One needs to enable Diagnostic Settings to gain detailed insight into the Azure infrastructure. For example you want to see who has accessed Azure Key Vault, or what kind of traffic is allowed/denied in Azure Firewall, or what clients using…
Bulk execute bash on Linux VMs in Azure
Suppose you have hundreds of Linux VMs in Azure across dozens of Azure subscriptions and you would like to run some commands programmatically on them. Each VM in Azure gets what they call guest agent, that helps the underlying Virtual…
Get all Access Policies of All Azure Key Vaults
There are several ways to secure Azure Key Vault’s Data Plane. If you have configured it to be secured via Access Policies, often time it is advisable to audit the assignment at regular interval to ensure that no unwanted user…
Search Azure resources by tag
There are many ways to organize resources in Azure and one best practice is to set tags and be able to query resources based on tags. Most commonly, tags are used for cost management where filters and dashboards can be…
Develop Azure Dashboards from Legacy Application Custom Logs
Overview and Problem You have an application (for example a desktop application, an application running in baremetal IIS, a console application, a Windows Service, so on..) that is producing custom application logs, CSV, Kafka middle-ware or so, being stored in…
Azure Policy: Restrict Azure Functions from using Consumption Plan
Azure Functions can either use a Consumption or a Premium/Dedicated/other for execution and pricing. Consumption plans are good when you want to stay dynamic in terms of how you want to scale up based on the utilization and you can…
Best Practices: Migrating On-Prem Linux Virtual Machine to Azure
Satellite Repositories / Repo Configs You may have satellite (local) repositories on your local On-Prem where your Linux VMs used to download the package updates and those On-Prem satellite repositories maybe are no more accessible from this newly spun VM…
Setting up Forwarding Bind DNS Server in Azure Linux Virtual Machine
The objectives are to setup a forwarding DNS server (maybe only exposed to our internal VNET) that redirects all the incoming queries to the Azure Magic address (168.63.129.16) and responds to the results. Set this up in an Azure VM…
How-To: Agentless Monitoring Azure Virtual Machines
Monitoring VMs without agent in today’s cloud-agnostic multi-cloud generation is every DevOps team dream. Agentless VM monitoring is technique and a migration path to consider of temporarily moving and testing waters on Azure while you transition your workload from AWS…
Get Azure Consumption Usage Details by Tag
Often times customer ask a unified and straightforward way to get the usage details of an Azure subscription programmatically. The Azure Powershel cmdlet Get-AzConsumptionUsageDetail can be used to find the usage detail with a number of parameters. Select the correct…