Tag: Azure

Azure Weekly

Azure is an ever-changing platform, its amazing just how often its updated, it’s also really hard to stay up to date with the numerous new services and the changes to existing services.

It’s also very hard to keep abreast of all of the Azure news throughout the year, months and weeks.

Azure weekly is a great way to keep up to date with what’s new each and every week.

Azure weekly is brought to you by the folks from Endjin – they do a number of amazing things with Azure and are a company worth checking out.

They are up to week 264 at this time of writing this article, so what are you waiting for? – go find out what’s new recently, subscribe and don’t miss a thing going forward.

You can also contribute content to Azure Weekly, so if you have a blog post and have Azure content contact them and you may end up appearing in the weekly newsletter.

You can also follow Azure Weekly on twitter at @AzureWeekly

Please let me know what you think of Azure Weekly.


Tags:


Azure Advent Calendar wrap-up

The #azureadventcalendar was a shared idea between myself and @pixel_robots

Some quick stats as I write this: –

15,800 thousand YouTube views
15,000 website views from over 120 countries
1,300 hours of videos watched
1,200 subscribers

We set out with the idea of asking the Azure community for 25 videos / blog posts with a Christmas theme, with the idea in mind that it would give people the chance to show off their skills, learn new skills and contribute back to the community over December.

We asked people via twitter who would like to contribute to this idea in the middle of September to give people time to decide if they could manage to contribute in December (a 20-30 minute video isn’t easy, especially towards that time of year).

Before we knew it we had more than 25 filled up and it was clear that this might be a bit more popular than first thought, we increased it to 50 and before you know it we had increased it to 75. In order to avoid too many duplicate subjects we decided to cap it at 75.

Wow! 75 videos/blog post contributions would be pretty amazing.

We considered several ideas but wanted to keep it simple: –

  • Anyone could contribute
  • We could have had advertisements but kept it without as it was a community project for the community by the community and this was important to us both.

I would create the website and keep that up to date daily, and chase people for content, Richard was looking after our YouTube channel and scheduling the videos to go out at midnight.

Richard also designed the logo which I loved the second I saw it and we decided to use this as the brand and he also created video thumbnails for each video for people to use on twitter, videos and blog posts.

Now the real reason this was successful was due to the contributors, we were both blown away by the quality of content from each contributor and the Christmas theme just made it pretty cool.

Richard and I both had our Twitter and LinkedIn full with tweets and articles with the above logo in it, very regularly throughout the month which was super cool to see.

Setup
The website was basic and I was updating it daily with links to blog posts and using a very simple .Net Web app, and using Azure DevOps to build and deploy the web app to Azure, I also made use of staging slots to deploy the changes, check the links etc worked and then swapped the staging slot for production – super easy to do and well worth it.

Richard had the YouTube channel setup with the logo and scheduled the videos to be released using a schedule which was pretty sweet. He also created a thumbnail for each video for the contributor to use as they saw fit.

Highlights
The highlights for me were many, but one that stands out for me personally was seeing people who had never taken part in something like this, some had never created a blog post, many had never created a video before.

The hard part of the project was chasing people for content, especially when it was mid December and everyone is busy!

To end this post I want to mention the next project which you should keep your eye on by Joe Carlyle and Thomas Thornton called the #AzureSpringCleanup – personally looking forward to see more azure community coming together and creating awesome new content.

Please leave any feedback you have on the #azureadventcalendar below.




Azure Resource GitHub Repository

I have started a GitHub repository for a place to put the following so that the community can benefit from resources I have came across from the community.

I’m looking for others to contribute to this so that the community has a place to find helpful info – please take a look, add your study guides, useful links and more in here and help grow the useful resources we come across.

If you have an Azure Exam Study guide let me know and I’ll add a link to it from the Exam folder to your blog or create a quick pull request.

If you have any useful Azure Resources which aren’t listed then please either let me know or create a quick pull request.

I’m gong to be adding to this over time throughout the year, I’m looking for contributors so we can grow this out to be something useful to a lot of people.

Link to the GitHub Repository:- https://github.com/gsuttie/AzureResources




How to Use Azure Role Based Access Control

When it comes to Azure Security there are several options available, in this blog post I’ll cover Role Based Access Control (RBAC for short).

RBAC is about giving access to Azure resources at a granular level, you can give access to the Subscription all the way down to just a single resource within a subscription. This is perfect if you have the scenario where you have a lot of Azure resources and you may just want to give someone access to just a Virtual Machine or maybe just read-only access to say a storage account.

Azure has built in Roles which you can assign to users, the most common of these roles are as follows: –

  • Owner – Has full access to all resources including the right to delegate access to others.
  • Contributor – Can create and manage all types of Azure resources but can‚Äôt grant access to others.
  • Reader – Can view existing Azure resources.
  • User Access Administrator – Lets you manage user access to Azure resources.

You can also create your own custom roles which can be made of different access.

RBAC works when assigned against what’s known as a Security Principal in other words a User, Group, Service Principal or a Managed Identity.

