LaBrina Loving, a Cloud Architect and Software Engineer in the Commercial Software Engineering division at Microsoft, shares her recent passion with the Data Explorer service. Using a couple of real-world use-cases, she explains the rational behind the service and how developers can utilize it for a wide variety of data processing needs.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode335.mp3

Resources:

Azure Data Explorer Overview - https://docs.microsoft.com/en-us/azure/data-explorer/data-explorer-overview

Azure Data Explorer Ingestion - https://docs.microsoft.com/en-us/azure/data-explorer/ingest-data-overview
Getting started with KQL Queries - https://docs.microsoft.com/en-us/azure/data-explorer/write-queries

SQL to KQL Cheatsheet - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/sqlcheatsheet

Other updates:

Azure Quota REST APIs to manage service limits (quota) are now available in preview

https://azure.microsoft.com/en-us/updates/azure-quota-rest-api-to-manage-service-limits-quota-are-now-available-in-preview/

Introducing live video analytics from Azure Media Services—now in preview
https://azure.microsoft.com/en-us/blog/introducing-live-video-analytics-on-iot-edge-now-in-preview/
Town of Cary innovates flood prediction with IoT
https://azure.microsoft.com/en-us/blog/town-of-cary-innovates-flood-prediction-with-iot/
Advancing Microsoft Teams on Azure—operating at pandemic scale
https://azure.microsoft.com/en-us/blog/advancing-microsoft-teams-on-azure-operating-at-pandemic-scale/

Azure responds to COVID-19
https://azure.microsoft.com/en-us/blog/azure-responds-to-covid19/

Mikkel Hegnhoj, a Principal PM in the AKS team, shares the details about running Windows Containers in AKS, which is now GA. He gives us guidance on how to design an AKS cluster than run Windows workloads and advice on how to go about migrating our applications to this platform.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode334.mp3

Resources:

https://docs.microsoft.com/en-us/azure/aks/windows-container-cli

Other updates:

Azure Cosmos DB Java SDK 4.0 for Core (SQL) API release now in general availability
Published date: June 10, 2020
Azure Cosmos DB Java SDK for Core (SQL) API enables interaction with Azure Cosmos DB from Java applications. This latest SDK version 4.0 allows sending requests to Azure Cosmos DB via the recommended Core (SQL) API. The release of Azure Cosmos DB Java SDK 4.0 for Core (SQL) API includes improvements to performance, bundles Sync and Async APIs, and incorporates Paged Flux APIs. It also has built-in support for autoscale containers and analytical containers, and supports DISTINCT queries.

From <https://azure.microsoft.com/en-us/updates/azure-cosmos-db-java-sdk-40-for-core-sql-api-release-now-in-general-availability/>

Azure Policy support for Azure Cosmos DB is now available
Published date: June 10, 2020
Azure Cosmos DB resource governance can now be implemented with Azure Policy. Use this capability to create Azure Policy assignments based on built-in or custom policy definitions to enforce rules and effects on Azure Cosmos DB resources.
Example policy assignments include—requiring features such as Advanced Threat Protection to be enabled on Azure Cosmos DB accounts; auditing Azure Cosmos DB resources for compliance with organizational standards on throughput or other properties; or securing data by enforcing network access safeguards such as IP filter rules, virtual network endpoints, or limiting the amount of throughput (RU/s) that can be provisioned.

From <https://azure.microsoft.com/en-us/updates/azure-policy-support-for-azure-cosmos-db-is-now-available/>

Azure Kubernetes Service—Integrated application gateway feature now available
Published date: June 10, 2020
The Application Gateway ingress controller (AGIC) is now available in  preview as an add-on in Azure Kubernetes Service (AKS). Use it to easily create or attach an existing Application Gateway instance to your AKS clusters.  Use the standard Kubernetes ingress API to define your routing rules, then implement those rules using the managed Application Gateway service. Application Gateway is a scalable, reliable, and secure L7 load balancer. By using Application Gateway as the entry point to the AKS applications you won’t have to self-manage a networking tool like Nginx.

