Training
Certification
Microsoft Certified: Azure Virtual Desktop Specialty - Certifications
Plan, deliver, manage, and monitor virtual desktop experiences and remote apps on Microsoft Azure for any device.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Important
Azure Stack HCI is now part of Azure Local. Learn more.
This article lists the various features and improvements that are available in Azure Local. The latest version of Azure Local solution focuses on cloud-based deployment and updates, cloud-based monitoring, new and simplified experience for Arc VM management, security, and more.
This is a baseline release with the following features and improvements:
For more information on improvements in this release, see the Fixed issues in 2411.3.
This is a baseline release with the following features and improvements:
Arc VMs - Here are the improvements made to Arc VMs in this release:
4-node switchless support documentation - Documentation for 4-node switchless is now available. For more information, see 4-node switchless support.
For more information on improvements in this release, see the Fixed issues in 2411.2.
This is a baseline release with the following features and improvements:
Arc VMs - Starting this release, the deletion for attached resources (network interface, disk) is blocked while the associated Arc VM is in creation. For more information, see Delete a network interface and Delete a data disk.
Updates - In this release, an update precheck is added to ensure that the solution extension content is copied correctly.
4-node switchless support - Starting this release, 4-node switchless is supported for Azure Local.
For more information on improvements in this release, see the Fixed issues in 2411.1.
This is a baseline release with the following features and improvements:
Renaming of Azure Stack HCI to Azure Local - Azure Stack HCI is now a part of Azure Local. Microsoft has renamed Azure Stack HCI to Azure Local to communicate a single brand that unifies the entire distributed infrastructure portfolio.
For more information, see Renaming Azure Stack HCI to Azure Local.
Azure Local for Small Form Factor (Preview)- Beginning this release, Azure Local supports a new class of small devices with reduced hardware requirements. These low cost devices are suitable for edge scenarios across the industry horizontals. The devices must meet the Windows Server certification requirements and relaxed requirements from Software Defined Data Center (SDDC) and Windows Server Software-Defined (WSSD) program.
For more information about this Preview feature, see System requirements for Azure Local for small form factor (Preview).
Azure Local for disconnected operations (Preview) - Azure Local is now available for disconnected operations. Disconnected operations for Azure Local enable the deployment and management of Azure Local instances without a connection to the Azure public cloud.
This feature allows you to build, deploy, and manage virtual machines (VMs) and containerized applications using select Azure Arc-enabled services from a local control plane, providing a familiar Azure portal and CLI experience.
For more information about this Preview feature, see Azure Local for Disconnected Operations (Preview).
Deploy Azure Local with Local Identity (Preview) - Starting this release, you can deploy Azure Local using Local identity with Azure Key Vault. By integrating with Key Vault and using certificate-based authentication, security posture is enhanced and operations continuity is ensured. This approach offers minimal edge infrastructure, a secure secret store, and simplified management by consolidating secrets in a single vault. Additionally, it streamlines deployment by eliminating dependencies on Active Directory systems and simplifying firewall configurations.
For more information about this Preview feature, see Deploy Azure Local with Local Identity and Azure Key Vault (Preview).
Arc VM changes: The following changes were made to Arc VM management:
Terraform templates for Arc VM - Starting this release, you can create logical networks and Arc VMs using Terraform templates.
For more information, see Template to create logical networks and Template to create Arc VMs.
Add network interface on static logical network - After the Arc VMs are provisioned, you can now add a network interface on a static logical network. To add this network interface, you're required to configure the desired static IP from within the VM.
For more information, see Add a network interface on your Azure Local.
Download data disks - Beginning this release, you can download an Azure managed disk from Azure to your Azure Local instance. You use this disk to create an Arc virtual machine (VM) image or attach the image to your VMs as needed.
For more information, see Download data disks from Azure to Azure Local.
