Create disks from CMK-encrypted snapshots across subscriptions and in the same tenant
To ease manageability, Microsoft makes disks encrypted with customer-managed keys (CMK) more flexible by allowing creation of disks and snapshots from CMK-encrypted source across subscriptions.
Incremental snapshots for Premium SSD v2 Disk Storage (preview)
Incremental snapshots for Premium SSD v2 Disk Storage in the US East and West Europe Azure region are available. This new capability is particularly important to customers who want to create a backup copy of their data stored on disks to recover from accidental deletes, or to have a last line of defense against ransomware attacks, or to ensure business continuity. You can now create incremental snapshots for Premium SSD v2 Disk Storage on Standard HDD. Additionally, snapshot resources can be used to store incremental backups of your disk, create or recover to new disks, or download snapshots to on-premises locations. This new feature adds an extra layer of data protection and flexibility for users.
Azure Managed Lustre (preview)
Azure Managed Lustre is a managed, pay-as-you-go file system purpose-built for high-performance computing (HPC) and AI workloads. This high-performance distributed parallel file system delivers hundreds of GBps storage bandwidth and solid-state disk latency and integrates fully with Azure services such as Azure HPC Compute, Azure Kubernetes Service, and Azure Machine Learning.
Use this system to:
Simplify operations
Reduce setup costs
Eliminate complex maintenance
Azure NetApp Files updates (preview)
Azure NetApp Files volume user and group quotas: in some scenarios you may want to limit this storage consumption of users and groups within the volume. With Azure NetApp Files volume and group quotas you can now do so. User and/or group quotas enable you to restrict the storage space that a user or group can use within a specific Azure NetApp Files volume. You can choose to set default (same for all users) or individual user quotas on all NFS, SMB, and dual protocol-enabled volumes. On all NFS-enabled volumes, you can set default (same for all users) or individual group quotas.
You can now create Azure NetApp Files large volumes between 100TiB to 500TiB in size.
Azure NetApp Files now supports smaller 2TiB capacity pool sizes, lowered from 4TiB, when used with volumes using standard network features.
Azure NetApp Files volumes now support encryption with customer-managed keys (CMK), using Azure Key Vault for key storage, to enable an extra layer of security for data at rest.
New planned datacenter region in Saudi Arabia (Saudi Arabia Central)
Microsoft will establish a new datacenter region in the country, offering organizations in Saudi Arabia local data residency and faster access to the cloud, delivering advanced data security and cloud solutions. The new datacenter region will also include Availability Zones, providing customers with high availability and additional tolerance to datacenter failures.
Azure Kubernetes Service introduces two pricing tiers: Free and Standard
To better communicate the benefits and use cases for the two control plane management options, today, Azure Kubernetes Service (AKS) is introducing two pricing tiers: Free tier and Standard tier. Previously, few customers were aware of the uptime SLA support, and many did not have the uptime SLA feature enabled for critical production workload. With the Standard tier, Microsoft hopes to help increase customer awareness and allow customers to gain the full benefits of the Standard tier for production workload to minimize disruption.
AKS’s unique Free tier allows you to only pay for the virtual machines, and associated storage and networking resources consumed, and you get the managed Kubernetes control plane for free. This allows you to deploy unlimited free test clusters to decide if AKS is right for your needs and allows you to configure and test your infrastructure set-up before running critical production workloads. The Free tier is recommended for clusters with less than 10 nodes and for experimenting, learning, and simple testing.
The new Standard tier is the recommended control plane management pricing option which comes with greater control plane resources, scalability and the existing uptime SLA support. Customers currently signed up for the uptime SLA support will automatically be moved to the Standard tier with no change in cost or action needed. Standard tier not only includes the uptime SLA, but it will also include additional features such as support for up to 5000 nodes per cluster and API server autoscaling.
Microsoft Azure Load Testing is now Generally Available
Azure Load Testing is a fully managed load-testing service that enables you to generate high-scale load, gain actionable insights, and ensure the resiliency of your applications and services. The service simulates traffic for your applications, regardless of where they’re hosted. Developers, testers, and quality assurance (QA) engineers can use it to optimize application performance, scalability, or capacity.
Trusted launch for Azure VMs in Azure for US Government regions
Trusted launch for Azure virtual machines is available in all Azure for US Government regions: US Gov Virginia, US Gov Arizona US Gov Texas, US DoD East, US DoD Central. Trusted launch for Azure VMs allows you to bolster the security posture of an Azure Virtual Machine.