From <https://azure.microsoft.com/en-us/updates/azure-kubernetes-service-integrated-application-gateway-feature-now-available/>

Azure Kubernetes Service upgrade improvements are now in preview
Published date: June 10, 2020
Upgrading is a common operation required for all Kubernetes workloads. Two new Azure Kubernetes Service (AKS) upgrade capabilities that will improve the granularity and efficiency of regular Kubernetes upgrade operations are now in preview.
• Node image upgrade enables you to update node-level components such as the container runtime or OS updates without going through a full Kubernetes upgrade. Use this capability to initiate a targeted upgrade to agent nodes for a given node pool to pull the latest available node updates and patches without requiring a full cluster upgrade.
• Max surge enables faster upgrades by taking advantage of multiple new buffer nodes to concurrently replace older nodes. Instead of replacing a single node at a time, you can now customize your own max surge value per node pool to define how many concurrent replacements occur.

From <https://azure.microsoft.com/en-us/updates/azure-kubernetes-service-upgrade-improvements-are-now-in-preview/>

Plan ahead! Starting June 15, 2020, the Windows Virtual Desktop service will reject connections from unsupported clients and unsupported versions of supported clients.
 
Make sure your users are using the following versions or newer of each client.
 · Windows Desktop Client (MSRDC): 1.2.247
 · Android: 10.0.6
 · macOS: 10.3.9.1767
 · iOS: 10.1.0
 
Unsupported clients that will be blocked starting June 15th:
 · Remote Desktop Connection (MSTSC)
 · RemoteApp and Desktop Connections (RADC)

ION – Booting up the network
https://techcommunity.microsoft.com/t5/identity-standards-blog/ion-booting-up-the-network/ba-p/1441552

Azure Spring Cloud updates

https://azure.microsoft.com/en-us/updates/azure-spring-cloud-updates/

Candace Jackson, a Senior PM in the Azure Security team, give us an update on the effort to remove the use of TLS 1.0 from applications in Azure.

Media file:

 https://azpodcast.blob.core.windows.net/episodes/Episode333.mp3

Resources:

links:
https://www.microsoft.com/en-us/download/details.aspx?id=55266
https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls

Connection logging - This help identify what cipher suites and protocols are negotiated during a successful handshake

IIS
https://cloudblogs.microsoft.com/microsoftsecure/2017/09/07/new-iis-functionality-to-help-identify-weak-tls-usage/

Nginx
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables
https://serverfault.com/questions/620123/how-can-i-let-nginx-log-the-used-ssl-tls-protocol-and-ciphersuite

Apache -
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#envvars
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#logformats

 Some resource specific documenation that shows how to configure protocol and cipher suite usage
https://docs.microsoft.com/en-us/azure/app-service/environment/app-service-app-service-environment-custom-settings#disable-tls-10-and-tls-11
Blog: https://blogs.msdn.microsoft.com/appserviceteam/2018/04/17/app-service-and-functions-hosted-apps-can-now-update-tls-versions/
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-tls-1112
https://docs.microsoft.com/en-us/azure/cloud-services/applications-dont-support-tls-1-2

Other updates:

Live Video Analytics now in public preview
Updated: June 01, 2020
Live Video Analytics (LVA) on IoT Edge is now in public preview. It is a platform to capture, record, and analyze live video and publish the results (video and/or video analytics), for you to build intelligent video applications. You can use LVA for a number of use cases across industries such as retail, healthcare, and transportation. You can bring any custom AI by plugging in video analysis edge modules, whether they are Cognitive Services containers, custom edge modules built with open source machine learning models, or custom models trained with a customer’s own data. You can also combine video analysis with other business data to make smarter business decisions.
LVA integrates with a number of Azure services (in the cloud and/or the edge), such as Stream Analytics on IoT Edge, Cognitive Services on IoT Edge, Media Services, Event Hub, and Cognitive Services.

From <https://azure.microsoft.com/en-us/updates/live-video-analytics-now-in-public-preview/>

 
 
 NOW AVAILABLE
CNI security vulnerability in older AKS clusters and mitigation steps
Updated: June 01, 2020
A security vulnerability has been identified in the container networking implementation (CNI) in CNI plugin versions v0.8.6 and older that may affect older AKS clusters.
Details
An AKS cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle (MitM) attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker-controlled container. Even if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond.
This vulnerability has been given an initial severity of Medium with a score of 6.0.
Vulnerability analysis and verification
All AKS clusters created or upgraded with a Node Image Version later or equal than “2019.04.24” are not vulnerable, as they set net.ipv6.conf.all.accept_ra to 0 and enforce TLS with proper certificate validation.
Clusters created or last upgraded before that date are susceptible to this vulnerability.
You can verify if your current Node Image is vulnerable by running: https://aka.ms/aks/MitM-check-20200601  on a machine that has CLI access to the cluster’s nodes.
Windows nodes are not affected by this vulnerability.

