Azure Weekly
Issue #563 - 17th May 2026
Welcome to Issue 563 of The Azure Weekly Newsletter. A mixed bag of announcements and interesting articles. The highlights this week are as follows: Platform Improvements for Python AI Apps on Azure App Service: details the build-pipeline changes that have cut Python deployment latency on Azure App Service for Linux by roughly 30%, including swapping gzip for Zstandard compression, adopting uv as the package installer with a pip fallback, removing an intermediate staging copy, adding a pre-built wheels cache and warming up the Kudu deployment worker. Introducing Azure Container Apps Express: launches a public preview of a simpler Azure Container Apps experience that runs your container on pre-provisioned capacity with no environment, networking or scaling to configure, aimed at developers shipping fast and agents that need to deploy on demand. the general availability of Azure Integrated Hardware Security Module: announces GA of Azure Integrated HSM on AMD v7 Trusted Launch VMs and adds Secure Key Release support, so customers can keep primary keys in Azure Key Vault or Managed HSM and release a cached copy to the local FIPS 140-3 Level 3 boundary, letting cryptographic operations run on-VM without a network round-trip on every call.
In Microsoft Fabric: Optimize your storage costs with OneLake storage tiers and lifecycle management Preview: introduces hot, cool and cold storage tiers for OneLake together with lifecycle management policies that automatically move infrequently-accessed Fabric data to cheaper tiers based on age, last-modified or last-accessed rules. Ingesting SharePoint Data into Microsoft Fabric: Your Options: compares the five paths for getting SharePoint data into Microsoft Fabric (Dataflow Gen2, Copy Jobs, Shortcuts, Pipelines and Notebooks) with practical guidance on cost, incremental loading and multi-environment support.
In AI: Giving the Copilot SDK Agent a hardware-level helmet using Kata microVM on AKS: walks through a sample that runs a GitHub Copilot SDK agent on AKS under the kata-vm-isolation runtime class so each pod sits in its own Hyper-V microVM with a dedicated guest kernel, stacking five defence layers around code the model decides on at runtime: microVM isolation, non-root with dropped capabilities and a read-only filesystem, a NetworkPolicy egress allowlist, secret injection and a deny-by-default permission gate. Privacy proxy in Agents with Microsoft Agent Framework Middleware: shows how to wire PII Shield into Microsoft Agent Framework as a paired ChatMiddleware and FunctionMiddleware, so every prompt is anonymised before reaching the LLM, every tool call gets real values restored from a shared per-conversation mapping store, and every tool output is re-anonymised on the way back, at a measured overhead of roughly 70 ms per turn.
Finally Barry Smart follows up his AI Strategy: Think Top-Down, Experiment Bottom-Up with The GenAI Reality Check: New Instrument, Same Orchestra: which distils seven engineering principles that separate enterprise GenAI projects that deliver real value from those that just generate noise, arguing that GenAI is exceptional in capability but not exempt from the disciplines that make any software project succeed.
⚙️ AI + Machine Learning
- The Azure Updates Team explains how to Launched Update: Microsoft Foundry built-in RBAC role naming and enhancements
- aafshari covers Building an AI-Powered Contract Price Adjustment Agent with Docusign MCP and Microsoft Foundry
- Alicia Frame writes about Open Model Inference at Scale on Foundry: What's New with Fireworks AI
- Naomi Moneypenny covers Introducing Grok 4.3 on Microsoft Foundry: Latest Generation Agentic Capabilities
- Nandini Muralidharan explains how to Give Your AI Agent Eyes: Browser-Harness Meets Playwright Workspaces Remote Browsers
- Barry Smart (@barry_j_a_smart) follows up his AI Strategy: Think Top-Down, Experiment Bottom-Up with The GenAI Reality Check: New Instrument, Same Orchestra
- dbillor writes about From Copilots to Coworkers: How AI Agents Are Transforming Azure Networking Operations
- Shoib Muhammad describes City simulator with AI agents for traffic congestion
- On Visual Studio Magazine - Blogs, David Ramel (@dramel) describes Microsoft Adds AI Hackathon to VSLive Microsoft HQ
- Anna Cao writes about 4 ways to build a curated Agent Store and scale agent adoption
- Lo Kinfey (@Ljh8304) talks about Giving the Copilot SDK Agent a hardware-level helmet using Kata microVM on AKS
- Mo Siddi writes about After the Agent Acts: Proving What Happened and Who Authorized It
- Teo Montero Bonet walks through Building the Solution Teams Need to Secure AI Against Prompt Injection
