Recent Discussions
End-to-End Confidence in the Cloud A Walkthrough of Azure Playwright Testing (Preview)
If you’ve been using Playwright for your end-to-end testing, you know how powerful it is for browser automation. But running large test suites locally or in CI can be slow, flaky, and resource-hungry. That’s where Azure Playwright Testing (Preview) — also called Microsoft Playwright Testing — comes in. This walkthrough will show you how to go from a plain Playwright project to running tests at scale in the Azure cloud, complete with reporting, debugging, and parallel execution. https://dellenny.com/end-to-end-confidence-in-the-cloud-a-walkthrough-of-azure-playwright-testing-preview/
Azure automation feature, improvements and bugs
This is by no means meant as critic as i love the Azure Automation Account product and its current features but these are thing that i would love to see as an offering/fixed for the future. Source Control (I can only speak for Github as that is what i use): Bugs: Tags being overwritten / removed by source controll both on full sync but also on incremential syncs (Already reported in case #2508010040002105) Features: Runbooks in source control is not being deleted in automation account when they have been deleted in source control. Support for diffrent sync types other than PowerShell 5.1 (Personally we will not consider upgrading to a newer version before there is source control implemented) Support for syncing the full repository instead of only a specific folder. So recursive source control for easier organisation in repositories I know we can setup multiple source control in azure automation but that seems a bit redundant and more maintance as the source control integration expires after 1 year does not matter if your PAT token is set to never expires Add support for syncing synopsis / description for at least PowerShell scripts so it grabs it directly from the given script and inputs it into the description field. Just the output of get-help .\ScriptName.ps1 Logging: Bugs: From time to time we see that logs is being displayed twice after each other so lets say you get the first result of logs. For this example lets say the first 10 entries in the All log page and scroll down further then the same 10 entries are repeated again and again and again this can also be seen by the time stamp of the log entry. (No new network requests for logs is being made so i believe this might be a bug in a javascript without being 100% certain) The most often time we see this bug is when a runbook is still running so it might be the log output stream that messes this up. And just to provide a picture for refrence without exposing anything sensitive the bug can be seen based on timestamps here: PowerShell 7 and above log outputs seems to contain some non escaped ASCI characters which makes the logs harder to read and also makes a log object being split into multiple log entries in Azure automation Log outputs Seems to have been fixed since i last tested Features: Searching for a specific job id in the general job list. Currently there is a work arround by going into a specific runbook - go to jobs - Press "Find job" and then you can lookup a jobid globally but the UI is not being updated correctly as displayed here: Would love to see a button here or be able to search for a jobid Formatting log outputs so you can do multi line output in a single log output entry E.G. "Write-output "New´r´nLine" So the output entry contains multiple lines for easier human readable log outputs Runbook page: Bugs: Searching for runbook names seems a bit buggy as far as i have seen there is 3 diffrent results for the end user Base image intialy looking at all runbooks One option is that it is not able to find a runbook with that name I have not been able to replicate it to get a picture of it. Another is that it displays a list of runbooks none of which matches what you searched for Third is that when you have searched for something and remove your search it does not return the original view Features: Ability to go to a previous job and re-run it/restart it with the same parameters. Think a bit like the way you can restart a github action run Scheduling: Features: More of a feature request but adding the schedule for a runbook directly in the code is awesome. (This is something we currently do by adding a parameter that contains the scheduling information then we have a runbook going over all our runbooks every hour and looking for this parameter and then constructing a schedule if it does not exist and links the runbook to the schedule and finally we also add a tag mentioning If the schedule name is enabled or not (*back to the issue in source control removing the tag*)) Hybrid workers: Features: I personally would love the ability to pause a hybrid worker in a hybrid worker group - Why? - Well we currently have 4 hybrid workers all running windows and have monthly patch windows and if a job hits a hybrid worker that is in patch then the jobs would go into a suspended state and not be picked up again Now we could remove the hybrid worker from the group but that would also remove the extension which would be reinstalled when added and then we would hit this https://learn.microsoft.com/en-us/azure/automation/troubleshoot/extension-based-hybrid-runbook-worker#scenario-runbooks-go-into-a-suspended-state-on-a-hybrid-runbook-worker-when-using-a-custom-account-on-a-server-with-user-account-control-uac-enabled This is an issue we originally started experiencing when we migrated from agent-based hybrid workers to extension based due to the discontinuation of agent-based. Another great reason is when needing to troubleshoot something on a specific hybrid worker or even when needing to update modules on a specific hybrid worker as this can not be done while the hybrid