If you are working in an Azure environment and you are using Azure Availability Tests you might run into the following Health Advisory event:
On 31 October 2024, in alignment with the Azure wide legacy TLS deprecation, TLS 1.0/1.1 protocol versions and the below listed TLS 1.2/1.3 legacy Cipher suites and > Elliptical curves will be retired for Application Insights availability tests.
For a list of deprecated versions and remaining supported versions have a look over the official documentation here.
Recently a new vulnerability in OpenSSH has been identified and the first question that popped into my mind was: How do I make sure my nodes are not affected by _this vulnerability?
In this blog post, I wanted to go over what the vulnerability is, how it can be exploited, explain how you can check if your Azure Kubernetes Service (AKS) is vulnerable to CVE-2024-6387 and what you can do about it, including different options for upgrading the VMSS image and how to choose between them.
Recently, I had to enable WAF on our Azure Application Gateway. Because of our infrastructure setup, I wanted to have all the rules from OWASP 3.2 enabled, but I needed to be able to exclude some of our (valid) requests from being blocked as well. To achieve this, I could either try to configure the WAF Config section on our Gateway or create a WAF policy.
Given that it was not entirely clear how you can use proper exclusions and filters based on what you need, I decided to write this post to explain the differences I found between the two and how you can use them.
Currently, there is no option for adding a Group as an Owner to a Service Principal or Azure AD Application.
If you try you will most likely run into the following error:
unexpected status 400 with OData error: Request_BadRequest: The reference target â 'Group_0000000-0000-000000-000000' of type 'Group' is invalid for the 'owners' reference. This is a quick post on how you can add members of an Az AD Group as Owners of a Service Principal or Azure AD Application. This is useful if you want to give your team members access to the Service Principal or Azure AD Application without giving them access to the Azure Subscription.
