Azure

Blue-green deployment starter pack. TL;DR I want to share a simple way to start with blue-green deployment. From the diagram to the working solution. Please check my sample GitHub repository with the bicep sample for Azure FrondDoor and Azure App Service (two instances). Reason I want to start with the meme - but it is not - it is a real case! Do you want to check the newest .Net Framework with your (legacy) application? Or do you want to test a clean deployment process for your infrastructure? In the perfect scenario, 100% test coverage and integration and E2E tests for each service and delivery team will bring you 99.99% confidence in the deployment process. But in the real world, I’m not blaming, but the standard case is that a secret, password, or production endpoint can fail and disable the whole application for seconds, minutes, or hours. ...

Tl;dr I will show you typical CIAM challenges, scenarios, diagrams, and links to the repositories with the implementation of the new Azure Service—Entra External ID for Customers (CIAM). Big Picture Link to bigger picture. Introduction Entra External ID for Customers is a new Azure Tenant type that allows you to create digital identities for your customers. It is a separate tenant type, not connected with your organisation’s tenant. I want to show you typical CIAM challenges with the diagram (big picture). We will go through the diagram step by step, and I will show you possible solutions. ...

TD;DR :megaphone: Announcement :megaphone: The Factorlabs Bank mobile :mobile_phone: application is now available. The primary purpose is to demonstrate the business cases for Verifiable Credentials. Visit the Factorlabs VC Bank on the Google Store at https://play.google.com/store/apps/details?id=eu.factorlabs.android.bank.wallet Details The Verified ID service was used to build a payment system. Big Picture Actors Bank Customer Uses Factorlabs VC Bank Application on the Android device. Can create a bank account. Can use bank account to pay via supported eCommerce websites. Bank System Can create a bank account for the customer. Can transfer money between accounts to support the payment process. Can return account balance. eCommerce Websites Can ask for the bank account number. Can receive the payment. Demo overview ...

TL;DR NoSQL is a database that can store data in a non-relational way. It is a totally different approach to data storage than SQL databases. You need some time to understant the concept, but it is worth it. Int the public cloud you can use Azure Cosmos DB, from AWS DynamoDB. The storage is fast and scalable, but remember it totally different from SQL databases. Check: Designing Data-Intensive Applications Alex DeBrie - DynamoDB Book NoSQL is amazing Check my favourite cases and build features like: ...

Entra External ID for Customers is a new Azure Tenant type that allows you to create digital identities for your customers. Use cases B2B partners. You can create a dedicated customer tenant for your partners and give them access to your applications, manage users and groups in the tenant without partners’ access to your organisation (workforce tenant). Your data is fully secured and isolated. Online services and web shops for your retail. Full self-service is available to sign up/sign in and manage their accounts. You can also use social logins like Google or Facebook. Product pages, helpdesk and support. Keep customer engagement and provide them with the best experience. Cross-device authentication. User-friendly experience to log in on the TV screen, medical devices, or any other IoT where you can display a QR code or PIN to log in. What is Entra External ID for Customers? In simple words, it is a new tenant type. From now you can decide Workforce or Customer type. It is a new tenant type to create - so for customers, it is separate - and not connected with your organisation’s tenant. Please remember that the service is still in preview mode - but only till the 15th of May, so only limited features may be available. Service will be GA soon!! ...

TL;DR You decided to build a web application in Azure - great! The solution contains App Service, CosmosDB, Blob Storage or other resouces. You started with really simple solution, but as IT Pro you decided to build three environments: Development, Test, and Production. You also decided to use Azure API Management to manage your APIs. You are aware of the security risks and you want to protect your resources. Please fallow my suggestion to use Azure FrontDoor and API Management to protect your resources. ...

Here are some tips that can help you with user management: Use CIAM User Interface to create a new user: with Azure AD B2C Policy - User Journey, you can create a single point for all applications to create a new user, making the process efficient, streamlined, easy to improve and change. Don’t share personal information with applications: Adopt a zero-trust approach to avoid sharing personal information with applications. Instead, you can use centralised communication with end-users for marketing and other purposes (It is only possible with some business cases). Avoid using email addresses as user identifiers: Not sharing them reduces the possibility of them being used as identifiers by new and migrating to CIAM applications. Also, for all primary cases, email is a basic user identifier (with password); hiding email from applications gives you independence and flexibility in the future - for example, using FIDO or Passkey or without keeping an email address. Use REST|SCIM API with temporary access for applications: This can be useful for migration purposes, as it provides temporary access for applications - granting limited time-frame access so you can easily monitor API usage. The main channel for sign-up users is the User Interface (Policy) - (KISS rule - it will be easier to maintain one component). Use CIAM solutions like Azure AD B2C for password security: These solutions take care of passwords and other security measures for you, so you don’t have to worry about them. Remember that you don’t have access to the user passwords via API or management portal. ...