worker is still running jobs unless you use force or hit a time that it is not running or by manually stopping the service and then again end up with suspended jobs that is not being picked up again. Additional features that i personally would love to see as an offering: A front end for azure automation for end users (Think self-service portal) as some kind of add-on feature allowing a specific group of people to start a given runbook but supplying a more user friendly front end for it while also including some more limitations for end user groupings. I know there is already third party solutions for this and tbh I almost created one my self on my last maternity leave but my company chose not to pursue it further as the statement is we have 1 self service platform being servicenow can be viewed https://github.com/Mynster9361/Self-Service-Frontend-Azure-Automation just to give some inspiration if needed RBAC permissions for individual runbooks (as far as i remember this can already be done through cli) A General overview management blade for managing webhooks and the associated runbooks Currently there is no way to know which runbooks has an active / inactive webhook assigned to them as the only way to see this is by going to a runbook go to the webhooks blade and look if there is one or not. Personally i would love to see a blade on the general overview called "Webhooks" that looks similar to this table maybe: RunbookNameExpirationLast triggeredStatusRunbook1 (Clickable to get directly to the runbook)Custom_name_for_this webhook02/01/2022 16:00 EnabledRunbook2webhook211/11/2026 16:00TodayDisabledRunbook3webhook311/11/2027 16:00TodayEnabled Instead of webhook being a gentleman agreemnet on when you can enable and when you shouldn't enable and naming and such you have 1 general overview of all webhooks which would give value in regards to security and easier management of webhooks The things i see as most critical or highest on my wish list: To list 2 things i would like to see sooner rather than later Source control definitely needs to be updated/revamped so it both supports other languages/versions and also does not remove tags. Another thing that would be nice to have is to force it to follow source control so if i delete something that is in source control it is also deleted in azure automation Hybrid workers in maintenance mode so it completes running jobs and you are able to work on the hybrid worker whether it be bugs or just regular updates.Azure AI Studio / Azure AI Foundry A Powerful Platform for Generative AI
In recent years, generative AI has moved rapidly from research labs to real-world applications. Microsoft’s offering in this space has evolved to meet demand: Azure AI Studio (also known under the broader banner Azure AI Foundry) is Microsoft’s integrated environment for creating, customizing, deploying, and managing AI models, agents, and applications. This blog explores what Azure AI Studio is, why it matters, what features it offers, its advantages and constraints, and how you might leverage it in your own projects. https://dellenny.com/azure-ai-studio-azure-ai-foundry-a-powerful-platform-for-generative-ai/Generative AI in Azure A Practical Guide to Getting Started
Generative AI has quickly become one of the most transformative technologies in the cloud era, enabling businesses to create content, enhance productivity, and unlock entirely new use cases. With Microsoft Azure’s AI services, developers and organizations can harness powerful generative AI capabilities without the need to build everything from scratch. In this blog, we’ll explore what generative AI in Azure looks like, the key services available, and how you can get started using them in your applications. https://dellenny.com/generative-ai-in-azure-a-practical-guide-to-getting-started/Top 7 Azure Services You Didn’t Know You Needed
When most people think of Microsoft Azure, they immediately picture the big players: virtual machines, databases, and storage. But Azure is more than just the backbone of cloud computing—it’s a treasure chest of lesser-known services that can transform the way your business operates. Whether you’re a developer, IT leader, or entrepreneur, these hidden gems can unlock new possibilities, save time, and cut costs. Here are 7 Azure services you didn’t know you needed—until now. https://dellenny.com/top-7-azure-services-you-didnt-know-you-needed/Azure for Beginners How to Launch Your First Cloud Project in 30 Minutes
Cloud computing might sound intimidating if you’re just getting started, but launching your first project on Microsoft Azure can actually be quick and beginner-friendly. Whether you’re a student, a developer testing ideas, or an IT professional exploring the cloud, Azure provides all the tools you need to spin up resources in minutes. In this guide, we’ll walk through the basics and show you how to launch your first cloud project on Azure in about half an hour. https://dellenny.com/azure-for-beginners-how-to-launch-your-first-cloud-project-in-30-minutes/How to Cut Your Azure Bill in Half Without Losing Performance
Cloud services like Microsoft Azure give you the scalability and flexibility to run nearly any workload, but they also come with a downside: costs can spiral quickly if you’re not careful. The good news? With the right strategies, you can reduce your Azure bill by up to 50% without sacrificing performance. Let’s walk through some practical steps you can apply today. https://dellenny.com/how-to-cut-your-azure-bill-in-half-without-losing-performance/Centralized Logging in Azure Proven Observability Patterns for Modern Apps
