The most watched videos on my youtube channel are related to security. Azure SQL Networking Secrets and Cloud Security: Secure Access from your Applications to Azure SQL explain private endpoints from different points of views: Azure SQL and Function Apps. The concepts of Private Endpoints apply to most Azure features and even the relation of … Read more
Nikola Ilic, best known as Data Mozart, published a great article and video about how to make semantic model data available in Microsoft Fabric. This allows the data to be used in lakehouses or data warehouses. One major question that arises is, “should we use a top-down or bottom-up (or both) approach in Microsoft Fabric?” … Read more
Recently Azure Resource Graph was announced as a new connector in Power BI. Azure Resource Graph provides access to almost all resources inside the azure environment of a company. Why is this important? Resource Graph by itself is a very important tool to analyze the provisioned resources on Azure environment without lose the control of … Read more
Move objects on Azure is not simple. Move between Tenants is extremely difficult or not possible. I faced the challenge to move a virtual machine and disks between tenants recently and found the solution. Some Years ago, I wrote an article about the Azure Resource Mover when it was still being created. Today the resource … Read more
SQL Server 2022 is finally GA and one of the features I was most expecting is finally available. It’s the allows Azure AD Authentication. Azure AD users can access SQL Server directly, without a second user account. SQL Server on premises requires Azure ARC to be integrated to Azure. Azure VMs, on the other hand, … Read more
Synapse is a great data lake house tool. This means in a single tool we have resources to manage a data lake and data warehouse. The Synapse Serverless Pool is great to manage data lakes and for a great price: around us$ 5,00 for each TB of data queried. This makes it a great choice. … Read more
The app services in the title can be function apps, web apps or more. We can deploy the app services on the native app service environment provided by Microsoft or using containers. What’s the different between using the native environment or using containers? The differences aren’t many and it’s not easy to identify when it’s … Read more
The Auto-Shutdown policy is another important policy to ensure our virtual machines don’t expend more than what we planned for them. If we have a time window to use the virtual machines, the auto-shutdown policy can deactivate them at the right time. We need to discover the deep internal details about the auto-shutdown configuration before … Read more
Blueprints are (or should be) an important feature for Azure Cloud provisioning. Probably you already know about ARM templates. We can say they are the basic notation for deployment in Azure. But what happens when we need to deploy multiple items at once? Here are some options: Build everything in a single ARM template, what … Read more
Azure Cloudshell uses PowerShell 7.2.1. However, Powershell 7.2.2 is already available and we have also a PowerShell version 7.3.0 in preview. Wouldn’t it be nice if you could update the powershell version in cloudshell, instead of waiting for Microsoft? This would allow you to run scripts using the new features of the updated versions. Before … Read more
*Update at the end Azure Storage Policies are around for some time already, but they manage to stay unnoticed. This feature is very powerful and few people know about it. Probably you already know about Storage Keys and Shared Access Security. It’s important to highlight one limitation: Once we generate a SAS key, we can’t … Read more
I believe I’m not alone on this feeling: It seems like every time we use the Azure Portal some new feature appear. The features reproduce themselves faster than rabbits. Did you had this feeling before? Share your thoughts in the comments. This week, working with Azure, I found some new small features around and decided … Read more
I wrote many blogs about policies in Azure. First, I started talking about How essential Policies are. After that, I included them in a blog about Azure SQL AD Only Authentication and finally about how to ensure Azure SQL is with Azure AD Only Authentication enabled. Using both, policies and management groups, we can manage … Read more
MFA and conditional access policies are powerful tools for our cloud security, but they are full of tricks. I don’t pretend to cover the basics here. You know you can create conditional access policies to request MFA authentication from the users. You also know the fact the default configuration (which you should avoid) will request … Read more
A silly mistake, a site recovery error and a troubleshooting case study, let’s check how it happened. I was demonstrating Site Recovery in a training. Site recovery is a slow task, so I make the demonstration among other explanations, put the demonstration in the middle of other subjects. This also doesn’t leave much room to … Read more
Microsoft has made it possible to integrate Azure Active Directory with Virtual Machines. In this post, Dennes Torres walks you through the steps to set it up. … Read more
Some time ago I wrote a blog about the just released feature to allow only Azure Authentication in Azure SQL Databases. On that blog, I explained not only about the feature, but how to use Azure Policies, a great feature for governance, to control which Azure SQL are correctly configured and which is not, … Read more
Dynamic data mask is a very interesting security feature allowing us to mask critical fields such as e-mail, phone number, credit card and so on. We can decide what users will be able to see the value of these features or not. This feature faced many flaws when it was released, but I believe it’s … Read more
Saying that I’m from the time of the MDAC would be to break the main rule of never reveal our age. However, who really remembers Microsoft Data Access Components – MDAC – today ? Microsoft had ODBC and it was good. Out of the blue came Borland with a thing called BDE that was way … Read more
Azure is part of the Microsoft Global Network. Applications in the Azure environment can receive access from the entire world. This world-wide access creates a dilemma about the routing to the Azure services. We face two options: routing through Microsoft Global Network or through public internet. Initially only the Storage Accounts had a direct configuration … Read more