mountainss Cloud and Datacenter Management Blog

Microsoft SystemCenter blogsite about virtualization on-premises and Cloud

Leave a comment

AWESOME #Microsoft Azure E-Books for your #Cloud Journey Today #Azure #AzureStack

Download Azure Strategy and Implementation Guide Here

Each organization has a unique journey to the cloud based on its own starting point, its history, its culture, and its goals. This document is designed to meet you wherever you are on that journey and help you build or reinforce a solid foundation around cloud application development and operations, service management, and governance.  An important concept covered in this book is a strategy for identifying and moving specific workloads based on their actual value to the business. Some emerge in a new form infused with cloud design principals that were otherwise not available in the past. Others receive targeted improvements to extend their lifetimes. Still others move as-is, using the “lift and shift” approach that requires minimal change. Because of the unique capabilities of the Microsoft Cloud and the Microsoft Azure platform, workloads that must remain on-premises because of latency or compliance requirements can fully participate in the journey because of the ability for an organization to run Azure services on-premises using Azure Stack. A Great E-book to Start your journey to the Cloud

Download The Developers Guide to Microsoft Azure SE here

Microsoft created The Developer’s Guide to Microsoft Azure to help you on your journey to the cloud, whether you’re just considering making the move or you’ve already decided and are underway. This eBook was written by developers for developers. And it is specifically meant to give you, as a developer, a fundamental knowledge of what Azure is all about, what it offers you and your organization and how to take advantage of it all.

Download the Microsoft Azure Virtual Datacenter E-Book here

This guide is intended for enterprise IT architects and executives. Using the lens of the physical datacenter, the guide discusses an approach to designing secure, trusted virtual datacenters on the Azure platform. Azure Virtual Datacenter is not a specific product or service but rather a way to think about cloud infrastructures. It offers proven practices and guidance to help smooth your migration to the cloud. At the end of this guide, you can learn about the upcoming Virtual Datacenter Automation guidance. This guidance includes a collection of scripts and Azure Resource Manager templates that will help you build an Azure Virtual Datacenter using the trusted extension model.

Download the Microsoft azure Virtual Datacenter Lift and Shift Guide here

This guide is a starting point when considering the migration of existing applications and services. The processes described below are meant to be iterative. By working to identify a first round of candidates for lift and shift, you will build an understanding of what’s required to host and maintain applications in Azure, along with increasing the accuracy of cost estimates. This knowledge will make identifying subsequent candidates much easier. Note that the Azure platform is continuously adding features and services, and costs can change (generally lower) as new capabilities come online. Although applications and services might not be candidates for lift and shift migrations now, they might be in the future, and any iterative review process should take platform changes into account.

May these Awesome Azure E-books help you to build your Cloud Services Today


Leave a comment

Infrastructure as a Service (IaaS) with Microsoft #Azure #Cloud #AzureStack #HybridCloud

Break down video of the essentials needed to plan and implement your solutions on Microsoft Azure IaaS. This 7-minute intro covers compute, virtual machines, containers, networking, storage and management options in Microsoft Azure.

When you transform your datacenter on-premises to Microsoft Azure Cloud Service, these Architecture references can help you
to make the right chooses for your business needs. The Azure Architecture Center contains guidance for building end-to-end solutions on Microsoft Azure. Here you will find reference architectures, best practices, design patterns, scenario guides, and reference implementations.

Start here for your Microsoft Azure Architecture designs

Microsoft Azure Architecture Center

On the left site of this page you can download the complete content of Microsoft Azure Architecture Center into a PDF file 😉
Looks like this :

When your transition and your Architecture is done on Paper you can move save to Microsoft Azure Cloud Services.

Accelerate your digital transformation:
Now is the time to move to Azure and reap the rewards of cloud technology, including the ability to scale up or down quickly, pay only for what you use, and save on compute power. Whether you are deploying new virtual machines, moving a few workloads, or migrating your datacenters as part of your hybrid cloud strategy, the Azure Hybrid Benefit provides big savings as you move to the cloud.

Have a look at the Microsoft Azure Hybrid Use Benefit

Here you find some handy links to Microsoft Azure Cloud Services :

Microsoft Azure Products Technical docs

Microsoft Azure SDK and Tools

Getting started with Microsoft Azure products

Microsoft Azure Resources

Here you find the Whitepaper of Azure Virtual Datacenter Lift and Shift Guide but also an E-book of Azure Virtual Datacenter from the Azure CAT Guidance Team which can help you to start your transition of your datacenter to the Microsoft Azure Cloud.


