SHIFT-WIKI

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


start

SHIFT-WIKI - Sjoerd Hooft's InFormation Technology

This WIKI is my personal documentation blog. Please enjoy it and feel free to reach out through blue sky if you have a question, remark, improvement or observation.


Terraform Module for setting Diagnostic Settings to send logs to a Log Analytics Workspace

Summary: This is a terraform module that I use to configure diagnostic setting on Azure Resources to send diagnostics and logs to a Log Analytics Workspace.
Date: 8 February 2025

Read the post to learn more about diagnostic settings and:

  • How to deploy diagnostic settings using a terraform module

→ Read more...

2025/02/08 16:51

Terraform in Azure DevOps

Summary: On this page I'll show you how to use an azure devops pipeline to deploy azure resources using terraform.
Date: 2 February 2025

The topics covered are:

  • Using a service principal to authenticate to Azure
  • Setting up a remote backend for your tfstate file
  • Using a federated service principal to authenticate to Azure
  • Using the Azure DevOps Pipeline Extension

→ Read more...

2025/02/02 20:01

Terraform AWS WebServer

Summary: This is a terraform deployment for an EC2 instance with a security group and the loading of user data.
Date: Around 2021
Refactor: 26 January 2025: Checked links and formatting.

  • Create a EC2 web server and output the public IP
  • Create a security group for the webserver opening port 80 and 443
  • Run a script (user data) on the webserver

→ Read more...

2025/01/26 16:26

AKS with Workload Identity

Summary: Workloads deployed on an Azure Kubernetes Services (AKS) cluster require Microsoft Entra application credentials or managed identities to access Microsoft Entra protected resources, such as a Azure Key Vault. Microsoft Entra Workload ID integrates with the capabilities native to Kubernetes to federate with external identity providers. On this page I'll show you how to quickly deploy an AKS cluster with workload identity enabled.
Date: 26 January 2025

I'll show you the following steps:

  • Deploy an AKS cluster using the Azure CLI with the OpenID Connect issuer and a Microsoft Entra Workload ID.
  • Create a Microsoft Entra Workload ID and Kubernetes service account.
  • Configure the managed identity for token federation.
  • Deploy a test workload and verify authentication with the workload identity.
  • Grant a pod in the cluster access to secrets in an Azure key vault.

All command shown here are done with powershell in the Azure Cloud Shell.

→ Read more...

2025/01/26 15:53
start.txt · Last modified: 2025/02/13 21:13 by 127.0.0.1