In this article, I will show you how to prevent the creation of all resources in Azure. You may be thinking, “Why on Earth or any other planet would anyone want to do that”? Good question! While working on a tenant migration, I was given the task of freezing the creation of new resources in the legacy environment until the migration was complete. Here’s how I accomplished that task using Azure Policy.
Continue reading “Azure Policy to Deny Creation of All Resources”
Azure Active Directory is an Identity and application management platform that provides a variety of methods for publishing apps for either internal end user or external customer access. The applications deployed the applications deployed via Azure AD can be an On-premises web app, a third-party SaaS application or your own custom developed application.
Continue reading “How to Choose an Azure AD Solution for Deploying Apps”
An important security measure when running workloads in Azure or any Cloud service is to control the type of traffic that flows in and out of resources. The resources can be virtual machines running a SQL database, web applications or domain services.
Continue reading “Azure Firewall vs Network Security Group (NSG)”
The Azure platform consists of a variety of resources that generate large volumes of activity and diagnostic log data. The source of this data can be subscription level events such as deallocating a virtual machine, deleting a resource group or creating a load balancer – essentially any create, update or delete operation on a resource. It can also include resource level activities such as a VM Windows event logs, VM performance data, web app response times – logs related to resource utilitization.
Continue reading “Azure Monitor Logs and Kusto Query Language (KQL)”
We’ve now reached the final article in this three part series covering Configuration Management in Azure automation. In Part 1, I discussed the Inventory tool and how to onboard an AWS EC2 virtual machine to Azure. Part 2 covered Change tracking and how to monitor changes to various resources on the AWS instance. In this article, Part 3, I will cover Azure State configuration (DSC) and how to register an AWS VM as a DSC node to apply a desired state.
Continue reading “Azure Configuration Management of AWS VMs (DSC) – Part 3”
In part 1 of this series, I discussed the Inventory tool that is a part of Azure Automation’s config management and how to on-board an AWS VM for management. In this article, I will cover Change Tracking. With Inventory, you get a report on the Windows files, registry and services, as well installed software for the machines being monitored. However, Change Tracking takes it a step further and provides a notification whenever there is a change to anything that’s being tracked on the machine. It also provides the capability to perform queries against the change logs. Let’s take a look and see how it works.
Continue reading “Azure Configuration Management of AWS VMs (Change Tracking) – Part 2”
I attended this year’s Microsoft Ignite conference in Orlando, FL and decided i would provide my reflections on the event. The annual conference provides a plethora of sessions on Microsoft technology offerings and solutions related to Microsoft 365, IoT, containers, DevOps, Team collaboration, Azure services and more. Also, there’s an Expo of various IT vendors; panel discussions on Diversity in IT; and hands on labs to provide IT skill development. It’s a huge event with attendees in all walks of IT from around the world.
Continue reading “MyIgnite – Reflections on Microsoft Ignite 2018”
Azure Ad Connect provides organizations with the ability to synchronize their On-premises users and groups to Azure Active Directory. When synchronizing objects to Azure, administrators have the ability to control which users or groups are synchronized to the cloud. Furthermore, it’s also possible to select which user or group attributes are synchronized. Some organizations may have Security policies that prohibit certain information, such as phone numbers and addresses, from appearing in the cloud. Luckily, attributes can be easily filtered by unchecking the attribute on the AD connector object in Synchronization Service Manager.
Continue reading “Azure AD Attribute Hide and Seek”
Back in April of this year, I passed Azure exam 70-533: Implementing Microsoft Azure Infrastructure Solutions. To be honest, this was actually my second attempt at the exam. I failed on my first try about three weeks earlier. But who’s counting? All that matters is that I persisted and eventually passed. I’m not mentioning this to be discouraging to anyone intending to take the exam. However, my intention is to provide encouragement if you don’t pass the first time around. No one likes seeing the word “Fail” on the exam printout, but it’s not the end of the world. With that being said, I thought I would write an article outlining the methods I employed to prepare for the test.
Continue reading “A Guide to Passing Azure Exam 70-533”