#azure (2021-09)

azure

Archive: https://archive.sweetops.com/azure/

2021-09-16

Pierre-Yves avatar
Pierre-Yves

don’t create VMs with public ips ! that should be a mantra ! A vulnerability on Azure vm Linux has been found: https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure

2021-09-09

Pierre-Yves avatar
Pierre-Yves

Hello, recently one of my coworker who have admin access has create a vm with public ip .

There is no way to prevent someone who have admin access to the subscription to create resources manually.

But there is azure policy that can be used to enforce compliance and prevent stupid things to be done.

Don’t fear to set it up front.

https://blog.nillsf.com/index.php/2019/11/02/using-azure-policy-to-deny-public-ips-on-specific-vnets/

Using Azure Policy to deny public IPs on specific VNETs attachment image

Azure Policy is a powerful tool in your Azure toolbox. It allows you to enforce specific governance principals you want to see implemented in your environment. Some key examples of what Azure Policy allows you to do is: Automatically tag resources, Enforce specific regions, Enforce VM size … I recently ran into a customer scenario, […]

Pierre-Yves avatar
Pierre-Yves

finally released ! “New Resources: azurerm_sql_managed_instance and azurerm_sql_managed_database"

https://github.com/hashicorp/terraform-provider-azurerm/pull/12431

    keyboard_arrow_up