As modern applications move to distributed and cloud-native architectures, observability becomes critical for ensuring system reliability, diagnosing issues, and improving performance. Among the three pillars of observability—logs, metrics, and traces—logs often form the foundation for troubleshooting. However, in distributed environments, logs are scattered across multiple services, making centralized logging an essential pattern. https://dellenny.com/centralized-logging-in-azure-proven-observability-patterns-for-modern-apps/Riding in Tandem Unlocking the Sidecar Pattern in Azure Microservices
In the world of cloud-native applications, microservices bring agility, scalability, and speed. But with this modular approach comes complexity: logging, monitoring, proxying, and configuration often become tricky. That’s where the Sidecar Pattern steps in — and Azure makes it easier than ever to implement. https://dellenny.com/riding-in-tandem-unlocking-the-sidecar-pattern-in-azure-microservices/
How to use the newly launched MCP Registry
The newly launched Model Context Protocol (MCP) Registry in preview is as an open catalog for publicly available MCP servers. This is key in providing discoverability of MCP servers and standardization of this process. The Registry serves as a source of truth for MCP Servers and has also published a process for adding MCP servers. The MCP Registry also allows to register public and private sub-registries. This is an interesting addition and bears some semblance to DNS in its design. The public sub-registry can be likened to a MCP marketplace for servers while a private sub-registry would be suitable for enterprises with stricter privacy and security requirements. Accessing Data The Registry data can be accessed through the API provided. No authentication is required for read only access. The base URL is https://registry.modelcontextprotocol.io GET /v0/servers - List all servers with pagination GET /v0/servers/{id} - Get full server details including packages and configuration For instance, the following curl query can be used to get the list of servers curl --request GET \ --url https://registry.modelcontextprotocol.io/v0/servers \ --header 'Accept: application/json, application/problem+json' The details on usage is in the github link here Publishing Servers This requires authentication and the client package to be installed After installing the mcp-publisher client, the server.json file has be populated with the MCP server details to be added. Authentication can be done using github or DNS verification. The last step is to publish the server. The github link here has the complete set of steps for adding servers. More details can be found in the link here.Implementing Zero-Trust Network Security for Azure Web Apps Using Private Endpoints
Author: Sai Min Thu, http://www.innomax.space, https://www.youtube.com/@SaiMinThuu, http://www.linkedin.com/in/saiminthuaws Date: 6.9.2025 Lab Objective: To demonstrate how to completely remove public internet access from an Azure App Service Web App and secure it within a private virtual network using Private Endpoints, adhering to a zero-trust network model. In today's threat landscape, the principle of "never trust, always verify" is paramount. While Azure Web Apps are publicly accessible by default, many enterprise scenarios require workloads to be isolated from the public internet to meet strict compliance and security requirements. This guide provides a step-by-step walkthrough of configuring an Azure Web App to be accessible only through a private network connection via an Azure Private Endpoint. We will: Establish a foundational resource group and virtual network. Deploy a basic web application. Implement core security controls by creating a Private Endpoint and integrating with Private DNS. Enforce network isolation by applying access restrictions. Validate the security configuration. Documents Details:http:// https://docs.google.com/document/d/1ci17PsPCILbP8JVZMMLkjAolHK3pomgT-RE76InEkqA/edit?usp=sharingImplementing Zero-Trust Network Security for Azure Web Apps Using Private Endpoints
Author: Sai Min Thu Date: 7.9.2025 Lab Objective: To demonstrate how to completely remove public internet access from an Azure App Service Web App and secure it within a private virtual network using Private Endpoints, adhering to a zero-trust network model. In today's threat landscape, the principle of "never trust, always verify" is paramount. While Azure Web Apps are publicly accessible by default, many enterprise scenarios require workloads to be isolated from the public internet to meet strict compliance and security requirements. This guide provides a step-by-step walkthrough of configuring an Azure Web App to be accessible only through a private network connection via an Azure Private Endpoint. We will: Establish a foundational resource group and virtual network. Deploy a basic web application. Implement core security controls by creating a Private Endpoint and integrating with Private DNS. Enforce network isolation by applying access restrictions. Validate the security configuration. Documents Details: https://docs.google.com/document/d/1ci17PsPCILbP8JVZMMLkjAolHK3pomgT-RE76InEkqA/edit?usp=sharingService Discovery in Azure Dynamically Finding Service Instances
Modern cloud-native applications are built from microservices—independently deployable units that must communicate with each other to form a cohesive system. In dynamic environments like Azure Kubernetes Service (AKS), Azure App Service, or Azure Container Apps, service instances can scale up, scale down, or move across nodes at any time. This creates a challenge: How do services reliably find and talk to each other without hardcoding IP addresses or endpoints? The answer lies in the Service Discovery architecture pattern. https://dellenny.com/service-discovery-in-azure-dynamically-finding-service-instances/Common Security & Governance Blind Spots in Azure Integration
