Category: Microsoft Azure Stack

Azure Policy

Keep control of your Azure environment with Azure Policy

Keeping control of your Azure environment and your Azure tenant can be challenging. Azure Policy is a fundamental part of Azure Governance to maintain control of your environment. With Azure Policy, you can enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. For example, you can limit the deployment to specific virtual machines types and sizes, or block different Azure regions from being used. You can still give developers and IT Pros access to the Azure environment and subscriptions but always stay in control.

  • Real-time policy enforcement and evaluation
  • Cloud policy management and security at scale
  • Automated remediation of existing resources
  • Comprehensive compliance view of all your resources across your Azure subscriptions

You use Azure Policy not just to enforce rules, but also to only audit your environment. This enables you to see the resources which are not compliant with your company policies instead of just blocking the deployment.

Have a look at my other blog posts about:

Cloud-Native Governance

Cloud-Native Governance

Why not just use RBAC?

Azure Policy is complementary to role-based access control (RBAC), and are both part of the overall Azure Governance tools.

There are a few key differences between Azure Policy and role-based access control (RBAC). RBAC focuses on user actions at different scopes. You might be added to the contributor role for a resource group, allowing you to make changes to that resource group. Azure Policy focuses on resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources. Unlike RBAC, Azure Policy is a default allow and explicit deny system.



Microsoft Ignite The Tour Amsterdam 2019 Thomas Maurer Speaking

Speaking at Microsoft Ignite The Tour 2020 Amsterdam

I am happy to let you know that I will be speaking at Microsoft Ignite The Tour in Amsterdam. This will be my stop number 7 for Microsoft Ignite The Tour (MITT) 2019-2020 after Shenzhen, London, Milan, Prague, Copenhagen, and my home tour stop in Zürich, Switzerland. Last year I had a lot of fun at Microsoft Ignite The Tour 2019. For those who haven’t heard of MITT yet, Microsoft Ignite The Tour brings the very best of Microsoft Ignite to a city near you. The tour provides technical training led by Microsoft experts and your community. You’ll learn new ways to build solutions, migrate and manage infrastructure, and connect with local industry leaders and peers.

  • Date: March 11-12, 2020
  • Location: RAI Amsterdam

By the way, if you are interested in taking a Microsoft certification exam for free, check out the following blog post: Free Microsoft Certification exam voucher at Microsoft Ignite The Tour 2020. We also offer free certification vouchers at Microsoft Ignite in Amsterdam.

Microsoft Ignite The Tour Amsterdam

Our industry-leading conference is hitting the road—and coming to a city near you. You don’t want to miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. Get on the list today!

I will be speaking in the Microsoft Ignite The Tour learning paths. I am thrilled to show you some cool stuff about PowerShell, Windows Server 2019, Windows Admin Center, Azure Arc, and much more! I will be presenting the following sessions:

MSI20 - Hybrid management technologies

Tailwind Traders has now migrated the majority of their server hosts from Windows Server 2008 R2 to Windows Server 2019. Now, they are interested in the Azure hybrid technologies that are readily available to them. In this session, learn how Tailwind Traders began using Windows Admin Center and Azure Arc to manage its fleet of Windows Server computers and integrated hybrid technologies, such as Azure File Sync, Azure Site Recovery, and Azure Update Management, to improve deployment performance and manageability.

MCO20 - Azure governance and management

Tailwind Traders’ deployments are occurring in an ad hoc manner, primarily driven by lack of protocol and unapproved decisions by various operators or employees. Some deployments even violate the organization’s compliance obligations, such as being deployed in an unencrypted manner without DR protection. After bringing their existing IaaS VM fleet under control, Tailwind Traders wants to ensure future deployments comply with policy and organizational requirements. In this session, walk through the processes and technologies that will keep Tailwind Traders’ deployments in good standing with the help of Azure Blueprints, Azure Policy, role-based access control (RBAC), and more.

I am looking forward to speaking at Microsoft Ignite The Tour (MITT) 2019-2020 in Amsterdam. Let me know in the comments if you are going too, and I hope to see you there!



