Just under two weeks before MS Ignite but the news keeps on coming. This week's news includes Cross Region Restore of Azure VMs now generally available, Azure Firewall Premium now in public preview, Azure role-based access control (RBAC) for Azure Key Vault data plane authorization is now generally available, Azure Machine Learning updates for native terminal is now generally available and as always, the Microsoft Learn Module of the Week.
Cross Region Restore of Azure VMs now generally available
The backup data in the Azure Backup Recovery service vault stores backup data which defaults storage settings to geo-redundancy, and the backed up data in the primary region is geo-replicated to an Azure-paired secondary region. The data replicated to the secondary region is available to restore in the secondary region only if Azure declares a disaster in the primary region. Customers who opt-in for this feature can initiate restores in the secondary region at any time making the customer controlled secondary region restores possible in both times of primary region being available or unavailable.
The following capabilities can now be preformed under the new Azure Firewall Premium public preview:
Transport Layer Security (TLS) Inspection: decrypts outbound traffic, performs the required value-added security functions and re-encrypt the traffic which is sent to the original destination.
Intrusion Detection and Prevention System (IDPS): provides signature-based IDPS to allow rapid detection of attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious instruction sequences used by malware.
Web Categories: Allows admins to allow or deny user access to the Internet based on categories (e.g. social networking, search engines, gambling), reducing the time spent on managing individual FQDNs and URLs. This capability is also available for Azure Firewall Standard based on FQDNs only.
URL Filtering: Allow users to access specific URLs for both plain text and encrypted traffic, typically being used in congestion with web categories.
Azure role-based access control (RBAC) for Azure Key Vault data plane authorization is now generally available
System admins can now achieve unified management and access control across Azure Resources with Azure role-based access control (RBAC) for Azure Key Vault on data plane. This capability now allows the ability to manage RBAC for Key Vault keys, certificates, and secrets with roles assignment scope available from management group to individual key, certificate, and secret. When enabled, Azure AD users and services will be validated exclusively by Azure RBAC.
Azure Machine Learning updates for native terminal now generally available
Terminal in Azure Machine Learning can now be used to perform any CLI operation directly in the Azure Machine Learning studio. CLI operations include cloning notebook files from Git Repository , installing a Python package, and executing Python Files.