In this post, an Azure Function is deployed in a Azure Virtual Network and the access to the Azure Function is restricted so that it cannot be reach from the Internet. Only Applications deployed in the same VNET can access the Azure Functions. Code: https://github.com/damienbod/AzureFunctionsSecurity Blogs in the series Securing Azure Functions using API Keys […]

This article shows how to secure Azure Functions using X509 certificates. The client is required to send a specific certificate to access the Azure Function. Code: https://github.com/damienbod/AzureFunctionsSecurity Blogs in the series Securing Azure Functions using API Keys Securing Azure Functions using Certificate authentication Securing Azure Functions using an Azure Virtual Network Securing Azure Key Vault […]

This post shows how digital signatures can be implemented to check the integrity of cipher texts in ASP.NET Core Razor Pages. The cipher texts are encrypted with AES symmetric encryption and the key and the IV required to decrypt the texts are encrypted with asymmetric encryption using RSA certificates with a key size of 3072. […]

The article shows how encrypted texts can be created for specific users in an ASP.NET Core Razor page application. Symmetric encryption is used to encrypt the text or the payload. Asymmetric encryption is used to encrypt the AES key and the IV of the symmetric encryptions. Each ASP.NET Core Identity has an associated X509Certificate2 with […]

This post looks at symmetric and asymmetric encryption and how this could be implemented in .NET Core. Symmetric encryption is fast and can encrypt or decrypt large amounts of text, streams or files but requires a shared key. Asymmetric encryption can be used without shared a key, but can only encrypt or decrypt small texts […]

This article shows how to secure Azure Functions using API Keys. This is useful, if you have no control over the API client implementation, the client code base cannot be easily changed or the client is not Azure hosted. This should only be used with trusted clients and is for machine to machine usage. Code: […]

Azure Durable Functions provides a rich set of Error Handling APIs. This post shows how Activities or Sub-Orchestrations can be re-run with the different retry options. Activities in a workflow can call an API or run a code flow which might fail due to connection problems, network timeouts or other similar problems. If it was […]

The post shows some of the possibilities to monitor Azure Durable Functions and how diagnostic APIs could be implemented. Code: https://github.com/damienbod/AzureDurableFunctions Posts in this series Using External Inputs in Azure Durable functions Azure Functions Configuration and Secrets Management Using Key Vault and Managed Identities with Azure Functions Waiting for Azure Durable Functions to complete Azure […]

The article show how an Azure Durable Function can be used to process a HTTP API request which waits for the completion result. This can be required when you have no control over the client application calling the API and the process requires asynchronous operations like further API calls and so on. The Azure Durable […]

This article shows how Azure Key Vault could be used together with Azure Functions. The Azure Functions can use the system assigned identity to access the Key Vault. This needs to be configured in the Key Vault access policies using the service principal. By using the Microsoft.Azure.KeyVault and the Microsoft.Extensions.Configuration.AzureKeyVault nuget packages, defining direct references […]