Monday, November 27, 2017

Introducing Managed Service (MSI) Identity for Azure Resources

A common challenge when building cloud applications is how to manage the credentials that need to be in your code for authenticating to cloud services. Keeping these credentials secure is an important task. Ideally, they never appear on developer workstations or get checked into source control. Azure Key Vault provides a way to securely store credentials and other keys and secrets, but your code needs to authenticate to Key Vault to retrieve them. Managed Service Identity (MSI) makes solving this problem simpler by giving Azure services an automatically managed identity in Azure Active Directory (Azure AD). You can use this identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without having any credentials in your code.


A Managed Service Identity (MSI) is a cross-Azure feature that enables you to create a secure identity associated with the deployment under which your application code runs. You can then associate that identity with access-control roles that grant custom permissions for accessing specific Azure resources that your application needs.
With MSI, the Azure platform manages this runtime identity. You do not need to store and protect access keys in your application code or configuration, either for the identity itself, or for the resources you need to access. A Service Bus client app running inside an Azure App Service application or in a virtual machine with enabled MSI support does not need to handle SAS rules and keys, or any other access tokens. The client app only needs the endpoint address of the Service Bus Messaging namespace. When the app connects, Service Bus binds the MSI context to the client in an operation that is shown in an example later in this article.
Once it is associated with a managed service identity, a Service Bus client can perform all authorized operations. Authorization is granted by associating an MSI with Service Bus roles.
How Does it Work?
Virtual Machine MSI example
For More information please refer for the following MSI documentation that is the main source of this post :

https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/overview

Tuesday, June 20, 2017

Microsoft Azure is a leader in the Gartner's Cloud IaaS Magic Quadrant

In June 2017 report, Gartner has recognized Microsoft as a leader in their Cloud Infrastructure as a Service (IaaS) MQ for the fourth consecutive year. It is really exciting that Gartner continues to recognize Microsoft for completeness of the vision and ability to execute in this key area.

Here’s the list of cloud-related Gartner MQs where Microsoft is placed in the leader’s quadrant:
Screenshot_3
According to the Register.co.uk "Oracle and IBM are rated visionaries may turn heads, as both strut like cloud leaders: Oracle regularly says its cloud is superior to Amazon's. Yet Gartner rates Oracle's cloud “a bare-bones 'minimum viable product'” that offers “only the most vitally necessary cloud IaaS compute, storage and networking capabilities.” The analyst firm also worries about the Oracle cloud's “limited operational track record” and warns that “Customers need to have a very high tolerance for risk, along with strong technical acumen.”
نتيجة بحث الصور عن ‪Gartner Cloud Azure‬‏

If you’d like to read the full report, “Gartner: Magic Quadrant for Cloud Infrastructure as a Service,” you can request it here.