Tag: Azure

A New Adventure

I’m very excited to share with you the news that I have accepted a position as an Azure Architect at a company in the Netherlands called Intercept.

Intercept has very recently been awarded Microsoft Partner of the Year 2020 in the Netherlands beating off strong competition from 18 other companies.

Intercept are Microsoft Azure Management Elite Partners and Gold Partners in 7 areas at present which is pretty impressive.

I start my new role on September 1st, I will be working in and around Azure daily and that is what I want to be doing, so to say I am excited is an understatement.

During Covid-19 I was furloughed due to a customer not being able to support remote workers and during this time a great number of people from Twitter and LinkedIn reached out to me asking if I would be interested in working with them. I thank each and every one of you as being furloughed was not much fun but to be asked if I would like to work with you and your companies, that was neat, to say the least.

I interviewed at a number of companies and had numerous fantastic offers given to me but ultimately my new role ticked more boxes than the rest and I couldn’t say no.

The job role as well as the people I had spoken to at Intercept were the deciding factors for me.

Again thank you to everyone who reached out to me, you have no idea how much I appreciated it, beers are on me if we manage to meet in person, going forward.

So I look forward to rolling my sleeves up again and changing career direction ever so slightly. I am a renewed Azure MVP and that’s where I want to be working and learning day to day. I cannot wait to get started and helping people even more in the future.

November 2017 I set myself a goal of becoming an Azure Architect and gaining as much knowledge as I could with Azure – the exams have helped and I look forward to using Azure daily.

I remind myself that I am less than 3 years into my journey, I have a blog, YouTube channel, 11 Azure certification badges as below and I all whilst being a development manager of 10+ people and not using Azure daily.

All it takes is hard work, goals, determination and you can do anything.

Don’t forget to subscribe to my YouTube Channel and you can find me on twitter @gregor_suttie.


DP-900 Azure Data Fundamentals

Happy to share that I sat the Beta for this exam and passed – here is a link to my study guide https://gregorsuttie.com/2020/06/09/dp-900-microsoft-azure-data-fundamentals-exam-study-guide/

Another exam done, and the data side of Azure is something I would love to explore further if I ever get the chance.

Don’t forget to subscribe to my YouTube Channel.

DP-900 Microsoft Azure Data Fundamentals exam Study Guide

Describe core data concepts (15-20%)

Describe types of core data workloads

Azure Weekly

Azure is an ever-changing platform, its amazing just how often its updated, it’s also really hard to stay up to date with the numerous new services and the changes to existing services.

It’s also very hard to keep abreast of all of the Azure news throughout the year, months and weeks.

Azure weekly is a great way to keep up to date with what’s new each and every week.

Azure weekly is brought to you by the folks from Endjin – they do a number of amazing things with Azure and are a company worth checking out.

They are up to week 264 at this time of writing this article, so what are you waiting for? – go find out what’s new recently, subscribe and don’t miss a thing going forward.

You can also contribute content to Azure Weekly, so if you have a blog post and have Azure content contact them and you may end up appearing in the weekly newsletter.

You can also follow Azure Weekly on twitter at @AzureWeekly

Please let me know what you think of Azure Weekly.


Azure Advent Calendar wrap-up

The #azureadventcalendar was a shared idea between myself and @pixel_robots

Some quick stats as I write this: –

15,800 thousand YouTube views
15,000 website views from over 120 countries
1,300 hours of videos watched
1,200 subscribers

We set out with the idea of asking the Azure community for 25 videos / blog posts with a Christmas theme, with the idea in mind that it would give people the chance to show off their skills, learn new skills and contribute back to the community over December.

We asked people via twitter who would like to contribute to this idea in the middle of September to give people time to decide if they could manage to contribute in December (a 20-30 minute video isn’t easy, especially towards that time of year).

Before we knew it we had more than 25 filled up and it was clear that this might be a bit more popular than first thought, we increased it to 50 and before you know it we had increased it to 75. In order to avoid too many duplicate subjects we decided to cap it at 75.

Wow! 75 videos/blog post contributions would be pretty amazing.

We considered several ideas but wanted to keep it simple: –

  • Anyone could contribute
  • We could have had advertisements but kept it without as it was a community project for the community by the community and this was important to us both.

I would create the website and keep that up to date daily, and chase people for content, Richard was looking after our YouTube channel and scheduling the videos to go out at midnight.

Richard also designed the logo which I loved the second I saw it and we decided to use this as the brand and he also created video thumbnails for each video for people to use on twitter, videos and blog posts.

Now the real reason this was successful was due to the contributors, we were both blown away by the quality of content from each contributor and the Christmas theme just made it pretty cool.

Richard and I both had our Twitter and LinkedIn full with tweets and articles with the above logo in it, very regularly throughout the month which was super cool to see.

