Deprecated: strtr(): Passing null to parameter #1 ($string) of type string is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Utils/Encryption.php on line 8 Deprecated: urlencode(): Passing null to parameter #1 ($string) of type string is deprecated in /chroot/home/a40b7614/774635bdc8.nxcli.io/html/wp-content/plugins/moosend-email-marketing/vendor/moosend/website-tracking/src/Payload.php on line 202 newsletter – SoftwareArchitect.ca

SoftwareArchitect.ca

Tag: newsletter

Azure World Newsletter – Issue 5.04
March 6, 2024

Welcome to the fourth edition of the Azure World Newsletter in 2024.

I missed last week’s newsletter since I was traveling, so I apologize for the delay in getting this to you. Let’s see what has been happening with Azure since we last looked.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

Now, in public preview, there is a new feature called Azure Storage Actions.

As the name implies, Storage Actions allows administrators to automate data management operations in a serverless, no-code way.

This feature attaches to Azure Blob Storage and Data Lake Storage. You can perform various data management tasks against your storage accounts in minutes. You can scan “billions of” blobs across dozens of storage accounts at once, examine their properties, and determine how they should be processed. You can do all of this without having to provision any compute infrastructure.

You can reduce the overall cost of your storage accounts with these actions, enhance data protection, apply tagging, and even move objects out of archive storage if needed.

See also:
https://azure.microsoft.com/en-us/blog/introducing-azure-storage-actions-serverless-storage-data-management/

TWO.

Azure has recently introduced a new Level 7 load balancer for AKS called Application Gateway for Containers. This is an evolution of the Application Gateway Ingress Controller (AGIC).

Application Gateway for Containers manages traffic in a balanced way to send to individual pods in a Kubernetes app. Like any load balancer, it examines the traffic inbound and determines where it needs to go.

You can set various rules to direct the traffic. So, if you need certain traffic to go to specific Kubernetes pods to process the traffic, then the Application Gateways for Containers will take care of that.

The gateway needs a private IP, a designated subnet, and a managed identity to perform its work. It’s designed explicitly for AKS, so this is a more efficient load balancer for that service than a regular Application Gateway would be.

This feature is in preview mode, so it’s worth testing if you require a service like that.

See also:
https://learn.microsoft.com/en-us/azure/application-gateway/for-containers/overview

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

Here’s a summary of the highlights in the last two weeks.
- NFS support is now available for App Service Linux code and container for Azure File Share
- Zone Redundant Storage for Azure Disks is now available in Canada Central
- AKS cluster control plane metrics in managed Prometheus, in public preview
- Azure Elastic SAN is now generally available
- Azure Firewall: Parallel IP Group update support is now in public preview
- Customer-managed key encryption for Redis Cache Enterprise tier
- Azure Blob Storage Cold Tier support on Change Feed and Object Replication
- Support for Azure VMs using Premium SSD v2 in Azure Backup
- Support for Azure VMs using Ultra disks in Azure Backup
- Azure Storage Actions, in public preview
- Configuration-as-code customizations in Microsoft Dev Box, in preview
- Azure Application Gateway introduces support for TLS and TCP protocols, in preview
- Application Gateway for Containers
- AKS support for node soak duration for upgrades, in preview
- Disable network policy in AKS for migration, in preview
- Capacity Reservations support in AKS
- Node Soak Duration for Upgrades
- Cloud Services (classic) deployment model is still retiring on 31 August 2024
Be sure to check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

I’ll keep you posted when I have news to report.

WHERE TO FIND ME.

And that’s it for issue 5.04 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
March 12, 2024
Azure World Newsletter – Issue 5.03
February 14, 2024

Welcome to the third edition of the Azure World Newsletter in 2024.

I’ve had a very good couple of weeks. The weather is improving, I have an interesting trip coming up, and I’ve been recording videos almost daily. Those are all of the things it takes for Scott to be happy. I hope you’ve been having a good start to the year.

To celebrate Saint Valentine’s Day (or Dia dos Namorados in Portugal), I’ve created a special coupon code for my courses that is available at the end of this newsletter.

Let’s see what has been happening with Azure since we last looked.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

It’s been a few years since I’ve looked at the relative market share between Microsoft Azure and Amazon AWS. Obviously, there was a big push to the cloud in 2020 and 2021 due to people having to work from home, but cloud adoption has slowed down since then.

As of the latest earning releases, the growth of Azure continues to exceed AWS as it has over the last several years. As you can read in the CNBC article linked below, Azure is growing at a 30% year-over-year pace, while AWS is currently at 13%.

A direct comparison is difficult to confidently make as both companies try to keep their business close to their chests. But it’s pretty clear that AWS is still the number 1 cloud platform. However, with Microsoft’s faster growth, the gap is shrinking.

“Azure could be the industry leader by 2026”, according to Forbes.

One interesting factor is how Microsoft is clearly working harder to provide AI services than Amazon is. OpenAI Services is now available to a wider group of customers, and Microsoft claims to have over 50,000 customers using it. There are also many customers specifically choosing Azure to take advantage of its perceived lead in AI services.

This is not to count AWS out. You can never count them out. It would not be difficult for AWS to incorporate other AI providers like Anthropic in their services and make them on par with Azure. But other than some announcements of Titan and their foundation models, I haven’t seen much progress there. They don’t seem to be progressing on Alexa being an improved AI tool, either.

I think Amazon is being too slow or cautious on this. Maybe they will surprise me.

Analysts are expecting Azure’s business to accelerate next year due to generative AI.

See also:
https://www.cnbc.com/2024/02/12/microsoft-ai-growth-helping-azure-cloud-chip-away-at-amazons-lead.html

And:
https://www.forbes.com/sites/petercohan/2024/02/13/why-microsoft-azure-could-take-the-cloud-lead-from-amazon-aws-by-2026/

TWO.

I wonder how many people remember the Azure Services Management (ASM) deployment model.

That model didn’t have the concept of Resource Groups, and Azure was still looking for a unified way to manage resources.

