helderpinto

15 Topics

How to identify Azure resources using default outbound Internet access?
The default outbound access problem On 30 September 2025, default outbound access connectivity for virtual machines in Azure will be retired (see announcement). After this date, all new VMs that require internet access will need to use explicit outbound connectivity methods such as Azure NAT Gateway, Azure Load Balancer outbound rules, an Azure Firewall/NVA, or a directly attached Azure public IP address. Existing VMs that use default outbound access will continue to work after this retirement, however, we strongly recommend transitioning to an explicit outbound method so that: Your workloads won’t be affected by public IP address changes. You have greater control over how your VMs connect to the internet. Your VMs use traceable IP resources that you own. Explicit outbound solutions You can find a complete guidance on how default outbound access in Azure works and how to transition to an explicit outbound connectivity method in the VNet IP services documentation and also on this very detailed blog post. The options can be summarized as follows (any option works, but they are ordered by preference): Route the subnet Internet-bound traffic to an Azure Firewall or marketplace NVA, via a custom User-Defined Route. For enterprise-grade customers, this is the recommended approach, as it allows you to centralize egress and increase network security with features like packet filtering, FQDN-based rules, TLS inspection, or IDPS. Associate a NAT Gateway to the subnet of your virtual machines. Consider you need to create one NAT gateway per Virtual Network, because NAT Gateways cannot be reused across multiple Virtual Networks. Associate a Public Standard Load Balancer configured with outbound rules. Associate a Standard Public IP to any of the virtual machine's network interfaces. For HTTP traffic only, forward outbound requests to a centralized HTTP proxy machine, provided this machine has one of the explicit outbound access methods above enabled. Prepare your Azure Virtual Networks for this change soon enough, because after 30 September 2025, new virtual machines will not be able to connect directly to the Internet. If you have subnets in which all VMs are already using explicit outbound connectivity methods, it is advisable to make those subnets private, to avoid new implicit outbound cases before the deadline. Identifying Azure resources using default outbound Internet access Now, you may ask “which of my Azure Virtual Machines or Scale Sets are using default outbound Internet access?” This question is helpful for characterizing your current compute estate and anticipate issues, but also to plan the transition to an explicit outbound method, for the reasons outlined above. Luckily, there are some helpers. First, there is an Azure Advisor Operational Excellence recommendation (“Add explicit outbound method to disable default outbound”) that helps you pinpoint network interfaces that might be in this situation. However, this recommendation does not currently cover Virtual Machine Scale Sets or machines behind a Public Basic Load Balancer. The second option is to use Azure Resource Graph and query the Azure control plane for resources in this situation. The two queries below address Virtual Machine and Virtual Machine Scale Set use cases. If there are resources with explicit outbound access via a Public Basic Load Balancer, those are also flagged, because Basic Load Balancers are also on the retirement path on the same date. If you already have Azure Firewalls or NVAs to which you are routing egress traffic, don’t forget to replace the <firewall private IP> placeholders (line 14 of each query) by the private IP address of the firewall(s); otherwise, leave the query as is. NOTE: the query below does not consider Azure Virtual WAN scenarios where Virtual Hubs have route tables forcing Internet-bound traffic to flow into an NVA, as Virtual Hubs route tables are not exposed yet in Azure Resource Graph. Virtual Machines resources | where type =~ 'microsoft.network/virtualnetworks' | mvexpand subnet = properties.subnets | project vnetName=tolower(name), resourceGroup, subscriptionId, location, subnetName = tolower(subnet.name), subnetId=tolower(subnet.id), routeTable = tolower(subnet.properties.routeTable.id), hasNatGW = iif(isnotempty(subnet.properties.natGateway.id), true, false) | join kind=inner ( resourcecontainers | where type =~ 'microsoft.resources/subscriptions' | project subscriptionId, subscriptionName = name) on subscriptionId | project-away subscriptionId, subscriptionId1 | order by subnetId | join kind=leftouter ( resources | where type == 'microsoft.network/routetables' | project routeTable=tolower(id), routeTableProperties=properties ) on routeTable | mv-expand route = routeTableProperties.routes | project-away routeTable1, routeTableProperties | extend routesToFW = iif(route.properties.addressPrefix == '0.0.0.0/0' and route.properties.nextHopType == 'VirtualAppliance' and route.properties.nextHopIpAddress in ('<firewall private IP>'), true, false) | extend routeName = tolower(route.name) | project-away route | join kind=leftouter ( resources | where type == 'microsoft.network/networkinterfaces' | extend vmId = tolower(properties.virtualMachine.id) | where isnotempty(vmId) | mv-expand ipConfiguration = properties.ipConfigurations | mv-expand backendPool = ipConfiguration.properties.loadBalancerBackendAddressPools | extend loadBalancerId = tolower(substring(backendPool.id, 0, indexof(backendPool.id, '/backendAddressPools'))) | join kind=leftouter ( resources | where type == 'microsoft.network/loadbalancers' | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal') | mv-expand loadBalancingRule = properties.loadBalancingRules | extend lbOutboundSnat = iif(lbType =='Public', iif(sku.name == 'Standard', not(tobool(loadBalancingRule.properties.disableOutboundSnat)), true), false) | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat | union ( resources | where type == 'microsoft.network/loadbalancers' | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal') | mv-expand outboundRule = properties.outboundRules | extend lbOutboundSnat = iif(isnotempty(outboundRule) or (sku.name == 'Basic' and lbType == 'Public'), true, false) | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat ) | summarize make_set(lbOutboundSnat) by loadBalancerId, lbSku, lbType | extend lbOutboundSnat = iif(array_length(set_lbOutboundSnat) == 1, set_lbOutboundSnat[0], true) ) on loadBalancerId | project nicId=tolower(id), vmId, subnetId=tolower(ipConfiguration.properties.subnet.id), hasPublicIP=iif(isnotempty(ipConfiguration.properties.publicIPAddress.id), true, false), lbOutboundSnat, lbSku ) on subnetId | where isnotempty(vmId) | extend lbOutboundSnat = iif(isnotempty(lbOutboundSnat), lbOutboundSnat, false) | extend hasPublicIP=iif(isnotempty(hasPublicIP), hasPublicIP, false) | summarize hasNatGW=make_set(hasNatGW), routesToFW=make_set(routesToFW), hasPublicIP=make_set(hasPublicIP), lbOutboundSnat=make_set(lbOutboundSnat), lbSku=make_set(lbSku) by vnetName, resourceGroup, subscriptionName, location, vmId | extend hasNatGW = iif(array_length(hasNatGW) == 1, hasNatGW[0], true) | extend routesToFW = iif(array_length(routesToFW) == 1, routesToFW[0], true) | extend hasPublicIP = iif(array_length(hasPublicIP) == 1, hasPublicIP[0], true) | extend lbOutboundSnat = iif(array_length(lbOutboundSnat) == 1, lbOutboundSnat[0], true) | extend lbSku = tostring(lbSku[0]) | summarize by vmId, vmName=tostring(split(vmId,'/')[-1]), resourceGroup=tostring(split(vmId,'/')[4]), subscriptionName, location, vnetName, routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP //| summarize vmCount=dcount(vmId) by routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP //uncomment this line and comment the last one to get only stats | where not(hasNatGW) and not(routesToFW) and not(hasPublicIP) and (not(lbOutboundSnat) or lbSku == 'Basic') Virtual Machine Scale Sets resources | where type =~ 'microsoft.network/virtualnetworks' | mvexpand subnet = properties.subnets | project vnetName=tolower(name), resourceGroup, subscriptionId, location, subnetName = tolower(subnet.name), subnetId=tolower(subnet.id), routeTable = tolower(subnet.properties.routeTable.id), hasNatGW = iif(isnotempty(subnet.properties.natGateway.id), true, false) | join kind=inner ( resourcecontainers | where type =~ 'microsoft.resources/subscriptions' | project subscriptionId, subscriptionName = name) on subscriptionId | project-away subscriptionId, subscriptionId1 | order by subnetId | join kind=leftouter ( resources | where type == 'microsoft.network/routetables' | project routeTable=tolower(id), routeTableProperties=properties ) on routeTable | mv-expand route = routeTableProperties.routes | project-away routeTable1, routeTableProperties | extend routesToFW = iif(route.properties.addressPrefix == '0.0.0.0/0' and route.properties.nextHopType == 'VirtualAppliance' and route.properties.nextHopIpAddress in ('<firewall private IP>'), true, false) | extend routeName = tolower(route.name) | project-away route | join kind=leftouter ( resources | where type == 'microsoft.compute/virtualmachinescalesets' and properties.orchestrationMode == 'Uniform' | mv-expand nicConfiguration = properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations | mv-expand ipConfiguration = nicConfiguration.properties.ipConfigurations | mv-expand backendPool = ipConfiguration.properties.loadBalancerBackendAddressPools | extend loadBalancerId = tolower(substring(backendPool.id, 0, indexof(backendPool.id, '/backendAddressPools'))) | join kind=leftouter ( resources | where type == 'microsoft.network/loadbalancers' | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal') | mv-expand loadBalancingRule = properties.loadBalancingRules | extend lbOutboundSnat = iif(lbType =='Public', iif(sku.name == 'Standard', not(tobool(loadBalancingRule.properties.disableOutboundSnat)), true), false) | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat | union ( resources | where type == 'microsoft.network/loadbalancers' | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal') | mv-expand outboundRule = properties.outboundRules | extend lbOutboundSnat = iif(isnotempty(outboundRule) or (sku.name == 'Basic' and lbType == 'Public'), true, false) | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat ) | summarize make_set(lbOutboundSnat) by loadBalancerId, lbSku, lbType | extend lbOutboundSnat = iif(array_length(set_lbOutboundSnat) == 1, set_lbOutboundSnat[0], true) ) on loadBalancerId | project vmssId=tolower(id), subnetId=tolower(ipConfiguration.properties.subnet.id), hasPublicIP=iif(isnotempty(ipConfiguration.properties.publicIPAddressConfiguration), true, false), lbOutboundSnat, lbSku ) on subnetId | where isnotempty(vmssId) | extend lbOutboundSnat = iif(isnotempty(lbOutboundSnat), lbOutboundSnat, false) | extend hasPublicIP=iif(isnotempty(hasPublicIP), hasPublicIP, false) | summarize hasNatGW=make_set(hasNatGW), routesToFW=make_set(routesToFW), hasPublicIP=make_set(hasPublicIP), lbOutboundSnat=make_set(lbOutboundSnat), lbSku=make_set(lbSku) by vnetName, resourceGroup, subscriptionName, location, vmssId | extend hasNatGW = iif(array_length(hasNatGW) == 1, hasNatGW[0], true) | extend routesToFW = iif(array_length(routesToFW) == 1, routesToFW[0], true) | extend hasPublicIP = iif(array_length(hasPublicIP) == 1, hasPublicIP[0], true) | extend lbOutboundSnat = iif(array_length(lbOutboundSnat) == 1, lbOutboundSnat[0], true) | extend lbSku = tostring(lbSku[0]) | summarize by vmssId, vmssName=tostring(split(vmssId,'/')[-1]), resourceGroup=tostring(split(vmssId,'/')[4]), subscriptionName, location, vnetName, routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP //| summarize vmssCount=dcount(vmssId) by routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP //uncomment this line and comment the last one to get only stats | where not(hasNatGW) and not(routesToFW) and not(hasPublicIP) and (not(lbOutboundSnat) or lbSku == 'Basic') Acknowledgments Special thanks to my colleagues Pedro Pereira and Fernando Loureiro for having triggered the idea for this blog post.
hspinto
Apr 21, 2025 Place Core Infrastructure and Security Blog
3KViews
3likes
2Comments
Automating Continuous Optimization with the Azure Optimization Engine
Here is Hélder Pinto again, writing the last post of a series dedicated to the implementation of automated Continuous Optimization with Azure Advisor recommendations.
hspinto
Jul 18, 2024 Place Core Infrastructure and Security Blog
8.7KViews
3likes
3Comments
Augmenting Azure Advisor Cost Recommendations for Automated Continuous Optimization – Part 3
This is the third post of a series dedicated to the implementation of automated Continuous Optimization with Azure Advisor Cost recommendations. For a contextualization of the solution here described, please read the introductory post for an overview of the solution and also the second post for the details and deployment of the main solution components.
hspinto
Jul 02, 2024 Place Core Infrastructure and Security Blog
9.6KViews
5likes
8Comments
Get Azure Reservations and Savings Plans Insights with the Azure Optimization Engine
When adopting Azure commitments, customers face typically two types of challenges: 1) Estimating the quantities or amount to commit for – e.g., how many VM Reservations of a given size and region, what Saving Plan hourly commitment, and for how long? and 2) Reviewing how effective and efficient commitments have been – e.g., which resources have been leveraging a specific commitment, is a commitment fully consumed, how many savings have been achieved over a period? The Azure Optimization Engine (AOE) provides you with reporting that complements Azure-native tooling for your Azure commitment purchase decision and review processes. This article covers the several AOE Workbooks available for this purpose.
hspinto
Jun 14, 2024 Place Core Infrastructure and Security Blog
9.7KViews
3likes
7Comments
Estimating Azure Diagnostics Cost
Azure resource logging (with Azure Diagnostics) is recommended as part of the Operational Excellence and Security pillars of the Well Architected Framework. Furthermore, you’ll also increase your Azure Secure Score, as enabling auditing and logging is one of the assessed controls of your security posture. This blog post helps you estimate the cost of enabling Azure Diagnostics at scale.
hspinto
Mar 12, 2024 Place Core Infrastructure and Security Blog
12KViews
4likes
1Comment
Test your Patches! A Staged Patching Solution with Azure Update Manager
A common challenge faced by most enterprise organizations who, hopefully, automate their operating systems patching cycles is to ensure that only the Windows and Linux packages updates that were tested in dev/test pre-production environments reach production machines. This article is for those readers who have been implementing automated, scheduled patching with Azure Update Manager and now want to put into practice a staged patching solution following good patching reliability practices.
hspinto
Feb 14, 2024 Place Core Infrastructure and Security Blog
10KViews
3likes
2Comments
Azure Identities and Roles Governance Dashboard At Your Fingertips
I am writing about Azure Identities and Roles and how the Azure Optimization Engine can help you gain better visibility about your Azure users and applications as well as the roles they own both in Azure and Microsoft Entra. I built a solution that periodically exports to Log Analytics all Microsoft Entra identities (users, groups, and applications) and the roles they own in Azure and Microsoft Entra. With this information available in an easily queryable repository, we can build an interesting Azure Monitor Workbook
hspinto
Nov 02, 2023 Place Core Infrastructure and Security Blog
21KViews
12likes
30Comments
Deploying Microsoft Defender for Servers in Network-Restricted Environments
Microsoft Defender for Servers requires the deployment of several agents to achieve its multiple protection capabilities. As many of our customers run their Windows/Linux server environments without direct Internet outbound connectivity, there is the need for guidance on how to successfully deploy Defender for Servers with such restrictions. This article aims thus to bring additional clarity by summarizing all the considerations that must be taken when deploying each Defender for Servers component in network-restricted environments.
hspinto
Jul 31, 2023 Place Core Infrastructure and Security Blog
11KViews
4likes
0Comments
How to Allocate Azure Monitor Logs Ingestion Costs by Resource Tag
Azure Monitor Logs has also become an important cost driver for many Azure customers and being able to allocate or split those costs across the right cost centers in the organization is a pressing need most customers have. This is especially relevant for customers who centralize as much as possible their Log Analytics workspaces, following Microsoft’s recommended best practices. The question this article answers is: how can we sort out which logs belong to which cost center in a simple manner?
hspinto
May 08, 2023 Place Core Infrastructure and Security Blog
7.1KViews
2likes
0Comments
How to Remove at Scale the Azure Diagnostics Extension and its Storage Data
Hello, dear readers! Here is Hélder Pinto again, now writing about a topic that came out of my experience in one of my customers, who decided to stop using the Azure Diagnostics Extension in their virtual machine estate but had a massive challenge: how to remove the extension across 1000s of VMs and be sure that the diagnostics data was removed from Azure Storage and, by the way, save more than 10K euros per month? Let’s see how we did it.
hspinto
Mar 29, 2023 Place Core Infrastructure and Security Blog
8.8KViews
1like
6Comments

"}},"componentScriptGroups({\"componentId\":\"custom.widget.MicrosoftFooter\"})":{"__typename":"ComponentScriptGroups","scriptGroups":{"__typename":"ComponentScriptGroupsDefinition","afterInteractive":{"__typename":"PageScriptGroupDefinition","group":"AFTER_INTERACTIVE","scriptIds":[]},"lazyOnLoad":{"__typename":"PageScriptGroupDefinition","group":"LAZY_ON_LOAD","scriptIds":[]}},"componentScripts":[]},"tagFollowsForNodes({\"nodeIds\":\"board:CoreInfrastructureandSecurityBlog\",\"tagText\":\"helderpinto\"})":[{"__typename":"TagFollowForNodeResponse","coreNode":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"follow":null}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/community/NavbarDropdownToggle\"]})":[{"__ref":"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageListTabs\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageListTabs-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageView/MessageViewInline\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/Pager/PagerLoadMore\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/common/OverflowNav\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/common/OverflowNav-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/users/UserLink\"]})":[{"__ref":"CachedAsset:text:en_US-components/users/UserLink-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageSubject\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageSubject-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageBody\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageBody-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageTime\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageTime-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/nodes/NodeIcon\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/nodes/NodeIcon-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageUnreadCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageUnreadCount-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageViewCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageViewCount-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/kudos/KudosCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/kudos/KudosCount-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"components/messages/MessageRepliesCount\"]})":[{"__ref":"CachedAsset:text:en_US-components/messages/MessageRepliesCount-1745505307000"}],"cachedText({\"lastModified\":\"1745505307000\",\"locale\":\"en-US\",\"namespaces\":[\"shared/client/components/users/UserAvatar\"]})":[{"__ref":"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1745505307000"}]},"Theme:customTheme1":{"__typename":"Theme","id":"customTheme1"},"User:user:-1":{"__typename":"User","id":"user:-1","uid":-1,"login":"Deleted","email":"","avatar":null,"rank":null,"kudosWeight":1,"registrationData":{"__typename":"RegistrationData","status":"ANONYMOUS","registrationTime":null,"confirmEmailStatus":false,"registrationAccessLevel":"VIEW","ssoRegistrationFields":[]},"ssoId":null,"profileSettings":{"__typename":"ProfileSettings","dateDisplayStyle":{"__typename":"InheritableStringSettingWithPossibleValues","key":"layout.friendly_dates_enabled","value":"false","localValue":"true","possibleValues":["true","false"]},"dateDisplayFormat":{"__typename":"InheritableStringSetting","key":"layout.format_pattern_date","value":"MMM dd yyyy","localValue":"MM-dd-yyyy"},"language":{"__typename":"InheritableStringSettingWithPossibleValues","key":"profile.language","value":"en-US","localValue":null,"possibleValues":["en-US","es-ES"]},"repliesSortOrder":{"__typename":"InheritableStringSettingWithPossibleValues","key":"config.user_replies_sort_order","value":"DEFAULT","localValue":"DEFAULT","possibleValues":["DEFAULT","LIKES","PUBLISH_TIME","REVERSE_PUBLISH_TIME"]}},"deleted":false},"CachedAsset:pages-1747138595087":{"__typename":"CachedAsset","id":"pages-1747138595087","value":[{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"BlogViewAllPostsPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId/all-posts/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CasePortalPage","type":"CASE_PORTAL","urlPath":"/caseportal","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CreateGroupHubPage","type":"GROUP_HUB","urlPath":"/groups/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CaseViewPage","type":"CASE_DETAILS","urlPath":"/case/:caseId/:caseNumber","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"InboxPage","type":"COMMUNITY","urlPath":"/inbox","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"HelpFAQPage","type":"COMMUNITY","urlPath":"/help","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"IdeaMessagePage","type":"IDEA_POST","urlPath":"/idea/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"IdeaViewAllIdeasPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/all-ideas/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"LoginPage","type":"USER","urlPath":"/signin","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"BlogPostPage","type":"BLOG","urlPath":"/category/:categoryId/blogs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"UserBlogPermissions.Page","type":"COMMUNITY","urlPath":"/c/user-blog-permissions/page","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ThemeEditorPage","type":"COMMUNITY","urlPath":"/designer/themes","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TkbViewAllArticlesPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId/all-articles/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1730819800000,"localOverride":null,"page":{"id":"AllEvents","type":"CUSTOM","urlPath":"/Events","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"OccasionEditPage","type":"EVENT","urlPath":"/event/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"OAuthAuthorizationAllowPage","type":"USER","urlPath":"/auth/authorize/allow","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"PageEditorPage","type":"COMMUNITY","urlPath":"/designer/pages","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"PostPage","type":"COMMUNITY","urlPath":"/category/:categoryId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForumBoardPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TkbBoardPage","type":"TKB","urlPath":"/category/:categoryId/kb/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"EventPostPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"UserBadgesPage","type":"COMMUNITY","urlPath":"/users/:login/:userId/badges","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"GroupHubMembershipAction","type":"GROUP_HUB","urlPath":"/membership/join/:nodeId/:membershipType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"MaintenancePage","type":"COMMUNITY","urlPath":"/maintenance","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"IdeaReplyPage","type":"IDEA_REPLY","urlPath":"/idea/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"UserSettingsPage","type":"USER","urlPath":"/mysettings/:userSettingsTab","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"GroupHubsPage","type":"GROUP_HUB","urlPath":"/groups","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForumPostPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"OccasionRsvpActionPage","type":"OCCASION","urlPath":"/event/:boardId/:messageSubject/:messageId/rsvp/:responseType","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"VerifyUserEmailPage","type":"USER","urlPath":"/verifyemail/:userId/:verifyEmailToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"AllOccasionsPage","type":"OCCASION","urlPath":"/category/:categoryId/events/:boardId/all-events/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"EventBoardPage","type":"EVENT","urlPath":"/category/:categoryId/events/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TkbReplyPage","type":"TKB_REPLY","urlPath":"/kb/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"IdeaBoardPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CommunityGuideLinesPage","type":"COMMUNITY","urlPath":"/communityguidelines","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CaseCreatePage","type":"SALESFORCE_CASE_CREATION","urlPath":"/caseportal/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TkbEditPage","type":"TKB","urlPath":"/kb/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForgotPasswordPage","type":"USER","urlPath":"/forgotpassword","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"IdeaEditPage","type":"IDEA","urlPath":"/idea/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TagPage","type":"COMMUNITY","urlPath":"/tag/:tagName","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"BlogBoardPage","type":"BLOG","urlPath":"/category/:categoryId/blog/:boardId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"OccasionMessagePage","type":"OCCASION_TOPIC","urlPath":"/event/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ManageContentPage","type":"COMMUNITY","urlPath":"/managecontent","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ClosedMembershipNodeNonMembersPage","type":"GROUP_HUB","urlPath":"/closedgroup/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CommunityPage","type":"COMMUNITY","urlPath":"/","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForumMessagePage","type":"FORUM_TOPIC","urlPath":"/discussions/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"IdeaPostPage","type":"IDEA","urlPath":"/category/:categoryId/ideas/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1730819800000,"localOverride":null,"page":{"id":"CommunityHub.Page","type":"CUSTOM","urlPath":"/Directory","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"BlogMessagePage","type":"BLOG_ARTICLE","urlPath":"/blog/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"RegistrationPage","type":"USER","urlPath":"/register","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"EditGroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForumEditPage","type":"FORUM","urlPath":"/discussions/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ResetPasswordPage","type":"USER","urlPath":"/resetpassword/:userId/:resetPasswordToken","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1730819800000,"localOverride":null,"page":{"id":"AllBlogs.Page","type":"CUSTOM","urlPath":"/blogs","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TkbMessagePage","type":"TKB_ARTICLE","urlPath":"/kb/:boardId/:messageSubject/:messageId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"BlogEditPage","type":"BLOG","urlPath":"/blog/:boardId/:messageSubject/:messageId/edit","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ManageUsersPage","type":"USER","urlPath":"/users/manage/:tab?/:manageUsersTab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForumReplyPage","type":"FORUM_REPLY","urlPath":"/discussions/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"PrivacyPolicyPage","type":"COMMUNITY","urlPath":"/privacypolicy","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"NotificationPage","type":"COMMUNITY","urlPath":"/notifications","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"UserPage","type":"USER","urlPath":"/users/:login/:userId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"HealthCheckPage","type":"COMMUNITY","urlPath":"/health","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"OccasionReplyPage","type":"OCCASION_REPLY","urlPath":"/event/:boardId/:messageSubject/:messageId/comments/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ManageMembersPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/manage/:tab?