There are various ways to check the compliance status of Azure policies. It is common to check directly in the portal. However, automated processes are often implemented, such as queries with PowerShell or forwarding to Azure EventGrid. The most elegant… Weiterlesen →
As shown in the previous post, it is easy to deploy a VM with bicep and Microsoft.Compute/virtualMachines. If it is an Azure Linux image, then the root user cannot be used for security reasons and access for SSH via username/password… Weiterlesen →
To deploy a VM with Bicep, the resource Microsoft.Compute/virtualMachines can be used. If the image from SQL Server is used, a Microsoft SQL Server is installed accordingly. However, a sample database or firewall rule is often required. These steps can… Weiterlesen →
If existing environments are recreated in Terraform, the resources already exist. Therefore, the resources must be transferred to the Statefile for management by Terraform. The output for a Terraform apply is: already exists – to be managed via Terraform this… Weiterlesen →
As described in the Post Deploy PolicySets from Azure Landing Zone Repository, PolicySets (Initiatives) can be installed directly from the Azure Landing Zone Repositiory. However, if these references other policies, they must already be installed beforehand. The following script is… Weiterlesen →
As described in the previous post, policies can be downloaded from the Enterprise Scale Architecture Repository and deployed into your own tenant. In addition to the mentioned policies, the repo also provides interesting Policy Initiatives (Policy Sets) that can also… Weiterlesen →
With the Enterprise Scale Architecture, Microsoft offers various landing zone designs that can be used directly as Terraform or Bicep. Interesting is that the repository also contains policies that are not available in the Azure portal. Microsoft recommends these policies… Weiterlesen →
The concept of Availability Zones is well explained in the Microsoft documentation. These are different physical locations within a region that have separate power, cooling, and network infrastructure. When building a resource, it can often be decided in which Availability… Weiterlesen →
Azure resources (e.g. subscriptions) can be better protected with PIM. As a result, access roles are not granted permanently, but must be requested for a specified period of time. After this period, the permission is automatically revoked. If the PIM… Weiterlesen →
To set up a budget with warning in Azure, the Az.Billing PowerShell Module offers the cmdlets New-AzConsumptionBudget. Unfortunately, the PowerShell commands don’t seem to be implemented correctly in version 2.0.0 at the Az Module 8.3.0 or newer (currently 9.0.1): The… Weiterlesen →
Azure Automation can automatically send emails through alerts when a runbook fails. Unfortunately, these alert mails cannot be adjusted and it is often necessary to send further information. In this case SendGrid is a good alternative because the mail service… Weiterlesen →
Should files are uploaded or downloaded from an Azure Storage Account Blob, there are corresponding PowerShell commands. Specifically, Get-AzStorageBlobContent or Set-AzStorageBlobContent can be used. Both commands always require the specification of a local file. In some cases, however, it may… Weiterlesen →
Azure provides a good way with Cost Management to report the costs and consumption of Azure Services. It offers various filtering, aggregation and export options. In some cases, however, it is still necessary to call up and process the data… Weiterlesen →
In some cases VMs have to be started / stopped in a certain order. Often, certain services have to run before the next VM can start. It may be necessary to set waiting times between the start of two VMs…. Weiterlesen →
© 2024 Azure Talk — Diese Website läuft mit WordPress
Theme erstellt von Anders Norén — Nach oben ↑