Azure Announcements Newsletter - July 2023

Microsoft

 

AsherNierman_1-1690821341246.png

 

AZURE ANNOUNCEMENTS NEWSLETTER

July 1, 2023 – July 31, 2023

 

 

Announcements Summary

Firewall

Preview Features – 1 Update

Monitor

General Availability – 1 Update

Preview Features – 1 Update

Service Fabric

Updated Features – 1 Update

 

Storage

General Availability – 1 Update

Region Updates – 1 Update

 

Virtual Network

Preview Features – 1 Update

 

API Management

Preview Features – 1 Update

ARC

New Features – 1 Update

Cognitive Services

Preview Features – 1 Update

Event Grid

New Features – 1 Update

Functions

Preview Features – 1 Update

IoT Hub

General Availability – 1 Update

Kubernetes Service

Preview Features – 2 Updates

Machine Learning

General Availability – 1 Update

Preview Features – 1 Update

Media Services

Retiring Features – 1 Update

Traffic Manager

General Availability – 1 Update

Virtual Machines

Preview Features – 2 Updates

Application Gateway

Preview Features – 1 Update

Updated Features – 1 Update

Cognitive Services

Retiring Features – 1 Update

DevOps

Updated Features – 1 Update

SQL Database

Updated Features – 1 Update

 


Announcements Details

 

 

 

Azure Service: Firewall

Preview Features

 

Azure's regional Web Application Firewall (WAF) running on Application Gateway now supports sensitive data protection through log scrubbing. When a request matches the criteria of a rule, and triggers a WAF action, that event is captured within the WAF logs. WAF logs are stored as plain text for debuggability, and any matching patterns with sensitive customer data like IP address, passwords, and other personally identifiable information could potentially end up in logs as plain text. To help safeguard this sensitive data, you can now create log scrubbing rules that replace the sensitive data with "******".

 

Sensitive data protection using log scrubbing supports the creation of rules using the following variables:

 

Request Header Names

Request Cookie Names

Request Arg Names

Request Post Arg Names

Request JSON Arg Names

Request IP Address

 

Announcement: https://azure.microsoft.com/updates/public-preview-sensitive-data-protection-for-application-gateway...

 

Documentation: https://learn.microsoft.com/azure/web-application-firewall/ag/waf-sensitive-data-protection

 

 

Azure Service: Monitor

 

General Availability

 

Azure Native New Relic Service, which enables developers and IT administrators to set up monitoring for their cloud applications using New Relic on Azure, is now generally available. Users can benefit from multiple deep integration capabilities like creating a New Relic account, linking existing New Relic accounts, easily configuring logs and metrics monitoring and installing extensions for monitoring virtual machines and app services right from within the Azure experience.

 

Announcement: https://azure.microsoft.com/updates/general-availability-azure-native-new-relic-service/

 

Documentation: https://learn.microsoft.com/azure/partner-solutions/new-relic/new-relic-overview

 

 

Preview Features

 

Azure Monitor Agent (AMA) collects monitoring data from the guest operating system of Azure and hybrid virtual machines and delivers it to Azure Monitor for use by features, insights, and other services, such as Microsoft Sentinel and Microsoft Defender for Cloud. Azure Monitor Agent replaces all of Azure Monitor's legacy monitoring agents. This article provides an overview of Azure Monitor Agent's capabilities and supported use cases.

 

You can now monitor the health of agents at-scale across Azure, on premises and other clouds using the Azure Monitor Agent Health experience released in preview today. This includes AMA running on both virtual machines and on-premise (Arc-enabled servers), including a view into the related Data Collection rules. Identify data collection problems before they start impacting your business, and troubleshoot faster by narrowing down the impact scope for a given problem.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-monitor-agent-health-experience/

 

Documentation: https://learn.microsoft.com/azure/azure-monitor/agents/agents-overview

 

 

Azure Service: Service Fabric

Updated Features

 

We are excited to announce that the 9.1 Fifth Refresh release of the Service Fabric runtime has completed rolling out to the various Azure regions along with tooling and SDK updates. The updates for .NET SDK, Java SDK, and Service Fabric runtimes can be downloaded from the links provided in Release Notes. The SDK, NuGet packages, and Maven repositories are already available in all regions.

 

We are also excited to announce that the 9.0 Tenth Refresh release of the Service Fabric runtime has completed rolling out to the various Azure regions along with tooling and SDK updates. The updates for .NET SDK, Java SDK, and Service Fabric runtimes can be downloaded from the links provided in Release Notes. The SDK, NuGet packages, and Maven repositories are already available in all regions.

