Jump to navigation Jump to content

Most Active Speaker

Arindam Mitra

Arindam Mitra

Microsoft MVP in Developer Technologies | Azure Cloud Solutions & DevOps Architect | Technical Blogger | Speaker | Traveler | Citizen of the World

Zürich, Switzerland

I am a Microsoft MVP (Most Valuable Professional) in Developer Technologies | Azure Cloud Solutions & DevOps Architect | Technical Blogger & Speaker Focused on Cloud Adoption, Architecture, Automation, Build and Run in Azure.

Links

Awards

Area of Expertise

  • Information & Communications Technology

Topics

  • Cloud Computing on the Azure Platform
  • Azure Cloud
  • Microsoft Azure DevOps
  • hashicorp terraform
  • Automation with PowerShell
  • GitHub
  • GitHub Actions

Sessions

Ops-In-DevOps

In this Session, I will explain my "Ops In DevOps" Series and run live Demos. Follow my Series at: https://dev.to/arindam0310018/series/19351

For more details, please refer my Series:-
- https://dev.to/arindam0310018/series/19351

Automations as part of OPS IN DEVOPS:-
1. https://dev.to/arindam0310018/create-service-principal-and-store-secret-in-key-vault-2i37
2. https://dev.to/arindam0310018/reset-service-principal-secret-and-store-in-key-vault-using-az-devops-2h8o
3. https://dev.to/arindam0310018/create-aad-group-using-az-devops-2peb
4. https://dev.to/arindam0310018/rotate-storage-account-keys-using-az-devops-n71
5. https://dev.to/arindam0310018/create-service-connection-using-devops-cli-2k59
6. https://dev.to/arindam0310018/sftp-with-az-devops-7on
7. https://dev.to/arindam0310018/create-docker-regisry-service-connection-using-devops-cli-1an8
8. https://dev.to/arindam0310018/migrate-public-endpoint-web-app-between-app-service-plans-using-devops-218e
9. https://dev.to/arindam0310018/setup-acr-service-connection-using-devops-2o85

Azure DevOps Best Practises: Learning By Doing

In this Session, I will provide you real-time insights on AZURE DEVOPS BEST PRACTISES: LEARNING BY DOING.

For Ease of Explanation, I will provide Best Practises details for Azure Devops: REPOSITORIES, PIPELINES, BOARDS & WIKI

For more details, please refer my blog:-
- https://dev.to/arindam0310018/azure-devops-best-practises-learning-by-doing-38hi

MS Defender 4 Cloud: DevOps Security In GitHub Environment

In this Session, I will demonstrate MICROSOFT IGNITE - 2022 release of MICROSOFT DEFENDER 4 CLOUD: DEVOPS SECURITY IN GITHUB ENVIRONMENT.

Additionally, I have also highlighted, in my session, the Limitations of Azure Defender for DevOps.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/ms-defender-4-cloud-devops-security-in-github-environment-449

AZ Managed Grafana With Terraform AZAPI & DevOps

In this Session, I will demonstrate, How to deploy Azure Managed Grafana with Terraform AzAPI and DevOps

USECASE:-
- How to deploy Azure Managed Grafana using Terraform when the required AzureRM Provider is NOT available ?

For more details, please refer my blog:-
- https://dev.to/arindam0310018/az-managed-grafana-with-terraform-azapi-devops-452g

Error: No Hosted Parallelism has been purchased or granted

In this Troubleshooting Session, I will demonstrate, how I resolved the encountered error - "No Hosted Parallelism has been Purchased or Granted" while executing Azure DevOps Pipeline.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/error-no-hosted-parallelism-has-been-purchased-or-granted-bd

Error: Full scoped PAT is restricted by your organisation

In this Troubleshooting Session, I will demonstrate, how I resolved the encountered error - "Full Scoped PAT is restricted by your Organisation".

For more details, please refer my blog:-
- https://dev.to/arindam0310018/error-full-scoped-pat-is-restricted-by-your-organisation-1khk

Error: The Active Duration is too Short while Removing Role Assignment

In this Troubleshooting Session, I will demonstrate, how to resolve the encountered error - "The Active Duration is too short" while removing PIM role assignment.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/error-the-active-duration-is-too-short-while-removing-role-assignment-5akh

OPS-IN-DEVOPS: Create Service Connection Using DevOps CLI

In this Session, I will demonstrate How to Create Service Connection Using DevOps CLI.