Storage
Azure File Sync agent v16
The Azure File Sync agent v16 release is being flighted to servers which are configured to automatically update when a new version becomes available.
Improvements and issues that are fixed:
Improved Azure File Sync service availability: Azure File Sync is now a zone-redundant service which means an outage in a zone has limited impact while improving the service resiliency to minimize customer impact. To fully leverage this improvement, configure your storage accounts to use zone-redundant storage (ZRS) or Geo-zone redundant storage (GZRS) replication.
Sync upload performance improvements: this improvement will mainly benefit file share migrations (initial upload) and high churn events on the server in which a large number of files need to be uploaded.
Immediately run server change enumeration to detect files changes that were missed on the server.
Miscellaneous reliability and telemetry improvements for cloud tiering and sync.
To obtain and install this update, configure your Azure File Sync agent to automatically update when a new version becomes available or manually download the update from the Microsoft Update Catalog.
More information about this release:
This release is available for Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 and Windows Server 2022 installations.
The agent version for this release is 16.0.0.0.
Installation instructions are documented in KB5013877.
Azure storage access tiers to append blobs and page blobs with blob type conversion
Azure Storage offers different access tiers so that you can store your blob data in the most cost-effective manner based on how it’s being used. Azure Storage access tiers include hot tier, cool tier, and archive tier. Azure Storage access tiers support only block blobs natively. When you need to save cost of storing append blobs or page blobs, you can convert them to block blobs then move them into the most cost-efficient tiers based on your access patterns. Blob type conversion along with tiering is now supported by PowerShell, CLI and AzCopy.
The new year started with several announcements from Microsoft regarding news related to Azure managementservices. The monthly release of this summary allows you to have an overall overview of the main news of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.
The following diagram shows the different areas related to management, which are covered in this series of articles:
Figure 1 – Management services in Azure overview
Monitor
Azure Monitor
Certificatethe IT Service Management Connector (ITSMC) with ServiceNow Tokyo version(preview)
The IT Service Management Connector (ITSMC) is certified on the Tokyo version of ServiceNow. This connector provides a two-way connection between Azure Monitor and ServiceNow, useful to help you track and fix problems faster.
Govern
Azure Cost Management
Management of billing accounts for EA customers
For Enterprise Agreement customers (EA) “indirect” the ability to manage your billing accounts directly from Cost Management and Billing has been introduced. All relevant information regarding department, account and subscription are available directly from the Azure portal. Furthermore, from the same point it is possible to view the properties and manage the policies of the indirect EA enrollments.
Updates related toMicrosoft Cost Management
Microsoft is constantly looking for new methodologies to improve Microsoft Cost Management, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent incorrect spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported.
Azure Arc
Active Directory Connector for Arc-enabled SQL MI
Azure Arc-enabled data services introduced Active Directory support (AD) for the management of Identity and Access Management (IAM). Indeed, the Arc-enabled SQL Managed instance can use an Active Directory domain (AD) existing on-premises for authentication. To facilitate this, Azure Arc-enabled data services introduce a new Custom Resource Definition (CRD) native Kubernetes called Active Directory Connector. This provides Azure Arc-enabled SQL Managed Instances running on the same data controller the ability to perform Active Directory authentication.
View SQL Server databases using Azure Arc (preview)
Today, customers and partners manage a large number of databases. For each of these databases, it is essential to be able to create an accurate mapping of the configurations. This may be for inventory or reporting purposes. Centralizing database inventory in Azure using Azure Arc allows you to create a unified view of all your databases in one place, regardless of the infrastructure in which they are located: in Azure, in the data center, at edge sites or even other clouds.
Secure
Microsoft Defender for Cloud
New features, bug fixes and deprecated features of Microsoft Defender for Cloud
Microsoft Defender for Cloud development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:
the endpoint protection component (Microsoft Defender for Endpoint) it is now accessible on the Settings and monitors page;
new version of the recommendation to find missing system updates;
cleanup of deleted Azure Arc machines in linked AWS and GCP accounts.
Protect
Azure Backup
Updates and improvements regarding SAP HANA
The following updates and improvements have been made recently to Azure Backup for SAP HANA, the certified solution Backint for protecting SAP HANA databases residing in Azure virtual machines:
Long-term retention for backups “adhoc”: it is now possible to provide customized retention for backups that occur on demand, outside the scheduled policies.