- Mustapha Lazrek walks through Computer-using agents in Microsoft Copilot Studio are now generally available
- Vikas Gautam blogs about Privacy proxy in Agents with Microsoft Agent Framework Middleware
🔎 Analytics
- On Microsoft Fabric Blog, Ambika Jagadish writes about Configurable Data Retention in Microsoft Fabric Warehouse Preview
- Sunitha Muthukrishna (@mksuni) discusses Custom authorization for API for GraphQL in Microsoft Fabric Preview
- Matt Basile explains how to Optimize your storage costs with OneLake storage tiers and lifecycle management Preview
- On the endjin blog, Carmel Eve (@Carmel_Eve) talks about Ingesting SharePoint Data into Microsoft Fabric: Your Options
- Vikas Gautam talks about Genie in a Bot: Databricks AI/BI Meets Microsoft Teams
🖥️ Compute
- Max Uritsky (@max_data) announces the General Availability of the Next Generation of Azure Boost
- Andrew Coughlin discusses Triggering Azure Functions from Blob Storage Using Event Grid
- Simran Parkhe announces the general availability of Azure Integrated Hardware Security Module
🚢 Containers
- The Azure Updates Team writes about In preview Public Preview: Azure Container Apps Express
- Simon Jakesch covers Introducing Azure Container Apps Express
- Vyom Nagrani covers Running Foundry Agent Service on Azure Container Apps
- Carlos Mendible (@cmendibl3) writes about AKS NAP: ZRS Disk PV Zone Fix with a Mutating Admission Webhook
- Chaminda Chandrasekara talks about Monitor and Profile Memory Usage in a Running .NET Linux Pod in AKS
- Lo Kinfey (@Ljh8304) writes about Six Coding Agents, One Production System: A Field Guide to AgenticOps with AKS-Lab-GitHubCopilot
- Mohamad Al Jazaery discusses NVIDIA Dynamo on AKS - Autoscaling LLM Inference
- Roaa Sakr talks about Decoupling Memory from Startup Time in AKS Sandbox Pods
🗄️ Databases
- Matthew Burrows writes about Zero downtime migration from Oracle to Azure DB for PostgreSQL
- Tameika Lawrence covers TLS Certificate Pinning and Best Practices in Azure Open-Source Relational Databases
- Ggauri Kasar discusses April 2026 Recap: Azure Database for PostgreSQL
- Dave Rendón (@DaveRndn) writes about From Technical Debt to Frontier Firm: A Deep Technical Dive into Agentic App and Database
- Zoran Rilak writes about Automatic Connectivity Tests for Azure SQL Managed Instance
- Srinivas Kandibanda discusses Security Update for SQL Server 2016 SP3 Azure Connect Feature Pack
- Mohamed Baioumy writes about Unexpected PITR Charges from restorableDroppedDatabases After BC Hyperscale Migration
- Shruti Pathak describes Azure Cache for Redis to Azure Managed Redis: A Practical Guide with AI-Assisted Migration Planning
🛠️ Developer Tools
- Alex Wang describes Azure CLI on macOS: Upcoming Installation Changes
- Cynthia Zanoni (@cynthiazanoni) delves into GitHub Copilot Dev Days Online
- Simona Liao discusses Agent Skills in Visual Studio: Teach Copilot How Your Team Works
- Makena Barickman announces SQL Server Management Studio 22.6.0
🔩 DevOps
- Gloridel Morales writes about May Patches for Azure DevOps Server
- Sagar Patra writes about From Test Cases to Trusted Automation: Scaling Enterprise Quality with GitHub Copilot
- Jingwei Wang writes about From Prompt to Production: Open in VS Code for Terraform in Azure Copilot
- José Luis Latorre explains how to Stop Hallucinating, Start Evaluating: A Tour of AgentEval
- Julio Colon discusses Design CI/CD for AI apps and agents selling through Microsoft Marketplace
- Paula covers Scaling GitHub Advanced Security in Azure DevOps with a single reusable YAML template
- Ranjan Ashish walks through Understanding the deployment quota limitation 800 Error in Azure Bicep and ARM Deployments
- Ravinder Gupta writes about From Pipelines to Agents: Self-Healing CI/CD Workflow
- Shruti Kakade blogs about Designing AI-Driven Observability for Trustworthy Agentic AI Systems
⚙️ Hybrid + Multicloud
- Zachary Cavanell covers Azure Arc On-prem + Multi-cloud Management
- Mohit Kanojia covers Azure Arc AKS Explained: Run Kubernetes Beyond Azure Cloud
- Bhalchandra Atre covers Writeback for Cloud-Managed Remote Mailboxes: Now in Public Preview
- Wim Matthyssen (@wmatthyssen) discusses Azure Arc-enabled SCVMM: Why ResourceMoveValidationFailed blocks subscription moves and how to migrate
🎭 Identity
- The Azure Updates Team explains how to Launched Generally Available: Managed Identity Support for Azure Files SMB Is now GA
- Damien Bowden (@damien_bod) walks through Using configurable token lifetimes in Microsoft Entra ID, .NET and Microsoft Graph
- Ankur Patel writes about Secure the moments attackers target: onboarding, access requests, and account recovery
- The Intune Support Team writes about New Platform SSO with registration during Automated Device Enrollment on macOS
