Azure Announcements Newsletter - August 2023

Microsoft

 

AsherNierman_0-1693427001782.png

 

AZURE ANNOUNCEMENTS NEWSLETTER

August 1, 2023 – August 31, 2023

Announcements Summary

Advisor

Preview Features – 1 Update

General Availability – 1 Update

Application Gateway

Preview Features – 1 Update

App Services

General Availability – 1 Update

New Features – 1 Update

Backup

Preview Features – 1 Update

Chaos Studio

Region Updates – 1 Update

Preview Features – 1 Update

Container Apps

General Availability – 5 Updates

Retiring Features – 1 Update

CosmosDB

Preview Features – 2 Update

General Availability – 1 Update

Database for MySQL

General Availability – 1 Update

Database for PostgreSQL

General Availability – 2 Updates

Preview Features – 1 Update

Databricks

General Availability – 1 Update

Firewall

General Availability – 1 Update

Preview Features – 1 Update

Front Door

New Features – 1 Update

Region Updates – 1 Update

Functions

General Availability – 3 Updates

Kubernetes Service

General Availability – 2 Updates

Load Testing

New Features – 2 Updates

Updated Features – 1 Update

Region Updates – 1 Update

Machine Learning

Preview Features – 1 Update

Managed Lustre

General Availability – 1 Update

Marketplace

General Availability – 1 Update

Migrate

Preview Features – 1 Update

Monitor

General Availability – 1 Update

NetApp Files

General Availability – 2 Updates

Preview Features – 2 Updates

Redis Cache

General Availability – 3 Updates

Resource Manager

General Availability – 1 Update

Site Recovery

Preview Features – 1 Update

General Availability – 1 Update

Sphere

Preview Features – 1 Update

SQL Database

General Availability – 1 Update

Preview Features – 1 Update

Storage

Region Updates – 1 Update

Preview Features – 1 Update

General Availability - 1 Update

Virtual Machines

General Availability – 2 Update

Preview Features – 1 Update

Updated Features – 1 Update

Virtual Network

Preview Features – 1 Update

 

 


Announcements Details

 

 

Azure Service: Advisor

Preview Features

 

The Azure Cost Optimization workbook serves as a centralized hub for some of the most used tools that can help you drive utilization and efficiency goals. It offers a range of recommendations, including Azure Advisor cost recommendations, identification of idle resources, and management of improperly deallocated Virtual Machines. Additionally, it provides insights into leveraging Azure Hybrid benefit options for Windows, Linux, and SQL databases.

 

Announcement: https://azure.microsoft.com/updates/public-preview-assess-cost-optimization-opportunities-using-new-...

 

Documentation: https://learn.microsoft.com/azure/advisor/advisor-cost-optimization-workbook

 

 

Azure Service: App Services

General Availability

 

The JBoss EAP on App Service clustering feature is now generally available on Azure. With it, JBoss EAP automatically starts as a clustered service, improving efficiency for high availability applications. Plus, Azure App Service now supports auto-scaling for JBoss EAP. You can easily adjust cluster size based on service load or other criteria, streamlining code deployment, scaling, and configuration updates. This update simplifies the use of Red Hat solutions on the cloud and offers flexibility for cloud cost planning. It's a testament to Red Hat and Microsoft's commitment to Java, giving you more choices for your cloud-based Java applications. Access JBoss EAP directly via the Azure console or deploy on Azure VMs through the Azure Marketplace. Leverage the power of JBoss EAP on Azure App Service today.

 

Announcement: https://azure.microsoft.com/updates/general-availability-jboss-eap-on-app-service-clustering/

 

Documentation: https://azuremarketplace.microsoft.com/marketplace/apps/redhat.rh-jboss-eap?ocid=RedHatJbossPR

 

 

Azure Service: Chaos Studio

Region Updates

 

Azure Chaos Studio is a managed service that uses chaos engineering to help measure, understand, and improve cloud application and service resilience. Azure Chaos Studio is now available in Southeast Asia region.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-chaos-studio-is-now-available-in-southeast-...

 

Documentation: https://learn.microsoft.com/azure/chaos-studio/

 

 

Azure Service: CosmosDB

Preview Features

 

Intra-account container copy in Azure Cosmos DB is now extended for preview to the API for MongoDB. You can use container copy jobs to migrate data from one collection to another within the same Azure Cosmos DB account in an offline manner.

 

Using Azure CLI commands, you have the flexibility to create and manage container copy jobs at your convenience. Plus, there's no additional cost for migration.

 

Take advantage of this powerful new feature to streamline your data migration process and improve your workflow with Azure Cosmos DB. Try it out today and experience the benefits of easy, cost-effective container copy management.

 

Announcement: https://azure.microsoft.com/updates/public-preview-intraaccount-container-copy-in-azure-cosmos-db-fo...

 

Documentation: https://learn.microsoft.com/azure/cosmos-db/intra-account-container-copy

 

 

Azure Service: Database for MySQL

General Availability

 

The autoscale IOPS feature allows you to scale your storage IOPS up and down automatically, eliminating the need for manual adjustments. The feature adjusts your storage IOPS based on your workload needs to accommodate peak usage and ensure optimal performance and cost efficiency. As a result, it is easier and more cost-effective for you to run mission-critical workloads on Azure Database for MySQL – Flexible Server.

 

Announcement: https://azure.microsoft.co/updates/general-availability-autoscale-iops-in-azure-database-for-mysql-f...

 

Documentation: https://learn.microsoft.com/azure/mysql/flexible-server/concepts-storage-iops#autoscale-iops

 

 

Azure Service: Database for PostgreSQL

General Availability

 

In-place major version upgrade enables you to upgrade your Azure Database for PostgreSQL - Flexible Server to a higher version without going through a complex migration process. With just one click, you can perform an offline in-place upgrade to optimize costs and minimize downtime using the same server and endpoint. Major version upgrade for Azure Database for PostgreSQL - Flexible Server is generally available across all Azure regions.

