(Part-1) Leverage Bicep: Standard model to Automate Azure IaaS deployment
Subjects. Those deeply interested in IaC using Azure. Those who understand the basics of Azure Resource Manager Templates and want to work deeply with Bicep. Those who understand the names of services and functions used in Azure IaaS and have experience in building automation. Agenda. How about Bicep Difference between ARM templates and Bicep Basic functionality Bicep Development Environment Sample Code and Explanation Traps and Avoidance Notes. Azure services are evolving every day. This content is based on what we have confirmed as of April 2023.
Azure Extended Zones: Optimizing Performance, Compliance, and Accessibility
Azure Extended Zones are small-scale Azure extensions located in specific metros or jurisdictions to support low-latency and data residency workloads. They enable users to run latency-sensitive applications close to end users while maintaining compliance with data residency requirements, all within the Azure ecosystem.
Azure Virtual Desktop Specialty certification is here!
2019 was declared the year of VDI, 2020 was the year of Cloud and I think that 2021 will be the year of Azure Virtual Desktop, bringing VDI and the Cloud together…and the long wait is over! The Azure Virtual Desktop Specialty certification is now generally available. So lets take a few minutes to chat about WVD and why the Exam AZ-140: Configuring and Operating Microsoft Azure Virtual Desktop is something you should be interested in! What is Azure Virtual Desktop? Azure Virtual Desktop is Microsoft Azure’s VDI PaaS solution that enables you to provide remote applications and/or full desktops in the cloud. One of the strongest points of WVD is Windows 10 Multi-session which combines the functionality of a traditional windows remote desktop server with the windows client experience, giving you the best of both worlds. This combined with the FSLogix User Profile software is an amazing solution that will allow your users to work from home or remote locations securely without needing all the traditional heavy infrastructure. Why should you bother taking the Exam AZ-140? Like with all certifications it is a measure of your ability to complete a task, demonstrate your knowledge, improve your resume, get your next dream job, make more money, feel accomplished and empowered and of course bragging rights! What does the exam cover? The Exam AZ-140 will test all your Azure skills across five (5) key areas. Planning your Azure Virtual Desktop Architecture Implementing your Azure Virtual Desktop Infrastructure Manage Access and Security Manage User Environment and Apps Monitor and maintain your Azure Virtual Desktop Infrastructure. Who should be ready to take the exam? Those looking to get this certification should have a general expertise across The Azure Virtual Desktop stack along with Azure administration and architecture expertise including but not limited to: Azure Active Directory, Active Directory Domains, Group policy, Identity Security, Networking, DNS, Network Security, Endpoint Protection, Azure Virtual Machines, Mobile Device Management, Printing, Azure Monitor, FSLogix User Profiles Azure Storage solutions, client-side security, Automation Disaster Recovery, and VM Imaging. Now this may seem like a lot…and it is, but we’ve got you covered! The Azure Academy: Your training begins with my Azure Academy YouTube channel, where I have a 20-part video Study Guide on the AZ-140 exam. This series was developed to match the requirements and is broken down into two (2) sections. The first eleven (11) Learning videos and twelve through twenty (12-20) Implementation videos. This way you can zero in on the specific areas you need to understand and practice building so you are ready for anything the exam can through at you! What The Hack: But the fun doesn’t stop there. My team, FastTrack for Azure, has led an effort across Microsoft’s WVD experts including Cloud Solution Architects, Global Black Belts, Customer Engineers and Consultants to put together materials to help you prep for the exam which can be found on the public GitHub repo “What The Hack” A Hack is a challenge-based approach to learning. This format is intended to be led by a coach who will help guide the students as they progress through the challenges. This can be done on your own or with a small group to think through things as you would in designing a real-world solution. In this Hack you will find twelve (12) challenges which align with the video series to help you through each section to dive a little deeper into the scenarios and build the solutions, giving you the skills, you need to take the exam with confidence. This gives you the flexibility to use the videos as your coach or work with a WVD expert to coach you and your team through the process. What’s Next? “I can only show you the door, you are the one who must walk through it.” - Morpheus We have created the resources; Microsoft created the certification…it’s up to you now! Start down your learning path or if you are ready schedule your exam. If you need help drop a comment here or on one of my videos and we will all do our best to answer your questions. Also drop me a comment when you pass your exam, I love to hear your success stories and suggestions. Thanks for taking a few minutes out of your day to read this blog post…and good luck and all the success in the world to you in the year of Azure Virtual Desktop #HappyLearning Dean Cefola FastTrack for Azure Principal Engineer Azure Academy creatorResiliency Best Practices You Need For your Blob Storage Data
