Microsoft Azure

Microsoft/azure-pipelines-tasks This repo contains the tasks that are provided out-of-the-box with Azure Pipelines and Team Foundation Server. This provides open examples on how we write tasks which will help you write other tasks which can be uploaded to your account or server.

Azure DevOps Snippets

gist.github.com: This snippet contains the steps to generate a terraform plan and post it as a comment of a pull request in Azure DevOps

- script: |
    terraform plan -out tf.tfplan
displayName: Generate Terraform plan

- script: |
    terraform show -no-color tf.tfplan > $(Agent.TempDirectory)/tf.txt
displayName: Convert Terraform plan to text

- bash: |
    cd $(Agent.TempDirectory)
    ENCODED_URL=$(echo "$(System.CollectionUri)$(System.TeamProject)/_apis/git/repositories/${{ variables.SourceRepositoryName }}/pullRequests/$(System.PullRequest.PullRequestId)/threads?api-version=7.0" | sed 's/ /%20/g')
    jq --rawfile comment tf.txt '.comments[0].content=$comment' <<< '{"comments": [{"parentCommentId": 0,"content": "","commentType": 1}],"status": 1}' |
    curl --request POST "$ENCODED_URL" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --header "Authorization: Bearer $SYSTEM_ACCESSTOKEN" \
    --data @- \
    --verbose
env:
    SYSTEM_ACCESSTOKEN: $(System.AccessToken)
displayName: 'Post comment with Terraform Plan'

Azure AD and RBAC. Azure Tenant and Azure Subscription. Service Principal SPN

stackoverflow.com: What is the difference between an Azure tenant and Azure subscription?
marckean.com: Azure Vs Azure AD – Accounts / Tenants / Subscriptions
blogit.create.pt: Pros and Cons of Single Tenant vs Multiple Tenants in Office 365
learn.microsoft.com: Classic subscription administrator roles, Azure roles, and Azure AD roles
learn.microsoft.com: Subscriptions, licenses, accounts, and tenants for Microsoft’s cloud offerings
learn.microsoft.com: Azure subscription and service limits, quotas, and constraints
- learn.microsoft.com: Azure Active Directory limits
itnext.io: Secure Azure Cosmos DB access by using Azure Managed Identities Getting rid of passwords (or connection strings) while accessing Azure services and instead making use of Managed Identities is a way to increase the security of your workloads. Learn how to use Managed Identities in this article.
youtube.com: Azure Service Principal - SPN | Houssem Dellai
youtube.com: How to create Service Principals in Azure Portal | Raaviblog
techcommunity.microsoft.com: Dynamic user membership rules, Azure Active Directory Administrative Units and password reset! 🌟
learn.microsoft.com: Application registration permissions for custom roles in Azure Active Directory

Register applications in Azure AD. Authenticate apps and services

agrenpoint.com: Azure AD & Microsoft Graph permission scopes, with Azure CLI In this small post, we will look at a scenario where we want to register an Azure AD Application using specific scopes. When adding scopes for service principals using the Azure CLI we need to use the internal Ids. And one way would be to manually create one registration, get that app and then print out the scopes and then copy and paste.
medium.com/medialesson: Create Azure Active Directory App Registration with Azure CLI
inkoop.io: How to get Azure API Credentials How to create an application in Azure active directory and get subscription id, tenant id, client id, client secret and generate management certificates. You will need these keys to access Azure API.
docs.microsoft.com: Use the portal to create an Azure AD application and service principal that can access resource
medium.com/medialesson: Assigning Azure built-in roles vs Azure AD built-in roles with Azure CLI Depending on what action you are trying to perform in Azure you might require either to be member of a certain Azure role or a certain Azure AD role. For example if we want an identity to create an app registration in Azure AD we need the role Application Administrator which is part of the Azure AD roles. When we want to create a resource in a certain resource group we need the Contributor role which is part of the Azure AD and typically scoped to a either a subscription, a resource group or a distinct resource.
microsoftgraph/msgraph-sdk-powershell/samples: 9-Applications.ps1
vcloud-lab.com: Get started and configure certificate-based authentication in Azure
vcloud-lab.com: Create an Azure App registrations in Azure Active Directory using PowerShell & AzureCLI
nathannellans.com: App Registrations, Enterprise Apps, and Service Principals 🌟
- nathannellans.com: Application Registrations and Enterprise Apps - Part 2 🌟

