Summary of Azure snippets for the week commencing 19th May 2025, grouped by Azure service.

For all the updates on Azure platform resources and products - Azure updates from Microsoft

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• Azure Backup
• Azure Bastion
• Azure DB for PostgreSQL
• Azure Functions
• Azure Site Recovery
• Azure Storage
• Cloud Services
• Compute
• Copilot
• FinOps
• Governance
• Infrastructure as Code

Azure Backup

• Vaulted backup for Azure Data Lake Storage (Public Preview) : Azure Backup now supports transferring your Azure Data Lake Storage backups to a vault. In this limited public preview, you can configure vaulted backups for block blobs in a HNS-enabled standard general-purpose v2 ADLS Gen2 storage account in specific regions (a very limited set at present).

Summary of Azure snippets for the week commencing 2nd December 2024, grouped by Azure service.

It’s been a little while since I posted, and this one is a bit of a bumper one with MS Ignite having finished recently - a lot of Azure updates have dropped, along with other products. AI is unsurprisingly a big theme once again :-) Check out the Ignite 2024 Book of News for all the details.

Summary of Azure snippets for the week commencing 30th September 2024, grouped by Azure service. Almost back to normal posting cadence :-)

GA = Generally Available
Public/Private Preview = as stated
RET = Service retirement

Azure services with highlighted updates this week:

• Application Gateway
• Azure Backup
• Azure Cache for Redis
• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Infrastructure as Code
• Network Security Groups
• Virtual Network Manager

Application Gateway

• Azure Application Gateway support for TLS 1.0 and TLS 1.1 will end by 31 August 2025 (RET) : All connections (frontend and backend) to Application Gateway must use Transport Layer Security (TLS) 1.2 or later, as support for TLS 1.0 and 1.1 on Azure Application Gateway will be discontinued starting 31st August 2025.

Azure Backup

• Azure Business Continuity Center (Public Preview) : Centralised management platform for backup and disaster recovery of Azure resources. Will be replacing the Backup Center, which I think we can probably safely regard as deprecated from this point forward. Supports resources in all regions and a variety of sources and scenarios. (No idea why the title of the page on Azure Updates says Generally Available when it’s clearly still in preview :-)

Azure Cache for Redis

• Smaller Enterprise tier cache instance for Azure Cache for Redis (GA) : Following the very pricy Large Enterprise instances, there’s now a more cost-effective smaller one. Runs on burstables and recommended for dev/test only, but very much cheaper than the other Enterprise tiers.

Azure DB for PostgreSQL

• Online migration from Azure Database for PostgreSQL - Single Server to Flexible Server (GA) : Now out of preview, minimal downtime migration for PostgreSQL Single Server instances.

Azure Kubernetes Service

• gRPC and frontend mTLS now available for Application Gateway for Containers (GA) : Application Gateway for Containers now supports gRPC and frontend mutual authentication (mTLS). With both frontend and backend mutual authentication, end-to-end mutual authentication is now possible. This fills what I considered a fairly significant gap in the functionality of App Gateway for Containers, and brings it more in line with other ingress/gateway solutions.
• Long-term support for Kubernetes version 1.27 and 1.30 in AKS (GA) : K8s v1.30 has now joined 1.27 on the AKS LTS list.
• Open Service Mesh add-on for AKS will be retired on September 30, 2027 (RET) : Istio is (currently) the only option for a ’native’ AKS service mesh add-on going forward.
• Virtual machines node pools support in AKS (Public Preview) : With virtual machines node pools, Azure Kubernetes Service directly manages the provisioning and bootstrapping of every single node. (For Virtual Machine Scale Sets node pools, AKS manages the model of the Virtual Machine Scale Sets and uses it to achieve consistency across all nodes in the node pool.) Virtual Machines node pools allow the capability to add multiple VM SKUs of a similar family (e.g. different D-series SKUs) to a single node pool.
• Latest AKS release (GA) : Some ongoing updates from the last release, plus 1.30 in LTS (see above), and AKS patch versions 1.28.13, 1.29.8, 1.30.4 are now available

Infrastructure as Code

• Transition from Helm Repositories to OCI Artifacts for Storing Helm Charts (RET) : Starting March 30th, 2025, Azure Container Registry will no longer support Helm v2. Therefore, the legacy “Helm repositories” functionality will also be retired. After this date, Azure Container Registry will only support storing Helm charts as Open Container Initiative (OCI) Artifacts. Get your migration sorted out where needed - any Helm charts not stored as OCI Artifacts in ACR will be deleted after 30th March 2025!

