Microsoft Azure: Azure App Service Deployment and Security

  • If authentication is needed to access the web application, ensure App Service Authentication is set on Azure App Service.
1. Login to Azure Portal using https://portal.azure.com 
2. Go to App Services
3. Click on each App
4. Under Setting section, Click on Authentication / Authorization
5. Ensure that App Service Authentication set to On
az webapp auth show --resource-group --name --query enabled
-- The output should return true
  • If the app needs to connect to other Azure services like Azure SQL Database, ensure that “Register with Azure Active Directory” is enabled on App Service. Managed service identity in App Service makes the app more secure by eliminating secrets from the app such as credentials in the connection string.
1. Login to Azure Portal using https://portal.azure.com 
2. Go to App Services
3. Click on each App
4. Under the Setting section, Click on Identity
5. Ensure that Status set to On
az webapp identity show --resource-group --name --query principalId
-- The output should return unique Pricipal ID
  • Encryption keys, certificate thumbprints and managed identity credentials can be coded into the App Service, this renders them visible as part of the configuration. To maintain security of these keys, it is better to store in them in Azure Keyvault and reference them from the Keyvault.
1. Login to Azure Portal using https://portal.azure.com 
2. Go to Key Vaults
3. Ensure that key vault exists and keys are listed

--

--

--

A food lover, a cyber security enthusiast, a musician and a traveller, so you will see a mix of different contents in my blog. ☺️

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

READ/DOWNLOAD$( Semantic Mashups: Intelligent Reuse of Web Resources FULL BOOK PDF & FULL AUDIOBOOK

Streak | Algo trade without coding

{UPDATE} Mystery Tales The Book Of Evil - Point & Click Mystery Escape Puzzle Adventure Game Hack…

LakeFS, Boundary-layer, SQLPad; ThDPTh #6

Introduction of The IRaceMeta Project

How Much Does It Cost To Build a Website With Drupal

Navigating in Jetpack Compose

Why software QA testing is important? 6 benefits to know

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
goay xuan hui

goay xuan hui

A food lover, a cyber security enthusiast, a musician and a traveller, so you will see a mix of different contents in my blog. ☺️

More from Medium

Detecting Azure API Permissions Abuse

Azure Data Explorer for Real time alerts in Healthcare

Azure IoT in General

Let’s Deploy Azure Analysis Service AAS through Azure DevOps Pipeline