Summary of Azure snippets for the week commencing 17th March 2025, grouped by Azure service. Notably, the AKS updates this time include a pretty significant networking retirement.

For all the updates on Azure platform resources and products - Azure updates from Microsoft

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• Azure Backup
• Azure Kubernetes Services
• Azure Load Balancer
• Azure Storage
• Virtual Network Manager

Azure Backup

• Vaulted Backup for Azure Database for PostgreSQL Flexible Server (GA) : Generally available in 5 regions (including UK South and UK West), public preview in others. Definite enhancement to DB for PostgreSQL backups which were previously only available with the server. Good to see more services coming in to Azure Backup to take advantage of the enhanced resilience and security a Vault can provide.

Rather belated happy new year, and welcome to the first post of 2025!

Summary of Azure snippets for the week commencing 10th February 2025, grouped by Azure service.

For all the updates on Azure platform resources and products - Azure updates from Microsoft

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• Azure Data Studio
• Azure Kubernetes Services
• Azure SQL
• Azure Storage
• Azure Virtual Network Manager
• Compute
• Infrastructure as Code

Azure Data Studio

• Azure Data Studio retiring on 28th February 2026 (RET) : ADS is deprecated from February 2025 - Visual Studio Code with the MSSQL extension is the database development tool of choice going forward. SQL Server Management Studio will remain available to handle any incompatibility issues.

Azure Kubernetes Services

• AKS Communication Manager (Public Preview) : AKS Communication Manager simplifies notifications for all your AKS maintenance tasks by leveraging Azure Resource Notification and Azure Resource Graph frameworks. It provides timely alerts on event triggers and outcomes, allowing you to closely monitor your upgrades. In case of maintenance failures, it notifies you with the reasons for the failure, reducing operational hassles related to observability and follow-ups. It is a bit more ‘DIY’ than the annoucement suggests - you have to build a Logic App and then hook it in to the ARN maintenance alerts.
• Parallel image pulls by default in AKS (GA) : By default, AKS versions earlier than 1.31 use serialized image pulls. Starting with AKS version 1.31 preview, AKS defaults to parallel image pulls, which are generally more performant.
• IMDS restriction support (Public Preview) : Currently, all pods on AKS nodes can access the AKS worker node’s Azure Instance Metadata Service (IMDS) endpoint. AKS now offers a managed solution that restricts IMDS endpoint access for customer pods. Only AKS system pods and user pods with host network can access IMDS for retrieving information or authentication. Good enhancement to the security of your AKS clusters.
• New AKS Monitoring Experience (Public Preview) : The new Monitoring experience, updating Insights, provides both basic (free) and detailed insights (with enabled Prometheus metrics and logging), offering a unified, single-pane-of-glass experience. The basic experience is available for all AKS users with no configuration required at all.

Azure SQL

• Azure SQL DB Free offer (GA) : Try 10 Azure SQL Databases free of charge for the life of your subscription. With just a couple of clicks, you can power the application you want to build. This new offer provides 10 databases, each with 32 GB General Purpose, serverless Azure SQL database, and 100,000 vCore seconds of compute free every month. Available for any subscription type, free amount renews monthly.
• Service Endpoint Policies for Managed Instances (GA) : Azure SQL Managed Instance now allows service endpoint policies for Azure Storage accounts, allowing you to deny your managed instances from accessing any storage account outside of a set of pre-approved ones. This security mechanism helps guard your data from unauthorized copying (data exfiltration) or configuration errors, like exporting production data to development accounts.

Azure Storage

• Azure Files provisioned v2 billing model for HDD (standard) (GA) : Brings the provisioned v2 billing model for Azure Files (allowing separate specification of storage, IOPS and throughput) to standard HDD-based storage. Available in UK South and UK West.

Azure Virtual Network Manager

• New Pricing for AVNM (GA) : Pricing has moved from a subscription-based model to VNet-based (charged by number of VNets where AVNM is deployed).

Compute

• 6th Generation Intel-based VMs - Dv6/Ev6 (GA) : Higher performance than previous generations, Azure Boost built-in including a new Microsoft Azure Network Adapter, NVMe interface for disks to boost storage performance. Naturally, these are great for AI workloads :-) Available in UK South but not UK West as yet. Blog post.
• Upgrade Gen 1 VMs to Gen 2-Trusted Launch (Public Preview) : Trusted Launch VMs provide foundational compute security to Azure Generation 2 VMs by enabling Secure Boot and vTPM capabilities. Trusted Launch capabilities protect OS against rootkits, boot kits and enables attestation by measuring the boot chain of VM. Make sure you check out the documentation if you’re thinking of doing this - it’s not recommended for Production workloads at the moment, and there are a lot of prerequisites and potential gotchas. Note also that you can create a new Gen 2 VM without Trusted Launch, but the upgrade only supports moving to Trusted Launch.