Network Security Groups

• Network security group flow logs in Azure Network Watcher will be retired (RET) : Flow logs to be retired on 30/9/27, but you won’t be able to create new ones from 30/6/25. Migration path is to virtual network flow logs, and a migration process is available.

Virtual Network Manager

• Azure Virtual Network Monitoring IP address management (Public Preview) : This feature (part of Virtual Network Manager) is designed to streamline and optimise your IP address management, providing you with greater control and efficiency. Tracking IP address use in VNets and subnets to avoid clashes can be tricky in Azure, and if you’re using services such as Private Endpoints which can dynamically assign IP addresses, it gets even harder - something like this could be helpful and maybe remove the need for manual tracking of IPs. Preview available in UK South but not UK West.

And finally, goodbye to Azure Orbital Ground Station, which is being retired on 18th December 2024. Not my usual focus, but I couldn’t let it pass without a note!

Summary of Azure snippets for the week commencing 12th August 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Portal/Entra ID

Azure DB for PostgreSQL

• Terraform support for geo-restore in Azure Database for PostgreSQL - Flexible Server (GA) : You can now use Terraform to perform geo-restore for Azure Database for PostgreSQL - Flexible Server data.

Azure Kubernetes Service

• Azure CNI Powered by Cilium & Azure CNI Overlay support in AKS (Public Preview) : Public preview of Azure CNI Overlay dual-stack with Azure CNI powered by Cilium for Linux clusters in AKS is now available. This enhancement enables AKS clusters to support IPv4 and IPv6 network policies, providing greater flexibility and control over network traffic within your Kubernetes environments.

Azure Portal/Entra ID

• Enable multifactor authentication for your tenant by 15 October 2024 (GA) : This has been on the way for a little while - starting 15 October 2024, MS will require users to use multifactor authentication (MFA) to sign into the Azure portal, Microsoft Entra admin center, and Intune admin center. Applies to break-glass accounts as well - check the documentation for more info.

Summary of Azure snippets for the week commencing 22nd July 2024, grouped by Azure service. The Azure Updates site is working again, in its new v2 version, though the RSS feed isn’t yet.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Storage
• Compute
• Governance

Azure DB for PostgreSQL

• Major version upgrade support for PostgreSQL 16 (GA) : Azure Database for PostgreSQL - Flexible Server now supports in-place major version upgrades to PostgreSQL 16. This update offers access to the latest PostgreSQL features with minimal downtime and a simplified upgrade process.

Azure Kubernetes Service

• The latest AKS release is now rolling out :
  • AKS version 1.30 is now GA.
  • AKS patch versions 1.30.2, 1.30.1, 1.29.6, 1.28.11, 1.27.15, are now available (so check your cluster versions for any that now fall into ‘N - 3’ or lower).

Azure Storage

• Convert to Azure Premium SSD v2 disks (Public Preview) : This feature allows you to migrate your existing Standard SSD, Standard HDD, or Premium SSD v1 disks to Pv2 disks in a few clicks with minimal downtime. This process avoids disk destruction, eliminates the need to use snapshots as a staging resource, and doesn’t require waiting for background data copying. Expands the conversion capability and could be very useful if your workloads can take advantage of Premium SSD v2 capabilities - you had to create a new v2 SSD disk from a snapshot previously.

Compute

• 6th generation Intel-based VMs – Dv6/Ev6 (Public Preview) : General Purpose and Memory-optimised variants, initially available in US West and US East. Claimed performance increase over v5 VMs as well as increased scalability. Also support Azure Boost for increased performance (as will all new VM series going forward).

Governance

• Azure Essentials | Azure Migrate and Modernize | Azure Innovate - Curated collections of resources to kick off and develop Azure projects. Quite a heavy focus on AI (unsurprisingly :-) but covers other areas as well. Useful starting points to go with resources like the Well-Architected and Cloud Adoption Frameworks.

Summary of Azure snippets for the week commencing 17th June 2024, grouped by Azure service. I managed to miss a week as the Azure Updates site is currently undergoing maintenance (so the RSS feed isn’t updating) and I’ve only just found its temporary replacement.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Landing Zones
• Azure Resource Manager
• Azure SQL
• Compute
• Virtual Network Manager

Azure DB for PostgreSQL

• IOPS scaling for Flexible Server (GA) : This feature empowers you to dynamically scale your IOPS based on your workload needs. Ensure optimal performance during high-demand operations like migrations or data loads and scale down to save costs when demand decreases.

