Skip to content
adatum
  •  SCOM Web API
  • About adatum
gray laptop computer showing html codes in shallow focus photography Azure

Azure Infrastructure As Code video series

  • 28/10/202028/10/2020
  • by Martin Ehrnst

For weeks Marcel Zehner and I have held four live streams. Covering ‘everything’ related to Infrastructure as code on Azure.

Recording available

In the series, we covered the following topics, and everything is now available on YouTube

  • Advanced ARM templates
  • Deployment scripts
  • Linked and nested ARM templates
  • ARM template deployment with Pipelines

Share this:

  • LinkedIn
  • Twitter
flight sky earth space Azure

Recording available: ARM template deployment scripts

  • 23/10/202023/10/2020
  • by Martin Ehrnst

Sign up for our next livestream; How to deploy resources using CI/CD

In our Infrastructure as code live stream series, Marcel Zehner and I covered a new feature in the Azure IAC space. Namely deployment scripts. With deployment scripts for Azure, you can run PowerShell or Bash (CLI) scripts within your ARM templates.

You may have heard of Custom script extension for Azure Windows VMs, this is sort of the same thing. Making you able to call external systems during deployment, or perform the last-mile configuration to your infrastructure.

Deployment scripts recording

You can find all our recordings on youtube and all code examples on github

Share this:

  • LinkedIn
  • Twitter
Azure

Recording available: Complex ARM templates

  • 12/10/202012/10/2020
  • by Martin Ehrnst

Together with MVP and Regional Director, Marcel Zehner we are running four live streams on Azure Resource Manager deployments using ARM templates. Recording from our first live stream, Complex ARM templates is available now.

In this session, we covered how you should use parameters, functions, and dependencies to create more reusable code, and how to control the result of your user’s input.

You can find the recording on YouTube, and the script examples on GitHub

More ARM template live streams

We have three more ARM template live streams planned- hopefully we will see you there:

Nested & linked ARM templates
Date & Time: October 12, 2020, 5PM CEST
Registration: https://lnkd.in/deW4xXJ
Attendee Link: https://lnkd.in/dz_WgyW

Deployment scripts
Date & Time: October 19, 2020, 5PM CEST
Registration: https://lnkd.in/dhEYeMr

Code release using pipelines
Date & Time: October 26, 2020, 5PM CEST
Registration: https://lnkd.in/d_JuDuv

Share this:

  • LinkedIn
  • Twitter
Automation

Remediate Azure Policy with PowerShell

  • 11/06/202011/06/2020
  • by Martin Ehrnst

Azure Policy is there to help us with properly governed and secure infrastructure. However, Azure Policy requires management as well.

Lately, I have built a new set of policies to ensure diagnostic logs are forwarded to Azure Monitor Logs. Multiple policies and a policy initiative were deployed to multiple subscriptions and multiple customers. All this was made possible since we manage through Azure Lighthouse.

Automatic remediation of Azure Policy

The challenge faced after deploying the policy was how to remediate them. Since policies with effect ‘deployIfNotExists’ only apply to new or modified resources, I faced the job with clicking in the portal or figure out a way to do this with PowerShell.
I actually started with the portal, as I thought it would be a quick job. After doing one or two subscriptions I realized how much time I would use.

Azure policy compliance state

Given the fact that the imitative it self contained around 50 individual policies, and at the time 19 subscriptions. I figured spending some time in PowerShell was well worth it. There is also a pretty good chance I will find my self in the same situation pretty soon.

Create remediation task with PowerShell

To create a remediation task for a policy set you can use this script. It will connect to your subscription and get all non-compliant policies. Then start a policy remediation task for the individual policies.

Summary

Policies with effect “deployIfNotExist” only work for resources that are updated or created after the policy was applied. To remediate existing resources you will have to create the remediation tasks manually through the portal, or by using PowerShell (and REST API)

By the way, fellow Azure MVP Tao Yang has created everything you need in order to enable these policies your self. Please see GitHub for complete ARM templates. And please help him maintain everything by contributing.

Share this:

  • LinkedIn
  • Twitter
Azure

Multiple Azure credentials in PowerShell

  • 06/05/202002/09/2020
  • by Martin Ehrnst

Environments in Azure are often separated into multiple subscriptions, in some cases multiple tenants. This sectioning can also result in multiple user accounts, and managing multiple Azure credentials can be challenging. Luckily, Azure PowerShell has this capability called context.

Although the documentation is solid on the topic. It doesn’t necessarily provide the backdrop for when you will need to use this feature.

A few weeks ago I had to move a set of APIs from one instance of Azure API management to another. With PowerShell contexts, I could download the API from the origin and import it to the new instance.

Connecting to multiple Azure environments using context

To hold credential information, like user and subscription. PowerShell uses context objects. By using AzContext comandlets You can have multiple Powershell Azure contexts available in the same PowerShell session. This allows for easy switching between multiple environments and profiles. Including different tenants.

Below is an example of how you can connect to multiple tenants and switch between the credentials and contexts. I recommend using friendly names which will make them easier to identify.

Azure PowerShell context

Share this:

  • LinkedIn
  • Twitter

Posts navigation

1 2 3 … 7

Top Posts & Pages

  • Azure AD authentication in Azure Functions
  • Creating Azure AD Application using Powershell
  • Judging Arctic Cloud Developer Challenge
  • Web API for System Center Operations Manager
  • Multi subscription deployment with DevOps and Azure Lighthouse
  • Access to Blob storage using Managed Identity in Logic Apps - by Nadeem Ahamed
  • Update: SCOM web API
  • Resource health through Azure Rest API
  • Script to add SCOM agent management group
  • SCOM Alerts to Microsoft Teams and Mattermost

Tags

agent announcements api ARM authoring Automation Azure AzureAD AzureCloudShell AzureFunctions AzureLighthouse AzureMonitor AzureSpringClean Bicep Community CSP database EventGrid ExpertsLive ExpertsLiveEU IaC Infrastructure as code Integrations LogAnalytics management pack monitoring MSIgnite MSIgnite2017 MSOMS MSP nicconf OperationsManager OpsMgr Powershell QUickPublish rest SCDPM SCOM SCOM2016 SCVMM Serverless SquaredUP SysCtr system center Webasto

Follow Martin Ehrnst

  • Twitter
  • LinkedIn

RSS Feed RSS - Posts

RSS Feed RSS - Comments

Microsoft Azure MVP

Martin Ehrnst Microsoft Azure MVP

NiCE Active 365 Monitor for Azure

NiCE active 365 monitor for Azure
Adatum.no use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. Cookie Policy
Theme by Colorlib Powered by WordPress
adatum
Proudly powered by WordPress Theme: Shapely.