Securing remote MCP servers with Entra ID without breaking reconnects
I've been wiring remote MCP servers behind Entra-protected endpoints lately, and the awkward part isn't really validating a JWT, but everything around it.…
Read more
Using Bicep to manage Microsoft Graph
The Bicep team has recently published the "Bicep Templates for Microsoft Graph" extension into public preview. I've been playing around with it a bit, and wanted to document my experiences.…
Read more
Setting up Kubernetes as an External Identity Provider for Workload Identity Federation
In this post we'll see how to set up our own Kubernetes cluster to act as an External Identity Provider.…
Read more
How does workload identity federation actually work?
In this post, I'll try to explain the internal workings of workload identity federation.…
Read more
Quick ways of getting ObjectIds
A few quick ways of figuring out objectIds when you don't have access to the Entra Portal…
Read more
Troubleshooting Azure App Service and Functions
My troubleshooting workflow for common problems I've faced when working with Azure App Service and Azure Functions…
Read more
Azure DevOps Agents using Managed Identitites
This post shows an example of how to use Azure DevOps Agents without Personal Access Tokens, using Managed Identities instead.…
Read more
User Assigned Managed Identities with Azure DevOps Service Connections
This post will show you how to use User Assigned Identities to back Azure DevOps service connections to Azure…
Read more
Updating Azure DevOps Azure Automatic Service Principal secrets
Recent changes in the Azure DevOps UI have made it somewhat difficult to refresh secrets on the Azure ARM service connections, here are a couple of ways you can work around this.…
Read more
App Service Imported SSL Certificate from Key Vault in another Subscription
We recently ran into an issue with our requirement to pull an imported SSL certificate from a key vault that was located in a separate subscription from our function app consumption plan. Here's how we ended up solving this issue.…
Read more
AZ-500 Study Guide
I recently passed the AZ-500: Azure Security Engineer Associate certification, and thought that now that most of the world is under some level of COVID-19 related quarantine, what better way to spend one's time than study for a certification test. This study guide aims to help with that process.…
Read more