This month, Microsoft introduced a series of updates related to Azure management services. Through this series of monthly articles, we aim to provide an overview of the most relevant updates. Our goal is to keep you constantly informed about these developments, providing you with essential information to explore these topics further.
The following diagram shows the different areas related to management, which are covered in this series of articles:
Figure 1 – Overview of Management Services in Azure
Configure
Update management
Starting from August 31, 2024, Automation Update Management and the associated Log Analytics agent will be deprecated, making migration to Azure Update Manager essential for update management needs. Useful tools for this migration are detailed in the following paragraphs.
Tool for Migration from Update Management v1 to v2
Azure Update Manager introduces the v2 migration tool, now available in General Availability (GA), designed to facilitate the transition from Automation Update Management (Update Management v1). This tool simplifies the migration process by automatically moving machines and schedules to Azure Update Manager, minimizing manual intervention.
Tool for Migration from Automation Update Management to Azure Update Manager
Azure provides comprehensive guidance for migrating machines and schedules from the previous solution to Azure Update Manager. The migration tooling includes automated scripts that simplify the process, ensuring minimal disruption to production workloads.
Govern
Azure Cost Management
Updates related to Microsoft Cost Management
Microsoft is constantly seeking new methodologies to improve Microsoft Cost Management, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent incorrect spending patterns, and optimize costs. This article reports some of the latest improvements and updates regarding this solution.
Azure Arc
Connecting to AWS with the Multicloud Connector in Azure Portal (Preview)
Azure Arc introduces the multicloud connector in preview, enabling the integration of AWS resources within Azure environments via the Azure portal. This feature expands Azure Arc’s capabilities, allowing unified management of AWS cloud environments alongside Azure services. To establish this connection, users must deploy a CloudFormation template within their AWS account, which automatically configures the necessary resources for integrated management via Azure Arc.
Secure
Microsoft Defender for Cloud
New features, bug fixes, and deprecated features of Microsoft Defender for Cloud
The development of Microsoft Defender for Cloud is constantly evolving, with continuous improvements being introduced. To stay updated on the latest developments, Microsoft updates this page, which provides information on new features, bug fixes, and deprecated features. Specifically, this month’s main news includes:
- Copilot for Security in Defender for Cloud (Preview): the integration of Microsoft Copilot for Security in Defender for Cloud has been announced in public preview. The integrated Copilot experience in Defender for Cloud allows users to ask questions and receive answers in natural language. Copilot can help understand the context of a recommendation, evaluate the impact of its implementation, follow the necessary steps to implement it, assist in delegating recommendations, and correct misconfigurations in the code.
- New DevOps Security Recommendations: new DevOps security recommendations have been announced to improve the security posture of Azure DevOps and GitHub environments. These recommendations provide the necessary steps for resolution when issues are detected. The new recommendations are available for environments connected to Microsoft Defender for Cloud via Azure DevOps or GitHub. All recommendations are included in the Foundational Cloud Security Posture Management.
- IaC Scanning with Checkov in Defender for Cloud: the integration of Checkov for Infrastructure-as-Code (IaC) scanning via MSDO has been announced. As part of this release, Checkov will replace Terrascan as the default IaC analyzer run as part of the MSDO CLI. Terrascan can still be manually configured via MSDO environment variables but will not run by default. Security results from Checkov will be represented as recommendations for Azure DevOps and GitHub repositories.
- Price Change for Defender for Containers in Multicloud: as Defender for Containers multicloud is now generally available, it is no longer free.
Migrate
Azure Migrate
New releases and features of Azure Migrate
Azure Migrate is the service in Azure that includes a broad portfolio of tools that can be used, through a guided user experience, to effectively address the most common migration scenarios. To stay updated on the latest developments of the solution, you can consult this page, which provides information on new releases and new features.
Azure Evaluation
For those who wish to explore and personally evaluate the services offered by Azure, a unique opportunity is available: by accessing this page, you can test various features and services for free. This will allow you to better understand how Azure can adapt and improve your IT operations, while ensuring security and innovation.
