I've been working recently on zero downtime deployments using Azure App Service. They're facilitated by a combination of Health checks and deployment slots. This post will talk about why this is important and how it works.
27 posts tagged with "azure"
View All TagsAzure RBAC: role assignments and ARM templates
This post is about Azure's role assignments and ARM templates. Role assignments can be thought of as "permissions for Azure".
ASP.NET, Serilog and Application Insights
If you're deploying an ASP.NET application to Azure App Services / Azure Container Apps or similar, there's a decent chance you'll also be using the fantastic Serilog and will want to plug it into Azure's Application Insights.
Azure App Service, Easy Auth and Roles with .NET and Microsoft.Identity.Web
I wrote recently about how to get Azure App Service Easy Auth to work with roles. This involved borrowing the approach used by MaximeRouiller.Azure.AppService.EasyAuth.
As a consequence of writing that post I came to learn that official support for Azure Easy Auth had landed in October 2020 in v1.2 of Microsoft.Identity.Web. This was great news; I was delighted.
However, it turns out that the same authorization issue that MaximeRouiller.Azure.AppService.EasyAuth
suffers from, is visited upon Microsoft.Identity.Web
as well. This post shows hoew to resolve it with IClaimsTransformation
.
Azure App Service, Easy Auth and Roles with .NET
Azure App Service has a feature which is intended to allow Authentication and Authorization to be applied outside of your application code. It's called "Easy Auth". Unfortunately, in the context of App Services it doesn't work with .NET Core and .NET. Perhaps it would be better to say: of the various .NETs, it supports .NET Framework. To quote the docs:
At this time, ASP.NET Core does not currently support populating the current user with the Authentication/Authorization feature. However, some 3rd party, open source middleware components do exist to help fill this gap.
Thanks to Maxime Rouiller there's a way forward here. However, as I was taking this for a spin today, I discovered another issue.
Make Microsoft.Identity.Web respond with 403 forbidden instead of a 302 redirect
By default Microsoft.Identity.Web
responds to unauthorized requests with a 302 (redirect). Do you want a 403 (forbidden) instead? Here's how.
Dual boot authentication with ASP.NET
This is a post about having two kinds of authentication working at the same time in ASP.Net Core. But choosing which authentication method to use dynamically at runtime; based upon the criteria of your choice.