Skip to main content

NillsF blog

  • Home
  • About

Tag: security

Key Vault CSI driver integrated with AAD-managed pod identities

January 31, 2021February 4, 2021 nillsf Leave a comment

Tomorrow I’m joining the 425 show on Twitch for a discussion on AAD-managed pod identities and how to integrate them with Key Vault. This blog post is both a sneak preview of what we’ll be discussing tomorrow as well as a review of the episode if you want to study things more in-depth after it […]

Read More

Connect Azure Functions securely to Key Vault using VNET integration and Private Link

September 16, 2020September 16, 2020 nillsf Leave a comment

I did some work with a customer last week to integrate Functions with Key Vault without using the public IP of the Key Vault. This setup worked perfectly, although there were a couple of steps involved. To document those steps, I decided to write this post. In this post we’ll build a new Azure Function […]

Read More

Accessing Key Vault Secrets in Kubernetes using the Key Vault CSI driver

May 11, 2020February 4, 2021 nillsf Leave a comment

Note: There’s a new post available combining CSI driver + AAD pod identity. When you store secrets in a Kubernetes cluster, by default those are stored in the etcd database within the master nodes. The same is true for secrets stored in an AKS cluster on Azure. The best practice for storing secrets is to […]

Read More

Don’t use environment variables in Kubernetes to consume secrets

February 24, 2020February 24, 2020 nillsf Leave a comment

Managing secrets is a complicated endeavor. Kubernetes has a native secrets implementation, that allows you to store and access secrets from your deployments. A while ago, I read a short free book on Kubernetes Security, by Liz Rice and Michael Hausenblas (apparently O’Reilly calls it a report, but I actually have a hard copy that […]

Read More

Using Azure Policy to deny public IPs on specific VNETs

November 2, 2019November 2, 2019 nillsf Leave a comment

Azure Policy is a powerful tool in your Azure toolbox. It allows you to enforce specific governance principals you want to see implemented in your environment. Some key examples of what Azure Policy allows you to do is: Automatically tag resources, Enforce specific regions, Enforce VM size … I recently ran into a customer scenario, […]

Read More

About the author

I'm Nills, a cloud architect focused on cloud automation. I share my technical stories on this blog, mainly on Azure, Kubernetes and cloud networking.

Follow @NillsF

Search

Recent Posts

  • Key Vault CSI driver integrated with AAD-managed pod identities
  • Azure Files NFS mounted on Azure Kubernetes Service
  • Trying out the preview of Azure Active Directory pod-managed identities in Azure Kubernetes Service
  • The story of how we got our green card
  • Exploring the new GitHub Actions continuous delivery functionality

Categories

  • Azure (49)
  • business (1)
  • certification (1)
  • CKAD series (9)
  • Data Science (6)
  • DevOps (21)
  • Kubernetes (22)
  • Management (20)
  • Networking (10)
  • Open Source (28)
  • Personal Development (7)
  • Security (5)
  • Software Development (9)
  • Uncategorized (26)
  • Windows (10)
  • Wordpress (2)
sparkling Theme by Colorlib Powered by WordPress