# Azure Governance ⚖️ & Management 🔨
- by mutemwamashekeBackground: Azure Machine Configuration remains committed to enabling greater security and simplicity in at-scale server management for all Azure customers. Machine Configuration (previously known as Azure Policy Guest Configuration) enables both built-in and custom configuration as code allowing you to […]
- by Fernando_VasconcellosThis curated series of modules is designed to equip technical and business decision-makers, including IT, developers, engineers, AI engineers, administrators, solution architects, business analysts, and technology managers, with the practical knowledge and guidance needed to make cost-conscious decisions at every […]
- by BrunoGabrielliHello AMBA-ALZ customers, after some time since our last Time for new exciting news about AMBA-ALZ pattern! blog post it again time for some exciting news. We are very thrilled to share that in September 2025 we were able to reach […]
- by Fernando_VasconcellosWhy cost efficiency matters more than ever In today’s digital-first economy, cost efficiency is top of mind for organizations worldwide. As businesses increasingly rely on cloud and AI technologies to drive innovation, streamline operations, and deliver customer value, the pressure […]
- by AmirBWe’re thrilled to announce the General Availability (GA) of the Enhanced Azure Security Baseline for Linux—a major milestone in cloud-native security and compliance. This release brings powerful, audit-only capabilities to over 1.6 million Linux devices across all Azure regions, helping enterprise […]
- by Goutham_BandapatiWhy capacity reservations matter now Cloud isn’t running out of metal, but demand is compounding and often spikes. Resource strain shows up in specific regions, zones, and VM SKUs, especially for popular CPU families, memory-optimized sizes, and anything involving GPUs. […]
- System-Assigned Identity-based Access for Machine Configuration Packages – GA on both Azure and Arc!by mutemwamashekeBackground: Azure Machine Configuration remains committed to enabling greater security and simplicity in at-scale server management for all Azure customers. Machine Configuration (previously known as Azure Policy Guest Configuration) enables both built-in and custom configuration as code allowing you to […]
- by kenievaWhat are Service groups? Service Groups are a new resource container enabling management and observability scenarios where flexibility in hierarchy and membership is needed. Service Groups are tenant level resources so they can have members across the tenant but do […]
# Azure Infrastructure 🏗️
- by dhaneshuk1. Overview of Shared AKS Architecture 1.1 Goals Accelerate application delivery by providing a hardened shared Kubernetes platform per environment (prod / test / dev). Enable safe multi-tenancy using namespace, RBAC, NetworkPolicy, quotas, and pod security. Enforce consistency (standards, guardrails) […]
- by singhshubIn our previous article Microsoft Dev Box Creation using Terraform, we explored how to create Microsoft Dev Boxes using Terraform. Now, we’ll take the next step: **deploying Dev Box catalogs and synchronizing them with a GitHub repository**. This ensures that […]
- by ibrahimbaigMigrating from NSG Flow Logs to VNet Flow Logs in Azure: Implementation with Terraform Author: Ibrahim Baig (Consultant) Executive Summary Microsoft is retiring Network Security Group (NSG) flow logs and recommends migrating to Virtual Network (VNet) flow logs. After […]
- by AbhishekShawWhy Use Terraform and CSV for Azure Rule Management? When handling numerous input rules—often sourced from locals or auto.tfvars files—Terraform configurations can become unwieldy. By leveraging CSV files for rule definitions and automating their integration with Terraform, you can: Reduce […]
- by SunipMastering Kafka Consumer Lag Monitoring in Azure Event Hubs Introduction Kafka consumer lag is a vital metric for streaming architectures, indicating how far behind consumers are in processing messages. While Apache Kafka provides persistent offset storage and straightforward lag monitoring, […]
- by divyaanAdmission controllers act as Kubernetes’ built-in gatekeepers that intercept API requests after authentication/authorization but before they're persisted to etcd. They can validate or mutate incoming objects, ensuring everything that enters your cluster meets defined policies. We strengthen this mechanism with […]
- by gwaqarBy Gohar Waqar, CVP of Cloud Hardware Infrastructure Engineering, Microsoft Microsoft was the first hyperscaler to deploy the NVIDIA GB300 NVL72 infrastructure at scale – with a fully integrated platform engineered to deliver unprecedented compute density in a single rack […]
