
Securing Azure DevOps When Using Private Repositories
..a simple step to avoid exposing your DevOps Org
..a simple step to avoid exposing your DevOps Org
Have you noticed how some committers on GitHub have a ‘verified’ badge? This isn’t because the person is special (sorry to burst my own bubble), but rather they have signed their commits with a tool such as the Gnu Privacy Guard (GPG). Commit validation ensures the authenticity and integrity of code by verifying the identity of the author through GPG signatures, providing trust and security in collaborative projects.
Can you make a verified module with only AzAPI?
One of the cool feature switches in the AzAPI Terraform provider is preflight validation. If enabled, this provides further checks against your resources at plan stage, one of which is checking for Azure Policy violations. Cool, right? Let’s see how to enable it: 1 2 3 provider "azapi" { enable_preflight = true } That. Is. It. We’ll make a couple resources: a resource group, a built-in policy assignment restricting locations to New Zealand North & then a demo that will:
Making a GitHub repo module in the style of AVM