 

Announcement: https://azure.microsoft.com/updates/general-availability-major-version-upgrade-in-azure-database-for...

 

Documentation: https://learn.microsoft.com/azure/postgresql/flexible-server/concepts-major-version-upgrade

 

General Availability

 

The PostgreSQL community releases a major version every year that includes advanced features, functionalities, performance improvements, security enhancements, and bug fixes. PostgreSQL 15, the latest release, introduces various new elements, such as the widely used MERGE command, which enhances the developer’s experience. It also expands capabilities for observing the database's state, improves performance for both in-memory and disk-based sorting, and introduces support for two-phase commit and row/column filtering for logical replication. Azure Database for PostgreSQL - Flexible Server now provides support for PostgreSQL 15 across all Azure regions.

 

Announcement: https://azure.microsoft.com/updates/general-availability-postgresql-15-support-with-azure-database-f...

 

Documentation: https://learn.microsoft.com/azure/postgresql/flexible-server/concepts-supported-versions

 

 

Azure Service: Databricks

General Availability

 

Enhanced Security and Compliance (ESC) add-on helps simplify the complexity of meeting security and regulatory requirements for Azure Databricks customers.

 

Enhanced Security and Compliance (“ESC”) provides the technical capabilities to support the security and compliance needs of Azure Databricks customers when processing regulated and sensitive data sets.

 

It is comprised of two offerings:

 

Enhanced Security Monitoring (“ESM”): ESM couples a hardened security image with additional security agents to support customers that need additional protection and security monitoring capabilities for their most sensitive data.

Compliance Security Profile (“CSP”): CSP facilitates the compliance governance for workspaces by providing a validated security baseline that combines the security capabilities of ESM with additional security features to address the applicable controls of PCI-DSS and HIPAA

ESC is offered at 10% of list price added to the Azure Databricks product spend in a selected workspace. Discounting may apply.

 

Announcement: https://azure.microsoft.com/updates/enhanced-security-and-compliance-addon-for-azure-databricks-now-...

 

Documentation: https://learn.microsoft.com/azure/databricks/security/privacy/security-profile

 

 

Azure Service: Load Testing

New Features

 

You can now run tests for durations up to 24 hours in Azure Load Testing.

 

To run tests longer than 3 hours (up to 24), raise a support ticket request to increase your quota for 'Test duration' by following the steps mentioned here.

 

Announcement: https://azure.microsoft.com/updates/azure-load-testing-run-tests-for-up-to-24-hours/

 

Documentation: https://learn.microsoft.com/azure/load-testing/resource-limits-quotas-capacity

 

New Features

 

Azure Load Testing now supports Azure CLI to manage tests, and test runs.

You can now perform end-to-end operations using simple CLI commands, including: Creating a Load Testing resource, creating a test and test run, and fetching the test run metrics.

 

Azure CLI now supports the following:

 

• az load test command group to manage load tests.

 

• az load test-run command group to manage load test runs.

 

Announcement: https://azure.microsoft.com/updates/azure-load-testing-create-and-manage-tests-and-test-runs-using-a...

 

Documentation: https://learn.microsoft.com/cli/azure/load?view=azure-cli-latest

 

Updated Features

 

You can now run tests with up to 400 engine instances, simulating up to 100,000 virtual users in Azure Load Testing.

 

To run tests with 100,000 virtual users, raise a support ticket to increase your quota for 'Engines instances per test run' following the steps mentioned here.

 

Announcement: https://azure.microsoft.com/updates/azure-load-testing-run-tests-with-100000-virtual-users/

 

Documentation: https://learn.microsoft.com/azure/load-testing/resource-limits-quotas-capacity

 

 

Azure Service: Marketplace

General Availability

 

Cloud NGFW by Palo Alto Networks is the first ISV next-generation firewall service natively integrated in Azure. Developed through a collaboration between Microsoft and Palo Alto Networks, this service delivers the cutting-edge security features of Palo Alto Network's NGFW technology while also offering the simplicity and convenience of cloud-native scaling and management.

 

NGFWs provide superior network security by offering enhanced capabilities compared to traditional firewalls. These include deep packet inspection, advanced visibility and control features, and the use of AI to improve threat detection and response.

 

The service is now more broadly available in the following 12 regions: US (Central, East, East 2, West, West 3), Australia (East, Southeast), UK (South, West), Canada Central, East Asia and West Europe.

 

Announcement: https://azure.microsoft.com/updates/generally-available-cloud-nextgeneration-firewall-ngfw-by-palo-a...

 

Documentation: https://azure.microsoft.com/blog/secure-your-cloud-environment-with-cloud-nextgeneration-firewall-by...

 

 

Azure Service: Monitor

General Availability

 

Container insights expands on the cost optimization settings public preview, by now allowing a third dimension for adjusting container insights data collection settings, with per-table configuration. Customers can now individually select which data tables* to ingest into their Log Analytics workspace:

 

Perf

InsightsMetrics

ContainerInventory

ContainerNodeInventory

KubeNodeInventory

KubePodInventory

KubePVInventory

KubeServices

KubeEvents

*Note that all the above tables are required for the default container insights visualizations, applying custom per-table configurations by dropping one or more tables will render the visualizations unavailable

 

Per-table configurations can be enabled via ARM, CLI, and Azure Portal. Portal users will have the ability to select from bundled data tables defined as the following:

 

Performance

Logs and events

Workloads, deployments, and HPAs

Persistent volumes

This feature continues to support the public preview offering, which enabled users to specify how often to collect data between 1 and 30 minutes at one-minute increments. And users can opt to include or exclude certain namespaces from their data ingestion.

 

Announcement: https://azure.microsoft.com/updates/containerinsightscostoptimization/

 

Documentation: https://learn.microsoft.com/azure/azure-monitor/containers/container-insights-cost-config?tabs=creat...