In 2014, Azure introduced the Azure Resource Manager (ARM) deployment model. You had to choose between the two models (ARM or ASM) when deploying resources. A lot of the online documentation (blog articles, articles, and YouTube videos) demonstrated Cloud Services like Web Roles and Worker Roles, and I was thoroughly confused at first about what the difference was with a Web App.

Luckily, after a few years, Azure announced the ASM model was being renamed to the Cloud Services (Classic) deployment model, and it was on track for deprecation. In 2020, if you had never created a Classic resource before, you could no longer create new VMs using Classic model.

And now, the Cloud Services (Classic) deployment model is going away completely as of August 31, 2024.

There is still the Cloud Services (Extended Support) model if you really, really must stay on the old platform.

If you have any remaining resources running on the Classic model, you need to migrate them before August 31. I’m sure Microsoft must be desperately reaching out to you privately as well, to figure out why you’re still using this old model. But just in case, here’s the final reminder that ASM (Classic model) is gone for good.

See also:
https://azure.microsoft.com/en-us/updates/cloud-services-retirement-announcement/

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

Here’s a summary of the highlights in the last two weeks.
- Cloud Services (classic) deployment model is retiring on 31 August 2024
- Azure Business Continuity Center is now available in all regions, in public preview
- ExpressRoute guided portal experience for multi-site resiliency, in public preview
- Azure Cosmos DB for PostgreSQL Customer-managed keys (CMK)
- Kube-reserved resource optimization in Azure Kubernetes Service (AKS), in GA
- Disable Secure Shell (SSH) support in AKS, in public preview
- Azure Container Apps supports additional TCP ports, in GA
- Distributed tracing v2 for durable Functions, in public preview
- Durable Functions extension v3.0.0 is currently in public preview
- Azure Monitor Metrics Data Plane API, in GA
- Continuous model monitoring in Azure Machine Learning, in GA
- Azure Site Recovery support for Azure Trusted Launch VMs (Windows OS), in private preview
- Azure Virtual Network Manager security admin rule, in GA
- Azure Virtual Network Manager topology view, in GA
Be sure to check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

I’ve been re-recording the AZ-900 videos in the past few days, and it’s going quickly. I am very excited for students to get the latest updates in that course.

If you haven’t taken the AZ-900 exam yet, here’s a special discount for you. Get the course for US $9.99 or your local equivalent using the coupon code VALDAY2024 at checkout or one of the links below.

AZ-900: Microsoft Azure Fundamentals Exam Prep In One Day
https://www.udemy.com/course/az900-azure/?couponCode=VALDAY2024

AZ-900: Microsoft Azure Fundamentals Exam Practice Test
https://www.udemy.com/course/az900-azure-tests/?couponCode=VALDAY2024

That same code works for any of my Azure, TOGAF and ChatGPT courses on Udemy.

WHERE TO FIND ME.

And that’s it for issue 5.03 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
February 15, 2024
Azure World Newsletter – Issue 5.02
January 31, 2024

Welcome to the second edition of the Azure World Newsletter in 2024.

Time sure flies. I can’t believe it’s already been two weeks since the last newsletter. Hopefully, you had a good January!

Let’s see what has been happening with Azure since we last looked.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

As you may know, Microsoft encrypts the traffic between its datacenters. This is designed for situations when traffic has to travel across a boundary not entirely controlled by Microsoft. For instance, if Microsoft has to use a third-party to provide inter-connection services between their facilities.

They are now introducing a new feature where you (the customer!) can optionally encrypt the data sent between two virtual machines (or virtual machine scale sets) within the same virtual network, or peered between regional or global virtual networks.

This is an additional enhancement to other encryption options available in Azure.

This feature is currently generally available in only three regions of the world: UK South, Swiss North, and US Central. It’s in public preview in a few other regions.

You’ll need to be using a VM that is one of the standard general purpose or memory optimized sets, such as the D-series, D-series V5, E-series, E-series V5, LSv3, or M-series.

You’ll also need to have accelerated networking enabled on the network interface.

With virtual network encryption enabled, traffic is encrypted between private IP and private IP of virtual machines on that network. You’ll need to reboot (stop/start) the VM in order to enable this.

See also:
https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-encryption-overview

TWO.

There are a couple of interesting new features in API Management, in Public Preview.

The first is a feature called circuit breaker. Just like a real life fusebox in a house protects your electric appliances and devices from being fried by too much power coming into the house, this feature of API Management can give your backend API time to recover from too many requests.

The circuit breaker property enables protection of your backend APIs by detecting an increase in errors being returned and implementing a temporary stop to incoming requests.

Instead of allowing your API to take minutes to respond to incoming requests, or return random unrelated error codes, the circuit breaker will detect when your service has become unreliable and return “502 service unavailable” codes to clients, allowing them to more appropriately respond to the backend API not functioning as expected.

Another interesting new feature of API Management is having a load balancer feature right within APIM.

Of course, you could put your APIs behind a load balancer or application gateway, and make that device the backend to your API Management frontend, but having a load balancer tool built in to APIM will make things easier and more intuitive.

And you can stack those features, such that the load balancer sends traffic to one of multiple backends, and those backends can have circuit breakers which distributes the next traffic to the other backends that are not having problems.

See also:
https://learn.microsoft.com/en-us/azure/api-management/backends?tabs=bicep#circuit-breaker-preview

And
https://learn.microsoft.com/en-us/azure/api-management/backends?tabs=bicep#circuit-breaker-preview

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

Here’s a summary of the highlights in the last two weeks.
- Azure Virtual Network Encryption, now in GA
- Cosmos DB Partition merge now supports shared throughput databases, in Preview
- Upgrade existing Azure Gen1 VMs to Gen2-Trusted launch, in Private Preview
- Support for Azure VMs using Premium SSD v2 in Azure Site Recovery, in Private Preview
- Load Balancer in Azure API Management, in Preview
- Circuit Breaker in Azure API Management, in Preview
- Azure Advisor integration with Azure Monitor Log Analytics Workspace
- Automatic Image Creation using Azure VM Image Builder, now in GA
- ExpressRoute guided portal experience for multi-site resiliency, in Preview
Be sure to check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

I think I have an idea for a new course. I’m just beginning to map it out. I will tell you more about it in future newsletters.