Microsoft Mechanics all Azure

When you have workloads in your on-premises Datacenter which may not run in any public Cloud or via Internet, you can run Microsoft Azure in your Datacenter via Microsoft Azure Stack.

Build modern applications across hybrid cloud environments

Azure Stack is an extension of Azure, bringing the agility and fast-paced innovation of cloud computing to on-premises environments. Only Azure Stack lets you deliver Azure services from your organization’s datacenter, while balancing the right amount of flexibility and control—for truly-consistent hybrid cloud deployments.

Microsoft Azure Stack Overview

Hope this blogpost will help you out with your journey to the Microsoft Azure Cloud.

Leave a comment

#Microsoft Global MVP Summit 2018 was Awesome #MVPbuzz #MVPSummit

The Microsoft 25th Global MVP Summit 2018 was just AWESOME !

I like to Thank you all the people at Microsoft who was helping at the Global MVP Summit 2018 and made this Great Event to a big Success.
I had a Great time with the Microsoft Product teams and PM’s, with Good interactive sessions and Awesome NDA content. I Love to be an MVP in Cloud and Datacenter Management and learning a lot about Microsoft Azure, AzureStack, Analytics, in a DevOps way on Microsoft HQ Campus. First in Building 92 and later in Building 33.
Thank you Tina StenderupLarsen for being on the Summit for all your MVP’s and organize everything !


Leave a comment

Use the Azure Cosmos DB Emulator for local development and testing #Azure #CosmosDB #DevOps #Docker

The Azure Cosmos DB Emulator provides a local environment that emulates the Azure Cosmos DB service for development purposes. Using the Azure Cosmos DB Emulator, you can develop and test your application locally, without creating an Azure subscription or incurring any costs. When you’re satisfied with how your application is working in the Azure Cosmos DB Emulator, you can switch to using an Azure Cosmos DB account in the cloud.

The Azure Cosmos DB Emulator for DevOps is easy to install :

Download de MSI

Docker Hub



You can Attach Azure CosmosDB Emulator in Visual Studio Code 😉

When your development and testing in Azure CosmosDB Emulator is Done and Ready
for the Cloud, you can Move it to CosmosDB in Azure.

More information on Microsoft Azure CosmosDB Emulator on Docs.

Here you see What’s New in Azure Cosmos DB Video :

Lot of Success with Azure CosmosDB !

Leave a comment

#Microsoft Azure Storage Explorer with Support for File Share Snapshots #Azure #Cloud

Welcome to the February 2018 release of Microsoft Azure Storage Explorer.

Support for File Share snapshots:
o Create and manage snapshots for your File Shares.
o Easily switch views between snapshots of your File Shares as you explore.
o Restore previous versions of your files.
Preview support for Azure Data Lake Store:
o Connect to your ADLS resources across multiple accounts.
o Connect to and share ADLS resources using ADL URIs.
o Perform basic file/folder operations recursively.
o Pin individual folders to Quick Access.
o Display folder statistics.

Create Snapshot of your Azure File Share is Easy

Azure File Share Snapshots with Storage Explorer

Download the Newest Microsoft Azure Storage Explorer here

Azure Storage Explorer (Preview) is a standalone app that enables you to easily work with Azure Storage data on Windows, macOS, and Linux. In this article, you learn several ways of connecting to and managing your Azure storage accounts.

Azure File Sync agent release notes

Azure File Sync (preview) allows you to centralize your organization’s file shares in Azure Files without giving up the flexibility, performance, and compatibility of an on-premises file server. It does this by transforming your Windows Servers into a quick cache of your Azure File share. You can use any protocol available on Windows Server to access your data locally (including SMB, NFS, and FTPS) and you can have as many caches as you need across the world.

More information about Azure File Sync Agent here

Leave a comment

#Microsoft Azure CloudShell Bash in Visual Studio Code #Azure #VSC #DevOps


When you don’t have Microsoft Visual Studio Code, It’s a Awesome Open Source Free tool for DevOps and ITPro.

When you installed VSC you can add Extensions to your Visual Studio Code and one of them is Called Azure Account.
When you Add this extension you can connect to Microsoft Azure Cloud Shell in Visual Studio Code.
But before we can use this Extension to connect to Azure CloudShell we need NodeJS version 6 or higher installed on your OS.

