arnathan2k

n Azure, when using Azure Bastion to connect to virtual machines across peered networks, the Bastion service allows for RDP and SSH access only within the same Azure region and does not directly support transitive connectivity across multiple VNets by default. This means that even if VNet1 is peered with VNet2, and VNet2 is peered with VNet3, Azure Bastion deployed in VNet1 does not automatically provide access to VMs in VNet3, unless VNet1 is directly peered with VNet3.

Key Points:
Direct Peering: Azure Bastion requires direct network peering between the VNet where Bastion is deployed and the VNet containing the VMs you want to access.
Non-transitive Nature: VNet peering in Azure is non-transitive, meaning that if VNet1 is peered with VNet2 and VNet2 is peered with VNet3, VNet1 does not have a direct peering relationship with VNet3.
Your Scenario:
Bastion in VNet1: Deployed in VNet1.
Peering Configuration: VNet1 is peered with VNet2, and VNet2 is peered with VNet3.
Solution Options:
Direct Peering: To use A

arnathan2k

o determine the minimum number of Azure Bastion instances required for your scenario, where you have multiple virtual networks (VNets) spread across different regions and all are peered with each other, consider the following factors:

Region Consideration: Azure Bastion is a regional service, meaning it only needs to be deployed in each Azure region where you have resources that need to be accessed. It provides secure RDP and SSH access to all virtual machines within a region if they are network peered.
Peering Connectivity: Since all your VNets are peered with each other, a single Bastion host in each region can provide coverage for all VNets in that region. Azure Bastion uses the VNet peering connections to facilitate access to VMs across different VNets within the same region.
Given your setup:

US East: VNets 1, 2, 3
UK South: VNets 4, 5, 6
Asia East: VNets 7, 8, 9, 10
Minimum Number of Azure Bastion Instances:

arnathan2k

Creating a standard web app in Azure and setting up a consistent deployment process for web admins involves several steps. You can leverage Azure services like Azure App Service for hosting the web app and Azure DevOps or GitHub Actions for continuous integration and continuous deployment (CI/CD). Here’s a step-by-step guide to achieve this:

### Step 1: Create an Azure Web App
1. **Log into Azure Portal**: Go to the [Azure Portal](https://portal.azure.com).
2. **Create a Web App**:
   - Navigate to "App Services" and click on "Create".
   - Select the appropriate subscription and resource group.
   - Enter a unique name for your web app.
   - Select the runtime stack (e.g., .NET, Java, Node.js, Python) and either Windows or Linux as the operating system.
   - Choose a region.

arnathan2k

Yes, in Azure, you can attach more than one Application Security Group (ASG) to a network interface. Application Security Groups are used to define a group of virtual machines that you can apply network security rules to in a centralized way. This helps you manage network security policies more efficiently, allowing you to group virtual machines and define network security policies based on those groups.

When you attach multiple ASGs to a network interface, you effectively allow the network interface to inherit the security rules associated with each ASG. This means that the network interface, and thus the virtual machine or service it's associated with, can be a part of multiple logical groups defined for network security purposes. This approach simplifies the management of network security rules by enabling you to apply the rules to groups of VMs rather than to each VM individually.

This feature is particularly useful in complex environments where virtual machines may serve multiple roles or require granu

arnathan2k

Peering between Azure regions and specific environments like Azure Government and Azure China involves specific considerations due to the distinct nature of these networks, compliance requirements, and governance.

Azure Government: This is a separate instance of Azure operated by screened U.S. persons and is physically isolated from non-governmental Azure datacenters. Azure Government services handle data that is subject to certain government regulations and requirements.

Azure China: Operated by 21Vianet under a unique partnership, Azure China is physically separated from the global Azure network. It complies with Chinese laws and regulations.

Peering Between Azure Standard and Azure Government
As of the latest updates, direct VNet peering between Azure public (standard Azure) and Azure Government is not supported. This is primarily due to the compliance and isolation requirements that govern Azure Government. Organizations often need to manage data transfer between these environments through controlled a

arnathan2k

kubectl run dns-test --image=nicolaka/netshoot --rm -it --restart=Never -- nslookup yourdomain.tech

arnathan2k

1. Find slapd

>> locate slapd

2. Find user activity in slapd.log

>> grep -i username101 slapd.log 

3. Get the Root Credentials

arnathan2k

---
- hosts: localhost
  gather_facts: false
  connection: local
  become: yes

  vars:
    packages:
      - apache2
      - mysql-server

arnathan2k

--- 
- 
  become: true
  connection: local
  gather_facts: false
  hosts: localhost
  tasks: 
    - 
      apt: 
        name: "{{ item }}"

arnathan2k

---
-
  become: true
  connection: local
  gather_facts: false
  hosts: localhost
  tasks:
    -
      apt:
        name: "{{ item }}"