WHERE TO FIND ME.

And that’s it for issue 5.02 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
February 1, 2024
Azure World Newsletter – Issue 5.01
January 17, 2024

Welcome to the first edition of the Azure World Newsletter in 2024.

I hope you had a wonderful, restful holiday season. It was nice to take a break from writing the newsletter, but rest time is over, and it’s time to get back to work. 🙂

Let’s see what has been happening with Azure since we last looked.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

One of the benefits of running your computing jobs in the cloud is that there are many other useful services that tie into compute services that make the job of an administrator a lot easier.

One of these easier administration tasks is backup and recovery. As easily as you can set up a new Virtual Machine or App Service, you can configure a backup job for that service. And you can also easily restore to an old backup without much difficulty.

So, in late November, Azure announced that Azure Backup service now supports AKS.

Now, of course, AKS nodes are created using images, and it’s always been easy to deploy a new node based on that image or destroy that node when the node is no longer required. So, the need for scaling has required that all storage be external to the app, and the app itself be easily replicatable.

But Azure Backup for AKS apps can be quite complex, with many nodes and pods, and many apps running in an interconnected fashion. Some AKS apps have databases running inside the container. So, being able to back up the entire app is more than just being able to replicate a single image.

Azure Backup now supports AKS, making it easier to have automated backups and simple restores for the entire AKS cluster, including monitoring, from a single location in the portal.

See also:
https://azure.microsoft.com/en-us/updates/aksbackupga/

TWO.

The way virtual machines access the public Internet is changing in the next two years, and you need to know about it if you work with VMs and subnets.

Right now, when you create a virtual network with one or more subnets, outbound access to the Internet is determined mainly by a network security group policy. Of course, you could also install a firewall on that subnet and use a routing table to force traffic through that firewall for finer-grained control of network traffic.

The current “default” access control for a subnet is to enable outbound access to the internet. So, any devices installed on that subnet – even those without their own public IP address – have full access to the Internet unless you take active steps to block that access. These devices also access the internet using one of Azure’s public IP addresses, which can change and are not controlled by the customer.

Microsoft has deprecated this type of setup, and default outbound access for virtual machines will be retired in September 2025.

Additionally, Microsoft has announced a new private subnet feature if you want to accelerate your move to this new world of explicit outbound Internet access.

The new private subnet feature currently in public preview has more of a “secure by default” mindset. This subnet type has outbound access blocked by default, and you will need to set up a method to get devices access to the Internet more explicitly.

More details of the deprecation of outbound access can be found here:
https://azure.microsoft.com/en-us/updates/default-outbound-access-for-vms-in-azure-will-be-retired-transition-to-a-new-method-of-internet-access/

And more information on the private subnets can be found here:
https://azure.microsoft.com/en-us/updates/public-preview-private-subnet/

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

It’s been two months since the last newsletter, and a lot has happened. Here’s a summary of the highlights.
- Private subnets, in public preview
- Reservations for Microsoft Fabric
- Azure Web PubSub support for Socket.IO now generally available
- Encryption at host for Premium SSD v2 and Ultra Disks
- Encryption using Customer Managed Keys for Backup Vaults, in preview
- Azure Static Web Apps now supports .NET 8
- Azure App Configuration Kubernetes Provider
- New Azure Portal experience for Azure Database Migration Service
- Azure Backup for AKS
- Extended support for .NET 7 (STS) ends on 14 May 2024
- Extended support for .NET 6 (LTS) ends on 12 November 2024
- Microsoft Defender for APIs
- Azure Spatial Anchors Retirement
- Azure Object Anchors Retirement
- Azure Functions support on Apple Silicon Macs
- Node autoprovision support in AKS, in preview
- Crash Consistent VM Restore points
- RHEL (Red Hat Linux) 8.9 now supported on Azure Virtual Machines
- Free SQL Managed Instance, in preview
- Azure Spring Apps Enterprise is now eligible for Azure savings plan for compute
- Premium SSD v2 and Ultra disks support with Trusted launch
- Create tests by adding HTTP requests in Azure Load Testing
- Azure Arc Visual Studio Code Extension, in preview
Be sure to check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

Don’t have any big announcements to make at this time. I’ll keep you updated in this section in future newsletters.

WHERE TO FIND ME.

And that’s it for issue 5.01 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
January 19, 2024
Azure World Newsletter – Issue 4.23
November 15, 2023

Welcome to the twenty-third edition of the Azure World Newsletter in 2023. This will also be the final newsletter of 2023 as we take a holiday break and pick it up again in the new year.

Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

Microsoft Ignite 2023 has officially kicked off in Seattle and online. As I write this, I am watching Satya Nadella’s keynote and combing through the 100 announcements made in connection with the conference.

For events such as this, Microsoft publishes a Book of News that lists all of the announcements that they make in advance:

https://news.microsoft.com/ignite-2023-book-of-news/

In this newsletter, I’ll talk about some of my favorite announcements that I can find. And we’ll start with the keynote.

First, I will start by saying that it feels like a lot. There are so many announcements.

Satya Nadella said during the keynote that “this is clearly the age of copilots”. Copilots is the term that Microsoft is using for generative AI assistants everywhere. You will have Copilots in Windows, copilots in Azure, copilots in Office, copilots in SQL Database, and in Teams. Microsoft is going HARD on AI assistants everywhere.

Somebody in the Ignite Chat made a joke that you had to have a drink everytime Microsoft mentions the word copilot or AI. Well, you’d be dead of alcohol poisoning by noon if you did that, so I don’t suggest that game.

A couple of quotes stand out to me from the keynote:

Satya Nadella: “Copilot will be the new UI that helps us access the world’s knowledge and your organization’s knowledge. But most importantly, it’s your agent that helps you act on that knowledge.”

