Nov14201914 November 201914 November 20190Commentby Gregor Suttie

Azure DevOps Generator – New Content

Posted in Azure, AzureDevOps

Recently Microsoft open sourced the Azure Devops Generator and recently its had some new content added which I wanted to highlight. You can use this tool to learn all sorts of Azure Devops tips and tricks from building code, seeing how it hangs together, deploying and even checking your code for vulnerabilities with arm templates and GitHub resources etc.

 

I can’t stress how useful this resource has been for me to spinning up test Azure Devops Projects for blog posts, testing security add-ons, etc. (more blogs to follow very soon). Please play with this and learn, the demo generator has a lot more in it than the lat time I checked and was pleasantly surprised, its an awesome tool.

The following is a quick tour of what is there at present: –

General Tab
The general tab is for creating projects in Azure DevOps from existing project templates, this will give you full source code, build and release pipelines, wikis, example kanban boards with issues etc and more
Note: There are different types of project if you scroll down the list.

Devops Labs Tab

On this tab we have more sample projects, but this time they cover the concepts of things like using Terraform, Ansible, Docker, Azure Key Vault and more, if you want to learn more about these then here is a great way to give them a spin.

Microsoft Learn Tab
Using Microsoft Learn we can learn how to do things like: –

  • Create a build pipeline with Azure Pipelines
  • Scan code for vulnerabilities in Azure Pipelines
  • Manage database changes in Azure Pipelines
  • Run non-functional tests in Azure Pipelines

Microsoft Cloud Adoption Framework Tab

The Cloud Adoption Plan template creates a backlog for managing cloud adoption efforts based on the guidance in the Microsoft Cloud Adoption Framework.

Private Tab

Azure DevOps Demo Generator enables users to create their own templates using existing projects and provision new projects using extracted template. The capacity to have custom templates can be helpful in many situations, such as constructing custom training content, providing only certain artifacts, etc.

You can even create a template from an existing project you have within Azure DevOps by selecting ‘Create New Template’ – this is super nice, I’ll leave you to explore this further.

Enjoy!


Nov13201913 November 201927 December 20191Commentby Gregor Suttie

Azure Advent Calendar Participant Information

Posted in Azure

The Azure Advent Calendar kicks off on December 1st through to December 25th this year.

For people taking part (entry is now closed – apologies) we have setup a YouTube Channel to host your entries on your behalf, we will send you back the YouTube link once we have uploaded and scheduled the video.

For participants, please send us the video via a file share such as OneDrive etc. If you do not have one message @pixel_robots and he will send you a link where you can send us your video.

On the day of your entry please publish your blog post live to the world and just add a link back to the website which is https://azureadventcalendar.com/

On each individual day we will tweet out the content for each of the 3 entries and use the hashtag #azureadventcalendar

If your needing to add any artwork then please use the following image: –

Any questions please reach out to @Gregor_Suttie or @Pixel_Robots via twitter.


Oct17201917 October 201917 October 20191Commentby Gregor Suttie

Top 20 Azure Influencer’s

Posted in Azure

I was thrilled to learn that I’ve been included on Nigel Frank International’s list of the 20 best Microsoft Azure influencer’s on Twitter.

The line-up was revealed earlier this week, and highlighted a broad cross-section of people from around the world who’ve made a name in the Azure sphere in one way or another.

Included are a host of Microsoft MVPs and personnel, from the firm’s CTO Mark Russinovich and Regional Director Carsten Rachfahl to prolific bloggers, speakers and independent voices in the Azure community, such as Jennelle Crothers and Joanne Klein.

I’m delighted to be included alongside such esteemed professionals, and huge congratulations to everyone who made the list.

 

 

 

 

 

 

To read the full article, follow this link: https://www.nigelfrank.com/blog/top-20-microsoft-azure-influencers-on-twitter/

 

 


Sep30201930 September 201914 October 20192Commentsby Gregor Suttie

Azure Security Exam – AZ-500 Study plan

Posted in Azure

This is my study plan for October for the Azure AZ-500 exam

I’ll be using the EDX course pretty much on its own, did this for the AZ-400 Azure Devops exam and we will see how that goes.

