Tidy up - Unused Project and Nuget package reference using Visual Studio 2019

If you are a Developer/Architect using Visual Studio as IDE for your development activities, this blog post will be of your interest. During the Ignite 2021 conference, Microsoft released Visual Studio 2019 v16.9 and v16.10 Preview 1. As part of version 16.10 Preview 1, one of the cool features they introduced is to "Remove Unused References..." for any Projects and Nuget packages that are not in use. At the time of writing this blog post, we have Visual Studio Version 16.10.0 (official release) which includes this new feature.  As part of development, we generally get carried away and introduce new Nuget package references to your project and add new references to your Projects. By the end of development, you will not be 100% sure which are not being referenced and unused which means you will leave those unused project references in your application. Now you might be wondering what's the big deal in it since it doesn't harm. The advantage of removing unused project r
Post a Comment

How to Lock your Azure Resources?

Azure Resource Locking feature helps to prevent deletion and modification of Azure Resources on which the lock is been applied. Now you might be wondering how it's different and advantages compared to Azure RBAC (Role-Based Access Control)? RBAC is used as the first line of defense against restricting access to Azure Resources. Using RBAC you can restrict access to resources and resource actions. RBAC alone will not be sufficient across all environments especially from the Test environment onwards. RBAC and Resource lock doesn't conflict with each other rather they complement and should be applied as standard practice/pattern across all your Azure Subscriptions in your organization. 

Assume you are an Administrator, which means you have full access to all your resources. With Resource Lock applying it provides a way for administrators to lock down Azure resources to prevent deletion and modification of a resource. Resource lock applies to all users regardless of their roles.

There are 2 types of Resource Locks:

  1. CanNotDelete - It allows the resource to be modified however not deleted.
  2. ReadOnly - the resource can neither be deleted nor modified. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.
Note: Once a resource has been locked, the resource lock must first be removed before the resource can be modified or deleted. If the lock is applied at the parent level it inherits to child level resources and inheritance takes precedence.

Pre-Requisites:

For creating or deleting Resource locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions. Of the built-in roles, only the Owner and User Access Administrator are granted those actions.

Applying Resource Lock using Azure Portal

  1. Navigate to the resource/ resource group/ subscription you wish to lock in the Azure Portal
  2. In the main blade select the "Locks" icon 
    Lock Option
                              
  3. Provide lock name and description and select the lock type as Delete or Read-only.
    Creating Lock

  4. Click OK to save the lock. The resource is now protected.
  5. In future if you want to change the lock type or delete the lock, navigate to "Resource" - "Locks"
    Option to Edit/Delete lock

Note: You can automate the process of applying Resource Lock using ARM template or Azure PowerShell or Azure CLI or Rest API.

Resource locks can be applied to subscriptions, resource groups, or individual resources. When you lock at the subscription level, all resources in that subscription including the ones added later will inherit the same lock. Considerations before applying locks can be found here

Reference:

Comments

Post a Comment

Popular posts from this blog

Tidy up - Unused Project and Nuget package reference using Visual Studio 2019

Image
If you are a Developer/Architect using Visual Studio as IDE for your development activities, this blog post will be of your interest. During the Ignite 2021 conference, Microsoft released Visual Studio 2019 v16.9 and v16.10 Preview 1. As part of version 16.10 Preview 1, one of the cool features they introduced is to "Remove Unused References..." for any Projects and Nuget packages that are not in use. At the time of writing this blog post, we have Visual Studio Version 16.10.0 (official release) which includes this new feature.  As part of development, we generally get carried away and introduce new Nuget package references to your project and add new references to your Projects. By the end of development, you will not be 100% sure which are not being referenced and unused which means you will leave those unused project references in your application. Now you might be wondering what's the big deal in it since it doesn't harm. The advantage of removing unused project r
Read more

Swagger UI for Azure Function v2 & v3 APIs

Image
In this blog post, we will see how to setup Swagger UI for Azure Function APIs in v2 and v3. Now you might be wondering why Swagger? Swagger is a language-agnostic specification for describing REST APIs, it also referred to as OpenAPI. Swagger UI offers a web-based UI that provides information about your REST APIs service. Prerequisites HTTP trigger Azure function provisioned or created in C# Azure DI enabled on Azure Function, for more details refer here  with relevant package version installed based on Azure Function version. Integrating Swagger UI into our Applications 1. Install the appropriate package based on the Azure Function version which you are dealing with from the below table. Unfortunately, it's not a single package for both versions due to Azure function v3 because v3 makes use of ASP.NET Core 3.1 which introduces a new serializer System.Text.Json (STJ) out-of-the-box.  Azure Function Version  Nuget package  v2               AzureFunctions.Extensions.Swashbuckle  v3
Read more

Authenticate Azure Functions - API Keys

Image
In this blog post, we will see one of the ways to secure your Azure Functions using API keys. Security plays a key role as part of SDLC (Software Development Life Cycle) doesn't matter whether it's exposed to the client/public or even if it's internal. There are multiple ways to secure your Azure Functions like API Keys, Certificate,  API Mgmt, App Service Authentication, etc. If you are new to the Cloud and Azure Functions but want to make a start with minimal effort and less setup of Infrastructure, then API Keys is the ideal choice. Azure Functions allows you to secure HTTP-triggered functions by API access key in the request. As part of creating new Azure Functions, we can select the Authorization Level enum value. If we set the Authorisation level to  Anonymous,  no security applied which means no authentication applied for the endpoint. Authorization Level - Function By setting the Authorisation level to Function each Azure Functions require a specific API key to Auth
Read more