Partial restore-as-files: Azure Backup for HANA allows recovery points to be restored as a file. If you download the entire chain for one recovery point and want to repeat the operation for another adjacent recovery point, you don't need to download the entire chain again. It is also possible to restore only the files you want.
Integration with native clients and with other tools: previously, for certain scenarios, it was necessary to deactivate backint before the request and reactivate it afterwards, thereby increasing the RPO. With the improvements introduced, these additional steps are no longer necessary and it will be sufficient to activate the requests from the native clients or from the other tools used.
Azure Site Recovery
Ability to use Azure Backup Center for ASR monitor
Azure Backup Center is the point of reference for those who use the native backup features of the Azure platform and allows them to govern, to monitor, manage and analyze backup tasks. Microsoft has extended its capabilities by including monitor capabilities for Azure Site Recovery, which:
Viewing the inventory of replicated items, from a single view, for all vaults.
Consultation through a control panel of all the replication jobs.
Azure Backup Center supports ASR replication scenarios involving Azure virtual machines, VMware and physical machines.
Migrate
Azure Migrate
New Azure Migrate releases and features
Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult this page, that provides information about new releases and features. In particular, this month the main news concern:
Possibility to plan savings with the ASP savings option (Azure Savings Plan for compute) with the Azure Migrate business case and assessment.
Support for exporting the business case report to an .xlsx workbook from the portal.
Evaluation of Azure
To test for free and evaluate the services provided by Azure you can access this page.
Classic VM retirement: extending retirement date to September 1st 2023
Microsoft is providing an extended migration period for IaaS VMs from Azure Service Manager to Azure Resource Manager. To avoid service disruption, plan and migrate IaaS VMs from Azure Service Manager to Resource Manager 1 September 2023. There are multiple steps to this transition, so we recommend that you plan your migration promptly to avoid potential system interruption.
Networking
Application security groups support for private endpoints
Private endpoint support for application security groups (ASGs) is now available. This feature enhancement will allow you to add granular controls on top of existing network security group (NSG) rules by attaching an ASG to the private endpoint network interface. This will increase segregation within your subnets without losing security rules. In order to leverage this feature, you will need to set a specific subnet level property, called PrivateEndpointNetworkPolicies, to enabled on the subnet containing private endpoint resources.
Storage
5 GB Put Blob
Azure Storage is announcing the general availability of 5 GB Put Blob. This allows you to upload nearly 20x the previous limit of Put Blob uploads while increasing the maximum size of Put Blob from 256 MiB to 5000 MiB.
Mount Azure Storage as a local share in App Service Windows Code
Mounting Azure Storage File share as a network share in Windows code (non-container) in App Service is now available.
Incremental snapshots for Ultra Disk Storage (preview)
The preview of incremental snapshots for Ultra Disk in the Sweden Central and US West 3 Azure region is available. This new capability is particularly important to customers who want to create a backup copy of their data stored on disks to recover from accidental deletes, or to have a last line of defense against ransomware attacks, or to ensure business continuity. You can now create incremental snapshots for Ultra Disk on Standard HDD. Additionally, snapshot resources can be used to store incremental backups of your disk, create or recover to new disks, or download snapshots to on-premises locations.
Azure Stack
Azure Stack HCI
Software Defined Networking (SDN) with WAC v2211
In this article there are all new features and improvements for SDN in Windows Admin Center 2211 (WAC) for Azure Stack HCI.
Azure Ultra Disk Storage in Switzerland North and Korea South
Azure Ultra Disk Storage is now available in one zone in Switzerland North and with Regional VMs in Korea South. Azure Ultra Disk Storage offers high throughput, high IOPS, and consistent low latency disk storage for Azure Virtual Machines (VMs). Ultra Disk Storage is well-suited for data-intensive workloads such as SAP HANA, top-tier databases, and transaction-heavy workloads.
Azure Active Directory authentication for exporting and importing Managed Disks
Azure already supports disk import and export locking only from a trusted Azure Virtual Network (VNET) using Azure Private Link. For greater security, the integration with Azure Active Directory (AD) to export and import data to Azure Managed Disks is available. This feature enables the system to validate the identity of the requesting user in Azure AD and verify that the user has the required permissions to export and import that disk.
In December, several news regarding Azure management were announced by Microsoftservices. The release of this summary, which occurs on a monthly basis, want to provide an overview of the main news of the month, in order to stay updated on these topics and have the necessary references to conduct further investigations.