There were some interesting infrastructure/hardware announcements in the keynote:
- Microsoft has invented a new type of fiber optic cable that goes 47% faster than traditional cable. That’s crazy!
- Microsoft is now competing with Intel and ARM as a chip manufacturer. They announced their own silicon chip, Azure Cobalt, the fastest ARM chip of any cloud provider – 128 CPU cores on a chip
- Nvidia’s H200 AI Accelerator chip will be available in Azure
- A new Azure VM family specifically for generative AI workloads using AMD accelerator chips
- Competing with Nvidia and AMD – Microsoft has another custom chip called Azure Maia, which is an AI Accelerator chip that runs cloud-based training and inferencing for AI workloads, such as OpenAI models, Bing, GitHub Copilot, and ChatGPT.
And there were an infinite number of AI announcements. I can’t even keep up with all of them. We all know that Azure has an Open AI service so that you can access the GPT services from Open AI. But it seems they are opening the tent to all the other providers too. They are hosting Meta’s Llama 2 model as a service. And will soon provide other models hosted as a service including Mistral (code generation) and Jais (Arabic LLM).

Large Language Models (LLMs) have a new little brother! Here comes Small Langauge Models (SMLs)! Microsoft will host some SMLs starting with Phi 2 model. These models are designed to be so small, that they can be hosted on a local server with no need to access the cloud to run them.

Jensen Huang, CEO of Nvidia, made the following statement about Generative AI. Let me know if you think it’s a bit over the top: “Generative AI is the single most significant platform transition in computing history. Bigger than PC, bigger than mobile, it’s going to be bigger than Internet.”

I’m getting a bit of a headache thinking about all of these announcements. Watch the videos here, as Ignite is still going on today.

There were a lot of announcements, and I simply can’t cover them all today in this little newsletter. As I see things that are interesting, I’ll cover them in future newsletters.

See more:https://ignite.microsoft.com/

TWO.

Of all the AI (sorry, Copilot) announcements, the first one that caught my attention had to do with Azure.

Microsoft Copilot for Azure.

Microsoft describes it as a companion that will simplify how users design, operate, optimize, and troubleshoot applications and infrastructure in the cloud.

This reminds me a bit about Azure Advisor to start. Right now, Advisor applies a set of predefined rules to your specific usage of Azure and makes recommendations on how you can improve your usage. It can make suggestions about cost-saving, security or performance.

So Copilot for Azure runs in the top menu bar and is available to help. If you need to learn about some service, you can ask Copilot some questions about what the service does. And if perhaps you’re wondering what option to set or what size of resource to choose in real-time while you’re creating the resource, Copilot can provide helpful answers.

Or, if you’re trying to construct a Kusto query to get information about your resource usage, you can ask Copilot, and it will construct the query for you. That can be useful as very few people are experts in KQL. It can also work with CLI coding help as well as navigating Prometheus for Azure Monitor queries.

But besides being helpful with documentation and query writing, Copilot apparently can look at your usage of Azure and answer questions. “Why did my cost spike on April 8?” and it can look at your cost report and apparently answer that question. That could be very helpful. Or “What’s the easiest way I can reduce my spending?” Those will be helpful to a lot of people.

It will be interesting to see this in action.

See more:

https://techcommunity.microsoft.com/t5/azure-infrastructure-blog/simplify-it-management-with-microsoft-copilot-for-azure-save/ba-p/3981106

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

The following updates to the Azure platform were announced in the last two weeks:
- Azure Monitor Logs archive provides up to 12 years of retention
- Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024
- Azure Monitor Alerts integration with Event Grid for Azure Key Vault system events, in preview
- Azure Monitor Agent JSON log collection, in preview
- Ubuntu Server to Ubuntu Pro in-place upgrade now available, in GA
- Experiment templates now available in Azure Chaos Studio
- Azure Boost, in GA
- Azure VMSS Zonal Expansion, in preview
- VM Hibernation, in preview
- Microsoft Copilot for Azure, in preview
- ExpressRoute as a Trusted Service
- ExpressRoute Direct and Circuit in different subscriptions
- ExpressRoute Scalable Gateway, in preview
- ExpressRoute Seamless Gateway Migration, in preview
- Microsoft Copilot for Azure capability now available in Azure Cosmos DB, in preview
- Cosmos DB Dynamic scaling per partition and per region, in preview
- Priority-based execution in Azure Cosmos DB, in preview
- Cross-account container copy for Azure Cosmos DB NoSQL API, in preview
- Azure Cosmos DB for MongoDB vCore
- Vector search in Azure Cosmos DB for MongoDB vCore
- Free tier on Azure Cosmos DB for MongoDB vCore
- Azure AI Advantage for Azure Cosmos DB
- Trusted launch as default for VMs deployed through PowerShell and CLI
- Confidential containers on Azure Kubernetes Service (AKS), in preview
- Confidential temp disk encryption for confidential VMs, in preview
- Azure Chaos Studio is now generally available
- Azure Kubernetes Fleet Manager
- Kubernetes AI toolchain operator
- Cost analysis add-on for AKS, in preview
- Azure Container Storage is now available with Azure Linux container host
- Azure Logic Apps workflow assistant in public preview, in preview
- Announcing Azure Integration Environment in public preview
- Attach and VMs to and from Existing Virtual Machine Scale Sets, in preview
Be sure to check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

I’ll just be watching some of the Ignite videos to be up to speed on the latest announcements. Udemy’s Black Friday sale is starting tomorrow, so if you’re looking for a good deal on Azure courses (or ChatGPT), come check my profile out starting tomorrow:

https://www.udemy.com/user/scottduffy2/

WHERE TO FIND ME.

And that’s it for issue 4.23 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
November 20, 2023
Azure World Newsletter – Issue 4.22
November 1, 2023

Welcome to the twenty-second edition of the Azure World Newsletter in 2023.

Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

Microsoft Ignite is coming on November 15-16 in Seattle. This is the traditional time of year when Satya Nadella gives gifts to all the boys and girls of the world who have been good all year. There will be announcements about the future of AI, Azure, Identity, and Security, among other topics.

