Azure Announcements (August 2022)

Azure Update Announcements

Microsoft Azure, being a constantly evolving, updating and changing environment, makes it difficult to sometimes follow all that happens around it. I will try to condense some of the Azure Announcements based on status – generally available, preview or update features.

Be aware that generally available features/updates might incur costs. Anything that is part of a public preview, does not incur any costs, but also does not have Service-Level Agreement (SLA) attached to it.

Past articles:

Azure Announcements (July 2022)
Azure Announcements (June 2022)

General Availability Announcements

Reservation administrator and reader roles in the Azure Portal

Read and manage all reservations using the reservation administrator and reader roles in your Azure Active Directory (Azure AD) tenant (directory) without having to explicitly be assigned to individual reservations. You can now assign these roles in the Azure Portal.

Additional information:

General availability: Reservation administrator and reader roles in the Azure Portal
Permissions to view and manage Azure reservations

Azure Firewall Premium is now ICSA labs certified

The new Intrusion Prevention System (IPS) certification from ICSA Labs is an important IPS certification, is an addition to our existing Firewall certification, from ICSA Labs. ICSA Labs provides credible third-party testing and certification of security and health IT products, as well as network-connected devices. This includes certification of network intrusion prevention systems.

Additional information:

Generally available: Azure Firewall Premium is now ICSA labs certified
Azure Firewall Premium IPS certification report

Enforcement mode of machine configuration (previously guest configuration)

The enforcement mode of machine configuration (previously guest configuration) is now generally available. This represents the ApplyAndMonitor and ApplyAndAutocorrect auditing modes. The customer experience within Azure has not changed as a result of the renaming. Machine configuration continues to provide a native capability to audit or configure operating system settings as code, both for machines running in Azure and hybrid Azure Arc-enabled servers, directly per-machine or at-scale orchestrated through Azure Automanage, Microsoft Defender for Cloud, or Azure Policy.

You will now be able to: 

  • Apply and monitor configurations: Set the required configuration on your machines and remediate on demand.
  • Apply and autocorrect configurations: Set the required configuration at scale and autoremediate in the event of a configuration drift. 
  • Apply configurations to machines at management group level.
  • Set TLS 1.2 to machines through our newly released built-in policy.
  • Create, delete, and monitor the compliance of your configurations through the Azure portal.

Additional information:

Generally available: Enforcement mode of machine configuration (previously guest configuration)
Remediation options for machine configuration | Microsoft Docs
Named Replicas FAQs: 
Understand the machine configuration feature of Azure Policy | Microsoft Docs

Preview Features Announcements

Container insights portal integration with basic logs

Basic logs offer a low-cost alternative to the standard analytics logs. Azure Monitor container insights offers support for basic logging through the ContainerLogV2 schema (preview). With the container insights integration, you can now receive the full portal feature parity with drill-in functionality through the container insights portal experience.

Additional information:

Public preview: Multiple backups per day for Azure Virtual Machines
Back up an Azure VM using Enhanced policy | Microsoft Docs

Microsoft Azure Load Testing supports private endpoints testing

Azure Load Testing now supports load testing for private endpoints. You can create an Azure Load Testing resource and enable it to generate load from within your virtual network (VNET injection).

his functionality enables the following usage scenarios:

Additional Information:

Public preview: Microsoft Azure Load Testing supports private endpoints testing
Scenarios for deploying Azure Load Testing in a virtual network | Microsoft Docs
Azure Load Testing service | ITuziast article

Ephemeral OS disks supports host-based encryption using customer managed key

Ephemeral OS disk customers can choose encryption type between platform managed keys or customer managed keys for host-based encryption. The default is platform managed keys. This feature would enable our customers to meet your organization’s compliance needs.

Refer to the documentation for more details on encryption at host.

Additional information:

Public preview: Ephemeral OS disks supports host-based encryption using customer managed key
About Dimitar Grozdanov 36 Articles
Engineer. 25+ years “in the field”. Cloud Solution Architect. Trainer, Consultant. Co-founder/Supporter of Tech Communities. Speaker. Blogger. Parent. Passionate about craft beer tasting and hanging out with family and friends.

Be the first to comment

Leave a Reply

Your email address will not be published.