I like to include smoke tests [ST] in my Terraform [TF] deployments just to make sure I didn't overlook anything obvious. One such way is to interact with a resource that invokes other resources, such as an HTTP endpoint that is routed through API gateways, application containers and databases. An easy and portable way to … Continue reading Testing a Terraform resource deployment
Tag: cloud
azapi: unsupported attribute
One of my Azure Terraform deployments recently started failing with "unsupported attribute". The deployment involves container app environments which aren't currently supported by azurerm, so I'm working around that with azapi [AZAPI]. The template references an attribute ("staticIp" for the interested reader) in the resource creation JSON output. The deployment started breaking in early January … Continue reading azapi: unsupported attribute
Can’t log into Azure tenant after resetting Microsoft authenticator
Organisations which manage identities and user authentication with Office365 account use single sign on for web-, desktop- and mobile apps. The user experience usually consists of a web-based login form and a second-factor notification on the Microsoft authenticator app or an SMS sent to the phone. Microsoft login screen The authenticator app can manage multiple … Continue reading Can’t log into Azure tenant after resetting Microsoft authenticator
Cloud vs. on-premises is about shaping risk
TL;DR: moving to the public cloud consolidates many small risks into few large ones. A recent GCP cloud outage (https://status.cloud.google.com/incident/cloud-networking/20004) highlights an issue with running more and more parts of the internet on the same infrastructure: as more computing resources consolidate in large cloud providers' data centres, the risk of a significant, global outage of … Continue reading Cloud vs. on-premises is about shaping risk
Azure diaries: can’t access KeyVault
Context: as a tenant administrator you can't inspect KeyVault contents created by other people ("you are unauthorized to view these contents"). Solution: assign yourself appropriate permissions like this: Locate the KeyVault in the Azure portal: go to "Access policies"click "+Add Access Policy"Key permissions: everything under "Key Management Operations" and "Cryptographic Operations"Accordingly for key and certificate … Continue reading Azure diaries: can’t access KeyVault