Week 1 – Manage identity and access (20-25%) – Studied for it first week in October.
Week 2 – Implement platform protection (35-40%) – Studied for it second week in October.
Week 3 – Manage security operations (15-20%)
Week 4 – Secure data and applications (30-35%)

Sit the exam

Week 1 – At the end of week 1 I have went through the entire section on https://openedx.microsoft.com/courses/course-v1:Microsoft+AZ-500.0+2019_T2/course/ for the Manage and Identity Access section.


Sep30201930 September 201930 September 20190Commentby Gregor Suttie

Azure Security articles in September

Posted in API Management, Azure

I decided to make September a month of Azure Security learning for myself, the following is a list of existing articles and also new security articles which I have written: –

  • Azure Policies – Learn what they are and why they are super useful and super easy to setup.
  • Azure Managed Service Identity – Managed Service Identity allows you to securely access your Azure resources and avoid storing credentials in your code.
  • Azure Role-Based Access Control – Role-based access control (RBAC) is a system that provides fine-grained access management of Azure resources.
  • Azure KeyVault – The Azure KeyVault Service is where you store certificate keys, passwords and more instead of having them stored within your application.
  • Azure Devops Open Source Scan your code – Scan your code for open source vulnerabilities and learn whats out of date within your project and also what vulnerabilities those versions may contain.
  • Azure Devops – Secure DevOps Kit for Azure (AzSK) – The “Secure DevOps Kit for Azure” is a collection of scripts, tools, extensions, automation’s, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams using extensive automation and smoothly integrating security into native dev ops workflows helping accomplish secure dev ops.
  • Intro to Azure Security –  “Introduction to Azure Security”, is written to provide a comprehensive look at the security available with Microsoft Azure.
  • Azure security documentation – everything you wanted to know about security within Azure.
  • Azure Api Management using Okta to secure using OAuth 2.0 – use Okta to secure your Api’s within Azure API Management

Enjoy!


Sep25201925 September 201925 September 20193Commentsby Gregor Suttie

Azure Api Management using Okta to secure using OAuth 2.0

Posted in API Management, Azure

This blog post will cover how to move an existing or new api into Azure API Management and then secure it using Okta.

 

Okta – “The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more”.

I had access to a development tenant within Okta which looks something like this:-

 

 

 

 

 

 

I created a new application and called it ‘Azure API Management’ and chose Web as the platform and OpenID Connect as the sign on Method like so: –

So now we have filled this out we can go back and edit it and see the screen which shows us important details including Client ID, Secret and Login redirect URI’s, all of which are important details in order to get this working.

Azure API Management

Within Azure, create a new instance of Azure API Management and once this has been created go down on the left hand menu and under Security select OAuth 2.0 and then select Add, I gave it the name Okta.

The client registration url is important here, you can find yours within your new Application within Okta, under the SignOn tab, look for the section that says OpenID Connect ID Token.

The other details which are very important are as follows (in red)

and further down that screen where you see the ClientID and Client Secret: –

That’s it for Azure, so let’s switch back to Okta.

Now we need to check the Sign On tab and take a note of some important settings

 

 

 

 

At this stage we haven’t added any API’s to Azure API management, so let’s do that by following this excellent example: – https://docs.microsoft.com/en-us/azure/api-management/import-and-publish

Once you have imported an api you can test it a number of ways including using tools like postman, but you can also use the API Management developer portal which you can launch from your Azure API Management Instance back in Azure seen in the link below: –

Now that we have the Developer Portal open, select API’s from the header and then click on the API you imported in a previous step.

Click the Try it Button

So to check things are talking to Okta to try to get a token, we need to change the drop down under the Authorization section and change it from No auth to Authorization code. This will attempt to go off to Okta and you should see a Login prompt to Okta.

