In this article, I will show you how to prevent the creation of all resources in Azure. You may be thinking, “Why on Earth or any other planet would anyone want to do that”? Good question! While working on a tenant migration, I was given the task of freezing the creation of new resources in the legacy environment until the migration was complete. Here’s how I accomplished that task using Azure Policy.
Continue reading “Azure Policy to Deny Creation of All Resources”
Azure Active Directory is an Identity and application management platform that provides a variety of methods for publishing apps for either internal end user or external customer access. The applications deployed the applications deployed via Azure AD can be an On-premises web app, a third-party SaaS application or your own custom developed application.
Continue reading “How to Choose an Azure AD Solution for Deploying Apps”
It’s the Holiday season and what better way to spend it than enjoying amazing Azure videos. The Azure Advent Calendar is a community driven event spearheaded by Gregor Suttie and Richard Hooper. Over the course of 25 days during the month of December, members of the community will provide videos discussing a wide range of Microsoft Azure related topics.
Continue reading “Azure Advent Calendar Day #16: Azure File Sync”
An important security measure when running workloads in Azure or any Cloud service is to control the type of traffic that flows in and out of resources. The resources can be virtual machines running a SQL database, web applications or domain services.
Continue reading “Azure Firewall vs Network Security Group (NSG)”
The Azure platform consists of a variety of resources that generate large volumes of activity and diagnostic log data. The source of this data can be subscription level events such as deallocating a virtual machine, deleting a resource group or creating a load balancer – essentially any create, update or delete operation on a resource. It can also include resource level activities such as a VM Windows event logs, VM performance data, web app response times – logs related to resource utilitization.
Continue reading “Azure Monitor Logs and Kusto Query Language (KQL)”
Are you Cloud computing on a budget? This article explains how to manage your costs by configuring a budget for your Azure subscription and receive alerts for when you are nearing the budget limit. This a great feature to leverage to avoid any costly surprises for your dev/test or pay-as-you-go account. Let’s face it, there are many cool features to explore in Azure and it’s very easy to deploy a resource or service and forget about it. I’ve done that and quite possibly, so have you.
Continue reading “Azure Tip: Create a Subscription Budget to Manage Costs”
We’ve now reached the final article in this three part series covering Configuration Management in Azure automation. In Part 1, I discussed the Inventory tool and how to onboard an AWS EC2 virtual machine to Azure. Part 2 covered Change tracking and how to monitor changes to various resources on the AWS instance. In this article, Part 3, I will cover Azure State configuration (DSC) and how to register an AWS VM as a DSC node to apply a desired state.
Continue reading “Azure Configuration Management of AWS VMs (DSC) – Part 3”
In part 1 of this series, I discussed the Inventory tool that is a part of Azure Automation’s config management and how to on-board an AWS VM for management. In this article, I will cover Change Tracking. With Inventory, you get a report on the Windows files, registry and services, as well installed software for the machines being monitored. However, Change Tracking takes it a step further and provides a notification whenever there is a change to anything that’s being tracked on the machine. It also provides the capability to perform queries against the change logs. Let’s take a look and see how it works.
Continue reading “Azure Configuration Management of AWS VMs (Change Tracking) – Part 2”
One of the first questions asked whenever a system or application goes down is “what changed recently”. Ill-planned or unplanned changes are often the underlying cause of failures. And if you live on the Operations side of the IT fence like me, a large portion of your existence is dedicated to mitigating the negative impact of these age accelerating events.
Continue reading “Azure Configuration Management of AWS VMs (Inventory) – Part 1”
Azure Ad Connect provides organizations with the ability to synchronize their On-premises users and groups to Azure Active Directory. When synchronizing objects to Azure, administrators have the ability to control which users or groups are synchronized to the cloud. Furthermore, it’s also possible to select which user or group attributes are synchronized. Some organizations may have Security policies that prohibit certain information, such as phone numbers and addresses, from appearing in the cloud. Luckily, attributes can be easily filtered by unchecking the attribute on the AD connector object in Synchronization Service Manager.
Continue reading “Azure AD Attribute Hide and Seek”