USE CASES:-
- Create DevOps Service Connection, Prompting PAT (Personal Access Token)
- Create DevOps Service Connection, Without Prompting PAT (Personal Access Token)

AUTOMATION OBJECTIVE:-
- Create Service Principal.
- Query the Application ID of the Service Principal.
- Store the Service Principal Application ID and Secret in Key Vault.
- Assign the Service Principal, "Contributor" RBAC (Role Based Access Control) on Subscription Level.
- Set Service Principal Secret as an Environmental Variable for creating Azure DevOps Service Connection.
- Set PAT (Personal Access Token) as an environment variable for DevOps Login.
- Create Azure DevOps Service Connection.
- Grant Access to all Pipelines to the Newly Created Azure DevOps Service Connection.
- Verify Service Connection.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/create-service-connection-using-devops-cli-2k59

OPS-IN-DEVOPS: SFTP with Az DevOps.

In this Session, I will demonstrate SFTP with Azure DevOps.

AUTOMATION OBJECTIVE:-
- Validate if provided Resource Group exists. If Not, Pipeline will FAIL.
- Validate if Storage Account exists inside the specified Resource Group. If Not, Pipeline will FAIL.
- Validate if Hierarchical Namespace is Enabled in the specified Storage Account. If Not, Pipeline will FAIL.
- Validate if Key Vault exists inside the specified Resource Group. If Not, Pipeline will FAIL.
- Validate if SFTP is enabled in the specified Storage Account. If No, it will enable SFTP and Proceed to Next Validation. If Yes, It will skip and and Proceed to Next Validation.
- Validate if SFTP Local User Home Directory Container exists. If Yes, Pipeline will FAIL.
- Validate If SFTP Local User Exists. If Yes, Pipeline will FAIL.
- If all of the above validation is SUCCESSFUL, SFTP will be Enabled or Skipped in the Storage Account (Depending upon the Status at the time), Local SSH User will be created and Password will be Generated. Finally, Local SSH Username, Password and Connection String will be stored in Key Vault.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/sftp-with-az-devops-7on

Service Principal and DevOps Service Connection: Schema

In this Session, I will provide you real-time insights including food for thoughts on Service Principal and DevOps Service Connection Schema.

IMPORTANT TO NOTE:-
- Here in this reference blog, we talk only about Service Principal(s) which are created with the sole purpose of __Creating DevOps Service Connection(s) used for Running Pipelines for Infrastructure Deployment (IaC).

- In most establishment(s), every project which is onboarded to cloud has its own Subscription (Per Environment - NonProd and Prod) and DevOps Project.

- The DevOps Project will then have its own Service Connections for below - 1) Running Pipelines for Infrastructure Deployment (IaC), and 2) Running Pipelines for Application Deployment on the deployed Azure Services (by IaC).

For more details, please refer my blog:-
- https://dev.to/arindam0310018/service-principal-devops-service-connection-schema-1a8l

OPS-IN-DEVOPS: Create Docker Registry Service Connection Using DevOps CLI

In this Session, I will demonstrate How to Create Docker Registry Service Connection Using DevOps CLI.

USE CASES:-
Create Docker Registry DevOps Service Connection, Prompting PAT (Personal Access Token)
Create Docker Registry DevOps Service Connection, Without Prompting PAT (Personal Access Token)

For more details, please refer my blog:-
- https://dev.to/arindam0310018/create-docker-regisry-service-connection-using-devops-cli-1an8

Automate Entitlement Management in Azure AD Identity Governance using Microsoft Graph Powershell

In this Session, I will demonstrate How to create Catalog and Access Package in Entitlement Management using Microsoft Graph Powershell.

AUTOMATION OBJECTIVES:-

- Create a Catalog.
- Add an existing Azure Active Directory (AAD) Group as an Resource in the Catalog.
- Create Azure Active Directory (AAD) Group(s).
- Assign the Azure Active Directory (AAD) Group(s) as "Catalog Owner", "Catalog Reader", "Access Package Manager", and "Access Package Client Assignment Manager" respectively.
- Create a Access Package.
- Add the already added existing Azure Active Directory (AAD) Group in the Catalog to the Access Package as "Member".
- Create Access Package Policy.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/automate-entitlement-management-in-azure-ad-identity-governance-using-microsoft-graph-powershell-42k

Count and if else with Terraform & Devops

In this Session, I will demonstrate, Count and If Else with Terraform and DevOps by deploying Azure Managed Grafana.

