TL;DR: You can flip an existing ExpressRoute circuit from Standard (or Premium) to Local in minutes, but you’ll need to hop out of the Azure portal and run a couple of Az PowerShell commands. Here’s how we did it. Why bother with the Local SKU? If that sounds like your use-case, read on. The official word Microsoft’s docs spell it out: you can’t make this change in the portal. Use PowerShell or the Azure CLI instead. Microsoft Learn Before you start Running this first to check current SKU: The output would look something like this: To change the SKU –…
Category: PowerShell
Assign Microsoft Graph permissions to Azure Managed Identity
I have a user assigned managed managed identity in Azure called ‘TestMI‘. I want to give this managed identity permissions to run Microsoft Graph PowerShell cmdlets. As a managed identity in Azure, this appears under enterprise applications in Entra. Normally with the old service principals, as these appeared under app registrations, you’d simply go into the Azure portal and navigate to API permissions, where you can assign the necessary Microsoft Graph permissions. But, managed identities in Azure are slightly different and fall under enterprise applications. As such, we don’t have the option in the Azure portal to assign API permissions…
Programmably connect to a WiFi network using a password
Connecting to a wireless network using a password is harder than what you might think, as you need to create a WiFi ‘profile’. The below PowerShell code can do exactly what you need, it creates the WiFi profile, and connects you to the WiFi network automatically. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden characters # Fill in mandatory details for the WiFi network $WirelessNetworkSSID = '<WiFi_SSID>' $WirelessNetworkPassword…
Easy tagging of resources in Azure for billing and charge back
Tagging of resources in Azure can be a pain, especially if you have heaps of resources deployed. Tagging is used primarily for billing purposes and tags applied to the resource group are not inherited by the resources in that resource group. What’s more, if you want to chargeback Azure consumption to the business across various business units, tagging is the best way to do it. There’s a few of ways you can chargeback to business units by using tags: Download or view your Azure billing invoice and daily usage data Connect to Microsoft Azure Enterprise with Power BI Cloudyn which has…
Save Money with Azure, intelligent shutdown of VMs
This blog post is based on 3 separate asks from 3 separate customers about adding value for their Azure subscriptions. They came to be and said “Marc, I would like to devise a scheme where at 7pm every night, all Dev/Test VMs can be shut down to save money and the business owners have the final say.” There’s one problem though, the business owners don’t have access to the Azure portal – it has to be done over email. What’s more, an option to force the shutdown of the VMs if the business owners don’t respond in a time frame…
Instant Monitoring of Windows Performance
Here’s an example similar to my other Blog post Instant Monitoring of Windows Services. Instead, this blog demonstrates monitoring Performance Counters and using alerts to fire off a scheduled task. This scheduled task fires off a PowerShell script which in turn fires off an Azure Function, which in turn fires off an SMS text message and records an entry in a Log Analytics custom log. All this happens sequentially in the space of about 5 seconds. This blog demonstrates monitoring these 3 basic performance counters: Processor(_Total)\% Processor Time Memory\% Committed Bytes In Use LogicalDisk(C:)\% Free Space You could monitor more…
Instant Monitoring of Windows Services
Has there been a seriously critical Windows Service which you need to monitor in real-time, or more than one Windows Service? – i.e. as soon as the Windows Service stops, you need to be notified by getting an SMS text message to your phone – within 5 seconds? While this is slightly manual, once setup, it works perfectly well and is reliable. This is similar to my other blog post which discusses Instant Monitoring of Windows Performance. This blog post walks you through everything, I am using both Azure Functions and the Telstra SMS API in Australia to send instant…
Log Analytics Data Collector API
You can send practically any data to Azure Log Analytics (aka. OMS). As long as you can convert it to JSON format prior to sending it to your Log Analytics workspace. Here’s the official write up on it https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-data-collector-api. Data that you upload gets sent to a custom log, with the characters ‘_CL‘ at the end, these characters are appended automatically. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden…
Create Azure Blob Storage SAS tokens
An Azure blob SAS (Shared Access Signature) token is used in many places in order to access either a specific blob or a container. It’s simply a string made up of your storage account name and your storage account key. The whole point of the SAS token is that you can share it with anyone you like to give them access to blob storage without compromising your real underlining storage account key. The SAS token is in a format which can be used in a URI/URL. It is not a certificate and is not stored anywhere, it’s purely created/constructed and…
Azure Automation DSC Config example
There’s a couple of ways to do DSC on Azure, you can deploy a template and use the DSC extension resource to deploy DSC configuration to your VM (simple for quick simple deployments), or you can leverage Azure Automation as a DSC Pull server (subject of this blog), where you store all your DSC configuration scripts, MOF files and manage all your DSC nodes, to see drift, compliance etc. This blog post discusses my github repo, which: Deploys an Azure VM Deploys a vNet into a separate Resource Group (Cross Resource Group Deployment), a resource group used for shared resources…
Marc Kean 
You must be logged in to post a comment.