Part 3: Terraform with Azure – How to Install Visual Studio Code

Reading Time: 2 minutes

My journey preparing to get started with learning Terraform to allow me to deploy workloads into Microsoft Azure continues. If you missed the previous posts, please visit the links below.

Part 1: Terraform with Azure – How to install Terraform
Part 2: Terraform with Azure – How to install Azure cli

Moving to Part 3, in this post I will go through the process of installing Visual Studio Code. Let’s get started.

What is Visual Studio Code?
Visual Studio Code combines the simplicity of a source code editor with powerful developer tooling, like IntelliSense code completion and debugging. First and foremost, it is an editor that gets out of your way. The delightfully frictionless edit-build-debug cycle means less time fiddling with your environment, and more time executing on your ideas. For more information on Visual Studio Code click the following link Microsoft.

  1. Visit https://code.visualstudio.com/download
  2. I’ll be downloading the Windows version (System Installer 64-bit) as shown below. The download was approx 70MB in size at the time of writing this post.

3. Run the installation

4. Accept the agreement when ready to do so and click next

5. Click next

6. Click next

7. I select ‘Create a desktop icon’ and click next

8. Click Install

9. Click finish

In part 4, I go through the process of installing the Azure Terraform plugin within Visual Studio Code, click the following link to continue on my journey, Part 4: Terraform with Azure – How to install Azure Terraform Plugin in Visual Code

Part 2: Terraform with Azure – How to install Azure CLI

Reading Time: 2 minutes

Following on from a previous post where I installed and configured Terraform, see How to Install Terraform, in this post I will continue my journey learning Terraform by going through the process of installing a useful tool known Azure command-line interface (Azure CLI).

The Azure command-line interface (Azure CLI) is a set of commands used to create and manage Azure resources. The Azure CLI is available across Azure services and is designed to get you working quickly with Azure, with an emphasis on automation. It’s a useful tool to have installed on my machine so let’s get started.

  1. Visit the Azure CLI web page Download Azure CLI
  2. Click Install – Windows

3. Click Current release of Azure CLI. The download was approx 45MB at the time of writing this blog post

4. Run the installer

5. Accept the licence agreement when ready to do so and click install

The install can take up to 10 minutes to complete

6. Launch Powershell and type az login and press enter

7. If successful, you’ll be presented with the Microsoft login screen

In part 3, I go through the process of installing Visual Studio Code, click the following link to continue on my journey, Part 3: Terraform with Azure – How to Install Visual Studio Code

Do not allow users to grant consent to unmanaged applications

Reading Time: 4 minutes

In this blog post I will go through the process of preventing users in your organisation from allowing third party apps to access their Office 365 information, and require future consent operations to be performed by an administrator.

This is a recommended Microsoft action and you may come across an alert within the secure score section of your Azure Portal. The message is as follows:

Tighten the security of your services by regulating the access of third-party integrated apps. Only allow access to necessary apps that support robust security controls. Third-party applications are not created by Microsoft, so there is a possibility they could be used for malicious purposes like exfiltrating data from your tenancy. Attackers can maintain persistent access to your services through these integrated apps, without relying on compromised accounts. Policy in place: false.

  1. Login to your Azure Portal (portal.azure.com)
  2. Locate and click Azure Active Directory
  3. Click Enterprise applications

4. Click User Settings

5. Switch Users can consent to apps accessing company data on their behalf to No


Users can consent to apps accessing company data on their behalf
If this option is set to yes, then users may consent to allow applications which are not published by Microsoft to access your organisation’s data, if the user also has access to the data. This also means that the users will see these apps on their Access Panels. If this option is set to no, then admins must consent to these applications before users may use them.

6. After selecting No, the following message appears with instructions on managing LinkedIn account connections if required.

There is also a further warning that users can still consent to apps accessing the groups they own. I’ll cover this in step 7 below.

7. Further down you may also wish to disable Users can consent to apps accessing company data for the groups they own or limit to a certain group as show in the second screenshot below

Users can consent to apps accessing company data for the groups they own
If this option is set to yes, then all users who are owners of a group may consent to allow third-party multi-tenant applications to access the data of the groups they own.If this option is set to no, then no user can consent to those application to access the data of the groups they own.If this option is set to limited, then only the members of the group selected can consent to those applications to access the data of the groups they own.

8. After disabling user access, you may wish to setup Admin consent. If this option is set to yes, then users request admin consent to any app that requires access to data they do not have the permission to grant.
If this option is set to no, then users must contact their admin to request to consent in order to use the apps they need.

Users can request admin consent to apps they are unable to consent to:
If this option is set to yes, then users request admin consent to any app that requires access to data they do not have the permission to grant.
If this option is set to no, then users must contact their admin to request to consent in order to use the apps they need.


Select users to review admin consent:
The selected users can review and act on new admin consent requests. Only users with the Global, Application, or Cloud application administrator role can grant admin consent, so only those users will be available for selection. Removing a user from the list of reviewers will not remove their role, so they will retain their admin privileges until their role is explicitly changed.

9. When ready, don’t forget to click the save button