Security improvements - Starting this release, the security posture of Azure Local is enhanced with the following improvements:
Security posture following Azure Stack HCI, version 22H2 to Azure Local upgrade - Warnings and guardrails were added in the upgrade flow. Documentation was also updated to reflect the security posture of Azure Local after upgrading from version 22H2.
For more information, see Manage security after upgrading Azure Local from version 22H2.
Improved security baseline compliance - Starting this release, the security settings on the Azure Local nodes are compared against the security baseline with full accuracy. On the right secured-core hardware, you achieve a 99% compliance score, which you can view in the Azure portal.
For more information, see View security baseline compliance in the Azure portal.
Error-Correcting Code (ECC) memory requirements - Beginning this release, the ECC memory requirements are enforced. If you can't meet the memory and ECC requirements, you can opt for a virtual deployment.
For more information, see System requirements for Azure Local.
AKS on Azure Local - This release has several new features and enhancements for AKS on Azure Local. For more information, see What's new in AKS on Azure Local.
This is a baseline release with the following features and improvements:
Arc VM management improvements: Starting this release, following improvements were made to the Arc VM management experience:
This is a baseline release with the following features and improvements:
This is a baseline release with the following features and improvements:
This release introduces the ability to upgrade your Azure Stack HCI from version 22H2 to Azure Local. The upgrade process is supported for clusters running version 22H2 with the latest updates and is a two-step process. While the OS upgrade is generally available, the solution upgrade has a phased rollout.
For more information, see Upgrade Azure Local from version 22H2.
This release contains the following changes for updates:
This release contains the following changes for Arc VM management:
az stack-hci-vm create
command.For more information, see the Fixed issues list in 2408.
This release contains the following changes for SBE:
This is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
This is primarily a bug fix release with a few improvements.
Arc VM management improvements: Starting this release, following improvements were made to the Arc VM management experience:
stack-hci-vm
Azure CLI installation. The URL has changed from: https://hciarcvmsstorage.blob.core.windows.net/cli-extension/stack_hci_vm-{version}-py3-none-any.whl
to: https://hciarcvmsstorage.z13.web.core.windows.net/cli-extensions/stack_hci_vm-{version}-py3-none-any.whl
. For more information, see Azure Local firewall requirements.Update health checks: Starting this release, a new health check was added and the update service was improved. Additionally, the update service now supports the ability to view or start new updates when the service crashes on machines. Also, multiple issues for health checks related to Azure Update Manager and Solution Builder Extension Update were fixed.
For more information, see Fixed issues in 2405.2.
Azure Stack HCI OEM license: Starting this release, we are introducing the Azure Stack HCI OEM license designed for Azure Local hardware including the Azure Local Premier Solutions, Integrated systems, and Validated Nodes. This license remains valid for the lifetime of the hardware, covers up to 16 cores, and includes three essential services for your cloud infrastructure.
For more information, see Azure Stack HCI OEM license overview and Azure Stack HCI OEM license and billing FAQ.
This is primarily a bug fix release with a few improvements.
For more information on bug fixes, see the Fixed issues list.
Here are the features and improvements in this release.
Active Directory integration - In this release, an issue related to the use of a large Active Directory that results in timeouts when adding users to the local administrator group, is fixed.
New Azure Resource Manager (ARM) template - This release has a new ARM template for deployment that simplifies the resource creation dependencies. The new template creation also includes multiple fixes around the missing mandatory fields.
Secret rotation improvements - In this release, improvements were made to the secret rotation flow.
Set-AzureStackLCMUserPassword
now supports a new parameter to skip the confirmation message. This parameter is useful when automating secret rotation. Solution Builder Extension (SBE) improvements include:
Add server and Repair server fixes include:
Reliability enhancements include:
This release contains a fix for a deployment issue that is encountered when setting the diagnostic level in Azure and the device.
For more information, see the Fixed issues list in 2405.
This release contains the following changes for updates:
Starting this release, an adjusted naming schema is introduced for updates. This schema allows for the identification of feature versus cumulative updates.