OUT OF SCOPE:-

- Azure DevOps Pipeline Code Snippet Explanation.

- If you are interested to understand the Pipeline Code Snippet, please refer my other blogs in Terraform Series.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/count-and-if-else-with-terraform-devops-3bhf

Automate App Management with AAD Graph and DevOps

In this Session, I will demonstrate How to Automate App Management with AAD Graph and DevOps.

AUTOMATION OBJECTIVES:-

- Validate if the Resource Group and the Key Vault residing in it exists.
- Validate if the App Registration already exists. If No, App Registration will be created.
- Secret will be generated and stored in Key Vault.
- Set Redirect URI and Enable ID Token.
- Set Token Configuration - Optional Claims.
- Set Token Configuration - Groups Claim.
- Set Microsoft Graph API Permissions.
- Create App Roles.
- Set App Owners.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/automate-app-management-with-aad-graph-and-devops-5emn

OPS-IN-DEVOPS: Migrate Public Endpoint Web App Between App Service Plans using Devops

In this Session, I will demonstrate how to Migrate Public Endpoint Web App Between App Service Plans.

AUTOMATION OBJECTIVES:-

- Validate if Resource Group exists.
- Validate if Source App Service Plan Exists.
- Validate if Destination App Service Plan Exists.
- Validate if App Service Exists.
- Validate Webspace.
- If all the above validation is successful, Web App will then be migrated to Destination App Service Plan.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/migrate-public-endpoint-web-app-between-app-service-plans-using-devops-218e

OPS-IN-DEVOPS: Setup ACR Service Connection using Devops

In this Session, I will demonstrate How to Automate Azure Container Registry (ACR) Service Connection using Devops.

AUTOMATION OBJECTIVES:-
- Install Azure Devops CLI Extension in the Build Agent.
- Validate Azure Devops CLI Extension Installation by running the Help option in the Build Agent.
- Download Key Vault Secrets.
- Create Azure Container Registry Service Connection.
- Grant Access Permission to Azure Container Registry Service Connection for all Pipelines.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/setup-acr-service-connection-using-devops-2o85

Infrastructure Security using Azure Devops

In this Session, I demonstrated Infrastructure Security using Azure Devops.

Additionally, I successfully executed 3 Live Demos, covering 3 different areas of Cloud Infrastructure Security.

PRESENTATION OBJECTIVES:-
1. Immutable laws of Security.
2. Identity Access Management (IAM).
3. Identity Access Management (IAM) with Devops.
4. Subscription, Resource Group, and Role Based Access Control (RBAC)
5. Role Based Access Controls with Devops.
6. Measures to Protect Azure Services and Azure Devops.
7. Microsoft Defender for Cloud.
8. Microsoft Defender for Devops.
9. 3 Live demos covering 3 different areas of Cloud Infrastructure Security
10. Questions.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/infrastructure-security-using-azure-devops-1b43

IaC Blueprints - Quickstart

In this Session, I will provide an overview on IaC - Blueprints

For more details, please refer my blog:-
- https://dev.to/arindam0310018/iac-blueprints-quickstart-46h1

Azure Container Registry with Aquasec Trivy and Azure DevOps

In this Session, I demonstrate how to Scan Docker Images in Azure Container Registry with Aquasec Trivy using Azure DevOps Pipelines.

The Low, Medium, High and Critical CVEs (Common Vulnerabilities and Exposures) scan report are stored in Storage Account with Date time Stamp. If for some reasons, Application team accepts the risk and wants to skip the Low and Medium Vulnerabilities from the Scan report, all we have to do is list the respective CVEs in the .trivyignore file and run the pipeline again to scan. The listed CVEs will no longer be in the Scan Report.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/devops-acr-trivy-1o05

Power of DevOps CLI and REST API

In this Session, I demonstrate, how to Create and Setup Azure DevOps Project with Best Practices using DevOps CLI, REST API and DevOps Pipeline

