Raju RH

As part of Microsoft Build conference (may 2020) and from early this year few key announcements were made related to Azure Blob Storage. In this blog post will try to cover few key announcements which are now generally available and some in preview. User Delegation SAS Tokens (Generally Available) This feature was made GA in January 2020. Prior to User Delegation SAS token feature, if we want to access private or secured container it's managed through Managed Identity or Shared access signature token (SAS tokens) .  SAS  tokens grant specific, time-limited access to storage objects without exposing an account access key. A SAS secured with Azure AD credentials is called a user delegation SAS. With user delegation SAS tokens it now supports Azure AD and RBAC, what it means is now lower-privileged users and services can now delegate subsets of their access to clients, using this new t

Recently I tried deleting a resource group (RG) having Azure Container Instance (ACI) resources which was secured using VNet. I couldn’t get RG deleted completely due to an error related to VNet delete (internally its associated to Network Profile). Then I googled a bit and found this is a common issue where most of the people reported in different forums like GitHub, Stack-overflow etc. In this blog post I will be covering what is the option to resolve the above issue. Firstly, let me show what is the error you will be seeing in the above scenario. Subnet raju-subnet-web-dev is in use by /subscriptions/XXXSubscriptionIdXXX/resourceGroups/raju-rg-dev/providers/Microsoft.Network/ networkProfiles/aci-network-profile-raju-vnet-dev-subnet-web-dev/ containerNetworkInterfaceConfigurations/eth0/ipConfigurations/ipconfigprofile and cannot be deleted.In order to delete the subnet, delete all the resources within the subnet. See aka.ms/deletesubnet. With Error Code : InUseSubnetCannotBeDe

In May 2020, as part of Microsoft Build conference few key announcements were made for Microsoft Azure service. In this blog post, I will be covering updates related to Customer-managed keys which were made GA for Azure service - CosmosDB and Azure Container Registry. What is Customer-managed key? By default various resource provider in Azure implement encryption at Rest. Implementation of this encryption at Rest by default will be using Service-Managed keys which Microsoft manages internally. But in few scenarios users/customers want to control this keys that's where customer-managed key comes into picture. Two Azure service which we are talking in this post now have this capability (GA).  Note : You must store customer-managed keys in Azure Key Vault  Customer-managed key for CosmosDB Customer-managed keys enables users to take total control over the keys used by Azure Cosmos DB to encrypt their data at rest. With CosmosDB your data is always encrypted with service-managed-keys w