- 16
- 82 969
Azure App Modernization
United States
Приєднався 16 тра 2022
Create a managed identity to access a KeyVault
Create a managed identity to access a KeyVault
Переглядів: 4 301
Відео
How to Create a Github Action to Deploy to Azure Container Apps
Переглядів 3,2 тис.Рік тому
Build and deploy a containerized Azure Function into Azure via GitHub Actions! This video walks through the steps needed to create the Azure Container App, the service principal and then the builds the workflow file to deploy to Azure. Short and sweet, but I will follow up with more details on the docker file and how to configure it.
What is Azure App Service
Переглядів 1902 роки тому
Describes why the features of Azure App Service and how to deploy python and c# from the command line . The video also explains how PaaS is different from IaaS.
How to Setup Auth with Managed Identity - Build a CRUD API with Azure Functions and SQL server
Переглядів 12 тис.2 роки тому
Use managed identity to connect to SQL server from Azure functions. We'll create a CRUD API in two languages: C# and python. The API will read and write from the database. This is a typical use case for microservice architectures and using managed identity saves a lot of configurations and is currently a recommended best practice to secure your workloads. This video also deep dives into explain...
Connect Part 2: Notify Event Grid from Azure Function and Read Event from Logic App
Переглядів 3,1 тис.2 роки тому
Send a message from Azure Functions into an Event Grid, read that message from a logic App and write response into a storage blob. The video shows step by step how to set this up. These reliable serverless technologies can be used to seamlessly stitch together an application very quickly. Not only that, but they will scale very quickly as well. The video walks you step by step in the creation o...
Secure your secrets with Azure Functions & KeyVault
Переглядів 10 тис.2 роки тому
This video walks you through the process to connect KeyVault to your Azure Function using Managed Identity. This can come in handy to secure credentials or other configuration data and remove it from your source code. The video also shows an example of calling the function where the function reads from the KeyVault and displays the value on the screen.
How to Setup Authentication for Azure Functions
Переглядів 32 тис.2 роки тому
This video describes two ways you can setup authentication in Azure Functions: Key (token) based auth and Azure AD Integrated. The step-by-step video also describes what the different authorization levels do.
Connect Part 1: Azure Functions CRUD API connected to CosmosDB
Переглядів 2,8 тис.2 роки тому
This video shows how you can bind input and output data to your azure function. The video also shows how you can call the Azure Function from PowerApps and propagates data from the PowerApps to Azure Functions and then to CosmosDB. The code is edited in the Azure Portal using C# Script.
Use Azure Well Architected Framework to help you Modernize your Apps
Переглядів 2252 роки тому
We’re living in a future defined by accelerated innovation. Much of this innovation will be digital and will use a combination of Cloud-native technologies and frameworks. Modern workloads have greater agility, reliability, and security requirements. How will you tackle streamlining and modernizing your applications in this post lift and shift world? Which technologies do you refactor and when ...
Exploring Azure Well Architected
Переглядів 602 роки тому
Exploring the Azure Well Architected Framework and Assessments.
Onboarding functions in API Management
Переглядів 4612 роки тому
A demo of how to use Azure API Management in front of your Azure functions.
Quickly deploy Azure Functions using VS Code
Переглядів 11 тис.2 роки тому
This video shows your how you can deploy your newly created Azure Function from inside Visual Studio Code! This 3 minute video shows you how you can use the extension to deploy your code from the editor. Very convenient for projects where you just want to try our what you just built!
Running a Benchmark on Azure Functions
Переглядів 6232 роки тому
This video shows you how you can benchmark your newly deployed Azure Function! Using Apache benchmark (ab) you can send parallel requests to Azure Functions. You may need to update your VM SKU to make really push your functions hard.
Create an operations dashboard for Azure Functions
Переглядів 1,1 тис.2 роки тому
Shows you how to create a dashboard in Azure for your Azure Function! Now that you've deployed your Azure Function, you can create a custom dashboard with all the metrics you really care about.