Azure AD Pen Testing

zer1t0.gitlab.io: Attacking Active Directory: 0 to 0.9 🌟

Azure Arc. Azure’s Hybrid And Multi-Cloud Platform. GitOps with Azure Arc

Azure Arc overview Alternative to Google Anthos or RHACM
azurearcjumpstart.io - microsoft/azure_arc
- architecture diagrams and slides
techcommunity.microsoft.com: Standardize DevOps practices across hybrid and multicloud environments With Azure Arc-enabled Kubernetes, you can attach and configure Kubernetes clusters located either inside or outside Azure.
docs.microsoft.com: CI/CD workflow using GitOps (Flux v2) - Azure Arc enabled Kubernetes
thomasmaurer.ch: Run cloud-native apps on Azure PaaS anywhere
seifbassem.com: SSH into your Azure Arc-enabled servers from anywhere

Secure DevOps Kit for Azure

Azure App Service

Azure Application Gateway

Azure Functions

Azure Monitor managed service for Prometheus

techcommunity.microsoft.com: Introducing Azure Monitor managed service for Prometheus 🌟

Mobile Apps

Visual Studio App Center VS Azure Pipelines
itnext.io: How to setup CI CD pipelines for Android with Azure DevOps At Royale Cheese initially we had setup CI/CD for Android via Microsoft’s Visual Studio App Center (an upgrade of Hockey App), but last year they declared the retirement of MBaas which got us worried about the overall future of VS App Center. That was one of the reasons we wanted to switch away from it. Secondly, the free tier provided around 400 minutes of build time per month per account which would had been sufficient for other technologies, but Android takes around 15 minutes to create a single build and deploy. We all know what gradle is capable of 😉. So having multiple apps (both iOS and Android) in the same account didn’t fare well.
arjavdave.com: Continuous Integration: CI/CD for iOS (Part 1)
sahansera.dev: Multi-stage builds for Ionic Apps with Azure Pipeline Templates
sahansera.dev: Publishing Android Apps to Microsoft App Center from Azure DevOps
yoshevski.medium.com: Cost-effective Azure Devops and AppCenter integration
youtube: Signing & Versioning iOS & Android Apps | DevOps for Mobile

Powershell

PowerShell
PowerShell Gallery 🌟 The central repository for sharing and acquiring PowerShell code including PowerShell modules, scripts, and DSC resources.
PowerShell Community
reddit.com: PowerShell Core yaml support?
powershellmagazine.com
dbatools.io SQL Server instance migrations and best practice implementation.
thomasmaurer.ch: PowerShell: Download script or file from GitHub
deepinstinct.com: What makes powershell a challenge for cybersecurity solutions? 🌟
fedoramagazine.org: PowerShell on Linux? A primer on Object-Shells
sqlservercentral.com: Powershell Day by Day: Adding Help to Scripts
dahlbyk/posh-git A PowerShell environment for Git
blog.guybarrette.com: Powershell prompt: How to display your current Kubernetes context using Oh-My-Posh 3 🌟
jinwookim928.medium.com: Automation Script for Git Flow on PowerShell
youtube: Azure PowerShell account management with Azure contexts | A Cloud Guru 🌟 If you’ve been using Azure PowerShell, you might’ve noticed that when you launch a script, you’ll need to authenticate. When you have multiple Azure subscriptions with their own resources, this makes account management difficult. Mark Mikula demonstrates how you can manage multiple Azure subscriptions through Azure Contexts in PowerShell
hackingarticles.in: PowerShell for Pentester: Windows Reverse Shell We’ll explore how to acquire a reverse shell using Powershell scripts on the Windows platform.
hashicorp.com: Managing Terraform Cloud With PowerShell
acloudguru.com: The Beginner’s Guide to Azure PowerShell: One Shell to Rule Them All
dev.to: PowerShell Snippet System
techcommunity.microsoft.com: An example why PowerShell is so important!
jdhitsolutions.com: Profile PowerShell Functions
devblogs.microsoft.com: When PowerShellGet v1 fails to install the NuGet Provider
techcommunity.microsoft.com: An example why PowerShell is so important! Create 500 training (test) accounts
commandline.ninja: Use Powershell to find windows services configured to run as another user
techcommunity.microsoft.com: Use PowerShell to retrieve all assigned Intune policies and applications per Azure AD group!
softzone.es: Por qué me interesa más usar PowerShell en lugar de CMD
mssqltips.com: PowerShell for the DBA - If Else and Switch statements
4sysops.com: Use PsExec and PowerShell together How to run PowerShell commands remotely with PsExec
dotnet-helpers.com: Passing Local Variables to Remote PowerShell session
techcommunity.microsoft.com: Use PowerShell to search for accounts in Active Directory that have gone stale!
techcommunity.microsoft.com: Azure Storage Blob Count & Capacity usage Calculator This PowerShell script allow you to count and calculate Azure Storage blob usage for Soft Deleted / non-Soft Deleted objects, by Container, by Tier, with Prefix, and considering Last Modified Date. Azure Storage blob objects is defined as Base Blobs, Blob Snapshots or Blob Versions.
dotnet-helpers.com: Azure KeyVault Set and Retrieve Secrets using Powershell 🌟

