Can I deploy Enterprise Scale Landing Zone with BICEP?
Can I deploy Enterprise Scale Landing Zone with BICEP?
Azure AD B2C token enriching preview status for user flows
For Azure AD B2C, how long is the ability to enrich tokens with external claims using the api connector in user flows expected to be in preview? This will help make a decision about whether to use this functionality. The current documentation shows…
Best Practice Guidance-App Consent
-Best Practice Guidance on App Consent Policies including: Which base permission levels are considered generally ‘safe’ to allow How to safely implement more restrictive policies in an existing environment (particularly with regards to…
Regarding azure monitor dashboards
I want to setup a dashboard in azure monitor such that there is one object per VM and the object will go green / red upon the monitored parameters of CPU, Memory, Disk, network, up/down How do i monitor windows services in azure monitor
Security Center's "Regulatory Compliance Control Checks" and best practices for resolution
We are looking to pass all of the automated compliance checks performed by Azure Defender / Security Center (e.g. ISO 27001). It would be great to get guidance on the following: For the "greyed out"/disabled control-checks, is it possible…
Operating Azure Bastion
Bastion Best practice guidance on below: How to log usage & security How to manage Global admin application The security recommendation is to limit Global Administrators, however there is a lot of functionality where the only option…
Standard patterns for delegating prescriptive subscription access
Looking for standard patterns for us as a central CCoE to provide a subscription to a customer that they control %99.9 of, but where we set some basic standards/foundations in the subscription they can’t change around: • Network structure …
Best Practice Guidance on PIM
-Walk Through on PIM -Is there an option for self-approval workflows?
Cost differences between Classic and V2 blob storage
Hi there, We have some old blob storage accounts on the Classic plan. Migrating to the V2 plan looks appealing, but we want to know more about the pricing differences before making the switch. Here's some background on our blob usage: we have…
best practices on dealing with Cosmos Partition Keys
Regenerate primary read-write keys (docs: https://learn.microsoft.com/en-us/azure/cosmos-db/secure-access-to-data?tabs=using-primary-key) how to rotate primary keys:…
Consoldiation of VNet Approaches between PaaS services
There seems to be a range of approaches used to connect PaaS services together. These are often build with the specific PaaS product and so usage can vary. Is there a trend to bring these together so that they look / operate the same?
Start using the Azure Monitor agent instead of the Log Analytics agent before 31 August 2024
Since we use Azure Sentinel and it relies upon aggregating data into a Log Analytics workspace, what will the impact be upon Sentinel (if any) when the Log Analytics agent is retired?
SharePointOnline connector in Azure Synapse unable to connect to SharePoint Projects Online site
Issues connecting to SharePoint Project Online from Azure Synapse. We created a Service Principal as per https://learn.microsoft.com/en-us/azure/data-factory/connector-sharepoint-online-list . Manage to view list items under the PWA…
Azure SQL Always on Availability groups replicate one database from secondary to primary
Are we able to use Azure SQL Always on Availability groups to manage the replication between two Azure SQL Managed Instances (one and two) so that one of our databases is "primary" or read/writable on Azure SQL Managed Instance two with a…
SNAT ports and message routing options
We use several Azure services (App Services, MySql, Azure Storage, Redis) all in the same data centre. Currently we are getting SNAT port exhaustion. We understand the reasons (lack of connection pooling, 4 minute port quarantine). However, we have…