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"SearchResultsPage","type":"COMMUNITY","urlPath":"/search","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"BlogReplyPage","type":"BLOG_REPLY","urlPath":"/blog/:boardId/:messageSubject/:messageId/replies/:replyId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"GroupHubPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TermsOfServicePage","type":"COMMUNITY","urlPath":"/termsofservice","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"CategoryPage","type":"CATEGORY","urlPath":"/category/:categoryId","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"ForumViewAllTopicsPage","type":"FORUM","urlPath":"/category/:categoryId/discussions/:boardId/all-topics/(/:after|/:before)?","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"TkbPostPage","type":"TKB","urlPath":"/category/:categoryId/kbs/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"},{"lastUpdatedTime":1747138595087,"localOverride":null,"page":{"id":"GroupHubPostPage","type":"GROUP_HUB","urlPath":"/group/:groupHubId/:boardId/create","__typename":"PageDescriptor"},"__typename":"PageResource"}],"localOverride":false},"CachedAsset:text:en_US-components/context/AppContext/AppContextProvider-0":{"__typename":"CachedAsset","id":"text:en_US-components/context/AppContext/AppContextProvider-0","value":{"noCommunity":"Cannot find community","noUser":"Cannot find current user","noNode":"Cannot find node with id {nodeId}","noMessage":"Cannot find message with id {messageId}","userBanned":"We're sorry, but you have been banned from using this site.","userBannedReason":"You have been banned for the following reason: {reason}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-0":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-0","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:theme:customTheme1-1747138594486":{"__typename":"CachedAsset","id":"theme:customTheme1-1747138594486","value":{"id":"customTheme1","animation":{"fast":"150ms","normal":"250ms","slow":"500ms","slowest":"750ms","function":"cubic-bezier(0.07, 0.91, 0.51, 1)","__typename":"AnimationThemeSettings"},"avatar":{"borderRadius":"50%","collections":["default"],"__typename":"AvatarThemeSettings"},"basics":{"browserIcon":{"imageAssetName":"favicon-1730836283320.png","imageLastModified":"1730836286415","__typename":"ThemeAsset"},"customerLogo":{"imageAssetName":"favicon-1730836271365.png","imageLastModified":"1730836274203","__typename":"ThemeAsset"},"maximumWidthOfPageContent":"1300px","oneColumnNarrowWidth":"800px","gridGutterWidthMd":"30px","gridGutterWidthXs":"10px","pageWidthStyle":"WIDTH_OF_BROWSER","__typename":"BasicsThemeSettings"},"buttons":{"borderRadiusSm":"3px","borderRadius":"3px","borderRadiusLg":"5px","paddingY":"5px","paddingYLg":"7px","paddingYHero":"var(--lia-bs-btn-padding-y-lg)","paddingX":"12px","paddingXLg":"16px","paddingXHero":"60px","fontStyle":"NORMAL","fontWeight":"700","textTransform":"NONE","disabledOpacity":0.5,"primaryTextColor":"var(--lia-bs-white)","primaryTextHoverColor":"var(--lia-bs-white)","primaryTextActiveColor":"var(--lia-bs-white)","primaryBgColor":"var(--lia-bs-primary)","primaryBgHoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.85))","primaryBgActiveColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) * 0.7))","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","primaryBorderActive":"1px solid transparent","primaryBorderFocus":"1px solid var(--lia-bs-white)","primaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","secondaryTextColor":"var(--lia-bs-gray-900)","secondaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","secondaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","secondaryBgColor":"var(--lia-bs-gray-200)","secondaryBgHoverColor":"hsl(var(--lia-bs-gray-200-h), var(--lia-bs-gray-200-s), calc(var(--lia-bs-gray-200-l) * 0.96))","secondaryBgActiveColor":"hsl(var(--lia-bs-gray-200-h), var(--lia-bs-gray-200-s), calc(var(--lia-bs-gray-200-l) * 0.92))","secondaryBorder":"1px solid transparent","secondaryBorderHover":"1px solid transparent","secondaryBorderActive":"1px solid transparent","secondaryBorderFocus":"1px solid transparent","secondaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","tertiaryTextColor":"var(--lia-bs-gray-900)","tertiaryTextHoverColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.95))","tertiaryTextActiveColor":"hsl(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), calc(var(--lia-bs-gray-900-l) * 0.9))","tertiaryBgColor":"transparent","tertiaryBgHoverColor":"transparent","tertiaryBgActiveColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.04)","tertiaryBorder":"1px solid transparent","tertiaryBorderHover":"1px solid hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","tertiaryBorderActive":"1px solid transparent","tertiaryBorderFocus":"1px solid transparent","tertiaryBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","destructiveTextColor":"var(--lia-bs-danger)","destructiveTextHoverColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.95))","destructiveTextActiveColor":"hsl(var(--lia-bs-danger-h), var(--lia-bs-danger-s), calc(var(--lia-bs-danger-l) * 0.9))","destructiveBgColor":"var(--lia-bs-gray-200)","destructiveBgHoverColor":"hsl(var(--lia-bs-gray-200-h), var(--lia-bs-gray-200-s), calc(var(--lia-bs-gray-200-l) * 0.96))","destructiveBgActiveColor":"hsl(var(--lia-bs-gray-200-h), var(--lia-bs-gray-200-s), calc(var(--lia-bs-gray-200-l) * 0.92))","destructiveBorder":"1px solid transparent","destructiveBorderHover":"1px solid transparent","destructiveBorderActive":"1px solid transparent","destructiveBorderFocus":"1px solid transparent","destructiveBoxShadowFocus":"0 0 0 1px var(--lia-bs-primary), 0 0 0 4px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","__typename":"ButtonsThemeSettings"},"border":{"color":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","mainContent":"NONE","sideContent":"LIGHT","radiusSm":"3px","radius":"5px","radiusLg":"9px","radius50":"100vw","__typename":"BorderThemeSettings"},"boxShadow":{"xs":"0 0 0 1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.08), 0 3px 0 -1px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.16)","sm":"0 2px 4px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.12)","md":"0 5px 15px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.3)","lg":"0 10px 30px hsla(var(--lia-bs-gray-900-h), var(--lia-bs-gray-900-s), var(--lia-bs-gray-900-l), 0.3)","__typename":"BoxShadowThemeSettings"},"cards":{"bgColor":"var(--lia-panel-bg-color)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":"var(--lia-box-shadow-xs)","__typename":"CardsThemeSettings"},"chip":{"maxWidth":"300px","height":"30px","__typename":"ChipThemeSettings"},"coreTypes":{"defaultMessageLinkColor":"var(--lia-bs-link-color)","defaultMessageLinkDecoration":"none","defaultMessageLinkFontStyle":"NORMAL","defaultMessageLinkFontWeight":"400","defaultMessageFontStyle":"NORMAL","defaultMessageFontWeight":"400","defaultMessageFontFamily":"var(--lia-bs-font-family-base)","forumColor":"#4099E2","forumFontFamily":"var(--lia-bs-font-family-base)","forumFontWeight":"var(--lia-default-message-font-weight)","forumLineHeight":"var(--lia-bs-line-height-base)","forumFontStyle":"var(--lia-default-message-font-style)","forumMessageLinkColor":"var(--lia-default-message-link-color)","forumMessageLinkDecoration":"var(--lia-default-message-link-decoration)","forumMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","forumMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","forumSolvedColor":"#148563","blogColor":"#1CBAA0","blogFontFamily":"var(--lia-bs-font-family-base)","blogFontWeight":"var(--lia-default-message-font-weight)","blogLineHeight":"1.75","blogFontStyle":"var(--lia-default-message-font-style)","blogMessageLinkColor":"var(--lia-default-message-link-color)","blogMessageLinkDecoration":"var(--lia-default-message-link-decoration)","blogMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","blogMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","tkbColor":"#4C6B90","tkbFontFamily":"var(--lia-bs-font-family-base)","tkbFontWeight":"var(--lia-default-message-font-weight)","tkbLineHeight":"1.75","tkbFontStyle":"var(--lia-default-message-font-style)","tkbMessageLinkColor":"var(--lia-default-message-link-color)","tkbMessageLinkDecoration":"var(--lia-default-message-link-decoration)","tkbMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","tkbMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaColor":"#4099E2","qandaFontFamily":"var(--lia-bs-font-family-base)","qandaFontWeight":"var(--lia-default-message-font-weight)","qandaLineHeight":"var(--lia-bs-line-height-base)","qandaFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkColor":"var(--lia-default-message-link-color)","qandaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","qandaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","qandaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","qandaSolvedColor":"#3FA023","ideaColor":"#FF8000","ideaFontFamily":"var(--lia-bs-font-family-base)","ideaFontWeight":"var(--lia-default-message-font-weight)","ideaLineHeight":"var(--lia-bs-line-height-base)","ideaFontStyle":"var(--lia-default-message-font-style)","ideaMessageLinkColor":"var(--lia-default-message-link-color)","ideaMessageLinkDecoration":"var(--lia-default-message-link-decoration)","ideaMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","ideaMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","contestColor":"#FCC845","contestFontFamily":"var(--lia-bs-font-family-base)","contestFontWeight":"var(--lia-default-message-font-weight)","contestLineHeight":"var(--lia-bs-line-height-base)","contestFontStyle":"var(--lia-default-message-link-font-style)","contestMessageLinkColor":"var(--lia-default-message-link-color)","contestMessageLinkDecoration":"var(--lia-default-message-link-decoration)","contestMessageLinkFontStyle":"ITALIC","contestMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","occasionColor":"#D13A1F","occasionFontFamily":"var(--lia-bs-font-family-base)","occasionFontWeight":"var(--lia-default-message-font-weight)","occasionLineHeight":"var(--lia-bs-line-height-base)","occasionFontStyle":"var(--lia-default-message-font-style)","occasionMessageLinkColor":"var(--lia-default-message-link-color)","occasionMessageLinkDecoration":"var(--lia-default-message-link-decoration)","occasionMessageLinkFontStyle":"var(--lia-default-message-link-font-style)","occasionMessageLinkFontWeight":"var(--lia-default-message-link-font-weight)","grouphubColor":"#333333","categoryColor":"#949494","communityColor":"#FFFFFF","productColor":"#949494","__typename":"CoreTypesThemeSettings"},"colors":{"black":"#000000","white":"#FFFFFF","gray100":"#F7F7F7","gray200":"#F7F7F7","gray300":"#E8E8E8","gray400":"#D9D9D9","gray500":"#CCCCCC","gray600":"#717171","gray700":"#707070","gray800":"#545454","gray900":"#333333","dark":"#545454","light":"#F7F7F7","primary":"#0069D4","secondary":"#333333","bodyText":"#1E1E1E","bodyBg":"#FFFFFF","info":"#409AE2","success":"#41C5AE","warning":"#FCC844","danger":"#BC341B","alertSystem":"#FF6600","textMuted":"#707070","highlight":"#FFFCAD","outline":"var(--lia-bs-primary)","custom":["#D3F5A4","#243A5E"],"__typename":"ColorsThemeSettings"},"divider":{"size":"3px","marginLeft":"4px","marginRight":"4px","borderRadius":"50%","bgColor":"var(--lia-bs-gray-600)","bgColorActive":"var(--lia-bs-gray-600)","__typename":"DividerThemeSettings"},"dropdown":{"fontSize":"var(--lia-bs-font-size-sm)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius-sm)","dividerBg":"var(--lia-bs-gray-300)","itemPaddingY":"5px","itemPaddingX":"20px","headerColor":"var(--lia-bs-gray-700)","__typename":"DropdownThemeSettings"},"email":{"link":{"color":"#0069D4","hoverColor":"#0061c2","decoration":"none","hoverDecoration":"underline","__typename":"EmailLinkSettings"},"border":{"color":"#e4e4e4","__typename":"EmailBorderSettings"},"buttons":{"borderRadiusLg":"5px","paddingXLg":"16px","paddingYLg":"7px","fontWeight":"700","primaryTextColor":"#ffffff","primaryTextHoverColor":"#ffffff","primaryBgColor":"#0069D4","primaryBgHoverColor":"#005cb8","primaryBorder":"1px solid transparent","primaryBorderHover":"1px solid transparent","__typename":"EmailButtonsSettings"},"panel":{"borderRadius":"5px","borderColor":"#e4e4e4","__typename":"EmailPanelSettings"},"__typename":"EmailThemeSettings"},"emoji":{"skinToneDefault":"#ffcd43","skinToneLight":"#fae3c5","skinToneMediumLight":"#e2cfa5","skinToneMedium":"#daa478","skinToneMediumDark":"#a78058","skinToneDark":"#5e4d43","__typename":"EmojiThemeSettings"},"heading":{"color":"var(--lia-bs-body-color)","fontFamily":"Segoe UI","fontStyle":"NORMAL","fontWeight":"400","h1FontSize":"34px","h2FontSize":"32px","h3FontSize":"28px","h4FontSize":"24px","h5FontSize":"20px","h6FontSize":"16px","lineHeight":"1.3","subHeaderFontSize":"11px","subHeaderFontWeight":"500","h1LetterSpacing":"normal","h2LetterSpacing":"normal","h3LetterSpacing":"normal","h4LetterSpacing":"normal","h5LetterSpacing":"normal","h6LetterSpacing":"normal","subHeaderLetterSpacing":"2px","h1FontWeight":"var(--lia-bs-headings-font-weight)","h2FontWeight":"var(--lia-bs-headings-font-weight)","h3FontWeight":"var(--lia-bs-headings-font-weight)","h4FontWeight":"var(--lia-bs-headings-font-weight)","h5FontWeight":"var(--lia-bs-headings-font-weight)","h6FontWeight":"var(--lia-bs-headings-font-weight)","__typename":"HeadingThemeSettings"},"icons":{"size10":"10px","size12":"12px","size14":"14px","size16":"16px","size20":"20px","size24":"24px","size30":"30px","size40":"40px","size50":"50px","size60":"60px","size80":"80px","size120":"120px","size160":"160px","__typename":"IconsThemeSettings"},"imagePreview":{"bgColor":"var(--lia-bs-gray-900)","titleColor":"var(--lia-bs-white)","controlColor":"var(--lia-bs-white)","controlBgColor":"var(--lia-bs-gray-800)","__typename":"ImagePreviewThemeSettings"},"input":{"borderColor":"var(--lia-bs-gray-600)","disabledColor":"var(--lia-bs-gray-600)","focusBorderColor":"var(--lia-bs-primary)","labelMarginBottom":"10px","btnFontSize":"var(--lia-bs-font-size-sm)","focusBoxShadow":"0 0 0 3px hsla(var(--lia-bs-primary-h), var(--lia-bs-primary-s), var(--lia-bs-primary-l), 0.2)","checkLabelMarginBottom":"2px","checkboxBorderRadius":"3px","borderRadiusSm":"var(--lia-bs-border-radius-sm)","borderRadius":"var(--lia-bs-border-radius)","borderRadiusLg":"var(--lia-bs-border-radius-lg)","formTextMarginTop":"4px","textAreaBorderRadius":"var(--lia-bs-border-radius)","activeFillColor":"var(--lia-bs-primary)","__typename":"InputThemeSettings"},"loading":{"dotDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.2)","dotLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.5)","barDarkColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.06)","barLightColor":"hsla(var(--lia-bs-white-h), var(--lia-bs-white-s), var(--lia-bs-white-l), 0.4)","__typename":"LoadingThemeSettings"},"link":{"color":"var(--lia-bs-primary)","hoverColor":"hsl(var(--lia-bs-primary-h), var(--lia-bs-primary-s), calc(var(--lia-bs-primary-l) - 10%))","decoration":"none","hoverDecoration":"underline","__typename":"LinkThemeSettings"},"listGroup":{"itemPaddingY":"15px","itemPaddingX":"15px","borderColor":"var(--lia-bs-gray-300)","__typename":"ListGroupThemeSettings"},"modal":{"contentTextColor":"var(--lia-bs-body-color)","contentBg":"var(--lia-bs-white)","backgroundBg":"var(--lia-bs-black)","smSize":"440px","mdSize":"760px","lgSize":"1080px","backdropOpacity":0.3,"contentBoxShadowXs":"var(--lia-bs-box-shadow-sm)","contentBoxShadow":"var(--lia-bs-box-shadow)","headerFontWeight":"700","__typename":"ModalThemeSettings"},"navbar":{"position":"FIXED","background":{"attachment":null,"clip":null,"color":"var(--lia-bs-white)","imageAssetName":"","imageLastModified":"0","origin":null,"position":"CENTER_CENTER","repeat":"NO_REPEAT","size":"COVER","__typename":"BackgroundProps"},"backgroundOpacity":0.8,"paddingTop":"15px","paddingBottom":"15px","borderBottom":"1px solid var(--lia-bs-border-color)","boxShadow":"var(--lia-bs-box-shadow-sm)","brandMarginRight":"30px","brandMarginRightSm":"10px","brandLogoHeight":"30px","linkGap":"10px","linkJustifyContent":"flex-start","linkPaddingY":"5px","linkPaddingX":"10px","linkDropdownPaddingY":"9px","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkColor":"var(--lia-bs-body-color)","linkHoverColor":"var(--lia-bs-primary)","linkFontSize":"var(--lia-bs-font-size-sm)","linkFontStyle":"NORMAL","linkFontWeight":"400","linkTextTransform":"NONE","linkLetterSpacing":"normal","linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkBgColor":"transparent","linkBgHoverColor":"transparent","linkBorder":"none","linkBorderHover":"none","linkBoxShadow":"none","linkBoxShadowHover":"none","linkTextBorderBottom":"none","linkTextBorderBottomHover":"none","dropdownPaddingTop":"10px","dropdownPaddingBottom":"15px","dropdownPaddingX":"10px","dropdownMenuOffset":"2px","dropdownDividerMarginTop":"10px","dropdownDividerMarginBottom":"10px","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","controllerIconColor":"var(--lia-bs-body-color)","controllerIconHoverColor":"var(--lia-bs-body-color)","controllerTextColor":"var(--lia-nav-controller-icon-color)","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","controllerHighlightColor":"hsla(30, 100%, 50%)","controllerHighlightTextColor":"var(--lia-yiq-light)","controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerColor":"var(--lia-nav-controller-icon-color)","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","hamburgerBgColor":"transparent","hamburgerBgHoverColor":"transparent","hamburgerBorder":"none","hamburgerBorderHover":"none","collapseMenuMarginLeft":"20px","collapseMenuDividerBg":"var(--lia-nav-link-color)","collapseMenuDividerOpacity":0.16,"__typename":"NavbarThemeSettings"},"pager":{"textColor":"var(--lia-bs-link-color)","textFontWeight":"var(--lia-font-weight-md)","textFontSize":"var(--lia-bs-font-size-sm)","__typename":"PagerThemeSettings"},"panel":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-bs-border-radius)","borderColor":"var(--lia-bs-border-color)","boxShadow":"none","__typename":"PanelThemeSettings"},"popover":{"arrowHeight":"8px","arrowWidth":"16px","maxWidth":"300px","minWidth":"100px","headerBg":"var(--lia-bs-white)","borderColor":"var(--lia-bs-border-color)","borderRadius":"var(--lia-bs-border-radius)","boxShadow":"0 0.5rem 1rem hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.15)","__typename":"PopoverThemeSettings"},"prism":{"color":"#000000","bgColor":"#f5f2f0","fontFamily":"var(--font-family-monospace)","fontSize":"var(--lia-bs-font-size-base)","fontWeightBold":"var(--lia-bs-font-weight-bold)","fontStyleItalic":"italic","tabSize":2,"highlightColor":"#b3d4fc","commentColor":"#62707e","punctuationColor":"#6f6f6f","namespaceOpacity":"0.7","propColor":"#990055","selectorColor":"#517a00","operatorColor":"#906736","operatorBgColor":"hsla(0, 0%, 100%, 0.5)","keywordColor":"#0076a9","functionColor":"#d3284b","variableColor":"#c14700","__typename":"PrismThemeSettings"},"rte":{"bgColor":"var(--lia-bs-white)","borderRadius":"var(--lia-panel-border-radius)","boxShadow":" var(--lia-panel-box-shadow)","customColor1":"#bfedd2","customColor2":"#fbeeb8","customColor3":"#f8cac6","customColor4":"#eccafa","customColor5":"#c2e0f4","customColor6":"#2dc26b","customColor7":"#f1c40f","customColor8":"#e03e2d","customColor9":"#b96ad9","customColor10":"#3598db","customColor11":"#169179","customColor12":"#e67e23","customColor13":"#ba372a","customColor14":"#843fa1","customColor15":"#236fa1","customColor16":"#ecf0f1","customColor17":"#ced4d9","customColor18":"#95a5a6","customColor19":"#7e8c8d","customColor20":"#34495e","customColor21":"#000000","customColor22":"#ffffff","defaultMessageHeaderMarginTop":"40px","defaultMessageHeaderMarginBottom":"20px","defaultMessageItemMarginTop":"0","defaultMessageItemMarginBottom":"10px","diffAddedColor":"hsla(170, 53%, 51%, 0.4)","diffChangedColor":"hsla(43, 97%, 63%, 0.4)","diffNoneColor":"hsla(0, 0%, 80%, 0.4)","diffRemovedColor":"hsla(9, 74%, 47%, 0.4)","specialMessageHeaderMarginTop":"40px","specialMessageHeaderMarginBottom":"20px","specialMessageItemMarginTop":"0","specialMessageItemMarginBottom":"10px","__typename":"RteThemeSettings"},"tags":{"bgColor":"var(--lia-bs-gray-200)","bgHoverColor":"var(--lia-bs-gray-400)","borderRadius":"var(--lia-bs-border-radius-sm)","color":"var(--lia-bs-body-color)","hoverColor":"var(--lia-bs-body-color)","fontWeight":"var(--lia-font-weight-md)","fontSize":"var(--lia-font-size-xxs)","textTransform":"UPPERCASE","letterSpacing":"0.5px","__typename":"TagsThemeSettings"},"toasts":{"borderRadius":"var(--lia-bs-border-radius)","paddingX":"12px","__typename":"ToastsThemeSettings"},"typography":{"fontFamilyBase":"Segoe UI","fontStyleBase":"NORMAL","fontWeightBase":"400","fontWeightLight":"300","fontWeightNormal":"400","fontWeightMd":"500","fontWeightBold":"700","letterSpacingSm":"normal","letterSpacingXs":"normal","lineHeightBase":"1.5","fontSizeBase":"16px","fontSizeXxs":"11px","fontSizeXs":"12px","fontSizeSm":"14px","fontSizeLg":"20px","fontSizeXl":"24px","smallFontSize":"14px","customFonts":[{"source":"SERVER","name":"Segoe UI","styles":[{"style":"NORMAL","weight":"400","__typename":"FontStyleData"},{"style":"NORMAL","weight":"300","__typename":"FontStyleData"},{"style":"NORMAL","weight":"600","__typename":"FontStyleData"},{"style":"NORMAL","weight":"700","__typename":"FontStyleData"},{"style":"ITALIC","weight":"400","__typename":"FontStyleData"}],"assetNames":["SegoeUI-normal-400.woff2","SegoeUI-normal-300.woff2","SegoeUI-normal-600.woff2","SegoeUI-normal-700.woff2","SegoeUI-italic-400.woff2"],"__typename":"CustomFont"},{"source":"SERVER","name":"MWF Fluent Icons","styles":[{"style":"NORMAL","weight":"400","__typename":"FontStyleData"}],"assetNames":["MWFFluentIcons-normal-400.woff2"],"__typename":"CustomFont"}],"__typename":"TypographyThemeSettings"},"unstyledListItem":{"marginBottomSm":"5px","marginBottomMd":"10px","marginBottomLg":"15px","marginBottomXl":"20px","marginBottomXxl":"25px","__typename":"UnstyledListItemThemeSettings"},"yiq":{"light":"#ffffff","dark":"#000000","__typename":"YiqThemeSettings"},"colorLightness":{"primaryDark":0.36,"primaryLight":0.74,"primaryLighter":0.89,"primaryLightest":0.95,"infoDark":0.39,"infoLight":0.72,"infoLighter":0.85,"infoLightest":0.93,"successDark":0.24,"successLight":0.62,"successLighter":0.8,"successLightest":0.91,"warningDark":0.39,"warningLight":0.68,"warningLighter":0.84,"warningLightest":0.93,"dangerDark":0.41,"dangerLight":0.72,"dangerLighter":0.89,"dangerLightest":0.95,"__typename":"ColorLightnessThemeSettings"},"localOverride":false,"__typename":"Theme"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Loading/LoadingDot-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Loading/LoadingDot-1745505307000","value":{"title":"Loading..."},"localOverride":false},"CachedAsset:text:en_US-components/common/EmailVerification-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/common/EmailVerification-1745505307000","value":{"email.verification.title":"Email Verification Required","email.verification.message.update.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. To change your email, visit My Settings.","email.verification.message.resend.email":"To participate in the community, you must first verify your email address. The verification email was sent to {email}. Resend email."},"localOverride":false},"CachedAsset:text:en_US-pages/tags/TagPage-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-pages/tags/TagPage-1745505307000","value":{"tagPageTitle":"Tag:\"{tagName}\" | {communityTitle}","tagPageForNodeTitle":"Tag:\"{tagName}\" in \"{title}\" | {communityTitle}","name":"Tags Page","tag":"Tag: {tagName}"},"localOverride":false},"Category:category:cis":{"__typename":"Category","id":"category:cis","entityType":"CATEGORY","displayId":"cis","nodeType":"category","depth":4,"title":"Core Infrastructure and Security","shortTitle":"Core Infrastructure and Security","parent":{"__ref":"Category:category:microsoft-security"}},"Category:category:top":{"__typename":"Category","id":"category:top","displayId":"top","nodeType":"category","depth":0,"title":"Top"},"Category:category:communities":{"__typename":"Category","id":"category:communities","displayId":"communities","nodeType":"category","depth":1,"parent":{"__ref":"Category:category:top"},"title":"Communities"},"Category:category:products-services":{"__typename":"Category","id":"category:products-services","displayId":"products-services","nodeType":"category","depth":2,"parent":{"__ref":"Category:category:communities"},"title":"Products"},"Category:category:microsoft-security":{"__typename":"Category","id":"category:microsoft-security","displayId":"microsoft-security","nodeType":"category","depth":3,"parent":{"__ref":"Category:category:products-services"},"title":"Microsoft Security","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:CoreInfrastructureandSecurityBlog":{"__typename":"Blog","id":"board:CoreInfrastructureandSecurityBlog","entityType":"BLOG","displayId":"CoreInfrastructureandSecurityBlog","nodeType":"board","depth":5,"conversationStyle":"BLOG","title":"Core Infrastructure and Security Blog","description":"","avatar":null,"profileSettings":{"__typename":"ProfileSettings","language":null},"parent":{"__ref":"Category:category:cis"},"ancestors":{"__typename":"CoreNodeConnection","edges":[{"__typename":"CoreNodeEdge","node":{"__ref":"Community:community:gxcuf89792"}},{"__typename":"CoreNodeEdge","node":{"__ref":"Category:category:communities"}},{"__typename":"CoreNodeEdge","node":{"__ref":"Category:category:products-services"}},{"__typename":"CoreNodeEdge","node":{"__ref":"Category:category:microsoft-security"}},{"__typename":"CoreNodeEdge","node":{"__ref":"Category:category:cis"}}]},"userContext":{"__typename":"NodeUserContext","canAddAttachments":false,"canUpdateNode":false,"canPostMessages":false,"isSubscribed":false},"boardPolicies":{"__typename":"BoardPolicies","canPublishArticleOnCreate":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.forums.policy_can_publish_on_create_workflow_action.accessDenied","key":"error.lithium.policies.forums.policy_can_publish_on_create_workflow_action.accessDenied","args":[]}}},"theme":{"__ref":"Theme:customTheme1"},"shortTitle":"Core Infrastructure and Security Blog","tagPolicies":{"__typename":"TagPolicies","canSubscribeTagOnNode":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.labels.action.corenode.subscribe_labels.allow.accessDenied","key":"error.lithium.policies.labels.action.corenode.subscribe_labels.allow.accessDenied","args":[]}},"canManageTagDashboard":{"__typename":"PolicyResult","failureReason":{"__typename":"FailureReason","message":"error.lithium.policies.labels.action.corenode.admin_labels.allow.accessDenied","key":"error.lithium.policies.labels.action.corenode.admin_labels.allow.accessDenied","args":[]}}}},"CachedAsset:quilt:o365.prod:pages/tags/TagPage:board:CoreInfrastructureandSecurityBlog-1747138590445":{"__typename":"CachedAsset","id":"quilt:o365.prod:pages/tags/TagPage:board:CoreInfrastructureandSecurityBlog-1747138590445","value":{"id":"TagPage","container":{"id":"Common","headerProps":{"removeComponents":["community.widget.bannerWidget"],"__typename":"QuiltContainerSectionProps"},"items":[{"id":"tag-header-widget","layout":"ONE_COLUMN","bgColor":"var(--lia-bs-white)","showBorder":"BOTTOM","sectionEditLevel":"LOCKED","columnMap":{"main":[{"id":"tags.widget.TagsHeaderWidget","__typename":"QuiltComponent"}],"__typename":"OneSectionColumns"},"__typename":"OneColumnQuiltSection"},{"id":"messages-list-for-tag-widget","layout":"ONE_COLUMN","columnMap":{"main":[{"id":"messages.widget.messageListForNodeByRecentActivityWidget","props":{"viewVariant":{"type":"inline","props":{"useUnreadCount":true,"useViewCount":true,"useAuthorLogin":true,"clampBodyLines":3,"useAvatar":true,"useBoardIcon":false,"useKudosCount":true,"usePreviewMedia":true,"useTags":false,"useNode":true,"useNodeLink":true,"useTextBody":true,"truncateBodyLength":-1,"useBody":true,"useRepliesCount":true,"useSolvedBadge":true,"timeStampType":"conversation.lastPostingActivityTime","useMessageTimeLink":true,"clampSubjectLines":2}},"panelType":"divider","useTitle":false,"hideIfEmpty":false,"pagerVariant":{"type":"loadMore"},"style":"list","showTabs":true,"tabItemMap":{"default":{"mostRecent":true,"mostRecentUserContent":false,"newest":false},"additional":{"mostKudoed":true,"mostViewed":true,"mostReplies":false,"noReplies":false,"noSolutions":false,"solutions":false}}},"__typename":"QuiltComponent"}],"__typename":"OneSectionColumns"},"__typename":"OneColumnQuiltSection"}],"__typename":"QuiltContainer"},"__typename":"Quilt"},"localOverride":false},"CachedAsset:quiltWrapper:o365.prod:Common:1747138519119":{"__typename":"CachedAsset","id":"quiltWrapper:o365.prod:Common:1747138519119","value":{"id":"Common","header":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"transparent","items":[{"id":"community.widget.navbarWidget","props":{"showUserName":true,"showRegisterLink":true,"useIconLanguagePicker":true,"useLabelLanguagePicker":true,"className":"QuiltComponent_lia-component-edit-mode__0nCcm","links":{"sideLinks":[],"mainLinks":[{"children":[],"linkType":"INTERNAL","id":"gxcuf89792","params":{},"routeName":"CommunityPage"},{"children":[],"linkType":"EXTERNAL","id":"external-link","url":"/Directory","target":"SELF"},{"children":[{"linkType":"INTERNAL","id":"microsoft365","params":{"categoryId":"microsoft365"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"windows","params":{"categoryId":"Windows"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"Common-microsoft365-copilot-link","params":{"categoryId":"Microsoft365Copilot"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"microsoft-teams","params":{"categoryId":"MicrosoftTeams"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"microsoft-securityand-compliance","params":{"categoryId":"microsoft-security"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"azure","params":{"categoryId":"Azure"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"Common-content_management-link","params":{"categoryId":"Content_Management"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"exchange","params":{"categoryId":"Exchange"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"windows-server","params":{"categoryId":"Windows-Server"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"outlook","params":{"categoryId":"Outlook"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"microsoft-endpoint-manager","params":{"categoryId":"microsoftintune"},"routeName":"CategoryPage"},{"linkType":"EXTERNAL","id":"external-link-2","url":"/Directory","target":"SELF"}],"linkType":"EXTERNAL","id":"communities","url":"/","target":"BLANK"},{"children":[{"linkType":"INTERNAL","id":"a-i","params":{"categoryId":"AI"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"education-sector","params":{"categoryId":"EducationSector"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"partner-community","params":{"categoryId":"PartnerCommunity"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"i-t-ops-talk","params":{"categoryId":"ITOpsTalk"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"healthcare-and-life-sciences","params":{"categoryId":"HealthcareAndLifeSciences"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"microsoft-mechanics","params":{"categoryId":"MicrosoftMechanics"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"public-sector","params":{"categoryId":"PublicSector"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"s-m-b","params":{"categoryId":"MicrosoftforNonprofits"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"io-t","params":{"categoryId":"IoT"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"startupsat-microsoft","params":{"categoryId":"StartupsatMicrosoft"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"driving-adoption","params":{"categoryId":"DrivingAdoption"},"routeName":"CategoryPage"},{"linkType":"EXTERNAL","id":"external-link-1","url":"/Directory","target":"SELF"}],"linkType":"EXTERNAL","id":"communities-1","url":"/","target":"SELF"},{"children":[],"linkType":"EXTERNAL","id":"external","url":"/Blogs","target":"SELF"},{"children":[],"linkType":"EXTERNAL","id":"external-1","url":"/Events","target":"SELF"},{"children":[{"linkType":"INTERNAL","id":"microsoft-learn-1","params":{"categoryId":"MicrosoftLearn"},"routeName":"CategoryPage"},{"linkType":"INTERNAL","id":"microsoft-learn-blog","params":{"boardId":"MicrosoftLearnBlog","categoryId":"MicrosoftLearn"},"routeName":"BlogBoardPage"},{"linkType":"EXTERNAL","id":"external-10","url":"https://learningroomdirectory.microsoft.com/","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-3","url":"https://docs.microsoft.com/learn/dynamics365/?WT.mc_id=techcom_header-webpage-m365","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-4","url":"https://docs.microsoft.com/learn/m365/?wt.mc_id=techcom_header-webpage-m365","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-5","url":"https://docs.microsoft.com/learn/topics/sci/?wt.mc_id=techcom_header-webpage-m365","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-6","url":"https://docs.microsoft.com/learn/powerplatform/?wt.mc_id=techcom_header-webpage-powerplatform","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-7","url":"https://docs.microsoft.com/learn/github/?wt.mc_id=techcom_header-webpage-github","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-8","url":"https://docs.microsoft.com/learn/teams/?wt.mc_id=techcom_header-webpage-teams","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-9","url":"https://docs.microsoft.com/learn/dotnet/?wt.mc_id=techcom_header-webpage-dotnet","target":"BLANK"},{"linkType":"EXTERNAL","id":"external-2","url":"https://docs.microsoft.com/learn/azure/?WT.mc_id=techcom_header-webpage-m365","target":"BLANK"}],"linkType":"INTERNAL","id":"microsoft-learn","params":{"categoryId":"MicrosoftLearn"},"routeName":"CategoryPage"},{"children":[],"linkType":"INTERNAL","id":"community-info-center","params":{"categoryId":"Community-Info-Center"},"routeName":"CategoryPage"}]},"style":{"boxShadow":"var(--lia-bs-box-shadow-sm)","controllerHighlightColor":"hsla(30, 