Go to NodeJS and Download

Click Next.

Accept the Terms and click Next.

Click Next

Click Next

It will also install a Shortcut for the online documentation of this version of NodeJS v9.6.1

Click on Install

Click Finish

With Ctrl+Shift+P you will see all the Commands. (1)
Choose for Azure: Open Bash in CloudShell (2)

When you do this it will make a Microsoft Azure Device Login first to Connect to your Azure Subscription like this :

Type the code which is in VSC here

Azure will see that you connect with Visual Studio Code.
Click on Continue.

Login with your Azure Account of your Subscription.

The Connection with VSC and Azure is made.

Now when you choose Azure: Bash in CloudShell again it will show the Azure Cloud Shell in your VSC.

Your are Online with Azure Cloud Shell.

Just Awesome 😉
Cheers James

Leave a comment

#Microsoft Secure #DevOps Kit of #Azure to Secure your Cloud #Security


The “Secure DevOps Kit for Azure” (will be referred to as ‘AzSDK’ henceforth) is a collection of scripts, tools, extensions, automations, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams using extensive automation and smoothly integrating security into native dev ops workflows helping accomplish secure dev ops with these 6 focus areas:
1. Secure the subscription: A secure cloud subscription provides a core foundation upon which subsequent development and deployment activities can be conducted. An engineering team should have the capabilities to deploy and configure security in the subscription including elements such as alerts, ARM policies, RBAC, Security Center policies, JEA, Resource Locks, etc. Likewise, it should be possible to check that all settings are in conformance to a secure baseline.
2. Enable secure development: During the coding and early development stages, developers should have the ability to write secure code and to test the secure configuration of their cloud applications. Just like build verification tests (BVTs), we introduce the concept of security verification tests (SVTs) which can check for security of various resource types in Azure.
3. Integrate security into CICD: Test automation is a core tenet of devops. We emphasize this by providing the ability to run SVTs as part of the VSTS CICD pipeline. These SVTs can be used to ensure that the target subscription used to deploy a cloud application and the Azure resources the application is built upon are all setup in a secure manner.
4. Continuous Assurance: In the constantly changing dev ops environment, it is important to move away from the mindset of security being a milestone. We have to treat security as a continuously varying state of a system. This is made possible through capabilities that enable continuous assurance using a combination of automation runbooks, schedules, etc.
5. Alerting & Monitoring: Visibility of security status is important for individual application teams and also for central enterprise teams. We provide solutions that cater to the needs of both. Moreover, the solution spans across all stages of dev ops in effect bridging the gap between the dev team and the ops team from a security standpoint through the single, integrated views it generates.
6. Cloud Risk Governance: Lastly, underlying all activities in the kit is a telemetry framework that generates events capturing usage, adoption, evaluation results, etc. This allows us to make measured improvements to security targeting areas of high risk and maximum usage before others.

The Secure DevOps kit for Azure is here on Github

Provision Security in Subscription

·       Subscription Health Scan

·       Subscription Security Provisioning

·       Subscription AccessControl Provisioning

·       Subscription Activity Alerts

·       Azure Security Center (ASC) configuration

·       Subscription Security – ARM Policy

·       Update subscription security baseline configuration

More information on each item can be found here on Github

Develop Security, Spot Check security via Scripts

• Security Verification Tests (SVT)

Express Route-connected Virtual Networks (ER-vNet)

More information on these items on Github

Deploy securely from VSO Build/Release Pipeline

  • Security Verification Tests (SVTs) in VSTS pipeline
  • Security Verification Tests (SVTs) in Jenkins pipeline (Preview)

The AzSDK contains Security Verification Tests (SVTs) for multiple PaaS and IaaS services of the Azure platform. As we have seen so far, these SVTs can be manually run against one or more target resources held in resource groups or tagged via a {tagName, tagValue} pair. While it is invaluable to run these SVTs periodically from a PS console (to ensure that the subscription and the different resources that comprise your application are in a secure state), a key aspect of dev ops is to be able to automate such tests and integrate them as part of the dev ops workflows and release pipelines. In other words, while checking that SVTs pass in an ad hoc manner is a good practice, it is important to be able to also ensure that security control configuration remains intact in higher environments.
The CICD extensions feature of AzSDK makes automated security configuration enforcement possible by making SVTs available as a Visual Studio Extension in the Marketplace so that engineering teams can run them within build/release pipeline. Once the build/release task is configured, SVTs run against a target deployment in an Azure subscription. Upon completion, SVTs will report the pass/fail status for controls along with aggregate control results. Hereafter, all the different ‘out-of-box’ build/release workflow options from the CICD engine (e.g., VSTS) can be used as ‘next steps’ based on the outcomes of SVTs. (For instance, one can decide whether to fail the release outright or to continue despite failures while sending an email to the build/release owners or to hold progress until someone manually approves, etc. Furthermore, if all SVTs pass in the pre-prod environment, then a release can be ‘promoted’ to prod.)
Outcomes of the SVT execution can also be routed to an OMS workspace configured to receive various events generated by the AzSDK.

