Azure Management services: What's new in July 2021

Microsoft constantly announces news regarding Azure management services and as usual this monthly summary. The aim is to provide an overview of the main news of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New built-in policies for Log Analytics workspaces and linked automation accounts

When designing and deploying Azure Monitor Log Analytics workspaces, it is advisable to adopt specific criteria to distribute them consistently, in compliance with the compliance of their environment. Thanks to a new built-in policy it is possible to automate and control the distribution of Log Analytics workspaces and the Automation Accounts connected to them in your own environments.

Better integration between Azure Monitor and Grafana

Grafana is a very popular open source visualization and analysis software, which allows you to query, view and explore various metrics from multiple data sources in a centralized way. Recently, some updates have been made to the Azure Monitor plug-in for Grafana that allow you to enable additional data sources and easier authentication via managed identity. Among the main improvements we find:

  • Azure Resource Graph in the Azure Monitor Grafana data source. Azure Resource Graph (ARG) is a service in Azure that allows you to perform large-scale queries on a given subscription set, so that you can effectively govern your environment. With Grafana 8.0, Azure Monitor data source supports querying ARG.
  • Managed Identities are supported for the Grafana data source hosted in Azure and for Azure Monitor. Customers hosting Grafana on Azure (e.g.. App Service, Azure Virtual Machine) and have enabled managed identity on their virtual machine, they will be able to use it to configure Azure Monitor in Grafana. This aspect simplifies the configuration of the data source, requiring it to be securely authenticated without having to manually configure credentials through app registrations in Azure AD for each data source.
  • Direct links to the Azure portal for Grafana metrics. To allow easy exploration of Azure Monitor metrics directly from Grafana, when a user selects the result of a query, a menu appears with a link to “View in the Azure portal”. Selecting it will redirect you to the corresponding chart in the Azure Metrics Explorer portal.

Direct proxy and Log Analytics gateway support for the new agent

Following the recent announcement on the availability of the new Azure Monitor agent (AMA) and data collection rules (Data Collection Rules), support for direct proxies and support for Log Analytics gateways is introduced for this agent.

Configure

Azure Automation

Support for User Assigned Managed Identities (preview)

Azure Automation has introduced support for User Assigned Managed Identities, which allows you to eliminate the effort of managing RunAs Accounts for runbooks. A User Assigned Managed Identities is an independent Azure resource that can be assigned to the Azure Automation account, which can have multiple associated user-assigned identities. The same identity can be assigned to multiple Azure Automation accounts.

Govern

Azure Policy

Azure Policy built-in for Network Watcher Traffic Analytics

Traffic Analytics is based on the analysis of NSG flow logs and after an appropriate aggregation of data, inserting the necessary intelligence concerning security, topology and geographic map, can provide detailed information about the network traffic of your Azure cloud environment. The following new built-in policies have been introduced to facilitate the deployment of Traffic Analytics:

  • An audit policy: Flag flow logs resource without traffic analytics enabled
  • DeployIfNotExists policies: Enable Traffic Analytics on NSGs in an Azure region of a subscription or resource group

Azure Cost Management

Updates related toAzure Cost Management and Billing

Microsoft is constantly looking for new methodologies to improve Azure Cost Management and Billing, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent erroneous spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported, including:

Secure

Azure Security Center

New features, bug fixes and deprecated features of Azure Security Center

Azure Security Center development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:

Protect

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 56 that solves several issues and introduces some improvements. In particular, this update introduces the following new features:

  • Microsoft Azure Site Recovery (services): Improvements have been made to enable replication and new protection operations to be faster than 46%.
  • Microsoft Azure Site Recovery (portal): Replication between any two Azure regions around the world can now be enabled. You are no longer limited to enabling replication on your continent.

The details and the procedure to follow for the installation can be found in the specific KB.

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Please follow and like us: