chgeuer

• https://www.bildungsserver.de/Bildungsplaene-fuer-Kitas-2027-de.html#Nordrhein_Westfalen
• https://www.kita.nrw.de/system/files/media/document/file/Bildungsgrundsaetze_Stand_2018.pdf

chgeuer

• bios
• https://answers.microsoft.com/en-us/windows/forum/all/feature-update-to-windows-10-version-22h2-failed/c089dcbd-6c1a-43ed-b3d9-601c29fc7d63

chgeuer

Access KeyVault on customer side with a service principal

#!/bin/bash

# ISV side
app_id_in_isv_tenant="9eb849dd-f1fd-47fc-a3b0-de6a11148049"
client_secret="..."

chgeuer

namespace Downloader
{
    using System;
    using System.IO;
    using System.IO.Compression;
    using System.Net.Http.Json;
    using System.Text;
    using System.Text.Json.Nodes;
    using Azure.Core;
    using Azure.Identity; // <PackageReference Include="Azure.Identity" Version="1.9.0" />

chgeuer

Azure access without secrets from GitHub and GitLab using federated identity credentials

tl;dr

• Federated credentials / workload identity federation allows your CI/CD pipelines in GitHub and GitLab to access your Azure subscription without any secrets stored in the pipeline config.
• GitHub's azure/login@1 task handles this transparently, but I also explain how it works under the hood. GitLab supplies the necessary token directly to your pipeline run.
• Both GitHub and GitLab are easy to setup and federate securely with your Azure subscription.
• BitBucket can't be setup that way, because tokens issued by BitBucket don't have a predicable subject identifier.

chgeuer

Gitlab using managed identity to access Azure

In #GitLab, you don't need to request a GitLab-issued token from some token endpoint. Instead, you just specify in your id_tokens section that you want a token for a certain audience, and GitLab hosts the #JWT token in the environment variable you specify.

In this example, GitLab issues a token for the audience api://AzureADTokenExchange and makes it available in the environment variable ID_TOKEN_FOR_AZURE.

Demo how to access an Azure resource, in this example read a secret from KeyVault (az keyvault secret show).

chgeuer

Azure Resource Manager (ARM) and ARM Templates

Summary for teacher

• Walked through slides 26 and 27 of the presentation AZ-900T00A-ENU-PowerPoint-03.pptx.

Session notes

chgeuer

Token authentication with Azure Verizon Premium walkthrough

Check the most recent version here: https://cookbook.geuer-pollmann.de/azure/azure-premium-verizon-cdn

chgeuer

chgeuer

• Links for .NET memory management
  • Advanced .NET debugging - Tess Ferrandez-Norlander - NDC London 2022
  • Enable diagnostics logging for apps in Azure App Service
  • Application performance FAQs for Web Apps in Azure
  • Collect memory dump for App Service (Windows only)
  • How to debug a managed memory dump with .NET Diagnostic Analyzers
  • Dump files in the Visual Studio debugger