The website was basic and I was updating it daily with links to blog posts and using a very simple .Net Web app, and using Azure DevOps to build and deploy the web app to Azure, I also made use of staging slots to deploy the changes, check the links etc worked and then swapped the staging slot for production – super easy to do and well worth it.

Richard had the YouTube channel setup with the logo and scheduled the videos to be released using a schedule which was pretty sweet. He also created a thumbnail for each video for the contributor to use as they saw fit.

The highlights for me were many, but one that stands out for me personally was seeing people who had never taken part in something like this, some had never created a blog post, many had never created a video before.

The hard part of the project was chasing people for content, especially when it was mid December and everyone is busy!

To end this post I want to mention the next project which you should keep your eye on by Joe Carlyle and Thomas Thornton called the #AzureSpringCleanup – personally looking forward to see more azure community coming together and creating awesome new content.

Please leave any feedback you have on the #azureadventcalendar below.

Azure Resource GitHub Repository

I have started a GitHub repository for a place to put the following so that the community can benefit from resources I have came across from the community.

I’m looking for others to contribute to this so that the community has a place to find helpful info – please take a look, add your study guides, useful links and more in here and help grow the useful resources we come across.

If you have an Azure Exam Study guide let me know and I’ll add a link to it from the Exam folder to your blog or create a quick pull request.

If you have any useful Azure Resources which aren’t listed then please either let me know or create a quick pull request.

I’m gong to be adding to this over time throughout the year, I’m looking for contributors so we can grow this out to be something useful to a lot of people.

Link to the GitHub Repository:- https://github.com/gsuttie/AzureResources

How to Use Azure Role Based Access Control

When it comes to Azure Security there are several options available, in this blog post I’ll cover Role Based Access Control (RBAC for short).

RBAC is about giving access to Azure resources at a granular level, you can give access to the Subscription all the way down to just a single resource within a subscription. This is perfect if you have the scenario where you have a lot of Azure resources and you may just want to give someone access to just a Virtual Machine or maybe just read-only access to say a storage account.

Azure has built in Roles which you can assign to users, the most common of these roles are as follows: –

  • Owner – Has full access to all resources including the right to delegate access to others.
  • Contributor – Can create and manage all types of Azure resources but can’t grant access to others.
  • Reader – Can view existing Azure resources.
  • User Access Administrator – Lets you manage user access to Azure resources.

You can also create your own custom roles which can be made of different access.

RBAC works when assigned against what’s known as a Security Principal in other words a User, Group, Service Principal or a Managed Identity.

RBAs is made of role definitions and these have action which are assigned to the role definition, an example of this would be say Billing Reader, this allows the user read access to Billing Data. The list of roles are seen below: –



The last thing we need to touch on is the Scope that the RBAC can be assigned, this can take the form of the following: –

  • Management Group Level
  • Subscription Level
  • Resource Group Level
  • Resource Level

At work we normally give people in the project Contributor access to a Resource Group or Groups and normally one, maybe two at most are Owners of the Subscription. If we wish to give some one read-only access to view resources then we make them a Reader.

If we are working on a project and want to give a new dev Contributor access to a Resource Group, then I would log in as an Owner and then find the subscription, chose the subscription and then select Access Control (IAM), and then Add a Role Assignment.

You can also setup alerts when an Owner gives some other user access to your Azure resources if required.


Azure Policies

Unfamiliar with Azure Policies?

Azure Policies start off with you defining a policy within Azure which could be something as simple as implementing a naming convention for lets say a Virtual Machine.

The following policy definition states that when creating an Azure VM it must match the naming convention we specify

An example of how to do this would be as below (in JSON):-

So what we are saying here is that if any user tries to create a Virtual Machine within a Resource Group within Azure then it must be named something like VM-P-ABC-GS01.

To get started with trying this out within the Azure Portal search for Policy at the top of the Azure Portal and you’ll see a screen something like the below: –

Here I have loaded the Policy area of the portal for an existing project and you can see the level of detail and see that I have on overall compliance of 95% on my resources and listed are the Non-compliant state Resources (if I were to expand).

By clicking on any of the non-compliant areas I will be shown all of the non-conforming resources which is awesome.

With Azure policies in place we can enforce naming conventions for a Resource Group, if we want to go further we could use Azure Management Groups – which I will cover in a separate blog post.

But what if I already have resources in place and I want to start using naming conventions with Azure policies?

In that case we need to talk about the contents of a policy definition which you can read up on.

Lets review another Azure policy (in JSON)

In the screen shot above the import part here is the EFFECT part.


Policy supports the following types of effect:

  • Deny: generates an event in the activity log and fails the request
  • Audit: generates a warning event in activity log but doesn’t fail the request
  • Append: adds the defined set of fields to the request
  • AuditIfNotExists: enables auditing if a resource doesn’t exist
  • DeployIfNotExists: deploys a resource if it doesn’t already exist
  • Disabled: doesn’t evaluate resources for compliance to the policy rule

So if we have resource which we might want to change the name of going forward and we are able to then perhaps use Audit to start off with and then change them to Deny.

