Thoughts from the clouds
Azure PaaS service networking is quite a complex landscape to navigate. Documentation in Azure about this topic is located in different areas (under Networking and each specific PaaS service), and sometimes using inconsistent terminology. My goal in this blog post is setting a classification of PaaS services that can be used to navigate this complexity. … Continue reading Taxonomy of Azure PaaS service access
After last week’s almost-philosophical post on network complexity, let’s move on to more mundane tasks. Today I will focus on how to write efficient Terraform code to connect private endpoints and DNS, without having to copy/paste literally hundreds of lines. First things first: what the heck am I talking about? Private endpoints are a way … Continue reading DRY Terraform code for Private Link and DNS
This one is going to be about a setup I recently tested with a customer: an Azure Data Factory pipeline needs to send email notifications via Azure Logic Apps, and it needs to do so by securing the network between the Integration Runtime and the Logic App that sends the email. The challenge here is … Continue reading Calling Logic Apps from Data Factory securely
I often get asked about the differences between Azure Networking and a traditional, on-premises network. I have been hit with a flu the last few days, so I had some time to think about this, and I decided to start writing whatever thoughts were not actually the result of the fever. In this post I … Continue reading Azure Networking is not like your on-onprem network
As you might already know, Azure DNS Private Resolver is an Azure service that support DNS forwarding between Azure and on-premises DNS servers. It is very useful to provide Azure DNS resolution to on-premises clients (for example to access private endpoints), or to provide on-premises DNS resolution to Azure clients (to access on-prem resources). Last … Continue reading Azure DNS Private Resolver without VNet Peerings
Today I came across a concept while not being too new in Azure, I had not met before: Private Link Scopes. This is something that specific services do, more concretely Azure Arc and Azure Monitor (see here for the official docs on how to configure this for Azure Monitor). In the case of the latter, … Continue reading Private Link and Azure Monitor: what is an AMPLS?
Hey there! I have recently published a new Azure Sample: ACI in VNet with Sidecar Containers. It has generated a bit of controversy (there is a reason why I picked such a crowded image for the post title), so let me add some color to it. But let me give you the TL;DR first: the … Continue reading New Azure Sample: ACI in VNet with Init and Sidecar Containers
In this part of this blog series we will have a look at how Azure Redhat Openshift works with Azure Private Link, as well as how DNS resolutions works including DNS forwarding to resolve on-premises private zones. You can find the other parts of the blog series here: Part 1: Intro and SDN Plugin Part … Continue reading A day in the life of a Packet in Azure Redhat Openshift (part 4)
If you are reading this, you probably already know what Azure Private Link is: a representation of a service such as Azure Storage, Azure SQL Database, Azure Application Service, or even some application running in a different Virtual Network, in your own Virtual Network with a private IP address of your own. This is a … Continue reading Filtering traffic to Private Endpoints with Azure Firewall
Cloudtrooper 