The following diagram shows the different areas related to management, which are covered in this series of articles:
Figure 1 – Management services in Azure overview
Monitor
Azure Monitor
Azure Monitor Agent: IIS logsand custom logs
The Azure Monitor agent allows you to collect text files and IIS logs and merge them into a Log Analytics workspace. In this regard, a new feature has been introduced to allow the collection of text logs generated in the application environment, exactly as it happens for Internet Information Service logs (IIS).
Azure Monitor Logs: custom log API and ingestion-timetransformation
A new set of features is now available in Azure Monitor that allows you to fully customize the shape of the data that flows into your workspace, plus a new API for custom data merging. Thanks to these new features, it is possible to envisage customized transformations to the data at the time of ingestion. These transformations can be used to set up the extraction of fields during ingestion, obfuscate sensitive data, proceed to remove unnecessary fields or to delete complete events (useful for example to contain costs). Furthermore, it is possible to completely customize the data sent to the new API for custom logs. As well as being able to specify a transformation on the data sent to the new API, you can also explicitly define the schema of your custom table (including dynamic data structures) and leverage AAD authentication and ARM RBAC management.
Configure
Azure Automation
Extension for the Hybrid Runbook Worker
The User Hybrid Worker extension was announced in Azure Automation, which is based on the virtual machine extensions framework and offers an integrated installation experience. There is no dependency on the Log Analytics agent and workspace, and authentication is via System-assigned managed identities, eliminating the need to manage certificates. Furthermore, ensures automatic minor version upgrades by default and simplifies small-scale management of Hybrid Workers through the Azure portal, cmdlet PowerShell, Azure CLI, Bicep, ARM templates and the REST API.
Govern
Azure Cost Management
Use tag inheritance for cost management (preview)
Tag inheritance was announced in a public preview, which allows you to automatically apply subscription and resource group tags to child resources. This mechanism simplifies cost management pipelines.
Updates related toMicrosoft Cost Management
Microsoft is constantly looking for new methodologies to improve Microsoft Cost Management, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent incorrect spending patterns and optimize costs . Inthis article the main improvements and updates of this solution are reported for the year 2022.
Azure Arc
Azure Arc enabled Azure Container Apps (preview)
Azure Container Apps enables developers to quickly build and deploy microservices and containerized applications. Deploying an Arc extension on Azure Arc enabled Kubernetes cluster, IT administrators gain control of the underlying hardware and environment, enabling high productivity of Azure PaaS services within a hybrid environment. The cluster can be on-premise or hosted in a third-party cloud. This approach allows developers to leverage the functionality and productivity of Azure Container Apps anywhere, not only in Azure environment. While, IT administrators can maintain corporate compliance by hosting applications in hybrid environments.
Server Azure Arc enabled in Azure China
Azure Arc-enabled servers are now also operable in two regions of Azure China: Est China 2 and North China 2.
Secure
Microsoft Defender for Cloud
New features, bug fixes and deprecated features of Microsoft Defender for Cloud
Microsoft Defender for Cloud development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features.
Protect
Azure Backup
Recovery of Azure virtual machines Cross Zonal
Azure Backup exploits the potential of Zonal Redundant Storage (ZRS), which stores three replicas of backup data in different Availability Zones, synchronously. This allows recovery points stored in the Recovery Services Vault to be used with ZRS storage even if the backup data in one of the Availability Zones is unavailable, ensuring data availability within a region.
The Cross Zonal Restore option can be considered when:
Zone-wide availability of backup data is critical, and backup data downtime is unacceptable. This allows you to restore Azure virtual machines and disks to any zone of your choice in the same region.
Backup data resilience is needed along with data residency.
Azure Kubernetes Service (AKS) Backup (private preview)
For the Azure Backup service, the private preview of AKS Backup was announced. Using this feature it is possible:
Back up and restore containerized applications, both stateless and stateful, running on AKS clusters
Back up and restore data stored on persistent volumes attached to clusters.
Perform backup orchestration and management from the Backup Center.
Azure Site Recovery
Increased the churn limit(preview)
Azure Site Recovery (ASR) increased the data churn limit by approx 2,5 times, bringing it to 50 MB/s per disk. This way you can configure disaster recovery (DR) for Azure VMs with a data churn of up to 100 MB/s. This allows you to enable DR for IO intensive workloads. This feature is only available for Azure-to-Azure replication scenarios.
New Update Rollup
For Azure Site Recovery was released theUpdate Rollup 65 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.
Migrate
Azure Migrate
New Azure Migrate releases and features
Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult this page, that provides information about new releases and features. The main news of this month are described in detail in the following paragraphs.
