Azure Logging/Auditing Series (1) – Activity Logs

Logging and auditing plays a critical role in the security and compliance strategy of any serious organization. Collecting detailed information on events that happened and changes made to resources is the foundation of areas like security monitoring and digital forensics and the Azure platform is not different in this respect. The Azure platform delivers multiple […]

Blind spot fixed! Azure AD new sign-in logs improvement

azure blind spot

In a previous blog post on Securing Azure Service Bus, I highlighted the blind spot of not being able to audit sign in events when using Azure AD for Service Bus authentication. This is because the authentication is non-interactive and requires the sender or receiver of the brokered message to use either a service principal […]

Microsoft Ignite 2019 Announcements – Day One

Azure ARC Azure has Azure Stack for on-premises DCs; AWS has Outposts to bring AWS services to companies’ own DCs; Google introduced Anthos, to let companies run Google cloud software in their DCs. Azure Stack is available. Neither Outposts nor Anthos is available yet. Now Azure has Azure ARC to extend to other cloud infrastructure. https://azure.microsoft.com/en-gb/blog/azure-services-now-run-anywhere-with-new-hybrid-capabilities-announcing-azure-arc/  […]

Azure Storage Options

The Azure storage account service is “sort of” a parent service that supports multiple “sub-services” for different types of data and use cases. The different services that an Azure storage account can provide are below: Blob File Table Queue Data Lake Gen2 The services that we can use with an Azure storage account depends on […]

The Four Pillars of Azure Billing Administration

Introduction/Overview The goal of billing in general is to have cost clarity and to understand your spending. So that you’re not being over charged and you don’t understand where the costs are coming from…Basically, to fulfill the following: Cost planning Cost visibility Cost monitoring Cost optimization Cost Issues In Azure Many old habits/behaviors will create […]

AZ-300-Prep-Guide: Azure Networking – Application Gateway

Microsoft Documentation https://docs.microsoft.com/en-us/azure/application-gateway/overview https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq Overview Basic Information It’s an application delivery controller with application level load balancing capabilities for web traffic  Because it is application level, we can manage traffic beyond source/destination IP (Layer 3) and source/destination port (Layer 4) E.g. based on the path of the traffic It’s ONLY for Web traffic and not […]

Azure Architect Demo Series 3b – Deploy a Virtual Machine Scale Set (VMSS) with PowerShell Desired State Configuration (DSC)

 Pre-Requisites N/A Lab Instructions https://github.com/MicrosoftLearning/20535-ArchitectingMicrosoftAzureSolutions/blob/master/Instructions/Labs/Mod03/20535A_LAB_AK_03.md Exercise 2: Deploy a Virtual Machine Scale Set (VMSS) using PowerShell Desired State Configuration (DSC) Task 1: View ARM Template GOAL: To review an ARM template that is located on our lab VM (F:\Mod03\Labfiles\Starter\vmss.json) Lab VM → This PC → F:\Mod03\Labfiles\Starter\vmss.json → Open with Code Task 2: Deploy a […]

Azure Architect Demo Series 3a – Deploy a VM PowerShell Desired State Configuration (DSC)

 Pre-Requisites N/A Lab Instructions https://github.com/MicrosoftLearning/20535-ArchitectingMicrosoftAzureSolutions/blob/master/Instructions/Labs/Mod03/20535A_LAB_AK_03.md Exercise 1: Deploy a Virtual Machine PowerShell Desired State Configuration (DSC) using ARM Tasks 1 and 2: Create a Windows Virtual Machine GOAL: To create a “Windows Server 2016 Datacenter” VM called “autoconfigvm“ in a new resource group called “MOD03VDSC“ in the “East US” region using the Azure portal […]

Azure Architect Demo Series 2 – Deploying Resources with Azure Resource Manager

 Pre-Requisites N/A Lab Instructions https://github.com/MicrosoftLearning/20535-ArchitectingMicrosoftAzureSolutions/blob/master/Instructions/Labs/Mod02/20535A_LAB_AK_02.md Exercise 1: Create Resource Groups Tasks 1 and 2: Create a Resource Group using the Portal GOAL: To create a resource group called “MOD02STOR“ in the “East US” region using the Azure portal Azure Portal → Create a resource → Resource Group → Create → Create Name: MOD02STOR Location: […]

Azure Resource Manager (ARM) Template Structure (01) – Schema Element

In developing an understanding of the Azure ARM template, there are two main areas that I advocate covering. Its STRUCTURE and SYNTAX. A basic ARM template structure contains the following sections (or elements): [code language=”bash”] { "$schema": "", "contentVersion": "", "parameters": { }, "variables": { }, "functions": { }, "resources": [ ], "outputs": { } […]