100%, 50%)","linkFontWeight":"400","dropdownDividerMarginBottom":"10px","hamburgerBorderHover":"none","linkBoxShadowHover":"none","linkFontSize":"14px","backgroundOpacity":0.8,"controllerBorderRadius":"var(--lia-border-radius-50)","hamburgerBgColor":"transparent","hamburgerColor":"var(--lia-nav-controller-icon-color)","linkTextBorderBottom":"none","brandLogoHeight":"30px","linkBgHoverColor":"transparent","linkLetterSpacing":"normal","collapseMenuDividerOpacity":0.16,"dropdownPaddingBottom":"15px","paddingBottom":"15px","dropdownMenuOffset":"2px","hamburgerBgHoverColor":"transparent","borderBottom":"1px solid var(--lia-bs-border-color)","hamburgerBorder":"none","dropdownPaddingX":"10px","brandMarginRightSm":"10px","linkBoxShadow":"none","collapseMenuDividerBg":"var(--lia-nav-link-color)","linkColor":"var(--lia-bs-body-color)","linkJustifyContent":"flex-start","dropdownPaddingTop":"10px","controllerHighlightTextColor":"var(--lia-yiq-dark)","controllerTextColor":"var(--lia-nav-controller-icon-color)","background":{"imageAssetName":"","color":"var(--lia-bs-white)","size":"COVER","repeat":"NO_REPEAT","position":"CENTER_CENTER","imageLastModified":""},"linkBorderRadius":"var(--lia-bs-border-radius-sm)","linkHoverColor":"var(--lia-bs-body-color)","position":"FIXED","linkBorder":"none","linkTextBorderBottomHover":"2px solid var(--lia-bs-body-color)","brandMarginRight":"30px","hamburgerHoverColor":"var(--lia-nav-controller-icon-color)","linkBorderHover":"none","collapseMenuMarginLeft":"20px","linkFontStyle":"NORMAL","controllerTextHoverColor":"var(--lia-nav-controller-icon-hover-color)","linkPaddingX":"10px","linkPaddingY":"5px","paddingTop":"15px","linkTextTransform":"NONE","dropdownBorderColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.08)","controllerBgHoverColor":"hsla(var(--lia-bs-black-h), var(--lia-bs-black-s), var(--lia-bs-black-l), 0.1)","linkBgColor":"transparent","linkDropdownPaddingX":"var(--lia-nav-link-px)","linkDropdownPaddingY":"9px","controllerIconColor":"var(--lia-bs-body-color)","dropdownDividerMarginTop":"10px","linkGap":"10px","controllerIconHoverColor":"var(--lia-bs-body-color)"},"showSearchIcon":false,"languagePickerStyle":"iconAndLabel"},"__typename":"QuiltComponent"},{"id":"community.widget.breadcrumbWidget","props":{"backgroundColor":"transparent","linkHighlightColor":"var(--lia-bs-primary)","visualEffects":{"showBottomBorder":true},"linkTextColor":"var(--lia-bs-gray-700)"},"__typename":"QuiltComponent"},{"id":"custom.widget.HeroBanner","props":{"widgetVisibility":"signedInOrAnonymous","usePageWidth":false,"useTitle":true,"cMax_items":3,"useBackground":false,"title":"","lazyLoad":false,"widgetChooser":"custom.widget.HeroBanner"},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"footer":{"backgroundImageProps":{"assetName":null,"backgroundSize":"COVER","backgroundRepeat":"NO_REPEAT","backgroundPosition":"CENTER_CENTER","lastModified":null,"__typename":"BackgroundImageProps"},"backgroundColor":"transparent","items":[{"id":"custom.widget.MicrosoftFooter","props":{"widgetVisibility":"signedInOrAnonymous","useTitle":true,"useBackground":false,"title":"","lazyLoad":false},"__typename":"QuiltComponent"}],"__typename":"QuiltWrapperSection"},"__typename":"QuiltWrapper","localOverride":false},"localOverride":false},"CachedAsset:text:en_US-components/common/ActionFeedback-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/common/ActionFeedback-1745505307000","value":{"joinedGroupHub.title":"Welcome","joinedGroupHub.message":"You are now a member of this group and are subscribed to updates.","groupHubInviteNotFound.title":"Invitation Not Found","groupHubInviteNotFound.message":"Sorry, we could not find your invitation to the group. The owner may have canceled the invite.","groupHubNotFound.title":"Group Not Found","groupHubNotFound.message":"The grouphub you tried to join does not exist. It may have been deleted.","existingGroupHubMember.title":"Already Joined","existingGroupHubMember.message":"You are already a member of this group.","accountLocked.title":"Account Locked","accountLocked.message":"Your account has been locked due to multiple failed attempts. Try again in {lockoutTime} minutes.","editedGroupHub.title":"Changes Saved","editedGroupHub.message":"Your group has been updated.","leftGroupHub.title":"Goodbye","leftGroupHub.message":"You are no longer a member of this group and will not receive future updates.","deletedGroupHub.title":"Deleted","deletedGroupHub.message":"The group has been deleted.","groupHubCreated.title":"Group Created","groupHubCreated.message":"{groupHubName} is ready to use","accountClosed.title":"Account Closed","accountClosed.message":"The account has been closed and you will now be redirected to the homepage","resetTokenExpired.title":"Reset Password Link has Expired","resetTokenExpired.message":"Try resetting your password again","invalidUrl.title":"Invalid URL","invalidUrl.message":"The URL you're using is not recognized. Verify your URL and try again.","accountClosedForUser.title":"Account Closed","accountClosedForUser.message":"{userName}'s account is closed","inviteTokenInvalid.title":"Invitation Invalid","inviteTokenInvalid.message":"Your invitation to the community has been canceled or expired.","inviteTokenError.title":"Invitation Verification Failed","inviteTokenError.message":"The url you are utilizing is not recognized. Verify your URL and try again","pageNotFound.title":"Access Denied","pageNotFound.message":"You do not have access to this area of the community or it doesn't exist","eventAttending.title":"Responded as Attending","eventAttending.message":"You'll be notified when there's new activity and reminded as the event approaches","eventInterested.title":"Responded as Interested","eventInterested.message":"You'll be notified when there's new activity and reminded as the event approaches","eventNotFound.title":"Event Not Found","eventNotFound.message":"The event you tried to respond to does not exist.","redirectToRelatedPage.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.title":"Showing Related Content","redirectToRelatedPageForBaseUsers.message":"The content you are trying to access is archived","redirectToRelatedPage.message":"The content you are trying to access is archived","relatedUrl.archivalLink.flyoutMessage":"The content you are trying to access is archived View Archived Content"},"localOverride":false},"CachedAsset:component:custom.widget.HeroBanner-en-us-1747150702623":{"__typename":"CachedAsset","id":"component:custom.widget.HeroBanner-en-us-1747150702623","value":{"component":{"id":"custom.widget.HeroBanner","template":{"id":"HeroBanner","markupLanguage":"REACT","style":null,"texts":{"searchPlaceholderText":"Search this community","followActionText":"Follow","unfollowActionText":"Following","searchOnHoverText":"Please enter your search term(s) and then press return key to complete a search.","blogs.sidebar.pagetitle":"Latest Blogs | Microsoft Tech Community","followThisNode":"Follow this node","unfollowThisNode":"Unfollow this node"},"defaults":{"config":{"applicablePages":[],"description":null,"fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[{"id":"max_items","dataType":"NUMBER","list":false,"defaultValue":"3","label":"Max Items","description":"The maximum number of items to display in the carousel","possibleValues":null,"control":"INPUT","__typename":"PropDefinition"}],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.HeroBanner","form":{"fields":[{"id":"widgetChooser","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"title","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"useTitle","validation":null,"noValidation":null,"dataType":"BOOLEAN","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"useBackground","validation":null,"noValidation":null,"dataType":"BOOLEAN","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"widgetVisibility","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"moreOptions","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"cMax_items","validation":null,"noValidation":null,"dataType":"NUMBER","list":false,"control":"INPUT","defaultValue":"3","label":"Max Items","description":"The maximum number of items to display in the carousel","possibleValues":null,"__typename":"FormField"}],"layout":{"rows":[{"id":"widgetChooserGroup","type":"fieldset","as":null,"items":[{"id":"widgetChooser","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"titleGroup","type":"fieldset","as":null,"items":[{"id":"title","className":null,"__typename":"FormFieldRef"},{"id":"useTitle","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"useBackground","type":"fieldset","as":null,"items":[{"id":"useBackground","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"widgetVisibility","type":"fieldset","as":null,"items":[{"id":"widgetVisibility","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"moreOptionsGroup","type":"fieldset","as":null,"items":[{"id":"moreOptions","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"componentPropsGroup","type":"fieldset","as":null,"items":[{"id":"cMax_items","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"}],"actionButtons":null,"className":"custom_widget_HeroBanner_form","formGroupFieldSeparator":"divider","__typename":"FormLayout"},"__typename":"Form"},"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":null,"fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[{"id":"max_items","dataType":"NUMBER","list":false,"defaultValue":"3","label":"Max Items","description":"The maximum number of items to display in the carousel","possibleValues":null,"control":"INPUT","__typename":"PropDefinition"}],"__typename":"ComponentProperties"},"form":{"fields":[{"id":"widgetChooser","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"title","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"useTitle","validation":null,"noValidation":null,"dataType":"BOOLEAN","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"useBackground","validation":null,"noValidation":null,"dataType":"BOOLEAN","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"widgetVisibility","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"moreOptions","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"cMax_items","validation":null,"noValidation":null,"dataType":"NUMBER","list":false,"control":"INPUT","defaultValue":"3","label":"Max Items","description":"The maximum number of items to display in the carousel","possibleValues":null,"__typename":"FormField"}],"layout":{"rows":[{"id":"widgetChooserGroup","type":"fieldset","as":null,"items":[{"id":"widgetChooser","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"titleGroup","type":"fieldset","as":null,"items":[{"id":"title","className":null,"__typename":"FormFieldRef"},{"id":"useTitle","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"useBackground","type":"fieldset","as":null,"items":[{"id":"useBackground","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"widgetVisibility","type":"fieldset","as":null,"items":[{"id":"widgetVisibility","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"moreOptionsGroup","type":"fieldset","as":null,"items":[{"id":"moreOptions","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"componentPropsGroup","type":"fieldset","as":null,"items":[{"id":"cMax_items","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"}],"actionButtons":null,"className":"custom_widget_HeroBanner_form","formGroupFieldSeparator":"divider","__typename":"FormLayout"},"__typename":"Form"},"__typename":"Component","localOverride":false},"globalCss":null,"form":{"fields":[{"id":"widgetChooser","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"title","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"useTitle","validation":null,"noValidation":null,"dataType":"BOOLEAN","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"useBackground","validation":null,"noValidation":null,"dataType":"BOOLEAN","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"widgetVisibility","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"moreOptions","validation":null,"noValidation":null,"dataType":"STRING","list":null,"control":null,"defaultValue":null,"label":null,"description":null,"possibleValues":null,"__typename":"FormField"},{"id":"cMax_items","validation":null,"noValidation":null,"dataType":"NUMBER","list":false,"control":"INPUT","defaultValue":"3","label":"Max Items","description":"The maximum number of items to display in the carousel","possibleValues":null,"__typename":"FormField"}],"layout":{"rows":[{"id":"widgetChooserGroup","type":"fieldset","as":null,"items":[{"id":"widgetChooser","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"titleGroup","type":"fieldset","as":null,"items":[{"id":"title","className":null,"__typename":"FormFieldRef"},{"id":"useTitle","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"useBackground","type":"fieldset","as":null,"items":[{"id":"useBackground","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"widgetVisibility","type":"fieldset","as":null,"items":[{"id":"widgetVisibility","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"moreOptionsGroup","type":"fieldset","as":null,"items":[{"id":"moreOptions","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"},{"id":"componentPropsGroup","type":"fieldset","as":null,"items":[{"id":"cMax_items","className":null,"__typename":"FormFieldRef"}],"props":null,"legend":null,"description":null,"className":null,"viewVariant":null,"toggleState":null,"__typename":"FormFieldset"}],"actionButtons":null,"className":"custom_widget_HeroBanner_form","formGroupFieldSeparator":"divider","__typename":"FormLayout"},"__typename":"Form"}},"localOverride":false},"CachedAsset:component:custom.widget.MicrosoftFooter-en-us-1747150702623":{"__typename":"CachedAsset","id":"component:custom.widget.MicrosoftFooter-en-us-1747150702623","value":{"component":{"id":"custom.widget.MicrosoftFooter","template":{"id":"MicrosoftFooter","markupLanguage":"HANDLEBARS","style":".context-uhf {\n min-width: 280px;\n font-size: 15px;\n box-sizing: border-box;\n -ms-text-size-adjust: 100%;\n -webkit-text-size-adjust: 100%;\n & *,\n & *:before,\n & *:after {\n box-sizing: inherit;\n }\n a.c-uhff-link {\n color: #616161;\n word-break: break-word;\n text-decoration: none;\n }\n &a:link,\n &a:focus,\n &a:hover,\n &a:active,\n &a:visited {\n text-decoration: none;\n color: inherit;\n }\n & div {\n font-family: 'Segoe UI', SegoeUI, 'Helvetica Neue', Helvetica, Arial, sans-serif;\n }\n}\n.c-uhff {\n background: #f2f2f2;\n margin: -1.5625;\n width: auto;\n height: auto;\n}\n.c-uhff-nav {\n margin: 0 auto;\n max-width: calc(1600px + 10%);\n padding: 0 5%;\n box-sizing: inherit;\n &:before,\n &:after {\n content: ' ';\n display: table;\n clear: left;\n }\n @media only screen and (max-width: 1083px) {\n padding-left: 12px;\n }\n .c-heading-4 {\n color: #616161;\n word-break: break-word;\n font-size: 15px;\n line-height: 20px;\n padding: 36px 0 4px;\n font-weight: 600;\n }\n .c-uhff-nav-row {\n .c-uhff-nav-group {\n display: block;\n float: left;\n min-height: 1px;\n vertical-align: text-top;\n padding: 0 12px;\n width: 100%;\n zoom: 1;\n &:first-child {\n padding-left: 0;\n @media only screen and (max-width: 1083px) {\n padding-left: 12px;\n }\n }\n @media only screen and (min-width: 540px) and (max-width: 1082px) {\n width: 33.33333%;\n }\n @media only screen and (min-width: 1083px) {\n width: 16.6666666667%;\n }\n ul.c-list.f-bare {\n font-size: 11px;\n line-height: 16px;\n margin-top: 0;\n margin-bottom: 0;\n padding-left: 0;\n list-style-type: none;\n li {\n word-break: break-word;\n padding: 8px 0;\n margin: 0;\n }\n }\n }\n }\n}\n.c-uhff-base {\n background: #f2f2f2;\n margin: 0 auto;\n max-width: calc(1600px + 10%);\n padding: 30px 5% 16px;\n &:before,\n &:after {\n content: ' ';\n display: table;\n }\n &:after {\n clear: both;\n }\n a.c-uhff-ccpa {\n font-size: 11px;\n line-height: 16px;\n float: left;\n margin: 3px 0;\n }\n a.c-uhff-ccpa:hover {\n text-decoration: underline;\n }\n ul.c-list {\n font-size: 11px;\n line-height: 16px;\n float: right;\n margin: 3px 0;\n color: #616161;\n li {\n padding: 0 24px 4px 0;\n display: inline-block;\n }\n }\n .c-list.f-bare {\n padding-left: 0;\n list-style-type: none;\n }\n @media only screen and (max-width: 1083px) {\n display: flex;\n flex-wrap: wrap;\n padding: 30px 24px 16px;\n }\n}\n\n.social-share {\n position: fixed;\n top: 60%;\n transform: translateY(-50%);\n left: 0;\n z-index: 1000;\n}\n\n.sharing-options {\n list-style: none;\n padding: 0;\n margin: 0;\n display: block;\n flex-direction: column;\n background-color: white;\n width: 43px;\n border-radius: 0px 7px 7px 0px;\n}\n.linkedin-icon {\n border-top-right-radius: 7px;\n}\n.linkedin-icon:hover {\n border-radius: 0;\n}\n.social-share-rss-image {\n border-bottom-right-radius: 7px;\n}\n.social-share-rss-image:hover {\n border-radius: 0;\n}\n\n.social-link-footer {\n position: relative;\n display: block;\n margin: -2px 0;\n transition: all 0.2s ease;\n}\n.social-link-footer:hover .linkedin-icon {\n border-radius: 0;\n}\n.social-link-footer:hover .social-share-rss-image {\n border-radius: 0;\n}\n\n.social-link-footer img {\n width: 40px;\n height: auto;\n transition: filter 0.3s ease;\n}\n\n.social-share-list {\n width: 40px;\n}\n.social-share-rss-image {\n width: 40px;\n}\n\n.share-icon {\n border: 2px solid transparent;\n display: inline-block;\n position: relative;\n}\n\n.share-icon:hover {\n opacity: 1;\n border: 2px solid white;\n box-sizing: border-box;\n}\n\n.share-icon:hover .label {\n opacity: 1;\n visibility: visible;\n border: 2px solid white;\n box-sizing: border-box;\n border-left: none;\n}\n\n.label {\n position: absolute;\n left: 100%;\n white-space: nowrap;\n opacity: 0;\n visibility: hidden;\n transition: all 0.2s ease;\n color: white;\n border-radius: 0 10 0 10px;\n top: 50%;\n transform: translateY(-50%);\n height: 40px;\n border-radius: 0 6px 6px 0;\n display: flex;\n align-items: center;\n justify-content: center;\n padding: 20px 5px 20px 8px;\n margin-left: -1px;\n}\n.linkedin {\n background-color: #0474b4;\n}\n.facebook {\n background-color: #3c5c9c;\n}\n.twitter {\n background-color: white;\n color: black;\n}\n.reddit {\n background-color: #fc4404;\n}\n.mail {\n background-color: #848484;\n}\n.bluesky {\n background-color: white;\n color: black;\n}\n.rss {\n background-color: #ec7b1c;\n}\n#RSS {\n width: 40px;\n height: 40px;\n}\n\n@media (max-width: 991px) {\n .social-share {\n display: none;\n }\n}\n","texts":{"New tab":"What's New","New 1":"Surface Laptop Studio 2","New 2":"Surface Laptop Go 3","New 3":"Surface Pro 9","New 4":"Surface Laptop 5","New 5":"Surface Studio 2+","New 6":"Copilot in Windows","New 7":"Microsoft 365","New 8":"Windows 11 apps","Store tab":"Microsoft Store","Store 1":"Account Profile","Store 2":"Download Center","Store 3":"Microsoft Store Support","Store 4":"Returns","Store 5":"Order tracking","Store 6":"Certified Refurbished","Store 7":"Microsoft Store Promise","Store 8":"Flexible Payments","Education tab":"Education","Edu 1":"Microsoft in education","Edu 2":"Devices for education","Edu 3":"Microsoft Teams for Education","Edu 4":"Microsoft 365 Education","Edu 5":"How to buy for your school","Edu 6":"Educator Training and development","Edu 7":"Deals for students and parents","Edu 8":"Azure for students","Business tab":"Business","Bus 1":"Microsoft Cloud","Bus 2":"Microsoft Security","Bus 3":"Dynamics 365","Bus 4":"Microsoft 365","Bus 5":"Microsoft Power Platform","Bus 6":"Microsoft Teams","Bus 7":"Microsoft Industry","Bus 8":"Small Business","Developer tab":"Developer & IT","Dev 1":"Azure","Dev 2":"Developer Center","Dev 3":"Documentation","Dev 4":"Microsoft Learn","Dev 5":"Microsoft Tech Community","Dev 6":"Azure Marketplace","Dev 7":"AppSource","Dev 8":"Visual Studio","Company tab":"Company","Com 1":"Careers","Com 2":"About Microsoft","Com 3":"Company News","Com 4":"Privacy at Microsoft","Com 5":"Investors","Com 6":"Diversity and inclusion","Com 7":"Accessiblity","Com 8":"Sustainibility"},"defaults":{"config":{"applicablePages":[],"description":"The Microsoft Footer","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"components":[{"id":"custom.widget.MicrosoftFooter","form":null,"config":null,"props":[],"__typename":"Component"}],"grouping":"CUSTOM","__typename":"ComponentTemplate"},"properties":{"config":{"applicablePages":[],"description":"The Microsoft Footer","fetchedContent":null,"__typename":"ComponentConfiguration"},"props":[],"__typename":"ComponentProperties"},"form":null,"__typename":"Component","localOverride":false},"globalCss":{"css":".custom_widget_MicrosoftFooter_context-uhf_105bp_1 {\n min-width: 17.5rem;\n font-size: 0.9375rem;\n box-sizing: border-box;\n -ms-text-size-adjust: 100%;\n -webkit-text-size-adjust: 100%;\n & *,\n & *:before,\n & *:after {\n box-sizing: inherit;\n }\n a.custom_widget_MicrosoftFooter_c-uhff-link_105bp_12 {\n color: #616161;\n word-break: break-word;\n text-decoration: none;\n }\n &a:link,\n &a:focus,\n &a:hover,\n &a:active,\n &a:visited {\n text-decoration: none;\n color: inherit;\n }\n & div {\n font-family: 'Segoe UI', SegoeUI, 'Helvetica Neue', Helvetica, Arial, sans-serif;\n }\n}\n.custom_widget_MicrosoftFooter_c-uhff_105bp_12 {\n background: #f2f2f2;\n margin: -1.5625;\n width: auto;\n height: auto;\n}\n.custom_widget_MicrosoftFooter_c-uhff-nav_105bp_35 {\n margin: 0 auto;\n max-width: calc(100rem + 10%);\n padding: 0 5%;\n box-sizing: inherit;\n &:before,\n &:after {\n content: ' ';\n display: table;\n clear: left;\n }\n @media only screen and (max-width: 1083px) {\n padding-left: 0.75rem;\n }\n .custom_widget_MicrosoftFooter_c-heading-4_105bp_49 {\n color: #616161;\n word-break: break-word;\n font-size: 0.9375rem;\n line-height: 1.25rem;\n padding: 2.25rem 0 0.25rem;\n font-weight: 600;\n }\n .custom_widget_MicrosoftFooter_c-uhff-nav-row_105bp_57 {\n .custom_widget_MicrosoftFooter_c-uhff-nav-group_105bp_58 {\n display: block;\n float: left;\n min-height: 0.0625rem;\n vertical-align: text-top;\n padding: 0 0.75rem;\n width: 100%;\n zoom: 1;\n &:first-child {\n padding-left: 0;\n @media only screen and (max-width: 1083px) {\n padding-left: 0.75rem;\n }\n }\n @media only screen and (min-width: 540px) and (max-width: 1082px) {\n width: 33.33333%;\n }\n @media only screen and (min-width: 1083px) {\n width: 16.6666666667%;\n }\n ul.custom_widget_MicrosoftFooter_c-list_105bp_78.custom_widget_MicrosoftFooter_f-bare_105bp_78 {\n font-size: 0.6875rem;\n line-height: 1rem;\n margin-top: 0;\n margin-bottom: 0;\n padding-left: 0;\n list-style-type: none;\n li {\n word-break: break-word;\n padding: 0.5rem 0;\n margin: 0;\n }\n }\n }\n }\n}\n.custom_widget_MicrosoftFooter_c-uhff-base_105bp_94 {\n background: #f2f2f2;\n margin: 0 auto;\n max-width: calc(100rem + 10%);\n padding: 1.875rem 5% 1rem;\n &:before,\n &:after {\n content: ' ';\n display: table;\n }\n &:after {\n clear: both;\n }\n a.custom_widget_MicrosoftFooter_c-uhff-ccpa_105bp_107 {\n font-size: 0.6875rem;\n line-height: 1rem;\n float: left;\n margin: 0.1875rem 0;\n }\n a.custom_widget_MicrosoftFooter_c-uhff-ccpa_105bp_107:hover {\n text-decoration: underline;\n }\n ul.custom_widget_MicrosoftFooter_c-list_105bp_78 {\n font-size: 0.6875rem;\n line-height: 1rem;\n float: right;\n margin: 0.1875rem 0;\n color: #616161;\n li {\n padding: 0 1.5rem 0.25rem 0;\n display: inline-block;\n }\n }\n .custom_widget_MicrosoftFooter_c-list_105bp_78.custom_widget_MicrosoftFooter_f-bare_105bp_78 {\n padding-left: 0;\n list-style-type: none;\n }\n @media only screen and (max-width: 1083px) {\n display: flex;\n flex-wrap: wrap;\n padding: 1.875rem 1.5rem 1rem;\n }\n}\n.custom_widget_MicrosoftFooter_social-share_105bp_138 {\n position: fixed;\n top: 60%;\n transform: translateY(-50%);\n left: 0;\n z-index: 1000;\n}\n.custom_widget_MicrosoftFooter_sharing-options_105bp_146 {\n list-style: none;\n padding: 0;\n margin: 0;\n display: block;\n flex-direction: column;\n background-color: white;\n width: 2.6875rem;\n border-radius: 0 0.4375rem 0.4375rem 0;\n}\n.custom_widget_MicrosoftFooter_linkedin-icon_105bp_156 {\n border-top-right-radius: 7px;\n}\n.custom_widget_MicrosoftFooter_linkedin-icon_105bp_156:hover {\n border-radius: 0;\n}\n.custom_widget_MicrosoftFooter_social-share-rss-image_105bp_162 {\n border-bottom-right-radius: 7px;\n}\n.custom_widget_MicrosoftFooter_social-share-rss-image_105bp_162:hover {\n border-radius: 0;\n}\n.custom_widget_MicrosoftFooter_social-link-footer_105bp_169 {\n position: relative;\n display: block;\n margin: -0.125rem 0;\n transition: all 0.2s ease;\n}\n.custom_widget_MicrosoftFooter_social-link-footer_105bp_169:hover .custom_widget_MicrosoftFooter_linkedin-icon_105bp_156 {\n border-radius: 0;\n}\n.custom_widget_MicrosoftFooter_social-link-footer_105bp_169:hover .custom_widget_MicrosoftFooter_social-share-rss-image_105bp_162 {\n border-radius: 0;\n}\n.custom_widget_MicrosoftFooter_social-link-footer_105bp_169 img {\n width: 2.5rem;\n height: auto;\n transition: filter 0.3s ease;\n}\n.custom_widget_MicrosoftFooter_social-share-list_105bp_188 {\n width: 2.5rem;\n}\n.custom_widget_MicrosoftFooter_social-share-rss-image_105bp_162 {\n width: 2.5rem;\n}\n.custom_widget_MicrosoftFooter_share-icon_105bp_195 {\n border: 2px solid transparent;\n display: inline-block;\n position: relative;\n}\n.custom_widget_MicrosoftFooter_share-icon_105bp_195:hover {\n opacity: 1;\n border: 2px solid white;\n box-sizing: border-box;\n}\n.custom_widget_MicrosoftFooter_share-icon_105bp_195:hover .custom_widget_MicrosoftFooter_label_105bp_207 {\n opacity: 1;\n visibility: visible;\n border: 2px solid white;\n box-sizing: border-box;\n border-left: none;\n}\n.custom_widget_MicrosoftFooter_label_105bp_207 {\n position: absolute;\n left: 100%;\n white-space: nowrap;\n opacity: 0;\n visibility: hidden;\n transition: all 0.2s ease;\n color: white;\n border-radius: 0 10 0 0.625rem;\n top: 50%;\n transform: translateY(-50%);\n height: 2.5rem;\n border-radius: 0 0.375rem 0.375rem 0;\n display: flex;\n align-items: center;\n justify-content: center;\n padding: 1.25rem 0.3125rem 1.25rem 0.5rem;\n margin-left: -0.0625rem;\n}\n.custom_widget_MicrosoftFooter_linkedin_105bp_156 {\n background-color: #0474b4;\n}\n.custom_widget_MicrosoftFooter_facebook_105bp_237 {\n background-color: #3c5c9c;\n}\n.custom_widget_MicrosoftFooter_twitter_105bp_240 {\n background-color: white;\n color: black;\n}\n.custom_widget_MicrosoftFooter_reddit_105bp_244 {\n background-color: #fc4404;\n}\n.custom_widget_MicrosoftFooter_mail_105bp_247 {\n background-color: #848484;\n}\n.custom_widget_MicrosoftFooter_bluesky_105bp_250 {\n background-color: white;\n color: black;\n}\n.custom_widget_MicrosoftFooter_rss_105bp_254 {\n background-color: #ec7b1c;\n}\n#custom_widget_MicrosoftFooter_RSS_105bp_1 {\n width: 2.5rem;\n height: 2.5rem;\n}\n@media (max-width: 991px) {\n .custom_widget_MicrosoftFooter_social-share_105bp_138 {\n display: none;\n }\n}\n","tokens":{"context-uhf":"custom_widget_MicrosoftFooter_context-uhf_105bp_1","c-uhff-link":"custom_widget_MicrosoftFooter_c-uhff-link_105bp_12","c-uhff":"custom_widget_MicrosoftFooter_c-uhff_105bp_12","c-uhff-nav":"custom_widget_MicrosoftFooter_c-uhff-nav_105bp_35","c-heading-4":"custom_widget_MicrosoftFooter_c-heading-4_105bp_49","c-uhff-nav-row":"custom_widget_MicrosoftFooter_c-uhff-nav-row_105bp_57","c-uhff-nav-group":"custom_widget_MicrosoftFooter_c-uhff-nav-group_105bp_58","c-list":"custom_widget_MicrosoftFooter_c-list_105bp_78","f-bare":"custom_widget_MicrosoftFooter_f-bare_105bp_78","c-uhff-base":"custom_widget_MicrosoftFooter_c-uhff-base_105bp_94","c-uhff-ccpa":"custom_widget_MicrosoftFooter_c-uhff-ccpa_105bp_107","social-share":"custom_widget_MicrosoftFooter_social-share_105bp_138","sharing-options":"custom_widget_MicrosoftFooter_sharing-options_105bp_146","linkedin-icon":"custom_widget_MicrosoftFooter_linkedin-icon_105bp_156","social-share-rss-image":"custom_widget_MicrosoftFooter_social-share-rss-image_105bp_162","social-link-footer":"custom_widget_MicrosoftFooter_social-link-footer_105bp_169","social-share-list":"custom_widget_MicrosoftFooter_social-share-list_105bp_188","share-icon":"custom_widget_MicrosoftFooter_share-icon_105bp_195","label":"custom_widget_MicrosoftFooter_label_105bp_207","linkedin":"custom_widget_MicrosoftFooter_linkedin_105bp_156","facebook":"custom_widget_MicrosoftFooter_facebook_105bp_237","twitter":"custom_widget_MicrosoftFooter_twitter_105bp_240","reddit":"custom_widget_MicrosoftFooter_reddit_105bp_244","mail":"custom_widget_MicrosoftFooter_mail_105bp_247","bluesky":"custom_widget_MicrosoftFooter_bluesky_105bp_250","rss":"custom_widget_MicrosoftFooter_rss_105bp_254","RSS":"custom_widget_MicrosoftFooter_RSS_105bp_1"}},"form":null},"localOverride":false},"CachedAsset:text:en_US-components/community/Breadcrumb-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Breadcrumb-1745505307000","value":{"navLabel":"Breadcrumbs","dropdown":"Additional parent page navigation"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagsHeaderWidget-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagsHeaderWidget-1745505307000","value":{"tag":"{tagName}","topicsCount":"{count} {count, plural, one {Topic} other {Topics}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListForNodeByRecentActivityWidget-1745505307000","value":{"title@userScope:other":"Recent Content","title@userScope:self":"Contributions","title@board:FORUM@userScope:other":"Recent Discussions","title@board:BLOG@userScope:other":"Recent Blogs","emptyDescription":"No content to show","MessageListForNodeByRecentActivityWidgetEditor.nodeScope.label":"Scope","title@instance:1722894000155":"Recent Discussions","title@instance:1727367112619":"Recent Blog Articles","title@instance:1727367069748":"Recent Discussions","title@instance:1727366213114":"Latest Discussions","title@instance:1727899609720":"","title@instance:1727363308925":"Latest Discussions","title@instance:1737115580352":"Latest Articles","title@instance:1720453418992":"Recent Discssions","title@instance:1727365950181":"Latest Blog Articles","title@instance:bmDPnI":"Latest Blog Articles","title@instance:IiDDJZ":"Latest Blog Articles","title@instance:1721244347979":"Latest blog posts","title@instance:1728383752171":"Related Content","title@instance:1722893956545":"Latest Skilling Resources","title@instance:dhcgCU":"Latest Discussions"},"localOverride":false},"Category:category:Exchange":{"__typename":"Category","id":"category:Exchange","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Outlook":{"__typename":"Category","id":"category:Outlook","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Community-Info-Center":{"__typename":"Category","id":"category:Community-Info-Center","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:EducationSector":{"__typename":"Category","id":"category:EducationSector","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:DrivingAdoption":{"__typename":"Category","id":"category:DrivingAdoption","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Azure":{"__typename":"Category","id":"category:Azure","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Windows-Server":{"__typename":"Category","id":"category:Windows-Server","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:MicrosoftTeams":{"__typename":"Category","id":"category:MicrosoftTeams","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:PublicSector":{"__typename":"Category","id":"category:PublicSector","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:microsoft365":{"__typename":"Category","id":"category:microsoft365","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:IoT":{"__typename":"Category","id":"category:IoT","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:HealthcareAndLifeSciences":{"__typename":"Category","id":"category:HealthcareAndLifeSciences","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:ITOpsTalk":{"__typename":"Category","id":"category:ITOpsTalk","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:MicrosoftLearn":{"__typename":"Category","id":"category:MicrosoftLearn","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Blog:board:MicrosoftLearnBlog":{"__typename":"Blog","id":"board:MicrosoftLearnBlog","blogPolicies":{"__typename":"BlogPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}},"boardPolicies":{"__typename":"BoardPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:AI":{"__typename":"Category","id":"category:AI","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:MicrosoftMechanics":{"__typename":"Category","id":"category:MicrosoftMechanics","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:MicrosoftforNonprofits":{"__typename":"Category","id":"category:MicrosoftforNonprofits","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:StartupsatMicrosoft":{"__typename":"Category","id":"category:StartupsatMicrosoft","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:PartnerCommunity":{"__typename":"Category","id":"category:PartnerCommunity","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Microsoft365Copilot":{"__typename":"Category","id":"category:Microsoft365Copilot","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Windows":{"__typename":"Category","id":"category:Windows","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:Content_Management":{"__typename":"Category","id":"category:Content_Management","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Category:category:microsoftintune":{"__typename":"Category","id":"category:microsoftintune","categoryPolicies":{"__typename":"CategoryPolicies","canReadNode":{"__typename":"PolicyResult","failureReason":null}}},"Conversation:conversation:4400755":{"__typename":"Conversation","id":"conversation:4400755","topic":{"__typename":"BlogTopicMessage","uid":4400755},"lastPostingActivityTime":"2025-04-21T01:24:11.447-07:00","solved":false},"User:user:453722":{"__typename":"User","uid":453722,"login":"hspinto","registrationData":{"__typename":"RegistrationData","status":null},"deleted":false,"avatar":{"__typename":"UserAvatar","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/dS00NTM3MjItMjMzNjQ4aTREN0Q5RjI2QTFFMzVGNjg"},"id":"user:453722"},"BlogTopicMessage:message:4400755":{"__typename":"BlogTopicMessage","subject":"How to identify Azure resources using default outbound Internet access?","conversation":{"__ref":"Conversation:conversation:4400755"},"id":"message:4400755","revisionNum":3,"uid":4400755,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":"","introduction":"","metrics":{"__typename":"MessageMetrics","views":2974},"postTime":"2025-04-07T00:49:27.481-07:00","lastPublishTime":"2025-04-21T01:24:11.447-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" The default outbound access problem \n On 30 September 2025, default outbound access connectivity for virtual machines in Azure will be retired (see announcement). After this date, all new VMs that require internet access will need to use explicit outbound connectivity methods such as Azure NAT Gateway, Azure Load Balancer outbound rules, an Azure Firewall/NVA, or a directly attached Azure public IP address. \n \n Existing VMs that use default outbound access will continue to work after this retirement, however, we strongly recommend transitioning to an explicit outbound method so that: \n \n \n Your workloads won’t be affected by public IP address changes. \n You have greater control over how your VMs connect to the internet. \n Your VMs use traceable IP resources that you own. \n \n Explicit outbound solutions \n You can find a complete guidance on how default outbound access in Azure works and how to transition to an explicit outbound connectivity method in the VNet IP services documentation and also on this very detailed blog post. The options can be summarized as follows (any option works, but they are ordered by preference): \n \n \n Route the subnet Internet-bound traffic to an Azure Firewall or marketplace NVA, via a custom User-Defined Route. For enterprise-grade customers, this is the recommended approach, as it allows you to centralize egress and increase network security with features like packet filtering, FQDN-based rules, TLS inspection, or IDPS. \n Associate a NAT Gateway to the subnet of your virtual machines. Consider you need to create one NAT gateway per Virtual Network, because NAT Gateways cannot be reused across multiple Virtual Networks. \n Associate a Public Standard Load Balancer configured with outbound rules. \n Associate a Standard Public IP to any of the virtual machine's network interfaces. \n For HTTP traffic only, forward outbound requests to a centralized HTTP proxy machine, provided this machine has one of the explicit outbound access methods above enabled. \n \n \n Prepare your Azure Virtual Networks for this change soon enough, because after 30 September 2025, new virtual machines will not be able to connect directly to the Internet. If you have subnets in which all VMs are already using explicit outbound connectivity methods, it is advisable to make those subnets private, to avoid new implicit outbound cases before the deadline. \n \n Identifying Azure resources using default outbound Internet access \n Now, you may ask “which of my Azure Virtual Machines or Scale Sets are using default outbound Internet access?” This question is helpful for characterizing your current compute estate and anticipate issues, but also to plan the transition to an explicit outbound method, for the reasons outlined above. \n \n Luckily, there are some helpers. First, there is an Azure Advisor Operational Excellence recommendation (“Add explicit outbound method to disable default outbound”) that helps you pinpoint network interfaces that might be in this situation. However, this recommendation does not currently cover Virtual Machine Scale Sets or machines behind a Public Basic Load Balancer. \n \n The second option is to use Azure Resource Graph and query the Azure control plane for resources in this situation. The two queries below address Virtual Machine and Virtual Machine Scale Set use cases. If there are resources with explicit outbound access via a Public Basic Load Balancer, those are also flagged, because Basic Load Balancers are also on the retirement path on the same date. \n \n If you already have Azure Firewalls or NVAs to which you are routing egress traffic, don’t forget to replace the <firewall private IP> placeholders (line 14 of each query) by the private IP address of the firewall(s); otherwise, leave the query as is. \n \n NOTE: the query below does not consider Azure Virtual WAN scenarios where Virtual Hubs have route tables forcing Internet-bound traffic to flow into an NVA, as Virtual Hubs route tables are not exposed yet in Azure Resource Graph. \n Virtual Machines \n resources \n| where type =~ 'microsoft.network/virtualnetworks'\n| mvexpand subnet = properties.subnets\n| project \n vnetName=tolower(name), resourceGroup, subscriptionId, location, subnetName = tolower(subnet.name), subnetId=tolower(subnet.id),\n routeTable = tolower(subnet.properties.routeTable.id),\n hasNatGW = iif(isnotempty(subnet.properties.natGateway.id), true, false)\n| join kind=inner ( resourcecontainers | where type =~ 'microsoft.resources/subscriptions' | project subscriptionId, subscriptionName = name) on subscriptionId\n| project-away subscriptionId, subscriptionId1\n| order by subnetId\n| join kind=leftouter ( resources | where type == 'microsoft.network/routetables' | project routeTable=tolower(id), routeTableProperties=properties ) on routeTable\n| mv-expand route = routeTableProperties.routes\n| project-away routeTable1, routeTableProperties\n| extend routesToFW = iif(route.properties.addressPrefix == '0.0.0.0/0' and route.properties.nextHopType == 'VirtualAppliance' and route.properties.nextHopIpAddress in ('<firewall private IP>'), true, false)\n| extend routeName = tolower(route.name)\n| project-away route\n| join kind=leftouter (\n resources\n | where type == 'microsoft.network/networkinterfaces'\n | extend vmId = tolower(properties.virtualMachine.id)\n | where isnotempty(vmId)\n | mv-expand ipConfiguration = properties.ipConfigurations\n | mv-expand backendPool = ipConfiguration.properties.loadBalancerBackendAddressPools\n | extend loadBalancerId = tolower(substring(backendPool.id, 0, indexof(backendPool.id, '/backendAddressPools')))\n | join kind=leftouter (\n resources\n | where type == 'microsoft.network/loadbalancers'\n | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations\n | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal')\n | mv-expand loadBalancingRule = properties.loadBalancingRules\n | extend lbOutboundSnat = iif(lbType =='Public', iif(sku.name == 'Standard', not(tobool(loadBalancingRule.properties.disableOutboundSnat)), true), false)\n | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat\n | union (\n resources\n | where type == 'microsoft.network/loadbalancers'\n | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations\n | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal')\n | mv-expand outboundRule = properties.outboundRules\n | extend lbOutboundSnat = iif(isnotempty(outboundRule) or (sku.name == 'Basic' and lbType == 'Public'), true, false)\n | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat\n )\n | summarize make_set(lbOutboundSnat) by loadBalancerId, lbSku, lbType\n | extend lbOutboundSnat = iif(array_length(set_lbOutboundSnat) == 1, set_lbOutboundSnat[0], true)\n ) on loadBalancerId\n | project nicId=tolower(id), vmId, subnetId=tolower(ipConfiguration.properties.subnet.id), hasPublicIP=iif(isnotempty(ipConfiguration.properties.publicIPAddress.id), true, false), lbOutboundSnat, lbSku\n) on subnetId\n| where isnotempty(vmId)\n| extend lbOutboundSnat = iif(isnotempty(lbOutboundSnat), lbOutboundSnat, false)\n| extend hasPublicIP=iif(isnotempty(hasPublicIP), hasPublicIP, false)\n| summarize hasNatGW=make_set(hasNatGW), routesToFW=make_set(routesToFW), hasPublicIP=make_set(hasPublicIP), lbOutboundSnat=make_set(lbOutboundSnat), lbSku=make_set(lbSku) by vnetName, resourceGroup, subscriptionName, location, vmId\n| extend hasNatGW = iif(array_length(hasNatGW) == 1, hasNatGW[0], true)\n| extend routesToFW = iif(array_length(routesToFW) == 1, routesToFW[0], true)\n| extend hasPublicIP = iif(array_length(hasPublicIP) == 1, hasPublicIP[0], true)\n| extend lbOutboundSnat = iif(array_length(lbOutboundSnat) == 1, lbOutboundSnat[0], true)\n| extend lbSku = tostring(lbSku[0])\n| summarize by vmId, vmName=tostring(split(vmId,'/')[-1]), resourceGroup=tostring(split(vmId,'/')[4]), subscriptionName, location, vnetName, routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP\n//| summarize vmCount=dcount(vmId) by routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP //uncomment this line and comment the last one to get only stats\n| where not(hasNatGW) and not(routesToFW) and not(hasPublicIP) and (not(lbOutboundSnat) or lbSku == 'Basic') \n Virtual Machine Scale Sets \n resources \n| where type =~ 'microsoft.network/virtualnetworks'\n| mvexpand subnet = properties.subnets\n| project \n vnetName=tolower(name), resourceGroup, subscriptionId, location, subnetName = tolower(subnet.name), subnetId=tolower(subnet.id),\n routeTable = tolower(subnet.properties.routeTable.id),\n hasNatGW = iif(isnotempty(subnet.properties.natGateway.id), true, false)\n| join kind=inner ( resourcecontainers | where type =~ 'microsoft.resources/subscriptions' | project subscriptionId, subscriptionName = name) on subscriptionId\n| project-away subscriptionId, subscriptionId1\n| order by subnetId\n| join kind=leftouter ( resources | where type == 'microsoft.network/routetables' | project routeTable=tolower(id), routeTableProperties=properties ) on routeTable\n| mv-expand route = routeTableProperties.routes\n| project-away routeTable1, routeTableProperties\n| extend routesToFW = iif(route.properties.addressPrefix == '0.0.0.0/0' and route.properties.nextHopType == 'VirtualAppliance' and route.properties.nextHopIpAddress in ('<firewall private IP>'), true, false)\n| extend routeName = tolower(route.name)\n| project-away route\n| join kind=leftouter (\n resources\n | where type == 'microsoft.compute/virtualmachinescalesets' and properties.orchestrationMode == 'Uniform'\n | mv-expand nicConfiguration = properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations\n | mv-expand ipConfiguration = nicConfiguration.properties.ipConfigurations\n | mv-expand backendPool = ipConfiguration.properties.loadBalancerBackendAddressPools\n | extend loadBalancerId = tolower(substring(backendPool.id, 0, indexof(backendPool.id, '/backendAddressPools')))\n | join kind=leftouter (\n resources\n | where type == 'microsoft.network/loadbalancers'\n | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations\n | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal')\n | mv-expand loadBalancingRule = properties.loadBalancingRules\n | extend lbOutboundSnat = iif(lbType =='Public', iif(sku.name == 'Standard', not(tobool(loadBalancingRule.properties.disableOutboundSnat)), true), false)\n | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat\n | union (\n resources\n | where type == 'microsoft.network/loadbalancers'\n | mv-expand frontEndIpConfiguration = properties.frontendIPConfigurations\n | extend lbType = iif(isnotempty(frontEndIpConfiguration.properties.publicIPAddress.id), 'Public', 'Internal')\n | mv-expand outboundRule = properties.outboundRules\n | extend lbOutboundSnat = iif(isnotempty(outboundRule) or (sku.name == 'Basic' and lbType == 'Public'), true, false)\n | project loadBalancerId=tolower(id), lbSku=tostring(sku.name), lbType, lbOutboundSnat\n )\n | summarize make_set(lbOutboundSnat) by loadBalancerId, lbSku, lbType\n | extend lbOutboundSnat = iif(array_length(set_lbOutboundSnat) == 1, set_lbOutboundSnat[0], true)\n ) on loadBalancerId\n | project vmssId=tolower(id), subnetId=tolower(ipConfiguration.properties.subnet.id), hasPublicIP=iif(isnotempty(ipConfiguration.properties.publicIPAddressConfiguration), true, false), lbOutboundSnat, lbSku\n) on subnetId\n| where isnotempty(vmssId)\n| extend lbOutboundSnat = iif(isnotempty(lbOutboundSnat), lbOutboundSnat, false)\n| extend hasPublicIP=iif(isnotempty(hasPublicIP), hasPublicIP, false)\n| summarize hasNatGW=make_set(hasNatGW), routesToFW=make_set(routesToFW), hasPublicIP=make_set(hasPublicIP), lbOutboundSnat=make_set(lbOutboundSnat), lbSku=make_set(lbSku) by vnetName, resourceGroup, subscriptionName, location, vmssId\n| extend hasNatGW = iif(array_length(hasNatGW) == 1, hasNatGW[0], true)\n| extend routesToFW = iif(array_length(routesToFW) == 1, routesToFW[0], true)\n| extend hasPublicIP = iif(array_length(hasPublicIP) == 1, hasPublicIP[0], true)\n| extend lbOutboundSnat = iif(array_length(lbOutboundSnat) == 1, lbOutboundSnat[0], true)\n| extend lbSku = tostring(lbSku[0])\n| summarize by vmssId, vmssName=tostring(split(vmssId,'/')[-1]), resourceGroup=tostring(split(vmssId,'/')[4]), subscriptionName, location, vnetName, routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP\n//| summarize vmssCount=dcount(vmssId) by routesToFW, hasNatGW, lbOutboundSnat, lbSku, hasPublicIP //uncomment this line and comment the last one to get only stats\n| where not(hasNatGW) and not(routesToFW) and not(hasPublicIP) and (not(lbOutboundSnat) or lbSku == 'Basic') \n Acknowledgments \n Special thanks to my colleagues Pedro Pereira and Fernando Loureiro for having triggered the idea for this blog post. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"13419","kudosSumWeight":3,"repliesCount":2,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:1851317":{"__typename":"Conversation","id":"conversation:1851317","topic":{"__typename":"BlogTopicMessage","uid":1851317},"lastPostingActivityTime":"2024-07-18T08:47:12.282-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xODUxMzE3LTIzODEyNWlFNjQ2RjI4RTIzQTFCNEQ3?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xODUxMzE3LTIzODEyNWlFNjQ2RjI4RTIzQTFCNEQ3?revision=6","title":"augmenting-azure-advisor-co-pt4-figure1.jpg","associationType":"TEASER","width":988,"height":190,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xODUxMzE3LTIzODEyNmlCNEZGNkZCODgwMTkzNUJD?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xODUxMzE3LTIzODEyNmlCNEZGNkZCODgwMTkzNUJD?revision=6","title":"augmenting-azure-advisor-co-pt4-figure1.jpg","associationType":"BODY","width":988,"height":190,"altText":null},"BlogTopicMessage:message:1851317":{"__typename":"BlogTopicMessage","subject":"Automating Continuous Optimization with the Azure Optimization Engine","conversation":{"__ref":"Conversation:conversation:1851317"},"id":"message:1851317","revisionNum":6,"uid":1851317,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Here is Hélder Pinto again, writing the last post of a series dedicated to the implementation of automated Continuous Optimization with Azure Advisor recommendations. \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":8704},"postTime":"2020-11-09T00:00:00.034-08:00","lastPublishTime":"2024-07-18T08:47:12.282-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Hello, dear readers! Here is Hélder Pinto again, writing the last post of a series dedicated to the implementation of automated Continuous Optimization with Azure Advisor recommendations. For a contextualization of the solution here described, please read the introductory post for an overview of the solution, the second post for the details and deployment of the main solution components and also the third post to see how the Azure Optimization Engine generates recommendations and reports on it. \n \n Introduction \n \n If you didn’t have time to read the full post series about the Azure Optimization Engine, let me quickly recap. The Azure Optimization Engine (AOE) is an extensible solution designed to generate custom optimization recommendations for your Azure environment. See it like a fully customizable Azure Advisor. It leverages Azure Resource Graph, Log Analytics, Automation, and, of course, Azure Advisor itself, to build a rich repository of custom optimization opportunities. The first recommendations use-case covered by AOE was augmenting Azure Advisor Cost recommendations, particularly Virtual Machine right-sizing, with VM metrics and properties all enabling for better informed right-size decisions. Other recommendations can be easily added/augmented with AOE, not only for cost optimization but also for security, high-availability, and other Well Architected Framework pillars. \n In this last post, I will show you how we can use AOE to automate the remediation of optimization opportunities – the ultimate goal of the engine – and how to extend it with new custom recommendations. \n \n Do you really want me to automate right-size recommendations?! \n \n The customer pain that sparked this series was all about remediating dozens or hundreds of VM right-size recommendations, for which one had trouble in reaching information that could help in making well-informed decisions. An Azure administrator can well spend many hours of investigation and many interactions with other colleagues before deciding to downsize a VM. Many times, it becomes an unfeasible task and Azure inefficiencies can last forever. \n \n What if customers could simply automate those recommendation remediations? It may at first seem a reckless and naive option, but let’s face it: if we were highly confident that the recommendation was feasible and the environment we were touching was not critical, wouldn’t we prefer to automate? \n \n critical VM downsize when fit score is high for several weeks in a row \n \n With the help of AOE, we now have a database of recommendations that have all the details we need to make an automated decision (see all the details in the previous post) \n \n \n A fit score that is based on several factors:\n \n Are the number of data disks and network interfaces supported by the size recommended by Azure Advisor? \n Is the performance observed in my VM supported in the target size, according to my own memory, processor, and I/O thresholds and aggregations? \n \n \n Historical data that allows me to check whether a right-size recommendation has been made for long enough to be taken seriously. A recommendation that just popped up this week is less trustworthy than a recommendation that Advisor is insisting on for the last 4 weeks. \n VM properties that describe how critical it is (e.g., Azure subscription, resource group, or specific tags) \n \n \n Based on these details, we can perfectly write a remediation runbook that simply queries the recommendations database for VMs that have been recommended for right-size for the past X weeks and with a fit score larger than Y. The T-SQL query could be this one: \n \n \n \n \n \n \n \n SELECT RecommendationId, InstanceId, Tags, COUNT(InstanceId)\n FROM [dbo].[Recommendations] \n WHERE RecommendationSubTypeId = '$rightSizeRecommendationId' AND FitScore >= $minFitScore AND GeneratedDate >= GETDATE()-(7*$minWeeksInARow)\n GROUP BY InstanceId, InstanceName, Tags\n HAVING COUNT(InstanceId) >= $minWeeksInARow \n \n \n \n \n \n \n \n Additionally, we could filter the VMs to remediate to include only those that had a specific tag value. For a scenario where $minWeeksInARow=4 and $minFitScore=4.5 and tag environment=dev, these would be the automated remediation results: \n \n \n \n \n \n Recommendation \n \n \n Fit Score \n \n \n Weeks in a Row \n \n \n Env. tag \n \n \n Action \n \n \n \n \n we1-prd-dc01 \n \n \n 4.6 \n \n \n 6 \n \n \n prod \n \n \n None \n \n \n \n \n we1-dev-app02 \n \n \n 4.7 \n \n \n 4 \n \n \n dev \n \n \n Downsize \n \n \n \n \n we1-dev-sql03 \n \n \n 4.3 \n \n \n 5 \n \n \n dev \n \n \n None \n \n \n \n \n we1-dev-app03 \n \n \n 4.8 \n \n \n 2 \n \n \n dev \n \n \n None \n \n \n \n \n \n The AOE includes a Remediate-AdvisorRightSizeFiltered runbook that implements exactly the algorithm above. After having deployed the solution, you just have to define values for the following Automation variables and finally schedule the runbook for the desired time and frequency. Happy rightsizing! \n \n \n AzureOptimization_RemediateRightSizeMinWeeksInARow – the minimum number of consecutive weeks a recommendation must be made for the same VM. \n AzureOptimization_RemediateRightSizeMinFitScore – the minimum fit scores a recommendation must have each week. \n AzureOptimization_RemediateRightSizeTagsFilter – an optional VM tags JSON filter that will be used to select VMs that will be subject to remediation. Example: [ { \"tagName\": \"a\", \"tagValue\": \"b\" }, { \"tagName\": \"c\", \"tagValue\": \"d\" } ] \n \n \n How to generate my own custom recommendations? \n \n OK, now you have customized right-size recommendations, but you probably want more. You want to identify other cost saving opportunities that may be specific to the environments you manage and that Advisor does not cover yet, such as underutilized App Service Plans or SQL Databases, ever-growing Storage Accounts, VMs stopped but not deallocated, etc.. In the previous post, you saw that writing a recommendation runbook for orphaned disks was really easy. \n \n In this post, I want to show you that the AOE is not meant only for Cost optimization but can be used for other Well Architected Framework pillars – High Availability, Performance, Operational Excellence and Security. I’ve recently added to the AOE a recommendation for the High Availability pillar, identifying VMs with unmanaged disks. This new recommendation does not need additional data sources, as the Virtual Machine data already being exported from Azure Resource Graph is enough to identify VMs in this situation. \n \n If you want to generate your own custom recommendations, you just have to first make sure you are collecting the required data with the Data Collection runbooks – follow the pattern of the existing runbooks that dump the data as CSV into a Storage Account and then rely on the data source-agnostic Log Analytics ingestion runbook. Having the required data in Log Analytics, you can write a new recommendation runbook that runs a weekly query for optimization opportunities. Looking at the Recommend-VMsWithUnmanagedDisksToBlobStorage runbook, you’ll identify the recommendation generation pattern: \n \n \n Collect AOE generic and recommendation-specific variables (Log Analytics workspace, Storage Account container, etc.) \n Authenticate against the Azure environment \n Obtain a context reference to the Storage Account where the recommendations file is going to be stored. \n Execute the recommendation query against Log Analytics. \n Build the recommendations objects – pay attention to the properties, as all those are required for the recommendation to correctly show up in the Power BI report. You will need to create a new GUID for your new recommendation type. \n Finally, export the recommendations file to blob storage – use a file naming specific to the recommendation type. \n \n \n Don’t forget to link the runbook to the AzureOptimization_RecommendationsWeekly schedule and that’s all you must do. On the next scheduled recommendations generation run, you’ll have your new recommendations flowing into the Power BI report! \n \n Thank you for having been following this series! 😉 \n \n Disclaimer \n The Azure Optimization Engine is not supported under any Microsoft standard support program or service. The scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"9233","kudosSumWeight":3,"repliesCount":3,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xODUxMzE3LTIzODEyNWlFNjQ2RjI4RTIzQTFCNEQ3?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xODUxMzE3LTIzODEyNmlCNEZGNkZCODgwMTkzNUJD?revision=6\"}"}}],"totalCount":2,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:1544796":{"__typename":"Conversation","id":"conversation:1544796","topic":{"__typename":"BlogTopicMessage","uid":1544796},"lastPostingActivityTime":"2024-07-02T11:15:15.122-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzN2lBNzhDMzI4Mjk4RjFGMTg5?