The first thing I always check for is if there are any certification topics. I can remember years ago, at Microsoft Ignite, going from room to room, hearing the experts talk about each of the certifications available. Those were mini cert-prep sessions, and you could then go and take the actual certification test for free on-site. Well, they don’t offer the cert prep sessions anymore. And I doubt they offer certification tests for free at Ignite like they used to.

I also always enjoy the talks by Mark Russinovich about the hardware and infrastructure underneath Azure. This year, it seems his talks will be about new innovations in AI and Cloud Native applications. There’s also an interesting talk on Radius, an open-source project that supports deploying applications across private cloud, Microsoft Azure, and Amazon Web Services.

In fact, there are a lot of talks about AI at this Ignite. This must be the main focus of the event this year.

Scott Hanselman is talking about Github Copilot and AI for developers this year. That should be interesting.

It looks like many of the events will not be recorded (even the online-only ones), so you have to watch live to catch them. Some will be, but not many will not.

See more:
https://ignite.microsoft.com/

TWO.

Microsoft has a new set of official Microsoft credentials if you are into learning and getting certified.

They are called Microsoft Applied Skills. And they are currently being offered online for free. It seems eventually, Microsoft will charge for them.

The current assessments being offered are:
- Secure storage for Azure Files and Azure Blob Storage
- Configure secure access to your workloads using Azure networking
- Deploy and configure Azure Monitor
- Deploy containers by using Azure Kubernetes Service
- Implement security through a pipeline using Azure DevOps
- Develop an ASP.NET Core web app that consumes an API
- Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls
- Configure SIEM security operations using Microsoft Sentinel
- Create and manage automated processes by using Power Automate
Applied Skills differ from Certifications in a few key areas.

Certifications test a broad range of skills. For instance, on the AZ-104 Azure Administrator certification, there are over 100 topics listed on the exam requirements. The questions on the certification test are from this large, broad array of knowledge required.

Applied Skills are only one specific skill. So if you know how to configure Azure Monitor, you can get assessed on that and get an official Applied Skill badge.

Applied Skills are assessed online (like renewal exams) and can be taken at any time.

It looks like the Applied Skills can involve doing an interactive lab. So, for instance, if you’re taking the assessment for Virtual Networking, you’ll be asked to set up a Virtual Network on the real Azure environment.

Tonight, for fun, I did the Azure Networking Applied Skills assessment. I did enjoy it. It’s also good practice for taking a real certification. Covers only a small number of skills, but good practice.

(The result? I am pretty sure I did it exactly right. But it gave me an error when I submitted it. Oh well. Maybe it’s not 100% perfect. Still, it’s interesting.)

See more:
https://techcommunity.microsoft.com/t5/microsoft-learn-blog/announcing-microsoft-applied-skills-the-new-credentials-to/ba-p/3775645

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

The following updates to the Azure platform were announced in the last two weeks:
- Flush data operation for Azure Cache for Redis, in preview
- Built-in Azure Monitor alerts for Azure Site Recovery, in preview
- Disable Secure Shell (SSH) support in AKS, in preview
- Snippets for Azure Static Web Apps, in preview
- Traffic Splitting for Azure Static Web Apps, in preview
- Announcing the new Azure Bastion Developer SKU, in preview
Be sure and check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

I’ve launched a bunch of new practice test courses on Udemy. So if you’re taking a video course from me, chances are that I have a practice test course available as a complement.

Other than that, I’m taking it easy this week in preparation for Microsoft Ignite coming up later this month. There are usually a bunch of announcements and changes that come out of that event, and I need to be well-rested.

WHERE TO FIND ME.

And that’s it for issue 4.22 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
November 6, 2023
Azure World Newsletter – Issue 4.21
October 18, 2023

Welcome to the twenty-first edition of the Azure World Newsletter in 2023.

Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.

It’s been a bit of a slow couple of weeks when it comes to news. Microsoft Ignite is coming in November, and perhaps they are saving a few big announcements for the middle of the next month.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

I must admit that I haven’t been paying attention to a new open-source end-to-end web app testing framework called Microsoft Playwright. Microsoft this week announced a new Microsoft Playwright Testing (MPT) service in preview mode.

Playwright is a web testing tool similar to Selenium. This falls into the category of web automation testing software. You can record or program your app tests using this tool, and it will run through the web automation tests using either a desktop browser, mobile browser, and can even test API calls.

You can write your tests in many languages, including JavaScript, TypeScript, Java, Python or C#. Of course, it’s cross-platform for Windows, Mac, Linux, Android or iOS. It supports geolocation, where you simulate your tests from different regions of the world. It also supports all main browsers, including Chromium, WebKit, or Firefox-derived browsers. It can also support headless mode if you don’t want your monitor to be taken over during testing.

The Microsoft Playwright Testing service is built into Azure, and you can set up your application tests to run in the cloud. You can scale the tests to run in parallel, so that you’re not waiting hours for the tests to complete. It was recently in private preview, but Microsoft has now opened that up to a public preview. Anyone can try it.

If you want to test your web apps in the cloud, check it out.

See more:
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/introducing-microsoft-playwright-testing-service-private-preview/ba-p/3905705

And here:
https://azure.microsoft.com/en-us/products/playwright-testing/

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

The following updates to the Azure platform were announced in the last two weeks:
- Microsoft Playwright Testing service: Scalable end-to-end testing for modern web apps, in preview
- App Service: Backup and Restore over Azure Virtual Network
- ExpressRoute Traffic Collector is now generally available
- Announcing Public Preview of Azure API Management Pricing Tiers: Basic v2 and Standard v2
- Virtual Machine Scale Set Default Orchestration Mode changing from Uniform to Flexible on PowerShell, Azure CLI
- Azure Dedicated Host – Resize, in GA
- Windows Server 2012/R2 reaches end of support
- VMSS Automatic Instance Repairs – Reimage, Restart Repair Actions, in preview
The following services are being retired, please take note:
- Support for Azure Machine Learning Explanation and Fairness Dashboards is ending on 14 March 2025
- Support for TLS 1.0/1.1 on Azure Cache for Redis ending on 30 September 2024
- Azure Activity Logs Legacy solution is replaced by Diagnostic settings
- Azure Cosmos DB built-in Jupyter notebooks will be retired March 30, 2024
- Bing Speech will be retired on 3 November 2023
- Azure Functions support for Python 3.8 is ending on 14 October 2024
Be sure and check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

So far in October, I’ve recorded or re-recorded 6 hours of videos for my AZ-204, AI-900. AZ-104, and DP-900 courses. These updates keep the videos fresh, showing the latest Azure UI, covering new or changed Azure features, and ensure the courses continue to be the most relevant available on the topics.

