Christian Dennig cdennig
🏠
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # contents of pod.yaml | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: demo | |
| labels: | |
| aadpodidbinding: "cosmos-pod-identity" | |
| spec: | |
| containers: | |
| - name: demo |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var credential = new DefaultAzureCredential(); | |
| var cosmosClient = new CosmosClient(_configuration["Cosmos:Uri"], credential); | |
| var container = cosmosClient.GetContainer(_configuration["Cosmos:Db"], _configuration["Cosmos:Container"]); | |
| var newId = Guid.NewGuid().ToString(); | |
| await container.CreateItemAsync(new {id = newId, partitionKey = newId, name = "Ted Lasso"}, | |
| new PartitionKey(newId), cancellationToken: stoppingToken); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @description('Principal ID of the managed identity') | |
| param principalId string | |
| var roleDefId = guid('sql-role-definition-', principalId, cosmosDbAccount.id) | |
| var roleDefName = 'Custom Read/Write role' | |
| resource roleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions@2021-06-15' = { | |
| name: '${cosmosDbAccount.name}/${roleDefId}' | |
| properties: { | |
| roleName: roleDefName |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var roleAssignId = guid(roleDefId, principalId, cosmosDbAccount.id) | |
| resource roleAssignment 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2021-06-15' = { | |
| name: '${cosmosDbAccount.name}/${roleAssignId}' | |
| properties: { | |
| roleDefinitionId: roleDefinition.id | |
| principalId: principalId | |
| scope: cosmosDbAccount.id | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var location = resourceGroup().location | |
| var dbName = 'rbacsample' | |
| var containerName = 'data' | |
| // Cosmos DB Account | |
| resource cosmosDbAccount 'Microsoft.DocumentDB/databaseAccounts@2021-06-15' = { | |
| name: 'cosmos-${uniqueString(resourceGroup().id)}' | |
| location: location | |
| kind: 'GlobalDocumentDB' | |
| properties: { |
cdennig
/ azure-pipeline-with-keyvault.yaml
Last active
March 20, 2023 15:07
Azure DevOps Terraform with KeyVault + Service Connection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trigger: | |
| - master | |
| pool: | |
| vmImage: 'ubuntu-latest' | |
| variables: | |
| - group: kvintegratedvargroup | |
| steps: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generated by Powerlevel10k configuration wizard on 2020-06-06 at 13:53 CEST. | |
| # Based on romkatv/powerlevel10k/config/p10k-classic.zsh, checksum 47187. | |
| # Wizard options: nerdfont-complete + powerline, small icons, classic, unicode, light, | |
| # 24h time, angled separators, sharp heads, flat tails, 2 lines, dotted, right frame, | |
| # sparse, many icons, fluent, transient_prompt, instant_prompt=verbose. | |
| # Type `p10k configure` to generate another config. | |
| # | |
| # Config for Powerlevel10k with classic powerline prompt style. Type `p10k configure` to generate | |
| # your own config based on it. | |
| # |
cdennig
/ kured-az-logicapp.json
Created
December 23, 2019 13:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "definition": { | |
| "$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#", | |
| "actions": { | |
| "Parse_JSON": { | |
| "inputs": { | |
| "content": "@triggerBody()", | |
| "schema": { | |
| "properties": { | |
| "Channel": { | |
| "type": "string" |
cdennig
/ terra-aks-6.tf
Created
December 14, 2019 12:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Role assignment | |
| # Use ADMIN credentials | |
| provider "kubernetes" { | |
| host = "${azurerm_kubernetes_cluster.aks.kube_admin_config.0.host}" | |
| client_certificate = "${base64decode(azurerm_kubernetes_cluster.aks.kube_admin_config.0.client_certificate)}" | |
| client_key = "${base64decode(azurerm_kubernetes_cluster.aks.kube_admin_config.0.client_key)}" | |
| cluster_ca_certificate = "${base64decode(azurerm_kubernetes_cluster.aks.kube_admin_config.0.cluster_ca_certificate)}" | |
| } |
cdennig
/ terra-aks-5.tf
Created
December 14, 2019 11:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # K8s cluster | |
| resource "azurerm_kubernetes_cluster" "aks" { | |
| name = "${var.clustername}" | |
| location = "${var.location}" | |
| resource_group_name = "${var.rg-name}" | |
| dns_prefix = "${var.clustername}" | |
| default_node_pool { | |
| name = "default" |
NewerOlder