Microsoft Azure

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/jM2me on 2023-08-31 02:22:17.

I am pretty good at writing code, so a lot of automations or things that make my job easier are written as a powershell script. As of lately I have been trying to move those to logic apps, as most of them are interfaces (take data from A, take data from B, compare/calculate/etc, and update either data A or B), and it would be beneficial for company to have them somewhere like in Azure and not running on my computer.

Well, some of those manipulations or list comparisons are pain in the butt to get right on first try in logic app. Maybe I need more practical experience, but something that takes few keystrokes or lines in PowerShell, takes too much time than I would like to admit to figure out in logic app. Remembering how certain things flow or get transformed isn't as intuitive as the code, so cheatsheet and onenote with bunch of copy paste and screenshots help.

On the bright side, anyone can now look at logic app and hopefully figure out the logic of the "interface".

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/kaldareta on 2023-08-31 02:55:23.

We are designing our Azure Landing Zone. We try to achieve best practice, so while going through scenarios, this is what I came up upon.

1. Require all KeyVault (KV) to be stored in the same KV specific Resource group (i.e RG-KV).
2. A restrictive custom KV Reader is required in RG-KV level so Teams/ServicePrincipal can list KVs (without being able to list names for secrets, certs & keys).
3. A KV Admin role to their respective KV-App to manage it.
4. Set up Private Links for their respective KV-App.
5. Set up Azure Policy to restrict KV creation in other Management Groups

Thoughts? Does anyone have a similar scenario? Any roadblock/hardships/conflicts you can foresee? 😅

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Jort4K on 2023-08-30 15:29:58.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/DiamondSlicer on 2023-08-30 13:33:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/BeakerAU on 2023-08-30 13:30:43.

Our AppGW in Australia East, became completely unresponsive 8.45pm AEST, and nothing is accepting connections for it. We're logging a job with Microsoft. Is anyone else seeing similar issues?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/screech_owl_kachina on 2023-08-29 19:17:23.

I passed 104 last night with a 736. The open book feature was surprisingly already implemented.

I used the search the most but they must have taken out a lot of the articles because searching for terms just led me to random pages that were only tangentially related to the topic and not the actual documentation. I'd say it's almost not worth it.

I got a lot of questions about ARM templates, but the thing is I didn't really code any while I was studying and they were asking like "what function should you use here". And then using the open book to search for that function didn't really bring up anything. I didn't try using Ctrl F but the instructions say shortcuts work. If you're going up for 104 soon I would focus on ARM templates for storage, VMs, and policies.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/AutoModerator on 2023-08-29 13:00:38.

All content in this thread must be free and accessible to anyone. No links to paid content, services, or consulting groups. No affiliate links, no sponsored content, etc... you get the idea.

Found something useful? Share it below!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/mexicanpunisher619 on 2023-08-29 07:08:54.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/patrickvkleef on 2023-08-28 19:29:06.

I started the zerotrustinsights.com website to share knowledge on following the Zero Trust principles in Azure. I do this based on an fictional company I created, which transitioned their application to the cloud without properly considering security.

The first articles I published is about using the hub-spoke network topology as a foundation for your infrastructure and how to secure PaaS services using Private Link.

Centralize management with the hub-spoke network topology

Secure Azure PaaS services with Azure Private Link

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/JohnSavill on 2023-08-28 14:07:17.

New video diving into the new API provisioning endpoint for Entra allowing integration from ANY HR or other system for user source of truth!

00:00 - Introduction

00:07 - Entra tenant and ADDS

01:21 - HR source of truth

04:56 - API-driven provisioning

08:01 - Creating the inbound API endpoint app

09:03 - ADDS vs Azure AD/Entra option

10:46 - Getting started and mapping

14:01 - Scoping

15:17 - Start provisioning

15:47 - Permissions for the sending app

19:58 - Demo

26:39 - Checking provisioning logs

29:15 - Portal provisioning logs

31:51 - How you would read user info from app

32:48 - Licensing

33:04 - Summary

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/sawred810 on 2023-08-28 10:09:08.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/firefox15 on 2023-08-27 22:14:53.

I have a storage account which I would like to restrict to my house, and I have a dynamic IP. That IP is always updated correctly by my DDNS service, so any firewall rules that reference that DNS name will work correctly.

I seem to remember that NSGs can do this (maybe I'm wrong), but the firewall in the storage account seems limited to hardcoded IPs. I guess I could make a S2S VPN connection, but that's just security and overhead that I don't want to deal with at home if I can help it. Is there a way to do this with private endpoints or something?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/HE_TRUTH on 2023-08-27 12:37:02.

I am currently preparing for the Az 104, I am yet to book, so I am wondering if it will be worth it, do I have a future in Azure As an Administrator in Nigeria. I am getting discourage, when I tell people this is the career path I plan on taking they make it seem like I have no future in this area. Please is there really no future for an Azure Administrator in Nigeria?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/hm_vr on 2023-08-27 11:11:24.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/StanQuizzy on 2023-08-25 15:33:46.

We currently use Azure Cloud Connect to sync our OnPrem AD to Azure for our Hybrid environment and it works perfectly for us. We received (several, like 50 plus lol) emails from Azure stating our version of Connect is out of date and we need to upgrade the version to the new Connect or CloudSync before October 1 2023.