Creating Azure Functions
Переглядів 1,5 тис.2 роки тому
Show you how you can create an Azure Function using Visual Studio Code! This quick video walks you through using the extensions in the marketplace to create an azure function in c#, Python and JavaScript.
Thanks for the great video sir. Please help me to know if Azur AD access is denied to me, what should I do. Where should I give permission in the azur portal and who should give. Kindly help me Sir
Excellent video, straight to the point, no water, just the meat. Thank you!
great video, very useful and thorough
Thanks!
Great video
Thanks man this worked
Your sound is shyte
This was beautiful, well done!
Too fast to understand..
can you share the git repo - thanks for the video
Nice and handy tutorial. Thanks for the video!
At 7:00 did you mean to do the Get and List on Secret permissions as opposed to Key permissions?
You are going too fast....what's all the hurrying about. It's very hard to follow with you going at a million miles an hour, even when watching it back
My SQL SERVERE MANAGED INSTANCE. is on a different resource group and different subscription that of Azure Functions and Data factory can you please tell me how to resolve this. Your help is highly appreciated
You may be able to move your resources across subscriptions and resource groups. In order to find out, open up your group and select "move" on the overview screen. Select the target resource group and then the resources. The system will run a validation and let you know if a move is allowed. Finally select move to start the process.
learn.microsoft.com/en-us/azure/azure-resource-manager/management/move-resource-group-and-subscription#use-the-portal
Great video . I don’t seem to find the deploy icon . I see only refresh , function but not the deploy icon . Can you please help ?
Amazing video. Please advise how to create tests for the app?
Acess policies section work moved to Acess Control(IAM)
You two have a great communication style. Thank you for sharing.
Excellent walkthrough and provide the overview in only 20 minutes. Thanks
How do can you do this setting from the local machine during the debug?
I am wondering the same thing. I really like this approach but if I won't figure out if this can be used in the local machine the reality is that I probably can't use it.
how to get a token to use from postman and alikes?
I cover this in the video around 3:45 and 4:15. Depending on if you're using Host/Admin authorization or Function Authorization.
Thank you for the video. Can you secure an api key in key vault so only ie an android app can call the function?
If you put your key in the vault as a secret, you can grant a specific service principal access to the secret. Your android app can then use that particular service principal to access the secret ( and its value). There is nothing that limits the principal to only be used on Android, however. Did I understand your question correctly?
@azureappmodernization9036 thank you so much for taking the time to reply. but how is this better than storing the secret key in the android app since you will need to store the service principals credentials in the app?
What if my client is a NextJS application running on App Services? I gave the proper API permissions, but can you please explain how to send a request from inside the application and not through the CLI?
To define the timezone in Azure functions for Timer trigger, do we need to set up the environment variable as you did or at different location?
Sorry for the delayed response here: You should be able to set the timezone by defining WEBSITE_TIME_ZONE in your app settings. learn.microsoft.com/en-us/azure/azure-functions/functions-bindings-timer?tabs=python-v2%2Cisolated-process%2Cnodejs-v4&pivots=programming-language-python#ncrontab-time-zones
Hello, at 8:52, why is it important to select Deployment Slot setting? I don't use deployment slots, do I still need to select it?
Deployment slot settings are for deployment slots, otherwise a 'setting/environment variable' does not need to be a deployment slot settting.
@@siyabongamngomezulu3775 , I am not seeing it as a requirement in any of the docs. Sorry about the mis-statement in the video. Good catch @conaxlearn8566
Thank God for for you. This is exactly the information I am looking for! Very much appreciated!
Hello, love the video. I don't see a dropdown for "Functions"... all I see are 2 dropdowns: "Resources" and "Workspace".
i I love this video, exactly what I needed
This was great, thank you
Thanks!
This video is really helpful. This saved my exploration time.
thank you! very useful and well explained... do you have any example about an endpoint to generate token?
Very good video. I like the schemas you made for architecture purposes. It gives a nice overview.
Hi, how to authenticate function using client certificate from logic app?