More information on Build / Release Pipeline

Periodically scan in production to watch for Drift

Baseline Continuous Assurance

• Overview
• Setting up Continuous Assurance – Step by Step
• Continuous Assurance – how it works (under the covers)
• Update existing Continuous Assurance Automation Account
• Remove Continuous Assurance Automation Account
• Fetch details of an existing Continuous Assurance Automation Account
• Continuous Assurance through central scanning mode (Preview) – Step by Step

More information on Baseline Continuous Assurance here on Github

Single Security Dashboard across DevOps Stages

OMS Solution for AzSDK

  • Overview
  • Components of the AzSDK OMS Solution
  • Setting up the AzSDK OMS Solution (Step by Step)
  • Next Steps
  • Appendix
  • Creating an OMS workspace
  • Testing OMS connectivity
  • Routing AzSDK events to OMS
  • Leveraging other OMS Solutions from the Solutions Gallery

The Alerting & Monitoring features of AzSDK empower dev ops teams with the following capabilities:
a single pane of glass view of cloud security across dev ops stages
visibility to control status for their Azure subscription and critical enterprise/application resources
pre-configured search queries for creating alerts to facilitate action on security drift
Out of the box, these capabilities can be leveraged via the Operations Management Suite (OMS) solution in AzSDK.
However, a dev ops team can equally easily leverage a different system for log analytics (e.g., Splunk) and view the AzSDK control evaluation events in the alternate system. This can be accomplished by using via connectors for Event Hubs or Webhooks in the AzSDK.

More information on Security Monitoring with a Single Dashboard here on Github

Make Data-driven Improvements to Security

Overview Security Telemetry

  • Control Telemetry
  • Organization Level Setup
  •  Local Control Telemetry
  •  Understanding Data in App Insights
  • App Insights Visualization
  •  Usage Telemetry
  • Enable/Disable Usage Telemetry
  • FAQs

The Secure DevOps Kit generates telemetry events from all stages of dev ops. That is, events are generated when an engineer runs a scan ad hoc or when SVTs are run in CICD or subscriptions are scanned via Continuous Assurance (CA). The telemetry can be collected and aggregated across an organization. When combined with other organization metadata (e.g., a mapping of subscriptions to applications or service lines or business groups), this can yield a powerful platform for supporting a data-driven approach cloud risk governance and allow organizations to drive measured and targeted security improvement initiatives in a continuous and incremental fashion (just like the rest of dev ops). The telemetry data from AzSDK can be leveraged in two key ways:
Application Insights based – called Control Telemetry (will be renamed to Org Telemetry soon). There are two ways possible. One, configure it centrally, two, configure it specifically in end-user’s machine
API based – this is a custom solution using WebAPI and SQL to collect events and enrich it with organizational metadata. This lets an organization track and drive adoption and usage of the AzSDK and provides a window into the org’s DevSecOps Maturity. API based telemetry will be release in coming months when we release documents for how organization can customize AzSDK for their needs

More on Security Telemetry you find here on GitHub

Fetch information about various AzSDK components

  • Overview
  • Subscription information
  • Control information
  • Attestation information
  • Host information

This command provides overall information about the AzSDK which includes subscription information (alert/policies/ASC/CA version etc.), security controls information (severity, description, rationale etc.), attestation information (statistics, attestation justification, expiry etc.), host information (AzSDK settings/configuration, AzureRM Context etc.). ‘Get-AzSDKInfo’ command can be used with ‘InfoType’ parameter to fetch information.

More information about Get-AzSDKInfo on Github

Start with Microsoft Azure ARM Templates

Use Microsoft Visual Studio Code to work with JSON ARM Templates and Azure subscription


Hope these Microsoft DevOps Azure Security SDK resources are helpful for your organization.



Cheers James.