Anduin Xue
Anduin Xue

Anduin's Tech Blog

Azure App Service


Use Azure Key Vault to store connection strings for App Service.

This blog post discusses the use of Azure Key Vault to store connection strings for App Service, providing a secure way to manage sensitive information without compromising access control. Azure Key Vault is a tool designed to safeguard cryptographic keys and other secrets used by cloud apps and services. The article guides you through the process of creating a new Azure Key Vault, adding yourself as an administrator, and storing the production connection string. Once the secret is created, the reference URL is copied and wrapped using the @Microsoft.KeyVault() function. This wrapped URL is then pasted into the app service, replacing the real password. After saving the new value and restarting the app service, an identity is added to allow the app service to access the key vault. By using Azure Key Vault, you can manage your app service without touching confidential values and invite others to help manage it without revealing sensitive information, such as database passwords. This se...--GPT 4

Azure App Service Azure Security Key vault

Publish app from Azure DevOps to non-global Azure like Azure CN

本篇博客讲述了如何使用Azure DevOps将编译完成的应用发布到非Azure Global环境,例如Azure CN。虽然在Azure全球环境中发布应用非常简单,但在某些情况下,客户可能会使用其他Azure环境,如Azure Arc、Azure政府版和Azure CN。文章详细介绍了如何在这些非全球环境中发布应用。 首先,需要创建一个新的应用注册,并允许Azure DevOps以应用的身份发布应用。然后,为新注册的应用添加一个密钥,并将应用添加到订阅级别角色,以便在订阅范围内管理资源。接下来,在Azure DevOps中添加一个新的服务连接,并选择手动配置以设置自定义的Azure环境名称。 在配置服务连接时,需要填写订阅ID、订阅名称、服务主体ID、密钥和租户ID。这些值可以在订阅详细信息标签页和Azure AD详细信息页面中找到。填写完所有必要信息后,单击验证并保存按钮。 最后,可以在管道上工作并将应用发布到此服务连接。本文通过详细的步骤和截图为读者展示了如何实现这一目标。那么,在面对非全球Azure环境时,是否还会感到困惑呢?或者这篇文章是否为您提供了一个全新的解决方案?快来阅读全文,探索更多有关Azure DevOps和非全球Azure环境的知识吧!--GPT 4

Azure App Service Azure Azure DevOps DevOps Azure CN China

Use IIS or Azure App Service as a reverse proxy

In this blog post, we explore the process of setting up a reverse proxy using IIS or Azure App Service. Reverse proxies are beneficial for hiding the origin server's identity and improving performance, security, and load balancing. Before configuring the reverse proxy, it's essential to install IIS and the necessary extensions, such as RequestRouter and Rewrite. Once installed, enable the proxy settings in the IIS management tools and create a new reverse proxy rule by configuring domain bindings and HTTPS certificates. Creating a web.config file under the site root path is crucial for adding rules, such as redirecting HTTP traffic to HTTPS and setting up the real reverse proxy logic. The blog post provides a detailed example of setting up a reverse proxy for Aiursoft.IO and a simpler example for Google.com. To further enhance security, the HSTS feature can be enabled by adding specific code to the web.config file. For deploying the reverse proxy server to Azure App Service, simply ...--GPT 4

IIS web.config Reverse Proxy Web Azure App Service Azure

  • 1