Microsoft Graph PowerShell SDK

microsoftgraph/msgraph-sdk-powershell The Microsoft Graph PowerShell SDK is a collection of PowerShell modules that contain commands for calling Microsoft Graph service.
docs.microsoft.com: Get started witth the Microsoft Graph Powershell SDK Microsoft Graph Powershell replaces old powershell modules. It is also cross platform.
microsoftgraph/msgraph-sdk-powershell: samples
- Samples: how to create a corresponding service principal from an application
docs.microsoft.com: Microsoft Graph migration Due to the deprecation of Azure Active Directory (Azure AD) Graph, the underlying Active Directory Graph API will be replaced by Microsoft Graph API in Azure CLI 2.37.0.
techtarget.com: Get up to speed with PowerShell and the Microsoft Graph API Microsoft plans to retire technologies that admins depend on to handle Office 365 and other cloud services via PowerShell. Learn how to start with this newer management method.
rakhesh.com: Graph cmdlets and Azure AD App Registrations
blog.yannickreekmans.be: Secretless applications: add permissions to a Managed Identity Your Managed Identity needs permissions to access other Azure resources or even other Azure AD protected applications and APIs. This is how you do that!
- YannickRe/msgraph-utility-scripts
practical365.com: The Ups and Downs of Connecting to the Microsoft Graph Using the PowerShell SDK
practical365.com: Using Certificate-based Authentication with the Microsoft Graph PowerShell SDK

Powershell repos

Abhisheksinhacoder/collection-of-useful-scripts
jrussellfreelance/powershell-scripts
github.com/search?l=powershell
systemcenterdudes.com: Create Operational SCCM Collection Using Powershell Script
- prae1809/PowerShell-Scripts: OperationalCollections This script will create a set of 134 SCCM collections for your various needs. These collections can be used for operational tasks afterward.
- docs.microsoft.com: Introduction to Collections in Configuration Manager
github.com/Mr-Un1k0d3r/ATP-PowerShell-Scripts Microsoft Signed PowerShell scripts

Crescendo powershell module

Crescendo is an experimental module developed by Jim Truher, one of the main developers of PowerShell. Crescendo provides a framework to rapidly develop PowerShell cmdlets that wrap native commands, regardless of platform. The goal of a Crescendo-based module is to create PowerShell cmdlets that use a native command-line tool, but unlike the tool, return PowerShell objects instead of plain text.
devblogs.microsoft.com: My Crescendo journey
powershellgallery.com: Microsoft.PowerShell.Crescendo Module that improves user experience with native commands
visualstudiomagazine.com: PowerShell Crescendo Now Generally Available

