This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Local, as officially released by Microsoft in the past two weeks.
Azure
General
GitHub Copilot for Azure
GitHub Copilot for Azure is now generally available, delivering a streamlined and intelligent development experience across the Azure ecosystem. Designed to enhance developer productivity, this solution integrates natively with Azure resources and offers support for Infrastructure as Code (IaC) through Bicep and Terraform. It enables efficient diagnostics and issue resolution, while providing real-time recommendations to improve code quality. GitHub Copilot for Azure acts as a comprehensive assistant, helping developers design resilient architectures, manage cloud resources, and elevate their Azure expertise with minimal disruption.
Cloudera on Cloud Available in Italy North Region
Cloudera on Cloud is now available in the Italy North Azure region through the Azure Marketplace. This availability expands the regional presence of Cloudera’s analytics and data platform, allowing customers in Italy to deploy and operate Cloudera environments more efficiently and in compliance with local data residency requirements.
Azure Chaos Studio available in ItalyNorth
Azure Chaos Studio has expanded its regional availability and is now offered in the ItalyNorth region. This service enables customers to improve the resilience of their applications by simulating faults and disruptions in a controlled manner. By testing real-world failure scenarios, organizations can proactively address reliability issues and strengthen the stability of their cloud workloads.
Retirement of Azure China North 1 and East 1 Regions
Microsoft has announced the planned retirement of the China North 1 and China East 1 regions, operated by 21Vianet, effective July 1, 2026. This decision follows an ongoing effort to modernize and optimize the Azure infrastructure in China. Customers are encouraged to migrate their resources to newer regions, such as China North 3, which offer improved performance, security, and support for advanced Azure services. To avoid service disruption, all migrations should be completed before the retirement date. Azure in China will continue its operations in multiple enhanced regions to meet evolving customer needs.
Azure Quota Groups
Azure Quota Groups is now generally available, bringing enhanced flexibility and centralized control for Enterprise Agreement (EA) and internal customers. This feature allows quotas to be shared across multiple subscriptions within a designated group, reducing the volume of individual quota requests and simplifying management. Through the use of a centralized Quota Group Azure Resource Manager (ARM) object, customers can self-manage their quota allocations—without requiring Microsoft approval. Benefits include the ability to reassign unused quota across subscriptions, reduced support overhead, and the ability to submit a single quota request for the entire group. Azure Quota Groups significantly streamlines resource governance and boosts operational efficiency.
Compute
ND96isr_H200_v5 Virtual Machines available in ItalyNorth
Azure has expanded the regional availability of ND96isr_H200_v5 Virtual Machines, which are now offered in the ItalyNorth region. These VMs are optimized for high-performance computing and AI workloads, providing enhanced GPU capabilities designed to accelerate demanding applications such as deep learning, data analytics, and large-scale simulations.
Network Optimized Azure Virtual Machines – Dnsv6, Dndsv6, Dnlsv6, Dnldsv6, Ensv6 and Endsv6 (preview)
Azure has introduced a new class of Network Optimized Virtual Machines, now in public preview, built on the 5th Generation Intel® Xeon® Platinum 8537C (Emerald Rapids) processors. These VMs provide enhanced performance and flexibility with three memory-to-core configurations and options with or without local SSDs. Leveraging Azure Boost, these VMs deliver superior network bandwidth per vCPU, increased vNIC capacity, and faster connection setup times. The new SKUs, including Dnsv6, Dndsv6, Dnlsv6, Dnldsv6, Ensv6, and Endsv6, expand the v6 family of Intel-based Azure VMs, making them ideal for network-intensive workloads.
Networking
Private Subnet
Azure announces the general availability of the private subnet functionality. Traditionally, virtual machines created in a virtual network without explicit outbound configuration were assigned a default outbound public IP address. These implicit IPs presented security challenges and lacked association with subscriptions, making them unreliable and difficult to manage. With the private subnet feature, any new subnet defaults to having “default outbound access” set to false, thus eliminating implicit outbound connectivity and promoting Azure’s “secure by default” principle. Users must now explicitly configure outbound access using services such as NAT Gateway or Public IP addresses. Starting September 30th, 2025, all new virtual networks will adopt this default behavior, although existing networks and older API versions will remain unaffected.