This release contains reliability improvements:
This release has bug fixes for various issues including:
For more information, see the Fixed issues list in in 2405.
In this release, changes to the environment checker include several new checks:
This release contains the following improvements to observability:
Test-observability
feature validates whether the telemetry and diagnostic data can be successfully sent to Microsoft.Here are the changes related to the Azure portal, extensions, and resource providers:
This release includes the following updates to the security documentation:
For a list of the changes and improvements in AKS on Azure Local, see What's new in AKS on Azure Local?.
This is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
This is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
This is primarily a bug fix release with a few enhancements. See the Fixed issues list to understand the bug fixes. Here's the list of enhancements:
This is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
This section lists the new features and improvements in the 2402 release of Azure Local.
This release introduces a new Azure built-in role called Azure Resource Bridge Deployment Role, to harden the security posture for Azure Local. If you provisioned a cluster before January 2024, then you must assign the Azure Resource Bridge Deployment User role to the Arc Resource Bridge principal.
The role applies the concept of least amount of privilege and must be assigned to the service principal: clustername.arb before you update the cluster.
To take advantage of the constraint permissions, remove the permissions that were applied before. Follow the steps to Assign an Azure RBAC role via the portal. Search for and assign the Azure Resource Bridge Deployment role to the member: <deployment-cluster-name>-cl.arb
.
An update health check is also included in this release that confirms that the new role is assigned before you apply the update.
Beginning this release, the Active Directory preparation process is simplified. You can use your own existing process to create an Organizational Unit (OU), a user account with appropriate permissions, and with Group policy inheritance blocked for the Group Policy Object (GPO). You can also use the Microsoft provided script to create the OU. For more information, see Prepare Active Directory.
Azure Local solution is now supported in Australia. For more information, see Azure Local supported regions.
We're also releasing new documentation that provides guidance on network considerations for the cloud deployment of Azure Local. For more information, see Network considerations for Azure Local.
This release includes the following updates to the security documentation:
This is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
This is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
A new Azure built-in role called Azure Resource Bridge Deployment Role is available to harden the security posture for Azure Local. If you provisioned a cluster before January 2024, then you must assign the Azure Resource Bridge Deployment User role to the Arc Resource Bridge service principal.
The role applies the concept of the least amount of privilege and must be assigned to the Azure resource bridge service principal, clustername.arb
, before you update the cluster.
You must remove the previously assigned permissions to take advantage of the constraint permission. Follow the steps to Assign an Azure RBAC role via the portal. Search for and assign the Azure Resource Bridge Deployment role to the member: <deployment-cluster-name>-cl.arb
.
Additionally, this release includes an update health check that confirms the assignment of the new role before applying the update.
This section lists the new features and improvements in the 2311.2 General Availability (GA) release for Azure Local.
Important
The production workloads are only supported on the Azure Local systems running the generally available 2311.2 release. To run the GA version, start with a new 2311 deployment and then update to 2311.2.
In this generally available release of the Azure Local, all the features that were available with the 2311 preview releases are also now generally available. In addition, the following improvements and enhancements are available:
With this release:
For more information, see Deploy via Azure portal.
In this release:
You can now migrate Hyper-V VMs to Azure Local using Azure Migrate. This feature is currently in Preview. For more information, see Migration of Hyper-V VMs using Azure Migrate to Azure Local (preview).
In the Azure portal, you can now monitor platform metrics of your cluster by navigating to the Monitoring tab on your cluster's Overview page. This tab offers a quick way to view graphs for different platform metrics. You can select any graph to open it in Metrics Explorer for a more in-depth analysis. For more information, see Monitor Azure Local through the Monitoring tab.
You can now use Microsoft Defender for Cloud to help improve the security posture of your Azure Local environment and protect against existing and evolving threats. This feature is currently in Preview. For more information, see Microsoft Defender on Cloud for Azure Local (Preview).
