During my recent project engagement, I was checking on status of the Azure Blueprints – a service which is still in Preview. I was surprised and alerted with the note I saw on the documentation page. Namely, service is scheduled to be deprecated.
What is Azure Blueprints (Preview)?
First thing first, this is a service that we use in Governance of Azure resources. This preview service allows the engineers and architects to sketch a project’s design parameters, by enabling cloud architects and central information technology groups to define a repeatable set of Azure resources that implements and adheres to an organization’s standards, patterns, and requirements.
What to do if you are using it?
No worries here. If you already using this service, then plan to migrate your existing blueprint definitions and assignments to Template Specs and Deployment Stacks. Your existing Blueprint artifacts could be converted to ARM JSON templates or Bicep files used to define deployment stacks.
When is the deadline?
Well, all the Blueprints (Preview) will be deprecated on July 11, 2026. Thus, you should have enough time to make the transition to Template Specs and Deployment Stacks.
This week was huge, as we celebrated the 4th of July my eyes were on inbox for notifications to see the MVP nomination response from Microsoft.
MVP AWARD ANNONCEMENTs
I am thrilled and humbled to share with all of you that we are renewed as Microsoft Azure MVP for another year. YAY!!!
The email that I received was one of the best notifications of 2023 so far. Finally, an email below came out with an invitation to us (#cloudmarathoners) to accept the Microsoft MVP Award.
AWARD notification to CloudMarthoner
The email notification below is the highest recognition of the value and continues support that we (#CloudMarathoner) community do provide to everyone who is going through #cloudjourney and the career transformation process in their life.
-Microsoft MVP award notification email
YOU are all MVPs
Yes, that is right, this nomination and reward belongs to all of us. Because we are a unique community that shared interesting and informative posts and encouraged everyone to start their cloud journey.
Congrats to Martin on becoming Microsoft MVP
As you might know, an active member of our #cloudmarathoner community, Martin Dimovski, became an MVP just a few weeks ago. I have congratulated him on social channels as he truly embraced the #cloudmarathoner community and become one of the vocal people in our community. So, please join me in congratulating him.
What it takes to be an MVP
The MVP Award is a global program of recognized technology experts and community leaders who actively supporting technical communities through unique, innovative, and consistent knowledge sharing. These community leaders actively contribute to support the developer and IT Pro communities worldwide, helping them learn, build, and use our products. Learn below what the Microsoft MVP Program seeks for recognition of future community leaders.
Demonstrate community leadership and influence
Our program finds strength in diversity, inclusion, and positive influence. In all our interactions, we aspire to embody and champion these values as a program and as a community. Qualifying applicants must demonstrate leadership and ability to facilitate the sharing of knowledge with others, promote inclusive activities, and advance social good to support the community and under-represented groups.
Be a technical expert
Community leaders must have deep knowledge and expertise aligned to a Microsoft product or service or related open-source technologies. Through community work, qualifying applicants should be able to demonstrate their technical expertise.
Be a great advocate for the community
Leverage your technical expertise to advocate in the technical community. Qualifying applicants should generate local and global awareness that supports adoption and learning of Microsoft products & services through authentic connections, online/offline activities, and community enablement.
Contribute to the success of our products
Qualifying applicants should use their ability to discover and recommend improvements to Microsoft products & services through Microsoft official feedback channels (e.g., GitHub, Tech Community, etc.) or work on open-source extensions within the ecosystem.
I just want to say a massive, heartfelt thank you to all of you phenomenal individuals and organizations (T-REX Solutions, Cloud Lunch and Learn, MVP Community and LinkedIn community) for being my cheerleaders, my mentors, and my friends throughout my Microsoft MVP work and cloud journey. Your continued support has not only made me leapfrog personal and professional milestones but has also injected me with a hefty dose of confidence and determination.
I feel incredibly blessed to have such an extraordinary network of rockstars supporting me, and I can’t wait to keep on growing, learning, and rocking the tech world alongside each and every one of you! Sending you all a virtual bear hug filled with gratitude and joy!
What is Next?
I am still in a pleasant shock, and simply to say that “I am proud and humbled to receive this award” is an understatement. I am truly proud to be recognized along the way with the rest of the #MVP community while helping the #CloudMarathoner community to grow and prosper.