The Pipeline Creates DevOps Project, Creates and Initializes one or more Repositories, Creates pipelines folder, Pipeline Environment, Agent Pool and Branch policies.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/power-of-devops-cli-and-rest-api-13lo

Fetch Secrets With No Access to Key Vault Using Azure DevOps Pipelines

In this Session, I demonstrate, how to fetch all secrets from Key vault when protected by Access Policies and Firewall Rules

All Secrets are exported in text file which is published in DevOps Artifacts from where it can be easily downloaded.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/fetch-secrets-with-no-access-to-key-vault-using-devops-pipelines-54h3

Fetch Selective Secrets with No Access To Key Vault Using Devops Pipelines

In this Session, I demonstrate, how to fetch all secrets with Tags from Key vault when protected by Access Policies and Firewall Rules

Here there are Two Use Cases - 1) Fetch all Secrets with any Tags 2) Fetch all Secrets with Specific Tags. All Secrets are exported in text file which is published in DevOps Artifacts from where it can be easily downloaded.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/fetch-selective-secrets-with-no-access-to-key-vault-using-devops-pipelines-4df8

Dynamic Deployment of SonarQube in Azure Container Instance Using Azure DevOps

In this Session, I will demonstrate how to Dynamically Deploy SonarQube in Azure Container Instance Using Azure DevOps

The entire YAML pipeline is build using Parameters and variables. No Values are Hardcoded. There are 2 Stages in the Pipeline 1) When User selects "Existing" Pipeline Runtime Environment 2) When User selects "New" Pipeline Runtime Environment. Pipeline Stage gets Skipped or Executed based on the User Choice. Both Stages have required Conditions applied.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/dynamic-deployment-of-sonarqube-in-az-container-instance-using-devops-9j3

Can we Deploy Az B2C Using Terraform and DevOps ?

In this Session, I will demonstrate -
How to Validate Pre-Requisites of Azure B2C Tenant using DevOps ?
If Azure B2C Tenant Deployment is Possible using Terraform and DevOps ?

There are 2 Distinct Pipelines. One which Checks the Pre-Requisites for Deploying Azure B2C and Second which deploys Azure B2C Using Terraform and DevOps. Azure B2C Tenant Deployment is Not Possible to deploy using Terraform and DevOps Together. It is only possible By Manually Executing Terraform Init, Plan and Deploy.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/can-we-deploy-az-b2c-using-terraform-and-devops--3ok2

My Take on Azure Lighthouse

In this Session, I will provide real-time insights on AZURE LIGHTHOUSE. As Azure Lighthouse provides multiple features, hence for the purpose of this Blog post, we focus on 1) Onboarding Azure Subscription, and 2) Onboarding Azure Resource Group only.

Below is covered -
Live Recorded Session, Presentation Displayed During Live Demo, Concepts of Azure Lighthouse, How is/was the Management before Azure Lighthouse, Pricing, Real-time Use Cases, Important Pointers on Azure Lighthouse, Deployment Requirement of Azure Lighthouse Using Portal, Step By Step Process to Implement Azure Lighthouse, Verification - Service Provider View, Quick Test, Option to Automate Deployment of Azure Lighthouse and Challenges Encountered.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/my-take-on-azure-lighthouse-5c6j

Map Azure DevOps Runtime Variables to Terraform Input Variables

In this Session, I will demonstrate -
How to Map Azure DevOps Runtime Variables to Terraform Input Variables.
If at all we need to put the values in variables.tf or in tfvars.

Objective:-
Deploy a Resource Group and User Assigned Managed Identity from the values provided by user in the DevOps Runtime Variables Parameters and not providing it again in Terraform variables.tf or tfvars

For more details, please refer my blog:-
- https://dev.to/arindam0310018/map-azure-devops-runtime-variables-to-terraform-input-variables-38ha

Terraform Plan in DevOps GUI

In this Session, I will demonstrate how to Publish Terraform Plan in Azure DevOps Graphical User Interface (GUI).

Find out:-
Can we Publish Terraform Plan if there is No Infrastructure Changes ?