Getting this error: Error: Command "func --version" failed with exit code "1": 'func' is not recognized as an internal or external command, operable program or batch file.
Have you installed the functions core tools ? learn.microsoft.com/en-us/azure/azure-functions/functions-run-local?tabs=v4%2Clinux%2Ccsharp%2Cportal%2Cbash
Crisp and clear 👍🏻👍🏻
Amazing tutorial.
Glad you liked it
@@azureappmodernization9036 Hey just a question, if the functions are not http triggered, say queue triggered then key mechanism is the only way to authorize the functions right ? I do know that managed identity is a way, but I’m sure we can’t have an app registration in this case. Am I correct ?
Easy to follow, lots of information. Cheers!
Glad you enjoyed it!
@@azureappmodernization9036 Do you think a JWT flow woudl make sense for a azure function or should i go for AD-Auth a) in general? even for CI/CD use cases like text-2-speech translations b) as API/ Fetch for my Vue frontend
Thanks for this. I actually did something similar recently but mine was getting a certificate stored in key Vault in my function app
Where can we find the source code for this?
Thanks but a bit confused as to why you had to create two app registrations? You created nvm-addemo-... and also ADClient. What is the purpose of that?
(Apologies for the late reply) If I understand your question correctly: You have 2 entities: The caller and the function. In the first part of the video, I register the function with an identity (app registration) and then a role that we need to be in place to call the function. In the second part, we need an identity to call the function and we associate the role the function needs with that identity. When the call is made this occurs (in a similar order) , the function asks AD: "Is the caller allowed to call me?" So AD will challenge the caller with auth information. The caller logs into AD (with client and secret), AD gives it a token that is valid for a period of time. The caller resends the request to the function, which asks AD the same question again: "Is the caller allowed to call me?" AD looks up the bearer token the client sent it and validates it, it then looks up the caller's app role and matches it with the function app role. If all looks good, it tells the function that security checks have passed.
@@azureappmodernization9036 Thank you, makes perfect sense! Seems I was just looking at it from a different perspective.
Great explanation ❤
Where was the authentication. Misleading title
Sorry, I should have been clearer in the content. This video shows how to use AD for identity and then you use RBAC to authorize that identity. The first step is to give the function an identity. You can provide you own identity certificates, or you can let Azure manage the identity lifecycle for you. Once you assign the managed identity, you turn on AD authentication which will validate the identity for every connection. Then on the SQL side, you use RBAC to grant access to that identity. So, the combination of these statements: CREATE USER [FNName] FROM EXTERNAL PROVIDER and ALTER ROLE db_datareader ADD MEMBER [FNName] will grant the identity 'FNName' reader access.
still in pre-release :(
Excellent content sir, thanks for share it
My pleasure
Hello, I tried to do the same as you did in the second part of the video but I get the error : AADSTS500011: The resource principal named api://.../... was not found in the tenant named .... This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant. I have checked the configuration several times.
Very useful, thanks for this!
I was struggling to trigger an azure function from a Event Grid Trigger using Logic App. There are so many posts and examples given for Javascript and C#. I really appreciate you sharing an example in Python to do the same. Thanks to your tutorial I could get my app running in no time :)
So logic app uses Event Grid to call Azure Function? ok.. thanks for the suggestion.
I was able to get this to work, but not sure when I can get it recorded.. basically you publish from logic app using eventGridpublish connector and then add an eventGrid subscription that invokes the function app. when the logicapp is invoked, it won't matter which language the function is in. Does this help?
Thank you for sharing how to add secrets from our azure key vault into our azure functions. The process you demonstrated was easy to follow and worked without errors in the first go!
Thank you for a great video. It gives a lot of knowledge. How you planning to create similar video using System Managed Identity?
Hey Kaps! Glad you liked it! The SMI video is up as well. Look for the title "How to Setup Auth with Managed Identity" . I also show how to create a CRUD API against SQL server in that video.
Thanks for this content! it's helped me a lot.
Glad to hear it! I plan on creating many more of these, so let me know if there's something you're interested in.