mountainss Cloud and Datacenter Management Blog

Microsoft SystemCenter blogsite about virtualization on-premises and Cloud


Leave a comment

#Microsoft Build 2018 Sessions and Content Overview #Azure #AzureStack #MSBuild2018

Microsoft Build 2018 – Technology Keynote: Microsoft Azure

With Scott Guthrie @scottgu


Inside Azure Datacenter Architecture

with Mark Russinovich @markrussinovich


Architecting and Building Hybrid Cloud Apps for Azure and Azure Stack.
With Filippo Seracini @pipposera and Ricardo Mendes @rifmendes from the AzureStack Team

Container DevOps in Azure
With Jessica Deen @jldeen and Steven Murawski @stevenmurawski


Best Practices with Azure & Kubernetes

Follow @rimmanehme

Microsoft Azure CosmosDB @ Build 2018 The Catalyst for next Generation Apps


From Zero to Azure with Python & VSC


Secure the intelligent edge with Azure Sphere


Satya Nadella – Vision Keynote

Here you can find all the Microsoft Build 2018 Sessions and content.

Advertisements


Leave a comment

Deploy #Azure WebApp with Visual Studio Code and Play with #Kudu and App Service Editor and #VSC

When you have installed Microsoft Visual Studio Code which is Free and Open Source with Git integration, Debugging and lot of Extensions available,
You activate the Microsoft Azure App Service extension in VSC.

Azure App Service Extension

You can install really easy more Azure Extensions here.

On the Left you will see your Azure Subscription and by pushing the + you will create a new Azure WebApp.

Enter the name of the Resource Group

Select your OS Windows or Linux

Add the Name of the New App Service Plan

Choose a App Service plan See more information here

Select Azure Region

After this it will install your Microsoft Azure Web App in the Cloud in a couple of seconds 🙂

 

When you open the Azure Portal you will see your App Service plan running.

From here you can configure your Azure Web App for Continues Delivery, and use different tools like VSC, Kudu or Azure App Service Editor.

Azure Web Apps enables you to build and host web applications in the programming language of your choice without managing infrastructure. It offers auto-scaling and high availability, supports both Windows and Linux, and enables automated deployments from GitHub, Visual Studio Team Services, or any Git repo.

Learn how to use Azure Web Apps with Microsoft quickstarts, tutorials, and samples.

Configure Continues Deployment from the Azure Portal.

Or
Continuous Deployment to Azure App Service

Developer tools from the Azure Portal with App Service Editor.

 

Azure App Services Editor

From here you can open Kudu to manage your Azure Web App and Debug via Console :

Kudu Debug console in CMD

Or Kudu Debug Console in Powershell 😉

Kudu Process Explorer

Here you find more information about Kudu for your Azure Web App on GitHub

And to come back at Microsoft Visual Studio Code, you can manage and Build your Azure Web App from here too :

Azure Web App Services in VSC

Hope this first step by step Guide is useful for you to start with Microsoft Azure Web App and Visual Studio Code to make your Pipeline.
More Information at Visual Studio Code

Azure Web Apps Overview


Leave a comment

#GlobalAzure BootCamp Day for the Community – Microsoft #Azure Overview Info

I wish everyone around the world an Awesome Global Azure BootCamp !

Here are some Microsoft Azure links for Information :

Create your Azure Free Account Today here

Microsoft Azure Get started documentation

Microsoft Azure Technical Docs Online

Microsoft Azure SDK – Tools

Microsoft Azure Architecture Information

Microsoft Virtual Academy

Microsoft Azure Training

Microsoft Azure Self-Paced Courses on Edx

Microsoft Azure Blog site

Microsoft Azure Marketplace

Microsoft Azure on GitHub

Microsoft Azure Friday on Channel 9

Follow on Twitter :

@Azure

@AzureBackup

@AzureSupport

@AzureCosmosDB

@Scottgu

@Markrussinovich

@CoreySandersWA

#MVPBuzz

@JamesvandenBerg

 