For more details, please refer my blog:-
- https://dev.to/arindam0310018/terraform-plan-in-devops-gui-52fp

Sneak Peek on GLEEK in DevOps

In this Session, I will demonstrate how to Use GLEEK Extension in Azure DevOps Boards: Stories and Tasks

Below Types of Custom Diagrams can be Created using GLEEK Extension:-
1. Basic
2. Entity-Relationship
3. Sequence Diagram
4. Class Diagram

For the Purpose of this Session, we will be focusing on Creating Basic Diagram

For more details, please refer my blog:-
- https://dev.to/arindam0310018/sneak-peek-on-gleek-in-devops-523a

Azure Charts: Design Foundation for IaC and DevOps!!!

In this Session, I will provide you real-time insights on how to use AZURE CHARTS as Design Foundation for IaC (Infrastructure-As-Code) and DevOps Automation.

Once Design Foundation is ready, putting into IaC (Terraform/Powershell) and executing using Azure DevOps Pipeline becomes relatively easy.

What is Covered:-
- Azure Charts.
- Category of Azure Services.
- Which Azure Services Supports Private Link.
- Which Azure Services Supports Managed Identity.
- Design Resource Group(s).
- Design Network Framework.
- Azure Night Sky.
- Azure Services SLA.
- Azure Services Reservation.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/azure-charts-design-foundation-for-iac-and-devops-4cgi

Terraform Plan in DevOps GUI Using Templates

In this Session, I will demonstrate how to Publish Terraform Plan in Azure DevOps GUI Using PIPELINE TEMPLATES.

This Blog post is a follow-up to my previous post - Publish Terraform Plan in Azure DevOps GUI

For more details, please refer my blog:-
- https://dev.to/arindam0310018/terraform-plan-in-devops-gui-using-templates-5chp

Automate Pull Request & Associate Work-Items Using Azure DevOps

In this Session, I will demonstrate how to Automate Pull Request (PR) and Associate Work-Items Using Azure DevOps.

AUTOMATION OBJECTIVE:-
- Create Random Generated Work-Items in Azure DevOps Boards.
- Create Pull Request (PR).
- Associate Work-Item with Pull Request (PR).
- Complete Pull Request (PR) with Squash Commit.
- Delete the Working Branch (For Example: "Dev" or "Feature/AM".

For more details, please refer my blog:-
- https://dev.to/arindam0310018/automate-pull-request-associate-work-items-using-az-devops-2fdo

AM in JTTC Talks On Microsoft Azure Associate Certification (AZ-104)

In this Session, I talk on Microsoft Azure Associate Certification (AZ-104) on JOURNEY TO THE CLOUD 7.0

DISCLAIMER:- YOU DO NOT HAVE TO BE A SPARTAN TO CONQUER AZURE!!!

I have tried to Explain Az-104 Preparation and Readiness in a very Funny Way.
I Sincerely Hope you like it.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/am-in-jttc-talks-on-ms-azure-associate-certification-az-104-2ogh

Break Terraform State Lease Using Azure DevOps

In this Session, I will demonstrate how to Break Terraform State Lease Using Azure DevOps.

USE CASE:-

In Order to Protect State File from Accidental Deletion or Tampering, Direct User Access to Terraform State File is Prohibited.

While Build IaC [Infrastructure-As-Code] Using Terraform, DevOps Engineer tend to Run the Code locally by manually executing Terraform Init, Plan and Apply Commands respectively.

During this whole Process, there might be Situation, where the Terraform State file is in Locked State and Unless the Lock is released, the code cannot be executed anymore (Manually or using Az DevOps Pipeline).

This is where, the below Az DevOps Pipeline helps.

The Az DevOps Pipeline runs in the Build Agent using Az DevOps Service Connection which is Az Service Principal Credentials behind the Scene with Appropriate RBAC [Role Based Access Control] on Subscription or Resource Group Level.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/break-terraform-state-lease-using-azure-devops-2fnj

Break Terraform State Lease Using Github Actions

In this Session, I will demonstrate how to Break Terraform State Lease Using GitHub Actions

USE CASE:-

In Order to Protect State File from Accidental Deletion or Tampering, Direct User Access to Terraform State File is Prohibited.

While Build IaC [Infrastructure-As-Code] Using Terraform, DevOps Engineer tend to Run the Code locally by manually executing Terraform Init, Plan and Apply Commands respectively.

During this whole Process, there might be Situation, where the Terraform State file is in Locked State and Unless the Lock is released, the code cannot be executed anymore (Manually or using GitHub Actions Workflow).

This is where, this workflow comes as rescue.