- by Sakshi_Gupta22Accidental secret commits are one of the most common and most dangerous security mistakes in modern development. A single leaked API key or connection string can give attackers persistent access long after you’ve deleted the file. The real challenge isn’t […]
# Azure Network Security🔐
- by andrewmathuWe are pleased to announce the General Availability (GA) of the JavaScript Challenge feature for Azure Web Application Firewall (WAF) on Azure Front Door. This capability equips organizations with a seamless, invisible anti-bot verification layer that distinguishes legitimate users from […]
- by surenjamiyanaaBackground Azure Firewall helps secure your network by filtering traffic and enforcing policies for your workloads and applications. DNS Proxy, a key capability in Azure Firewall, enables the firewall to act as a DNS forwarder for DNS traffic. Today, we’re […]
- by ShabazShaikThis blog is written in collaboration with @GustavoModena Introduction Azure Firewall is a cloud-native and intelligent network firewall security service that provides best of breed threat protection for your cloud workloads running in Azure. It’s a fully stateful firewall as […]
- by SaleemBseeuIntroduction Azure Application Gateway Web Application Firewall (WAF) now supports custom HTTP status codes and custom response bodies for blocked requests. This Public Preview feature gives you more control over user experience and client-side handling, aligning with capabilities already available […]
- by andrewmathuWe are excited to announce the General Availability (GA) of the Azure Web Application Firewall (WAF) CAPTCHA challenge for Azure Front Door, empowering customers to better defend their web applications against automated bot attacks while ensuring legitimate users can still […]
- by surenjamiyanaaAzure Firewall protects your applications and workloads with cloud-native network security that automatically scales based on your traffic needs. Today, we’re excited to announce the general availability of prescaling in Azure Firewall – a new capability that gives you more control […]
- by SaleemBseeuWith the adoption of the NIS2 Directive EU 2022 2555, cybersecurity obligations for both public and private sector organizations have become more strict and far reaching. NIS2 aims to establish a higher common level of cybersecurity across the European Union […]
- by ShabazShaikThe internet’s transport layer is undergoing one of its most significant evolutions in decades. QUIC (Quick UDP Internet Connections) — the protocol underpinning HTTP/3 — is rapidly becoming the default for high performance, secure communication on the web. From YouTube streaming […]
# Azure Virtual Desktop (AVD) 🖥️
- by ivaylo_ivanovWindows 10 reaches end of support on October 14, 2025. A great place to learn about all the Windows 10 Extended Security Updates (ESU) options is in our blog post, When to use Windows 10 Extended Security Updates. In this […]
- by Ron_ColemanAzure Virtual Desktop continues to evolve with features that simplify deployment and management of session hosts for our customers. Today, we’re excited to announce the public preview of Ephemeral OS disk support, the latest milestone in our Enhanced Host Pool […]
- by Ron_ColemanWe’re pleased to announce that the Azure Virtual Desktop metadata database is now available in the Korea Central region. This release is part of our ongoing global expansion, following our rollout earlier this year in Southeast Asia. By extending regional […]
- by Rinku_DalwaniWe are excited to announce the public preview of Remote Desktop Protocol (RDP) Multipath for Azure Virtual Desktop. This new feature is designed to enhance remote desktop connectivity and reliability without requiring configuration changes from IT admins and users. By […]
- by JimMoyleWe're excited to announce the general availability of two enhancements to App attach in Azure Virtual Desktop: Support for Microsoft Application Virtualization (App-V) packages, and integration with leading third-party application delivery platforms Liquidware, Numecent, and Omnissa. App attach is a […]
- by femi_adebayoWe are thrilled to announce the general availability of a new Azure Virtual Desktop capability that allows multiple personal desktops to be assigned to a single user within one host pool. This update, previously in public preview, improves upon the […]
- by Derek_SuAs part of the Microsoft Secure Future Initiative (SFI), Azure Virtual Desktop is enhancing its default security by disabling clipboard, drive, USB, and printer redirections for all newly created host pools. This change minimizes the risk of data exfiltration and […]
- by Ron_ColemanWe are pleased to announce that the Azure Virtual Desktop metadata database is now generally available in Southeast Asia. This extends our regional database capability to meet your organization's requirements. We are constantly expanding the footprint of the Azure Virtual […]