 

 

Azure Service: NetApp Files

General Availability

 

To enhance resiliency during storage service maintenance operations, SMB volumes used by Citrix App Layering, FSLogix user profile containers and Microsoft SQL Server on Microsoft Windows Server can be enabled with Continuous Availability. Continuous Availability enables SMB Transparent Failover to eliminate disruptions as a result of service maintenance events and improves reliability and user experience. This feature is now Generally Available. It can be enabled on new or existing SMB volumes.

 

Announcement: https://azure.microsoft.com/updates/general-availability-azure-netapp-files-smb-continuous-availabil...

 

Documentation: https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-create-volumes-smb

 

 

Azure Service: Redis Cache

General Availability

 

The Enterprise and Enterprise Flash tiers of Azure Cache for Redis now support using native JSON functionality on caches configured to use active geo-replication. Azure Cache for Redis Enterprise supports storing, querying, and searching JSON formatted data, allowing you to store data more easily in a document-style format in Redis. This feature allows you to use those popular JSON functions on caches that are geo-replicated across up to five regions. As a result, you can create a globally synchronized network of caches using the RedisJSON module to store and search JSON-style data.

 

Announcement: https://azure.microsoft.com/updates/general-availability-json-support-for-active-georeplication-on-a...

 

Documentation: https://learn.microsoft.com/azure/azure-cache-for-redis/cache-redis-modules

 

 

Azure Service: Site Recovery

Preview Features

 

We are excited to announce the Private Preview of DR for Azure Shared Disks for workloads running Windows Server Failover Clusters (WSFC) on Azure VMs. Now you can protect, monitor, and recover your WSFC-clusters as a single unit across its DR Lifecycle, while also generating cluster-consistent recovery points – which are consistent across all the disks (including the Shared Disk) of the cluster.

 

Salient Features:

 

Private Preview will support protection of Windows Server Failover Clusters. Some applications that use this architecture are SQL FCI, SAP ASCS, Scale-out File Servers, etc.

OS Support: Windows Server 2016 and above.

Nodes: Up to 4 nodes per cluster.

Shared Disks: Any number of Shared Disks can be attached to the cluster.

Failover operation supports the failover of the entire cluster at once. We also support failover of clusters where one or more nodes are unavailable or undergoing maintenance.

The scope is limited to forward direction protection. Once a failover is performed, the customer will have to re-enable replication for reverse direction protection.

Any node ownership changes within the cluster (also called cluster failovers) will require a disk re-sync. This limitation will be resolved in Public Preview.

With this release, you can:

 

Protect your cluster together with ASR Shared Disk Support.

Generate recovery points (App and Crash) that are consistent across all the VMs and disks of the cluster. 

Monitor Protection and Health of the cluster and all its nodes from a single page.

Failover the cluster with a single click.

 

Announcement: https://azure.microsoft.com/updates/private-preview-dr-for-shared-disks-azure-site-recovery/

 

Documentation: https://forms.office.com/pages/responsepage.aspx?id=v4j5cvGGr0GRqy180BHbR9f3ns27wIpNkEpXVzCZTaVUNDNK...

 

 

Azure Service: SQL Database

General Availability

 

In early August 2023, the following updates and enhancements were made to Azure SQL: 

 

Azure SQL Database and Azure SQL Managed Instance now support XML compression to reduce storage and memory footprint.

 

Connect apps to Azure SQL Managed Instance using private endpoints.

 

Announcement: https://azure.microsoft.com/updates/azure-sql-general-availability-updates-for-earlyaugust-2023/

 

Documentation: https://azure.microsoft.com/updates/azure-sql-general-availability-updates-for-earlyaugust-2023/

 

Preview Features

 

In early August 2023, the following updates and enhancements were made to Azure SQL:

 

Azure SQL Database and Azure SQL Managed Instance now support TDS 8.0 that brings strict encryption for data in transit.

A new failover rights benefit removes the SQL license cost for Azure SQL Managed Instance when used as a passive disaster recovery site for SQL Server 2022 with Software Assurance or pay-as-you-go license.

 

Announcement: https://azure.microsoft.com/updates/azure-sql-public-preview-updates-for-earlyaugust-2023/

 

Documentation: https://azure.microsoft.com/updates/azure-sql-public-preview-updates-for-earlyaugust-2023/

 

 

Azure Service: Storage


Announcements Details

 

Azure Service: App Services

New Features

 

WordPress on App Service now supports integration with Azure Communication Services Email, enabling out-of-the-box support in App Service for scenarios such as:

 

Email verification and authentication

Password resets

Notification emails

Promotion emails

This streamlines your WordPress email workflows by removing the need to sign up for, install or configure 3rd party email plugins.

 

Announcement: https://azure.microsoft.com/updates/wordpress-on-app-service-integration-with-azure-communication-se...

 

Documentation: https://techcommunity.microsoft.com/t5/apps-on-azure-blog/wordpress-on-azure-appservice-email-integr...

 

Azure Service: Chaos Studio

Preview Features

 

Azure Chaos Studio experiments can now utilize user-assigned managed identities to manage permissions. Users can enable Chaos Studio to automatically assign necessary permissions to their identity selection by enabling custom role assignment.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-chaos-studio-has-userassigned-managed-ident...

 

Documentation: https://learn.microsoft.com/azure/chaos-studio/chaos-studio-permissions-security

 

Azure Service: Migrate

Preview Features

 

Azure Storage Mover can now migrate your SMB shares to Azure file shares.

 

Storage Mover is a fully managed migration service that enables you to migrate on-premises files and folders to Azure Storage while minimizing downtime for your workload. Together with Just-in-time permission setting and Azure Key Vault, your migration is secure from source to target. 

 

Besides the existing general available capability to migrate from an on-premises NFS share to an Azure blob container, Storage Mover will support many additional source and target combinations in the near future.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-storage-mover-support-for-smb-and-azure-fil...