We have also launched many new Practice Test courses for various Azure Certifications. There are new practice test courses for:
- AZ-700 Azure Networking
- AZ-500 Azure Security Technology
- AZ-104 Azure Administrator
- AI-102 Azure AI Engineer
My team and I continue to work hard to keep the courses up-to-date and help you in your certification journey.

WHERE TO FIND ME.

And that’s it for issue 4.21 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
October 20, 2023
Azure World Newsletter – Issue 4.20
October 4, 2023

Welcome to the twentieth edition of the Azure World Newsletter in 2023.

Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

Default outbound access for VMs in Azure will be retired

If you were to create a new Virtual Machine in Azure today, even with a private IP address and no public IP address, you could access the Internet from that machine. There is default outbound access from any VM to the Internet. The NSG has default rules that allow outbound internet access as well.

On 30 September 2025, this will no longer be the case.

After this date, all new VMs will require an explicit path to access the Internet. You will need an Azure NAT Gateway setup, Azure Load Balancer outbound rules, or a public IP address for the machine directly attached.

Existing VMs that have outbound internet access will continue to work after this date.

Many people in the Azure Facebook group commented that this is the way that AWS has worked for years and this is the way it should work. So, this seems like a good move by Microsoft to tighten up VM connectivity a little more, which should make things more secure in many ways.

Imagine a hacker could get access to a machine somehow, but that machine did not have outbound internet access. That makes it more difficult for them to exfiltrate data from that machine or whatever they hoped to do.

And instead of having all private VMs use a range of Azure-controlled IPs to access the web, each machine will have a traceable IP address. This makes the web safer for all of us, allowing admins to block specific malicious IP addresses without affecting millions of innocent systems.

Microsoft recommends that you do not rely on default outbound access and that you transition to one of the methods for any VMs you have that need outbound access.

See more:
https://azure.microsoft.com/en-us/updates/default-outbound-access-for-vms-in-azure-will-be-retired-transition-to-a-new-method-of-internet-access/

TWO.

Microsoft has announced several exam updates in the last week or two. They’re going to keep me busy this month, updating my courses.

One of the themes of the update is finally the broad rollout of the Microsoft Entra brand, replacing Azure Active Directory (Azure AD). So, instead of an exam requiring knowledge of Azure AD Users, the new objectives will ask about Microsoft Entra ID Users. That one is fairly easy to understand.

Another theme rolling out on several exams is introducing “generative AI” into the exam objectives. Even the fundamentals exam, AI-900 Microsoft Azure AI Fundamentals, now contains a generative AI objective.

Now, this topic is referring specifically to the Azure OpenAI Service. As you know, Microsoft has invested heavily in Open AI, the team behind the popular ChatGPT.

The odd thing is that I believe the Azure OpenAI Service still requires you to apply for access. I have not seen any announcement opening up access to the broader public. It’s still in a private preview. But those topics have been added to the exam. This topic also appears on the AI-102 Azure AI Engineer exam.

Today, I also noticed that Microsoft has just announced the retirement of several AI Services, including Metrics Advisor, Anomaly Detector, and Personalizer. Since the objectives of the AI-102 exam are being updated at the end of the month, and they include these services.

So we have this odd situation where services are clearly being retired, and the exam still tests for them. I guess Microsoft will have to resolve that shortly. We’ll see.

See more:
https://azure.microsoft.com/en-us/updates/ai-services-anomaly-detector-will-be-retired-on-1-october-2026/

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

Microsoft has been quite busy. Quite a few updates for you this week. And a bunch of retirements.

The following updates to the Azure platform were announced in the last two weeks:
- Alerts timeline view, now in preview
- OpenAI Whisper model in preview
- GitHub Advanced Security for Azure DevOps, in GA
- Azure Update Manager, in GA
- Share VM images publicly with community gallery – Azure Compute Gallery feature
- Domain fronting update on Azure Front Door and Azure CDN
- Gateway Load Balancer IPv6 Support
- Azure API Center, in ungated preview
- Additional cache sizes for Azure Cache for Redis Enterprise, in preview
- Azure SQL Database free offer – serverless, in preview
- Azure Communication Services Job Router, in preview
- AKS image cleaner, in GA
- Vertical Pod Autoscaling add-on for AKS, in GA
- Azure Functions extension for Dapr, in preview
- Artifact cache for Azure Container Registry
- Azure Container Apps is now eligible for Azure savings plan for compute
- Azure Data Explorer Add-On for Splunk, in preview
- Enhanced soft delete for Azure Backup
- Multi-user authorization for Backup vaults
The following services are being retired, please take note:
- Azure AI Video Indexer classic accounts will be retired on 30 June 2024
- The Azure Storage Ruby client libraries will be retired on 13 September 2024
- Azure Database for MariaDB will be retired on 19 September 2025
- Support for the 1.x version of Azure Functions ends 14 September 2026
- The Azure Storage Android client libraries will be retired on 13 September 2024
- Azure Communication Services Network Traversal (TURN) Public Preview is retiring
- Extended support for PHP 8.1 ends on 25 November 2024
- Extended support for Python 3.8 ends on October 2024
- SAP HANA on Azure Large Instances will be retired by 30 June 2025
- Computer Vision v1.0, v2.0, v2.1, v3.0, and v3.1 APIs will be retired on 13 September 2026
- App Service Environment version 1 and version 2 will be retired on 31 August 2024
- AI Services Metrics Advisor will be retired on 1 October 2026
- AI Services Anomaly Detector will be retired on 1 October 2026
- AI Services Personalizer will be retired on 1 October 2026
- Azure Batch task authentication token will be retired on 30 September 2024
- Azure Batch CLI extensions will be retired on 30 September 2024
- Support for select marketplace images for Batch pools will be retired
- Azure Internet Analyzer will be retired on 15 March 2024 – delete profiles
Be sure and check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

As I wrote above, there are many updates to make to several courses that need to be made in October, including AI-900, AI-102, and others. And I will continue to record updates to AZ-305 as I have been doing.

