Quick tip: Find permissions in RBAC roles easily

When building infrastructures in Azure, you sometimes come to a point in which you need to add an additional action to a RBAC role in order to access certain Azure resources. In our case we needed to add read permissions on the Front Door activity logs to an internal security administrator role. The way I used to do it, was browing MS-learn to can find a comprehensive list of built-in roles. For me this was a cumberstone process, until today. One of my co-workers - Martin Bouchery - showed me an easy trick to find all RBAC roles in Azure that have a specific action tied to its profile. A walk through…

Where is that documentation? A tale on setting up diagnostic settings...

I’m a big fan of Azure and building infrastructure on it using IaC (Infrastructure as Code) and deploy it through pipelines (Azure DevOps) or workflows (Github). The last two years, I primarily used Bicep to build the infrastructure. This is often a very satisfying experience but in some cases it can be quite frustrating. Frustrating because I can’t find the information that I need in the MS Learn documentation at the location where I would expect it to be.

A nightmare on FrontDoor in Bicep...

For some reason I seem to attract the most exotic scenarios when it comes to building Infrastructure as Code (IaC). This time it was no different. For a client I’m working on building an environment in which disaster recovery is a top priority. Besides being zone redundant, the client requires region redundancy as well, in case a complete Azure region gets wiped out by a disaster or a combination of disasters… My imagination gets triggered and I envision all kinds of apocalyptic movie scenarios.

Over-The-Air device update - IoT with C#

Developing solutions for IoT devices can be a challenging task, this can also apply for getting a device at its final destination in order to do its job. When time passes by, it is likely that either requirements or conditions are changing and that the device is not capable anymore of doing its job. In other words, it needs to be updated. This is where the real problems may start. In many cases devices are not physically accessible or there are simply too many devices in the field to do manual updates. This is where over-the-air (OTA) updates will save your day.

Techorama Antwerp 2022, human connection

Techorama is a conference that has long been on my list of conferences to attend, but for some reason I never went. Looking back I think I had this idea that world class conferences could only be held in the US (or in a place far-far away from home) with thousands of visitors. I was dead wrong. What the organizers understood perfectly is that in order to have a world class conference, you should offer the same smooth, convenient and rich experience with the very best speakers, but then at a smaller scale.

Register ESP32 to DPS & IoT hub - IoT with C#

In my previous post I flashed my ESP32 with the nanoframework.net, allowing me to write C# code in Visual Studio with all bells and whistles. As life goes… the device landed in my drawer until this week where I had some time to experiment. This time I wanted to hook up the device to Azure IoT hub using the Device Provisioning Service (DPS) which brings me one step closer to my goal, performing device updates over-the-air…

Certification Renewal

When Microsoft introduced the new role based certifaction paths, a new expiration policy was set as well. After two years (as of july 2021, one year) the certification will expire, and you have to renew it in order to keep it.

At the time, I was among the first people who passed the new certifications and back then the new expiration policy was unclear. There was no information on how to renew the certifications and costs involved, until a few weeks ago…