Get Cognitive Services Keys and Endpoint in an ARM Template

For a demo Azure Logic App I need to setup an Azure Cognitive Services account for the Computer Vision API.
I set up the resources in Azure using an ARM template so that everything is created in a reproducible way.
My logic app needs a connection to the Cognitive Services, which consists in an API Key and an endpoint.

I was not able to find a template in the Azure Quickstart Templates repo to get this information, so I find it out myself. Continue reading “Get Cognitive Services Keys and Endpoint in an ARM Template”

Mount your Azure Cloud Shell to another Storage Account

I am a heavy user of the Azure Cloud Shell, I use it every day working with the CLI 2.0 to deal with my Azure Resources.

If, like me, the first time you started the Cloud Shell and followed the wizard and clicked on the button “Create Storage”, you ended up with a new Resource Group containing a Storage Account with a random name.

I don’t like random names with my resources, so I will show you how to control this and mount the Azure Cloud Shell with a Storage Account of your choice.

Continue reading “Mount your Azure Cloud Shell to another Storage Account”

Create output variables with Azure CLI 2.0

I’m using more and more the Azure CLI 2.0, which makes my scripting life with Azure Resources a lot easier.

The default output of the Azure CLI is json, but you can also use other kind of output formats, as described in this blog.

I want to have some variables that I can reuse in other commands, so let’s say I want to get the name of all the Resource Groups which have a tag called Kind with a value VM, I can use the following JMESPath query:

The output will be:

Continue reading “Create output variables with Azure CLI 2.0”

Solve Docker for Windows error: A firewall is blocking file Sharing between Windows and the containers

For the quick answer jump to the conclusion.

Yesterday I was trying to mount a data volume in a Docker container and using Docker Community Edition for Windows (aka Docker CE for Windows) you first need to share your drives in the Docker settings:

Unfortunately after clicking on “Apply” I got the following error:

A firewall is blocking file Sharing between Windows and the containers.

Continue reading “Solve Docker for Windows error: A firewall is blocking file Sharing between Windows and the containers”

Azure Hidden Gems: Resource Policies

Today I want to show a really useful Azure feature to help you with the governance of your Azure Subscriptions: Azure Resource Policies:

Resource policies enable you to establish conventions for resources in your organization. By defining conventions, you can control costs and more easily manage your resources. For example, you can specify that only certain types of virtual machines are allowed, or you can require that all resources have a particular tag. Policies are inherited by all child resources. So, if a policy is applied to a resource group, it is applicable to all the resources in that resource group.

How Resource Policies works

First of all, you need a policy definition. Here a description of the structure.

Let’s create one!

You can create policies definitions directly with the Azure Rest API or using PowerShell, the Azure CLI 1.0 or 2.0.

I prefer using PowerShell:

First login in Azure with: Login-AzureRmAccount and if you have more subscriptions, select the right one with Select-AzureRmSubscription.

Continue reading “Azure Hidden Gems: Resource Policies”

A better way (and script) to add a Service Principal in Azure for VSTS

From Visual Studio Team Services (VSTS) it’s possible to deploy to an Azure Subscription using an Active Directory Service Principal.

The Microsoft documentation refers to a blog post which describes a 3-clicks and a manual way to setup this principal.

For both the suggested ways (3-clicks or manual), there are some concerns from my side about the principal setup, which I think they could be improved:

  • The principal which is created during the process gets the “Contributor” role granted on the whole Azure subscription, and using the manual powershell script, the default role is even “Owner” (this can be modified).
  • The name of the Active Directory Application/Principal is some random guid which is difficult to be identified, see this picture:

Continue reading “A better way (and script) to add a Service Principal in Azure for VSTS”

Demystifying .NET Core SDK versions

Last night I was developing some code in .NET Core for the Dutch Azure Meetup and I was (again) encountering versioning problems and unexpected behavior.

I found this blog post which describes in some way the same problem I had.

Update 13-01-2017: I found this blog which also describes very well the issue.

What the blog post says is that if you use:

and you want use a specific version of .NET Core SDK you should add a global.json file (before executing the “dotnet new” command) like this:

The SDK’s in Windows are installed in the Program Files folder (or Program Files (x86) if you have a 32bit Windows) so let’s take a look there:

The following SDK’s are installed om my machine:

  • 1.0.0-preview2-003131
  • 1.0.0-preview2-003133
  • 1.0.0-preview2-003156
  • 1.0.0-preview4-004233
  • 1.0.0-preview2-1-003177

But how I know which SDK belongs to which .NET Core version? Continue reading “Demystifying .NET Core SDK versions”

Solve 401 (Unauthorized) error when restoring packages using VSTS Package Management and .NET Core

For the quick answer jump directly to the conclusion

Yesterday I was setting up the build for an ASP .NET Core (Web API) application I wrote, this application was using a package from the VSTS Package Management repository.

To setup this build I was using the new dotnet Core tooling (in preview) which is available when creating a new Build Definition:

Continue reading “Solve 401 (Unauthorized) error when restoring packages using VSTS Package Management and .NET Core”

Setting up VSTS with ARM Templates

In this post I want to show you what I think it’s the best way to setup VSTS working with Azure Resource Manager Templates.


At the customer I am currently working for, we are setting up a new Azure Big Data ingestion environment and we wanted to do it using the Infrastructure as Code approach. With Azure this obviously goes with ARM Templates.

For source control, build and deployment we use Visual Studio Team Services (VSTS).

About VSTS, Build and Release Management

I have seen different setups with VSTS, some of them where the deployment take place from the build, or directly in Release Management without a build.

My approach is to have a clear separation of concerns between the Build and the Release Management.
The Build is for compiling, (Unit) Testing and creating artifacts for the deployment.
The Release Management’s responsibility is for deploying the artifacts created during the Build process. Continue reading “Setting up VSTS with ARM Templates”

VSTS Task delete Resource Group if empty

When testing deployments of Azure RM resources (ie. using the Test-AzureRmResourceGroupDeployment powershell cmdlet) an empty Resource Group is created. This Resource Group is often not needed at this point and can be deleted after you are done testing the deployment of the resources. For deleting the Resource Group you can use the VSTS task delete resource group if empty. This tasks deletes the Resource Group only if it does not contains any resources.