Secrets Management with Powershell

Azure Resource Inventory

github.com/microsoft/ARI: Azure Resource Inventory 🌟🌟🌟 Azure Resource Inventory - It’s a Powerful tool to create EXCEL inventory from Azure Resources with low effort

Azure CLI. AZ CLI

Azure Run Command

IaC with PowerShell DSC Desired State Configuration

docs.microsoft.com: Desired State Configuration overview for decision makers 🌟
docs.microsoft.com: Using configuration data in DSC
octopus.com: Getting started with PowerShell Desired State Configuration (DSC) PowerShell DSC is an Infrastructure as Code (IaC) technology that uses PowerShell to create Managed Object Format (MOF) files, which Windows Management Instrumentation (WMI) can use to configure a machine. In other words, PowerShell DSC uses PowerShell to programmatically configure your Windows-based computers. Additionally, DSC can monitor the state of the configured resources to make sure your machines stay consistent. Along with monitoring, DSC can also automatically correct the configuration of your system, so it’s always in the desired state. PowerShell != PowerShell DSC

Azure Bicep

Bicep Bicep is a Domain Specific Language (DSL) for deploying Azure resources declaratively.
faun.pub: From Terraform to Azure Bicep: What You Need to Know about syntax

Azure Cross region Load Balancer

azure.microsoft.com: How Microsoft Azure Cross-region Load Balancer helps create region redundancy and low latency 🌟

Azure Traffic Manager

Azure Traffic Manager

Azure DNS

learn.microsoft.com: What is Azure DNS Private Resolver? Azure DNS Private Resolver is a new service that enables you to query Azure DNS private zones from an on-premises environment and vice versa without deploying VM based DNS servers. Customers will no longer need to provision IaaS based solutions on their Virtual Networks to resolve names registered on Azure Private DNS Zones and will be able to do conditional forwarding of domains back to on-prem, multi-cloud and public DNS servers.

Azure OpenVPN

Create an Azure Active Directory tenant for P2S OpenVPN protocol connections

Azure Security

techcommunity.microsoft.com: Security Control: Implement security best practices
github.com/Cloud-Architekt: Azure AD - Attack and Defense Playbook This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
devops.com: DevSecOps in Azure
learn.microsoft.com: SC-100: Design a Zero Trust strategy and architecture
- https://github.com/MicrosoftLearning/SC-100-Microsoft-Cybersecurity-Architect

Data Ingestion. Azure Data Factory

medium.com/codex: 7 Best Practices for Data Ingestion
- Data engineering is the practice of designing and building systems for collecting, storing, and analyzing data at scale.
- Data Ingestion is defined as the process of absorbing data from a vast multitude of sources, and then transferring it to a target site where it can be analyzed and deposited.
- A Data Engineer spends more than 50% of his time writing different pipelines that move data from one place to another. There are two basic frameworks to achieve the same:
  - ETL: Extract — Transform — Load
  - ELT: Extract — Load — Transform
- However, in both the frameworks the common element is to be able to extract the data and load it into another destination. This is Data Ingestion.
- On a broad categorization, there are mainly 3 types of Data Ingestion:
  - Batch-based Data Ingestion: Batch-based ingestion happens at a regularly scheduled time. The data is ingested in batches. This is important when a business needs to monitor daily reports, ex: sales reports for different stores. This is the most commonly used data ingestion use case.
  - Real-time/Streaming Data Ingestion:
    - The process of gathering and transmitting data from source systems in real-time solutions such as Change Data Capture (CDC) is known as Real-Time Data Ingestion.
    - CDC or Streaming Data captures any changes, new transactions, or rollback in real time and moves changed data to the destination, without impacting the database workload.
    - Real-Time Ingestion is critical in areas like power grid monitoring, operational analytics, stock market analytics, dynamic pricing in airlines, and recommendation engines.
  - Lambda-based Data Ingestion Architecture: Lambda architecture in Data ingestion tries to use the best practices of both batch and real-time ingestion.
    - Batch Layer: Computes the data based on the whole picture. This is more accurate however is slower to compute.
    - Speed Layer: Is used for real-time ingestion, the computed data might not be completely accurate, however, gives a real-time picture of the data.
    - Serving layer: The outputs from the batch layer in the form of batch views and those coming from the speed layer in the form of near real-time views get forwarded to the serving. This layer indexes the batch views so that they can be queried in low latency on an ad-hoc basis.
mssqltips.com: Choosing Between SQL Server Integration Services and Azure Data Factory