From <https://azure.microsoft.com/en-us/updates/cni-security-vulnerability-in-older-aks-clusters-and-mitigation-steps/>

From //build 2020 - Azure SQL Edge (preview)
https://azure.microsoft.com/en-us/services/sql-edge/

Deploy to Azure using GitHub Actions from your favorite tools
https://azure.microsoft.com/en-us/blog/deploy-to-azure-using-github-actions-from-your-favorite-tools/

Ganesh Srinivasan, a Principal PM Manager in the Azure Networking team, talks to the crew about the possibilities and scenarios when placing compute as close to the edge as possible.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode332.mp3

Transcript:

Resources: https://docs.microsoft.com/en-us/azure/networking/edge-zones-overview

Other updates:

Service Bus Explorer on the Azure portal is now available in preview
Updated: May 26, 2020
The Service Bus Explorer tool on the Azure portal is now available in preview.
Azure Service Bus, like most other PaaS offerings, has two sets of operations that can be performed against it:
• Management operations like CRUD (create, read, update, and delete) on Service Bus namespaces, queues, topics, subscriptions, and filters.
• Data operations like send, receive, and peek on queues, topics, and subscriptions.
While management operations have always been available via the portal, our customers have used tools such as the community managed Service Bus Explorer OSS tool for the data operations. In a quest to reduce dependence on different tools needed to provision, manage, and test the Service Bus namespace, we've built support for the data operations functionality right into the portal.
To access this tool, select the namespace and the specific queue or topic within that namespace you'd like to send and receive messages from. Once there, select Service Bus Explorer (preview) from the left menu navigation pane.

From <https://azure.microsoft.com/en-us/updates/sesrvice-bus-explorer/>

Azure Backup now provides protection against accidental deletion of Azure file shares
Updated: May 27, 2020
To provide protection against cyberattacks or accidental deletion, Azure Backup has added one more level of security to the Azure file shares snapshot management solution by providing protection against the accidental or malicious deletion of backed-up file shares. Now, even if a malicious actor deletes the file share, the file share’s contents and recovery points (snapshots) are retained for a configurable retention period, allowing the successful and complete recovery of source contents and snapshots with no data loss.
When you configure protection for a file share, Azure Backup enables the soft delete feature on a storage account level with a retention period of 14 days. You can also reset the retention period setting as per your requirement. This setting determines the time window you’ll have to recover your file share contents and snapshots after any accidental delete operation. The recovery points are preserved during this duration and once you undelete the file share, backups start running successfully with no additional configuration needed.

From <https://azure.microsoft.com/en-us/updates/azure-backup-now-provides-protection-against-accidental-deletion-of-azure-file-shares/>

Streamlining your image building process with Azure Image Builder

From <https://azure.microsoft.com/en-us/blog/streamlining-your-image-building-process-with-azure-image-builder/>

Azure Maps Creator now available in preview
https://azure.microsoft.com/en-us/blog/azure-maps-creator-now-available-in-preview/

Microsoft and Docker collaborate on new ways to deploy containers on Azure
https://azure.microsoft.com/en-us/blog/microsoft-and-docker-collaborate-on-new-ways-to-deploy-containers-on-azure/

Allison Farris, a Cloud Solutions Architect at Microsoft's UK subsidiary, shares her passion and experience with Azure Functions. She gives us insights into how customers are leveraging Serverless technologies and provides guidance on how and when to use these technologies.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode331.mp3

Transcript:

Other updates:

https://azure.microsoft.com/en-us/updates/azure-automation-tls12-enforcement/

Azure Private Link is now available for multiple new Azure services
Updated: May 14, 2020
 
Azure Private Link is now generally available for these services:
• Azure Cognitive Search
• Azure Event Hubs
• Azure Service Bus
• Azure Backup
• Azure Container Registry
• Azure Event Grid topics
• Azure Event Grid domains
Private Link is also available in preview for these services:
• Azure SignalR Service
• Azure IoT Hub
Check regional availability of supported services.