"Hello everyone, I'm starting a discussion to gather insights on a critical topic: security and governance for Azure Integration Services (AIS). As environments grow with dozens of Logic Apps, Functions, APIM instances, etc., it becomes harder to maintain a strong security posture. I’d like to hear from your experience: What are the most common security and governance blind spots people miss when building out their integration platforms on Azure? To get us started, here are a few areas I'm thinking about: Secret Management: Beyond just "use Key Vault," what are the subtle mistakes or challenges teams face? Network Security: How critical is VNet integration and the use of Private Endpoints for services like Service Bus and Storage Accounts in your opinion? When is it overkill? Monitoring & Observability: What are the best ways to get a single, unified view of a business transaction that flows through multiple Azure services for security auditing? Looking forward to a great discussion and learning from the community's collective experience!"Building a Fully Secure Architecture Integrating Azure OpenAI
As AI adoption accelerates, organizations must ensure that AI services are secure, scalable, and compliant with enterprise security policies. Azure OpenAI Service provides powerful AI capabilities, but securing access to it is crucial when integrating with applications. In this blog, we will explore how to build a fully secure architecture by integrating Azure OpenAI Service with Azure API Management (APIM), Private Endpoints, and Applications. https://dellenny.com/building-a-fully-secure-architecture-integrating-azure-openai-with-apim-private-endpoints-and-applications/Extracting Information from PDFs and Storing in a Database Using Azure AI Services
Handling documents efficiently is a critical requirement for many businesses. Extracting structured data from PDF files and storing it in a database can streamline operations in finance, legal, healthcare, and other industries. Azure AI Services provides robust tools for automating this process, including Azure AI Document Intelligence (formerly Form Recognizer) and Azure Cognitive Services. In this blog, we’ll walk through how to: Read a PDF document Extract relevant data Store the extracted information in a database https://dellenny.com/extracting-information-from-pdfs-and-storing-in-a-database-using-azure-ai-services/Azure AI Adoption Framework A Strategic Guide for Organizations
As organizations accelerate their digital transformation, Azure AI offers powerful capabilities for automation, decision-making, and business intelligence. However, successful AI adoption requires a structured approach that balances strategy, governance, security, and operational excellence. The Azure AI Adoption Framework provides a comprehensive roadmap to help businesses integrate AI effectively while ensuring scalability, security, and responsible AI practices. https://dellenny.com/azure-ai-adoption-framework-a-strategic-guide-for-organizations/Creating and Using an Azure Automation Custom Runtime Environment
A custom runtime environment is a way of defining a specific job execution environment for Azure Automation runbooks, including Microsoft Graph PowerShell SDK runbooks. In this article, we create a new environment for PowerShell V7.4, load in some SDK modules, switch a runbook from a system-generated environment, and run some code. https://office365itpros.com/2025/08/29/custom-runtime-environment/Service Mesh Architecture Pattern in Azure
As organizations modernize applications using microservices and cloud-native architectures, managing how these services communicate becomes increasingly complex. Microservices often run across distributed environments, scaling dynamically, and interacting over the network. This is where the Service Mesh architecture pattern comes in — providing a dedicated infrastructure layer for service-to-service communication, security, and observability. In the Azure ecosystem, implementing a Service Mesh can simplify operational challenges while improving reliability and control of microservices deployments. https://dellenny.com/service-mesh-architecture-pattern-in-azure-handling-service-to-service-communication-security-and-observability/
Mine your Azure backup data, it could save you 💰💡
Your data has a story to tell. Mine it, decipher it, and turn it into actionable outcomes. 📊🔍 Azure backups can become orphaned in several ways (I'll dive into that in a future post). But here’s a key point: orphaned doesn’t always mean useless, hence the word “Potential” in the title of my Power BI report. Each workload needs to be assessed individually. If a backup is no longer needed, you might be paying for it - unnecessarily and unknowingly. 🕵️♂️💸 To uncover these hidden costs, I combined data from the Azure Business Continuity Center with a PowerShell script I wrote to extract LastBackupTime and other metadata. This forms the foundation of my report, helping visualize and track backup usage over time. This approach helped me identify forgotten one-time backups, VMs deleted without stopping the backup, workloads excluded due to policy changes, and backups left behind after resource migrations. If you delete unneeded backups and have soft-delete enabled, the backup size drops to zero and Azure stops charging for it. ✅🧹 💡 Do your Azure backups have their own untold story to tell? 📸 Here's a snapshot of my report that helped me uncover these insights 👇
Recent Blogs
- The Challenge: Outbound Control in a Serverless World Serverless compute resources run in the serverless compute plane, and is managed by Microsoft, for ease of use. Databricks serverless provides...Sep 25, 2025
- 2 MIN READIntroduction A large enterprise customer set out to build a generative AI application using Azure OpenAI. While the app would be hosted on-premises, the customer wanted to leverage the latest large...Sep 25, 2025