- Ben Mann describes Microsoft Identity Manager 2016 SP3 now available: Enhanced stability for hybrid identity
- Grace Kim covers Action required: Kerberos RC4 hardening may affect Azure Files Active Directory Domain Services
🔌 Integration
- The Azure Updates Team explains how to Launched Update: 99.99% uptime for all Azure Service Bus Premium namespaces in Availability Zone regions and explains how to Launched Generally Available: Confidential computing for Azure Service Bus Premium
- Eldert Grootenboer (@egrootenboer) announces general availability of confidential computing for Azure Service Bus Premium
- Eldert Grootenboer (@egrootenboer) describes Azure Service Bus Premium now offers 99.99% SLA in all Availability Zone regions
- Gyanendra Kumar Gautam writes about May 11, 2026 - AI is Reshaping Microsoft Integration. Here's What Actually Matters This Week
- Michael Flanakin explains how to What's new in FinOps toolkit 14 – April 2026
- Roberto Cervantes covers Stripe Events + Azure Event Grid: Now Generally Available
- Seth explains how to Build Smarter, Simpler IoT Messaging with Azure Event Grid MQTT Broker
- Daniel Marbach (@danielmarbach) writes about Small optimizations, large systems: removing allocations from Event Hubs partition key hashing
- Hiren Shah explains how to SAP on Azure Product Announcements Summary – SAP Sapphire 2026
📚 Learning
- Liberty Munson writes about New Microsoft Certified: Cloud and AI Security Engineer Associate Certification
- Heather Cook discusses Event Guide - Microsoft at TechCon Chicago 2026
- Nichole Peterson writes about You Asked - We Answered: Inside the Agent 365 AMA
- Nency Yera describes The power behind AI: Your brain
- On the Visual Studio blog, Jim Harrer writes about VSLive Microsoft AI Hackathon 2026: Send Your Team Home With Working Code
⚖️ Management and Governance
- The Azure Updates Team explains how to Launched Generally Available: Azure Monitor dashboards with Grafana in Public, Government Fairfax and China
- Efrat Nauerman discusses Public Preview Update: Azure Copilot Observability Agent
- Shikha Jain (@be_shikha) talks about Azure Monitor Health Model - API Refresh
- Tiffiany talks about Azure Policy: Modern Governance with Practical Recommendations
- Zachary Cavanell discusses Agent 365 Your Security & Compliance Controls
- Joe Unwin writes about NEW UPDATES: Administering and Governing Agents whitepaper v3.2
- Aidan Finn (@joe_elway) writes about 5 Most Common Azure Review Findings
🚌 Migration
- Troy Starr writes about New investments to accelerate your migration to Microsoft 365
🌐 Networking
- The Azure Updates Team explains how to Launched Generally Available: Azure Virtual Network Manager rule impact analyzer
- Faizaan Merchant explains How to Secure Azure Databricks without Public Exposure using WAF + Private Endpoints
- Marco Punio writes about Private Networking and Inference in Microsoft Foundry: Architecture Impact on Enterprise AI
- Rizul Khanna explains how to Configure DNS forwarding for Azure NetApp Files
- rbhatia talks about Modernizing TCP Applications with Azure Application Gateway Layer 4 TCP/TLS Proxy
- Vikas Gautam talks about Introducing PII Shield: A Privacy Proxy for Every LLM Call
🔐 Security
- The Azure Updates Team explains how to Launched Generally Available: Sentinel TI - improved pattern parsing & revoke reliability
- Dave Rendón (@DaveRndn) talks about Microsoft Purview Data Security Investigations: The AI-Powered Engine That Compresses Days of and blogs about Security Copilot Inside Microsoft 365 E5: A Technical Deep Dive Into the Agentic Security Platform
- Joon Woo describes Securing AI agents at scale: Identity, governance, and zero trust
- Uma Masurkar talks about Agent365: The Identity-First Control Plane for Scalable AI Agents and describes Microsoft 365 E7 & Agent365: From Where You Are to Enterprise AI at Scale
- Janaki Ramachandran writes about From Idea to Production - Building Microsoft Security Store Advisor with an Agentic SDLC
📦 Storage
- The Azure Updates Team explains how to Launched Generally Available: Azure Blob Storage SDK for Rust
- The Azure Updates Team explains how to Launched Generally Available: Support for workloads with large files in Azure NetApp Files
- Anthony Mashford (@anthonymashford) writes about Big News for Big Data
🔗 Web
- Surender Singh Malik covers Platform Improvements for Python AI Apps on Azure App Service
- Tulika Chaudharie discusses Control runtime patch updates with Platform Release Channel on Azure App Service for Linux
- Tulika Chaudharie writes about New SSH helper aliases for Python apps on Azure App Service for Linux
- Tulika Chaudharie describes Simplifying FastAPI Deployments on Azure App Service for Linux