In this post, I will walk you through some of the best practices that helps you to complete post deployment configuration of SonarQube.

Read More »

Organizations always have issues and concerns that how to remove the risk of threats and malware attacks when users connect to VMs (using RDP or SSH) inside the network.

Azure Bastion not only helps you to address these issues, but also reduce the lot of management overhead. In this post we will discuss the concepts and how to configure it.

Read More »

DevSecOps is not meant to fail if Processes, Products backed by People with the right attitude followed by continuous learning and improvements is in place. It’s not very important how the journey starts but how consistently it improved over time.

There are a lot of fundamental principals that need to consider while you are defining the Organizations DevOps road map. But in my opinion, the following two lay the foundation of success.

• DevSecOps is not a Role
• Open by Default, Closed by Exception

Read More »

Secure secretes in Azure DevOps Pipelines using Azure Key Vault

Security is an integral part of the Application Life Cycle Management and must be implemented right from the beginning. Its everyone’s responsibility to ensure security compliance in every process and each phase.

In this post, I will talk on how to ensure security in terms of Key, Secrete, Certificate management as part of your Azure DevOps pipelines (YML based).

Read More »

Security is a shared responsibility. It needs to be considered in each layer and at every component level. Even smaller negligence may cause damage to users, vendors, and clients.

If you are preparing for Azure Certifications (AZ-300) or new to designing space, I hope this post will help to start with fundamentals. In this post, I will talk about the basic design principle and considerations around Network security.

Read More »

There are a lot of blogs/articles available to learn the Terraform. Here, I am sharing my learning notes and references. I have been using ARM templates (simple and complex), for the last 4-5 years. I feel writing Terraform code is easy, helps to be lean and manageable. Also, the most important thing it has in-built intelligence. Like every other technology/ architecture, both Terraform and ARM Templates have their pros and cons.

Read More »

Plan, Design and Manage AzDo variables

Azure DevOps variables play an important role and provide a convenient way to get key bits of data into various parts of the pipelines. In this post, I will talk about how you can plan, design and manage the Azure DevOps variables and leverage this feature more effectively.

Read More »

Recently, I have faced an issue, where our CD pipeline start failing (in Dev Envrionment, few second back things were working fine).

We found that, there is no issue with code but it was due to resource deployment history quota against resoruce group.

Deployment histories are very important. They not only help to keep track of changes but also useful for audit and compliance purposes.

Read More »

Branching strategies varies from Client to Client/ Project to Project, but the common practices teams are looking for enabling CI against all your branches.

In this post, I will show how we can configure CI against all the branchs.

Read More »

Deploy SonarQube as PaaS (Azure Web App)

We all know the power of PaaS and its edge over IaaS. Clients are now looking for more and more PaaS and SaaS based solutions. It’s really an intelligent idea to deploy SonarQube as PaaS (Azure Web App Container).

Read More »