 

Documentation: https://learn.microsoft.com/azure/storage-mover/service-overview

 

Azure Service: Site Recovery

General Availability

 

This update provides the following improvements for the latest version of Azure Site Recovery components.

 

Mobility Service – Added support for Linux OS for:

 

Azure to Azure - RHEL 8.8 and Cent OS 8.8

Modernized VMware/Physical to Azure - RHEL 8.8 and Cent OS 8.8

This update also provides bug fixes.

 

Announcement: https://azure.microsoft.com/updates/generally-available-azure-site-recovery-update-rollup-68-august-...

 

Documentation: https://support.microsoft.com/topic/update-rollup-68-for-azure-site-recovery-a81c2d22-792b-4cde-bae5...

 

Azure Service: Storage

General Availability

 

Azure Blob Storage Cold Tier is now generally available. It is a new online access tier that is the most cost-effective Azure Blob offering for storing infrequently accessed data with long-term retention requirements, while providing instant access.

 

Azure Blob Storage is optimized for storing massive amounts of unstructured data. With blob access tiers, you can store your data most cost-effectively based on how frequently it will be accessed and how long it will be retained.

 

The pricing of the cold tier storage option lies between the cool and archive tiers, and it follows a 90-day early deletion policy. You can seamlessly utilize the cold tier in the same way as the hot and cool tiers, through REST API, SDKs, tools, and lifecycle management policies.

 

Announcement: https://azure.microsoft.com/updates/generally-available-azure-cold-storage/

 

Documentation: https://azure.microsoft.com/blog/efficiently-store-data-with-azure-blob-storage-cold-tier-now-genera...

 

Azure Service: Virtual Machines

General Availability

 

Azure Premium SSD v2 Disk Storage is now available in Brazil South, East Asia and Central India regions. This next-generation storage solution offers advanced general-purpose block storage with the best price performance, delivering sub-millisecond disk latencies for demanding IO-intensive workloads at a low cost. It is well-suited for a wide range of enterprise production workloads, including SQL Server, Oracle, MariaDB, SAP, Cassandra, MongoDB, big data analytics, gaming on virtual machines, and stateful containers.

 

Announcement: https://azure.microsoft.com/updates/generally-available-azure-premium-ssd-v2-disk-storage-is-now-ava...

 

Documentation: https://learn.microsoft.com/azure/virtual-machines/disks-types#premium-ssd-v2

 

 

Azure Service: Backup

Preview Features

 

Cross Region Restore of PostgreSQL backups for Azure Backup customers is now in public preview. Azure Backup leverages Read-Access Geo Redundant Storage (RA-GRS) which stores 3 replicas of backup data across each of two paired regions. While leveraging Geo-Redundant Storage (GRS) allows you to access your secondary region backups when Azure declares a disaster, enabling Cross Region Restore enables you to access and perform restores from the backups residing in the paired region at all times which includes non-outage scenarios.

 

You should consider enabling Cross Region Restore option when:

1. You need to perform recovery drills on your secondary region backups to assess disaster readiness.

2. You need high resiliency of backup data.

 

The feature is currently available for PostgreSQL backups in select public regions. With this, Azure Backup offers a compelling set of durability options for your backup data residing in Backup Vaults including Zonally-redundant Storage (ZRS) for intra-region high durability, Locally-redundant storage (LRS) for low-cost single region durability, and Geo-redundant storage (GRS) for high durability across region when primary region is unavailable by opting in for Cross Region Restore feature, you can also access the secondary region backup data from Azure Backup.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-backup-now-supports-cross-region-restore-fo...

 

Documentation: https://azure.microsoft.com/updates/public-preview-azure-backup-now-supports-cross-region-restore-fo...

 

 

Azure Service: Container Apps

General Availability

 

Azure Container Apps support for Cross Origin Resource Sharing (CORS) is now generally available.

 

By default, requests made through a browser to a domain that doesn’t match the page’s origin domain are blocked. The CORS feature allows specific origins to make calls on their app through the browser. Now Azure Container Apps customers can easily set up Cross Origin Resource Sharing from the portal or through the CLI.

 

Announcement: https://azure.microsoft.com/updates/generally-available-cross-origin-resource-sharing-cors-in-azure-...

 

Documentation: https://azure.microsoft.com/updates/generally-available-cross-origin-resource-sharing-cors-in-azure-...

 

General Availability

 

The init containers feature in Azure Container Apps is now generally available. Init containers are specialized containers that run to completion before application containers are started in a replica, and they can contain utilities or setup scripts not present in your container app image. Init containers are useful for performing initialization logic such as setting up accounts, running setup scripts, and configuring databases.

 

Announcement: https://azure.microsoft.com/updates/generally-available-init-containers-in-azure-container-apps/

 

Documentation: https://learn.microsoft.com/azure/container-apps/containers#init-containers

 

General Availability

 

Azure Container Apps now supports session affinity, also known as sticky sessions, for HTTP-based workloads. This feature is generally available.

 

Session affinity enables you to route all requests from a single client to the same Container Apps replica. This is useful for stateful workloads that require session affinity.

 

Container apps in single revision mode support session affinity. When enabled, Container Apps automatically adds a cookie to HTTP responses to track the replica being used by the client.

 

Announcement: https://azure.microsoft.com/updates/generally-available-session-affinity-for-azure-container-apps/

 

Documentation: https://learn.microsoft.com/azure/container-apps/sticky-sessions?pivots=azure-portal

 

General Availability

 

Support for secrets volume mounts in Azure Container Apps is now generally available. In addition to referencing secrets as environment variables, you can now mount secrets as volumes in your container apps. Your apps can access all or selected secrets as files in a mounted volume.

 

This feature works with secrets stored directly in Azure Container Apps and secrets referenced from Azure Key Vault.

 

Announcement: https://azure.microsoft.com/updates/generally-available-secrets-volume-mounts-for-azure-container-ap...