Leave a comment

Impressions of Microsoft #MSTechSummit in Amsterdam 2018 #MVPbuzz

Microsoft Tech Summit 2018 Amsterdam

It’s Really Awesome to Help Microsoft on the #MSTechSummit in Amsterdam for the community doing Q&A on the Microsoft Experts Center Booth and talking with customers on real scenarios about moving to the Microsoft Azure Cloud. Questions like What are the best practices, and what can I do with Microsoft Azure Stack in my own datacenter. Where can I get more information ? Solving problems for the customer by giving them directions where they can find the solution. Supporting customers with the On-Demand LABS and answering the questions they have, It’s just Great to be a Microsoft MVP Cloud and Datacenter Management and support the Community in this way on the Microsoft Tech Summit 2018 in Amsterdam 🙂

Here you see some impressions of the two days Event :

The Entrance in Amsterdam RAI on the Day before the Event

Getting registered as a Speaker on the Day before the MSTechSummit begins.

The Azure Keynote with Tad Brockway

Impressive Virtual Machine on Azure Cloud Services

Supporting the Community on the Experts Booth doing Q&A

And of course you can meet Great Microsoft employees from Redmond 🙂

On the Picture with Seth Juarez He Likes Machine Learning and AI
and of course working on CH9
 

And on the Picture with Jeff Woolsey from the Microsoft Server Team.
Install Project Honolulu for Remote Management 😉

And YES you can do Clustering on Microsoft Azure !
Have a look at Robert Smit his Blog Site

Meeting MVP mate from Austria Toni Pohl
He is developing cloud solutions with Office365 and Azure

The HUB

A full House for the Break-Out Session Azure Stack with Natalia Mackevicius

She is Director PM Azure Stack

Community Center and Experts Booth
Join the Microsoft Tech Community Today
#MVPbuzz

Microsoft LABS on Demand are Ready to Rock !

Thank you Microsoft and Community for this Awesome Event !
Microsoft Tech Summit 2018 Amsterdam


Leave a comment

UPDATE on Project Honolulu with Jeff Woolsey @WSV_GUY #Winserv #Hyperv #Azure

In this episode, Microsoft takes a look at updates to Project Honolulu and PowerShell Core to manage your server infrastructure. Jeff Woolsey explains the updates IT pros will want to know about and demonstrates what’s new in Project Honolulu – including Remote Desktop Protocol, Windows client management and PowerShell support. Speaking of PowerShell, Jeff also shows how everything has evolved to PowerShell Core, so you can manage your Windows and Linux workloads from one unified scripting place. You’ll even see how with a single cmdlet, you can talk to both Windows and Linux machines and get cross-platform joined outputs.

More information about Microsoft Project Honolulu

Project Honolulu is a flexible, lightweight browser-based locally-deployed platform and a solution for management scenarios. One of Microsoft goals with Project Honolulu is to make it simpler and easier to connect existing deployments of Windows Server to Azure services. With Windows Server 2019 and Project Honolulu, customers will be able to easily integrate Azure services such as Azure Backup, Azure File Sync, disaster recovery, and much more so they will be able to leverage these Azure services without disrupting their applications and infrastructure.

Introducing Windows Server 2019 – now available in preview

Evaluate Project Honolulu


Leave a comment

#Microsoft Secure #DevOps Kit of #Azure to Secure your Cloud #Security

Overview

The “Secure DevOps Kit for Azure” (will be referred to as ‘AzSDK’ henceforth) is a collection of scripts, tools, extensions, automations, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams using extensive automation and smoothly integrating security into native dev ops workflows helping accomplish secure dev ops with these 6 focus areas:
1. Secure the subscription: A secure cloud subscription provides a core foundation upon which subsequent development and deployment activities can be conducted. An engineering team should have the capabilities to deploy and configure security in the subscription including elements such as alerts, ARM policies, RBAC, Security Center policies, JEA, Resource Locks, etc. Likewise, it should be possible to check that all settings are in conformance to a secure baseline.
2. Enable secure development: During the coding and early development stages, developers should have the ability to write secure code and to test the secure configuration of their cloud applications. Just like build verification tests (BVTs), we introduce the concept of security verification tests (SVTs) which can check for security of various resource types in Azure.
3. Integrate security into CICD: Test automation is a core tenet of devops. We emphasize this by providing the ability to run SVTs as part of the VSTS CICD pipeline. These SVTs can be used to ensure that the target subscription used to deploy a cloud application and the Azure resources the application is built upon are all setup in a secure manner.
4. Continuous Assurance: In the constantly changing dev ops environment, it is important to move away from the mindset of security being a milestone. We have to treat security as a continuously varying state of a system. This is made possible through capabilities that enable continuous assurance using a combination of automation runbooks, schedules, etc.
5. Alerting & Monitoring: Visibility of security status is important for individual application teams and also for central enterprise teams. We provide solutions that cater to the needs of both. Moreover, the solution spans across all stages of dev ops in effect bridging the gap between the dev team and the ops team from a security standpoint through the single, integrated views it generates.
6. Cloud Risk Governance: Lastly, underlying all activities in the kit is a telemetry framework that generates events capturing usage, adoption, evaluation results, etc. This allows us to make measured improvements to security targeting areas of high risk and maximum usage before others.

