Background Many customers have gone down the route of developing, publishing and sharing internally developed Azure IaC modules within the organization. The modules can be written in Bicep, or Terraform or other IaC languages.| Managing Cloud and Datacenter by Tao Yang
My thoughts on various Microsoft technologies| Managing Cloud and Datacenter by Tao Yang
Azure Private Link allows you to access Azure PaaS services over a private endpoint in in your virtual network. To make your Azure PaaS resources accessible via Private links, you will need to:| Managing Cloud and Datacenter by Tao Yang
I have updated the AzPolicyTest PowerShell module (GitHub, PowerShell Gallery) to v2.8.0. This release includes the following updates:| Managing Cloud and Datacenter by Tao Yang
Once a SQL Managed Instance (SQL MI) is created, you can connect to the managed instance using SQL Server Management Studio (SSMS). There are 2 ways a database can be created on the SQL MI instance:| Managing Cloud and Datacenter by Tao Yang
A common question about Azure Policy I frequently get asked during customer engagements is how can a user find out what restrictions are applied for a given resource in their landing zones.| Managing Cloud and Datacenter by Tao Yang
Introduction| Managing Cloud and Datacenter by Tao Yang
I hope I am not the only one who’s struggling with git commands and parsing the results in PowerShell scripts.| Managing Cloud and Datacenter by Tao Yang
I have previously blogged Using Azure Policy to create DNS records for Private Endpoints.. The problem with these policies are they are largely the same. If you create individual policy definitions for each Azure service that supports Private Endpoints, you will end up with a lot of policy definitions that are almost identical.| Managing Cloud and Datacenter by Tao Yang
I have 3 Mac computers running on the latest version of MacOS, and PowerShell is installed on all of them using Homebrew:| Managing Cloud and Datacenter by Tao Yang
I am currently working on implementing some monitoring solutions in a customer’s Azure environment. I only realised yesterday that Azure does not offer any built-in Azure Policy definitions for managing Azure Monitor Action Groups.| Managing Cloud and Datacenter by Tao Yang
When we deploy Azure Enterprise Scale Landing Zones, We often advise our customers to use a centralised Log Analytics workspace for all their Azure resources and configure the workspace to use the Resource-context Access Mode. With this pattern, normally the cloud administrators and security teams would have been granted access on the Log Analytics workspace level. The application teams who consume the Azure resources do not need to be granted any roles to the Log Analytics workspace.| Managing Cloud and Datacenter by Tao Yang
Transport Layer Security (TLS) version 1.3 has been supported by Azure Storage Accounts since January 2024. The ARM API for storage account now accepts TLS1_3 as a valid value for the minimumTlsVersion property of the storage account.| Managing Cloud and Datacenter by Tao Yang