Tag: Azure Functions

Designing Safe Azure App Registration Secret Rotation (With Guardrails)

Automating Azure App Registration secret rotation is often discussed as a best practice, but implementing it safely is where the real challenge begins.

In many Azure environments, client secrets are stored in Azure Key Vault, expiry alerts are configured, and operational processes are defined. From a governance perspective, everything appears under control.

But monitoring secret expiration is not the same as designing a safe, deterministic rotation model.

Recently, I worked with a customer who had a mature Azure environment.

They had:

  • Azure Key Vault properly configured
  • Monitoring in place for secret expiry
  • Clear ownership of application registrations
  • Good operational discipline

So this wasn’t a “wild west” environment.

The problem was different.

Continue reading “Designing Safe Azure App Registration Secret Rotation (With Guardrails)”

Enable OpenTelemetry in Azure Functions: The Easiest Way via Azure Portal

Good news! As of June 2025, OpenTelemetry is now in preview for Azure Functions. If you want basic observability without writing code or installing libraries, you can now enable distributed tracing directly from the Azure Portal.

This quick guide shows the simplest way to enable OpenTelemetry in Azure Functions using built-in features — no NuGet packages or custom code needed.

What You Need

  • An existing Azure Function App (v4)

  • Application Insights already enabled (most new Function Apps have this by default)

Continue reading “Enable OpenTelemetry in Azure Functions: The Easiest Way via Azure Portal”

Automating AVD Restarts with Azure Functions

restart-computer

Azure provides an abundance of services tailored to ease the workload of IT professionals. One such remarkable service is Azure Functions, which allows you to run scripts or pieces of code in response to a variety of events. Today, we’ll explore how to leverage Azure Functions to run a PowerShell script that automates the restart of Azure AVDs based on a tag.

Understanding the Script

Before diving into Azure Functions, let’s understand the provided PowerShell script:

# Input bindings are passed in via param block.
param($Timer)

# Add all your Azure Subscription Ids below
$subscriptionids = @”
[
     “xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx”
]
“@ | ConvertFrom-Json

# Get GMT Standard Time zone
$date = [System.TimeZoneInfo]::ConvertTimeBySystemTimeZoneId([DateTime]::Now,”GMT Standard Time”)
$now = $date

foreach ($subscriptionid in $subscriptionids) {
     # Selecting Azure Sub
     Set-AzContext -SubscriptionId $SubscriptionID | Out-Null

    $CurrentSub = (Get-AzContext).Subscription.Id
     If ($CurrentSub -ne $SubscriptionID) {
         Throw “Could not switch to SubscriptionID: $SubscriptionID”
     }

    $vms = Get-AzVM -Status | Where-Object {($_.Tags.RestartTime -ne $null)}
     $now = $date

    foreach ($vm in $vms) {
         if (($vm.PowerState -eq ‘VM running’) -and ($now -gt $(get-date $($vm.tags.RestartTime))) ) {
             Restart-AzVM -Name $vm.Name -ResourceGroupName $vm.ResourceGroupName -NoWait
             Write-Warning “Restarting VM – $($vm.Name)”
         }
     }
}

Continue reading “Automating AVD Restarts with Azure Functions”