I am really happy to continue this cloud journey and invite you – the Cloud Marathoners ⛅🏃♂️🏃♀️ to join as well and be an important part of this community!!!
We started the #CloudMarathoner community and cloud learning journey approximately 3+ years ago with few posts and followers. My main intention in starting this hashtag is to help everyone learn the #cloud #fundamentals & #architecture while sharing training resources that could help you in your awesome #cloud journey.
We ARE GROWING every month
Thank you for your continued feedback and support! Our #CloudMarathoner community is over 1600+ members strong and we are growing it every month. This community of contributors and members like Hugo Barona, Jackson Feldon, new MVP – Martin Dimovski, John Lokerse and many other leaders are able to reach and inspire many more people every day and week.
If you have been implementing your customers with the management of enterprise subscriptions and policies, then it is a pretty common need to automate the provisioning of those subscriptions in a controlled and secure manner.
The good news is that you don’t have to reinvent the wheel and do everything from scratch. The Microsoft team that is behind the Azure Landing Zones implementation has a good reference that could tremendously help you.
Microsoft Global Customer Success team
Have you ever checked the subscription vending IaC Modules from the Microsoft Global Customer Success team (the same team behind Azure Landing Zones)?
Subscription Vending IaC Modules
Well, if not then Subscription Vending IaC Modules are available for you in two popular infrastructure-as-code (IaC) tools: Bicep and Terraform. AND designed to help you implement the best practices for subscription provisioning.
Why use these modules?
Using these modules, you can quickly and easily provision new Azure subscriptions that are pre-configured to meet your organization’s specific needs. The modules include parameters/variables for Role-Based Access Control, Networking, Tags, and more.
Recently, I have been asked for a reference on how to implement a microservices architecture from code to production, using an open-source stack with Azure.
In this workshop, you will build a complete application including a website with authentication and 3 microservices, deploy it to Azure using a CI/CD pipeline, monitor and tune the scaling of our services, and use log tracing to debug issues.
And yes, all that is done without needing to use Kubernetes while using the #AzureBicep 💪 for #infrastructureascode (IaC) and deployment!
This workshop approach is one of many ways to get started with Node.js Microservices in Azure. But, I am interested to hear from you.
What is your preferred way to implement microservices in Azure ⁉ 🤔 Please, share your feedback 💬 in the comments or in the following LinkedIn post.
In Summary
I hope you will enjoy this reference architecture and the @GitHub code repo. More importantly, you got a chance to learn something new. Hopefully, you’ll be able to take this knowledge back to your projects and improve your solutions.
Let’s focus on answering the main question of this post. And some of you may suspect that we will allude to Azure Arc, right?
Microsoft Azure Arc
Yes, with the Microsoft Azure Arc, you can manage servers running on-premises, at the edge, and in multi-cloud environments. And with the latest updates, now, you also get SSH access to your Linux and Windows Servers running anywhere using Azure Arc-enabled servers.
Direct Network Connectivity
Even though direct network connectivity (like SSH connection into the server) can be a challenge in hybrid and multi-cloud environments, Azure Arc-enabled servers enable this unique capability for you.
What are the Helpful References?
Well, let me mention the following important three references that will get you going in your Azure Arc journey, ok?
I hope this provides you with a good overview and resources of how you can manage and SSH access your Linux and Windows Servers anywhere using Azure Arc. And if you feel like you got a question, please, feel free to leave a comment on my LinkedIn post.
This exam assesses the following DevOps skills: ✔ Configure processes and communications ✔ Design and implement source control ✔ Design and implement build and release pipelines ✔ Develop a security and compliance plan ✔ Implement an instrumentation strategy
Your Support is Appreciated!
Thank you 🙏 T-Rex Solutions, LLC for a strong and relentless learning culture and for supporting my Microsoft #MVP journey 👏
Anyone who manages Azure resources knows that consistent naming is key to understanding what a service is, where its location and purpose, and to whom it belongs to.
Are there any tools?
In a recent couple of days, I was exploring a tool/framework that could help me with consistent naming of cloud resources issues. And I was nicely surprised to find the Azure Naming Tool v2.