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzN2lBNzhDMzI4Mjk4RjFGMTg5?revision=6","title":"augmenting-azure-advisor-co-pt3-figure3.jpg","associationType":"TEASER","width":1439,"height":810,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczMGkxRTYzRDk3QTI1MjMxRTc5?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczMGkxRTYzRDk3QTI1MjMxRTc5?revision=6","title":"hspinto_0-1595627743251.png","associationType":"BODY","width":1293,"height":437,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzcyOWlBOUJGRkEzQTVEQjU2M0I2?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzcyOWlBOUJGRkEzQTVEQjU2M0I2?revision=6","title":"hspinto_1-1595627743272.png","associationType":"BODY","width":1289,"height":358,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzOGkwMTYzMTNBQjk5M0YzNEU2?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzOGkwMTYzMTNBQjk5M0YzNEU2?revision=6","title":"augmenting-azure-advisor-co-pt3-figure3.jpg","associationType":"BODY","width":1439,"height":810,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzOWlDMzdFMzI4NUJCNTg4MUQ1?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzOWlDMzdFMzI4NUJCNTg4MUQ1?revision=6","title":"augmenting-azure-advisor-co-pt3-figure4.jpg","associationType":"BODY","width":1436,"height":803,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczMmkyODk2MUZFQ0NGNjVBMEFD?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczMmkyODk2MUZFQ0NGNjVBMEFD?revision=6","title":"hspinto_4-1595627743396.jpeg","associationType":"BODY","width":344,"height":161,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODI0MGlCNDQyODVEM0YxQkU0NjQ0?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODI0MGlCNDQyODVEM0YxQkU0NjQ0?revision=6","title":"augmenting-azure-advisor-co-pt3-figure6.jpg","associationType":"BODY","width":1378,"height":633,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODI0MWk2NjFBMDZCODdDNzMwQkRB?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODI0MWk2NjFBMDZCODdDNzMwQkRB?revision=6","title":"augmenting-azure-advisor-co-pt3-figure7.jpg","associationType":"BODY","width":1134,"height":455,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczNmlCRTg1ODJDMjk0OEFGQjkz?revision=6\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczNmlCRTg1ODJDMjk0OEFGQjkz?revision=6","title":"hspinto_7-1595627743468.jpeg","associationType":"BODY","width":1607,"height":757,"altText":null},"BlogTopicMessage:message:1544796":{"__typename":"BlogTopicMessage","subject":"Augmenting Azure Advisor Cost Recommendations for Automated Continuous Optimization – Part 3","conversation":{"__ref":"Conversation:conversation:1544796"},"id":"message:1544796","revisionNum":6,"uid":1544796,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" This is the third post of a series dedicated to the implementation of automated Continuous Optimization with Azure Advisor Cost recommendations. For a contextualization of the solution here described, please read the introductory post for an overview of the solution and also the second post for the details and deployment of the main solution components. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":9577},"postTime":"2020-07-27T00:00:00.029-07:00","lastPublishTime":"2020-12-07T02:41:51.729-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" This is the third post of a series dedicated to the implementation of automated Continuous Optimization with Azure Advisor Cost recommendations. For a contextualization of the solution here described, please read the introductory post for an overview of the solution and also the second post for the details and deployment of the main solution components. \n \n Introduction \n \n If you read the previous posts and deployed the Azure Optimization Engine solution, by now you have a Log Analytics workspace containing Advisor Cost recommendations as well as Virtual Machine properties and performance metrics, collected in a daily basis. We have all the historical data that is needed to augment Advisor recommendations and help us validate and, ultimately, automate VM right-size remediations. As a bonus, we have now a change history of our Virtual Machine assets and Advisor recommendations, which can also be helpful for other purposes. \n \n So, what else is needed? Well, we need first to generate the augmented Advisor recommendations, by adding performance metrics and VM properties to each recommendation, and then store them in a repository that can be easily consumed and manipulated both by visualization tools and by automated remediation tasks. Finally, we visualize these and further recommendations with a simple Power BI report. \n \n Anatomy of a recommendation \n \n There isn’t much to invent here, as the Azure Advisor recommendation schema fits very well our purpose. We just need to add to this schema some other relevant fields: \n \n \n Fit score – each recommendation type will have its own algorithm to compute the fit score. For example, for VM right-size recommendations, we’ll calculate it based on the VM metrics and whether the target SKU meets the storage and networking requirements. \n Details URL – a link to a web page where we can see the actual justification for the recommendation (e.g., the results of a Log Analytics query chart showing the performance history of a VM). \n Additional information – a JSON-formatted value containing recommendation-specific details (e.g., current and target SKUs, estimated savings, etc.). \n Tags – if the target resource contains tags, we’ll just add them to the recommendation, as this may be helpful for reporting purposes. \n \n \n Generating augmented Advisor recommendations \n \n Having in the same Log Analytics repository all the data we need makes things really easy. We just need to build a query that joins Advisor recommendations with VM performance and properties and then automate a periodic export of the results for additional processing (see sample results below). As Advisor right-size recommendations consider only the last seven days of VM performance, we just have to run it once per week. \n \n \n \n \n For each exported recommendation, we’ll then execute a simple fit score algorithm that decreases the recommendation fit whenever a performance criterion is not met. We are considering these relatively weighted criteria against the recommended target SKU and observed performance metrics: \n \n \n [Very high importance] Does it support the current data disks count? \n [Very high] Does it support the current network interfaces count? \n [High] Does it support the percentile(n) un-cached IOPS observed for all disks in the respective VM? \n [High] Does it support the percentile(n) un-cached disks throughput? \n [Medium] Is the VM below a given percentile(n) processor and memory usage percentage? \n [Medium] Is the VM below a given percentile(n) network bandwidth usage? \n \n \n The fit score ranges from 0 (lowest) to 5 (highest). If we don’t have performance metrics for a VM, the fit score is still decreased though in a lesser proportion. If we are processing a non-right-size recommendation, we still include it in the report, but the fit score is not computed (remaining at the -1 default value). \n \n Bonus recommendation: orphaned disks \n \n The power of this solution is that having so valuable historical data in our repository and adding other sources to it will allow us to generate our own custom recommendations as well. One recommendation that easily comes out of the data we have been collecting is a report of orphaned disks – for example, disks that belonged to a VM that was meanwhile deleted (see sample query below). But you can easily think of others, even beyond cost optimization. \n \n \n \n \n Azure Optimization Engine reporting \n \n Now that we have an automated process that generates and augments optimization recommendations, the next step is to add visualizations to it. For this purpose, there is nothing better than Power BI. To make things easier, we have meanwhile ingested our recommendations into an Azure SQL Database, where we can better manage and query data. We use it as the data source for our Power BI report, with many perspectives (see sample screenshots below). \n The overview page gives us a high-level understanding of the recommendations’ relative distribution. We can also quickly see how many right-size recommended target SKUs are supported by the workload characteristics. In the example below, we have many “unknowns”, since only a few VMs were sending performance metrics to the Log Analytics workspace. \n \n \n \n \n In the exploration page, we can investigate all the available recommendations, using many types of filters and ordering criteria. \n \n \n \n \n After selecting a specific recommendation, we can drill through it and navigate to the Details or History pages. \n \n or history \n \n \n In the Details page, we can analyze all the data that was used to generate and validate the recommendation. Interestingly, the Azure Advisor API has recently included additional details about the thresholds values that were observed for each performance criterion. This can be used to cross-check with the metrics we are collecting with the Log Analytics agent. \n \n \n \n \n \n In the History page, we can observe how the fit score has evolved over time for a specific recommendation. If the fit score has been stable at high levels for the past weeks, then the recommendation can likely be implemented without risks. \n \n \n \n \n \n Each recommendation includes a details URL that opens an Azure Portal web page with additional information not available in the report. If we have performance data in Log Analytics for that instance, we can even open a CPU/memory chart with the performance history. \n \n \n \n \n Deploying the solution and next steps \n \n Everything described so far in these posts is available for you to deploy and test, in the Azure Optimization Engine repository. You can find there deployment and usage instructions and, if you have suggestions for improvements or for new types of recommendations, please open a feature request issue or… why not be brave and contribute to the project? 😉 \n \n The final post of this series will discuss how we can automate continuous optimization with the help of all the historical data we have been collecting and also how the AOE can be extended with additional recommendations (not limited to cost optimization). \n \n Thank you for having been following! See you next time! 😉 ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"7473","kudosSumWeight":5,"repliesCount":8,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzN2lBNzhDMzI4Mjk4RjFGMTg5?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczMGkxRTYzRDk3QTI1MjMxRTc5?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzcyOWlBOUJGRkEzQTVEQjU2M0I2?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzOGkwMTYzMTNBQjk5M0YzNEU2?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODIzOWlDMzdFMzI4NUJCNTg4MUQ1?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczMmkyODk2MUZFQ0NGNjVBMEFD?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODI0MGlCNDQyODVEM0YxQkU0NjQ0?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDg","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIzODI0MWk2NjFBMDZCODdDNzMwQkRB?revision=6\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDk","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0xNTQ0Nzk2LTIwNzczNmlCRTg1ODJDMjk0OEFGQjkz?revision=6\"}"}}],"totalCount":9,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:4100750":{"__typename":"Conversation","id":"conversation:4100750","topic":{"__typename":"BlogTopicMessage","uid":4100750},"lastPostingActivityTime":"2024-06-14T06:21:06.704-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ2OWlEODE0RTE2QjgzMjNDQTVD?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ2OWlEODE0RTE2QjgzMjNDQTVD?revision=2","title":"hspinto_0-1711711588370.png","associationType":"TEASER","width":940,"height":674,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3MWk4RkRGOEM5RDFEOTYxRjVD?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3MWk4RkRGOEM5RDFEOTYxRjVD?revision=2","title":"hspinto_1-1711711650056.png","associationType":"BODY","width":675,"height":274,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3Mmk2ODRCNTY3MjBFM0Q3N0I4?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3Mmk2ODRCNTY3MjBFM0Q3N0I4?revision=2","title":"hspinto_2-1711711650063.jpeg","associationType":"BODY","width":1263,"height":606,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3MGkxODQ1RDVBRjVFRThCQzE5?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3MGkxODQ1RDVBRjVFRThCQzE5?revision=2","title":"hspinto_3-1711711650063.png","associationType":"BODY","width":682,"height":337,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3M2lFRTUyRjkzN0M3MEM0OTIy?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3M2lFRTUyRjkzN0M3MEM0OTIy?revision=2","title":"hspinto_4-1711711650064.png","associationType":"BODY","width":674,"height":259,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NGk5RTRBMjVGN0VFMTc4RUM1?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NGk5RTRBMjVGN0VFMTc4RUM1?revision=2","title":"hspinto_5-1711711650065.png","associationType":"BODY","width":662,"height":256,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NWkzRjAyRjUxMThDM0E0MUU2?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NWkzRjAyRjUxMThDM0E0MUU2?revision=2","title":"hspinto_6-1711711650066.png","associationType":"BODY","width":654,"height":251,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3N2kzRDE2QTI0NUE0QzRBMThB?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3N2kzRDE2QTI0NUE0QzRBMThB?revision=2","title":"hspinto_7-1711711650067.png","associationType":"BODY","width":759,"height":251,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3OGk5RkY5QjIxNjFGOURGNEND?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3OGk5RkY5QjIxNjFGOURGNEND?revision=2","title":"hspinto_8-1711711650069.png","associationType":"BODY","width":645,"height":597,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NmlBRjUyODYyOTlBODMwN0M0?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NmlBRjUyODYyOTlBODMwN0M0?revision=2","title":"hspinto_9-1711711650070.png","associationType":"BODY","width":595,"height":262,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3OWlGMjdGRUQwNzE4NDJDM0ZF?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3OWlGMjdGRUQwNzE4NDJDM0ZF?revision=2","title":"hspinto_10-1711711650071.png","associationType":"BODY","width":822,"height":339,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MWkzRTExOEE0NEEyODFGRTNG?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MWkzRTExOEE0NEEyODFGRTNG?revision=2","title":"hspinto_11-1711711650073.png","associationType":"BODY","width":838,"height":601,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MGlGMzM0MDQ2RjRFRjk1MUNG?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MGlGMzM0MDQ2RjRFRjk1MUNG?revision=2","title":"hspinto_12-1711711650075.png","associationType":"BODY","width":1387,"height":423,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MmkxNTc2MTk2ODZGODI0RkQ0?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MmkxNTc2MTk2ODZGODI0RkQ0?revision=2","title":"hspinto_13-1711711650076.png","associationType":"BODY","width":692,"height":268,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4M2kzMDVGQkQzMEEwMDU0RDc0?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4M2kzMDVGQkQzMEEwMDU0RDc0?revision=2","title":"hspinto_14-1711711650077.png","associationType":"BODY","width":690,"height":266,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4NGlGMEQ4OTE2RTkxMzc0NzI3?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4NGlGMEQ4OTE2RTkxMzc0NzI3?revision=2","title":"hspinto_15-1711711650079.png","associationType":"BODY","width":953,"height":411,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4N2lDOUZEN0FDQTI5M0Q2MDU0?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4N2lDOUZEN0FDQTI5M0Q2MDU0?revision=2","title":"hspinto_16-1711711650081.png","associationType":"BODY","width":803,"height":429,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4Nmk3MUNCREFCNjkyQ0RERkNC?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4Nmk3MUNCREFCNjkyQ0RERkNC?revision=2","title":"hspinto_17-1711711650083.png","associationType":"BODY","width":1112,"height":442,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4NWkxQUE3N0UyMUZEOTk4MzBB?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4NWkxQUE3N0UyMUZEOTk4MzBB?revision=2","title":"hspinto_18-1711711650085.png","associationType":"BODY","width":929,"height":437,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4OGk5QjE3MDA3RTdFNUYwNUU0?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4OGk5QjE3MDA3RTdFNUYwNUU0?revision=2","title":"hspinto_19-1711711650087.png","associationType":"BODY","width":810,"height":431,"altText":null},"BlogTopicMessage:message:4100750":{"__typename":"BlogTopicMessage","subject":"Get Azure Reservations and Savings Plans Insights with the Azure Optimization Engine","conversation":{"__ref":"Conversation:conversation:4100750"},"id":"message:4100750","revisionNum":2,"uid":4100750,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" When adopting Azure commitments, customers face typically two types of challenges: 1) Estimating the quantities or amount to commit for – e.g., how many VM Reservations of a given size and region, what Saving Plan hourly commitment, and for how long? and 2) Reviewing how effective and efficient commitments have been – e.g., which resources have been leveraging a specific commitment, is a commitment fully consumed, how many savings have been achieved over a period? The Azure Optimization Engine (AOE) provides you with reporting that complements Azure-native tooling for your Azure commitment purchase decision and review processes. This article covers the several AOE Workbooks available for this purpose. \n \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":9721},"postTime":"2024-04-01T00:00:00.034-07:00","lastPublishTime":"2024-06-14T06:21:06.704-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Introduction \n \n Azure Reservations and Savings Plans commitments have been adopted by many customers with a predictable and steady Azure consumption to achieve considerable savings over on-demand prices. Depending on your on-demand Azure Compute consumption patterns, you may choose one over the other, or even have both working in tandem (see a comparison). \n \n When adopting Azure commitments, customers face typically two types of challenges: \n \n \n Estimating the quantities or amount to commit for – e.g., how many VM Reservations of a given size and region, what Saving Plan hourly commitment, and for how long? \n Reviewing how effective and efficient commitments have been – e.g., which resources have been leveraging a specific commitment, is a commitment fully consumed, how many savings have been achieved over a period? \n \n \n The Azure portal Reservations and Savings Plans user experience, together with Azure Advisor, the Cost Management Power BI App for EA and FinOps Hubs, provide great answers to some of the questions above. But if you need a more detailed analysis over your on-demand or commitment usage, the Azure Optimization Engine (AOE) provides you with additional reporting that complements Azure-native tooling for your Azure commitment purchase decision and review processes, based on a daily export of your Azure billing events to a Log Analytics workspace. On the sections below, we will cover the several AOE Workbooks available for this purpose. For guidance on how to install AOE in your environment, refer to the deployment instructions. \n \n \n Benefits Usage: an overview of Azure pricing models usage. \n Benefits Simulation: exploring different commitment scenarios. \n Reservations Potential: deep analysis of On-Demand VM sizes usage. \n Reservations Usage: deep analysis of your Reservations performance. \n Savings Plans Usage: deep analysis of your Savings Plans performance. \n \n \n For the sake of clarity, consider the short glossary below for some terms that are used throughout the article: \n \n \n Reservations – Refers to any type of Azure Reserved Instance, be it Virtual Machines, Storage, Cosmos DB, and others. See what Azure Reservations are. \n Savings Plans – Refers to any type of Azure Savings Plans. Currently, there are only Savings Plans for Compute, but other types may come up in the future. See what Azure Savings Plans are. \n Azure commitments – Refers to Azure consumption commitments customers can make to benefit from discounts. In the scope of this article the term comprehends Reservations and Savings Plans. \n On-Demand – Refers to Azure resources usage that is not covered by a commitment. It is also known as Pay-As-You-Go usage. \n \n \n Benefits Usage: an overview of Azure pricing models usage \n \n The Benefits Usage Workbook gives you an overview of how your Azure Virtual Machines (VMs) usage has been distributed across several pricing models (On-Demand, Reservations, Savings Plans, and Spot) over a period. The first tab shows you the pricing model proportion across all your VMs usage (in your billing currency). All Reservations and Savings Plan usage is presented at amortized prices, in the currency unit of your Azure consumption agreement. \n \n \n \n The Reservations tab allows you to compare your Reservations usage with scenarios in which the VMs were being consumed in other pricing models and understand what you are saving thanks to Reservations. Reservations usage is presented at Reservation prices (i.e., amortized cost). This means that, for example, if you see 17K USD for Reservation and 22K USD for On-Demand on a specific day, you are saving 5K USD for that day against the On-Demand prices (based on your price list). Likewise for the Reservation vs. Savings Plan comparison chart. You can use the 1-year vs. 3-years Reservation Term switch to get a savings estimate closer to your reality. If you have a mix of both Reservation terms in your environment, you will need to customize the Workbook to account for both in the same chart, though. \n \n \n \n The Savings Plans tab is similar in functionality to the Reservations one. It compares your Savings Plans usage against what the cost would be if the VMs were consumed as On-Demand. Likewise, you must set the Savings Plan Term switch to the term that is most used in your Savings Plans. \n \n \n \n The Spot tab is like the tabs discussed above. It compares your Spot usage (see what Spot VMs are) against what the cost would be if the VMs were consumed at On-Demand prices. \n \n \n \n The last tab analyzes On-Demand VM usage, projecting it as if you were making Savings Plans or Reservations commitments. The first chart shows you the actual hourly cost of On-Demand usage distribution across subscriptions. You can use it as a reference to compare with different Savings Plans commitment terms. \n \n \n \n \n The second chart shows the average hourly On-Demand usage in your currency (at Savings Plans prices) for each Azure subscription. For example, if the sum of all subscriptions On-Demand average hourly usage for a specific day is ~30 USD (let’s consider February 19 th in the first chart), you need a ~19 USD/hour (see same date in the chart below) Savings Plan commitment to totally cover the On-Demand usage for that day with Savings Plan discounts (see how Savings Plans discounts work). This chart depends on you setting the Savings Plan Term switch to the term that you would more likely use when buying a new Savings Plan. \n \n \n \n The last chart shows the average hourly On-Demand usage in vCPUs for each VM size family (at Reservation prices). Using an example from the chart sample below, if VM size family Dv5 in West Europe has 48 vCPUs of average hourly On-Demand usage, you need a Reservation commitment of 24 instances of the D2_v5 size (24x2=48 vCPUs) to fully cover its On-Demand usage with Reservation discounts. \n \n \n \n Benefits Simulation: exploring different commitment scenarios \n \n Now let us say you have a portion of your Virtual Machines on-demand usage you want to optimize with Azure commitments. Besides the built-in Reservations and Savings Plans purchase experience, which provides you with accurate purchase recommendations, you can also use the Benefits Simulation Workbook to confirm those recommendations with additional details or explore different commitment scenarios. The Workbook has two tabs – Savings Plans and Reservations. Both look at your On-Demand VM usage (grouped by subscription) and allow you to simulate a commitment scenario and analyze how much you would save based on the selected lookback period. \n \n For Savings Plans, you just need to select the commitment term and enter the amount of hourly usage, in the currency of your Azure consumption agreement. In the example below, despite having an hourly On-Demand usage of ~12 EUR across all subscriptions (at Savings Plans prices), we were conservative and entered a commitment of 5 EUR/hour for a 3-year term. Once we enter the value, the remaining charts are updated to reflect the estimated savings over the lookback period. In the example below, we would save a total of 1.98K EUR (around 70 EUR/day in a 30-day period). \n \n \n \n \n If we were less conservative and simulated a higher commitment, we could also see on which days the Savings Plans efficiency would have been less than 100%, potentially resulting in unused savings plans. \n \n \n \n It is important to note that these estimates only cater for Virtual Machines usage – other Savings Plans-eligible meter categories (App Service Plans, Container Instances, etc.) are not being considered. Also, if you are a customer that negotiated with Microsoft a considerable discount in On-Demand prices, it may happen that hourly usage at Savings Plans prices is more expensive than On-Demand (more likely in 1-year Savings Plans terms) – in this case, you would see a negative savings amount and percentage. \n \n For Reservations, we get a similar experience, but, now, instead of committing to an hourly usage amount, we commit to a VM size, region and whether we leverage Instance Size Flexibility (ISF) or not. VM sizes and regions are based on your on-demand usage. In the example below, we chose Standard B1ms VMs in West Europe, with ISF, for 3 years. Note that we did not select a quantity yet. The chart below shows what the VM sizes usage distribution (within the same ISF group) per day was. The amount of VMs of sizes other than B1ms is proportional to the core ratio. For example, a value of 11.4 for B4ms means that we need to commit for 11.4 B1ms instances to cover the B4ms (ratio 😎 needs. We can clearly see in the example below a pattern of lower usage on the weekends. Although we are using on average ~13 VMs across all sizes, a cautious approach would be to commit a lower amount of VMs that would be 100% consumed. \n \n \n \n \n If we go ahead and enter 7 VMs, the remaining charts will be populated with estimated savings, savings percentage, and commitment efficiency, similar to what we got in the Savings Plans tab. \n \n \n \n Reservations Potential: deep analysis of On-Demand VM sizes usage \n \n If you need a deeper analysis of your On-Demand VM usage with the goal of purchasing Reservations, you can leverage the Reservations Potential Workbook, which allows to explore each VM size (or ISF group) and region combination to get a usage profile over a lookback period. \n \n The workbook loads all VM sizes (or ISF groups) and regions, showing the average number of VMs that had On-Demand usage per day. When clicking on one of the lines, the remaining charts are populated with additional information, such as the Reservation potential for that selection and how On-Demand usage has evolved over the lookback period. \n \n \n \n VMs count for each ISF Group is proportional to the VM size with the lowest ratio (e.g., D2ads v5 has the lowest ratio for the Dadsv5 Series). The “Fragmentation” column gives a hint about the risk of having a Reservation being used only on small portions of the day. For example, in the above chart, the DSv2 Series has an average On-Demand daily usage of ~29 VMs but has “some to high” fragmentation. This means that the number of VMs for that size that had On-Demand usage was much higher, because many VMs were running only for a few hours per day and there is a substantial risk of ending with unused reservations. This is confirmed by the table below – a typical Databricks usage profile, with lots of short-lived instances. \n \n \n \n \n The Workbook also allows for setting a resource “Aggregator Tag” that groups On-Demand usage by the chosen VM tag (in the example below, the chosen aggregator tag had technology types as values). \n \n \n \n Reservations Usage: deep analysis of your Reservations performance \n \n After you committed to Reservations, it is important to keep an eye on how effective and efficient they have been. The Reservations Usage Workbook allows for that and helps you charging back Reservations usage by a specific cost center or resource owner. Unlike the other Workbooks, it is not exclusive to VMs. \n \n The first tab – “Reservations Usage Analysis” – lists all Reservations you purchased together with its usage percentage over the lookback period, the average discount over the on-demand price and how much you are saving (savings % = discount % – unused %). If the “Savings” column shows a low or negative value, then maybe you should plan for a Reservation exchange. \n \n \n \n When you click on the line for a specific reservation on the table above, additional charts are populated with information such as instance count usage over time (compared with the instances purchased), which instances have been consuming the Reservation, and usage grouping by a chosen aggregator tag. \n \n \n \n The second tab – “Usage by Tag”– allows you to list all Reservations usage by a chosen aggregator tag, which may be useful for charge back purposes (export to Excel is available also). In the example below, the chosen aggregator tag specifies the instance workload’s type. \n \n \n \n The third tab – “Full Usage Report” – allows you to list all Reservations performance data, with information like the first tab but with additional details, such as term, expiration date and remaining commitment (in the currency of your Azure consumption agreement). \n The last tab – “Unused Reservations Analysis” – provides you with insights into the causes for underperforming Reservations, with multiple perspectives, such as SKU or region, and with the option to export all the details per unused Reservation. \n \n \n \n Savings Plans Usage: deep analysis of your Savings Plans performance \n \n Finally, with the Savings Plans Usage Workbook you can get Savings Plans reporting capabilities like what you get with the Reservations Usage Workbook. It considers your Savings Plans hourly commitments and provides multiple perspectives over your Savings Plans performance, such as Savings Plans usage analysis, savings performance details, tag-based charge back, and unused Savings Plans analysis. \n \n \n \n Final considerations \n \n This article covered multiple Azure commitment insights reporting solutions made available by deploying the Azure Optimization Engine (AOE). These solutions are meant to be complementary to the Azure-native ones, not a replacement. Furthermore, given the nature of AOE, which depends on a well-functioning billing events ingestion pipeline, there may be data accuracy problems due to upstream issues. It is also important to note that Reservations and Savings Plans purchase simulations are based on average hourly On-Demand usage observations, which may not reflect your real usage profile during the day in highly dynamic workloads (Azure Advisor commitment recommendations are always the most reliable source of truth). As a general advice, start small with your commitments (less than what is suggested by tools), observe their positive impact on your Azure bill, and gradually increase commitments to achieve the optimal savings with confidence. \n \n Special thanks to Gregor Wohlfarter for his thorough review and suggestions. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"14618","kudosSumWeight":3,"repliesCount":7,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ2OWlEODE0RTE2QjgzMjNDQTVD?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3MWk4RkRGOEM5RDFEOTYxRjVD?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3Mmk2ODRCNTY3MjBFM0Q3N0I4?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3MGkxODQ1RDVBRjVFRThCQzE5?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3M2lFRTUyRjkzN0M3MEM0OTIy?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NGk5RTRBMjVGN0VFMTc4RUM1?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NWkzRjAyRjUxMThDM0E0MUU2?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDg","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3N2kzRDE2QTI0NUE0QzRBMThB?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDk","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3OGk5RkY5QjIxNjFGOURGNEND?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDEw","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3NmlBRjUyODYyOTlBODMwN0M0?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDEx","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ3OWlGMjdGRUQwNzE4NDJDM0ZF?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDEy","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MWkzRTExOEE0NEEyODFGRTNG?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDEz","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MGlGMzM0MDQ2RjRFRjk1MUNG?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE0","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4MmkxNTc2MTk2ODZGODI0RkQ0?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE1","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4M2kzMDVGQkQzMEEwMDU0RDc0?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE2","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4NGlGMEQ4OTE2RTkxMzc0NzI3?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE3","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4N2lDOUZEN0FDQTI5M0Q2MDU0?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE4","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4Nmk3MUNCREFCNjkyQ0RERkNC?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE5","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4NWkxQUE3N0UyMUZEOTk4MzBB?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDIw","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MTAwNzUwLTU2NjQ4OGk5QjE3MDA3RTdFNUYwNUU0?revision=2\"}"}}],"totalCount":20,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:3658927":{"__typename":"Conversation","id":"conversation:3658927","topic":{"__typename":"BlogTopicMessage","uid":3658927},"lastPostingActivityTime":"2024-03-12T06:50:23.185-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgxOGk1RTJFNkNCMUQzNEQyOUNB?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgxOGk1RTJFNkNCMUQzNEQyOUNB?revision=1","title":"01-enabling-diagnostic-settings.png","associationType":"TEASER","width":886,"height":341,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyN2lCODE2MEMzRTA2RTRENDlD?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyN2lCODE2MEMzRTA2RTRENDlD?revision=1","title":"01-enabling-diagnostic-settings.png","associationType":"BODY","width":886,"height":341,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyNWlBRjE4NDlDNTJBMERFOUQ4?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyNWlBRjE4NDlDNTJBMERFOUQ4?revision=1","title":"02-key-vault-record-size.png","associationType":"BODY","width":559,"height":180,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyOWkyMzQyNjFCMTVEMzZDQUM2?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyOWkyMzQyNjFCMTVEMzZDQUM2?revision=1","title":"03-key-vault-metrics.png","associationType":"BODY","width":886,"height":377,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzMWk5OTI3NjFBMzgyODIyMzFG?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzMWk5OTI3NjFBMzgyODIyMzFG?revision=1","title":"04-key-vault-insights.png","associationType":"BODY","width":886,"height":672,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzMmlFQ0MxM0MzRThFOEMyRjlG?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzMmlFQ0MxM0MzRThFOEMyRjlG?revision=1","title":"05-prometheus-query.png","associationType":"BODY","width":842,"height":218,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzM2k5MERGQTM4NTM0Qjg4MkY5?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzM2k5MERGQTM4NTM0Qjg4MkY5?revision=1","title":"06-aks-record-size.png","associationType":"BODY","width":508,"height":291,"altText":null},"BlogTopicMessage:message:3658927":{"__typename":"BlogTopicMessage","subject":"Estimating Azure Diagnostics Cost","conversation":{"__ref":"Conversation:conversation:3658927"},"id":"message:3658927","revisionNum":1,"uid":3658927,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Azure resource logging (with Azure Diagnostics) is recommended as part of the Operational Excellence and Security pillars of the Well Architected Framework. Furthermore, you’ll also increase your Azure Secure Score, as enabling auditing and logging is one of the assessed controls of your security posture. This blog post helps you estimate the cost of enabling Azure Diagnostics at scale. \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":12435},"postTime":"2022-10-24T00:00:00.049-07:00","lastPublishTime":"2022-10-24T00:00:00.049-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Introduction \n \n There are many good reasons to enable Azure Diagnostics on your Azure PaaS resources, for example, auditing who has been accessing a Key Vault, troubleshooting failed requests to a Storage Account, doing a forensics analysis to a compromised Azure SQL Server, etc. Azure resource logging is recommended as part of the Operational Excellence and Security pillars of the Well Architected Framework. Furthermore, you’ll also increase your Azure Secure Score, as enabling auditing and logging is one of the assessed controls of your security posture. \n \n Azure customers mostly prefer to enable Azure Diagnostics at scale and ensure recommended best practices are always applied. Among the several deployment options, implementing Azure Policy is the preferable strategy. There are many built-in DeployIfNotExists policies for each Azure resource type. The effort of this is almost negligeable. \n \n “OK, I got it, but how much will this cost?”, you may certainly ask. This is a perfectly valid question and it’s something my customers ask over and over, each time I recommend them to enable Azure Diagnostics at scale for a specific resource type. This post is an attempt to teach you how to estimate your Azure Diagnostics costs, before you deploy it at scale. \n \n Strategy \n \n Azure Diagnostics is priced differently, depending on the type of destination you select for your logs – Log Analytics, Storage Account, Event Hubs or a partner solution. For the sake of simplicity and assuming Log Analytics is the preferred destination type (easiest and integrated way of consuming your logs), this post focuses on Log Analytics ingestion costs, but the principles described here apply to the other destination types as well, because, at the end, your Azure Diagnostics costs will always be proportional to the volume of data sent to the chosen destination. \n \n Being Log Analytics billed for ingestion volume (in GB) and retention volume (GB/month after 31 days of free retention), we must first determine what is the typical size of a log entry for the resource we are going to enable Azure Diagnostics in. Secondly, by leveraging Azure Monitor metrics or other metrics provider, we calculate how many logging entries our resources will potentially generate per month. Depending on the resource type, we need to identify which metric gives us this information. Having the estimated entries per month and log entry size at hand, we can easily get a gross estimate of the costs, with this generic formula: entries per month * approximate log entry size * (ingestion cost + non-free retention cost). \n \n As examples, we’ll use Key Vault, AKS and SQL Server audit events. The principles described here apply to other Azure resource types as well. All the cost estimates done in this article are done using the West Europe PAYG retail price in EUR from the Azure Monitor Pricing page. \n \n Key Vault audit logs cost \n \n Let’s start with the simplest one! Azure Key Vault currently supports two different log categories and we’re looking here at the most used one – Audit Logs. \n \n \n \n How do we know the typical size of a Key Vault Audit Log entry? This article gives you a hint about the approximate size, but expect some variation, as your Key Vault may generate slightly larger or smaller entries, depending on the Key Vault name, resource group, client agent or request string lengths. The best way to estimate a log entry size is to enable Diagnostic Settings in a single representative Key Vault and then run this query in the Log Analytics workspace you chose as destination: \n \n AzureDiagnostics\n| where Category == 'AuditEvent' and TimeGenerated > ago(30d)\n| summarize percentile(_BilledSize, 95), round(avg(_BilledSize)) \n \n You’ll get results close to this: \n \n \n \n This means that 95% of the audit log entries of the past 30 days were at most 931 bytes in size and a log entry is on average 912 bytes long. Depending on how conservative you are, you’ll choose one or the other value (or somewhere in the middle). You may ask how I knew which Log Analytics table and Diagnostic Logs category to query. With some exceptions, Azure Diagnostics are written in the AzureDiagnostics table. The log categories for each resource type are documented here. \n \n Now, let’s calculate the amount of Key Vault audit log entries our environment is potentially generating each month. In the Metrics blade of a Key Vault resource, we have several metrics available. One of them is “Total Service Api Results”, which gives you the number of requests to your Key Vault and which will ultimately generate a log entry (see an example in the picture below, where a specific Key Vault got 2.54 K requests in the last month). \n \n \n \n While this approach is viable when you have only a few resources, it does not scale well when you have tens or hundreds of resources. An alternative, more scalable solution is to look at the Key Vault Insights blade in Azure Monitor. You can see per subscription aggregates and thus easily get an insight about how many Key Vaults requests your environment is getting overall every month (81, in the example below). \n \n \n \n OK, we know each log entry is about 912 bytes long and assuming our environment gets a hypothetical 1 million requests per month across all Key Vaults, we have 1M * 912 bytes = 0,85 GB of data ingested into Log Analytics per month. Assuming we’ve set the Log Analytics retention to 90 days, we have: \n \n \n Ingestion costs: 0,85 * 2.955 EUR = 2.51 EUR \n Retention costs (31 days free): 0,85 * 2 months * 0.129 EUR = 0.22 EUR \n \n As you see, it’s an easy estimate to do and, unless you have lots of Key Vaults being hit hard, the Log Analytics costs will normally be low. \n \n Azure Kubernetes Service (AKS) audit events cost \n \n AKS diagnostic logs are divided into several categories with different purposes, ranging from logging generated by requests being handled by the Kubernetes API Server to scheduler or storage drivers logs. You can find more details in the AKS documentation. Estimating the costs of each log category is not a simple task. To make things a bit less difficult, we’re focusing on one of the most popular categories - kube-audit -, which logs audit events that were exported from the Kubernetes API Server and is especially relevant from the point of view of cost analysis and estimation. \n \n If we had an Azure Monitor metric for AKS that exposed the total number of audit events generated by the API Server, our estimates would be very simple to achieve. But, alas, that’s not the case. The only metric available for the AKS API Server is “Inflight Requests”, which gives us an idea of the load on the API Server but is not helpful in extrapolating the number of audit events at a given time interval. Unfortunately, the Azure Monitor Containers Insights solution is not of help either, as it does not surface API Server metrics. \n \n We have therefore to use other tools to directly access the metrics exposed by the Kubernetes API Server. For example, we can collect those metrics with the help of Prometheus – see this article for a very simple and quick Prometheus deployment on your AKS cluster – and query for the apiserver_audit_event_total counter. \n \n After having set up Prometheus in my cluster and let it collect metrics for at least one week, I port forwarded the Prometheus Graph endpoint (see instructions in the above-mentioned article) and wrote the PromQL query below to get the approximate amount of audit events that occurred in a 7-days timeframe. \n \n rate(apiserver_audit_event_total[7d] offset 12h) *7*24*60*60 \n \n \n \n In the query above, I had to use the rate function to account for counter resets and added a 12-hours offset to be sure my recent unusual activity in the cluster wasn’t influencing the results. The rate function gives me the per-second rate of the counter, so I had to multiply the result by the number of seconds in a week. \n \n However, making a correlation between this number and what we can expect to have as log entries in Log Analytics is not straightforward, because it depends on the Prometheus configuration and on the Kubernetes Audit policy that is in place. Using the default Prometheus setup described in the article above and enabling kube-audit Azure Diagnostics for a few days in my AKS clusters, I consistently got a 70-80% relation between Prometheus metrics and Log Analytics log entries. For example, for each 10K Log Analytics entries, I had 7-8K audit events measured by Prometheus. Please, do not blindly follow these numbers and do your own diagnostics tests for a short period of time in a representative cluster. If you can’t access API Server metrics, you can simply try to extrapolate the numbers you got from the diagnostics test and assume that other AKS clusters have potentially X or Y percent more/less audit events – this approach is much more error prone, of course. \n \n Finally, having at hand the number of audit events per month, we must do the usual math, based on the average size of each log entry. In my lab, using a cluster without any workload other than Prometheus, the average log entry size was about 2 KB. \n \n \n \n For example, with 10 M audit events per month representing 12.5 M Log Analytics entries, let’s assume I have 5 AKS clusters in total and all of them show the same audit events metrics counts. This means I will have 62.5 M log entries * 2KB = 199 GB per month, and thus: \n \n \n Ingestion costs: 199 * 2.955 EUR = 351.65 EUR \n Retention costs (31 days free): 199 * 2 months * 0.129 EUR = 51.34 EUR \n \n \n SQL Server Auditing cost \n \n This is one the toughest, but we won’t give up, as it’s always possible to do some overall estimate, despite the high error proneness. And why is it so difficult to estimate SQL Server Auditing costs? For two main reasons: 1) each SQL Database has a different schema and is subject to a different load, with different querying behavior; 2) there isn’t a reliable metric or set of metrics in SQL Server that can help us identify how many auditable operations are happening in each moment or timespan. \n \n Azure SQL Server Auditing logs can be very verbose, as they include by default many details of the operations, including the SQL statements. You can and should review the auditing policy that is defined in the Azure SQL Server instance, so that you have more control over what is logged. \n \n Having said that, the only (still unreliable) option to do some estimates is to enable SQL Auditing in an Azure SQL Server instance or database, for a few days, and then try to extrapolate the log volume to other instances of your environment. \n \n Conclusion \n \n Accurately estimating Azure Diagnostics costs can be either very easy or almost impossible. It will depend on the resource type you are monitoring. I hope this article gave you some references and food for thought for your estimations! Happy monitoring! \n \n A special thanks to Alexandre Vieira for reviewing this article. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"11322","kudosSumWeight":4,"repliesCount":1,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgxOGk1RTJFNkNCMUQzNEQyOUNB?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyN2lCODE2MEMzRTA2RTRENDlD?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyNWlBRjE4NDlDNTJBMERFOUQ4?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgyOWkyMzQyNjFCMTVEMzZDQUM2?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzMWk5OTI3NjFBMzgyODIyMzFG?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzMmlFQ0MxM0MzRThFOEMyRjlG?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zNjU4OTI3LTQxNDgzM2k5MERGQTM4NTM0Qjg4MkY5?revision=1\"}"}}],"totalCount":7,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:4051716":{"__typename":"Conversation","id":"conversation:4051716","topic":{"__typename":"BlogTopicMessage","uid":4051716},"lastPostingActivityTime":"2024-02-14T06:18:57.203-08:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MDUxNzE2LTU0OTkwNGkyRUMzRjgxOUIyNzM0NkQ1?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MDUxNzE2LTU0OTkwNGkyRUMzRjgxOUIyNzM0NkQ1?revision=2","title":"azure-update-management-staged-deployments-v2.jpg","associationType":"TEASER","width":887,"height":353,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MDUxNzE2LTU0OTkwNmlFOUMyOTk0MjRFQ0I2N0VE?revision=2\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MDUxNzE2LTU0OTkwNmlFOUMyOTk0MjRFQ0I2N0VE?revision=2","title":"hspinto_0-1707336860910.jpeg","associationType":"BODY","width":887,"height":353,"altText":null},"BlogTopicMessage:message:4051716":{"__typename":"BlogTopicMessage","subject":"Test your Patches! A Staged Patching Solution with Azure Update Manager","conversation":{"__ref":"Conversation:conversation:4051716"},"id":"message:4051716","revisionNum":2,"uid":4051716,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" A common challenge faced by most enterprise organizations who, hopefully, automate their operating systems patching cycles is to ensure that only the Windows and Linux packages updates that were tested in dev/test pre-production environments reach production machines. This article is for those readers who have been implementing automated, scheduled patching with Azure Update Manager and now want to put into practice a staged patching solution following good patching reliability practices. \n \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":10299},"postTime":"2024-02-12T00:00:00.031-08:00","lastPublishTime":"2024-02-14T06:17:25.904-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" A common challenge faced by most enterprise organizations who, hopefully, automate their operating systems patching cycles is to ensure that only the Windows and Linux packages updates that were tested in dev/test pre-production environments reach production machines. This article is for those readers who have been implementing automated, scheduled patching with Azure Update Manager and now want to put into practice a staged patching solution following good patching reliability practices. Keep tuned and read the solution my colleague Wiszanyel Cruz and myself have developed and helped put it in place for some customers. \n \n Azure Update Manager Staged Patching with Azure Automation \n \n With a staged patching solution, OS updates are first deployed in a test environment and are later deployed in pre-production and production environments, ensuring the latter environments only get the specific updates initially deployed in the test environment. With this approach, you significantly decrease the chances of having an OS update breaking a production system. \n \n The typical setup of staging patching can be as follows: \n \n \n Dev/Test machines of a specific OS type/version are recurrently patched (e.g., every few weeks) for all update classifications (stage 0). \n Each Dev/Test patch cycle ends with a specific set of updates (e.g., specific Windows KB IDs or Linux package versions) that were successfully installed across all Dev/Test machines. \n Pre-production machines are patched a few days later (stage 1) with the specific updates that were deployed in Dev/Test (stage 0). \n Production machines are patched one or two weeks later (stage 2) with the same updates that were deployed and tested in Dev/Test (stage 0) and Pre-Production (stage 1). \n \n \n This staged patching approach can be implemented with the help of the Create-StagedMaintenanceConfiguration.ps1 PowerShell script, which runs after stage 0 and automates stages 1 and 2. This script can be, for example, deployed as an Azure Automation Runbook scheduled to run after the Dev/Test recurrent update cycle (see diagram below). It works for both Windows and Linux scenarios (Azure VMs and Azure Arc-enabled servers). \n \n \n \n \n Recommended staged patching strategy \n \n The value of a staged patching solution is to ensure that patches deployed in a production environment are previously tested in non-production environments. The more consistent and repeatable the patching workflow is, the more confidence you have in the patches that reach production. For this reason, it is recommended to define maintenance configurations specifically for each OS version and ensure further stages are applied only to machines of the same OS version. For example, if your environment has a mix of Windows 2016, Windows 2019, Ubuntu 20.4, and Ubuntu 22.4 servers, you should define four different staged patching workflows, one for each OS version. With this approach, for example, Windows 2019 production machines will only get patches that were tested in similar Windows 2019 non-production machines and, similarly, Ubuntu 20.4 production servers will only get package updates that were tested on Ubuntu 20.4 non-production servers. \n \n Tagging is your best friend in this strategy. By tagging your servers according to their OS version and patching stage, it will be easier to dynamically define the scope of a specific patching stage. Continuing with the example above, your servers can be tagged as follows: \n \n \n An aum-stage tag for each of the patching stages (e.g., aum-stage=dev, aum-stage=preprod, aum-stage=prod, aum-stage=prod-ha-instance1, aum-stage=prod-ha-instance2, etc.). \n An os-name tag for each of the OS versions of your environment (e.g., os-name=windows2016, os-name=windows2019, os-name=ubuntu20, os-name=ubuntu22, etc.) \n \n \n You can choose whatever tagging strategy that meets your staged patching requirements, provided you end up with a predictable patching workflow. Once you have tagged all your servers according to their stage in the different patching workflows, you must define a stage 0 recurring Maintenance Configuration (e.g., for servers tagged aum-stage=dev), for each of the OS versions. For the next stages, you have two options to leverage this solution: \n \n \n Schedule the Create-StagedMaintenanceConfiguration runbook to run after stage 0 (e.g., the next day) and configure it to create/update all the next stages (e.g., stages 1, 2, etc.) based on the results of stage 0. \n Chain all the stages to each other, by scheduling the Create-StagedMaintenanceConfiguration runbook for each of the stages before production:\n \n After stage 0, create/update stage 1 based on the results of stage 0 \n After stage 1, create/update stage 2 based on the results of stage 1 \n etc. \n \n \n \n \n IMPORTANT: you must ensure the last stage (production) is not scheduled after the next iteration of the phase 0 stage, otherwise you will end up having the production Maintenance Configuration overwritten with a new schedule/patch selection before it is deployed. Also, bear in mind that, as Azure Resource Graph keeps the patching results history for up to 30 days, your updates cycle must not exceed this interval. \n \n Validating the quality of the patching stages before production is one important perspective not addressed by this solution. It is not sufficient to patch dev/test servers - we must ensure the patches pass minimum quality tests before reaching production. At this moment, you must run a parallel process that performs this validation (e.g., automated tests running in the patched servers). With the support for post-maintenance tasks in Azure Update Manager, you can integrate quality assurance in this solution. \n \n Pre-requisites \n \n \n The machines in the scope of this solution must be supported by Azure Update Manager and fulfill its pre-requisites. \n The machines in the scope of this solution must have the Customer Managed Schedules patch orchestration mode, a pre-requisite for scheduled patching. \n At least one recurrent scheduled patching Maintenance Configuration covering a part of the machines in scope. As this maintenance configuration will serve as the reference for the following patching stages, it should be assigned to non-production machines and, ideally, recur every few weeks. See the above recommendations for an effective patching strategy. \n An Azure Automation Account with an associated Managed Identity (can be a system or user-assigned identity) and the following modules installed: Az.Accounts, Az.Resources, and Az.ResourceGraph. This solution is based on an Automation Account, but you can use other approaches, such as Azure Functions. \n The Automation Account Managed Identity must have the following minimum permissions (as a custom role) on the subscription where the reference maintenance configuration was created:\n \n */read \n Microsoft.Maintenance/maintenanceConfigurations/write \n Microsoft.Maintenance/configurationAssignments/write \n Microsoft.Resources/deployments/* \n \n \n \n \n Setup instructions \n \n \n Ensure your Azure VMs and Azure Arc-enabled servers are tagged according to the staged patching strategy you defined (see above). Use tags to group your servers according to their patching phase and OS version. \n Create a recurrent scheduled patching Maintenance Configuration for Phase 0 of each OS version in your environment. See instructions here. Assign this Maintenance Configuration to the servers that will serve as the initial testbed for your patches. You can assign servers either directly to the Maintenance Configuration or dynamically, with a Dynamic Scope. \n Create or reuse an Azure Automation Account. \n Install all required Automation Account modules (Az.Accounts and Az.Resources are usually built-in, but Az.ResourceGraph is not). See here how to install additional modules. \n Assign a Managed Identity to the Automation Account and grant it the required privileges (see pre-requisites above). \n Import the Create-StagedMaintenanceConfiguration.ps1 Runbook into the Automation Account, by following these steps. Download the runbook first to your local machine. The runbook must be configured as PowerShell 5.1. Do not forget to publish the runbook (draft runbooks cannot be scheduled). \n Create an Azure Automation schedule for each of the Phase 0 Maintenance Configurations (one per OS version). The schedule must have the same frequency as the Maintenance Configuration it refers to, with at least an 8-hour offset. For example, if the Maintenance Configuration is scheduled on Mondays, every 2 weeks at 8:00 p.m., then the respective Azure Automation schedule should be scheduled on Tuesdays, every 2 weeks at least at 4:00 a.m. \n Link the Create-StagedMaintenanceConfiguration runbook to each of the schedules and specify its parameters according to the instructions below. To obtain the Maintenance Configuration ID, check the \"Properties\" blade of the Maintenance Configuration. \n (Optional) If you prefer to adopt a more conservative chained staged approach, you need to create additional schedules (for further stages before production) and link them to the same runbook. In this case, you will have to anticipate the Maintenance Configuration IDs that will result from the previous stages' executions, which will be in the form /subscriptions/<phase 0 maintenance configuration subscription ID>/resourceGroups/<phase 0 maintenance configuration resource group>/providers/Microsoft.Maintenance/maintenanceConfigurations/<previous stage name>. \n \n \n Pre- and post-maintenance tasks \n \n Pre- and post-maintenance tasks in Azure Update Manager follow an event-based architecture, in which you subscribe to events coming from a system topic associated to the Configuration Maintenance, and use, for example, an Azure Automation runbook or Azure Function as the destination of the event. You can learn more about how to configure pre- and post-maintenance tasks in the Azure Update Manager pre and post events overview, and on the how-to guide and tutorials for Azure Automation- and Azure Functions-based tasks. You can find in our Azure Update Manager Tools code repository a code sample for one of the pre- and post-maintenance scenarios: turn machines on with Start-StagedMaintenanceVMs.ps1 and turn them off with Deallocate-StagedMaintenanceVMs.ps1. \n \n NOTE: the staged patching solution here described does not propagate pre- and post-maintenance tasks coming from the reference maintenance configuration to the following stages, but you can manually configure them once the subsequent stages have been created for the first time. \n \n Create-StagedMaintenanceConfiguration script parameters \n \n The Create-StagedMaintenanceConfiguration.ps1 PowerShell script receives the following parameters: \n \n \n MaintenanceConfigurationId: Azure Resource Manager ID of the Maintenance Configuration to be used as a reference to create maintenance configurations for further stages \n NextStagePropertiesJson: JSON-formatted parameter that will define the scope of the next maintenance configurations, with the schema described in detail and followed by a JSON sample you can check in our code repository. \n \n \n Once you have followed the setup instructions, you should see new maintenance configurations showing up in your environment for each of the stages you specified as parameters. Happy and well-tested patching! 