 

 

Once you enter details and click Sign in if all is setup correctly you’ll know see something like this:-

Now we have a bit saying when the access token will expire and also at the bottom it shows lots of **** for where the access token is added but hidden.

Other things of note

I had to create/edit an assigment (user) within Okta because I was setup with a username – so under assignments within your Application make sure users have a username setup.

Note
The important part here is that you can access api’s in API management and by default they’ll always just work, the trick is to make them request an Okta token. In bound policies are the magic th

Lastly we need to add whats called an in-bound policy to check the token is valid – otherwise the calls will always succeed with or without using Okta.

To add an in-bound policy go to your Azure API instance within Azure, then the developer portal and select your api and then select All operations (or the api call you wish to secure) and then select Inbound processing like so:-

Here we have several options for the inbound policy and in this example I chose validate JWT and filled it out as below: –

You can read more here on API management policies.

And that is how you go about integrating Okta with Azure API Management.

Feel free to get in touch if you have any questions.


Sep16201916 September 201925 September 20192Commentsby Gregor Suttie

Introducing the 2019 Azure Advent Calendar

Posted in Azure

In December, myself and Richard Hooper (aka @pixel_robots) will be hosting the 2019 Azure Advent Calendar.

The idea is that every day in December a member of the Azure community will have the chance to showcase their Azure knowledge by recording a video of 20-30 minutes in length and having it listed on the website, on the day that they have reserved a slot.

Here are the Azure Advent Calendar rules:

Share your post on Twitter with hashtags #azurefamily and #azureadventcalendar

Please spread the word and if it fills up we can open up more slots.

Thank you from Richard and Gregor.


Sep0220192 September 201925 September 20193Commentsby Gregor Suttie

Azure Exam Study Guide

Posted in Azure

The following, is how I go about preparing for an Azure exam which I want to study for. Hopefully this will give you an idea into how I prepare for any Azure exam.

Lets use the AZ-500 Azure Security exam as an example since this is what I will be studying for going forward.

Step 1
Locate the actual Microsoft exam page which contains all the info on the actual exam: –

https://www.microsoft.com/en-us/learning/exam-az-500.aspx

I start by reading through this carefully, checking this page regularly whilst studying for it so that nothing has changed, as this can happen so remember to check back often.

Step 2
I then make a OneNote page of all the Skills being Measured like so:-

  • Manage identity and access (20-25%)
  • Implement platform protection (35-40%)
  • Manage security operations (15-20%)
  • Secure data and applications (30-35%)

This exam looks to be well spread out across all 4 areas. SO now I will take each skill being measured and then copy this into my OneNote page.

Step 3
Now I will go and find links on docs.microsoft.com for each of the skills being measured.

Tip:- Some people may already have done this so google for AZ-500 exam study guides and use them if you prefer doing that. my twitter friends https://twitter.com/Pixel_Robots and https://twitter.com/tamstar1234 both have excellent study guides on a number of exams.

Step 4
I search for online training on Edx, Udemy, Pluralsight etc and read the reviews, of late I have solely used Edx, as those courses are specifically written with the exam skills being measured in mind (straight to the good stuff). If I want a more rounded course I’ll also check out Udemy and Pluralsight etc.

Step 5
I take notes as I go and pop the main themes and big picture content into my OneNote page for brushing up just before my exam.

Step 6
I have a calendar above my monitor at home and I plan out the end goal for each section with a rough idea of when I hope to have the section completed by.

Step 7
Finish off the course and then I look for practice exams, I’ve used Whizlabs for the AZ-400 which was great, I’ve used Udemy for the Az-100, 200 and 300 exams. Anything I get wrong or just don’t understand I’ll review and try to find other resources, maybe Microsoft Learn or other resources.

Step 8
Once I am getting 80% or above in the practice tests I book the exam soon after it and take it.

I have done this on the last 4 or 5 exams I’ve sat and it works for me, it might work for you it might not.