I should note that even though there are changes announced for AZ-104 and AZ-204, those changes are cosmetic, and they won’t require changes to your study plans or the course.

In September, I recorded or updated over 3 hours of content in the AZ-204 course and over 3 hours of updated content in the AZ-305 course. I’m trying to ensure all of the videos have the latest UI and the latest content.

WHERE TO FIND ME.

And that’s it for issue 4.20 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
October 7, 2023
Azure World Newsletter – Issue 4.19
September 20, 2023

Welcome to the eighteenth edition of the Azure World Newsletter in 2023.

Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

A recent sophisticated hacker attack against a client of Microsoft Azure exposed a weakness in one of the oldest security systems protecting Azure storage – SAS tokens.

By default, an Azure Storage account is created with a public URL to access it. This doesn’t mean the data inside the storage account is available for anyone to read. You still need a security key to access the data. One analogy can be a bank safe with a door exposed to the street. The door is locked, and it’s impossible to break the door or the lock. But there is still a door exposed to the street, allowing anyone with the key to enter with no other security measures.

Also, by default, an Azure Storage account is protected with two access keys. Anyone with one of these keys can access the contents of the storage. It’s just extremely hard (impossibly hard) to guess the key using brute force. The key is 512-bits. That is a 1 with 154 zeros, which is more than the estimated number of atoms in the universe.

Users should never share their Azure Storage key, if possible. Once a storage account becomes central to operations, changing the key is very difficult. However, Microsoft does offer a way to share access to files securely through the SAS Token.

(I’ll stop here and say that many professionals shudder at the thought of using SAS tokens on valuable stuff, but as of the time of writing, it’s a prominent security tool.)

The SAS token uses the secret access key to digitally sign some parameters like read/write permission, start and end date for access, and specific scopes of what can be accessed. You can send this signed token to a third party, and they can use it to access the file.

By having the SAS token, the third party cannot get access to anything you did not specifically give them access to and does not have access to the secret key used to create it.

Of course, there is a downside.

SAS tokens don’t get saved anywhere in Azure. You generate them (a digital signature) and can share them with co-workers and partners. Azure promptly forgets that they were generated, and it’s up to you – a human – to remember who you gave access to which files.

Notoriously, most humans are terrible at remembering stuff.

And so, a recent hack against an Azure client led to the hacker finding a SAS token for an Azure Storage container. That container contained a lot of valuable data, and the SAS token had basically full privileges. This allowed them to encrypt those files and demand a ransom for their recovery.

So, while there was not a vulnerability in Azure itself and SAS tokens “worked as designed” in this scenario, the client had created a huge whole in their security without knowing about it by having a token with full permissions to a valuable storage account stored somewhere that a hacker could potentially find.

SAS tokens are fine for some situations. But they are difficult to manage once created. Their permissions cannot be modified after creation, nor can the token be directly revoked before its expiry date. The only way to invalidate a token is to recycle your access key, which could break a lot of apps unintentionally, so it is difficult to do except in emergencies in a production context.

There’s no central page in the Azure Portal to show which SAS tokens have been created and alert you to ones that are still valid.

When creating SAS tokens, ensure they have very short expiry times and are limited only to the exact permissions required to perform their intended task (such as read-only). For sensitive storage situations, don’t use SAS tokens.

See more:
https://www.bleepingcomputer.com/news/microsoft/microsoft-leaks-38tb-of-private-data-via-unsecured-azure-storage/

See more:
https://techcommunity.microsoft.com/t5/azure-confidential-computing/announcing-trusted-launch-as-default-in-azure-portal/ba-p/3854872

TWO.

Microsoft is touting a new “almost free” WordPress solution within Azure, but I swear this solution has been around since almost the start of Azure App Services.

I can recall several years ago creating videos about how to create a WordPress website for free in Azure. There was “WordPress for App Service” in the Azure Marketplace that allowed you to create a WordPress website with a MySQL backend using the free tier of Azure App Services.

It seems Microsoft has revamped this service from all those years ago to improve it.

WordPress on App Service is new and improved. The marketplace image is now always going to be the latest versions of WordPress and PHP. It also provides performance improvements, including caching and image compression by default. They’ve followed a lot of WordPress’ own recommendations on performance.

And finally, WordPress on App Service comes with several tiers of hosting plans to meet your needs. Now, with a free version as well, you can also choose a basic website for hobbyists, a development website, the standard option for most production applications, and a premium tier for websites that are under heavy workload.

Do you want to experiment with hosting WordPress in Azure? Check out this service.

See more:
https://visualstudiomagazine.com/articles/2022/03/03/wordpress-on-app-service.aspx
and
https://www.infoq.com/news/2023/09/azure-wordpress-free-playground/

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

A few updates for you this week.