Azure Kubernetes Service

• kube-egress-gateway (GA) : kube-egress-gateway is an open-source project that offers a scalable and cost-efficient solution for configuring fixed source IPs for Kubernetes pod egress traffic on Azure.
• OS Security Patch channel for Linux in AKS (GA) : SecurityPatch now added to the channels for node OS image upgrades in AKS.
• az command invoke in AKS (GA) : Invoke a command (e.g. running kubectl) remotely in a private cluster through the AKS API, without connecting directly to the cluster. This can be done from a client that isn’t on the cluster’s private network. Access to the command invoke command is controlled through RBAC permissions.
• Kubernetes patch version 1.27.13 now available in AKS (GA)

Azure Landing Zones

• Zone Redundancy and Multi-Region Capabilities in Azure Landing Zones : Being integrated into Bicep and Terraform accelerators by EoY 2024.

Azure Resource Manager

• Change Actor (GA) : Identifying who made a change to your Azure resources and how the change was made just became easier! With Change Analysis, you can now see who initiated the change and with which client that change was made, for changes across all your tenants and subscriptions. Accessed via the Azure Resource Graph.

Azure SQL

• Advance Notifications for Managed Instance (GA) : Get alerts for planned maintenance events 24 hours ahead of time. Works with SQL Maintenance Windows. Configured via Service Health in the Azure Portal.

Compute

• Windows Server 2025 (Public Preview) : Previewing Windows Server 2025 images for VMs

Virtual Network Manager

• Azure Virtual Network Manager mesh and direct connectivity (GA) : Deploy mesh or hub and spoke network topologies for VNets through VMM without having to set up all the peerings manually.

Summary of Azure snippets for the week commencing 6th May 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Center
• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Resource Graph
• Azure Storage
• Cloud Services (classic)
• Defender for Cloud
• Virtual Network Manager
• Virtual Networks

API Center

• API Center (GA) : A centralised solution for delivery, consumption and governance of APIs. Provides (among other features): cataloguing and inventory of APIs (including from APIM), governance and design rule enforcement, API Analysis for consistency and compliance, and a Visual Studio Code extension for an enhanced developer experience. More full featured than I thought - is this the future of the APIM developer portal?
  • Azure API Center GA blog post

Azure DB for PostgreSQL

• Azure Database for PostgreSQL - Flexible Server enhanced disaster recovery features (GA) : Enhancements to the read replicas feature - Virtual Endpoints and promote a read replica to primary server
  • Virtual endpoints for read replicas
  • Promote to primary server
• Azure Database for PostgreSQL - Flexible Server networking with Azure Private Link (GA) : Private Link joins VNet integration as a supported private VNet access method for PostgreSQL Flexible Server
  • Networking with Private Endpoint docs

Azure Kubernetes Service

• Initialization taints (Public Preview) : Temporary taints on AKS nodes, for example if more time is needed to set up nodes
  • Node initialisation taints docs

Azure Resource Graph

• Azure Change Analysis - New Portal experience (Public Preview) : See all resoure changes across all tenants and subscriptions in the Azure Portal. New portal experience includes filtering, grouping and Change Actor (who made the change and how)
  • View resource changes in the Azure portal (Learn)
  • Change Actor (public preview)

Azure Storage

• Azure Storage Actions (public preview) : Serverless and no-code framework for managing storage operations. Currently supports operations on Blobs in Storage Accounts, and isn’t available in UK regions yet.
• SLA on Blob Storage Cold Tier (GA) : Cold tier Blob storage now backed with a Microsoft uptime and connectivity SLA.

Cloud Services (classic)

• Cloud Services (classic) deployment model is retiring on 31 August 2024 : Migrate to Cloud Services (extended support) if you need to keep using them
  • Five classic networking services which depend on classic Cloud Services are also being retired

Defender for Cloud

• Azure Defender for Microsoft Azure Database for PostgreSQL - Flexible Server (GA) : Part of the Defender for open-source relational databases plan which includes MySQL and MariaDB as well. I have no idea why they refer to it as Azure Defender (the old name for Microsoft Defender for Cloud) here!
  • Azure DB for PostgreSQL docs - Defender for Cloud support

Virtual Network Manager

• Virtual Network Manager UDR (Public Preview) : Enabling users to describe their desired routing behavior via configuration, simplifying the management of routing behaviors at scale.
• Azure Virtual Network Manager security admin rule (GA) : Empowering users to enforce security rules across their virtual networks globally.
  • Security admin rule concepts

Virtual Networks

• Virtual network flow logs (GA) : New capability of Network Watcher, enhancing the flow log support already available for NSGs to the VNet scope
  • Azure Networking blog announcement
  • VNet flow logs
• Virtual Network encryption in all regions (GA) : Customers can enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks. This new feature enhances the existing encryption in transit capabilities in Azure.
  • Virtual Network encryption docs