“The Azure Naming Tool was created to help administrators define and manage their naming conventions while providing a simple interface for users to generate a compliant name.”
What is it for?
The tool was developed using a naming pattern based on Microsoft’s best practices. Once an administrator has defined the organizational components, users can use the tool to generate a name for the desired Azure resource.
These recent updates come with globally optional components, multi-type name generation, some style and/or layout updates, and more.
Summary
The Azure Naming Tool was designed to be as extendable and functional as possible. In order to accommodate that flexibility, several architectural aspects were implemented.
The ANT team will continue to improve the tool and publish updates to the GitHub repository. All feedback is welcome, and feel free to submit a code change if you have a better idea for any part of the tool. Good luck!
We started the #CloudMarathoner community and cloud learning journey approximately 3.5 years ago with few posts and followers. My main intention in starting this hashtag is to help everyone learn the #cloudcomputing and share training resources that could help you in your awesome #cloud journey.
We continuously GROWING
Thank you for your continued feedback and support! Our community is almost 1400+ members string and we are able to reach and empower more people now.
Many Thanks to each of you, who has #shared and commented on #CloudMarathoner posts on social media.
summary
Thank you.. Thank you… Thank you.. For being a true #cloudmarathoner in learning the #cloud and sharing it with your community!
I would like to welcome everyone who is landed on this page to check out the Azure Spring Clean 2023 event and Learn new cloud skills!
Before kicking off the topic, I would like to start with a “THANK YOU” message for the organizers of the event; especially for Joe, Thomas, and everyone who is involved in making this event a successful experience for everyone!
Note:
Introduction
In the spirit of Azure Spring Clean, we will explore how to organize Azure Security Services using the infrastructure-as-Code (IaC) approach with Azure Bicep.
We will look into how you could declaratively define and deploy your Azure security resources including Azure Policies to tackle real-world business problems. So, get yourself ready for simple yet powerful demos that will turn you into a hero.
And don’t worry, if you are new to Azure Bicep as we will have a super express introduction to this new IaC language to get you started with fundamentals.
Azure Bicep is a new declarative Domain Specific Language (DSL) for provisioning Azure resources. The purpose of Azure Bicep is to simplify the resource creation and management experience with a cleaner syntax and more code reuse.
Declaring resources as IaC
There are many benefits in declaring and managing cloud infrastructure resources as a code. It provides benefits, such as increased compliance, visibility, controlled deployments and versioning of changes that get deployed into your cloud environments.
The following screenshot demonstrates how Azure Bicep declares cloud resources on the left side of the panel:
Organizing cloud resources
No matter how small or big is your project, taking time to think through the approach of how to organize your digital assets is an important task. In Microsoft Azure, you would need to consider a couple of points while trying to make this decision. Namely, you would need to consider the following factors:
Resource Governance approach
Management scopes
IaC management options
Modules, ACR, Template Specs, etc.
Azure Policies for governance
The Azure Policies are assigned with a unique mission to guard the compliance aspect of your cloud resources and workloads. It evaluates resources at specific times (by default happens every 24 hours) during the resource lifecycle changes and the policy assignment lifecycle updates.
Thus, whenever you get a resource created, updated, or deleted within a scope of the monitored compliance, or if you update/create an Azure policy then the compliance evaluation cycle will determine the compliance of these changes by auditing, blocking, or allowing the action to be performed.
Securing storage account options
Note: this section of the post is in progress… It will be presented with the screenshots and GitHub repo for you. Stay tuned, and check in a few days 😉
video & Demo – a sweet combo
In the video below, I briefly cover the posted information in this blog post which also includes the instructions on how to run the demo and get the scripts to deploy Azure Policies for your Tag Governance scenario.
Without any overdue, here is the video that should be available to you:
The following image is a screenshot from the slide that demonstrates the Bicep code that declares the policy definition and initiative, with the final view of deployment on the Azure portal.
Thank you so much for reading this post and learning about Azure security and compliance and how IaC language Azure Bicep can help you in this journey. This is a bit different perspective to strengthen your resource/workload compliance on Azure using IaC approach.
Please, keep up the good work by securing your organizational and customer cloud environments!