Azure Traffic Manager SLA Increased to 100%
Azure Traffic Manager now offers a 100% service level agreement (SLA) for global DNS resolution, guaranteeing uninterrupted resolution of DNS queries to healthy service endpoints. This enhancement reinforces Azure’s commitment to reliability and performance, ensuring that all Traffic Manager profiles automatically benefit from this updated SLA without requiring any customer-side changes.
Destination Network Address Translation (DNAT) on Azure Firewall Private IP address
Azure Firewall now supports Destination Network Address Translation (DNAT) rule configurations on its Private IP address, enabling port translations that were previously unavailable. This enhancement is particularly useful for enterprises dealing with overlapping IP ranges, such as during the integration of new partners or mergers and acquisitions. In hybrid networking scenarios, this feature allows on-premises datacenters to establish communication with Azure resources using private, non-routable IP addresses, ensuring seamless interoperability and connectivity across diverse environments.
Container Apps and Functions as Private Link enabled origins for Front Door Premium
Azure Front Door Premium now supports configuring Azure Container Apps and Azure Functions as Private Link enabled origins. This capability ensures secure backend communication by restricting origin exposure to the public internet. Even though users access content through public Front Door endpoints, the actual origin services remain securely accessible only via Private Link, improving overall network security posture for web applications and APIs.
Azure Front Door supports origin authentication via Managed Identities (preview)
Azure Front Door Standard and Premium now support origin authentication using Managed Identities, currently in public preview. This feature allows secure, identity-based access control between Front Door and its backend origins. By leveraging Managed Identities, customers can avoid the risks and operational overhead associated with managing credentials, ensuring that only authorized Front Door instances can access origin services.
VM Network Troubleshooter in Azure Portal (preview)
Azure has introduced a new VM Network Troubleshooter tool in the Azure Portal, now in public preview. Accessible from the VM Overview blade, this tool allows users to run diagnostics and detect common issues such as blocked ports. This feature significantly streamlines network troubleshooting, enabling quicker identification and resolution of connectivity problems that often affect virtual machine workloads.
Using Server-sent events with Application Gateway (preview)
Azure Application Gateway introduces preview support for Server-sent events (SSE), a technology that enables servers to push real-time updates to clients over persistent HTTP connections. This preview allows developers to build low-latency applications requiring continuous data streaming directly from the server. To utilize this capability, both the Application Gateway and the backend application must be configured appropriately. This feature enhances the ability to deliver dynamic content to clients while maintaining control over scalability and performance at the application delivery layer.
Storage
Availability Set Support for Premium SSD v2 Disk Storage
Azure has added support for Availability Sets with Premium SSD v2 (Pv2) disk storage in regions without Availability Zones, including Australia Southeast, Canada East, North Central US, UK West, West Central US, and West US. Premium SSD v2 offers scalable IOPS and throughput, low latency, and consistent performance—making it a strong choice for enterprise workloads such as SQL Server, Oracle, SAP, and big data platforms. This enhancement allows customers in these regions to build resilient architectures using Availability Sets, ensuring higher availability even in the absence of zonal infrastructure.
Customer-managed keys for Azure NetApp Files volume encryption with Azure Key Vault Managed HSM
Azure NetApp Files now supports customer-managed keys for volume encryption using Azure Key Vault Managed HSM. This enhancement provides an elevated level of security, transitioning from FIPS 140-2 Level 2 to Level 3 compliance for critical deployments. The use of Managed HSM is particularly relevant in sectors that demand high-security standards, such as financial services, public sector, telecommunications, and energy. Applications benefiting from this include payment processing systems, authentication services, and solutions requiring application-level encryption.
Encryption in Transit for Azure Files NFS Shares (preview)
Microsoft has introduced support for encryption in transit for Azure Files NFS v4.1 shares, now available in public preview. This feature enhances data protection by enabling TLS-based encryption for NFS traffic, securing data as it travels between applications and Azure File shares. The solution integrates with the lightweight AZNFS mount helper to deliver a seamless user experience, and it offers flexibility by allowing connections to be mounted with or without encryption, depending on user requirements.
Live Resize for Premium SSD v2 and Ultra NVMe Disks (preview)
Microsoft has announced the public preview of Live Resize for Premium SSD v2 (Pv2) and Ultra NVMe Disks. This new capability enables users to dynamically increase the storage capacity of their disks without causing any disruption to running applications. With Live Resize, organizations can adopt a more cost-effective storage strategy by starting with smaller disk sizes and scaling up as needed—ensuring flexibility, efficiency, and continuous application availability.
Conclusion
Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Local. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.