 

Documentation: https://learn.microsoft.com/azure/container-apps/manage-secrets?tabs=azure-portal

 

General Availability

 

Azure Container Apps support for Azure Key Vault references in application secrets is now generally available.

 

Azure Key Vault references enable you to source a container app’s secrets from secrets stored in Azure Key Vault. Using the container app's managed identity, the platform automatically retrieves the secret values from Azure Key Vault and injects it into your application's secrets.

 

Both versioned and non-versioned secrets are supported.

 

Announcement: https://azure.microsoft.com/updates/generally-available-azure-key-vault-references-for-secrets-in-az...

 

Documentation: https://learn.microsoft.com/azure/container-apps/manage-secrets?tabs=azure-portal

 

 

Azure Service: CosmosDB

General Availability

 

With Terraform infrastructure-as-a-code support, you can now programmatically perform all cluster management operations such as cluster create, PostgreSQL server parameter change, cluster node add, cluster node compute, and storage scaling based on your growing workload needs. In addition, you can perform these operations in a unified way for all Azure services supported by Terraform.

When you use the Terraform template-based configuration files you can define, provision, and configure your Azure Cosmos DB for PostgreSQL clusters in a repeatable and predictable manner. As a robust infrastructure-as-a-code solution, Terraform helps reduce human errors and the cost of spinning up production and development environments on demand.

 

Announcement: https://azure.microsoft.com/updates/general-availability-terraform-support-for-azure-cosmos-db-for-p...

 

Documentation: https://learn.microsoft.com/azure/cosmos-db/postgresql/product-updates#august-2023

 

Preview Features

 

Azure Active Directory (AAD) authentication integration with Azure Cosmos DB for PostgreSQL allows you to improve managed database security by delegating credential management and authentication to a centralized identity provider. Azure Active Directory supports advanced security features such as two-factor authentication options, password lifecycle management, applications and managed identities, and conditional access. Azure Active Directory authentication integration with Azure Cosmos DB for PostgreSQL provides full support for managed identities and support for invited users. You can choose to have AAD-only authentication on your Azure Cosmos DB for PostgreSQL cluster. You can also combine AAD authentication with native PostgreSQL roles. You can configure authentication methods for each Azure Cosmos DB for PostgreSQL cluster individually depending on its role and security requirements.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-active-directory-integration-with-azure-cos...

 

Documentation: https://learn.microsoft.com/azure/cosmos-db/postgresql/concepts-authentication

 

 

Azure Service: Database for PostgreSQL

Preview Features

 

We’re excited to announce that Azure Database for PostgreSQL Flexible Server users can choose to opt-in to storage auto-grow, which is currently available in public preview.

 

With auto-grow enabled, Azure Database for PostgreSQL Flexible Server will automatically increase the size of the provisioned storage of your database servers. As a result, there’s no longer a need to worry about rightsizing when beginning to use these services or about running out of storage.

 

Additionally, we have introduced online disk scaling globally, eliminating the requirement for server restarts during storage scaling operations.

 

Announcement: https://azure.microsoft.com/updates/public-preview-storage-autogrow-online-disk-scaling-for-azure-da...

 

Documentation: https://learn.microsoft.com/azure/postgresql/flexible-server/concepts-compute-storage#storage-auto-g...

 

 

Azure Service: Firewall

General Availability

 

Structured Logs (general availability): New logging format that provides a more detailed view of firewall events. Structured Logs provide the following benefits: they are easier to work with data in log queries and help discover schemas; they improves performance and reduce latency; they allow ability to grant Azure RBAC rights on specific tables

 

Latency Probe (general availability): The Latency Probe metric is designed to measure the overall latency of Azure Firewall and provide insight into the health of the service.

 

Announcement: https://azure.microsoft.com/updates/general-availability-new-monitoring-and-logging-updates-in-azure...

 

Documentation: https://learn.microsoft.com/azure/firewall/firewall-structured-logs

 

Preview Features

 

Resource Health (public preview): Monitor that provides visibility into Azure Firewall health status and allows you to address service problems that may affect your Azure Firewall resource.

 

Embedded Firewall Workbooks (public preview): Integrated workbooks into the Azure Firewall Portal that provide valuable insights and statistics regarding your firewall activities and events.

 

Announcement: https://azure.microsoft.com/updates/new-monitoring-and-logging-updates-in-azure-firewall/

 

Documentation: https://learn.microsoft.com/azure/service-health/resource-health-overview

 

 

Azure Service: Functions

General Availability

 

Support of Durable Functions with the Azure Functions v2 programming model for development in Python is now Generally Available. Durable apps can now be organized in a manner more idiomatic to Python developers.

 

Announcement: https://azure.microsoft.com/updates/generally-available-durable-functions-for-python-v2-programming-...

 

Documentation: https://learn.microsoft.com/azure/azure-functions/durable/quickstart-python-vscode?tabs=macos%2Cazur...

 

General Availability

 

Most function apps use Application Insights for telemetry. Today, we’re making the experience of working with Application Insights even better for .NET function apps using the isolated worker model.

 

Now, you can fully control the emission of telemetry using standard controls available from the Application Insights SDK. For example, through registration in your application startup, you can configure custom filtering rules, adjust log levels, and more.

 

Please note that any configuration you define in your application startup will only affect logs emitted from your application code. Some logs from the Functions host remain controlled by the `host.json` file. Similarly, the `host.json` file does not impact configuration of logs from your application.

 

Announcement: https://azure.microsoft.com/updates/generally-available-application-insights-integration-for-the-azu...

 

Documentation: https://learn.microsoft.com/azure/azure-functions/dotnet-isolated-process-guide#application-insights

 

General Availability

 

Azure Functions triggers and bindings enable function authors to easily integrate event and data sources. Today, function apps on the isolated worker model can leverage general availability support for an expanded range of types, such as those from the Azure SDK for .NET.

