Microsoft Azure Government DC is a group created for anyone in the IT world modernizing government with a goal of bringing real-world lessons to innovators in Government. AIS has supported and presented during these events when there were just 5 members. Now, the group in nearing 4,000 members. In March, we presented on Authority to Operate (ATO) and Compliance in Azure Gov. Check out the recording and overview below. Here’s What You Missed AIS Cloud Security and Compliance Solutions Architect, […]

Spring Framework is one of the most popular frameworks for application development using Java. Spring Boot is one of the top modules of Spring Framework, which is widely used to build enterprise-grade highly scalable backend applications. Spring Boot is very popular to develop microservices using open-source technologies, and its Pivotal Team develops it. Microsoft and Pivotal/VMware build and operate Azure Spring Cloud, a native Azure service offered as Platform as a Service (PaaS) and available on Azure Marketplace. Why Use […]

If you want to create robust automated workflows in Azure, integrating Azure Logic Apps with Azure Functions can be a valuable solution. A logic app is a PaaS (Platform as a Service) that offers extensive options to create powerful workflows. This service is beneficial if you need a structured series of events to support your Azure-hosted application(s). To craft workflows, you can use a “no-code” method. Azure Logic Apps offers a graphical user interface approach to creating workflows, which bridges […]

Before you start deep dive for implementing DevSecOps in this blog post, please review the fundamentals of DevSecOps in my first blog post. It will help understand the ‘Sec’ in DevSecOps and get up to speed on various security tools for implementing DevSecOps in your CI/CD pipeline. Although there are many code repositories tools with CI/CD built-in, this blog walks through GitHub and its security scanning tools for DevSecOps implementations. This blog post provides a GitHub repo for you to […]

Azure Data Factory (ADF) has introduced a feature called Managed Virtual Network (MVN) to connect Azure PaaS resources securely and privately from on-premises without opening corporate boundary firewall to Azure PaaS public IPs. To run an on-premises backend job using PaaS services such as Azure Storage, Azure SQL, a corporate boundary firewall may need to be opened to Azure PaaS service public IP addresses. If you receive pushback from InfoSec to punch a hole in the firewall, you are not […]

Have you spent a lot of time getting comfortable using Team Foundation Server (TFS) or Azure Pipelines only to be switched to GitLab CI/CD for a project? That’s what happened to me about four months ago. Since then, I’ve been learning the differences between the tools. There are several differences between Azure Pipelines and GitLab CI/CD that I’ve experienced. This post aims to be a primer for you to understand these differences and save you a lot of research time. […]

Databricks provides a robust notebook environment that is excellent for ad-hoc and interactive access to data. However, it lacks robust software development tooling. Databricks Connect and Visual Studio (VS) Code can help bridge the gap. Once configured, you use the VS Code tooling like source control, linting, and your other favorite extensions and, at the same time, harness the power of your Databricks Spark Clusters. Configure Databricks Cluster Your Databricks cluster must be configured to allow connections. In the Databricks […]

Introduction PowerShell DSC is possibly one of the most potent configuration managers for Windows Operating Systems. Even with the increase in popularity of Ansible and SaltStack, Powershell DSC remains supreme when enforcing the desired state on a Windows VM. Ansible itself has included the win_dsc module, which allows Ansible to run PowerShell DSC. In this blog post, we will dive deeper into one of PowerShell DSC’s most powerful aspects, 3rd Party Resources, and how they interact with Azure Automation. 3rd […]

Azure Kubernetes Service is a Microsoft Azure-hosted offering that allows for the ease of deploying and managing your Kubernetes clusters. There is much to be said about AKS and its abilities, but I will discuss another crucial role of AKS and containers, security. Having a secure Kubernetes infrastructure is a must, and it can be challenging to find out where to start. I’ll break down best practices, including baseline security for clusters and pods, and implement network hardening practices that […]

Kubernetes has become the go-to orchestrator for running containers. At AIS, we are working with clients using Azure Kubernetes Service (AKS), applying our expertise in DevOps. One concern is delivering HTTPS certificates to containerized web applications; let’s use Azure Key Vault to achieve this. Azure Key Vault is a cloud service that provides hardware security modules (HSMs) for securely storing and delivering secrets, encryption keys, and certificates. The Key Vault FlexVolume driver for Kubernetes offers a means for mounting certificates […]