Starting with this release, the following workloads are generally available on Azure Local:
Azure Kubernetes Service (AKS) on Azure Local. For more information, see Create Kubernetes clusters.
In addition, AKS on HCI has a new CLI extension and Azure portal experience, Support for logical networks, Support for taints and labels, Support for upgrade via Azure CLI, Support for Nvidia A2 and more. For details, see What's new in AKS on Azure Local?.
Azure Virtual Desktops (AVD) on Azure Local. For more information, see Deploy AVD on Azure Local.
This section lists the new features and improvements in the 2311 release of Azure Local. Additionally, this section includes features and improvements that were originally released for 2310 starting with cloud-based deployment.
For machines running Azure Local, release 2311.2, you can perform new deployments via the cloud. You can deploy an Azure Local instance in one of the two ways - via the Azure portal or via an Azure Resource Manager deployment template.
For more information, see Deploy Azure Local instance using the Azure portal and Deploy Azure Local via the Azure Resource Manager deployment template.
This new release has the infrastructure to consolidate all the relevant updates for the OS, software agents, Azure Arc infrastructure, and OEM drivers and firmware into a unified monthly update package. This comprehensive update package is identified and applied from the cloud through the Azure Update Manager tool. Alternatively, you can apply the updates using the PowerShell.
For more information, see Update your Azure Local instance via the Azure Update Manager and Update your Azure Local via the PowerShell.
This release integrates the Azure Monitor alerts with Azure Local so that any health alerts generated within your on-premises Azure Local system are automatically forwarded to Azure Monitor alerts. You can link these alerts with your automated incident management systems, ensuring timely and efficient response.
For more information, see Respond to Azure Local health alerts using Azure Monitor alerts.
This release also integrates the Azure Monitor metrics with Azure Local so that you can monitor the health of your Azure Local system via the metrics collected for compute, storage, and network resources. This integration enables you to store cluster data in a dedicated time-series database that you can use to analyze data from your Azure Local system.
For more information, see Monitor Azure Local with Azure Monitor metrics.
With Insights for Azure Local, you can now monitor and analyze performance, savings, and usage insights about key Azure Local features, such as ReFS deduplication and compression. To use these enhanced monitoring capabilities, ensure that your cluster is deployed, registered, and connected to Azure, and enrolled in monitoring. For more information, see Monitor Azure Local features with Insights.
Beginning this release, the following Azure Arc VM management capabilities are available:
Starting with this release, you can run Azure Kubernetes Service (AKS) workloads on your Azure Local system. AKS on Azure Local uses Azure Arc to create new Kubernetes clusters on Azure Local directly from Azure. For more information, see What's new in AKS on Azure Local?.
The following Kubernetes cluster deployment and management capabilities are available:
The new installations with this release of Azure Local start with a secure-by-default strategy. The new version #has a tailored security baseline coupled with a security drift control mechanism and a set of well-known security features enabled by default. This release provides:
This release supports configuring a web proxy for your Azure Local system. You perform this optional configuration if your network uses a proxy server for internet access. For more information, see Configure web proxy for Azure Local.
In this release, the Group Managed Service Accounts (gMSA) created during the Active Directory preparation are removed. For more information, see Prepare Active Directory.
In this release, you can add and remove machines, or repair machines from your Azure Local system via the PowerShell.
For more information, see Add server and Repair server.
This release introduces the Resilient File System (ReFS) deduplication and compression feature designed specifically for active workloads, such as Azure Virtual Desktop (AVD) on Azure Local. Enable this feature using Windows Admin Center or PowerShell to optimize storage usage and reduce cost.
For more information, see Optimize storage with ReFS deduplication and compression in Azure Local.
Training
Certification
Microsoft Certified: Azure Virtual Desktop Specialty - Certifications
Plan, deliver, manage, and monitor virtual desktop experiences and remote apps on Microsoft Azure for any device.