 

Announcement: https://azure.microsoft.com/updates/azure-service-fabric-91-fifth-refresh-release/

 

Documentation: https://github.com/microsoft/service-fabric/blob/master/release_notes/Service_Fabric_ReleaseNotes_91...

 

 

Azure Service: Storage

General Availability

 

Azure Premium SSD v2 Disk Storage is now available in Switzerland North, Japan East, Korea Central, South Africa North, Sweden Central, Canada Central and Central US regions. This next-generation storage solution offers advanced general-purpose block storage with the best price performance, delivering sub-millisecond disk latencies for demanding IO-intensive workloads at a low cost. It is well-suited for a wide range of enterprise production workloads, including SQL Server, Oracle, MariaDB, SAP, Cassandra, MongoDB, big data analytics, gaming on virtual machines, and stateful containers.

 

Announcement: https://azure.microsoft.com/updates/generally-available-azure-premium-ssd-v2-disk-storage-is-now-ava...

 

Documentation: https://learn.microsoft.com/azure/virtual-machines/disks-types#premium-ssd-v2

 

Region Updates

 

Azure Archive Storage provides a secure, low-cost means for retaining rarely accessed data including backup and archival storage. Now, Azure Archive Storage is available in Sweden Central

 

Announcement: https://azure.microsoft.com/updates/general-availability-azure-archive-storage-now-available-in-swed...

 

Documentation: https://azure.microsoft.com/explore/global-infrastructure/products-by-region/?products=storage

 

Azure Service: Virtual Network

Preview Features

 

With Virtual Network encryption, customers can enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks. This new feature enhances the existing encryption in transit capabilities in Azure.

 

Azure Virtual Network encryption is available in the following regions during public preview: East US 2 EUAP, Central US EUAP, West Central US, East US, East US 2, West US, West US 2.

 

Announcement: https://azure.microsoft.com/updates/public-preview-azure-virtual-network-encryption-2/

 

Documentation: https://learn.microsoft.com/azure/virtual-network/virtual-network-encryption-overview

 

 

Azure Service: API Management

Preview Features

 

We are excited to announce the public preview of the OData API type in Azure API Management. This new capability extends the benefits and capabilities of Azure API Management to OData APIs, including the ability to secure them with standard API protections, such as authentication, authorization, and rate limiting, in combination with OData-specific policies for request validation. First-class support for OData makes it easier for customers to use Azure API Management for publishing APIs from SAP, Oracle, Dataverse, and others who expose OData APIs.

 

Key Features of the OData API Type:

 

Import OData services into Azure API Management as APIs

 

Expose and protect OData APIs

 

Validate requests with OData specific policy

 

Integrate with SAP solutions

 

Announcement: https://azure.microsoft.com/updates/public-preview-odata-api-type-in-azure-api-management-2/

 

Documentation: https://learn.microsoft.com/azure/api-management/import-api-from-odata

 

Azure Service: ARC

New Features

 

At Inspire, we are announcing Extended Security Updates (ESUs) enabled by Azure Arc. You will be able to purchase and seamlessly deploy ESUs through Azure Arc in on-premises or multicloud environments, right from the Azure portal. In addition to providing a centralized management of security patching, ESUs enabled by Azure Arc gives you more flexibility with a pay-as-you-go subscription model, compared to the classic ESU offered through the Volume Licensing Center which are purchased in yearly increments. You can also leverage additional Azure services that help better secure, monitor, and govern end-of-support servers in tandem with your Windows Server and SQL Server ESUs.

 

This feature is available now for SQL Server 2012 with billing starting in September 2023. If you sign up before September, you will see a one-time charge from July 12 to September. For Windows Server, this feature will be available in September 2023, but customers can connect to Azure Arc today to prepare.

 

Announcement: https://azure.microsoft.com/updates/extendedsecurityupdatesenabledbyazurearc/

 

Documentation: https://techcommunity.microsoft.com/t5/azure-arc-blog/new-options-for-extended-security-updates-enab...

 

 

Azure Service: Cognitive Services

Preview Features

 

We're excited to announce that Vector search is now available in public preview on Azure Cognitive Search. The enterprise retrieval cloud service powers the next generation of LLM-based applications, as well as plugins for ChatGPT and Azure OpenAI service. With Vector search, Developers can store, index, and deliver search applications over vector representations of organizational data, also known as embeddings. Vector search supports a wide range of data types, such as text, images, audio, video, and graphs. Execute vector similarity queries using approximate nearest neighbor search. Find information that is semantically similar to search queries, even if the search terms are not exact matches. Azure Cognitive Search offers pure vector search and hybrid retrieval – as well as a sophisticated re-ranking system powered by Bing in a single integrated solution. Build applications to generate personalized responses in natural language, deliver product recommendations, detect fraud, identify data patterns, and more.