From <https://azure.microsoft.com/en-us/updates/azure-private-link-is-now-available-for-multiple-new-azure-services/>

Azure Stack Hub now supports cross-platform compatibility on PowerShell
Updated: May 19, 2020
Azure Stack Hub now supports cross-platform compatibility on PowerShell and ensures hybrid consistency with Azure. Azure Stack Hub will utilize Az modules with new resource providers from Azure IoT Hub, Azure Stack Edge, and EventHub. This enables full cross-compatibility with Azure and Azure Stack Hub using PowerShell and PowerShell Core. Install PowerShell and connect to Azure Stack Hub on MacOs. This is available through the Az PowerShell installe

From <https://azure.microsoft.com/en-us/updates/azure-stack-hub-now-supports-crossplatform-compatibility-on-powershell/>

Azure Storage—Routing preferences now available for preview
Updated: May 19, 2020
Routing preferences for Azure Storage is now available for preview in France South, North Central US, and the West Central US regions.
Configure a routing preference to direct network traffic for the default public endpoint of your Storage account using the Microsoft global network or using the public internet. Optimize for premium network performance by using the Microsoft global network, which delivers low-latency path selection with high reliability and routes traffic through the point-of-presence closest to the client. Alternatively, route traffic through the point-of-presence closest to your storage account to lower network costs and minimize traversal over the Microsoft global network.
Routing configuration options for your Storage account also enable you to publish additional route-specific endpoints. Use these new public endpoints to override the routing preference specified for the default public endpoint by explicit routing traffic over a desired path.

From <https://azure.microsoft.com/en-us/updates/routing-preferences-azure-storage-preview/>

Code, collaborate, and ship your apps from anywhere
https://azure.microsoft.com/en-us/blog/code-collaborate-and-ship-your-apps-from-anywhere/

Announcing Project Bonsai and Project Moab
From <https://azure.microsoft.com/en-us/updates/announcing-project-bonsai-and-project-moab/>

Bookstore from build: https://www.digitalguru.com/shop 

Book of news: https://news.microsoft.com/build-2020-book-of-news/ 

Evan and the team discuss a real-world situation with a customer using Availability Sets and limitations of such deployments in Azure.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode330.mp3

Transcript: https://www.videoindexer.ai/accounts/e0eee289-7730-4999-978b-eb7f63be8cb5/videos/49874e8387/?location=eastus2

Other updates:

Azure File Sync is removing support for TLS 1.0 and 1.1 in August 2020
Updated: May 11, 2020
Azure File Sync service will remove support for transport layer security (TLS) 1.0 and 1.1 in August 2020. All supported Azure File Sync agent versions already use TLS 1.2 by default. If you're not using TLS 1.2, this would most likely be because TLS 1.2 is disabled on your server or (more likely) a proxy is being used.
To see the TLS settings on your server, view the registry settings. If you're using a proxy, please consult its documentation and ensure it's configured to use TLS 1.2. Azure File Sync service regions added after May 1, 2020, will only support TLS 1.2 and we'll remove TLS 1.0 and 1.1 support from existing regions in August 2020.

From <https://azure.microsoft.com/en-us/updates/afstlssupport/>

https://techcommunity.microsoft.com/t5/azure-kubernetes-service/aks-introduces-uptime-sla/ba-p/1350832

https://docs.microsoft.com/en-us/azure/frontdoor/front-door-rules-engine-actions (Preview)

New York Blockchain Week - Virtual Hackathon
https://gitcoin.co/hackathon/new-york-blockchain-week/projects/?tab=hackathon:20

PegaSys Ethereum Suite Now Available on Microsoft’s Azure Marketplace
https://www.coindesk.com/pegasys-ethereum-suite-now-available-on-microsofts-azure-marketplace

Minecraft Earth and Azure Cosmos DB part 1: Extending Minecraft into our real world
https://azure.microsoft.com/en-us/blog/minecraft-earth-and-azure-cosmos-db-part-1-extending-minecraft-into-our-real-world/

Migrate to Azure: Save now, be future ready
https://azure.microsoft.com/en-us/blog/migrate-to-azure-save-now-be-future-ready/

Monitor your Azure workload compliance with Azure Security Benchmark
https://azure.microsoft.com/en-us/blog/monitor-your-azure-workload-compliance-with-azure-security-benchmark/

Nills Franssens, a Senior Cloud Solutions Architect, prolific blogger and author, is back on the show to talk to us about his fascination with Azure Kubernetes Service, which led him to co-author a book that helps developers learn and use AKS. Microsoft has partnered with the publisher Packt to make the eBook available for free!