The Secure DevOps kit for Azure is here on Github

Provision Security in Subscription

·       Subscription Health Scan

·       Subscription Security Provisioning

·       Subscription AccessControl Provisioning

·       Subscription Activity Alerts

·       Azure Security Center (ASC) configuration

·       Subscription Security – ARM Policy

·       Update subscription security baseline configuration

More information on each item can be found here on Github

Develop Security, Spot Check security via Scripts

• Security Verification Tests (SVT)

Express Route-connected Virtual Networks (ER-vNet)

More information on these items on Github

Deploy securely from VSO Build/Release Pipeline

  • Security Verification Tests (SVTs) in VSTS pipeline
  • Security Verification Tests (SVTs) in Jenkins pipeline (Preview)

The AzSDK contains Security Verification Tests (SVTs) for multiple PaaS and IaaS services of the Azure platform. As we have seen so far, these SVTs can be manually run against one or more target resources held in resource groups or tagged via a {tagName, tagValue} pair. While it is invaluable to run these SVTs periodically from a PS console (to ensure that the subscription and the different resources that comprise your application are in a secure state), a key aspect of dev ops is to be able to automate such tests and integrate them as part of the dev ops workflows and release pipelines. In other words, while checking that SVTs pass in an ad hoc manner is a good practice, it is important to be able to also ensure that security control configuration remains intact in higher environments.
The CICD extensions feature of AzSDK makes automated security configuration enforcement possible by making SVTs available as a Visual Studio Extension in the Marketplace so that engineering teams can run them within build/release pipeline. Once the build/release task is configured, SVTs run against a target deployment in an Azure subscription. Upon completion, SVTs will report the pass/fail status for controls along with aggregate control results. Hereafter, all the different ‘out-of-box’ build/release workflow options from the CICD engine (e.g., VSTS) can be used as ‘next steps’ based on the outcomes of SVTs. (For instance, one can decide whether to fail the release outright or to continue despite failures while sending an email to the build/release owners or to hold progress until someone manually approves, etc. Furthermore, if all SVTs pass in the pre-prod environment, then a release can be ‘promoted’ to prod.)
Outcomes of the SVT execution can also be routed to an OMS workspace configured to receive various events generated by the AzSDK.

More information on Build / Release Pipeline

Periodically scan in production to watch for Drift

Baseline Continuous Assurance

• Overview
• Setting up Continuous Assurance – Step by Step
• Continuous Assurance – how it works (under the covers)
• Update existing Continuous Assurance Automation Account
• Remove Continuous Assurance Automation Account
• Fetch details of an existing Continuous Assurance Automation Account
• Continuous Assurance through central scanning mode (Preview) – Step by Step
• FAQ

More information on Baseline Continuous Assurance here on Github

Single Security Dashboard across DevOps Stages

OMS Solution for AzSDK

  • Overview
  • Components of the AzSDK OMS Solution
  • Setting up the AzSDK OMS Solution (Step by Step)
  • Next Steps
  • Appendix
  • Creating an OMS workspace
  • Testing OMS connectivity
  • Routing AzSDK events to OMS
  • Leveraging other OMS Solutions from the Solutions Gallery

The Alerting & Monitoring features of AzSDK empower dev ops teams with the following capabilities:
a single pane of glass view of cloud security across dev ops stages
visibility to control status for their Azure subscription and critical enterprise/application resources
pre-configured search queries for creating alerts to facilitate action on security drift
Out of the box, these capabilities can be leveraged via the Operations Management Suite (OMS) solution in AzSDK.
However, a dev ops team can equally easily leverage a different system for log analytics (e.g., Splunk) and view the AzSDK control evaluation events in the alternate system. This can be accomplished by using via connectors for Event Hubs or Webhooks in the AzSDK.