 

Now, a .NET function in an isolated worker process could, for example, start with a BlobClient passed into it. Using that type, the function can stream data incrementally and process larger blobs than it could before. Some workloads may see throughput improvements as well. Function authors should be aware that if a binding expression relies on trigger data, the trigger itself cannot be one of the newly supported types.

 

Support covers the extensions for Blobs, Queues, Tables, Cosmos DB, Event Hubs, Event Grid, and Service Bus. Support for the Service Bus trigger does not yet cover message settlement scenarios, but this general availability update does enable use of `ServiceBusReceivedMessage`.

 

Announcement: https://azure.microsoft.com/updates/generally-available-sdk-type-bindings-in-azure-functions/

 

Documentation: https://learn.microsoft.com/azure/azure-functions/dotnet-isolated-process-guide#sdk-types

 

 

Azure Service: Kubernetes Service

General Availability

 

AKS now facilitates Private Link Service (PLS) creation for Kubernetes services through annotations, simplifying PLS setup. You can add the necessary PLS annotation to the service manifest file with an 'azure-load-balancer-internal' annotation and LoadBalancer service type.

 

This eliminates searching for Azure Load Balancer IP configuration for PLS creation, as AKS will handle PLS provisioning with the Kubernetes service. You can also establish a PLS resource by adding the PLS annotation to the manifest file after service provisioning.

 

Announcement: https://azure.microsoft.com/updates/generally-available-private-link-service-integration/

 

Documentation: https://cloud-provider-azure.sigs.k8s.io/topics/pls-integration/

 

General Availability

 

AKS support for Kubernetes 1.27 is now generally available. 

 

Kubernetes 1.27 contains over 50 features and enhancements focused on improving security, scalability, reliability, and performance of cloud native applications. With the general availability of 1.27 support, you can now take advantage of these capabilities in production.

 

Announcement: https://azure.microsoft.com/updates/generally-available-kubernetes-127-support-in-aks/

 

Documentation: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md

 

 

Azure Service: Load Testing

Region Updates

 

Azure Load Testing is now available in Japan East and Brazil South

 

Announcement: https://azure.microsoft.com/updates/generally-available-azure-load-testing-in-japan-east-and-brazil-...

 

Documentation: https://azure.microsoft.com/updates/generally-available-azure-load-testing-in-japan-east-and-brazil-...

 

 

Azure Service: Machine Learning

Preview Features

 

Two new features now available in PuPr enable you to work with improved data size and model support and generate a default Responsible AI dashboard for the best AutoML model.

 

Perform distributed training for tabular datasets in AutoML – You can now execute distributed training for your tabular datasets in AutoML to work with large datasets.  

 

Evaluate AutoML tabular models with the RAI dashboard (supporting regression/classification) – You can now leverage the more robust and richer debugging and analytical Responsible AI dashboard, which is automatically generated for their best model, instead of generating it separately (as you had to do before).

 

Announcement: https://azure.microsoft.com/updates/azure-machine-learning-public-preview-for-august/

 

Documentation: https://azure.microsoft.com/updates/azure-machine-learning-public-preview-for-august/

 

 

Azure Service: NetApp Files

Preview Features

 

To harmonize the authentication ID Domain settings in your NFSv4.1 environment, you can now configure a custom NFSv4.1 ID Domain in Azure NetApp Files for non-LDAP volumes. The ID Domain is set for all non-LDAP volumes in the same region and subscription, and can co-exist in environments with LDAP-enabled volumes. Once the ID Domain on Azure NetApp Files matches your NFSv4.1 clients, ‘root’ and non-root users will no longer be squashed to ‘nobody’. This setting helps either prepare for a future implementation of LDAP with Active Directory in the future by enabling the use of the same authentication ID Domain across all NFSv4.1 clients, or just ensures scripts and software installation routines that use ‘root’ can modify files on NFSv4.1 volumes correctly.

 

Announcement: https://azure.microsoft.com/updates/public-preview-custom-nfsv41-id-domain-in-azure-netapp-files/

 

Documentation: https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-configure-nfsv41-domain

 

Preview Features

 

Azure NetApp Files datastores for Azure VMware Solution provide the ability to scale storage independently of compute and can go beyond the limits of the local instance storage provided by vSAN reducing total cost of ownership.

 

With Cloud Backup for Virtual Machines, you can now create VM consistent snapshot backups of VMs on Azure NetApp Files datastores. The associated virtual appliance installs in the Azure VMware Solution cluster and provides policy based automated and consistent backup of VMs integrated with Azure NetApp Files snapshot technology for fast backups and restores of VMs, groups of VMs (organized in resource groups) or complete datastores lowering RTO, RPO, and improving total cost of ownership.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-netapp-files-cloud-backup-for-virtual-machi...

 

Documentation: https://learn.microsoft.com/azure/azure-netapp-files/whats-new

 

 

Azure Service: Redis Cache

General Availability

 

Azure Cache for Redis now offers an additional metric in Azure Monitor to measure the 99th percentile latency of server-side commands. This allows you to see the worst-case latency experienced by your Redis instance, which helps in debugging latency challenges in your application stack. You can also use this metric to help determine when long-running commands are increasing the response latency of your Redis instance. The 99th percentile latency metric is available in the basic, standard, and premium tiers of Azure Cache for Redis.

 

Announcement: https://azure.microsoft.com/updates/general-availability-99th-percentile-latency-metric-in-azure-cac...

 

Documentation: https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-monitor#list-of-metrics

 

General Availability

 

To prevent unexpected data loss, caches using active geo-replication in the Enterprise or Enterprise Flash tiers of Azure Cache for Redis have the FLUSHDB and FLUSHALL commands blocked by default. This is because flushing one cache in a geo-replication group will also flush all other synchronized caches. 

 

Now, a control-plane operation is available that will force flush the data in all caches in the same geo replication group. This operation can be used either through the portal or through CLI/PowerShell. As a control-plane operation, Azure role-based access control roles can be used to limit access to specific users. This provides a safer and more consistent way to clear geo-replicated caches.