RBAs is made of role definitions and these have action which are assigned to the role definition, an example of this would be say Billing Reader, this allows the user read access to Billing Data. The list of roles are seen below: –

 

 

The last thing we need to touch on is the Scope that the RBAC can be assigned, this can take the form of the following: –

  • Management Group Level
  • Subscription Level
  • Resource Group Level
  • Resource Level

At work we normally give people in the project Contributor access to a Resource Group or Groups and normally one, maybe two at most are Owners of the Subscription. If we wish to give some one read-only access to view resources then we make them a Reader.

If we are working on a project and want to give a new dev Contributor access to a Resource Group, then I would log in as an Owner and then find the subscription, chose the subscription and then select Access Control (IAM), and then Add a Role Assignment.

You can also setup alerts when an Owner gives some other user access to your Azure resources if required.


Tags:


Azure Policies

Unfamiliar with Azure Policies?

Azure Policies start off with you defining a policy within Azure which could be something as simple as implementing a naming convention for lets say a Virtual Machine.

The following policy definition states that when creating an Azure VM it must match the naming convention we specify


An example of how to do this would be as below (in JSON):-


So what we are saying here is that if any user tries to create a Virtual Machine within a Resource Group within Azure then it must be named something like VM-P-ABC-GS01.

To get started with trying this out within the Azure Portal search for Policy at the top of the Azure Portal and you’ll see a screen something like the below: –

Here I have loaded the Policy area of the portal for an existing project and you can see the level of detail and see that I have on overall compliance of 95% on my resources and listed are the Non-compliant state Resources (if I were to expand).

By clicking on any of the non-compliant areas I will be shown all of the non-conforming resources which is awesome.

With Azure policies in place we can enforce naming conventions for a Resource Group, if we want to go further we could use Azure Management Groups – which I will cover in a separate blog post.

But what if I already have resources in place and I want to start using naming conventions with Azure policies?

In that case we need to talk about the contents of a policy definition which you can read up on.

Lets review another Azure policy (in JSON)

In the screen shot above the import part here is the EFFECT part.

Effect

Policy supports the following types of effect:

  • Deny: generates an event in the activity log and fails the request
  • Audit: generates a warning event in activity log but doesn’t fail the request
  • Append: adds the defined set of fields to the request
  • AuditIfNotExists: enables auditing if a resource doesn’t exist
  • DeployIfNotExists: deploys a resource if it doesn’t already exist
  • Disabled: doesn’t evaluate resources for compliance to the policy rule

So if we have resource which we might want to change the name of going forward and we are able to then perhaps use Audit to start off with and then change them to Deny.

Note if you make use of Azure policies and use Azure Devops to create Infrastructure as Code (IaC) then the easiest place to find issues with failing releases is in the build summary log.

Summary

In summary, there is a lot more to Azure policies, here I just wanted to give you some idea of what you can use Azure policies for.


Tags:


Ask Me Anything with Scott Gu – If Carlsberg did meetings…

Mid December 2018, I received a DM on twitter from a new follower @deanbryen which was basically read like so –

Hey Gregor! I know you’ve been doing a ton of stuff with the Azure community both in Scotland and online. Thanks for that!!

We’re organising a small (10-15 people) private event for top UK tech community members to attend an AMA with Scott Guthrie in January. I added you to the list of invitees, so this is me inviting you ūüôā

What:¬† ‚ÄėAzure AMA (ask me anything) with Scott‚Äô An opportunity to have a closed-door discussion with Scott Guthrie on the state of cloud in the UK

So on Friday 18th January I went down to London to the Microsoft Reactor and met with Scott Guthrie to ask him question’s on the status of Azure in the UK¬†– an Ask Me Anything session – not gonna lie I was super excited by this opportunity.

Firstly it was amazing to get recognised as someone with a passion for Azure and be recognised, it felt like a reward for all the hard work I put in with blogging, user group, helping other people and giving feedback on Microsoft products etc. РI get a lot of people saying their inspired by how I took to learning Azure and how they want to do the same.

The meeting was just after 11am, Scott introduced himself and the products and teams he manages, he spoke about .Net, Azure, GitHub, AI, Data and more and if you think about that, that is a huge amount of people and projects to be responsible for.

One thing that struck me was his passion for it and his in-depth knowledge of where the teams are, what’s planned ahead, even down to the release dates¬†for the vnext in these products.¬†¬†GitHub was mentioned a good few times and with Microsoft¬†purchasing it he talked about how¬†recognised how people might react but he knows that GitHub will get even better moving forward for all types of developer’s.

Microsoft want to keep old friends and make new friends¬†and that’s an awesome way to run a company.

It’s not every day your sat in a meeting with the Executive Vice President of the Cloud and Enterprise group¬†at¬†Microsoft.

If your interested to know what Scott is like in person, he’s relaxed, friendly, very engaging, loves hearing feedback (good and bad), and a very nice person indeed, he talks openly and honestly about everything he and Microsoft is doing and how they give back as well.