The GitHub Actions Workflow runs in the Runner using Azure Credentials which is Az Service Principal Credentials behind the Scene with Appropriate RBAC [Role Based Access Control] applied on Subscription or Resource Group Level.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/break-terraform-state-lease-using-github-actions-57o9

OPS-IN-DEVOPS: Create Service Principal and Store Secret in Key Vault Using Azure DevOps.

In this Session, I will demonstrate how to Create Service Principal and Store Secret in Key Vault Using Azure DevOps.

USE CASE:-

Cloud Engineer DOES NOT have access to Azure Active Directory (AAD) to Create Service Principal.
Cloud Engineer CANNOT ELEVATE rights using PIM (Privileged Identity Management) to Create Service Principal.

AUTOMATION OBJECTIVE:-

Validate If the Service Principal Exists. If Yes, Pipeline will FAIL.
Validate If Resource Group Containing Key Vault Exists. If No Resource Group Found, Pipeline will FAIL.
Validate If Key Vault Exists inside the Specified Resource Group. If No Key Vault Found, Pipeline will FAIL.
If All of the above validation is SUCCESSFUL, Pipeline will then Create the Service Principal, Generate Secret and Store it in the Key Vault.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/create-service-principal-and-store-secret-in-key-vault-2i37

OPS-IN-DEVOPS: Reset Service Principal Secret and Store in Key Vault Using Azure DevOps.

In this Session, I will demonstrate How to Reset Service Principal Secret and Store in Key Vault Using Azure DevOps.

USE CASE:-

Cloud Engineer DOES NOT have access to Azure Active Directory (AAD) to Reset Service Principal Secret.
Cloud Engineer CANNOT ELEVATE rights using PIM (Privileged Identity Management) to Reset Service Principal Secret.

AUTOMATION OBJECTIVE:-

Validate If the Service Principal Exists. If No, Pipeline will FAIL.
Validate If Resource Group Containing Key Vault Exists. If No Resource Group Found, Pipeline will FAIL.
Validate If Key Vault Exists inside the Specified Resource Group. If No Key Vault Found, Pipeline will FAIL.
If All of the above validation is SUCCESSFUL, Pipeline will then Reset the Service Principal Secret and Store it in the Key Vault.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/reset-service-principal-secret-and-store-in-key-vault-using-az-devops-2h8o

OPS-IN-DEVOPS: Create Azure Active Directory Group (AAD) Using Azure DevOps.

In this Session, I will demonstrate How to Create Azure Active Directory (AAD) Group Using Azure DevOps.

IMPORTANT NOTE:-
We can create one or more AAD Group with Same Name. The Unique Identifier for AAD Group is the Object ID.

USE CASE:-
Cloud Engineer DOES NOT have access to Azure Active Directory to Create Group(s).
Cloud Engineer CANNOT ELEVATE rights using PIM (Privileged Identity Management)to Create AAD Group(s).

AUTOMATION OBJECTIVE:-
Validate If the AAD Group Exists. If Yes, Pipeline will FAIL.
If the above validation is SUCCESSFUL, Pipeline will then Create Group in Azure Active Directory.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/create-aad-group-using-az-devops-2peb

OPS-IN-DEVOPS: Rotate Storage Account Keys Using Azure DevOps.

In this Session, I will demonstrate How to Rotate Storage Account Keys (Primary & Secondary) and Store it in Key Vault Using Azure DevOps.

AUTOMATION OBJECTIVE:-

Validate If Resource Group Containing Key Vault Exists. If No Resource Group Found, Pipeline will FAIL.

Validate If Storage Account Exists inside the Specified Resource Group. If No Storage Account Found, Pipeline will FAIL.

Validate If Key Vault Exists inside the Specified Resource Group. If No Key Vault Found, Pipeline will FAIL.

If All of the above validation is SUCCESSFUL, Depending upon, which Key User wants to rotate (Primary or Secondary), Pipeline will then Rotate the Storage Account Key and Store it in the Key Vault.

For more details, please refer my blog:-
- https://dev.to/arindam0310018/rotate-storage-account-keys-using-az-devops-n71

Arindam Mitra

Microsoft MVP in Developer Technologies | Azure Cloud Solutions & DevOps Architect | Technical Blogger | Speaker | Traveler | Citizen of the World

Zürich, Switzerland

Links

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top