Skip to main content

Posts

Get values from linked ARM template with a copy loop

The Microsoft documentation for modularizing ARM templates is missing a sample where the copy loop is combined with returning output. I modified the example template which Microsoft uses in their Get values from linked template example to demonstrate this scenario. 
The linked template gets a parameter where we can pass in a name for the greeting. { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "name": { "type": "string" } }, "variables": {}, "resources": [], "outputs": { "greetingMessage": { "value": "[concat('Hello ', parameters('name')]", "type": "string" } } }
The main template deploys the linked template and gets the returned values from the name array. Notice that it…
Recent posts

Return the correct Content-Type for a Logic App API in API Management

Given our company cloud strategy, BizTalk is finite for us and we have started the transition to an iPaaS landscape based on Microsoft Azure. The BizTalk environment is replaced by an environment consisting of API Management, Logic Apps, Functions, Event Grid and Service Bus parts.One of the BizTalk HTTP APIs is exposed by API Management to internal and external consumers and is partly migrated to a Logic App already. This transformation to iPaaS should have no impact on the consumers of the API Management endpoints. Sadly we found out this week that this was not true for one of the methods within that specific API. One of the consumers was transitioning from the BizTalk API to the version hosted in API Management. When testing the API they complained that the received an error that the HTTP Header Content-Type was not supported in their client. The value they received was application/xml instead of the BasicHttpBinding value text/xml; charset=utf-8 they needed.The developer which dev…

Automated infrastructure (pre) deployment verification tests

I develop C# based web apps and integration solutions (APIs) for years and nowadays they are hosted in Azure. Most of the time I also create the infrastructure to deploy these kind of applications. In accordance with the Infrastructure as Code principles that I use, I do this using ARM templates supplemented with PowerShell (DSC) scripts. As a developer, I am used to writing unit tests to test my applications. Testing infrastructure is a new area for me. The traditional unit test approach does not work here because you cannot test an infrastructure until it has been rolled out.

Recently I have gained experience with the use of the Pester framework for performing (pre) deployment verification testing during the rollout of an IIS website environment. In this blog article I share some experiences I have gained during this project.

Case The case in this case is the rollout of a WCF API hosted on an Azure VM on which no IIS web server is installed yet. This web service will run under a ser…

Fixing HTTP Error 401.2 unauthorized on local IIS

Sometimes the Windows Authentication got broken on IIS servers so you cannot log in locally on the server. In that case you get the dreadfully error message

HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
To fix this issue you can repair the Windows Authentication feature with the following PowerShell commands:

Remove-WindowsFeature Web-Windows-Auth Add-WindowsFeature Web-Windows-Auth

Assign an existing certificate to your IIS website with WiX - Part 2 (PowerShell version)

In my previous post I explained how to assign an existing certificate with a custom action. Because of all kind of IIS Manager related failures I had on my work with this solution I did some research and constructed a version based on the usage of a PowerShell step within the WiX installer.
PowerShellWixExtensionIn this new scenario I use the PowerShellWixExtension written by David Gardiner which I found on GitHub. To use this extension you have to add a reference to the PowerShellWixExtension.dll in your WiX Setup project. I added this reference with the published NuGet package. Search for PowershellWixExtension in the store. The further steps to use this library are documented on the GitHub page.
PowerShell scriptAdd to your WiX setup project a PowerShell file name Add-ExistingCertificateToBinding.ps1 which will contain the steps to find and add the certificate to an existing IIS binding.

Add the below PowerShell code to this file.
param ( [Parameter(Mandatory = $False, HelpMessag…

Assign an existing certificate to your IIS website with WiX

Recently I had to change the bindings of existing IIS hosted websites and APIs from HTTP to HTTPS. They are installed with a MSI file created with the WiX Toolset.

Because I have to use an already on the server installed certificate I cannot use the Certificate element from the IIS Extension because this element only supports installing and uninstalling certificates based on PFX files. After doing some research I found the blog article Assign Certificate (Set HTTPS Binding certificate) to IIS website from Wix Installer which described the usage of Custom Actions for this purpose. I adopted this approach and rewrote the code for my scenario.

With WiX I still create the website.
<iis:WebSite Id="WebSite" ConfigureIfExists="yes" AutoStart="yes" Description="MyWebsite" Directory="IISROOT" StartOnInstall="yes"> <iis:WebAddress Id="WebSite" …

Remove Azure DevOps Enterprise application record from Azure AD

If you want to delete an Azure AD tenant which contains an Azure DevOps Enterprise application record you will first have to remove this Enterprise application record. Removing the Azure DevOps Enterprise record will not succeed from the user interface because the delete button is greyed out. To remove the record follow these steps:

Create a new Global Admin account in the directory you are trying to delete. Make sure you copy the temporary password.Start Windows PowerShell commandline and run: Install-Module -Name AzureAD.Once done run Connect-AzureAD. You will be prompted to login, login with the user you created and you will be asked to change your password.Run Remove-AzureADServicePrincipal -ObjectId [Object ID] to remove the Enterprise application record.Remove the Global Admin account you created.

After the Azure DevOps Enterprise record is removed you can delete the Azure AD tenant.