nsg | Navigating Spreading-out Graph For Approximate Nearest | Search Engine library

I am trying to follow the solution given here How I can avoid multiple loops with Terraform for_each and dynamic for resource azurerm_network_security_group?

Here is my module: Module-Azure-Nsg-V3/main.tf

I tried multiple powershell script to do azure VM backup and restore but none of them are seems working or not so effective. Could any one please share the powershell script to create backup of VM and restore in azure via azure devops pipeline.

PowerShell Script:

I'm trying to deploy infrastructure using Terraform.

My intention is to deploy a VM with a WinRM listener and for this reason, I need to use a certificate.

I first deploy a Key vault in which I put the certificate and then I retrieve the certificate from the Vault to register it into the Virtual Machine.

We have two VMs behind a Load Balancer. We would like to make one of the VMs publicly inaccessible when we do a new deployment, so we can test the new version of the application before it becomes publicly accessible. The current plan is to block one out of two VMs by changing Network Security Group rule via Service Tag for Load Balancer:

It works. When we change NSG Rule for VM1 from Allow to Deny only VM2 stays publicly accessible. Once we verify that new release works as expected we then switch NSG rule for VM2 and switch NSG rule for VM1, so only a VM with the newest version of application is accessible while we update application on the other VM.

The problem with that is NSG rules don't immediately take effect and can take 1-3 minutes to make VM inaccessible/accessible. More over if we switch NSG for both VMs at the same time we can be in situations when both VMs with different version of software are publicly available which can lead to data corruption or data lose or both VM are not accessible. So the only way around this is to change NSG rule for VM2 then for VM1 and having downtime of 2-6 minutes. Is there a better way to do that?

In order to simplify variable definition, I'm grouping subnets and attributes (like security groups) into a list of dictionaries... which then has a layer of dicts etc.. (or maps/objects)

Here is a sample definition JSON:

I need feedback. I have the below partial tf code. I am getting "Error: Incorrect attribute value type... Inappropriate value for attribute "security_rule": set of object required.". Looks like the reference to the map value is not set correctly but can't seem to figure it out. What am I missing? Thanks

SAMPLE CODE

I am writing a frontend/backend application. The frontend is an Angular 13 application. The backend is a combination backend API and administration web site. The backend has:

• Local Identity (including Identity scaffolding),
• Web API (for Angular frontend using Swagger bearer tokens),
• MVC view/controllers for side table administration.

The frontend needs to access API services. Login returns a token. The token is used to access the various services to maintain the application tables.

The backend .net 5 Core website reads and writes to a local SQL Server database. The database contains the Identity tables. The backend is also used to maintain the Identity tables using the scaffolding Razor pages. The backend maintains (basic CRUD) for a number of administrative tables. So, a user or an administrator logons via the scaffolding logon form using the same logon account that is used for the Angular frontend.

The problem is the login via PasswordSignInAsync is successful but User.Identity.IsAuthenticated is false. I use User.Identity in lots of places for name, roles and IsAuthenticated. I got a sense that User.Identity is supposed to happen automatically when using cookie authentication scheme. I added dual schemes, but that has not solved the problem. I have read through a number of questions per PasswordSignInAsync not working, but none seemed to help. The things I tried to solve the problem may have adversely affecting the outcome. I have read the source code of CheckPasswordSignInAsync and I do not see any setting of User.Identity. Not knowing what to do to get beyond this issue.

Please feel free to ask for any clarifications.

I’m showing my complete Startup.cs.

I am trying to using Terraform to automate my VNet setup. this includes setting up the subnet and nsg association. Below partial exerts of the code.

We are having difficulties choosing a load balancing solution (Load Balancer, Application Gateway, Traffic Manager, Front Door) for IIS websites on Azure VMs. The simple use case when there are 2 identical sites is covered well – just use Azure Load Balancer or Application Gateway. However, in cases when we would like to update websites and test those updates, we encounter limitation of load balancing solutions.

For example, if we would like to update IIS websites on VM1 and test those updates, the strategy would be:

• Point a load balancer to VM2.
• Update IIS website on VM1
• Test the changes
• If all tests are passed then point the load balancer to VM1 only, while we update VM2.
• Point the load balancer to both VMs

We would like to know what is the best solution for directing traffic to only one VM. So far, we only see one option – removing a VM from backend address pool then returning it back and repeating the process for other VMs. Surely, there must be a better way to direct 100% of traffic to only one (or to specific VMs), right?

Update:

We ended up blocking the connection between VMs and Load Balancer by creating Network Security Group rule with Deny action on Service Tag Load Balancer. Once we want that particular VM to be accessible again we switch the NSG rule from Deny to Allow.

The downside of this approach is that it takes 1-3 minutes for the changes to take an effect. Continuous Delivery with Azure Load Balancer

If anybody can think of a faster (or instantaneous) solution for this, please let me know.