You can create resources very easily on the Azure platform. This is great, but it also provides a few risks. For example, you can delete resources or entire environments just as easily. What is very helpful for tests and demos can be very dangerous for integration and production environments. So you don't have to manage this manually, I wrote an Azure Policy code. This defines the automatic auditing and provisioning of Azure Resource Locks with Azure Policies.
With an Azure Resource Manager (ARM) template, you can create a specific infrastructure on Azure with the click of a button. The template defines the infrastructure as code and Azure is thereby told the target state of the resources. I have created such a template and published it via Github. The ARM template deployment includes a hub and spoke network topology with a central Azure bastion for secure access to VMs. This post shows you step by step how to use the template for yourself.
The Microsoft PaaS "Azure Bastion" is a popular service to make your Azure networks more secure. However, until now there was a drastic limit. Azure Bastion could only be used in the same VNet. VMs in a peered network could not be accessed via Bastion. This circumstance pushes up the costs, because with a hub-and-spoke topology you have to place a bastion in each VNet. But these times are over. Use Azure Bastion with VNet peering (since 05.11.2020 in preview).
The cloud continues to be on the unstoppable growth path and is an omnipresent topic to this day. However, there is no general answer to the question of whether and in what form the cloud is right for companies. This must be assessed on a case-by-case basis. And this is exactly where the difficulty lies, since companies have different levels of knowledge and are at a different point. Microsoft has recognized this and provides extensive help. No matter whether you and your company are still in the very beginning or already very advanced. Become familiar with the Cloud Adoption Framework for Azure (CAF) and use it to make the right decisions and standards.
Mit dem an der Ignite 2020 angekündigten Azure Region Resource Mover kannst du wie der Name sagt, Azure Ressourcen in eine andere Region verschieben (offizielle Bekanntgabe). Der Service ist per sofort im Public Preview Modus verfügbar. Als Azure Advisor habe ich den Region Resource Mover bereits im Februar 2020 im Private Preview Modus für euch testen können. Erfahre mehr über meine ersten Erfahrungen und lerne, wie einfach es ist, deine Azure Ressourcen in eine andere Region zu verschieben. Es ist soweit – the arrival of Azure Region Resource Mover.
The work forms "home office", "remote work" or even "work anywhere" are becoming increasingly important, especially in recent months. This change affects not only users, but also IT staff and system administrators. However, I am often confronted with mistrust and security concerns when dealing with such issues. This is where Azure Bastion comes into play. Bastion not only enables "work anywhere" for system administrators, but also provides increased security and secure access to your Azure VMs without the need for a VPN!
Azure Bastion is an Azure service that allows you to access your Azure VMs securely and centrally via the web portal. This allows you to enable your system administrators and system specialists to "work anywhere" without any security concerns. In this article I will not focus on the service itself, but rather on the steps necessary to plan and implement Azure Bastion.
Already at the Microsoft Ignite in November 2019, the feature and support of multiple windows for Microsoft teams was announced. Since a few months this feature is already in rollout, but only for private chats (see post of 18.05.2020). Now the time has finally come and Microsoft is rolling out the feature of "MS Teams Meetings in separate windows". A long awaited feature on my part!
The cloud offers many new possibilities and is available at the push of a button. And this is exactly what holds various dangers. You start your cloud adventure, start the first services and then soon realize that you made a mistake, for example choosing the wrong type of subscription. Usually you have also spread your services over different resource groups. I have therefore often been confronted with the question "How can I migrate the existing Azure Services distributed in multi resource groups to a new Azure Subscription? With this article I try to answer this question as comprehensively as possible.
Multi-factor authentication is widely used today and should be standard for all companies and individuals. But what if the configured MFA device is lost or broken? Microsoft's Authenticator App offers a practical, simple and secure solution to this problem through cloud backup of the MFA configuration. With it you can easily backup your existing MFA configuration. This article shows how to activate the backup, add another MFA device, load the backup data and remove the lost or broken device. And all of this can be done very easily in a few steps.