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode329.mp3

Transcript: https://www.videoindexer.ai/accounts/e0eee289-7730-4999-978b-eb7f63be8cb5/videos/579b2c85cc/?location=eastus2

eBook download: https://aka.ms/handson-aks-book

Blog: https://blog.nillsf.com

Other updates:

The self-hosted gateway feature of API Management is now generally available
Updated: April 29, 2020
It provides new deployment options and expands API Management support for hybrid and multi-cloud environments that are common among enterprise customers.  With self-hosted gateway, customers can reduce costs and increase operational efficiency by consolidating management and observability of all their APIs, hosted in Azure, on-premises, and other clouds, into a single API Management service without compromising latency, security, privacy, or compliance.
The self-hosted gateway is a functionally equivalent  version of the API Management gateway component used in the Azure cloud, packaged as a Linux-based Docker container image. Customers can co-locate self-hosted gateways with the API implementations, running it in Docker for evaluation or development or in Kubernetes in production. Self-hosted gateway links to and relies on an API Management service for management. It emits logs and metrics to Azure and can also be configured to emit them locally. Self-hosted gateway requires connectivity to Azure but is resilient to intermittent loss of connection.

From <https://azure.microsoft.com/en-us/updates/selfhosted-gateway-feature-in-api-management-is-now-generally-available/>

New Azure VMware Solution is now in preview

From <https://azure.microsoft.com/en-us/updates/new-azure-vmware-solution-is-now-in-preview/>

Azure custom role creation in the Azure portal is now generally available

From <https://azure.microsoft.com/en-us/updates/azure-custom-roles-portal/>

How Azure VPN helps organizations scale remote work
https://azure.microsoft.com/en-us/blog/how-azure-vpn-helps-organizations-scale-remote-work/

Manage and find data with Blob Index for Azure Storage—now in preview
https://azure.microsoft.com/en-us/blog/manage-and-find-data-with-blob-index-for-azure-storage-now-in-preview/

Shane Curtis, an Endpoint Consultant with Planet Technologies, share his deep insights into the Windows Virtual Desktop service which has grown in popularity due to the demand for work-from-home options.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode328.mp3

Transcript:

Resources:

WVD Experience Estimator:  http://aka.ms/wvd/ExperienceEstimator
Get started with WVD:  http://aka.ms/wvdgetstarted
Microsoft videos to learn more about WVD:  http://aka.ms/wvdplaylist
FSLogix information:  http://aka.ms/fslogix
MSIX information:  https://docs.microsoft.com/en-us/windows/msix/overview
WVD Roadmap info:  http://aka.ms/wvdroadmap
Windows 10 Enterprise multi-session FAQ:  https://docs.microsoft.com/en-us/azure/virtual-desktop/windows-10-multisession-faq

Other updates:

Run Linux and Windows workloads side-by-side in a single cluster with GA AKS support for Windows Server containers.

https://azure.microsoft.com/en-us/updates/managed-identity-support-in-aks-is-now-available/

Maintenance control for platform updates now generally available
Updated: April 28, 2020
The maintenance control feature for Azure Virtual Machines platform updates is now generally available for Azure Dedicated Hosts and isolated virtual machines (VMs). This feature gives you more control over platform maintenance when dealing with highly sensitive workloads. Use this feature to control all host updates, including rebootless updates, within a 35-day window.

From <https://azure.microsoft.com/en-us/updates/maintenance-control-for-platform-updates-now-generally-available/>
 
 

Microsoft Services is now a Kubernetes Certified Service Provider
https://azure.microsoft.com/en-us/blog/microsoft-services-is-now-a-kubernetes-certified-service-provider/

DCsv2-series VM now generally available from Azure confidential computing
https://azure.microsoft.com/en-us/blog/dcsv2series-vm-now-generally-available-from-azure-confidential-computing/

Announcing the general availability of Windows Server containers and private clusters for Azure Kubernetes Service
https://azure.microsoft.com/en-us/blog/announcing-the-general-availability-of-windows-server-containers-and-private-clusters-for-azure-kubernetes-service/

Accelerating Cybersecurity Maturity Model Certification (CMMC) compliance on Azure
https://azure.microsoft.com/en-us/blog/accelerating-cybersecurity-maturity-model-certification-cmmc-compliance-on-azure/

Azure + Red Hat: Expanding hybrid management and data services for easier innovation anywhere
https://azure.microsoft.com/en-us/blog/azure-red-hat-expanding-hybrid-management-and-data-services-for-easier-innovation-anywhere/

Azure Advisor integration with AKS now generally available
By analyzing your AKS configuration and usage telemetry, Azure Advisor can recommend solutions that help improve the performance, high availability, and security of your AKS cluster.

