Skip to main content

Posts

ARM templates - iterate & deploy resource

Welcome file Original Post here Background 🧐 I like ARM templates, I use it a lot to deploy Azure cloud resources but as all things it has some pain points associated with it. In this post, let’s see how you can iterate over based on certain logic and deploy multiple resources using linked templates. As it stands out this logic of iterating over and deploying multiple instances of a resource tripped me a lot in the beginning. Walkthrough 🏃 Let’s work through the whole process of writing an ARM template which deploys multiple resources. Github Repository - ArmTemplateLoopExample This is a simple post demonstrating looping logic I often use, feel free to sprinkle your own best practices & modifications on top e.g. storing templates in a private Cloud blob container, adding more parameters, names etc. Scenario Let’s take a scenario of deploying many storage accounts based on the user input. Ideally, if you’re in this situation you should write 2 temp

Azure Vms Resource Graph Queries

Welcome file Original Post Why use Resource Graph instead Az CLI/ PowerShell? If we want to search for resources meeting certain criteria across all our subscriptions, we can’t use Az CLI or Az PowerShell to do this type of queries since it would require a lot of overhead to filter and switch between subscription contexts. Pesudo-Code (not so performant) Foreach subscription in subscriptions: set Az Context Get the VMs, Filter based on criteria Resource Graph queries can help here, as they can be used to fetch metadata about the resource and then after their presence is validated, maybe perform some operation on it. With PowerShell we can even group these resources together based on SubscriptionID and then iterate over each subscription (set the right context) and perform actions. Pesudo-Code (single query and performant) Query Azure Graph for resources based on criteria across all the subscriptions In this post, I share some of the Resource Graph Que

AKS PowerShell Tip - Add Authorized Ip

Welcome file Background 🐼 Recently, I found out that there is no sane way to perform adding a public IP address to the authorized IP address ranges using either the Az CLI or Az.Aks PowerShell (no cmdlets available yet) module. From the official docs it says to use something like below format with Az CLI. az aks update \ --resource-group myResourceGroup \ --name myAKSCluster \ --api-server-authorized-ip-ranges 73.140.245.0/24 But it doesn’t tell you how to append the IP to the range, instead you need to supply a comma separated value of public IP addresses. Challenge ☁️ Well, this is can be done by using Az CLI with PowerShell or Bash and parsing output then generating a comma separated string and passing it back to Az CLI 😞 Solution ⚡️ Often, when I am hit with such limitations with cmdlets or Az CLI making life hard. I go back to using simply the 2 cmdlets provided by Az.Resources module. Behold mighty! Get-AzResource - Gets the Az

Azure DevOps Tips & Tricks - Find private REST APIs

Original source -  Azure DevOps Tip - Find private APIs Often working with Azure DevOps, I hit a wall trying to automate some tasks but there are no REST API's made public yet. It was one of those task of automating creation of Environments in multi-stage YAML based pipelines in AzDO. Quick research reveals that this has been requested in uservoice  (please upvote). Let's see one of the very simple ways to discover some of these APIs.

Az DevOps CLI - Fetch all Pull Requests assigned to a user

I wrote a sample PowerShell code snippet to crawl across all opened Pull requests in multiple repositories inside an Azure DevOps project and list the ones out where myself or the team/group I am part of assigned as a reviewer. End result is this:

Az DevOps CLI : Query Release(s) definition for a Task status

Someone, asked me at work if I could generate a list of Release pipelines definitions which did not have a specific task ( AzSK SVT task ) missing or disabled. This was more for an internal audit purpose and can definitely be built upon. I recently read that Az CLI got an extension support for Az DevOps . Please read on the GitHub repository on how to install this extension for Az CLI. Time to put this to try. Below gist describes the steps I used in pwsh (PowerShell Core) with Az CLI & DevOps extension installed. The above script should be self explanatory (read the comments). Please leave a comment if you have any queries.

Azure + GoLang SDK : Authenticating Part-2

The auth package lives at "github.com/Azure/go-autorest/autorest/azure/auth" In the above package, at the moment I have explored below two functions (my notes): NewAuthorizerFromFile method NewAuthorizerFromEnvironment method (this post)  This function definition looks like below :