I did their questionaire and looks like CloudSync is the way to go for anyone really (lightweight agent on 1 or more onprem servers, configure in the Azure portal as opposed to the complex Connect agent ). As as per usual, Microsoft's documentation for installing CloudSync and decomissioning Connect spans multiple documents and vauge steps.

Now, it seems to me that the process should be straight forward:

Install CloudSync agent on 1 or more qualifying servers OnPrem

Configure the Sync in the Azure portal

Suspend the Connect services, make sure Cloud Sync is working

Decom/remove the Connect services/agent

But, as described, the guides span several documents and are tedious to read. has anyone gone though this and could give me an idea of how this actualy goes? Thanks!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/mexicanpunisher619 on 2023-08-24 20:54:36.

Alright folks, I’ve had enough. I need to vent about Microsoft’s perplexing decision to stick with Pearson VUE for their certification exams. Anyone who's had the misfortune of navigating this platform will know the pain and anguish I'm talking about.

Let's dive straight into the abyss that is proctoring. Or should I say, the chaotic, seemingly nonexistent proctoring? I've genuinely wondered if these proctors are even real. I’ve had proctors vanish into the ether in the middle of an exam, had times when they were utterly unresponsive, and had moments when I swear they were just phantoms haunting my screen. You’re telling me, with all the tech advancements, we can’t get a stable proctoring system?

And, oh boy, the software. Who designed it? Someone nostalgic for the dial-up era? We’re talking freezes, crashes, a user interface that feels like a relic from a past most of us would rather forget. The experience is marred with constant hiccups, making it impossible to focus on the actual content of the exam. Instead, I’m wrestling with pop-ups, error messages, and a UI that seems to actively work against me.

Microsoft, you are a tech titan. A behemoth in the industry. Why, then, are you aligning yourself with a testing platform that's more reminiscent of ancient tech relics than of the modern age? Your certifications, your brand, they all carry weight. So why diminish that value with such a subpar testing experience?

It's high time for a change. Your loyal community of certification aspirants is waiting and hoping. Time to upgrade and give us the smooth, efficient, and modern testing platform we deserve! Rant concluded. 🎤 Drop.

Note, the questions for my AZ-104 disappeared while moving on to my 4th question, spent 25min waiting for a proctor to show up, called Customer Support and their rep said, you will get a solution in 2-3 days... my "proctor finally showed up, restarted the test but time was still deducted and not added back...WTF!!!!!!

Where is my FKN Question!!!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/mindovermother on 2023-08-24 15:02:40.

Anyone know what the problem may be? I'm taking an Azure course and some of my classmates can select multiple zones when making their vm's, while me and some others can only select 1 unless we choose vm scale set (which is not what I'm trying to do).

P.S. I'm attempting making the zones in (US) East US but changing regions doesn't fix the problem.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Ambitious_Bus2959 on 2023-08-24 09:20:19.

Hello, strange one but users when signed into an azure servers, are unable to preview documents in file explorer, checked as an admin account noticed that I could preview pdfs, and certain images, but words documents you just get a white screen.

Has anyone come across this before or got any ideas on what I can do that would be great (note the azure servers run windows 11).

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/apdunshiz on 2023-08-24 13:52:03.

I reach out to support maybe once every few months or so, whenever I have a simple question on how something works and when the documentation is confusing as hell. The only problem, I've never had any of my support tickets actually resolved. I just cancel them because the reps I get do not usually have basic technology skills to even understand what I am asking.

I just reached out yesterday on why my managed instances are showing private IP addresses, on public DNS servers like Google, when I do not have a private endpoint and public access is denied. The rep tells me that a private endpoint does not exist and asks me if I would like help on setting up a private endpoint. I then respond, try to clarify with pictures, but still the rep has no idea.

Am I the only one here?

Thanks!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/AutoModerator on 2023-08-24 13:00:19.

This is the only thread where you should post news about becoming certified. For everyone else, join us in celebrating the recent certifications!!!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/edcwb on 2023-08-24 02:55:48.

Hey guys. We control our billings by a specific tag, for example: "Product_A", sometimes other teams are tagging resources incorrectly with our tag.

Is there a way to have an alert on Azure that send a notification when a new resource is added or modified in a resource group uppon our tag?

I'm open to others options.

Thanks in advance

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/aleks1ck on 2023-08-23 19:34:32.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/theotheritmanager on 2023-08-23 21:29:36.

We require MFA via. the MS authenticator app - works well.

The only real issue we have now is when users get new phones, they have to call us to reset their MFA (or need our help getting it setup again), since they can't login to their existing account to change their MFA method or register their new app.

Not a big deal, but it's a lot of tickets and time.

How are you guys all handling that whole workflow?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/rich872 on 2023-08-23 16:56:45.

So my company is looking to start moving some workloads into Azure. We're a rather large company with all mailboxes in 365, we sync AD to Azure and what not but outside of that we really have no footprint in our Azure space as far as resources or workloads go. We know the first step to deploying resources in Azure is to set up the "landing zone" but that is something we are struggling with a bit on the best way to architect it out, the initial management group/subscription structure that is. Microsoft recommends something like the pic I've attached to this post. Curious to get thoughts from any Azure architects out there on their initial design structure before they started moving any workloads or deploying resources in Azure.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/digitalbydesign on 2023-08-23 03:24:48.

On August 22, we will begin updating our exams so that you will be able to access Microsoft Learn as you complete your exam. This resource will be available in all role-based and specialty exams in all languages by mid-September. Curious to get the community’s thoughts on this addition to the certification process. More info located in the link below.