This document provides information about Stephane Lapointe, including his contact details. Stephane has over 20 years of experience with Microsoft technologies. He works as a Cloud Solution Specialist at GSOFT, where he is passionate about Microsoft Azure, DevOps practices, and automation using PowerShell. He is also a co-organizer for the Azure group at the Montreal MSDEVMTL community. Additionally, Stephane holds the Microsoft Azure MVP and Advisor titles. His contact information is provided at the end of the document.
2. Stephane Lapointe
Over 20 years of experience with Microsoft technologies.
He is working at GSOFT where he’s a Cloud Solution
Specialist.
He is very passionate about everything that touches
Microsoft Azure, the DevOps practice and automation of
all sort of things using PowerShell. He is very dedicated
to the Montreal MSDEVMTL community where he is a
co-organizer for the Azure group. He is also an Microsoft
Azure MVP & Advisor.
Email : stephane@lapointe.cloud
Twitter : @s_lapointe
Facebook :
stephane.lapointe.azure
LinkedIn :
ca.linkedin.com/in/stephanelapointe
7. Azure Resource
Manager
enable application management within
Azure
resource groups are containers that
can contain multiple IaaS + PaaS
resources
support lifecycle management with
integrated Role Based Access Control
(RBAC)
templatize application deployment and
configuration
supports DevOps
RESOURCE GROUP
8. Resource
Group
container for multiple resources
resources exist in one* resource group
resource groups can span regions
resource groups can span services
support both imperative and
declarative deployment models
RESOURCE GROUP
9. Deployment
tracks template execution
hold one or many deployment
operations
created within a resource group
allows nested deployments
RESOURCE GROUP
20. Debugging
no breakpoints available
bit more complex when more than one
template (ie: template linking)
Enable debug logging*
can use deployment operations
use HTTP debugging proxy server
(ie: Fiddler)
use Azure Resource Explorer
23. Protecting
sensitive data
do NOT put sensitive data in template
use SecureString & SecureObject types
runtime retrieval w/ template functions
(ie: listKey, list*)
reference Azure Key Vault secrets
turn off debug logging* after use
use existing secure mechanism
(ie: protectedSettings in DSC extension)
25. Protecting sensitive data using list*
template functions
, listKeys(variables('storageAccountid'),'2016-12-01').keys[0].value )]
26. Protecting sensitive data using key vault’s
references in parameter files
"reference": {
"keyVault": {
"id": "/subscriptions/00000000-0000-0000-0000-000000000000
/resourceGroups/myresourcegroup
/providers/Microsoft.KeyVault/vaults/myvaultname"
},
"secretName": "VmAdministratorPassword"
}
27. Protecting sensitive data using key vault’s
secrets value in scripts
adminPassword = (Get-AzureKeyVaultSecret -VaultName $kv.VaultName -Name
'VmAdministratorPassword').SecretValue