😊 \n \n Disclaimer \n \n This solution is not supported under any Microsoft standard support program or service. The scripts are provided AS IS without warranty of any kind. The entire risk arising out of the use or performance of the scripts and documentation remains with you. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"11900","kudosSumWeight":3,"repliesCount":2,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MDUxNzE2LTU0OTkwNGkyRUMzRjgxOUIyNzM0NkQ1?revision=2\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS00MDUxNzE2LTU0OTkwNmlFOUMyOTk0MjRFQ0I2N0VE?revision=2\"}"}}],"totalCount":2,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:3068613":{"__typename":"Conversation","id":"conversation:3068613","topic":{"__typename":"BlogTopicMessage","uid":3068613},"lastPostingActivityTime":"2023-11-02T11:06:07.769-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyMWlGNzBDQTJGRjU1M0MxOTFE?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyMWlGNzBDQTJGRjU1M0MxOTFE?revision=4","title":"identities-roles-01-teaser-v2.png","associationType":"TEASER","width":752,"height":359,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyMmlBMEE5RjJGOEZDMTFFQjZG?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyMmlBMEE5RjJGOEZDMTFFQjZG?revision=4","title":"identities-roles-01-v2.png","associationType":"BODY","width":1309,"height":367,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyM2lBMzM4QkE4ODgyODdCM0M0?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyM2lBMzM4QkE4ODgyODdCM0M0?revision=4","title":"identities-roles-02-v2.png","associationType":"BODY","width":1427,"height":564,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTQ5Mmk2OEZFRTc3NTA5RUVBQTUz?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTQ5Mmk2OEZFRTc3NTA5RUVBQTUz?revision=4","title":"identities-roles-03.png","associationType":"BODY","width":1367,"height":503,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTQ5NmkzNTIyMkNGMjI2NzRENERE?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTQ5NmkzNTIyMkNGMjI2NzRENERE?revision=4","title":"identities-roles-04.png","associationType":"BODY","width":1328,"height":484,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyNGk4QTUwQzNFMkUwQzFDNTFB?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyNGk4QTUwQzNFMkUwQzFDNTFB?revision=4","title":"identities-roles-05-v2.png","associationType":"BODY","width":1499,"height":377,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyN2lFQjgxQUZFREM0OUY4MDg4?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyN2lFQjgxQUZFREM0OUY4MDg4?revision=4","title":"identities-roles-06-v2.png","associationType":"BODY","width":1561,"height":540,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyOGlCNTY4MTE2RTRDNEI0NjIw?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyOGlCNTY4MTE2RTRDNEI0NjIw?revision=4","title":"identities-roles-07-v2.png","associationType":"BODY","width":1114,"height":302,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTUwMWlENkI0RUI4NTdFMjk0OUMw?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTUwMWlENkI0RUI4NTdFMjk0OUMw?revision=4","title":"identities-roles-08.png","associationType":"BODY","width":875,"height":444,"altText":null},"BlogTopicMessage:message:3068613":{"__typename":"BlogTopicMessage","subject":"Azure Identities and Roles Governance Dashboard At Your Fingertips","conversation":{"__ref":"Conversation:conversation:3068613"},"id":"message:3068613","revisionNum":4,"uid":3068613,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" I am writing about Azure Identities and Roles and how the Azure Optimization Engine can help you gain better visibility about your Azure users and applications as well as the roles they own both in Azure and Microsoft Entra. I built a solution that periodically exports to Log Analytics all Microsoft Entra identities (users, groups, and applications) and the roles they own in Azure and Microsoft Entra. With this information available in an easily queryable repository, we can build an interesting Azure Monitor Workbook \n ","introduction":"","metrics":{"__typename":"MessageMetrics","views":20783},"postTime":"2022-01-24T00:00:00.051-08:00","lastPublishTime":"2023-11-02T11:06:07.769-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" \n Hello, dear readers! My name is Hélder Pinto, I am an Azure Infra Cloud Solution Architect based in Portugal, working mostly with customers in Western Europe, and I am back here to share with you some useful tools to help you better manage your Azure Infrastructure. Today, I am writing about Azure Identities and Roles and how the Azure Optimization Engine can help you gain better visibility about your Azure users and applications as well as the roles they own both in Azure and Microsoft Entra. \n \n The problem \n \n How many times have you asked yourself: \n \n \n How many Owners do we have across our Azure subscriptions or how many Global Administrators do we have in our Microsoft Entra tenant? \n Which roles does user X or application Y have in Azure and Microsoft Entra ID? \n How many Microsoft Entra service principals do we have, and which roles do they have in Azure and Microsoft Entra ID? \n Do we have service principals with credentials that are about to expire and break some application? \n Do we have service principals with credentials that are not rotated, i.e., expiring very far in the future, and pose a security risk (for example, someone leaves the company and takes those highly privileged credentials with her/him)? \n For how long user X or application Y has had this specific role assigned? \n \n \n Answering these questions is not straightforward, especially if you have an Azure environment made of tens of subscriptions and thousands of users and service principals. The Azure portal exposes all this information, but it is not designed to answer these questions at scale and in a centralized way. For this reason, I built a solution that periodically exports, to a Log Analytics workspace, all Microsoft Entra identities (users, groups, and applications) and the roles they own in Azure and Microsoft Entra ID. With this information available in an easily queryable repository, we can build an interesting Azure Monitor Workbook such as the one I’ll describe in the next paragraphs. At the end, I’ll tell you how to deploy this solution. \n \n Identities and Roles Workbook \n \n The Identities and Roles Workbook starts with summary header displaying the Microsoft Entra ID objects count as well as a count of roles these objects have both in Azure and Microsoft Entra ID. \n \n \n \n The workbook is then divided into three main tabs, dedicated to the following perspectives: Microsoft Entra application credentials, Microsoft Entra ID roles and Azure Resource Manager roles. Looking at the first one, inside the Microsoft Entra ID Credentials tab, we find other three sub-tabs, with the first one dedicated to application credentials that are about to expire. The expiration time range is adjustable as a filter. If you click on a specific credential, you can also verify which Microsoft Entra/Azure RM roles and scope this credential has. \n \n \n \n The next tab is about credentials that will not expire anytime soon and thus pose a security risk, as they’ll not be rotated often enough. If any of those credentials owns a role in Microsoft Entra/Azure RM, you’ll see a warning sign and you’ll be able to know more by clicking on the credential record. \n \n \n \n The last sub-tab of the Microsoft Entra ID Credentials section is dedicated to credentials that have already expired and that may be breaking some application or may not be needed anymore and thus can be deleted. \n \n \n \n Moving on to the Microsoft Entra ID Roles main tab, we’ll find all the directory objects that have some role in Microsoft Entra. You can filter by role or by object type (Service Principal or User). As you can see in the screenshot below, only currently assigned roles can be used as filter. \n \n \n \n When you click on an object/role record, you can check for how long that role has been granted. This information depends on the History Range filter you chose and, of course, on the data retention settings you defined for the Log Analytics workspace. For many views in this workbook, you can also export the results as an Excel file. \n \n \n \n The last tab is dedicated to Azure Resource Manager roles. It will show you every single role that is assigned to users and service principals, no matter the scope (Management Group, Subscription, or even more granular scopes). In this view, as well as in the Microsoft Entra ID Roles view, you can search for a specific term, such as a username. If the user or the service principal has an indirect role assignment coming from an Microsoft Entra ID group assignment, you’ll also see that indication and the respective group name in the Assignment column. \n \n \n \n If we were directly querying the Microsoft Graph or the Azure RM APIs to collect all this information, the workbook would take ages to load and would probably fail in larger environments. Bringing this information into a Log Analytics workspace makes things much easier to query or visualize and provides you with the capability of getting richer insights, such as easily correlating data or getting an historical perspective of how your identities and roles evolve over time. \n \n How to deploy the solution \n \n To get the Identities and Roles workbook, you must deploy the Azure Optimization Engine (AOE), a free monitoring and governance tool that does much more than just collecting identities and roles data. It only needs a few, cheap Azure resources to run (Log Analytics workspace, Automation Account, Storage Account, and a small SQL Database) and it brings you lots of recommendations and can even be used to automate remediation. If you just want the Identities and Roles workbook, you can simply disable the unrelated Automation schedules and keep the costs down to less than a couple of USD/month for an environment with 10K objects and 10K role assignments. \n OK, to deploy AOE, you must go ahead and download or clone the repository from GitHub and run the deployment script. You have detailed instructions in the project page, but these can be summarized as follows: \n \n \n Open the Azure Cloud Shell (PowerShell) from a user account that can grant a role to others in Microsoft Entra (e.g., Global Administrator or Privileged Role Administrator) and in the Azure subscription you choose to host the Azure Optimization Engine (Owner role). Then execute the instructions in the next steps. \n git clone https://github.com/helderpinto/AzureOptimizationEngine.git azureoptimizationengine \n cd azureoptimizationengine \n Install-Module Microsoft.Graph.Authentication,Microsoft.Graph.Identity.DirectoryManagement \n .\\Deploy-AzureOptimizationEngine.ps1 \n Input your deployment options and let the deployment finish (it will take less than 5 minutes) \n \n \n After the deployment, you’ll have to wait for the Automation jobs to complete, so that the information from your Azure environment starts flowing into the Log Analytics workspace. After a couple of hours, you should be able to open the Identities and Roles Workbook from the Log Analytics workspace you used for the Azure Optimization Engine. This data is updated once every 24 hours and is kept in your workspace for as long as the retention period you configured. \n \n \n \n Limitations \n \n Due to memory restrictions on the Azure Automation sandboxes, if your Microsoft Entra ID tenant has more than 50K users, groups or applications, the Microsoft Entra ID exports jobs may be suspended and you will end up with incomplete information. To work around this limitation, you must implement Azure Automation Hybrid Worker and schedule your jobs to run in a Hybrid Worker group with more compute resources. \n \n Extensibility \n \n As this solution is based on two custom Log Analytics tables (AzureOptimizationAADObjectsV1_CL and AzureOptimizationRBACAssignmentsV1_CL), you can extend it to whatever are your needs, such as creating Azure Monitor alerts (e.g., for new role assignments that have been granted in the past 24h, for credentials that are about to expire, etc.), creating new views over the data or extending the Identities and Roles Workbook with more perspectives. Contributions are welcome! Just fork the AOE repository and then submit a pull request! \n \n Disclaimer \n \n The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"9326","kudosSumWeight":12,"repliesCount":30,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyMWlGNzBDQTJGRjU1M0MxOTFE?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyMmlBMEE5RjJGOEZDMTFFQjZG?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyM2lBMzM4QkE4ODgyODdCM0M0?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTQ5Mmk2OEZFRTc3NTA5RUVBQTUz?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTQ5NmkzNTIyMkNGMjI2NzRENERE?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyNGk4QTUwQzNFMkUwQzFDNTFB?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyN2lFQjgxQUZFREM0OUY4MDg4?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDg","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTUyMTcyOGlCNTY4MTE2RTRDNEI0NjIw?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDk","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zMDY4NjEzLTM0MTUwMWlENkI0RUI4NTdFMjk0OUMw?revision=4\"}"}}],"totalCount":9,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:3886437":{"__typename":"Conversation","id":"conversation:3886437","topic":{"__typename":"BlogTopicMessage","uid":3886437},"lastPostingActivityTime":"2023-07-31T00:00:00.034-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODg2NDM3LTQ5MzI2M2kzQkU4NzkwNTREQzU1Q0Uw?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODg2NDM3LTQ5MzI2M2kzQkU4NzkwNTREQzU1Q0Uw?revision=1","title":"agents.png","associationType":"TEASER","width":245,"height":220,"altText":null},"BlogTopicMessage:message:3886437":{"__typename":"BlogTopicMessage","subject":"Deploying Microsoft Defender for Servers in Network-Restricted Environments","conversation":{"__ref":"Conversation:conversation:3886437"},"id":"message:3886437","revisionNum":1,"uid":3886437,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Microsoft Defender for Servers requires the deployment of several agents to achieve its multiple protection capabilities. As many of our customers run their Windows/Linux server environments without direct Internet outbound connectivity, there is the need for guidance on how to successfully deploy Defender for Servers with such restrictions. This article aims thus to bring additional clarity by summarizing all the considerations that must be taken when deploying each Defender for Servers component in network-restricted environments. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":10546},"postTime":"2023-07-31T00:00:00.034-07:00","lastPublishTime":"2023-07-31T00:00:00.034-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Microsoft Defender for Servers (part of the Microsoft Defender for Cloud security suite), being a comprehensive solution for server protection across multi-cloud and hybrid environments, requires the deployment of several agents to achieve its multiple protection capabilities. As many of our customers run their Windows/Linux server environments without direct Internet outbound connectivity, there is the need for guidance on how to successfully deploy Defender for Servers with such restrictions. This article aims thus to bring additional clarity by summarizing all the considerations that must be taken when deploying each Defender for Servers component in network-restricted environments. \n \n IMPORTANT: The Microsoft Defender for Servers team recently released the strategy and plan towards Log Analytics Agent deprecation. Please, read it carefully before planning your Defender for Servers deployment. \n \n General considerations \n \n There are many types of network-restricted environments – from air-gapped to proxy-based outbound connectivity. As Defender for Servers is a cloud-based solution, the systems running in air-gapped or with intermittent connectivity environments are significantly limited in the protection they can get from Defender for Servers. For these scenarios, the Agentless Scanning capability of Defender for Servers already provides some protection. \n \n The scenarios covered in this article focus on providing Internet outbound connectivity to machines via a HTTP proxy, which is common in enterprise customers when Private Link is not available. Proxy-based connectivity can be implemented either via a system-wide proxy (transparent proxy, auto-discovery, or operating-system-wide settings) or via manual per agent static configuration. Of course, the more transparent the proxy configuration is, the easiest it is to deploy Defender for Servers agents. Depending on the proxy configuration approach and on the operating system type, each Defender for Servers agent and extension has its own specificities detailed in the following sections. \n \n For Windows systems, it is important to distinguish between WinINet and WinHTTP proxy settings. While WinINet settings are the most used by end users (e.g., when specifying Internet browser proxy settings), they have limited or no effect in Defender for Servers agents and extensions and are a recurrent cause of confusion. In any case, all machines should be configured whenever possible before proceeding with the Defender for Servers agents and extensions deployment, according to the recommendations below. \n \n Microsoft Defender for Endpoint \n \n The recommended approach for deploying the Microsoft Defender for Endpoint (MDE) sensor in Defender for Servers is through the MDE extension, which is triggered by turning the Defender for Endpoint auto-provisioning settings on in Defender for Servers. Once the MDE extension (MDE.Windows or MDE.Linux) is deployed into the protected machine, it enables and onboards Defender for Endpoint to the customer tenant. If the machine has network restrictions and does not have correct HTTP proxy settings, it will: \n \n \n [In Windows] Show up as successfully deployed, but the machine will not appear as onboarded in the Defender for Endpoint backend. \n [In Linux] Fail the MDE extension deployment and the Defender for Endpoint sensor will not be installed. \n \n \n As the MDE extension deployment unfortunately does not support extension-level proxy configuration, it is crucial to ensure the operating system is configured according to the outbound connectivity restrictions, prior to enabling auto-provisioning. The HTTP proxy itself must also be configured to allow for the list of Defender for Endpoint backend URLs. \n \n Windows \n \n For Windows environments, you have many HTTP proxy configuration options (see detailed instructions). The more transparent (e.g., WPAD) or system-wide (e.g., WinHTTP) the configuration is, the more straightforward the MDE extension deployment is. In short, if you cannot go the transparent proxy way, use WinHTTP (simplest) or registry/GPO-based static configuration. Please remember that WinINet proxy settings are not a viable solution for Windows Server environments. For a detailed explanation of how the different Windows proxy options impact Defender for Endpoint behavior, I highly recommend reading this article. \n \n Linux \n \n For Linux environments, you have only two options: transparent proxy, which requires no additional configuration for Defender for Endpoint, or a static proxy. Currently, PAC, WPAD, and authenticated proxies are not supported. For static proxy configuration, you must follow the Defender for Endpoint for Linux static proxy discovery steps. You must not forget that installation-time proxy settings (required by the respective Linux package manager) are different from the post installation configuration ones (statically defined in the Defender for Endpoint service itself). Having both correctly configured is important not only at deployment time but also later in the MDE extension lifecycle – sometimes, the MDE extension may appear in a failed state, even if the MDE sensor is operating correctly, when the extension is for some reason redeployed in a condition in which installation-time connectivity is broken. \n \n In some Linux distributions, the /etc/environment proxy definition may not be forwarded to the MDE extension at installation-time and will fail the extension deployment. In this case, you should provide proxy settings in the systemd drop-in file for the Azure Linux Agent (a.k.a. walinuxagent, in most distributions), which eventually runs the MDE extension deployment (see official documentation). To do so, follow these steps: \n \n \n Create or edit the file 13-Proxy.conf in /lib/systemd/system/walinuxagent.service.d/ \n Add the following lines to the file: \n \n [Service]\nEnvironment=http_proxy=http://<hostname>:<port>\nEnvironment=https_proxy=http://<hostname>:<port> \n \n Save the drop-in file and run the following commands to let the service recognize the change: \n \n sudo systemctl daemon-reload\nsudo systemctl restart walinuxagent.service \n \n Azure Monitor Agent / Log Analytics Agent \n \n Many Defender for Servers features depend on logs being collected from the guest operating system, such as File Integrity Monitoring, Adaptive Application Controls, and others (see full list here). No matter what your option for log collection is, either the legacy Log Analytics Agent (a.k.a. Microsoft Monitoring Agent or MMA) or the new Azure Monitor Agent (AMA), both agents have a similar behavior and configuration options in the face of proxy-based Internet connectivity. If the machine has network restrictions and does not have correct HTTP proxy settings, it will not collect logs into the Log Analytics workspace, despite successfully deploying the extension (except MMA for Linux, which fails the extension deployment). \n \n Both agents support static proxy configuration settings. For your reference, see the AMA documentation for proxy configuration and a similar reference for the MMA. In at-scale deployment scenarios, you will want to include proxy settings in the agent extension deployment template (e.g., in an Azure Policy definition). Unfortunately, as there are not built-in Policy definitions for proxy-dependent AMA/MMA extension deployment, you will have to build your own, including the following settings for each agent option. For AMA, the proxy settings to add to the extension deployment are documented in the link above. For MMA, you can add the following properties to the extension resource definition: \n \n In Windows: \n \n \"settings\": {\n \"proxyUri\": \"host:port\"\n} \n \n If your proxy requires authentication, you must add the following: \n \n \"protectedSettings\": {\n \"proxyUser\": \"user\",\n \"proxyPassword\": \"pass\"\n} \n \n In Linux (see documentation😞 \n \n \"protectedSettings\": {\n \"proxy\": \"[user:pass@]host:port\"\n} \n \n Before deploying your preferred agent, do not forget to ensure your proxy has the required rules for each of the agent endpoints, by following the AMA or MMA documentation for proxy/firewall requirements. \n It is worth noting that both agents support connectivity to Log Analytics over Private Link. You can find out more in the Private Link for Azure Monitor documentation. \n \n Guest Configuration Extension \n \n If you are using Defender for Servers with the AMA agent, you will need the Guest Configuration extension to analyze operating system security baseline settings in Windows and Linux machines. This was available out of the box in the legacy MMA agent but requires a specific extension for AMA scenarios. Although the Guest Configuration extension does not support proxy settings, you can make it communicate privately over the Azure Virtual IP address by applying a specific tag to the respective virtual machine (see documentation, valid for Azure Virtual Machines). \n \n The Guest Configuration extension is not required for Arc-enabled servers because it is included in the Arc Connected Machine agent. However, you must ensure the Arc agent connectivity is configured according to the network restrictions it may face (see details below). \n \n Qualys Agent \n \n Customers who implement vulnerability assessment with the Qualys agent must consider that the Qualys extension configuration does not accept any proxy configuration details. The proxy settings for the Qualys agent must be set after the extension is installed. See the documentation for more details. \n \n Azure Arc-based scenarios \n \n All the multiple agent configuration options we have seen so far apply equally in multi-cloud or hybrid scenarios with Azure Arc. However, with the Arc agent, there is of course an additional network configuration required. Azure Arc supports both proxy-based and Private Link outbound connectivity. You can define the HTTP proxy with system-wide settings or else with static configuration (check the implementation details for Linux and Windows). You are even given the option to define static proxy configuration when generating the Arc agent deployment script in the Azure Portal. If you prefer to use private endpoints instead, you can follow the step-by-step guide for Azure Arc with Private Link. No matter what the Azure Arc connectivity option is, do not forget that all the other agents have their own approach and must be configured separately, as we have described above. \n \n Conclusion \n \n Microsoft Defender for Servers depends on several agents to provide all its capabilities and all these agents require HTTP outbound connectivity to public backend services. In typical enterprise scenarios, Azure virtual machines or on-premises/third party cloud machines do not have direct access to the Internet and thus systems administrators need to plan for the deployment of Defender for Servers agents according to the connectivity configurations supported by each of them. This article hopefully provided a comprehensive compilation of all the options available and links to the product documentation containing all the relevant guidance for this matter. Please let us know if some scenario is not covered here or if information is missing. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"11499","kudosSumWeight":4,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODg2NDM3LTQ5MzI2M2kzQkU4NzkwNTREQzU1Q0Uw?revision=1\"}"}}],"totalCount":1,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:3813322":{"__typename":"Conversation","id":"conversation:3813322","topic":{"__typename":"BlogTopicMessage","uid":3813322},"lastPostingActivityTime":"2023-05-08T00:00:00.049-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkxNGkwQjA5NTgwRTU0OTlDM0Y2?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkxNGkwQjA5NTgwRTU0OTlDM0Y2?revision=1","title":"workbook-results-teaser.png","associationType":"TEASER","width":578,"height":578,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNGkxNzIzQjA5QzBBOEE0NTI1?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNGkxNzIzQjA5QzBBOEE0NTI1?revision=1","title":"the-keys-to-cost-allocation.png","associationType":"BODY","width":583,"height":105,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNWlGMTcyOTcyQzg5MDQ3MTZF?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNWlGMTcyOTcyQzg5MDQ3MTZF?revision=1","title":"workbook-parameters.png","associationType":"BODY","width":793,"height":92,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNmk1N0UwQkI4RDBEQjAwNUIz?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNmk1N0UwQkI4RDBEQjAwNUIz?revision=1","title":"workbook-results.png","associationType":"BODY","width":772,"height":198,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyN2kxNEYyRUU1NzM0QUIzNEQx?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyN2kxNEYyRUU1NzM0QUIzNEQx?revision=1","title":"workbook-results-2.png","associationType":"BODY","width":786,"height":182,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyOGlDMDU3RkQ0NzQ5NEVERDlC?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyOGlDMDU3RkQ0NzQ5NEVERDlC?revision=1","title":"workbook-empty.png","associationType":"BODY","width":545,"height":363,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkzMGlDMTUwOEFDNEExQjMyOUI2?revision=1\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkzMGlDMTUwOEFDNEExQjMyOUI2?revision=1","title":"workbook-codeeditor.png","associationType":"BODY","width":612,"height":234,"altText":null},"BlogTopicMessage:message:3813322":{"__typename":"BlogTopicMessage","subject":"How to Allocate Azure Monitor Logs Ingestion Costs by Resource Tag","conversation":{"__ref":"Conversation:conversation:3813322"},"id":"message:3813322","revisionNum":1,"uid":3813322,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Azure Monitor Logs has also become an important cost driver for many Azure customers and being able to allocate or split those costs across the right cost centers in the organization is a pressing need most customers have. This is especially relevant for customers who centralize as much as possible their Log Analytics workspaces, following Microsoft’s recommended best practices. The question this article answers is: how can we sort out which logs belong to which cost center in a simple manner? ","introduction":"","metrics":{"__typename":"MessageMetrics","views":7071},"postTime":"2023-05-08T00:00:00.049-07:00","lastPublishTime":"2023-05-08T00:00:00.049-07:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Introduction \n \n Azure Monitor Logs, also known as Log Analytics, is a fundamental tool for monitoring and reporting on your Azure, multi-cloud, and hybrid resources. It supports such a vast array of Microsoft cloud services that it has become one of the most used Azure services for all sorts of customers. Consequently, Azure Monitor Logs has also become an important cost driver for many Azure customers and being able to allocate or split those costs across the right cost centers in the organization is a pressing need most customers have. This is especially relevant for customers who centralize as much as possible their Log Analytics workspaces, following Microsoft’s recommended best practices. The question this article answers is: how can we sort out which logs belong to which cost center in a simple manner? My colleague BrunoGabrielli recently described the logic behind cost allocation by subscription, resource group or resource. What I am going to describe next is how to do it based on the resource tags. \n \n Important: this article describes how to allocate Analytics ingestion costs only. Other cost factors such as Basic logs ingestion, log retention beyond 31 days or Basic Logs queries are not included but can follow a strategy like the one described here. For more details about Azure Monitor Logs pricing, visit the pricing page. \n \n The keys to allocate Log Analytics ingestion costs \n \n Most of the billable Azure Monitor logs come with a _ResourceId column identifying the Azure or Azure Arc resource who was responsible for emitting the logs. For example, a Virtual Machine running the Azure Monitor agent which is collecting Syslog events will send its logs to the Syslog table in a specific Log Analytics workspace and all its logs will identify the Virtual Machine through the _ResourceId column. This is also true for other Azure platform services using Diagnostic Settings to export their logs to Log Analytics. For example, Key Vault audit logs or Azure Firewall network event logs also come with a resource identifier. \n \n When speaking of logs cost allocation, a typical and most of the time acceptable reasoning should be to allocate the logs costs to the resources emitting those logs. If you agree with me, then you just need to ensure all your Azure and Azure Arc resources are tagged according to your cost allocation needs, which is one of the fundamental practices of cost management in Azure. With all this set up, we “just” have to correlate Azure Monitor logs with resource tags. The next section describes an Azure Monitor Workbook that does this plumbing. \n \n \n \n Log Analytics Ingestion Usage by Tag Workbook \n \n The Log Analytics Ingestion Usage by Tag Workbook puts into practice the rationale I described above, by scanning all the Log Analytics workspace logs and correlating them with Azure tags through the respective Azure resource Id. Needless to say, the larger the Azure environment and the larger the logs time range, the longer it takes to generate the results. Therefore, as a rule of thumb, start small and progressively increase the scope of the report. \n \n \n \n First thing, you must adjust the Ingestion Price parameter according to your Azure price sheet and the Azure region of the Log Analytics workspaces in scope. Next, select the desired tag for cost allocation by setting the Tag Name parameter. Once you finish setting the parameters, the Workbook will scan the selected workspaces and present a couple of tables like the ones below. The Tag Value column presents the value of the desired tag associated to the logs-emitting resource. \n \n The left table shows ingestion costs for all identifiable resources, i.e., resources with a non-empty _ResourceId column. In case the Tag Value comes empty, this means that the respective resource does not have the desired tag associated. \n \n \n \n The right table shows ingestion costs for non-identifiable resources, i.e., where the logs did not contain the _ResourceId column. In this case, we do our best, splitting instead the costs by the Log Analytics workspace where the logs were ingested, and classifying them with the Tag Value associated to each workspace. \n \n \n \n The last step is to export the results to Excel, by clicking on the export button, and do the aggregations you need to allocate your Log Analytics costs according to the selected tag. Please remember the costs may not represent exactly what you see in your Azure bill. Use this data only to determine the approximate percentage of Azure Monitor Logs costs to allocate to each cost center. \n \n Installing the Workbook \n \n To install this Workbook in your environment, open the Monitor blade in the Azure Portal and select Workbooks. Then click on the Empty workbook button. \n \n \n \n Finally, click on the Workbook code editor button, replace the JSON code by the one available here, click on “Apply”, then “Done Editing”, and that is it. If you want to reuse it often, do not forget to save the Workbook (you need at least Workbook Contributor permission somewhere in Azure to do it). \n \n \n \n Happy cost allocation! ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"5292","kudosSumWeight":2,"repliesCount":0,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkxNGkwQjA5NTgwRTU0OTlDM0Y2?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNGkxNzIzQjA5QzBBOEE0NTI1?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNWlGMTcyOTcyQzg5MDQ3MTZF?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyNmk1N0UwQkI4RDBEQjAwNUIz?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyN2kxNEYyRUU1NzM0QUIzNEQx?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDY","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkyOGlDMDU3RkQ0NzQ5NEVERDlC?revision=1\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDc","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0zODEzMzIyLTQ2NjkzMGlDMTUwOEFDNEExQjMyOUI2?revision=1\"}"}}],"totalCount":7,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"Conversation:conversation:2091507":{"__typename":"Conversation","id":"conversation:2091507","topic":{"__typename":"BlogTopicMessage","uid":2091507},"lastPostingActivityTime":"2023-03-29T15:07:13.627-07:00","solved":false},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwNGkwNjE2MzNFMTc3NTQ4NDZD?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwNGkwNjE2MzNFMTc3NTQ4NDZD?revision=4","title":"removing-azdiagextension-atscale-fig3.jpg","associationType":"TEASER","width":1243,"height":302,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMGlCMUNGNTAxMDM2MjgxMkM0?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMGlCMUNGNTAxMDM2MjgxMkM0?revision=4","title":"hspinto_0-1611493439336.jpeg","associationType":"BODY","width":703,"height":220,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMWlFRjQ5NDdBQzdDNTRFMzlD?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMWlFRjQ5NDdBQzdDNTRFMzlD?revision=4","title":"hspinto_1-1611493439352.jpeg","associationType":"BODY","width":996,"height":136,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMmk3RjhBM0VGM0RGOEQxNTVD?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMmk3RjhBM0VGM0RGOEQxNTVD?revision=4","title":"hspinto_2-1611493439427.jpeg","associationType":"BODY","width":1243,"height":302,"altText":null},"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwM2lDQjMxOEQwOUUxQTM2MTdC?revision=4\"}":{"__typename":"AssociatedImage","url":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwM2lDQjMxOEQwOUUxQTM2MTdC?revision=4","title":"hspinto_3-1611493439435.jpeg","associationType":"BODY","width":975,"height":61,"altText":null},"BlogTopicMessage:message:2091507":{"__typename":"BlogTopicMessage","subject":"How to Remove at Scale the Azure Diagnostics Extension and its Storage Data","conversation":{"__ref":"Conversation:conversation:2091507"},"id":"message:2091507","revisionNum":4,"uid":2091507,"depth":0,"board":{"__ref":"Blog:board:CoreInfrastructureandSecurityBlog"},"author":{"__ref":"User:user:453722"},"teaser@stripHtml({\"removeProcessingText\":true,\"truncateLength\":-1})":" Hello, dear readers! Here is Hélder Pinto again, now writing about a topic that came out of my experience in one of my customers, who decided to stop using the Azure Diagnostics Extension in their virtual machine estate but had a massive challenge: how to remove the extension across 1000s of VMs and be sure that the diagnostics data was removed from Azure Storage and, by the way, save more than 10K euros per month? Let’s see how we did it. ","introduction":"","metrics":{"__typename":"MessageMetrics","views":8848},"postTime":"2021-01-28T10:16:41.675-08:00","lastPublishTime":"2021-01-28T10:16:41.675-08:00","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})":" Hello, dear readers! Here is Hélder Pinto again, now writing about a topic that came out of my experience in one of my customers, who decided to stop using the Azure Diagnostics Extension in their virtual machine estate but had a massive challenge: how to remove the extension across 1000s of VMs and be sure that the diagnostics data was removed from Azure Storage and, by the way, save more than 10K euros per month? Let’s see how we did it. \n \n Introduction \n \n The Azure Diagnostics extension is an agent that collects monitoring data from the guest operating system of Azure virtual machines. With this extension, you can collect guest metrics and many types of logs and then send it to Azure Storage (default sink), Azure Monitor metrics or even to Azure Event Hubs (to be ingested by a third-party sink). No matter the additional sinks you may configure, the Azure Diagnostic extension always collects data into an Azure Storage account, using mostly Table storage*. \n \n If, for some reason, you decide to stop collecting logs and metrics with the Azure Diagnostics extension, doing it could be as simple as uninstalling the extension from your VMs. But wait! You’re likely need to also get rid of all the data the agent collected over time. What if the Storage Accounts used by the extension are shared with other services? Will you still be able to identify those Storage Accounts after the extension is removed? The mission is not as simple as it seemed! 🙂 Let’s see below how we can do it effectively (and efficiently!). \n \n Azure Diagnostics extension and data cleanup guide \n \n If you need to remove the Azure Diagnostics extension at scale from your Azure virtual machine estate and finally clean the data that it generated, at least the largest one that lives in Azure Storage Tables, then you have here a complete procedure and scripts that will help you successfully achieve your goals. \n \n The procedure is divided into three steps: \n \n \n Assess which Azure Storage accounts are being used as a sink for the Diagnostics extension - carefully keep the generated CSV, because we will need this list for the last step. \n Uninstall at scale the Diagnostics extension from your virtual machines. \n Remove at scale the Azure Storage tables that were generated by the Diagnostics extension - we will use here the list extracted in the first step. \n \n \n Requirements \n \n \n Az PowerShell modules \n Az.ResourceGraph module \n The user executing the scripts should have the Contributor role in the Azure subscriptions. If virtual machines have resource locks, then the user must have the Owner role. \n \n \n Step 1 - Extract the list of Storage Accounts containing Azure Diagnostics data \n \n In a PowerShell prompt, run the Export-VmDiagnosticsStorageAccounts.ps1 script: \n \n .\\Export-VmDiagnosticsStorageAccounts.ps1 [-Cloud <AzureCloud | AzureChinaCloud | AzureGermanCloud | AzureUSGovernment>] \n \n This will generate a CSV file containing a list of all the Storage Accounts that are being used by the Azure Diagnostics extensions (see sample content below). Save this file, as we will need it for the last step. \n \n \n \n The magic behind this script is an Azure Resource Graph (I LOOOVE this service) query that quickly returns what you need: \n \n \n \n resources \n| where type =~ 'microsoft.compute/virtualmachines/extensions' and tostring(properties.type) in ('LinuxDiagnostic', 'IaaSDiagnostics')\n| extend storageAccountName = iif(isempty(tostring(properties.settings.StorageAccount)),tostring(properties.settings.storageAccount),tostring(properties.settings.StorageAccount))\n| project id, storageAccountName\n| join kind=inner (\n resources\n | where type =~ 'microsoft.storage/storageAccounts'\n | project storageAccountName = name, resourceGroup, subscriptionId\n) on storageAccountName\n| summarize count() by storageAccountName, resourceGroup, subscriptionId \n \n \n \n Step 2 - Uninstall at scale the Diagnostics extension from virtual machines \n \n In the same PowerShell prompt, run the Uninstall-VmDiagnosticsExtensionAtScale.ps1 script. The script is prepared to deal with the following scenarios: \n \n \n Deallocated virtual machines - it will start them, remove the extension, and shut them down again (only VMs with the extension will be started). \n Virtual machines that have a resource lock - it will remove the lock, remove the extension, and re-add the exact same lock - this requires you to have the Owner role for those virtual machines. \n Target a specific resource group or subscription. \n Make a dry run of the process with the Simulate switch. \n \n \n Here is the full script syntax: \n \n .\\Uninstall-VmDiagnosticsExtensionAtScale.ps1 [-Cloud <AzureCloud | AzureChinaCloud | AzureGermanCloud | AzureUSGovernment>] [-TargetSubscriptionId <subscription Id>] [-TargetResourceGroup <resource group name>] [-RemoveLocks] [-StartVMs] [-Simulate] \n \n With some examples \n \n .\\Uninstall-VmDiagnosticsExtensionAtScale.ps1 -RemoveLocks -StartVMs -Simulate - this will simulate an execution, starting deallocated VMs and removing resource locks before uninstalling the extension (of course, VMs won't be started nor locks removed) \n \n .\\Uninstall-VmDiagnosticsExtensionAtScale.ps1 -TargetSubscriptionId aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee -StartVMs - this will uninstall the extension only for the aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee subscription, starting deallocated VMs if needed. \n \n \n \n The script will on-the-fly get the list of VMs to uninstall the extension from and will complete quickly, as the uninstallation is run asynchronously. At the end, you will get a CSV file containing the results of each uninstallation try, e.g., whether the VM was running or not, it had resource locks, or the extension was uninstalled. You must give at least 30 minutes for the process to finish. After this period, you can run the following query in Resource Graph Explorer, to check how successful the process was: \n \n \n \n resources \n| where type =~ 'microsoft.compute/virtualmachines/extensions' and tostring(properties.type) in ('LinuxDiagnostic', 'IaaSDiagnostics')\n| project id, name\n| extend vmId = substring(id, 0, indexof(id, '/extensions/'))\n| join kind=inner (\n resources \n | where type =~ 'microsoft.compute/virtualmachines'\n | project vmId = id, vmName = name, resourceGroup, subscriptionId, powerState = tostring(properties.extended.instanceView.powerState.code)\n) on vmId\n| project-away vmId, vmId1\n| order by id asc \n \n \n \n And here a sample output of the CSV file generated by this script: \n \n \n \n If, for some reason, there is some extension that does not remove successfully, refer to the troubleshooting documentation. Nevertheless, you can proceed with no fear to the final step - removing Azure Storage Tables. Those zombie Diagnostics extensions will recreate and continue writing into the Storage tables, but at least you'll have reduced your problem to a fraction of the dimension it had before. After fixing the extension issues, you can repeat steps 2 and 3. \n \n Step 3 - Remove the Azure Storage Tables used by the Diagnostics extension \n \n In this final step, you'll use the CSV generated in step 1 and order the removal of all the Azure Storage Tables that are fed by the Diagnostics extension. The Remove-VmDiagnosticsTables.ps1 script is very simple to use. If needed, you can target a specific subscription instead of the whole tenant. \n \n .\\Remove-VmDiagnosticsTables.ps1 -StorageAccountsCsvPath <path to the storage account list CSV generated in step 1> [-Cloud <AzureCloud | AzureChinaCloud | AzureGermanCloud | AzureUSGovernment>] [-TargetSubscriptionId <subscription Id>] \n \n \n \n The script removes only the Storage Tables used by the Azure Diagnostics extension, leaving untouched all the remaining data that exist in the Storage Account, such as blobs or other tables used by other applications. \n \n In the next day, you'll likely notice a drop in your Azure Storage Table costs. Happy cleanup! \n \n * Metrics and logs stored in Azure Tables do not have a retention mechanism, therefore your data (and Storage costs) keep growing over time. ","body@stripHtml({\"removeProcessingText\":true,\"removeSpoilerMarkup\":true,\"removeTocMarkup\":true,\"truncateLength\":-1})@stringLength":"9114","kudosSumWeight":1,"repliesCount":6,"readOnly":false,"images":{"__typename":"AssociatedImageConnection","edges":[{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDE","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwNGkwNjE2MzNFMTc3NTQ4NDZD?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDI","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMGlCMUNGNTAxMDM2MjgxMkM0?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDM","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMWlFRjQ5NDdBQzdDNTRFMzlD?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDQ","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwMmk3RjhBM0VGM0RGOEQxNTVD?revision=4\"}"}},{"__typename":"AssociatedImageEdge","cursor":"MjUuM3wyLjF8b3wyNXxfTlZffDU","node":{"__ref":"AssociatedImage:{\"url\":\"https://techcommunity.microsoft.com/t5/s/gxcuf89792/images/bS0yMDkxNTA3LTI0OTAwM2lDQjMxOEQwOUUxQTM2MTdC?revision=4\"}"}}],"totalCount":5,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"videos":{"__typename":"VideoConnection","edges":[],"totalCount":0,"pageInfo":{"__typename":"PageInfo","hasNextPage":false,"endCursor":null,"hasPreviousPage":false,"startCursor":null}},"coverImage":null,"coverImageProperties":{"__typename":"CoverImageProperties","style":"STANDARD","titlePosition":"BOTTOM","altText":""}},"CachedAsset:text:en_US-components/community/Navbar-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/community/Navbar-1745505307000","value":{"community":"Community Home","inbox":"Inbox","manageContent":"Manage Content","tos":"Terms of Service","forgotPassword":"Forgot Password","themeEditor":"Theme Editor","edit":"Edit Navigation Bar","skipContent":"Skip to content","gxcuf89792":"Tech Community","external-1":"Events","s-m-b":"Nonprofit Community","windows-server":"Windows Server","education-sector":"Education Sector","driving-adoption":"Driving Adoption","Common-content_management-link":"Content Management","microsoft-learn":"Microsoft Learn","s-q-l-server":"Content Management","partner-community":"Microsoft Partner Community","microsoft365":"Microsoft 365","external-9":".NET","external-8":"Teams","external-7":"Github","products-services":"Products","external-6":"Power Platform","communities-1":"Topics","external-5":"Microsoft Security","planner":"Outlook","external-4":"Microsoft 365","external-3":"Dynamics 365","azure":"Azure","healthcare-and-life-sciences":"Healthcare and Life Sciences","external-2":"Azure","microsoft-mechanics":"Microsoft Mechanics","microsoft-learn-1":"Community","external-10":"Learning Room Directory","microsoft-learn-blog":"Blog","windows":"Windows","i-t-ops-talk":"ITOps Talk","external-link-1":"View All","microsoft-securityand-compliance":"Microsoft Security","public-sector":"Public Sector","community-info-center":"Lounge","external-link-2":"View All","microsoft-teams":"Microsoft Teams","external":"Blogs","microsoft-endpoint-manager":"Microsoft Intune","startupsat-microsoft":"Startups at Microsoft","exchange":"Exchange","a-i":"AI and Machine Learning","io-t":"Internet of Things (IoT)","Common-microsoft365-copilot-link":"Microsoft 365 Copilot","outlook":"Microsoft 365 Copilot","external-link":"Community Hubs","communities":"Products"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarHamburgerDropdown-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarHamburgerDropdown-1745505307000","value":{"hamburgerLabel":"Side Menu"},"localOverride":false},"CachedAsset:text:en_US-components/community/BrandLogo-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/community/BrandLogo-1745505307000","value":{"logoAlt":"Khoros","themeLogoAlt":"Brand Logo"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarTextLinks-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarTextLinks-1745505307000","value":{"more":"More"},"localOverride":false},"CachedAsset:text:en_US-components/authentication/AuthenticationLink-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/authentication/AuthenticationLink-1745505307000","value":{"title.login":"Sign In","title.registration":"Register","title.forgotPassword":"Forgot Password","title.multiAuthLogin":"Sign In"},"localOverride":false},"CachedAsset:text:en_US-components/nodes/NodeLink-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/nodes/NodeLink-1745505307000","value":{"place":"Place {name}"},"localOverride":false},"CachedAsset:text:en_US-components/tags/TagSubscriptionAction-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/tags/TagSubscriptionAction-1745505307000","value":{"success.follow.title":"Following Tag","success.unfollow.title":"Unfollowed Tag","success.follow.message.followAcrossCommunity":"You will be notified when this tag is used anywhere across the community","success.unfollowtag.message":"You will no longer be notified when this tag is used anywhere in this place","success.unfollowtagAcrossCommunity.message":"You will no longer be notified when this tag is used anywhere across the community","unexpected.error.title":"Error - Action Failed","unexpected.error.message":"An unidentified problem occurred during the action you took. Please try again later.","buttonTitle":"{isSubscribed, select, true {Unfollow} false {Follow} other{}}","unfollow":"Unfollow"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/QueryHandler-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/QueryHandler-1745505307000","value":{"title":"Query Handler"},"localOverride":false},"CachedAsset:text:en_US-components/community/NavbarDropdownToggle-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/community/NavbarDropdownToggle-1745505307000","value":{"ariaLabelClosed":"Press the down arrow to open the menu"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageListTabs-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageListTabs-1745505307000","value":{"mostKudoed":"{value, select, IDEA {Most Votes} other {Most Likes}}","mostReplies":"Most Replies","mostViewed":"Most Viewed","newest":"{value, select, IDEA {Newest Ideas} OCCASION {Newest Events} other {Newest Topics}}","newestOccasions":"Newest Events","mostRecent":"Most Recent","noReplies":"No Replies Yet","noSolutions":"No Solutions Yet","solutions":"Solutions","mostRecentUserContent":"Most Recent","trending":"Trending","draft":"Drafts","spam":"Spam","abuse":"Abuse","moderation":"Moderation","tags":"Tags","PAST":"Past","UPCOMING":"Upcoming","sortBymostRecent":"Sort By Most Recent","sortBymostRecentUserContent":"Sort By Most Recent","sortBymostKudoed":"Sort By Most Likes","sortBymostReplies":"Sort By Most Replies","sortBymostViewed":"Sort By Most Viewed","sortBynewest":"Sort By Newest Topics","sortBynewestOccasions":"Sort By Newest Events","otherTabs":" Messages list in the {tab} for {conversationStyle}","guides":"Guides","archives":"Archives"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageView/MessageViewInline-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageView/MessageViewInline-1745505307000","value":{"bylineAuthor":"{bylineAuthor}","bylineBoard":"{bylineBoard}","anonymous":"Anonymous","place":"Place {bylineBoard}","gotoParent":"Go to parent {name}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/Pager/PagerLoadMore-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/Pager/PagerLoadMore-1745505307000","value":{"loadMore":"Show More"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/common/OverflowNav-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/common/OverflowNav-1745505307000","value":{"toggleText":"More"},"localOverride":false},"CachedAsset:text:en_US-components/users/UserLink-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/users/UserLink-1745505307000","value":{"authorName":"View Profile: {author}","anonymous":"Anonymous"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageSubject-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageSubject-1745505307000","value":{"noSubject":"(no subject)"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageBody-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageBody-1745505307000","value":{"showMessageBody":"Show More","mentionsErrorTitle":"{mentionsType, select, board {Board} user {User} message {Message} other {}} No Longer Available","mentionsErrorMessage":"The {mentionsType} you are trying to view has been removed from the community.","videoProcessing":"Video is being processed. Please try again in a few minutes.","bannerTitle":"Video provider requires cookies to play the video. Accept to continue or {url} it directly on the provider's site.","buttonTitle":"Accept","urlText":"watch"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageTime-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageTime-1745505307000","value":{"postTime":"Published: {time}","lastPublishTime":"Last Update: {time}","conversation.lastPostingActivityTime":"Last posting activity time: {time}","conversation.lastPostTime":"Last post time: {time}","moderationData.rejectTime":"Rejected time: {time}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/nodes/NodeIcon-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/nodes/NodeIcon-1745505307000","value":{"contentType":"Content Type {style, select, FORUM {Forum} BLOG {Blog} TKB {Knowledge Base} IDEA {Ideas} OCCASION {Events} other {}} icon"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageUnreadCount-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageUnreadCount-1745505307000","value":{"unread":"{count} unread","comments":"{count, plural, one { unread comment} other{ unread comments}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageViewCount-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageViewCount-1745505307000","value":{"textTitle":"{count, plural,one {View} other{Views}}","views":"{count, plural, one{View} other{Views}}"},"localOverride":false},"CachedAsset:text:en_US-components/kudos/KudosCount-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/kudos/KudosCount-1745505307000","value":{"textTitle":"{count, plural,one {{messageType, select, IDEA{Vote} other{Like}}} other{{messageType, select, IDEA{Votes} other{Likes}}}}","likes":"{count, plural, one{like} other{likes}}"},"localOverride":false},"CachedAsset:text:en_US-components/messages/MessageRepliesCount-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-components/messages/MessageRepliesCount-1745505307000","value":{"textTitle":"{count, plural,one {{conversationStyle, select, IDEA{Comment} OCCASION{Comment} other{Reply}}} other{{conversationStyle, select, IDEA{Comments} OCCASION{Comments} other{Replies}}}}","comments":"{count, plural, one{Comment} other{Comments}}"},"localOverride":false},"CachedAsset:text:en_US-shared/client/components/users/UserAvatar-1745505307000":{"__typename":"CachedAsset","id":"text:en_US-shared/client/components/users/UserAvatar-1745505307000","value":{"altText":"{login}'s avatar","altTextGeneric":"User's avatar"},"localOverride":false}}}},"page":"/tags/TagPage/TagPage","query":{"nodeId":"board:CoreInfrastructureandSecurityBlog","tagName":"helderpinto"},"buildId":"YK32GCbhJqbL-HLk4DLXM","runtimeConfig":{"buildInformationVisible":false,"logLevelApp":"info","logLevelMetrics":"info","openTelemetryClientEnabled":false,"openTelemetryConfigName":"o365","openTelemetryServiceVersion":"25.3.0","openTelemetryUniverse":"prod","openTelemetryCollector":"http://localhost:4318","openTelemetryRouteChangeAllowedTime":"5000","apolloDevToolsEnabled":false,"inboxMuteWipFeatureEnabled":false},"isFallback":false,"isExperimentalCompile":false,"dynamicIds":["./components/community/Navbar/NavbarWidget.tsx","./components/community/Breadcrumb/BreadcrumbWidget.tsx","./components/customComponent/CustomComponent/CustomComponent.tsx","./components/tags/TagsHeaderWidget/TagsHeaderWidget.tsx","./components/messages/MessageListForNodeByRecentActivityWidget/MessageListForNodeByRecentActivityWidget.tsx","./components/tags/TagSubscriptionAction/TagSubscriptionAction.tsx","./components/external/components/ExternalComponent.tsx","../shared/client/components/common/List/ListGroup/ListGroup.tsx","./components/messages/MessageView/MessageView.tsx","./components/messages/MessageView/MessageViewInline/MessageViewInline.tsx","../shared/client/components/common/Pager/PagerLoadMore/PagerLoadMore.tsx","./components/customComponent/CustomComponentContent/TemplateContent.tsx"],"appGip":true,"scriptLoader":[{"id":"analytics","src":"https://techcommunity.microsoft.com/t5/s/gxcuf89792/pagescripts/1730819800000/analytics.js?page.id=TagPage","strategy":"afterInteractive"}]}