Software inventory and agentless dependency analysis
Azure Migrate agentless software inventory and dependency analysis is now available for Hyper-V VMs, for bare-metal servers and for servers running on other public clouds such as AWS and GCP. It is therefore possible to inventory the applications, the roles and features installed on those systems. Furthermore, you can run dependency analysis on discovered Windows and Linux servers without installing any agents. Thanks to these features it is possible to build migration plans to Azure more effectively, going to group the servers related to each other.
Building a business case with Azure Migrate (preview)
Azure Migrate's business case feature helps you build business propositions to understand how Azure can drive the most value. In fact,, this solution allows you to understand the return on investment regarding the migration of server systems to Azure, of SQL Server deployments and ASP.NET web applications running in the VMware environment . The business case can be created with just a few clicks and can help you understand:
Total cost of ownership on-premises vs Azure and annual cash flow.
Resource utilization-based insights to identify ideal servers and workloads for the cloud and recommendations for right sizing in Azure.
Benefits for migration and modernization, including the end of support for Windows and SQL versions.
Long-term savings by moving from a capital expenditure model to an operating expenditure model, paying only for what you use.
Evaluation of Azure
To test for free and evaluate the services provided by Azure you can access this page.
Azure Dedicated Host gives you more control over the hosts you deployed by giving you the option to restart any host. When undergoing a restart, the host and its associated VMs will restart while staying on the same underlying physical hardware. With this new capability, now generally available, you can take troubleshooting steps at the host level.
New Memory Optimized VM sizes (preview)
The new E96bsv5 and E112ibsv5 VM sizes part of the Azure Ebsv5 VM series offer the highest remote storage performances of any Azure VMs to date. The new VMs can now achieve even higher VM-to-disk throughput and IOPS performance with up to 8,000 MBps and 260,000 IOPS. This enables you to run data intensive workloads more efficiently and process more data on fewer vCPUs, potentially optimizing infrastructure and licensing costs.
Networking
Feature enhancements to Azure Web Application Firewall (WAF)
Azure’s global Web Application Firewall (WAF) running on Azure Front Door, and Azure’s regional WAF running on Application Gateway, now support additional features that help organizations improve their security posture and make it easier to manage logging across resources:
SQL injection (SQLi) and cross site scripting (XSS) detection queries: new Azure WAF analytics SQLi and XSS detection rule templates simplify the process of setting up automated detection and response with Microsoft’s security incident & event management (SIEM) service: Microsoft Sentinel.
Azure policies for WAF logging: the regional WAF on Application Gateway and the global WAF running on Azure Front Door now have built-in Azure policies requiring resource logs and metrics. This allows organizations to enforce standards for WAF deployments to collect logs and metrics for further analysis and insights related to security events.
In addition, Azure regional WAF on Application Gateway now has:
Increased exclusion limit: CRS 3.2 or greater ruleset now supports exclusions limit up to 200, a 5x increase from older versions; allowing for greater customization on how the WAF handles managed rulesets.
Bot Manager ruleset exclusion rules: exclusions are extended to Bot Manager Rule Set 1.0. Learn more: WAF exclusions.
Uppercase transform on custom rules: you can now handle case sensitivity when creating custom WAF rules using uppercase transform in addition to the lowercase transform.
The cross-zone replication feature allows you to replicate your Azure NetApp Files volumes asynchronously from one Azure availability zone (AZ) to another in the same region. It uses a combination of the SnapMirror® technology used with cross-region replication and the new availability zone volume placement feature, to replicate data in-region; only changed blocks are sent over the network in a compressed, efficient format. It helps you protect your data from unforeseeable zone failures, without the need for host-based data replication. This feature minimizes the amount of data required to replicate across the zones, therefore limiting data transfers required and also shortens the replication time, so you can achieve a smaller restore point objective (RPO). Cross-zone replication doesn’t involve any network transfer costs, and hence it is highly cost-effective.
Azure HX series and HBv4 series virtual machines (preview)
The Azure HX series and HBv4 series virtual machines (VMs) are now in preview in the East US region. These VMs, powered by AMD 4th gen EPYCTM “Genoa” CPUs, improve the performance and cost-effectiveness of a variety of memory performance bound, compute bound, and massively parallel workloads. These new VMs deliver more performance, value-adding innovation, and cost-effectiveness to every Azure HPC customer.
