Category: cloud

Azure: Service API already exists

Update 2023/01/04: I was wrong. Microsoft Support pointed out that each external APIM instances is assigned a globally unique DNS entry and mine was just too generic. Giving the API management resource a unique name for the region it runs in (eg. by appending a random number) solves the issue. I'm writing a Terraform template … Continue reading Azure: Service API already exists

Can’t log into Azure tenant after resetting Microsoft authenticator

Organisations which manage identities and user authentication with Office365 account use single sign on for web-, desktop- and mobile apps. The user experience usually consists of a web-based login form and a second-factor notification on the Microsoft authenticator app or an SMS sent to the phone. Microsoft login screen The authenticator app can manage multiple … Continue reading Can’t log into Azure tenant after resetting Microsoft authenticator

Cloud vs. on-premises is about shaping risk

TL;DR: moving to the public cloud consolidates many small risks into few large ones. A recent GCP cloud outage (https://status.cloud.google.com/incident/cloud-networking/20004) highlights an issue with running more and more parts of the internet on the same infrastructure: as more computing resources consolidate in large cloud providers' data centres, the risk of a significant, global outage of … Continue reading Cloud vs. on-premises is about shaping risk

Azure diaries: can’t access KeyVault

Context: as a tenant administrator you can't inspect KeyVault contents created by other people ("you are unauthorized to view these contents"). Solution: assign yourself appropriate permissions like this: Locate the KeyVault in the Azure portal: go to "Access policies"click "+Add Access Policy"Key permissions: everything under "Key Management Operations" and "Cryptographic Operations"Accordingly for key and certificate … Continue reading Azure diaries: can’t access KeyVault