October 4, 2023
Welcome to the twentieth edition of the Azure World Newsletter in 2023.
Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.
The unsubscribe link is at the bottom if you want to stop receiving these emails.
ONE.
Default outbound access for VMs in Azure will be retired
If you were to create a new Virtual Machine in Azure today, even with a private IP address and no public IP address, you could access the Internet from that machine. There is default outbound access from any VM to the Internet. The NSG has default rules that allow outbound internet access as well.
On 30 September 2025, this will no longer be the case.
After this date, all new VMs will require an explicit path to access the Internet. You will need an Azure NAT Gateway setup, Azure Load Balancer outbound rules, or a public IP address for the machine directly attached.
Existing VMs that have outbound internet access will continue to work after this date.
Many people in the Azure Facebook group commented that this is the way that AWS has worked for years and this is the way it should work. So, this seems like a good move by Microsoft to tighten up VM connectivity a little more, which should make things more secure in many ways.
Imagine a hacker could get access to a machine somehow, but that machine did not have outbound internet access. That makes it more difficult for them to exfiltrate data from that machine or whatever they hoped to do.
And instead of having all private VMs use a range of Azure-controlled IPs to access the web, each machine will have a traceable IP address. This makes the web safer for all of us, allowing admins to block specific malicious IP addresses without affecting millions of innocent systems.
Microsoft recommends that you do not rely on default outbound access and that you transition to one of the methods for any VMs you have that need outbound access.
TWO.
Microsoft has announced several exam updates in the last week or two. They’re going to keep me busy this month, updating my courses.
One of the themes of the update is finally the broad rollout of the Microsoft Entra brand, replacing Azure Active Directory (Azure AD). So, instead of an exam requiring knowledge of Azure AD Users, the new objectives will ask about Microsoft Entra ID Users. That one is fairly easy to understand.
Another theme rolling out on several exams is introducing “generative AI” into the exam objectives. Even the fundamentals exam, AI-900 Microsoft Azure AI Fundamentals, now contains a generative AI objective.
Now, this topic is referring specifically to the Azure OpenAI Service. As you know, Microsoft has invested heavily in Open AI, the team behind the popular ChatGPT.
The odd thing is that I believe the Azure OpenAI Service still requires you to apply for access. I have not seen any announcement opening up access to the broader public. It’s still in a private preview. But those topics have been added to the exam. This topic also appears on the AI-102 Azure AI Engineer exam.
Today, I also noticed that Microsoft has just announced the retirement of several AI Services, including Metrics Advisor, Anomaly Detector, and Personalizer. Since the objectives of the AI-102 exam are being updated at the end of the month, and they include these services.
So we have this odd situation where services are clearly being retired, and the exam still tests for them. I guess Microsoft will have to resolve that shortly. We’ll see.
AZURE PLATFORM UPDATES.
Microsoft has been quite busy. Quite a few updates for you this week. And a bunch of retirements.
The following updates to the Azure platform were announced in the last two weeks:
- Alerts timeline view, now in preview
- OpenAI Whisper model in preview
- GitHub Advanced Security for Azure DevOps, in GA
- Azure Update Manager, in GA
- Share VM images publicly with community gallery – Azure Compute Gallery feature
- Domain fronting update on Azure Front Door and Azure CDN
- Gateway Load Balancer IPv6 Support
- Azure API Center, in ungated preview
- Additional cache sizes for Azure Cache for Redis Enterprise, in preview
- Azure SQL Database free offer – serverless, in preview
- Azure Communication Services Job Router, in preview
- AKS image cleaner, in GA
- Vertical Pod Autoscaling add-on for AKS, in GA
- Azure Functions extension for Dapr, in preview
- Artifact cache for Azure Container Registry
- Azure Container Apps is now eligible for Azure savings plan for compute
- Azure Data Explorer Add-On for Splunk, in preview
- Enhanced soft delete for Azure Backup
- Multi-user authorization for Backup vaults
The following services are being retired, please take note:
- Azure AI Video Indexer classic accounts will be retired on 30 June 2024
- The Azure Storage Ruby client libraries will be retired on 13 September 2024
- Azure Database for MariaDB will be retired on 19 September 2025
- Support for the 1.x version of Azure Functions ends 14 September 2026
- The Azure Storage Android client libraries will be retired on 13 September 2024
- Azure Communication Services Network Traversal (TURN) Public Preview is retiring
- Extended support for PHP 8.1 ends on 25 November 2024
- Extended support for Python 3.8 ends on October 2024
- SAP HANA on Azure Large Instances will be retired by 30 June 2025
- Computer Vision v1.0, v2.0, v2.1, v3.0, and v3.1 APIs will be retired on 13 September 2026
- App Service Environment version 1 and version 2 will be retired on 31 August 2024
- AI Services Metrics Advisor will be retired on 1 October 2026
- AI Services Anomaly Detector will be retired on 1 October 2026
- AI Services Personalizer will be retired on 1 October 2026
- Azure Batch task authentication token will be retired on 30 September 2024
- Azure Batch CLI extensions will be retired on 30 September 2024
- Support for select marketplace images for Batch pools will be retired
- Azure Internet Analyzer will be retired on 15 March 2024 – delete profiles
Be sure and check out the Azure Updates page if any of these affect you.
https://azure.microsoft.com/en-us/updates/
COMING UP FOR ME.
As I wrote above, there are many updates to make to several courses that need to be made in October, including AI-900, AI-102, and others. And I will continue to record updates to AZ-305 as I have been doing.
I should note that even though there are changes announced for AZ-104 and AZ-204, those changes are cosmetic, and they won’t require changes to your study plans or the course.
In September, I recorded or updated over 3 hours of content in the AZ-204 course and over 3 hours of updated content in the AZ-305 course. I’m trying to ensure all of the videos have the latest UI and the latest content.
WHERE TO FIND ME.
And that’s it for issue 4.20 Thanks for reading this far. Talk to you again in two weeks.
What is your favorite platform to be on? Perhaps we can connect there.
Facebook Page: https://www.facebook.com/getcloudskills/
LinkedIn: https://www.linkedin.com/in/scottjduffy/
Instagram: https://www.instagram.com/getcloudskills.ca/
Twitter: https://twitter.com/scottjduffy
Udemy: https://www.udemy.com/user/scottduffy2/
LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html