Something that was announced recently at Microsoft Build 2017 in the US was all the new features released part of Azure Resource Manager deployment using JSON templates. Property Iteration – copying of properties within resources Resource Iteration – parallel or serial copying of resources in CopySet constructs Cross Resource Group Deployment Conditions The video of the announcement is at the very bottom. However the one that took my fancy and one that was asked about by a recent customer was resource iteration and using arrays to create multiple copies of a resource in Azure using parallel copies. The online documentation…
Storing Files safely & securely in Publicly Accessible Storage
I had a requirement recently in my adventures with Azure JSON/DSC VM deployment, I needed a way to store source files and software in a repository in a publicly accessible Azure blob storage container. So that post deployment, my VM could use DSC and pull down the source files, decrypt them and work with them. The only way I could do this is if I safely encrypted the files, so if someone got access to them, I wouldn’t really care, they’d be effectively useless. Below uses encryption using two strings passwords as well as any certificate’s thumbprint as added security….
Azure Service Principal using Password Authentication
If you wanted to ever setup a service account to use for Azure administration that uses a password for authentication, setup a Service Principal in AAD. Use this to use for things like Azure automation or any of those other Azure PowerShell admin scripts you have. See my other post on how to setup an Azure AD Service Principal using certificate based authentication instead. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode…
Azure News 2017 – Week 28
Azure is a leader, Azure Certificate changes, Azure Roadmap, Managed Applications, free PluralSight courses and much more on the Need to Know podcast. Gartner has recognised Microsoft as a leader Gartner has recognised Microsoft as a leader in their Cloud Infrastructure as a Service (IaaS) MQ for the fourth consecutive year. More than 90 percent of the Fortune 500 use Microsoft’s cloud services today. A recent study stated that Microsoft Azure is the most used Public Cloud as well as most likely to be renewed or purchased. More Info Preview of Azure Service Health Announcing the preview of Azure Service…
Azure News 2017 – Week 27
Azure Backup Server v2, Azure Site Recovery Azure-2-Azure, Machine Groups in Service Map plus more on Episode 157 of the Need to Know podcast. Consolidating our mobile management tools under Azure We have consolidated our Enterprise Mobility + Security (EMS) suite of products under the new Azure portal, combining the Intune mobile application management tools, Azure Active Directory (AD) and Information Protection under a single console. This offers a unified admin experience. The benefits of the integration to the Azure portal include: Unified console for EMS components The HTML-based console is built on web standards and support for most modern browsers For Intune,…
Azure News 2017 – Week 26
Azure News as heard on the Need to Know podcast. New faster VPN Gateways, Larger Azure disks, plus more…. New Azure VPN Gateways now 6x faster There are a whole bunch of new generation of VPN gateways with better performance, better reliability and backed by an even stricter SLA – at the same price as our older gateways. We now provide custom IPsec/IKE policy selection giving you more flexibility to choose your encryption policy. You may need higher Diffie-Hellman Group or PFS Group (Perfect Forward Security) than the default, or there are certain cryptographic algorithms that you want to exclude (e.g.,…
AAD Service Principal Certificate Authentication
Did you ever wanted to automate everything in Azure? Using Azure Automation or using Remote PowerShell – pretty much anything automated in Azure, you should NOT be using a stock standard user account. Why? Because you can have all sorts of problems, for instance the password can expire and then it breaks everything and everything stops working. It’s a bit like on-prem days where you would use specific service accounts, each service account setup for a specific purpose, much easier to manage and it’s best practice. In Azure it’s no difference, you use a service principal and grant this service…
Azure News 2017 – Week 24
Azure News as heard on the Need to Know podcast. Episode 155 with both Rob and myself. Public preview of disaster recovery for Azure IaaS virtual machines You can now easily replicate and protect IaaS based applications running on Azure to a different Azure region of your choice within a geographical cluster without deploying any additional infrastructure components or software appliances in your subscription. Geographic cluster Azure regions America Canada East, Canada Central, South Central US, West Central US, East US, East US 2, West US, West US 2, Central US, North Central US Europe UK West, UK South, North…
Azure (ASM) Classic IaaS inventory
If you ever wanted to capture a full inventory of an Azure Classic ASM IaaS based environment, using the script below is how you can do it – run it for ‘each’ Cloud Service. This will create two .json files on the desktop, one for the Cloud Service containing all the VMs (along with detailed information) and another for the vNet which is used. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional…
Azure News – Week 22
Azure News as heard on the Need to Know podcast – Episode 154 OMS-ITSM Connector We are happy to announce that the OMS team has released the public preview of the OMS-ITSM Connector, it’s a bidirectional solution to connect with System Center Service Manager – ServiceNow, Provance and Cherwell ITSM. The IT Service Management Connector integrates your existing IT service management (ITSM) products and services with OMS Log Analytics. The solution provides the OMS users with an option to create incidents, alerts, or events in an ITSM solution, or the other way by importing data such as incidents and change…
Marc Kean 
You must be logged in to post a comment.