Microsoft Azure: Azure App Service Deployment and Security

  • If authentication is needed to access the web application, ensure App Service Authentication is set on Azure App Service.
1. Login to Azure Portal using https://portal.azure.com 
2. Go to App Services
3. Click on each App
4. Under Setting section, Click on Authentication / Authorization
5. Ensure that App Service Authentication set to On
az webapp auth show --resource-group --name --query enabled
-- The output should return true
  • If the app needs to connect to other Azure services like Azure SQL Database, ensure that “Register with Azure Active Directory” is enabled on App Service. Managed service identity in App Service makes the app more secure by eliminating secrets from the app such as credentials in the connection string.
1. Login to Azure Portal using https://portal.azure.com 
2. Go to App Services
3. Click on each App
4. Under the Setting section, Click on Identity
5. Ensure that Status set to On
az webapp identity show --resource-group --name --query principalId
-- The output should return unique Pricipal ID
  • Encryption keys, certificate thumbprints and managed identity credentials can be coded into the App Service, this renders them visible as part of the configuration. To maintain security of these keys, it is better to store in them in Azure Keyvault and reference them from the Keyvault.
1. Login to Azure Portal using https://portal.azure.com 
2. Go to Key Vaults
3. Ensure that key vault exists and keys are listed

--

--

--

A food lover, a cyber security enthusiast, a musician and a traveller, so you will see a mix of different contents in my blog. ☺️

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Wakefit Engineering

5 BIG BENEFITS OF CLOUD DEVOPS

Hire Python Development Resource To Get More From Your Business

Jarvis+’s biweekly report! 2020.12.14–2020.12.27

Helm Chart For Creating and Publishing Jenkins on artifacthub.io

Daria’s Flutter diaries #4

C++ Builder 11 Alexandria Released

Bootstrap vs Tailwind CSS

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
goay xuan hui

goay xuan hui

A food lover, a cyber security enthusiast, a musician and a traveller, so you will see a mix of different contents in my blog. ☺️

More from Medium

A Step-by-step Guide To Setting up CLI Clients For Azure Cache For Redis

How to Build Mobile Applications on Microsoft Azure.

Build the Event Driven Application using Async API make it consistent using Cloud Event.

Difference between NAT vs Firewall for Software Developers