Infrastructure as Code

• Terraform Azure Verified Modules for Platform Landing Zone (ALZ) (GA) : Terraform modules for deploying platform landing zones, along with their own Terraform provider. Seems to tie in with a big overhaul of Azure Verified Modules and Landing Zone documentation - check it all out!

Summary of Azure snippets for the week commencing 2nd December 2024, grouped by Azure service.

It’s been a little while since I posted, and this one is a bit of a bumper one with MS Ignite having finished recently - a lot of Azure updates have dropped, along with other products. AI is unsurprisingly a big theme once again :-) Check out the Ignite 2024 Book of News for all the details.

Summary of Azure snippets for the week commencing 11th November 2024, grouped by Azure service.

The new Azure updates page is now live (complete with RSS feed - why they could provide that for the updates but not for the new Tech Community platform blogs is a bit beyond me!). Some of the links this week use the old URL format, but they should still work.

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Summary of Azure snippets for the week commencing 28th October 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• API Center
• Azure Storage
• Compute
• Infrastructure as Code

API Center

• API Management & API Center Synchronization (Public Preview) : Link an APIM instance to API Center to sync the API inventory and keep it continuously up to date.

Azure Storage

• Live Resize for Azure Premium SSD v2 and Ultra Disks (GA) : Increase your Premium SSD v2 and Ultra disks’ storage capacity without stopping your VM. Some limitations to this capability and unsupported regions, check the docs carefully.

Compute

• Azure Cobalt 100-based Virtual Machines (GA) : General purpose Dpsv6-series and Dplsv6-series and memory-optimized Epsv6-series VM series. These VMs run on Microsoft’s first 64-bit Arm-based Azure Cobalt 100 CPU, which has been fully designed in-house. Up to 50% better price performance than previous generation Arm-based VMs. Region availability expanding through the rest of 2024, UK South is coming soon.
  • Arm newsroom post

Infrastructure as Code

• AzAPI version 2.0 released (GA) : The AzAPI provider is designed to expedite the integration of new Azure services with HashiCorp Terraform. It functions as a lightweight layer atop the Azure ARM REST APIs, and is a first class provider experience along with the AzureRM provider. Azure resources that might not yet be or may never be supported in AzureRM can be accessed by this provider, including private/public preview services and features. v2.0 now fully supports HCL (no more JSON) among other updates. Both Microsoft and Hashicorp have blog posts comparing AzureRM and AzAPI and scenarios where you might choose one over the other (they’re mostly the same post but with some additional stuff in each :-) There is also now a tool (aztfmigrate) that lets you migrate resources between the two providers.

Summary of Azure snippets for the week commencing 21st October 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• Azure Backup
• Azure Storage
• Compute
• FinOps
• Redis

Azure Backup

• GRS and Cross-Region Restore support for Azure VMs using Premium SSD v2 and Ultra Disk in Azure Backup (GA) : Definite improvement for DR resilience if you’re using Premium SSD v2 or Ultra disks with your VMs. GRS vaults and Cross-Region Restore are currently supported in the following regions for machines using Premium SSDv2 Disks: Southeast Asia, East Asia, North Europe, West Europe, East US, West US, and West US 3. Coming to other regions in later months (not sure this really counts as ‘Generally Available’ yet, if I’m being honest!).

Summary of Azure snippets for the week commencing 30th September 2024, grouped by Azure service. Almost back to normal posting cadence :-)

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• Application Gateway
• Azure Backup
• Azure Cache for Redis
• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Infrastructure as Code
• Network Security Groups
• Virtual Network Manager

Application Gateway

• Azure Application Gateway support for TLS 1.0 and TLS 1.1 will end by 31 August 2025 (RET) : All connections (frontend and backend) to Application Gateway must use Transport Layer Security (TLS) 1.2 or later, as support for TLS 1.0 and 1.1 on Azure Application Gateway will be discontinued starting 31st August 2025.

Azure Backup

• Azure Business Continuity Center (Public Preview) : Centralised management platform for backup and disaster recovery of Azure resources. Will be replacing the Backup Center, which I think we can probably safely regard as deprecated from this point forward. Supports resources in all regions and a variety of sources and scenarios. (No idea why the title of the page on Azure Updates says Generally Available when it’s clearly still in preview :-)

Azure Cache for Redis

• Smaller Enterprise tier cache instance for Azure Cache for Redis (GA) : Following the very pricy Large Enterprise instances, there’s now a more cost-effective smaller one. Runs on burstables and recommended for dev/test only, but very much cheaper than the other Enterprise tiers.

Azure DB for PostgreSQL

• Online migration from Azure Database for PostgreSQL - Single Server to Flexible Server (GA) : Now out of preview, minimal downtime migration for PostgreSQL Single Server instances.

