Fernando Colombo

My feedback

  1. 3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Key Vault  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Fernando Colombo commented  · 

    The standard name used to be P-256K on first draft: https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-00. It was renamed to SECP256K1 later.

  2. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Resource Manager  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo supported this idea  · 
  3. 21 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Azure Dev Spaces  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo supported this idea  · 
  4. 618 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    22 comments  ·  Networking » Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo supported this idea  · 
  5. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Key Vault » Other  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Fernando Colombo commented  · 

    Thanks for this suggestion. We need some clarification here. What kind of hosting are you using for WebApps? If that is Azure App Service, then you can use Service Endpoints feature. Is that what you mean by option 3 that you can't use? Note that if you host your WebApps on a shared compute solution, then other users running on same IP address will be able pass through key vault firewall, which defeats the purpose. Also, can you add a link to a document that explains option 4 for SQL service? I just want to make sure we are talking about the same solution.

  6. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Key Vault » Other  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo supported this idea  · 
    An error occurred while saving the comment
    Fernando Colombo commented  · 

    Azure Key Vault already supports a similar feature: "allow trusted Microsoft services to bypass the firewall". Not all services are onboarded, but AKV team typically complete the onboarding process within weeks. The biggest problem with a bulk effort that covers all services, is that each service needs to provide changes on how they access Key Vault in order to insure security. It's not just an internal configuration - the service that calls Key Vault needs to adhere to a set of rules to insure that it cannot be exploited to bypass the firewall of any Key Vault. This is what makes onboarding of new services so slow. But this question has its value, I have upvoted it. My recommendation is that along with this question, remember to add a suggestion on the specific service that you want the ability to bypass the firewall. Onboarding a single service is faster and easier to achieve than onboarding many services.

  7. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Key Vault » Managing application secrets  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Fernando Colombo commented  · 

    The request seems to be using the wrong host. But to confirm, you should specify the URI in your error report.

  8. 14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Logic Apps » Connectors  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo shared this idea  · 
  9. 9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Logic Apps » Connectors  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo shared this idea  · 
  10. 6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Logic Apps » Connectors  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo shared this idea  · 
  11. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Key Vault » Other  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Fernando Colombo commented  · 

    I don't understand your scenario. You can download secrets and certificates using a client such as Powershell cmdlets (i.e. you don't have to use the portal), but you still have to be an authenticated user with access to the vault. This is a fundamental aspect. Is scripting something that could help you?

  12. 6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Networking » Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    Fernando Colombo shared this idea  · 

Feedback and Knowledge Base