 

Announcement: https://azure.microsoft.com/updates/general-availability-simplified-flush-operation-for-caches-using...

 

Documentation: https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-active-geo-replication#flush-op...

 

 

Azure Service: Resource Manager

General Availability

 

Help API is now Generally Available! Help API provides you relevant and high-quality, self-help solutions to resolve issues with your Azure resource quickly and conveniently.

 

With Help API you gain access to rich Azure diagnostics that can potentially reduce your overall downtime in resolution of support incidents and thereby your support costs. This feature is currently available at NO COST, empowering you to troubleshoot issues with your Azure resource within seconds from your preferred UI ,or by using API tools such as Postman without the need to create support tickets. Additional support is also offered for different programming languages and interfaces, as outlined in the documentation.

 

Help API offers two key capabilities :

 

Solution Discovery: Returns relevant diagnostics specific to the issues with your resource. You can narrow your solution search results by adding specific inputs such as the problemClassificationId, in addition to the resourceId.

Solution Execution: Execute applicable diagnostics which are then presented in a step-by-step format, guiding you through the process of resolving your issue efficiently.

 

Announcement: https://azure.microsoft.com/updates/general-availability-help-api-provides-access-to-selfhelp-diagno...

 

Documentation: https://learn.microsoft.com/rest/api/help/

 

 

Azure Service: Sphere

Preview Features

 

We are excited to announce the Public Preview of Azure Sphere (Integrated), a new management interface for Azure Sphere services that is natively integrated with Azure via the Azure Resource Manager.

 

This Azure Sphere (Integrated) Public Preview comprises:

 

A new REST API for the Azure Sphere Security Services, integrated with Azure Resource Manager

Azure Portal and Azure CLI integration

Azure Monitor integration

Azure RBAC integration

 

Announcement: https://azure.microsoft.com/updates/azure-sphere-integrated-public-preview/

 

Documentation: https://techcommunity.microsoft.com/t5/internet-of-things-blog/introducing-azure-sphere-integrated-p...

 

 

Azure Service: Storage

Preview Features

 

As we approach the general availability of Azure Elastic SAN, we continue improving the service and adding features based on feedback from Azure customers. Today, we are releasing private endpoint support and volume sharing support via SCSI (Small Computer System Interface) Persistent Reservation. 

 

With the addition of private endpoint support, you can now access Elastic SAN volumes via either private endpoints or via public endpoints that are restricted to allow network access from specific virtual network subnets only. If you require the additional layer of security that private endpoints add, this is an essential update.

 

By adding shared volume support, you can attach and use an Elastic SAN volume from multiple compute clients like virtual machines, while using SCSI reservation commands to choose from a range of supported access modes to read or write to the volume. You can even maintain reservations across reboots because we support persistent reservations to ensure that access to data remains uninterrupted.

 

Announcement: https://azure.microsoft.com/updates/azure-elastic-san-updates-private-endpoints-shared-volumes/

 

Documentation: https://techcommunity.microsoft.com/t5/azure-storage-blog/azure-elastic-san-updates-private-endpoint...

 

 

Azure Service: Virtual Machines

General Availability

 

We are announcing the general availability (GA) of incremental snapshots support for Premium SSD v2 and Ultra Disk with instant restore capability in all regions where Premium SSD v2 and Ultra Disk are supported.

 

You can now instantly restore Premium SSD v2 and Ultra Disks from snapshots and attach them to a running VM without waiting for any background copy of data. This new capability allows you to read and write data on disks immediately after creation from snapshots, enabling you to recover your data from accidental deletes or a disaster quickly

 

Announcement: https://azure.microsoft.com/updates/general-availability-incremental-snapshots-for-premium-ssd-v2-di...

 

Documentation: https://learn.microsoft.com/azure/virtual-machines/disks-incremental-snapshots?tabs=azure-cli#increm...

 

Preview Features

 

Today we are announcing the public preview of the next generation Mv3 Medium Memory (MM) virtual machine series.

 

These virtual machines provide improved performance and higher reliability over previous generations.

 

Key features on the new Mv3 MM VMs for memory-optimized workloads:

 

Powered by the 4th Generation Intel® Xeon® Scalable Processor and DDR5 DRAM technology, the Mv3 medium memory (MM) virtual machines can scale for SAP workloads from 250GB to 4TB with faster performance and lower TCO.

With Azure Boost, Mv3 MM provides a ~25% improvement in network throughput and up to 1.5X improvement in remote storage throughput over the previous M-series families. 

Azure Boost’s isolated architecture inherently improves security for Mv3 MM virtual machines by running storage and networking processes separately on the purpose-built hardware, instead of on the host server.

Increased resilience against failures in memory, disks, and networking based on intelligence from past generations.

Available in both disk and diskless offerings, allowing customers the flexibility to choose the option that best meets their workload needs.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-mv3-medium-memory-virtual-machines/

 

Documentation: https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/announcing-public-preview-of-...

 

 

Azure Service: Virtual Network

Preview Features

 

Virtual Network (VNet) flow logs enable you to capture information about IP traffic flowing through your Virtual Networks for usage monitoring & optimization, troubleshooting connectivity, compliance, and security analysis.

 

Flow data is sent to Azure Storage accounts. From there, you can access the data and export it to any visualization tool, SIEM (security information and event management) solution, or intrusion detection system (IDS) of your choice. You can also enable Traffic Analytics that aggregates and enriches flow data to provide advanced visibility into user and application activity as well as malicious IP communication in your networks.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-vnet-flow-logs/

 

Documentation: https://learn.microsoft.com/azure/network-watcher/vnet-flow-logs-overview

 

 

Azure Service: Advisor

General Availability

 

One of the best practices, according to the Well Architected Framework (WAF) guidelines, is zonal deployment. By adopting this recommendation, you can now design your solutions to utilize zonal VMs, ensuring the isolation of your VMs from potential failures in other zones. With this, you can expect enhanced resiliency in your workload by avoiding downtime and business interruptions.

