Microsoft Cloud Blog
by Microsoft MVP Jeremy Wallace & Sean ChristopherLatest Post
Azure Policy: Automated Cloud Guardrails
One of the key aspects of a well-architected cloud environment is strong governance – ensuring that the deployment and configuration of resources meet your organization’s standards for security, compliance, and cost management. In an on-prem world, this was often...
Mastering Cloud Security with Microsoft Defender for Cloud
In any cloud architecture, security is of highest importance– it’s one of the five pillars of the Azure Well-Architected Framework for good reason. Microsoft Defender for Cloud is an Azure-native tool that tackles cloud security from two critical angles: preventive...
Azure Chaos Studio — Engineer Reliability on Purpose
Azure Chaos Studio: Turning Reliability from Assumption into Evidence Why chaos, and why now?In the Azure Well-Architected Framework, Reliability means your workload meets its commitments despite faults. Azure Chaos Studio lets you run safe, controlled experiments...
Unified Management with Azure Arc for Hybrid Cloud
Modern IT environments are rarely homogenous. Most organizations run a mix of on-premises servers, maybe some resources in AWS or Google Cloud, and cloud-native services in Azure. Managing this sprawl can be complex: different tools for different environments,...
Accelerating Performance with Global Distribution (Performance Efficiency)
Performance isn’t just about what code you write – it’s also where you run that code relative to your users. If most of your customers are in Asia but your app is in an East US datacenter, they will experience higher latency no matter how optimized your code is. On...
Mastering Cost Management and Budgets in Azure (Cost Optimization)
One of the key pillars of a well-architected framework is Cost Optimization – ensuring you’re getting optimal value for every dollar spent in the cloud. Today (Day 3) we dive into Azure Cost Management and Budgets, the toolkit that helps you gain visibility into your...
Implementing Zero Trust Architecture in Azure (Security)
In traditional IT, we often relied on a secure perimeter – the “corporate network” was trusted, and everything outside was not. Zero Trust architecture flips that model on its head. With Zero Trust, we presume that an attacker could be anywhere, even inside our...
Designing a Multi-Region Active-Active Architecture (Reliability)
Introduction In today’s always-on world, downtime isn’t tolerated. Users expect apps to be there, responsive, and consistent—no matter what’s happening behind the scenes. That’s why active-active multi-region design is one of the strongest reliability patterns in...
Operational Excellence in Azure: Keeping the Cloud Running Smoothly
Building in the cloud is one thing. Running it every day? That’s where the real work starts. Operational Excellence in the Azure Well-Architected Framework is all about keeping workloads healthy, automated, and observable. In other words: less firefighting, more...
Securing Azure Virtual Desktop with Gen2 VMs, Trusted Launch, and CIS-Hardened Windows 11
Built-in Security Mechanisms in Azure Virtual Desktop (AVD) Azure Virtual Desktop (AVD) is a cloud-managed VDI service designed with numerous built-in security features. Network security is integrated into the architecture: AVD uses a Reverse Connect transport,...
Solving API Connectivity Issues in Azure Synapse with Managed Virtual Networks and Data Exfiltration Protection
When working with Azure Synapse Analytics, connectivity issues can arise when trying to interact with external APIs, particularly if your workspace is configured with Managed Virtual Networks and Data Exfiltration Protection. Recently, our team faced a challenge...
Resolving Sign-in Issues on Entra ID-Joined Azure VMs When MFA is Enabled
You can use Entra ID to login to Azure VMs without having to setup Entra Domain Services or AD join the VM, however you may encounter the error "The Sign-in method you're trying to use isn't allowed. Try a different sign-in method or contact your system...
Link a SQL Server Database to Azure Synapse Workspace
PREREQUISITE: The first thing you should do is navigate to your synapse workspace within the azure portal and check your private endpoints. You need a private endpoint in either the same virtual network that your SQL Server VM is (if the vm is in azure) or a VNet that...
Active Directory vs Microsoft Entra ID
I have often been asked over the years how Active Directory differs from "Azure AD", luckily one of the benefits of Microsoft's name change of Azure AD to Microsoft Entra ID is that people seem to grasp a little easier that these products are not identical but rather...
Azure Backup – Does deleting a disk from a VM effect what can be restored?
Recently I was asked the following question about an example scenario: I have a backup of a VM from Nov 1. At that point in time the VM had 4 attached disks If I delete one of those disks today…then restore the VM from the Nov 1 backup…. Will it have all 4 disks again...
Your First Steps in Azure: Planning for the Future
When embarking on your journey with Microsoft Azure, it's tempting to dive right in and start building without delay. With Azure's versatile platform, this is entirely possible. However, jumping in without prior planning can hinder your growth and satisfaction with...
How to Apply an Azure Policy
When managing an Azure tenant, ensuring compliance and maintaining standards is crucial. One effective way to do this is by leveraging Azure policies. In this guide, we're going to walk you through the process of applying an Azure policy, specifically one that...
5 Azure Policies You Should Be Using
Azure policies play a crucial role in governing resources, enabling organizations to enforce standards and assess compliance at scale. Here, we explore five essential Azure policies that can bolster your cloud strategy. 1. Require Tags Tags are critical for resource...
Step-by-Step Tutorial: In-Place Upgrade of a Windows Server Azure VM
Do you have some old Windows Server Azure VMs that need an upgrade to a newer OS? Good news! You can perform this upgrade directly in Azure. In this tutorial, we’ll guide you through the process of performing an in-place upgrade for VMs running Windows Server in...
Entra Hybrid Join process
Introduction to Entra Hybrid Join The Entra Hybrid Join process is essential for organizations that use both on-premises Active Directory (AD) and Azure Active Directory (Azure AD). This process allows devices to be recognized and managed across both environments,...