Notes
I spend 2 hours a night studying for the exam 5 or 6 nights a week, it took a lot of dedication and hard work, not everyone has that time, I made time, I stopped doing some stuff as I wanted to learn, I get it, its not for all.
I am happy to help, give advice to anyone looking for it with the exams, good luck with sitting your exam and hopefully someone find this useful.

 

 

 


Sep0220192 September 201925 September 20194Commentsby Gregor Suttie

Learning Azure, becoming an MVP, failure and more

Posted in Azure, MVP

18 months ago I decided to learn Azure, it was about time I learned some cloud skills (Azure for me). The following is a quick run through of my journey to where I am now, I’m really just getting started but in reflection happy with where I am heading, always to remember to invest in yourself.

I work full-time at Sword IT in Glasgow, Scotland and have had some hands on time with Azure through work, couple of projects have helped me learn. I’ve managed to help our company get more in the way of Gold certifications this year which has been pretty cool, that means we get more benefits as a company, something I am proud of.

When trying to start learning Azure, its easy to get lost in the enormity of the platform, being a dev, I decided to take a look around and formulate a plan for learning Azure. It soon became clear that the best for way me to learn something new is to work towards a goal, so my first goal was to sit and hopefully pass an Azure exam. Goals are important for me as it means I have a plan and can work towards achieving something.

Recently I have had a number of people reach out to me asking how I went about it, what tips can I give them and how did I go about learning Azure and passing exams etc.

Which exam would I start with, and which exam should you start with? –  well that depends on your experience and background, its not the same for everyone but here are my thoughts and how I went about it.

I have a blog title Azure Exam Study Guide which describes my method for studying for Azure exams.

I looked for resources to start learning Azure and read a fair bit to get me started, not too long after that I saw a blog post announcing the AZ-100 beta exam, which was only going to cost me £27 ,the problem was if I recall correctly, I had 2 weeks before the beta closed to sit the exam, it may have been a month but it wasn’t long. I created a OneNote page with all of the links and notes I took whilst I went about my study, for this exam I set a learning goal of 2 hours per night studying. I found some very handy Udemy courses from Scott Duffy and went through the entire course end to end and booked the exam. I sat my very first Azure exam (actually my first Microsoft exam since the days of the MCSD exams) so it had been a while.

I failed the exam with a score of 671 out of 1000 (passing score was 700), for me this just whet my appetite and if you know me learning is my thing. Six days later I sat the AZ-101 beta exam and again failed with 655 out of 100 (passing score was 700). Taken 2 exams and failed them both, bummer you might say, nope, I had learned a serious amount from where I had came from and was loving learning all about Azure. Read more about

At this point the burning desire to learn was there, nothing was gonna stop me from passing my first Azure exam, I kept studying even though I knew these 2 exams weren’t really my cup of tea, I didn’t have much hands on experience of the content and I struggled with Azure Networking at the time.

Fast forward 2 months and the Azure Architect Beta exams (AZ-300 and AZ-301) were announced and I thought lets give them a go, I had been studying relentlessly for 2 hours a night every single night, when I say I didn’t even watch television I really didn’t watch any at all, I wanted to pass the Architect exams. I sat both, failed the AZ-300 and passed the AZ-301, I actually thought that I would pass AZ-300 and fail AZ-301, but who cares I had passed an Azure Architect exam (which does cover a lot) my studying was paying off, I had spent a lot of time doing hands on labs, finding the best resources, it was sinking in now, where previously in the other 2 exams I was still unsure to an extent.

Let me say one thing, the feeling of passing your exam is worth all of the hard work, I was super delighted and just wanted to keep going.

Crazy as this sounds I sat the 2 Developer beta exams 3 and 4 days later, I have a dev background, I had been using Azure on a project at work building a distributed system with these tools, I sat both exams and passed them both, I was now a certified Azure Developer, badge and all.

