If you are a developer, engineer, architect, or product manager working for an ISV (Independent Software Vendor) or a Startup and are tasked with creating or migrating your solution to Azure platform or publishing it as an “offer” in Azure Marketplace, you may find the following links and resources useful in your journey.
In the following four videos, we look at how to create Linux and Windows VM images using Packer.io unmanaged VHD and Azure Shared Image Gallery destinations, how to publish these images as Azure Marketplace Virtual Machine offer in Microsoft Partner Center, and how to deploy and test the “preview” offer plans/SKUs.
You can see the sample code used in the videos here.
Update: As of March 2021, Partner Center allows to publish VM offers directly from Azure Shared Image Gallery (SIG) instead of needing to generate SAS URL for the VHD file. …
Say we are using ACR premium-tier with geo-replication enabled and “docker push” image1:tag1 to the registry from East US 2 region. What happens when we try to “docker pull” image1:tag1 from Southeast Asia region before the replication is finished?
According to the “Considerations for using a geo-replicated registry”, Azure Traffic Manager is used internally by the registry to redirect the request to the registry in the closest region. …
We look at the following three approaches, but other approaches like VPN and VNet-to-VNet are also possible:
In this article, we look at a scenario where Azure Managed Application publisher (aka Independent Software Vendor or ISV) needs to be able to use their publisher identity to create/delete secrets (e.g. connection string) in Azure Key Vault that is in the Managed Resource Group (MRG) in the customer’s Azure subscription so that other resources (e.g. Web Apps, VMs) running in the MRG can use these secrets.
Azure Key Vault resource and its data-plane access policies are tied to a specific Azure Active Directory tenant (i.e. there is a tenantId property in Azure Key Vault resource) and resources deployed in…
If you are new to Azure Managed Applications, please see this article.
When developing and testing Azure Managed Applications, I usually use the “az managedapp definition create” Azure CLI command to create the service catalog definition in my Azure subscription for testing prior to publishing in Azure Marketplace. Currently, this CLI command does not provide a way to explicitly specify the Deployment Mode (i.e. …
UPDATE: In August 2021, we created a doc in the Azure Architecture Center with links to resources related to multitenancy. Please refer to the “Resources for architects and developers of multitenant solutions” page in the https://aka.ms/MultitenantArchitecture section.
This is my initial work-in-progress collection of useful resources related to implementing multi-tenant applications on Azure.
Microsoft Ignite 2020 is in full swing Tuesday September 22 through Thursday September 24, 2020. This year it is an all-digital event and attendance is FREE.
Below are just a few of the pre-recorded on-demand sessions that I really liked in the Azure Core (IaaS) category.
In this video, we look at how to refresh Azure Managed Application permissions (e.g. Owner, Contributor, or Customer Allowed Actions) and how, as a publisher, to obtain access token using the Managed Application’s Managed Identity.
If you are new to Azure Managed Applications, you may first want to watch the two videos in “Simple Azure Managed Application: creating, testing, and publishing in Partner Center”.
Reminder: When building your Azure Application ARM templates for submission to Azure Marketplace, please make sure to carefully follow all of the guidelines and best practices described here and be ready to make fixes and changes…
In the following series of four videos, we look at a more advanced and “experimental” Azure Managed Application that deploys Azure Kubernetes Service (AKS), Azure Managed Identity, and performs some cross-resource group role assignments. We also walk through with using Azure Instance Metadata Service and AKS Pod Identity to obtain access tokens for interacting with Azure Data Lake Storage and ARM REST APIs.
Before diving into the videos below, you may first want to watch the two videos in “Simple Azure Managed Application: creating, testing, and publishing in Partner Center”.