Azure Kubernetes Service

• gRPC and frontend mTLS now available for Application Gateway for Containers (GA) : Application Gateway for Containers now supports gRPC and frontend mutual authentication (mTLS). With both frontend and backend mutual authentication, end-to-end mutual authentication is now possible. This fills what I considered a fairly significant gap in the functionality of App Gateway for Containers, and brings it more in line with other ingress/gateway solutions.
• Long-term support for Kubernetes version 1.27 and 1.30 in AKS (GA) : K8s v1.30 has now joined 1.27 on the AKS LTS list.
• Open Service Mesh add-on for AKS will be retired on September 30, 2027 (RET) : Istio is (currently) the only option for a ’native’ AKS service mesh add-on going forward.
• Virtual machines node pools support in AKS (Public Preview) : With virtual machines node pools, Azure Kubernetes Service directly manages the provisioning and bootstrapping of every single node. (For Virtual Machine Scale Sets node pools, AKS manages the model of the Virtual Machine Scale Sets and uses it to achieve consistency across all nodes in the node pool.) Virtual Machines node pools allow the capability to add multiple VM SKUs of a similar family (e.g. different D-series SKUs) to a single node pool.
• Latest AKS release (GA) : Some ongoing updates from the last release, plus 1.30 in LTS (see above), and AKS patch versions 1.28.13, 1.29.8, 1.30.4 are now available

Infrastructure as Code

• Transition from Helm Repositories to OCI Artifacts for Storing Helm Charts (RET) : Starting March 30th, 2025, Azure Container Registry will no longer support Helm v2. Therefore, the legacy “Helm repositories” functionality will also be retired. After this date, Azure Container Registry will only support storing Helm charts as Open Container Initiative (OCI) Artifacts. Get your migration sorted out where needed - any Helm charts not stored as OCI Artifacts in ACR will be deleted after 30th March 2025!

Network Security Groups

• Network security group flow logs in Azure Network Watcher will be retired (RET) : Flow logs to be retired on 30/9/27, but you won’t be able to create new ones from 30/6/25. Migration path is to virtual network flow logs, and a migration process is available.

Virtual Network Manager

• Azure Virtual Network Monitoring IP address management (Public Preview) : This feature (part of Virtual Network Manager) is designed to streamline and optimise your IP address management, providing you with greater control and efficiency. Tracking IP address use in VNets and subnets to avoid clashes can be tricky in Azure, and if you’re using services such as Private Endpoints which can dynamically assign IP addresses, it gets even harder - something like this could be helpful and maybe remove the need for manual tracking of IPs. Preview available in UK South but not UK West.

And finally, goodbye to Azure Orbital Ground Station, which is being retired on 18th December 2024. Not my usual focus, but I couldn’t let it pass without a note!

This post captures some of the key details I’ve noted while looking at migrating Application Gateways from the V1 SKU to V2:

• Migration Path
• Key config differences between V1 and V2, and between the standard and Private deployment models for V2
• Subnets
• Sizing, Pricing and Resilience
• Outline upgrade steps

Background

Application Gateways (AGs) are used to support load balancing, traffic management and certificate management for applications. Since the initial launch of the V1 SKU, an AG V2 SKU has been introduced with improved performance and additional features. Microsoft have announced that the Application Gateway V1 SKU will be retired on 28th April 2026; no new V1 deployments have been allowed since 28th August 2024. If you haven’t already, you should begin planning to upgrade your Application Gateways to the V2 SKU.

Summary of Azure snippets for the week commencing 16th September 2024, grouped by Azure service. Published slightly later than planned!

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure Kubernetes Service
• Azure Storage
• Infrastructure as Code

Azure Kubernetes Service

• Latest AKS release (GA) : The latest release has almost finished its rollout:
  • AKS v1.27 is now deprecated - long-term support only
  • New versions of KEDA addon deployed

Azure Storage

• Live Resize for Azure Premium SSD v2 and Ultra Disks (Public Preview) : Dynamically increase the storage capacity of your Premium SSD v2 and Ultra disks without causing any disruption to your applications. Still has some significant limitations and is only available in select regions at present.

Infrastructure as Code

• Terraform AzureRM provider 4.0 (GA) : This version includes new capabilities to improve the extensibility and flexibility of the provider: provider-defined functions and improved resource provider registration.

Summary of Azure snippets for the week commencing 9th September 2024, grouped by Azure service. Back to regular posting following holidays - though only a couple of updates this time around.

No monthly summary for August as there was only one other post before this one that wasn’t covered by July’s summary.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Management
• Azure Cache for Redis

API Management

• Workspaces in Azure API Management (GA) : Workspaces enable organizations to manage APIs more productively, securely, and reliably using a federated approach. They function like ‘folders’ within an APIM instance, with access controlled via RBAC. A provisioning enhancement to the developer portal, which can maintain overarching policies, logs, etc. Blog post and documentation.

Azure Cache for Redis

• Larger Enterprise tier cache instances for Azure Cache for Redis (GA) : Large amounts of CPU and memory for the most demanding applications. Very powerful and significantly pricy!