The following updates to the Azure platform were announced in the last two weeks:
- Azure AI Speech service can help with call automation, in preview
- Azure Load Testing now supports uploading large files as ZIP
- Azure Front Door Standard and Premium support bring your own certificated-based domain validation
- Configure load testing in your CI/CD pipeline from Azure portal
- Latest generation burstable VMs – Bsv2, Basv2, and Bpsv2
- Configure customer-managed keys on existing Cosmos DB accounts, in preview
- Use Azure Key Vault to securely store and retrieve access key when mounting Azure Storage as a local share in App Service
- Sensitive Data Protection for Application Gateway Web Application Firewall
- WordPress on App Service – Free hosting plan now in Public Preview
- Save Azure Backup Recovery Services Agent (MARS) passphrase to Azure Key Vault, in preview
- Malware Scanning in Defender for Storage
Be sure and check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

Last week, I added a free practice test to the TOGAF 9.2 and TOGAF 10 Part 1 courses.

I’m now going through some of the courses – AZ-204 and AZ-104 particularly – and updating many of the videos to reflect the latest Azure Portal and/or Visual Studio UIs. I’ve also been adding videos to these courses to go deeper into topics as it makes sense.

WHERE TO FIND ME.

And that’s it for issue 4.19 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
September 25, 2023
Azure World Newsletter – Issue 4.18
September 6, 2023

Welcome to the seventeenth edition of the Azure World Newsletter in 2023.

Hello again, my friends from around the world. I’m so happy you continue to subscribe and read this bi-weekly newsletter on Azure. I enjoy sitting down each week to research and write this, and hopefully, you will continue to find value in it. Feel free to invite your co-workers or others to subscribe if you think they would find it helpful.

The unsubscribe link is at the bottom if you want to stop receiving these emails.

Sign up for this bi-weekly newsletter

ONE.

If you’ve created virtual machines recently using the Azure Portal, you might have noticed a new change: trusted machines are now the default setting.

You can still choose the old security setting using a dropdown on the Portal. And other ways of launching VMs remain unchanged for now.

A trusted launch adds security features to launching virtual machines using verified and signed bootloaders, OS kernels, and a boot policy. This protects against boot kits, rootkits, and kernel-level malware.

The four security features enabled by Trusted Launch are:
- Secure Boot
- Virtual TPM (vTPM)
- Measured Boot
- Boot integrity monitoring
Modern physical machines (such as your laptop) have a security processor called a TPM. This provides cryptographic storage that can be used to confirm that the operating system and firmware on your device are what they’re supposed to be. In fact, with Windows 11, Microsoft requires TPM 2.0 to be available on the machine hardware, and many machines (even newer ones) don’t support that. This is why many machines, even powerful ones, can’t be updated to Windows 11.

With virtual machines, there is a virtual TPM (vTPM). This allows customers to protect keys, certificates, and secrets in the virtual machine.

You’ll need a trusted virtual machine to launch a Windows 11 VM.

See more:
https://techcommunity.microsoft.com/t5/azure-confidential-computing/announcing-trusted-launch-as-default-in-azure-portal/ba-p/3854872

TWO.

Azure App Services have a WebJobs feature that allows you to run a background job such as an executable or a script. These background tasks operate independently of the web app itself, and there is no extra cost to run a WebJob.

Now, Azure Container Apps also support WebJobs.

Jobs enable you to run serverless containers that perform background tasks that run to completion. These jobs can either be started manually, scheduled on a timer or can respond to some event.

You can use these background jobs for many different purposes. You can schedule a job to run every night at a specific time to perform an end-of-day task that your app might require.

You can also respond to an event, such as a new message arriving in a queue. That can trigger a job to run. In this way, it can be like Azure Functions.

Jobs can run multiple executions concurrently. So if there are multiple messages that arrive in queue in a short period of time, all of them can be processed at the same time.

Check the blog post for more information.

See more:
https://techcommunity.microsoft.com/t5/apps-on-azure-blog/generally-available-azure-container-apps-workload-profiles-more/ba-p/3913345

Sign up for this bi-weekly newsletter

AZURE PLATFORM UPDATES.

A few updates for you this week.

The following updates to the Azure platform were announced in the last two weeks:
- Cross Subscription Restore for Azure Virtual Machines
- Rate-limit rules for Application Gateway Web Application Firewall, in preview
- Quick create Azure Front Door endpoints for Azure Storage accounts
- Improve VM resiliency with Azure Advisor’s Availability Zone recommendation
- Azure Portal experience for Azure Database Migration Service, in preview
- Auto-upgrade scheduled maintenance for AKS, in GA
- Azure Container Apps dedicated plan, in GA
- Azure Container Apps supports additional TCP ports
- Azure Container Apps jobs
- Azure Container Apps supports environment level mTLS encryption, in preview
- Azure Functions .NET 8 support in Linux plans, in preview
- Trusted launch as default for VMs deployed through the Azure portal
- Azure Firewall: Auto-Learn SNAT routes feature is now in public preview, in preview
- Azure Firewall: Explicit Proxy is now in public preview
- Azure Firewall Single-Click Upgrade and Downgrade is now in general availability
- Azure Monitor VM Insights using Azure Monitor Agent, in GA
Be sure and check out the Azure Updates page if any of these affect you.

https://azure.microsoft.com/en-us/updates/

COMING UP FOR ME.

Did you know I have Azure practice labs?

At the GetCloudSkills labs website, you can buy 3-month passes to a whole set of Azure labs around a particular exam, including time in Azure to practice them! If your free account is over, no need to worry. For only $24.99, you can get 3-months of Azure time and a bundle of labs to practice with.

I also have a 12-month lab package available that comes with over 700 labs, including Azure, AWS, Linux, Cybersecurity, and more.

Check out my website for details.

http://www.getcloudskills.com/

WHERE TO FIND ME.

And that’s it for issue 4.18 Thanks for reading this far. Talk to you again in two weeks.

What is your favorite platform to be on? Perhaps we can connect there.

Facebook Page: https://www.facebook.com/getcloudskills/

LinkedIn: https://www.linkedin.com/in/scottjduffy/

Instagram: https://www.instagram.com/getcloudskills.ca/

Twitter: https://twitter.com/scottjduffy

Udemy: https://www.udemy.com/user/scottduffy2/

LinkedIn Learning: https://www.lynda.com/Scott-Duffy/1993589682-1.html

Sign up for this bi-weekly newsletter
September 12, 2023