CYBAUER SECURITY
Home About Blog Certifications GitHub Contact Me
Login

BLOG POSTS

Azure - Pulumi Infrastructure Part 3 By Brett Bauer on July 29, 2024, 6:22 p.m.

Key Vault and PostgreSQL Server

In this post I will create the key vault to hold the secrets I need for my Django app connections. In the settings.py file of my app I use the function I created in it to grab the secret values from secrets in a key vault names cybauer-vault. I need to make sure to name the key vault the same in Pulumi and I also need to make sure I give the secrets the same name as the ones I have in settings.py.

After creating the key vault I will set up the PostgreSQL server and the cybauer database that goes with it. I want the server to be integrated with my VNET so I will link it to the delegated subnet and the private DNS zone I created previously. After the server and d…

Azure - Pulumi Infrastructure Part 2 By Brett Bauer on July 26, 2024, 11:52 a.m.

Networking, Storage Account, and Resource Group

Plan:

Here is a quick diagram I threw together that has most of the main parts. Basically an end user will make a request to the gateway public ip, that gateway has a listener listening on port 443 and when it that listener is hit it will direct the traffic to the container app that is in the container app subnet. The container app has connections with the postgres server, the container registry, the app gateway,  the key vaults, and the storage account. There is three subnets all in one vnet. Traffic in and out of the subnets are restricted by Network Security Groups (NSGs).  Each subnet has its own NSG associated with it. All of this…

Azure - Pulumi Infrastructure Part 1 By Brett Bauer on July 25, 2024, 3:35 p.m.

Overview - Prepping Django

This is the first blog post of the Pulumi infrastructure series. This series will cover me building out the infrastructure to host the Django application I created. In this part we will prepare the Django web app to be deployed. We will need to get our Django settings configured, the Docker file created, bash commands created, and our requirements file created.

Key Vault

The first thing I need to do is create a key vault to store my secrets. I am going to use two key vaults because I want one to have some of my secrets pre-loaded and the others I want to load when the Pulumi deployments runs. I am going to name them “cybauer-capchta-email” and “cybauer-vault”. Lets c…

« First   - Previous Page 2 of 2