More information on Security Monitoring with a Single Dashboard here on Github

Make Data-driven Improvements to Security

Overview Security Telemetry

  • Control Telemetry
  • Organization Level Setup
  •  Local Control Telemetry
  •  Understanding Data in App Insights
  • App Insights Visualization
  •  Usage Telemetry
  • Enable/Disable Usage Telemetry
  • FAQs

The Secure DevOps Kit generates telemetry events from all stages of dev ops. That is, events are generated when an engineer runs a scan ad hoc or when SVTs are run in CICD or subscriptions are scanned via Continuous Assurance (CA). The telemetry can be collected and aggregated across an organization. When combined with other organization metadata (e.g., a mapping of subscriptions to applications or service lines or business groups), this can yield a powerful platform for supporting a data-driven approach cloud risk governance and allow organizations to drive measured and targeted security improvement initiatives in a continuous and incremental fashion (just like the rest of dev ops). The telemetry data from AzSDK can be leveraged in two key ways:
Application Insights based – called Control Telemetry (will be renamed to Org Telemetry soon). There are two ways possible. One, configure it centrally, two, configure it specifically in end-user’s machine
API based – this is a custom solution using WebAPI and SQL to collect events and enrich it with organizational metadata. This lets an organization track and drive adoption and usage of the AzSDK and provides a window into the org’s DevSecOps Maturity. API based telemetry will be release in coming months when we release documents for how organization can customize AzSDK for their needs

More on Security Telemetry you find here on GitHub

Fetch information about various AzSDK components

  • Overview
  • Subscription information
  • Control information
  • Attestation information
  • Host information

This command provides overall information about the AzSDK which includes subscription information (alert/policies/ASC/CA version etc.), security controls information (severity, description, rationale etc.), attestation information (statistics, attestation justification, expiry etc.), host information (AzSDK settings/configuration, AzureRM Context etc.). ‘Get-AzSDKInfo’ command can be used with ‘InfoType’ parameter to fetch information.

More information about Get-AzSDKInfo on Github

Start with Microsoft Azure ARM Templates

Use Microsoft Visual Studio Code to work with JSON ARM Templates and Azure subscription

 

Hope these Microsoft DevOps Azure Security SDK resources are helpful for your organization.

 

 

Cheers James.

 


Leave a comment

Registration is open for #Microsoft Tech Summit Amsterdam 2018 #Azure #Cloud #MSTechSummit

Build your cloud skills
Free technical learning event with Microsoft’s top cloud engineers across Azure and Microsoft 365. Whether you’re developing innovative apps or delivering optimized solutions, Microsoft Tech Summit can help evolve your skills, deepen your expertise, and grow your career.

Customize your learning
Whether you’re already cloud-savvy or just getting started, there is something for everyone. Discover the latest trends, tools, and product roadmaps at more than 80 sessions covering a range of focus areas and topics – from keynotes and breakouts to hands-on labs.

Connect with experts
Take advantage of the event Hub, a gathering place where you can learn, network, meet partners, visit the community theater, and more! You’ll also have access to experts who can help you get the most out of the cloud – ask your toughest questions, share best practices, and provide feedback.

Get inspired
The cloud is changing expectations – and transforming the way we live and work. Learn how Microsoft’s cloud platform can help you lead your organization through real digital transformation – and shape your future.

Build your cloud skills with the latest in Azure and Microsoft 365 at a free, technical learning event for IT professionals and developers.
March 28-29, 2018
Register here

Here you find the Microsoft Tech Summit 2018 Catalog sessions

See you at this Awesome Microsoft Tech Summit Event in Amsterdam 😉 #MVPbuzz