 

Announcement: https://azure.microsoft.com/updates/public-preview-vector-search-a-feature-of-azure-cognitive-search...

 

Documentation: https://aka.ms/Vector_SearchSnackableVideo

 

Azure Service: Event Grid

New Features

 

Azure Event Grid integration with Azure Kubernetes Service (AKS) enables you to subscribe to Event Grid notifications and get important event notifications. You can now receive and programmatically handle AKS generated upgrade events in Event Grid to minimize unexpected issues and improve how you handle such activities.

 

Event Grid enhancements add new events for the integration at GA to facilitate additional capabilities include:

 

Upgrade completed/ canceled/ failed notification

Cluster going out of support

cluster out of support notices.

 

Announcement: https://azure.microsoft.com/updates/generally-available-event-grid-upgrade-enhancements-for-aks/

 

Documentation: https://learn.microsoft.com/azure/event-grid/event-schema-aks?tabs=event-grid-event-schema

 

Azure Service: Functions

Preview Features

 

You can now develop functions using Python 3.11 locally and deploy them to all Azure Functions plans.

 

Announcement: https://azure.microsoft.com/updates/public-preview-support-for-python-311-in-azure-functions/

 

Documentation: https://docs.python.org/3/whatsnew/3.11.html

 

 

Azure Service: IoT Hub

General Availability

 

What’s changing:

The architecture of your IoT Hub includes a cluster of front-end message processing servers and software we call the IoT Hub gateway.  We are rolling out availability, reliability, and security improvements to this gateway between July 2023 and November 2023.

 

Potential impact:

The gateway upgrade will result in:

 

A forced disconnect and reconnect for all devices.

New static IP addresses for all IoT hubs.

Device disconnects:

Your devices will disconnect from IoT Hub while we upgrade the gateway nodes. The time it takes for your devices to reconnect depends on:

 

DNS update propagation: If your devices leverage DNS to resolve your IoT hub’s IP address, it will resolve the new IP address after the DNS updates propagate to the device’s DNS server(s) and any local DNS cache expires.

DPS reprovisioning: Reprovisioning is subject to DPS limits. Follow the recommended best practices to reprovision devices with DPS. Avoid reprovisioning unless IoT Hub returns an error other than 429 or 5xx.

Device connection retry logic: If your devices leverages the Azure IoT SDKs, they will attempt to reconnect according to their retry policy.

Device connection throttling: IoT Hub throttles device connections based on your selected tier.

Firewall rules and impact:

If you followed our best practices to configure your IoT Hub by using Fully Qualified Domain Name (FQDN), then no action is required.

If you implemented a range-based approach using IoT Hub service tags, no action is required.

If you restrict access based on a specific IP address for your IoT Hub, follow our best practices and move away from a static IP address. The IP address of your IoT Hub might change at any time for any reason.

If you cannot follow our best practices or have questions, reach out to your Azure IoT or Microsoft contacts.

 

Announcement: https://azure.microsoft.com/updates/general-availability-iot-hub-service-upgrade/

 

Documentation: https://azure.microsoft.com/updates/general-availability-iot-hub-service-upgrade/

 

 

Azure Service: Kubernetes Service

Preview Features

 

The new network observability add-on for AKS, now in public preview, provides complete observability into the network health and connectivity of your AKS cluster.

 

Key benefits:

 

Get access to cluster level network metrics like packet drops, connections stats and more.

(GA) Access to pod-level metrics and network debuggability features

Support for all Azure CNIs - AzureCNI and AzureCNI (Powered by Cilium)

Support for all AKS node types - Linux and Windows

Easy deployment using native Azure tools - AKS CLI, ARM templates, PowerShell, etc.

Seamless integration with the Azure managed Prometheus and Azure-managed Grafana offerings.

 

Announcement: https://azure.microsoft.com/updates/public-preview-network-observability-addon-for-aks-4/

 

Documentation: https://techcommunity.microsoft.com/t5/azure-observability-blog/comprehensive-network-observability-...

 

Preview Features

 

AKS now supports the ability to create clusters with BYOK enabled for nodes using ephemeral OS disk if the chosen VM SKU supports ephemeral. BYOK support provides you the option to use your own customer managed keys (CMK) to encrypt your ephemeral OS Disks, providing you increased control over your encryption keys.

