Gateway does not have a built-in certificate authority (CA) tool for managing client certificates. And client certificates are essentially a requirement if you need to support clients other than Windows and Mac, such as […]

Terraform Azure resource provider registration fails

Terraform has good support for Microsoft Azure through the Terraform Azure provider and the AzureRM backend. However, you may hit a glitch when adding or importing resources if you lack permissions to register Azure resource providers: At first glance this error look cryptic, but it is quite clear once you understand what Azure resource providers […]

OpenVPN server options in Azure

OpenVPN is among the best VPN solutions, especially when you need a cross-platform (Windows, Mac, Linux, Android, iOS) solution that just works. It is best suited for point to site (P2S) or "road warrior" setups where users access internal resources using a VPN client when on the road. When setting up OpenVPN server in Azure […]

Delegating external parties access to Azure

In Microsoft Azure you can grant an external user ("contractor") guest access to your Azure subscription. The approach is quite different from what AWS uses (see Delegating external parties access to AWS). Here we grant access to [email protected] using the Azure Portal. Preferably [email protected] would already exist as a Microsoft account. Login to your Azure […]

Cutting down Azure storage costs for a Marketplace seller

A few days ago I looked at our Azure costs and they were around $8. That's a ridiculously small amount, except for the fact that we don't really use Azure for anything. So I started investigating. After having published the Configuration Manager (Puppet master installer image) and LibreNMS in Azure Marketplace I knew that we […]

AWS to Azure resource translation table

We use Terraform for managing our Cloud infrastructure. Our customers typically use AWS and that's what we're most familiar with. Each public Cloud has its own terminology, so this page is a translation table between Terraform resource names in the AWS and Azure providers: AWS Azure aws_instance azurerm_linux_virtual_machine aws_network_interface azurerm_network_interface aws_security_group azurerm_network_security_group aws_security_group_rule azurerm_network_security_rule aws_vpc […]

Categories

#aad #Access #acl #alertmanager #ansible #ansible module development #Apache #API #augeas #authentication #authorization #automation #automatization #aws #azure #backup #bash #bitbucket #buildbot #cache #centos #cloud #cloud-init #cloudflare #cloudfront #cluster #connectionsJpa #control repo #custom fact #database #debian #devops #digital sovereignty #DNS #docker #domain mode #duplo #edenred #ejabberd #email #encryption #erb #europe #eyaml #fabric #facter #facts #fargate #fedora #file #finnish #foreman #freeipa #git #github #gitlab #gnome #google #grafana #hammer #hiera #IAM #import #infinispan #Infrastructure as Code #ipmi #irc #jboss #jdk #jenkins #JMESPath #json #kanban #keycloak #letsencrypt #librarian-puppet #librenms #linkedin #Linux #Location #loop #marketing #mautic #Mellon #mfa #microsoft #monitoring #mysql #nagios #network-manager #oauth #oauth2 #office365 #oidc #openshift #open source #openvpn #oxygen #packer #paranormal #pdk #people #php #pkcs7 #pomodoro #Powershell #preseed #presentation #profiles #prometheus #provisioning #puppet #puppet-bolt #puppet-litmus #puppetboard #puppetdb #Puppetfile #puppetserver #puppet types and providers #pxeboot #qemu #quality #r10k #rds #recruitment #redirect #Restrict #Reverse Proxy #robotframework #roles #rspec #ruby #SAML #selinux #sem #shell #showsql #snmp #snmpd #software developement #spam #ssh #sso #standardization #systemd #systemd-resolved #teams #terraform #twilio #ubuntu #user-data #vagrant #vanity awards #variable #vim #virtualbox #visualstudio #webdevelopment #wildfly #Windows #wireguard #wordpress #workflow #x11 #xmpp #zimbra
We are
 Puppeteers
menucross-circle