Updating to Permissions policy header using Cloudflare workers

I’ve previously written about using Cloudflare workers to add security headers to various sites, in particular static sites such as this blog. If you’ve not read that post I’d highly recommend starting there first as this post will not cover the details again. Recently I saw the following Tweet: Goodbye Feature Policy and hello Permissions Policy!

Add security headers to your static websites using Cloudflare Workers

Cloudflare Workers is a service that allows you to run code on every request to your site, we can use this approach to modify the response from your site and add security headers with minimal effort and overhead. Cloudflare workers also have a free plan so this can be done at zero cost (assuming you stay below the limits).

Enabling Azure storage static website hosting using Pulumi and C#

Update (2020-04-02) Static sites are now easy to enable in the Pulumi Azure provider 2.0 (and is also supported in Terraform) - see the notes on the 2.0 provider. The post will remain useful as a guide to anyone trying to invoke other SDKs whilst passing in parameters from Pulumi.

Kubernetes 1.16 API changes for common resources

TL;DR If you are getting errors trying to create common resources such as Deployment, ReplicaSet etc. and are using an older manifest file ensure you are using the correct API version. Various beta APIs for some common resources have been removed in Kubernetes 1.16 - see table below for details. Note: These API have been marked as deprecated for several releases now and the alternative APIs have been available for several Kubernetes releases.

Mis-behaving Office 365 MFA and app passwords

TL;DR If you have Office365 MFA enabled and Outlook constantly prompts you for a password for your Office365 account, you may need to enable Modern Authentication in your Office365 tenant. Introduction I’ve been using Office 365 for a long time and like a good citizen have MFA enabled for my account (in fact I have MFA enabled for everything that I can).

Windows nodes on Azure Kubernetes Service (AKS)

Introduction With the release of Kubernetes version 1.14 Windows containers support was promoted to generally available (GA) and with this milestone the time is right to start looking at creating clusters comprised of both Linux and Windows nodes. Recently the Azure Kubernetes Service launched their preview of Windows node pools which allow us to create mixed OS Kubernetes clusters (I’ll refer to these as hybrid clusters).

Jetson Nano - A quick start with .NET Core 3

Introduction I’ve recently purchased a Nvidia Jetson Nano devkit and I’m excited by the possibilities this device opens up. The Jetson Nano is a small computer from Nvidia focussed on AI scenarios and it’s priced at a very reasonable $99 (~£95). With a form factor similar to a Raspberry Pi (RPi) and with similar support for many peripherals and add-ons I can this being very popular with home enthusiasts and makers, much like the RPi is.

2018 - A year of public speaking

I tend to prefer writing technical blog posts but I wanted to reflect on 2018 as it’s been an interesting year and I’m hoping others may be inspired into speaking themselves. 2017 - breaking the duck At the end of 2017 I finally got into public speaking (technical talks), it all started with a 10min lightning talk at DDD East Anglia followed by a talk at the London .

Deploying a Hugo site to Azure Storage static website hosting using Azure DevOps

Updated: 14th Dec 2018 - Static hosting now GA Introduction I’ve recently moved my blog from hosted Ghost Pro to a Hugo static site hosted in Azure Storage using the static website hosting feature. The main driver for moving was that I’m not a prolific blogger and I didn’t feel I was getting value from my annual Ghost subscription (this is before their rather hefty price rises, although I was locked on the lower price tariff).

"High-ish" availability cross-region architectures

TL;DR The architectures of a cross-region highly available (HA) application vs a single region application are often seen as quite distinct. This post will show it doesn’t have to be that clear cut, with a few small changes we can cost effectively deal with a region outage quicker and without the same expense as running redundant copies of our solution.