WinGet Windows Package Manager CLI

WinGet: Welcome to the Windows Package Manager Client (aka winget.exe) repository Windows Package Manager CLI (aka winget)
muycomputer.com: WinGet 1.0, ya está aquí el administrador de paquetes para Windows
thomasmaurer.ch: Getting started with Windows Package Manager WinGet

Windows 11

thenewstack.io: This Week in Programming: Windows Opens Up to Android Developers

Azure API Management

Azure Container Apps

Azure Container Apps Build and deploy modern apps and microservices using serverless containers
techcommunity.microsoft.com: Introducing Azure Container Apps: a serverless container service for running modern apps at scale

Azure Container Instances

azure.microsoft.com: Azure Container Instances Launch containers with hypervisor isolation
unit42.paloaltonetworks.com: Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

Windows Server Container Host

thomasmaurer.ch: How to Install a Windows Server Container Host

Disaster Recovery

docs.microsoft.com: Using Policy with Azure Site Recovery Disaster Recovery with Azure Policy. Learn how to enable Policy Support to protect your VMs using Azure Site Recovery.

Azure Samples (Boilerplates)

github.com/Azure-Samples 🌟 Microsoft Azure code samples and examples in .NET, Java, Python, Node.js, PHP and Ruby
- Azure-Samples/azure-pipelines-variable-templates This sample Python Web app demonstrates the use of variable template files in Azure Pipelines.
- Azure-Samples/jmeter-aci-terraform Scalable cloud load/stress testing pipeline solution with Apache JMeter and Terraform to dynamically provision and destroy the required infrastructure on Azure.
- Azure-Samples/azure-pipelines-remote-tasks
- Azure-Samples/jenkins-terraform-azure-example
- etc
github.com/azure-devops
Azure Quickstart Templates 🌟 Deploy Azure resources through the Azure Resource Manager with community contributed templates to get more done. Deploy, learn, fork and contribute back.
- https://github.com/Azure/azure-quickstart-templates
microsoft/azure-pipelines-yaml: Azure Pipelines YAML 🌟 YAML templates, samples, and community interaction for designing Azure Pipelines.
- microsoft/azure-pipelines-yaml: maven.yml

Azure Healthcare Data Services

Microsoft - DICOM Service
- github.com/microsoft/dicom-server OSS Implementation of DICOMweb standard
- github.com/microsoft/fhir-server A service that implements the FHIR standard
Project InnerEye – Democratizing Medical Imaging AI
- github.com/microsoft/InnerEye-Gateway The InnerEye-Gateway is a Windows service that acts as a DICOM end point to run inference on https://github.com/microsoft/InnerEye-DeepLearning models.
microsoft.com: Biomedical Research Platform Terra Now Available on Microsoft Azure

Office 365

o365reports.com: Office 365 Reports

Azure Books

azure.microsoft.com: Azure for Architects, Third Edition

Azure OpenAI

infoworld.com: Getting started with Azure OpenAI Microsoft’s Azure-hosted OpenAI language models are now generally available, and it’s surprisingly simple to use them in your code.

Images

Click to expand!

Videos

Click to expand!

Tweets

Click to expand!

Cloud Networking concepts you need to know before getting into being a good architect

⏬Here are the useful link 🧰

Thread🧵👇
— Satyen Kumar (@SatyenKumar) March 11, 2022

PowerShell cheatsheet#devops #devsecops #kubernetes #cicd #k8s #linux #docker #sysadmin #automation #technology #cloudcomputing #serverless #windows #powershell pic.twitter.com/zljv4ikFp3
— Valdemar (@heyValdemar) June 27, 2022

Are you looking to start a career in AI using Microsoft Azure?

Here are some of the best Azure services to learn:
— Simon (@simonholdorf) February 16, 2023