Maintaining Resiliency in Azure Blob Storage: A Guide to Best Practices Azure Blob Storage is a cornerstone of modern cloud storage, offering scalable and secure solutions for unstructured data. However, maintaining resiliency in Blob Storage requires careful planning and adherence to best practices. In this blog, I’ll share practical strategies to ensure your data remains available, secure, and recoverable under all circumstances. 1. Enable Soft Delete for Accidental Recovery (Most Important) Mistakes happen, but soft delete can be your safety net and. It allows you to recover deleted blobs within a specified retention period: Configure a soft delete retention period in Azure Storage. Regularly monitor your blob storage to ensure that critical data is not permanently removed by mistake. Enabling soft delete in Azure Blob Storage does not come with any additional cost for simply enabling the feature itself. However, it can potentially impact your storage costs because the deleted data is retained for the configured retention period, which means: The retained data contributes to the total storage consumption during the retention period. You will be charged according to the pricing tier of the data (Hot, Cool, or Archive) for the duration of retention 2. Utilize Geo-Redundant Storage (GRS) Geo-redundancy ensures your data is replicated across regions to protect against regional failures: Choose RA-GRS (Read-Access Geo-Redundant Storage) for read access to secondary replicas in the event of a primary region outage. Assess your workload’s RPO (Recovery Point Objective) and RTO (Recovery Time Objective) needs to select the appropriate redundancy. 3. Implement Lifecycle Management Policies Efficient storage management reduces costs and ensures long-term data availability: Set up lifecycle policies to transition data between hot, cool, and archive tiers based on usage. Automatically delete expired blobs to save on costs while keeping your storage organized. 4. Secure Your Data with Encryption and Access Controls Resiliency is incomplete without robust security. Protect your blobs using: Encryption at Rest: Azure automatically encrypts data using server-side encryption (SSE). Consider enabling customer-managed keys for additional control. Access Policies: Implement Shared Access Signatures (SAS) and Stored Access Policies to restrict access and enforce expiration dates. 5. Monitor and Alert for Anomalies Stay proactive by leveraging Azure’s monitoring capabilities: Use Azure Monitor and Log Analytics to track storage performance and usage patterns. Set up alerts for unusual activities, such as sudden spikes in access or deletions, to detect potential issues early. 6. Plan for Disaster Recovery Ensure your data remains accessible even during critical failures: Create snapshots of critical blobs for point-in-time recovery. Enable backup for blog & have the immutability feature enabled Test your recovery process regularly to ensure it meets your operational requirements. 7. Resource lock Adding Azure Locks to your Blob Storage account provides an additional layer of protection by preventing accidental deletion or modification of critical resources 7. Educate and Train Your Team Operational resilience often hinges on user awareness: Conduct regular training sessions on Blob Storage best practices. Document and share a clear data recovery and management protocol with all stakeholders. 8. "Critical Tip: Do Not Create New Containers with Deleted Names During Recovery" If a container or blob storage is deleted for any reason and recovery is being attempted, it’s crucial not to create a new container with the same name immediately. Doing so can significantly hinder the recovery process by overwriting backend pointers, which are essential for restoring the deleted data. Always ensure that no new containers are created using the same name during the recovery attempt to maximize the chances of successful restoration. Wrapping It Up Azure Blob Storage offers an exceptional platform for scalable and secure storage, but its resiliency depends on following best practices. By enabling features like soft delete, implementing redundancy, securing data, and proactively monitoring your storage environment, you can ensure that your data is resilient to failures and recoverable in any scenario. Protect your Azure resources with a lock - Azure Resource Manager | Microsoft Learn Data redundancy - Azure Storage | Microsoft Learn Overview of Azure Blobs backup - Azure Backup | Microsoft Learn Protect your Azure resources with a lock - Azure Resource Manager | Microsoft Learn(Part-3) Leverage Bicep: Standard model to Automate Azure IaaS deployment
Subjects. Those deeply interested in IaC using Azure. Those who understand the basics of Azure Resource Manager Templates and want to work deeply with Bicep. Those who understand the names of services and functions used in Azure IaaS and have experience in building automation. Agenda. How about Bicep Difference between ARM templates and Bicep Basic functionality Bicep Development Environment Sample Code and Explanation Traps and Avoidance Notes. Azure services are evolving every day. This content is based on what we have confirmed as of April 2023.(Part-2) Leverage Bicep: Standard model to Automate Azure IaaS deployment
Subjects. Those deeply interested in IaC using Azure. Those who understand the basics of Azure Resource Manager Templates and want to work deeply with Bicep. Those who understand the names of services and functions used in Azure IaaS and have experience in building automation. Agenda. How about Bicep Difference between ARM templates and Bicep Basic functionality Bicep Development Environment Sample Code and Explanation Traps and Avoidance Notes. Azure services are evolving every day. This content is based on what we have confirmed as of April 2023.