Note if you make use of Azure policies and use Azure Devops to create Infrastructure as Code (IaC) then the easiest place to find issues with failing releases is in the build summary log.


In summary, there is a lot more to Azure policies, here I just wanted to give you some idea of what you can use Azure policies for.


Ask Me Anything with Scott Gu – If Carlsberg did meetings…

Mid December 2018, I received a DM on twitter from a new follower @deanbryen which was basically read like so –

Hey Gregor! I know you’ve been doing a ton of stuff with the Azure community both in Scotland and online. Thanks for that!!

We’re organising a small (10-15 people) private event for top UK tech community members to attend an AMA with Scott Guthrie in January. I added you to the list of invitees, so this is me inviting you 🙂

What:  ‘Azure AMA (ask me anything) with Scott’ An opportunity to have a closed-door discussion with Scott Guthrie on the state of cloud in the UK

So on Friday 18th January I went down to London to the Microsoft Reactor and met with Scott Guthrie to ask him question’s on the status of Azure in the UK – an Ask Me Anything session – not gonna lie I was super excited by this opportunity.

Firstly it was amazing to get recognised as someone with a passion for Azure and be recognised, it felt like a reward for all the hard work I put in with blogging, user group, helping other people and giving feedback on Microsoft products etc. – I get a lot of people saying their inspired by how I took to learning Azure and how they want to do the same.

The meeting was just after 11am, Scott introduced himself and the products and teams he manages, he spoke about .Net, Azure, GitHub, AI, Data and more and if you think about that, that is a huge amount of people and projects to be responsible for.

One thing that struck me was his passion for it and his in-depth knowledge of where the teams are, what’s planned ahead, even down to the release dates for the vnext in these products.  GitHub was mentioned a good few times and with Microsoft purchasing it he talked about how recognised how people might react but he knows that GitHub will get even better moving forward for all types of developer’s.

Microsoft want to keep old friends and make new friends and that’s an awesome way to run a company.

It’s not every day your sat in a meeting with the Executive Vice President of the Cloud and Enterprise group at Microsoft.

If your interested to know what Scott is like in person, he’s relaxed, friendly, very engaging, loves hearing feedback (good and bad), and a very nice person indeed, he talks openly and honestly about everything he and Microsoft is doing and how they give back as well.

We talked about a lot of stuff within an hour and here is a list of the things I can remember in the conversation: –

  • Staff Training and how to get staff trained at a professional level for moving to the cloud
  • Azure Governance and how companies can have policies in place
  • Azure Security Centre
  • The new Azure portal homepage and the layout etc – I asked can we customise it (that’s in the pipeline)
  • Containers in Azure, Kubernetes etc
  • Data Centre’s and Carbon footprints as well as renewable energy
  • Microsoft Learn and byte size learning and how its effective and how its been well received
  • Events like Build and Ignite and how the new Ignite events are being well received
  • Cloud Advocates and more regional / local events coming, more Ignite local events coming
  • Visual Studio code and how popular it has become
  • Managed Service Identity (MSI) and how its being built-in more and more going forward into Azure
  • Python tooling that’s coming and how it will be best in class

A lot of the we above we spoke about and these are just my recollection of the main topics that came up, yes we could have stayed there all day asking Scott questions but we had a limited time with him as you can imagine, with more time I’d like to have know what a day-to-day normal day involves.

Before Scott left I managed to introduce myself and grab a selfie which was awesome, not a day or meeting I will forget about anytime soon, If Carlsberg did meetings…

Lastly huge thanks to @deanbryen for the invite, Anna Fear for organising and to the UK Cloud Advocates who I spoke with when we had lunch together.






Azure CosmosDB – Quick Start Demo App

So one of the hottest thing in Azure these days is without doubt CosmosDB, Cosmos DB is

A database for extremely low latency and massively scalable applications anywhere in the world, with native support for NoSQL

To get started with your very first Azure CosmosDB

  • go into the portal and click ass on Azure CosmosDB
  • give your new database an id
  • choose an API from the options available
    • SQL
    • MongoDB
    • Casandra
    • Azure Table
    • Gremlin (graph)
  • select your Subscription
  • select a resource group / create a new one
  • choose a location
  • optionally turn on geo-redundancy
  • click pin to pin this to your dashboard

For this blog post I chose the SQL API and left geo-redundancy off.

Ok so once you’ve done this click on Quick Start


Now you’ll see that you can download a sample app using .Net, .Net Core, Xamarin, Java, node.js and Python which will download code for you to play around with and create a to-do app.

I chose .Net and downloaded the code to my machine and opened it up with Visual Studio, run the code and you have a working to-do application hitting your newly created Azure CosmosDB up in Azure.

Time to go play with Azure CosmosDB, enjoy.