Microsoft has recently made an important change to the Azure Landing Zones (ALZ) architecture: the introduction of a dedicated Security Management Group and a Security Subscription within the platform structure. Here is the official blog post on TechCommunity. ...
Adopting cloud technologies is more than a technical upgrade – it is an organizational paradigm shift. To successfully leverage the cloud, organizations must not only modernize infrastructure but also realign their own organization. This post explores why the shift from project-oriented to product-oriented structures is crucial – and how Microsoft’s Cloud Adoption Framework (CAF) supports this journey. ...
Preparing Your Azure Cloud Operations: Key Updates and Best Practices In the ever-evolving world of cloud computing, staying updated with the latest best practices and guidelines is crucial for effective management and optimization of your cloud environment. The article “Ready your Azure cloud operations” on Microsoft Learn provides comprehensive insights and strategies to help you prepare and manage your Azure cloud operations efficiently. Here, we summarize the key updates and best practices highlighted in the article. ...
The blog post “Secure Windows Server 2012/R2 workloads with options from Azure” shows the most important ways to continue to provide security updates to a workload based on Windows Server 2012 even though the end of support has already been reached. At its core, there are the following main options related to Microsoft Azure if you are not able to modernize your workload and migrate to a new server version in the short term. ...
The discussion comes up time and again: are Azure Reserved Instances (RI) or Azure Savings Plans (SP) the better option for running an IaaS-based application in Azure? There is no single answer to this question. In the following, we compare both options and evaluate them using different scenarios. ...
In our CAF Landing Zone Starter Kit, the implementation of the Anomaly Alert on the subscription was missing until now. This is almost complete. Here is a possible implementation of the Anomaly Alert as a Bicep module. Anomaly Alert Bicep targetScope = 'subscription' @description('Name of the Anomaly Alert') param aaName string = 'myAnomalyAlert' @description('Display Name of the Anomaly Alert') param aaDisplayName string = 'Anomaly Alert' @description('Subject of the Anomaly Alert email notification') param aaNotificationSubject string = 'Anomaly Alert detected for your Subscription' @description('Email address to send the Anomaly Alert notification to') param aaNotificationTo string @description('Message of the Anomaly Alert email notification') param aaNotificationMessage string = 'The Anomaly Alert has been triggered for your Subscription ${subscription().subscriptionId}. Please check the Cost Management Dashboard for more details.' @description('Start date of the Anomaly Alert (default: now)') param aaStartDate string = utcNow('u') @description('End date of the Anomaly Alert (default: 1 year from now)') param aaEndDate string = dateTimeAdd(utcNow('u'), 'P1Y') // The kind of the Anomaly Alert must be 'InsightAlert' var aaKind = 'InsightAlert' resource myAnomalyAlert 'Microsoft.CostManagement/scheduledActions@2022-10-01' = { name: aaName kind: aaKind properties: { displayName: aaDisplayName scope: '/subscriptions/${subscription().subscriptionId}' notification: { subject: aaNotificationSubject to: [ aaNotificationTo ] message: aaNotificationMessage } status: 'Enabled' viewId: resourceId('Microsoft.CostManagement/views/','ms:DailyAnomalyByResourceGroup') schedule: { endDate: aaEndDate frequency: 'Daily' startDate: aaStartDate } } } Deploying the Module The module can be applied using the Azure CLI. The important thing is to verify that you are in the correct subscription first. Then the deployment is straightforward: ...
The Cloud Adoption Framework is the One Microsoft approach to cloud adoption in Azure, consolidating and sharing best practices from Microsoft employees, partners, and customers. The framework gives customers a set of tools, guidance, and narratives that help shape technology, business, and people strategies for driving desired business outcomes during their adoption effort. Here is a short collection of links during a CAF related engagement: Start with the CAF documentation in the Microsoft Docs. ...