Microsoft Ignite The Tour 2020

Speaking at Microsoft Ignite The Tour 2020 Zürich

I am exiting to let you know that I will be speaking at Microsoft Ignite The Tour in Zürich. This will not only be my 6th Microsoft Ignite The Tour (MITT) stop after Shenzhen, London, Milan, Prague, and Copenhagen, and it will also be my home tour stop in Zürich, Switzerland. For those who haven’t heard of MITT yet, Microsoft Ignite The Tour brings the very best of Microsoft Ignite to a city near you. The tour provides technical training led by Microsoft experts and your community. You’ll learn new ways to build solutions, migrate and manage infrastructure, and connect with local industry leaders and peers.

  • Date: March 4-5, 2020
  • Location: Hallenstadion, Zürich

Microsoft Ignite The Tour Zürich

Our industry-leading conference is hitting the road—and coming to a city near you. You don’t want to miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. Get on the list today!

I will be speaking in the Microsoft Ignite The Tour learning paths. I am thrilled to show you some cool stuff about PowerShell, Windows Server 2019, Windows Admin Center, Azure Arc, and much more! I will be presenting the following sessions:

MSI20 - Hybrid management technologies

Tailwind Traders has now migrated the majority of their server hosts from Windows Server 2008 R2 to Windows Server 2019. Now, they are interested in the Azure hybrid technologies that are readily available to them. In this session, learn how Tailwind Traders began using Windows Admin Center and Azure Arc to manage its fleet of Windows Server computers and integrated hybrid technologies, such as Azure File Sync, Azure Site Recovery, and Azure Update Management, to improve deployment performance and manageability.

MCO20 - Azure governance and management

Tailwind Traders’ deployments are occurring in an ad hoc manner, primarily driven by lack of protocol and unapproved decisions by various operators or employees. Some deployments even violate the organization’s compliance obligations, such as being deployed in an unencrypted manner without DR protection. After bringing their existing IaaS VM fleet under control, Tailwind Traders wants to ensure future deployments comply with policy and organizational requirements. In this session, walk through the processes and technologies that will keep Tailwind Traders’ deployments in good standing with the help of Azure Blueprints, Azure Policy, role-based access control (RBAC), and more.

I am looking forward to speaking at Microsoft Ignite The Tour (MITT) 2019-2020 in Zürich. Let me know in the comments if you are going too, and I hope to see you there!



Azure 10 Birthday

A decade later: Microsoft Azure at ten – Interview on Nigel Frank

Microsoft Azure just celebrated its 10th birthday. I had the chance to be interview by Nigel Frank International about the last ten years, today and the future. Right for the 10th birthday of Microsoft Azure. you can read the full interview here, where Microsoft MVPs, Mark Scholman and Charbel Nemnom together with myself answer a couple of questions like:

  • Did you encounter any skepticism in the early days, surrounding both Azure and broader cloud technology?
  • In the ten years since Azure’s official launch, has the product evolved as you expected?
  • How does each of you view the influence Azure has had on the cloud technology industry?
  • Can you pinpoint any turning points over the last ten years when Azure stood out as something of a game-changer?
  • Finally, what would you like to see next from Microsoft Azure?

Originally titled Windows Azure upon its official launch in February 2010—a moniker that would change to Microsoft Azure some four years later—the cloud platform has changed the face of computing on a scale previously unimagined.

A decade on, the service has arguably developed beyond recognition, expanding and adapting at regular intervals to help businesses of all shapes and sizes. The freedom to build, deploy and manage applications on a global scale is just one consequence, with 95% of Fortune 500 companies putting their faith (and trust) in the product.

To mark the platform’s tenth birthday, we sat down with Azure Stack consultant Mark Scholman, Microsoft Senior Cloud Advocate Thomas Maurer, and Cloud Architect and ICT Security Expert Charbel Nemnom—three Microsoft MVPs who have used Azure in all of its guises on a daily basis—to talk about the journey so far and the future of cloud computing.

I am looking forward to the next ten years of Microsoft Azure, especially since I am now part of the Azure team. And if you want to learn more about Microsoft Azure, check out my blog post about learning Microsoft Azure in 2020!

  • Azure Architecture Center – The Azure Architecture Center contains guidance for building end-to-end solutions on Microsoft Azure. Here you will find reference architectures, best practices, design patterns, scenario guides, and reference implementations.
  • Cloud Adoption Framework – The Cloud Adoption Framework is the One Microsoft approach to cloud adoption in Azure, consolidating, and sharing best practices from Microsoft employees, partners, and customers. The framework gives customers a set of tools, guidance, and narratives that help shape technology, business, and people strategies for driving desired business outcomes during their adoption effort. This guidance aligns to the following phases of the cloud adoption lifecycle, like Strategy, Plan, Ready, Migrate, Innovate, Govern, and Manage.
  • Azure Migration Center – Get all the tools and resources you need to migrate your apps, data, and infrastructure at your own pace, with confidence.
  • Azure Architecture Framework – A successful cloud solution requires to focus on these five pillars of architecture excellence: Cost, DevOps, Resiliency, Scalability, and Security. The Azure Architecture Framework helps you to build on these pillars.
  • Azure Reference Architectures – The Reference Architectures are a set of recommended architectures for Azure. Each architecture includes best practices, prescriptive steps, and a deployable solution.
  • Architectural decision guides – The architectural decision guides in the Cloud Adoption Framework describe patterns and models that help when creating cloud governance design guidance.
  • Cloud Operating model – Establish an operating model for the cloud
  • Azure Hybrid – Learn about Azure Hybrid Cloud with features and services like Azure Stack, Azure Arc, and many more.
  • Azure Security – Learn about Azure and security
  • Azure compliance – Get an overview of compliance in Microsoft Azure, with more than 90 compliance offerings
  • Azure pricing – learn about how Azure pricing works and how you can save costs and get the best value at every stage of your cloud journey.

I hope you enjoy the interview. If you have any questions, let me know in the comments.



Speaking at Microsoft Ignite 2019

Speaking at Microsoft Ignite The Tour 2020 Copenhagen

My 5th Microsoft Ignite The Tour (MITT) stop after Shenzhen, London, Milan and Prague will be Microsoft Ignite The Tour in Copenhagen. Microsoft Ignite The Tour brings the very best of Microsoft Ignite to a city near you. The tour provides technical training led by Microsoft experts and your community. You’ll learn new ways to build solutions, migrate and manage infrastructure, and connect with local industry leaders and peers.

  • Date: February 27–28, 2020
  • Location: Bella Center, Copenhagen

Microsoft Ignite The Tour Copenhagen

Our industry-leading conference is hitting the road—and coming to a city near you. You don’t want to miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. Get on the list today!

I will be speaking in the Microsoft Ignite The Tour learning paths. I am thrilled to show you some cool stuff about PowerShell, Windows Server 2019, Windows Admin Center, Azure Arc, and much more! I will be presenting the following sessions:

MSI20 - Hybrid management technologies

Tailwind Traders has now migrated the majority of their server hosts from Windows Server 2008 R2 to Windows Server 2019. Now, they are interested in the Azure hybrid technologies that are readily available to them. In this session, learn how Tailwind Traders began using Windows Admin Center and Azure Arc to manage its fleet of Windows Server computers and integrated hybrid technologies, such as Azure File Sync, Azure Site Recovery, and Azure Update Management, to improve deployment performance and manageability.

MCO20 - Azure governance and management

Tailwind Traders’ deployments are occurring in an ad hoc manner, primarily driven by lack of protocol and unapproved decisions by various operators or employees. Some deployments even violate the organization’s compliance obligations, such as being deployed in an unencrypted manner without DR protection. After bringing their existing IaaS VM fleet under control, Tailwind Traders wants to ensure future deployments comply with policy and organizational requirements. In this session, walk through the processes and technologies that will keep Tailwind Traders’ deployments in good standing with the help of Azure Blueprints, Azure Policy, role-based access control (RBAC), and more.

By the way, if you are interested in taking a Microsoft certification exam for free, check out the following blog post: Free Microsoft Certification exam voucher at Microsoft Ignite The Tour 2020. We also offer free certification vouchers at Microsoft Ignite in Copenhagen.

I am looking forward to speaking at Microsoft Ignite The Tour (MITT) 2019-2020 in Copenhagen. Let me know in the comments if you are going too, and I hope to see you there!



Microsoft Ignite The Tour 2020

Speaking at Microsoft Ignite The Tour 2020 Prague

After my first three Microsoft Ignite The Tour (MITT) stops in Shenzhen, London, and Milan, I am happy and honored that my fourth stop of Microsoft Ignite The Tour will be in Prague. By the way, if you are interested in taking a Microsoft certification exam for free, check out the following blog post: Free Microsoft Certification exam voucher at Microsoft Ignite The Tour 2020. We also offer the free certification vouchers at Microsoft Ignite in Prague.

  • Date: February 24–25, 2020
  • Location: Prague Congress Centre

Microsoft Ignite The Tour Prague

Our industry-leading conference is hitting the road—and coming to a city near you. You don’t want to miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. Get on the list today!

I will be speaking in the Microsoft Ignite The Tour learning paths. I am thrilled to show you some cool stuff about PowerShell, Windows Server 2019, Windows Admin Center, Azure Arc, and much more! I will be presenting the following sessions:

MSI20 - Hybrid management technologies

Tailwind Traders has now migrated the majority of their server hosts from Windows Server 2008 R2 to Windows Server 2019. Now, they are interested in the Azure hybrid technologies that are readily available to them. In this session, learn how Tailwind Traders began using Windows Admin Center and Azure Arc to manage its fleet of Windows Server computers and integrated hybrid technologies, such as Azure File Sync, Azure Site Recovery, and Azure Update Management, to improve deployment performance and manageability.

MCO20 - Azure governance and management

Tailwind Traders’ deployments are occurring in an ad hoc manner, primarily driven by lack of protocol and unapproved decisions by various operators or employees. Some deployments even violate the organization’s compliance obligations, such as being deployed in an unencrypted manner without DR protection. After bringing their existing IaaS VM fleet under control, Tailwind Traders wants to ensure future deployments comply with policy and organizational requirements. In this session, walk through the processes and technologies that will keep Tailwind Traders’ deployments in good standing with the help of Azure Blueprints, Azure Policy, role-based access control (RBAC), and more.

I am looking forward to speaking at Microsoft Ignite The Tour (MITT) 2019-2020 in Prague. Let me know in the comments if you are going too, and I hope to see you there!



How to Reduce the Costs of your Azure IaaS VMs

How to Reduce the Costs of your Azure IaaS VMs

Azure Infrastructure-as-a-service (IaaS) offers significant benefits over traditional virtualization. With benefits like the possibility to quickly spin up a couple of virtual machine in any Azure region around the world whenever you need it, is pretty powerful. There are a lot more benefits to Azure IaaS virtual machines. However, that’s not part of this blog. This blog post is focused on helping you saving money by reducing the costs when you are using Azure IaaS virtual machines (VM). Some of the tips here will help everyone out there, some of the tips

Pick the right Azure VM series and the right Azure VM size

Reduce cost by picking the right Azure VM size

Reduce cost by picking the right Azure VM size

First of all, obviously, you pay more for larger virtual machines. Something I realized by working with a lot of customers is that they take the on-premises VM size and use the equivalent size in Azure. Not realizing that the VM size they had was way to oversized. But since they had the static capacity on-prem, they didn’t’ care. Now when you pay for more capacity in the cloud, the story is different. So make sure you realize that the Azure VM sizes are not oversized. You can still change the size later to a larger virtual machine if needed. And if you are looking at tools like Azure Migrate to migrate your existing VMs to Azure IaaS, you will have some additional advantages. Azure Migrate asses your environment and helps you pick the right Azure VM size depending on performance data history. Azure Migrate works with Hyper-V and VMware virtual machines, if you want to know more about Azure Migrate, check out my blog post. If you are already running the virtual machine in Azure, Azure Advisor can be helpful to figure out that your virtual machine is underutilized. Picking the right size will help you to save money and reduce the cost of Azure IaaS VMs.