 

Announcement: https://azure.microsoft.com/updates/public-preview-bring-your-own-key-on-ephemeral-os-disk-for-aks/

 

Documentation: https://learn.microsoft.com/azure/aks/azure-disk-customer-managed-keys

 

 

Azure Service: Machine Learning

General Availability

 

A new feature now available in GA enables you to create compute clusters in locations that are different from the location of the workspace.

 

Create and use compute in multiple Azure Regions​ – You can now use managed compute outside of the current Azure Machine Learning compute scenarios to run a job, either on-demand or in a dedicated manner.

 

Announcement: https://azure.microsoft.com/updates/azure-machine-learning-general-availability-for-july/

 

Documentation: https://azure.microsoft.com/updates/azure-machine-learning-general-availability-for-july/

 

Preview Features

 

New features now available in Public Preview enable you to create AI workflows that connect to various language models and data sources and use prompt flow and Azure OpenAI models to build LLM applications.

 

Build high quality intelligent applications with prompt flow – You can now utilize one platform to build, tune, evaluate, deploy, and test AI workflows.

 

 

 

Discover Azure OpenAI Service models in the model catalog – You can now access Azure OpenAI models in Azure Machine Learning through the model catalog.

 

 

 

Leverage LLaMA foundation models in the model catalog - You can now find, fine-tune, and deploy LLaMa models from Meta in Azure Machine Learning through the model catalog.

 

Announcement: https://azure.microsoft.com/updates/azure-machine-learning-public-preview-for-july/

 

Documentation: https://azure.microsoft.com/updates/azure-machine-learning-public-preview-for-july/

 

 

Azure Service: Media Services

Retiring Features

 

Azure Media Services will be retired on 30 June 2024. This is a result of Microsoft focusing on strategic areas of secular growth and long-term competitiveness for the company. We're also accelerating media services solutions from the Microsoft partner ecosystem across integrated solution vendors and system integrators.

 

From now through 30 June 2024, you can continue to use Azure Media Services without any disruptions. After 30 June 2024, Azure Media Services won’t be supported, and customers won’t have access to their Azure Media Services accounts.

 

Required action

To avoid any service disruptions, you’ll need to transition to Azure Video Indexer for on-demand video and audio analysis workflows or to a Microsoft partner solution for all other media services workflows before 30 June 2024.

 

Announcement: https://azure.microsoft.com/updates/retirement-notice-azure-media-services-is-being-retired-on-30-ju...

 

Documentation: https://azure.microsoft.com/updates/retirement-notice-azure-media-services-is-being-retired-on-30-ju...

 

Azure Service: Traffic Manager

General Availability

 

Today we are announcing that Always Serve for Azure Traffic Manager (ATM) is now generally available. You can disable endpoint health checks from an ATM profile and always serve traffic to that given endpoint. You can also now choose to use 3rd party health check tools to determine endpoint health, and ATM native health checks can be disabled, allowing flexible health check setups.

 

When creating or updating an endpoint, one can enable Always Serve.  The feature is enabled in the Azure portal, the API version “2022-04-01”, and Azure PowerShell.

 

Announcement: https://azure.microsoft.com/updates/alwaysservega/

 

Documentation: https://azure.microsoft.com/updates/alwaysservega/

 

 

Azure Service: Virtual Machines

Preview Features

 

Today we are introducing the preview Azure Boost, one of Microsoft Azure’s latest infrastructure innovations.  Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS onto purpose-built hardware and software, such as networking, storage, and host management. By separating hypervisor and host OS functions from the host infrastructure, Azure Boost enables greater network and storage performance at scale, improves security by adding another layer of logical isolation, and reduces the maintenance impact for future Azure software and hardware upgrades.

 

This innovation enables Azure customers participating in the preview to achieve a 200 Gbps networking throughput and a leading remote storage throughput up to 10 GBps and 400K IOPS, enabling the fastest storage workloads available today.

 

Azure Boost allows preview users to achieve this performance through access to experimental SKUs.  This preview will be important for many customers and partners to integrate critical components of Azure Boost into their current VM solutions, ensuring smooth operation on this new system in the future.

 

While we are announcing the preview of Azure Boost today, Azure Boost has been providing benefits to millions of existing Azure VMs in production today, such as enabling the exceptional remote storage performance of the Ebsv5 VM series and networking throughput and latency improvements for the entire Ev5 and Dv5 VM series.  Azure Boost will continue to innovate and provide benefits for Azure infrastructure users going forward.

 

 

 

Azure Boost marks a significant leap forward in Azure infrastructure innovation.  We invite Azure partners and customers with high-performance network and storage needs, particularly those using the Data Plane Development Kit (DPDK), to take part in the preview.