Azure Private Link for AKS is now generally available
Azure Kubernetes Service (AKS) Private Link is now generally available. Use it to isolate your Kubernetes API server within your Azure virtual network, enabling fully private communication with the managed Kubernetes control plane hosted by AKS.

Managed identity support in AKS is now available
With managed identities, there’s no need to manage your own service principals or rotate credentials often.
Azure Data Explorer—One-click ingestion support is now available
Ingest data from storage (blob file), a local file, or a container (up to 10,000 blobs), and define an event grid on a container for continuous ingestion, using the Azure Data Explorer Web UI. The data can be ingested into either an existing or new table in JSON, CSV, or other formats. Get suggestions for a structure for a new table and table mapping based on the data source by using one-click ingestion. It can also provide an intuitive platform to adjust table mapping and the table structure of an existing or new table. One-click ingestion will ingest the data into the table within only a few minutes.

https://azure.microsoft.com/en-us/updates/dynamic-compliance-packages-ga/
Azure Security Center—Dynamic compliance packages now generally available

Principal Group PM of the Azure Confidential Computing team, Vikas Bhatia, share his passion about this innovative service in Azure. He lays out the reasons for this initiative, gives us the details on the implementation, use-cases and tips for developers to take advantage of the facility.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode327.mp3

Transcript: https://www.videoindexer.ai/accounts/e0eee289-7730-4999-978b-eb7f63be8cb5/videos/573a654845/?location=eastus2

Resources:

http://aka.ms/azurecc

https://github.com/openenclave

https://confidentialcomputing.io/

Twitter: @vikascb

Other updates:

Update #2 on Microsoft cloud services continuity
https://azure.microsoft.com/en-us/blog/update-2-on-microsoft-cloud-services-continuity/

Microsoft Receives 2020 SAP® Pinnacle Award: Public and Private Cloud Provider Partner of the Year
https://azure.microsoft.com/en-us/blog/microsoft-receives-2020-sap-pinnacle-award-public-and-private-cloud-provider-partner-of-the-year/

Next Generation SAP HANA Large Instances with Intel® Optane™ drive lower TCO
https://azure.microsoft.com/en-us/blog/next-generation-sap-hana-large-instances-with-intel-optane-drive-lower-tco/

Solutions and guidance to help content producers and creators work remotely
https://azure.microsoft.com/en-us/blog/solutions-and-guidance-to-help-content-producers-and-creators-work-remotely/

Using Azure Monitor source map support to debug JavaScript errors
https://azure.microsoft.com/en-us/blog/using-azure-monitor-source-map-support-to-debug-javascript-errors/

Azure Program Manager Deborah Chen talks to the team about the new Free Tier that is available for the ever-popular Cosmos DB service which makes it easier for developers to use the service.

Media file: https://azpodcast.blob.core.windows.net/episodes/Episode326.mp3

Transcript: https://www.videoindexer.ai/accounts/e0eee289-7730-4999-978b-eb7f63be8cb5/videos/959806734e/?location=eastus2

Resources:

Azure Cosmos DB Free Tier resources
Blog post #1: https://devblogs.microsoft.com/cosmosdb/build-apps-for-free-with-azure-cosmos-db-free-tier/
Blog post #2:  https://devblogs.microsoft.com/cosmosdb/running-a-low-cost-scalable-app-with-azure-cosmos-db-free-tier/
Documentation: https://aka.ms/cosmos-free-tier

Other resources:

ACR built-in audit policies for Azure Policy is now in preview
Updated: March 13, 2020
​We are pleased to announce the public preview of Azure Container Registry support for creation of built-in audit policies for Azure Policy.  Once the built-in audit policy is available for the security control, the assessment results can be surfaced through Azure Policy’s Compliance feature.
The following 3 built in policies are planned:
• Network: Provide an audit policy that verifies if Private Link is being used
• Network: Provide an audit policy that checks if the firewall is enabled/ IP-based restrictions are applied
• Data transfer: Provide an audit policy to verify if customer-managed key is used

From <https://azure.microsoft.com/en-us/updates/acr-builtin-audit-policies-for-azure-policy-is-now-in-preview/>

Private Endpoints provide secure connectivity to Azure Storage from a Azure virtual network (VNet). On-premises networks can also securely connect to a storage account using a private endpoint when that network is to a VNet using Express Route or VPN. Private Endpoints for Azure Storage are now generally available in all Azure public regions.

https://dilbert.com/strip/2020-03-15 - Mandatory Blockchain  << ❤ this

https://mijailovic.net/2020/03/28/azure-money-burning/