Not long after that I sat the Azure Devops exam AZ-400, Devops was something I had done in a lot of previous jobs and I had a lot of experience with numerous tools. I sat the Azure Devops beta exam and failed with 685 out of 1000 (passing score was 700), man that hurt! – I didn’t put the effort in, I spent time studying but after sitting the exam realised what I had been studying wasn’t the right material, I got lazy basically, didn’t do my homework correctly by carefully looking at the Microsoft exam page and going over each link carefully on places like docs.microsoft.com, lesson learned. I passed the exam after taking some time off from studying, I was officially burned out from 2 hours a night for 3-4 months.

In the end I had sat 9 exams in just under 4 months, crazy yeah, not a great idea in retrospective but when you fail an exam the burning desire to pass and learn more, took over for me.

MVP
All whilst this was happening I had been nominated for the MVP award (I wrote about that here) and I’ll move onto cover what I was doing for that, I’ve covered all of this before in previous blog posts, which I will leave you to find but here’s a list of a few of the main things I was also up to whilst studying.

My advice for people looking to become an MVP is think of ways you can help the community, not just blogging, go further, do more, you’ll learn a lot, you’ll grow as a person by being uncomfortable, push yourself and you’ll be rewarded in many way’s.

I’ve been lucky enough to been asked on podcasts, asked to do training videos, write books, I’ve met Scott Guthrie and a lot more just from being active in the community. Follow more people on twitter, honestly grow your network.

Next up, I don’t share my goals, I have a few still to attain this year and next year is when I’ll start looking at doing more talks.

I have a lot of people to thank for where I have gotten to but I have thanked them all personally or online as I haven’t met them yet, going to Ignite and the MVP Summit I hope to meet many more and also thank them personally.

Hard work pays off.

  • You can find all of posts on Azure here
  • You can find all about the Azure exams here

Please feel free to reach out to me on LinkedIn or Twitter, happy to mentor anyone if I can with anything I can.


Aug15201915 August 201925 September 20199Commentsby Gregor Suttie

Microsoft MVP Award – How do you become an MVP?

Posted in MVP

Hi folks, on the 1st of August I was lucky enough to achieve the MVP award from Microsoft Azure. A number of people have contacted me asking for some guidance and this post will cover that.

Let me start with a bit of background, I started the MVP nomination process back last November, at that time you could self nominate and due to the sheer number of people self nominating this had to be changed to give the team who run the program a chance to review each nomination.

Now that the process has changed, you need to be either nominated by an fellow MVP or by a current Microsoft employee.

Once you have been nominated you’re asked to fill out a form which is used to collate what community activities you have been involved in for the previous 12 months. If you don’t have 12 months previous contributions then personally I would wait until you have a solid 12 months.

Ok, so you’ve filled out your form and you have the contributions added, now you have to be very patient, it wont happen overnight, but your form will be reviewed within 90 days of submission, so you will hear something from the designated person who covers your part of the world.

If your looking for ideas of contributions then I will list a few of mine below and I’ll also say this, your already a community star if your helping people.

Here are a list of some of the things you can do to help the community: –

  • Start a blog, writing about topics people will find helpful
  • Start a User Group or ask to get involved running an existing one
  • Give a talk(s) at local User Groups
  • Help organise events that help the community
  • Share code on GitHub or elsewhere that showcase’s examples or helps people in some way
  • Network on social media with people who you may be able to help, join forums like Microsoft Tech Community where you can ask and answer questions
  • Create a YouTube channel or join Techsnips.io and record videos demoing your knowledge to help others

You need to be active in the community, you shouldn’t be trying to become an MVP, you should want to be contributing to the community first and foremost.

If, like me, one of your goals is to try to help people in the community then you might be lucky enough to be nominated for the award.

I have been an MVP now for 2 weeks and all I can say is that there a lot of benefits to being an MVP, the number one for me is access to a lot more information which means I will hopefully be able to help even more people going forward.

To end this blog post I would say do as much as you can, help as many people as you can and you’ll be on track, talk to existing MVP’s, find your local Community Progam Manager and I wish you all the very best.

Get in touch in the comments below or get me on twitter if you have any specific questions.