 

Announcement: https://azure.microsoft.com/updates/preview-azure-boost/

 

Documentation: https://techcommunity.microsoft.com/t5/azure-infrastructure-blog/introducing-microsoft-azure-boost-p...

 

Preview Features

 

Announcing public preview support for multi disk crash consistency mode in VM restore points. A crash consistent VM restore point is an agentless solution that stores the VM configuration and point-in-time write-order consistent snapshots for all managed disks attached to a Virtual Machine. This is same as the status of data in the VM after a power outage or a crash. Using Crash consistent restore points you can plan and protect your Azure VMs backup and/or disaster requirements.

 

Regions supported: West Europe and EastUS2. We will continue to rollout support in all regions in the coming weeks.

 

Announcement: https://azure.microsoft.com/updates/public-preview-crash-consistent-vm-restore-points/

 

Documentation: https://learn.microsoft.com/azure/virtual-machines/virtual-machines-create-restore-points

 


Announcements Details

 

Azure Service: Application Gateway

Preview Features

 

We are announcing Azure Application Gateway for Containers as a new SKU to the Application Gateway family.  Application Gateway for Containers is the next evolution of Application Gateway + Application Gateway Ingress Controller (AGIC), providing application (layer 7) load balancing and dynamic traffic management capabilities for workloads running in a Kubernetes cluster.

 

Application Gateway for Containers introduces the following improvements over AGIC:

 

Performance: Achieve near-to-real-time convergence times to reflect add/remove of pods, routes, probes, and other load balancing configuration within Kubernetes yaml configuration.

Scale: Push boundaries past current AGIC limits, exceeding 1400 backend pods and 100 listeners with Application Gateway for Containers.

Deployment: Enable a familiar deployment of ARM resources via ARM, PowerShell, CLI, Bicep, and Terraform or define all configuration within Kubernetes and have Application Gateway for Containers manage the rest in Azure!

Gateway API support: The next evolution in defining Kubernetes service networking through expressive, extensible, and role-oriented interfaces.

Weighted / Split traffic distribution: Enable blue-green deployment strategies and active / active or active / passive routing.

 

Announcement: https://azure.microsoft.com/updates/public-preview-application-gateway-for-containers/

 

Documentation: https://learn.microsoft.com/azure/application-gateway/for-containers/overview

 

Updated Features

 

We have updated the default TLS configuration for new deployments of the Application Gateway to Predefined AppGwSslPolicy20220101 policy to improve the default security. This recently introduced, generally available, predefined policy ensures better security with minimum TLS version 1.2 (up to TLS v1.3) and stronger cipher suites.

 

The default policy change applies to API versions (2023-02-01 or higher). The AppGwSslPolicy20220101 policy gets auto applied when no specific TLS policy is defined in the resource configuration during deployment. You can, however, choose to modify to any other TLS policy later, depending on your needs.

 

Announcement: https://azure.microsoft.com/updates/default-tls-policy-2022/

 

Documentation: https://learn.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview#defaul...

 

 

Azure Service: Cognitive Services

Retiring Features

 

Speech-to-text REST API v3.0 will be retired by 31 March 2026. Update your code that uses Speech-to-text REST API.

 

We recently updated the Speech-to-text REST API to version 3.1. Version 3.1 builds on the capabilities of the previous version and adds new features including language identification and multi-speaker diarization. With these enhancements, we'll retire version 3.0 of the API on 31 March 2026.

 

Announcement: https://azure.microsoft.com/updates/speechtotext-rest-api-v30-will-be-retired-by-31-march-2026/

 

Documentation: https://learn.microsoft.com/azure/ai-services/speech-service/migrate-v3-0-to-v3-1

 

Azure Service: DevOps

Updated Features

 

In July, we've delivered multiple improvements across Azure DevOps services. You can now dismiss dependency scanning alerts in Advanced Security that you believe to be a false positive or acceptable risk. In Azure Repos, we changed the default behavior to remove "Edit policies" permission when creating a new branch.

 

Announcement: https://azure.microsoft.com/updates/azure-devops-july-2023-updates/

 

Documentation: https://azure.microsoft.com/updates/azure-devops-july-2023-updates/

 

Azure Service: SQL Database

Updated Features

 

In mid-July 2023, the following updates and enhancements were made to Azure SQL:

 

Use Always Encrypted with Intel SGX enclaves in Azure SQL Database with up to 40 vCores on DC-series hardware.

 

Announcement: https://azure.microsoft.com/updates/azure-sql-public-preview-updates-for-midjuly-2023/

 

Documentation: https://techcommunity.microsoft.com/t5/azure-sql-blog/always-encrypted-with-secure-enclaves-dc-serie...

 

 

 

 

0 Replies