 

Announcement: https://azure.microsoft.com/updates/general-availability-elevate-vm-resiliency-with-azure-advisors-a...

 

Documentation: https://learn.microsoft.com/azure/advisor/advisor-reference-reliability-recommendations#compute

 

 

Azure Service: Application Gateway

Preview Features

 

Azure’s regional Web Application Firewall (WAF) running on Application Gateway now supports rate-limit custom rules.  Rate-limiting enables you to detect and block abnormally high levels of traffic destined for your application. By using rate limiting, you can mitigate many types of denial-of-service attacks, protect against clients that have accidentally been misconfigured to send large volumes of requests in a short time period, or control traffic rates to your site from specific geographies.

 

Announcement: https://azure.microsoft.com/updates/public-preview-ratelimit-rules-for-application-gateway-web-appli...

 

Documentation: https://learn.microsoft.com/azure/web-application-firewall/ag/rate-limiting-overview

 

 

Azure Service: Container Apps

Retiring Features

 

Starting on November 16, 2023, Azure Container Apps control plane API versions 2022-06-01-preview and 2022-11-01-preview will be retired. Before that date, please migrate to the latest stable API version (2023-05-01) or latest preview API version (2023-04-01-preview).

 

Required action

 

If you're using Azure Resource Manager API version 2022-06-01-preview or 2022-11-01-preview to manage Azure Container Apps, please update your API requests to use version 2023-04-01-preview or later. Management operations using the retired API versions may fail after the retirement date.

 

Announcement: https://azure.microsoft.com/updates/retirement-azure-container-apps-preview-api-versions-20220601pre...

 

Documentation: https://learn.microsoft.com/azure/container-apps/azure-resource-manager-api-spec?tabs=arm-template#a...

 

 

Azure Service: Front Door

New Features

 

You can now create Azure Front Door Standard and Azure Front Door Premium endpoints from within the Azure portal, just like any other Azure CDN endpoint. This integration allows you to manage all the Azure Front Door and/or Azure CDN profiles associated with a storage account from a single interface.

 

Creating a new Azure Front Door Service and endpoint for a storage account is as simple as browsing to your storage account in the Azure portal and navigating to the Front Door and CDN profiles blade. From there, you can create new endpoints, quickly navigate to the endpoint profiles, manage custom domains for your endpoints, and enable security features such as Web Application Firewall and/or Private Link.

 

Announcement: https://azure.microsoft.com/updates/quick-create-azure-front-door-endpoints-for-storage-accounts/

 

Documentation: https://learn.microsoft.com/azure/frontdoor/scenario-storage-blobs

 

Region Updates

 

Azure Front Door (AFD) Standard and Premium tier is now generally available in Azure Government, in the regions of Arizona and Texas. After this release, Local Government (US) customers and their partners can benefit from the new and enhanced capabilities on standard and premium. The new and enhanced capabilities include, but are not limited to, better reporting and diagnostic capabilities, expanded rules engine with server variables, enhanced Web Application Firewall (latest DRS rule set, Bot protection, Web Application Firewall Notebook using Sentinel for security investigation and monitoring, Microsoft Sentinel Analytics) and security capabilities (Private Link connectivity to your origin, subdomain takeover prevention) and many upcoming new features.

 

Announcement: https://azure.microsoft.com/updates/general-availability-azure-front-door-standardpremium-in-azure-g...

 

Documentation: https://learn.microsoft.com/azure/frontdoor/standard-premium/tier-comparison

 

 

Azure Service: Managed Lustre

General Availability

 

Azure Managed Lustre now offers two new performance tiers, offering tailored solutions for various workload sizes and throughput needs.

 

40MB/s per TiB performance tier:Ideal for customers with larger datasets, this tier delivers 40MB/s of read and write throughput per provisioned TiB. With a minimum cluster size of 48TiB and a default maximum cluster size of 768TiB, it provides a cost-effective alternative to the previously available 125MB/s and 250MB/s per TiB options.

 

500MB/s per TiB performance tier:Designed for customers with smaller datasets and demanding throughput requirements, this tier ensures 500MB/s of read and write throughput per provisioned TiB. The minimum cluster size is set at 4TiB, empowering you to achieve remarkable performance even with modest storage needs.

 

Announcement: https://azure.microsoft.com/updates/generally-available-40mbstib-and-500mbstib-performance-tiers-for...

 

Documentation: https://techcommunity.microsoft.com/t5/azure-high-performance-computing/introducing-new-performance-...

 

 

Azure Service: NetApp Files

General Availability

 

Version 9 of the AzAcSnap tool is now generally available. Azure Application Consistent Snapshot Tool (AzAcSnap) is a command-line tool that enables customers to simplify data protection for third-party databases in Linux environments.

 

AzAcSnap 9 introduces the following new capabilities and improvements:

 

IBM Db2 Database support General Availability

System Managed Identity support for easier setup while also improving security posture

 

Announcement: https://azure.microsoft.com/updates/general-availability-azacsnap-9-azure-application-consistent-sna...

 

Documentation: https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction

 

 

Azure Service: Virtual Machines

Updated Features

 

We're delighted to announce the generally available support of Cross Subscription Restore for Azure Virtual Machines. You can now restore your Azure VMs to another subscription within the same tenant of the subscription where source VM is present, provided you have the relevant permissions to restore in that secondary subscription. By default, restore happens in the same subscription where the source virtual machine is present.

 

This feature is only allowed if you have Cross Subscription Restore property enabled for your Recovery Services vault. Cross Subscription Restore allows you to restore by either creating a VM or restoring the disks. You can use Cross Zonal Restore and (/or)  Cross Region Restore as well along with this restore option.

 

Announcement: https://azure.microsoft.com/updates/generally-available-cross-subscription-restore-for-azure-virtual...

 

Documentation: https://learn.microsoft.com/azure/backup/about-azure-vm-restore

 

0 Replies