We talked about a lot of stuff within an hour and here is a list of the things I can remember in the conversation: –

  • Staff Training and how to get staff trained¬†at a professional level for moving to the cloud
  • Azure Governance¬†and how companies can have policies in place
  • Azure Security Centre
  • The new Azure portal homepage and the layout etc – I asked can we customise it (that’s in the pipeline)
  • Containers in Azure, Kubernetes etc
  • Data Centre’s and Carbon footprints as well as renewable energy
  • Microsoft Learn and byte size learning and how its effective and how its been well received
  • Events like Build and Ignite and how the new Ignite events are being well received
  • Cloud Advocates and more regional / local events coming, more Ignite local events coming
  • Visual Studio code and how popular it has become
  • Managed Service Identity (MSI) and how its being built-in more and more going forward into Azure
  • Python tooling that’s coming and how it will be best in class

A lot of the we above we spoke about and these are just my recollection of the main topics that came up, yes we could have stayed there all day asking Scott questions but we had a limited time with him as you can imagine, with more time I’d like to have know what a day-to-day normal day involves.

Before Scott left¬†I managed to introduce myself and grab a selfie which was awesome, not a day or meeting I will forget about anytime soon, If Carlsberg did meetings…

Lastly huge thanks to @deanbryen for the invite, Anna Fear for organising and to the UK Cloud Advocates who I spoke with when we had lunch together.

 

 

 

 


Tags:


Azure CosmosDB – Quick Start Demo App

So one of the hottest thing in Azure these days is without doubt CosmosDB, Cosmos DB is

A database for extremely low latency and massively scalable applications anywhere in the world, with native support for NoSQL

To get started with your very first Azure CosmosDB

  • go into the portal and click ass on Azure CosmosDB
  • give your new database an id
  • choose an API from the options available
    • SQL
    • MongoDB
    • Casandra
    • Azure Table
    • Gremlin (graph)
  • select your Subscription
  • select a resource group / create a new one
  • choose a location
  • optionally turn on geo-redundancy
  • click pin to pin this to your dashboard

For this blog post I chose the SQL API and left geo-redundancy off.


Ok so once you’ve done this click on Quick Start

 

Now you’ll see that you can download a sample app¬†using .Net, .Net Core, Xamarin, Java, node.js and Python¬†which will download code for you to play around with and create a to-do app.

I chose .Net and downloaded the code to my machine and opened it up with Visual Studio, run the code and you have a working to-do application hitting your newly created Azure CosmosDB up in Azure.

Time to go play with Azure CosmosDB, enjoy.

 




Azure Learning Resources

The following is a list of learning resources for your (and my) benefit, this list will be a work in progress and continually updated the more good stuff I come across.

Azure overview, lists ALL of the Azure serviceshttps://azure-overview.com/
Create your first Azure Function using Visual Studio 2017https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-your-first-function-visual-studio
Great link with lots of awesome contenthttps://github.com/markheath/azure-functions-links

Azure Examples on Githubhttps://github.com/azure-samples

Courses

Blogs on Azure

Twitter Accounts to follow

  • @AzureFunctions – The Official account of the Azure Functions Product Team

Tags:


Azure Functions

So I have really gotten into Azure Functions of late and reading about some very clever usages of them, more on that later in another blog post coming soon.

I have also just completed a demo order pipeline using Azure Functions which I learned about from a Pluralsight course by Mark Heath called Azure Functions Fundamentals (highly recommended).

During this you build an order pipeline so you use Postman to send an example order in JSON to your azure function(s) which does a number of things, over the course you’ll add an order to Azure Table Storage, add the order to an Azure Storage Queue, generate a license file using Azure Blob Storage and the generate an email and send the license file using SendGrid a 3rd party email provider.

Then you can use the Azure Table Storage Explorer tool to look into what you’ve managed to create within your tables in Azure Storage.

What I like about this Pluralsight course is that I’m learning and also getting to see great demos of how to go about creating azure functions and using them for real scenarios all be it the code isn’t obviously production ready but its all about the learning at the moment.

I haven’t finished this course yet but I will soon and more blog posts will follow, off the back of this course I am hoping to do a talk on FaaS and Azure Functions at work this coming March.


Tags:


What have I learned so far with Azure?

So I have been getting my hands on Azure recently and just wanted to blog about what I have learned so far so here goes (condensed version as wanting to get back to learning way more)

 

App Service Plans

  • What the different levels are Basic, Standard and Premium and what the differences are.
  • App service plans govern how you pay for it
  • Scale out – beef up the VM or the server
  • Scale up – run more than one instance etc.
  • You can have staging environments and automated backups
  • Consumption plan – only pay for what u use

What is Serverless?

  • There are still servers of course – you delegate the management of them to third party offerings
  • Use third party Paas wherever possible¬†(for example documentDB)
  • Run your custom code on Azure Functions
    – respond to events
    – let the framework work out how many servers you need
    – Functions as a Service (FaaS)

Benefits of Azure functions?

  • Rapid and simple development module
  • Code it within the portal
  • Eliminate boilerplate
  • Extremely reach feature set
  • CI, Kudu, Easy Auth, Certs, Custom Domains, Settings etc. all included
  • Cost effective pricing – only pay for what you use
  • No servers to maintain
  • Automatic scaling

Next up is Azure Functions…

 

 

 


Tags: