Issue 342: 26th September 2021
Following on from last week's OMIGOD vulnerability, Bruno Gabrielli highlights a Azure Monitor OMI Vulnerabilities Rapid Check Workbook.
It's been a long wait, but Azure Functions runtime 4.0 is now in public preview, and Mark Heath has a good blog post delving into the isolation model in "Is it time to start creating C# Azure Functions in isolated mode?". While we're on the subject of previews, Radu Vunvulea has published a usefil post on the differences between GA, Private and Public Preview on Azure Services and Features. Staying with Serverless, AzureServerlessConf - is running online Sep 29-30, each day targeting a different time zone.
Other interesting articles this week are: Azure Cosmos DB: autoscale, session state, monitoring, and more Azure Friday, Real-Time Streaming using Power BI Streaming Dataset, a re-badging of various high level AI / ML / Cognitive services is outlined in All you need to know about Azure Applied AI Services. Andreas Wolter has a nice post on Security concepts: Audit Trail, and something that will help anyone managing an Azure Virtual Desktop Environment - General Availability of Azure AD-joined VMs support. There is an interesting announcement in the IoT space: enable industrial device connectivity with thousands of partner-provided Azure IoT Plug and Play device profiles. Hopefully this will make as big an impact is PnP had in the consumer space (if anyone can remember how painful peripherals were before USB & PnP).
Finally, this week marked the end of endjin's summer internship programme. We had over 300 applications and whittled the candidates down to a cohort consisting of Amy, Klaudia, Charlotte and Thea. While Charlotte is studying Computer Science, the rest of the cohort are studying a mixture of Biomedical Engineering and Electronics Engineering. I encouraged them to keep a journal throughout the internship to document their internship, and while they started with no cloud experience and a tiny bit of exposure to data any python (most Universities seem to teach Python courses), their progress over the two months was impressive. They delivered huge amounts of value, and I would highly recommend running your own summer internship programme, if you need convincing, read their write-ups: Amy's summer as an intern endjineer, My internship experience, Charlotte's Internship Blog, From start to finish: my internship at endjin.
Issue 341: 19th September 2021
Another vulnerability was announced in the last week. 'OMIGOD' was discovered by Wiz (who also discovered the Cosmos DB / Jupyter Notebook vulnerability). For more details see the following article Microsoft Azure OMI Vulnerabilities, Dubbed 'OMIGOD,' Still Not Patched.
There are some interesting articles buried in the newsletter this week. A feature we've been waiting for all year is finally here: Azure Synapse Analytics RBAC roles are now Generally Available. We've been talking about CodeOps for a while now, and one of the items on our internal TODO list is gathering telemetry we can use for analytics. So I was very pleased to see the Introducing Azure DevOps Audit Stream post this week. In a similar vein OpenTelemetry + Azure Monitor is worth reading. I'm very happy to see this broad adoption; it's much needed.
There's some really interesting content in the AI space this week. First, the latest updates on Azure Neural TTS: new voices for casual conversations are quite impressive - I'd recommend taking a listen to the audio samples contained in this post. I particularly enjoyed Visualize AI events in real-time from Azure Video Analyzer using Power BI, it's a really compelling example of how you can extract signals from unstructured content which can then be fed into Machine Learning models for actionable insights. I'm fascinated by Natural Language Processing (we use a form of this this in Azure Weekly to do article classification), so this week's AI Show is particularly interesting as it covers custom NLP tasks with Verseagility, I'm looking forward to trying this out over the next week. Finally, Nitya Narasimhan shares A Visual Guide To: Azure Percept.
Issue 340: 12th September 2021
Unfortunately we have to start the issue with another security issue. Palo Alto Network's Unit 42 team have uncovered an issue they are calling 'Azurescape', an attack on Azure Container Instances, which they say "highlights risks of using multitenant services". I'm a fan of Black Box Thinking and the only way to work towards a truly robust and secure sevice is to constantly try and discover vulnerabilities and attack vectors and put remediations in place.
There have been many interesting articles published this week, from different areas of Azure, so in no particular order: Anthony Chu assembles the Product Manages of Azure Logic Apps, Azure Functions, and Azure Static Web Apps to talk about Serverless. There's an interesting session buried in there on the topic of Secretless Applications.
A nice SQL performance enhancement has just been release: Scalar UDF Inlining is now available on Azure SQL. In the DevOps space there's a nice guide about how to Build Your First Pulumi Infrastructure in Azure. Using Azure security groups in ASP.NET Core with an Azure B2C Identity Provider is worth a read if you're building web apps. If you're in the IoT space, building multi-tenant solutions with Azure IoT Central on the Internet of Things Show is worthy of a watch. And finally Azure Storage continues to get better and better, improve availability with zone-redundant storage for Azure Disk Storage.
Issue 339: 5th September 2021
Last week we highlighted the security vulnerability in Cosmos DB, this week Aaron Powell has a nice script to automatically Regenerate All CosmosDB Keys. There are some impactful changes coming to Azure AD; firstly Azure AD Graph is retiring on 30 June 2022 and secondly you must upgrade to the latest version of Azure AD Connect before 31 August 2022.
As I seem to be spending most of my time in a shell at the moment, Scott Hanselman's latest post covering his Ultimate PowerShell prompt with Oh My Posh and the Windows Terminal is a welcome one. Another tool that not enough people know about, and we made use of last week while helping new starters automate setting up their local and cloud development environments, is Chocolatey; Rob Reynolds about Automation with Chocolatey on Episode 156 of The Azure Podcast. Another service that doesn't get enough attention is Azure App Configuration which now offers increased hourly request limit.
Thomas Maurer kicks off an interesting new series of videos about Azure Arc enabled Data services. Another noteworthy annoucement is that Custom AKS policy support is now in public preview.
Finally two interesting posts covering similar areas are How to analyze data exported from Log Analytics data using Synapse and a Step-by-Step Guide for using Azure to Process IoT Data.
Azure Weekly Archive
If you would like to read more interesting articles from the Azure ecosystem check out our archive where you will find all of the back issues.
Contribute Content
If you would like to contribute any content to the Azure Weekly newsletter, please email azureweekly@endjin.com