Networking
Azure Bastion now support shareable links (preview)
With the new Azure Bastion shareable links feature in public preview and included in Standard SKU, you can now connect to a target resource (virtual machine or virtual machine scale set) using Azure Bastion without accessing the Azure portal.
This feature will solve two key pain points:
Administrators will no longer have to provide full access to their Azure accounts to one-time VM users, helping to maintain their privacy and security.
Users without Azure subscriptions can seamlessly connect to VMs without exposing RDP/SSH ports to the public internet.
Storage
Azure File Sync agent v15.2
Azure File Sync agent v15.2 is now on Microsoft Update and Microsoft Download Center.
Improvements and issues that are fixed:
Fixed a cloud tiering issue in the v15.1 agent that caused the following symptoms:
Memory usage is higher after upgrading to v15.1
Storage Sync Agent (FileSyncSvc) service intermittently crashes
Files are failing to recall with error ERROR_INVALID_HANDLE (0x00000006)
Fixed a health reporting issue with servers configured to use a non-Gregorian calendar
More information about this release:
This release is available for Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 and Windows Server 2022 installations
The agent version for this release is 15.2.0.0
Installation instructions are documented in KB5013875
In November, Microsoft released some important news regarding Azure management services. Through these articles released on a monthly basis, we want to provide an overall overview of the main news of the month, in order to stay up to date on these arguments and have the necessary references for further information.
The following diagram shows the different areas related to management, which are covered in this series of articles:
Figure 1 – Management services in Azure overview
Configure
Azure Automation
Support for Availability Zones
Azure Automation has introduced support for Availability Zones so that it can provide greater resiliency and reliability to the service, runbooks and other automation resources. In case a zone is inactive, no user action is required to recover from a zone fault, in fact, the service will be made accessible through the other available areas. In addition to high availability, this feature is useful for implementing a disaster recovery strategy for the Automation Account, often a key component in DR plans in Azure.
Govern
Azure Cost Management
Updates related toMicrosoft Cost Management
Microsoft is constantly looking for new methodologies to improve Microsoft Cost Management, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent incorrect spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported, including:
Ability to use tag inheritance to group subscriptions and resource groups.
View cost change over previous period, in the cost analysis preview.
Azure Advisor: new cost recommendations for Virtual Machine Scale Sets
Azure Advisor has expanded the recommendations to include cost optimizations for Virtual Machine Scale Sets as well. Recommendations will include recommendations for shutting down resources that are not being used, recommendations for changing the SKU and downscaling for underutilized resources versus provisioning.
Secure
Microsoft Defender for Cloud
New features, bug fixes and deprecated features of Microsoft Defender for Cloud
Microsoft Defender for Cloud development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:
Protecting containers in a GCP environment with Defender for Containers
Ability to validate Defender for Containers protections via sample alerts
Governance rules at scale (preview)
Protect
Azure Backup
Cross-subscription recovery for VMs in Azure (preview)
The Cross Subscription Restore feature was announced in preview and allows you to restore Azure virtual machines, by creating or restoring new disks, in any subscription, starting from the restore point created by Azure Backup. By default, Azure Backup restores in the same subscription where the recovery points are available. With this new feature, you get the flexibility to perform restores in any subscription of the tenant. Cross Subscription Restore is also supported for restore with Managed System Identities (MSI), while it is not currently supported for Azure encrypted virtual machines and Trusted Launch VMs.
Migrate
Azure Migrate
New Azure Migrate releases and features
Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult this page, that provides information about new releases and features. In particular, this month the main news concern:
Support for using a sudo account to perform agentless dependency analysis on Linux servers running in environments VMware, Hyper-V and for physical systems or in other cloud environments.
Support for selecting VNets and Subnets during test migration (Using PowerShell) for the agentless VMware scenario.
OS disk swap support for agentless VMware scenario.
Support for pausing and resuming replicas using PowerShell for VMware agentless scenario.
Azure Database Migration
Offline Azure SQL Database migrations with the Azure SQL Migration extension
To perform offline migrations of SQL Server databases running on-premises, SQL Server on Azure virtual machines or any virtual machine running in the cloud (private, public) to Azure SQL Database you can use the extension Azure SQL Migration
New Azure SQL Migration extension migration feature provides an end-to-end experience to modernize SQL Servers in Azure SQL Database. The extension allows you to check the readiness of the migration with actions for: remedying possible migration blocks, export assessment results and get appropriate Azure recommendations.
Evaluation of Azure
To test for free and evaluate the services provided by Azure you can access this page.
