Defining RBAC Role Assignments in ARM Templates

It’s no secret I’m a big fan of Azure Resource Manager (ARM) templates. Getting started with ARM templates is hard, but well worth the effort, and make it significantly easier to have reproduceable, consistent deployments of your Azure resources. One thing that I had been feeling left out, however, was...

Issues when deleting azureFile dynamic volumes in Kubernetes

I’ve been doing a lot of work lately with Kubernetes and Azure Kubernetes Service in particular. For this, I’m using the azureFile storage provider to support providing storage folders for my pods. For one specific case, I’m using dynamic provisioning of persistent volumes, as described in the documentation. This has...

AzureFile Persistent Volumes Retain Issue

A bit ago, I posted about some issues around permissions when using static provisioning of Azure File volumes in Azure Kubernetes Service (AKS). In there, I mentioned that the workaround was to use explicit Persistent Volumes so that the right mount options could be created. Since then, I’ve run into...

AKS Service Principal Credentials

When creating a new Azure Kubernetes Service (AKS) cluster, you must define a Service Principal in your Azure Active Directory Tenant that will be used by the cluster to do operations on the Azure infrastructure later on. The documentation states: On the master and node VMs in the Kubernetes cluster,...

AKS and Azure Files Permissions

Saving this here for my own recollection later on. Warning, a bit of ranting ahead. Recently, I’ve been running a lot of trials on top of the Azure managed Kubernetes Service (AKS). One key feature that I needed was the ability to provide services deployed to an AKS cluster with...

AKS Node Troubles

I’ve been having lots of fun this past week running some interesting experiments on Kubernetes. For simplicity, I created a single-node AKS (Azure Kubernetes Cluster) using a B2S instance on Azure. Everything worked perfectly until Friday afternoon. At some point, I noticed that every operation on the cluster appeared to...

Viasfora v4.0 Update

For the past few months, I’ve been slowly improving my Visual Studio Extension, Viasfora. Version 4.0 was recently released, and besides regular bug fixes and some much needed refactoring, I also implemented a brand new feature: Rainbow Lines. For now, this feature is disabled by default, while I iron out...

API Management Sign-in Tenant

Azure API Management supports multiple identity providers for the Developer Portal. One of these is Azure Active Directory. A common complaint, however, was that when enabling AAD authentication on the developer portal, the sign-in experience would use the default look-and-feel of AAD rather than your organization’s customized sign-in pages. The...

Re-creating a subscription in Azure API Management

Yesterday I ran into an interesting scenario with Azure API Management. A customer had a production API Management service instance, on which they had a subscription to a product that was used by a mobile application. Somehow, the subscription got deleted, which immediately broke the client application, as it could...

Azure SQL Database Service Principal not present in AAD

A while ago, I wrote a post about enabling authentication to Azure SQL Database using delegated token credentials. A kind reader reported the following issue: I am currently not able to see the Azure SQL Database API in the list of API’s from the Azure AD App that I have...