Announcing public preview of query-based metric alerts in Azure Monitor
Azure Monitor metric alerts are now more powerful than ever Azure Monitor metric alerts now support all Azure metrics—including platform, Prometheus, and custom metrics—giving you complete coverage for your monitoring needs. In addition, metric alerts now offer powerful query capabilities with PromQL, enabling complex logic across multiple metrics and resources. This makes it easier to detect patterns, correlate signals, and customize alerts for modern workloads like Kubernetes clusters, VMs, and custom applications. Key Benefits Full metrics coverage: metric alerts now support alerting on any Azure metrics including platform metrics, Prometheus metrics and custom metrics. PromQL-Powered Conditions: Use PromQL to select, aggregate, and transform metrics for advanced alerting scenarios. Powerful event detection: Query-based alert rules can now detect intricate patterns across multiple timeseries based on metric change ratio, complex aggregations, or comparison between different metrics and timeseries. You can also analyze metrics across different time windows to identify change in metric behavior over time. Flexible Scoping: For query-based alert rules, choose between resource-centric alerts for granular RBAC or workspace-centric alerts for cross-resource visibility. Alerting at scale: Query-based alert rules allow monitoring metrics from multiple resources within a subscription or a resource group, using a single rule. Managed Identity Support: Securely authorize queries using Azure Managed Identity, ensuring compliance and reducing credential management overhead. Customizable Notifications: Add dynamic custom properties and custom email subjects for faster triage and context-rich alerting. Reuse community alerts: Easily import and re-use PromQL alert queries from the open-source community or from other Prometheus-based monitoring systems. Supported metrics At this time, query-based metric alerts support any metrics ingested into Azure Monitor Workspace (AMW). This currently includes: Metrics collected by Azure Monitor managed service for Prometheus, from Azure Kubernetes Services clusters (AKS) or from other sources. Virtual machine OpenTelemetry (OTel) Guest OS Metrics Other OTel custom metrics collected into Azure Monitor. You can still create threshold-based metric alerts as before on Azure platform metrics. Query-based alerts on platform metrics will be added in future releases. Comparison: Query-based metric alerts vs. Prometheus rule groups alerts Query-based metric alerts serve as an alternative to alerts defined in Prometheus rule groups. Both options remain viable and execute the same PromQL-based alerting logic. However, metric alerts are natively integrated with Azure Monitor, aligning seamlessly with other Azure alert types. They now support all your metric alerting needs within the same rule type. They also offer richer functionality and greater flexibility, making them a strong choice for teams looking for consistency across Azure monitoring solutions. See the table below for detailed comparison of the two alternatives. Stay tuned - additional enhancements to metric alerts are coming in future releases! Feature Azure Prometheus rule groups Query-based metric alerts Alert rule management Part of a rule group resource Independent Azure resource Supported metrics Metrics in AMW (Managed Prometheus) Metrics in AMW (Managed Prometheus, OTel metrics) Condition logic PromQL-based query PromQL-based query Aggregation & transformation Full PromQL support Full PromQL support Scope Workspace-wide Resource-centric or workspace-wide Alerting at scale Not supported Subscription level, Resource-group level Cross-resource conditions Supported Supported RBAC granularity Workspace level Resource or workspace level Managed identity support Not supported Supported Notification customization Supported - Prometheus labels and annotations Advanced - dynamic custom properties, custom email subject Getting Started If you have an Azure Monitor workspace containing Prometheus or OpenTelemetry metrics, you can create query-based metric alert rules today. Rules can be created and managed using the Azure Portal, ARM templates, or Azure REST API. For details, visit Azure Monitor documentation.
Build Your Ignite Schedule: Top Sessions for Developers
Get Ready for Microsoft Ignite Welcome back to our Azure Tech Community Microsoft Ignite 2025 series! If you joined us for Your Guide to Azure Community Activations at Microsoft Ignite 2025, you already know that Microsoft Ignite isn’t just about product updates, it’s where ideas, innovation, and community come together. With hundreds of sessions across every area of Azure, it can be hard to know where to focus. That’s why we’ve curated a list of sessions tailored specifically for Developers to help you make the most of your time, strengthen your technical strategy, and get inspired for the year ahead. Use the Microsoft Ignite session scheduler feature in the session catalog to personalize your agenda, save your favorites, and organize your time at Microsoft Ignite. Make Every Minute Count: Top Recommended Sessions for Developers Microsoft Ignite moves fast, so it pays to plan your path before you arrive. By organizing your schedule around your interests and goals, you’ll be able to maximize learning opportunities, connect with peers, and leave with actionable insights. The recommendations below highlight our top picks for Developers who want to build, modernize, and innovate using Azure and AI. Reimagining software development with GitHub Copilot and AI agents (BRK105) Discover how AI is transforming the development workflow, from writing code to managing pull requests, and boosting productivity. Build AI Apps fast with GitHub and Azure AI Foundry in action (BRK110) Explore how to build, train, and deploy intelligent apps using GitHub and Azure AI Foundry in record time. Building and deploying data agents in Microsoft Fabric (THR738) Learn how to build, deploy, and manage intelligent data agents in Microsoft Fabric using curated data, Git-powered CI/CD, and best practices for enterprise-scale AI integration. CI/CD for Fabric: Accelerating Lakehouse to production in 25 minutes (THR739) Bring software-engineering rigor to your data with Microsoft Fabric—learn how to use Git-integrated deployment pipelines, parameterized deployments, and automated checks to confidently operationalize your Lakehouse from validation to production. Build A2A and MCP Systems using SWE Agents and agent‑framework (LAB513) Explore how to build, orchestrate, and deploy multi‑agent systems with the new agent‑framework, SWE Agents, and MCP—hands‑on and production‑minded. Before diving into your targeted sessions, make time for these essential moments that set the stage for everything happening at Microsoft Ignite. Opening Keynote (KEY01) Hear from Microsoft leaders as they unveil the latest innovations shaping the future of AI, cloud, and the developer ecosystem. This is the session that sets the tone for the entire event. Innovation Session: Your AI Apps and Agent Factory (BRK1706) Join Microsoft engineering leaders as they explore the foundational AI capabilities powering the Microsoft Cloud. Learn how Azure AI services, Copilot experiences, and responsible AI frameworks come together to help developers and organizations innovate faster Innovation Session: Agents at work: Shaping the future of business (BRK1708) Learn how AI-powered agents and digital workers are reshaping collaboration and productivity. This session showcases real-world use cases across Microsoft 365, Dynamics, and Azure ecosystems. Plan Smarter with the Session Scheduler With the “add to schedule” feature in the session catalog you’ll be able to: Browse and filter all Microsoft Ignite sessions by topic, product, or persona. Save your favorite sessions to build a personalized schedule. Set reminders and block time for networking, community booths, and demos. Stay Connected with the Azure Tech Community Your Microsoft Ignite journey doesn’t stop when the sessions end, the conversation continues across the Azure Tech Community. Share the sessions you’re most excited about using #MSIgnite #AzureTechCommunity, tag azure, and connect with other developers exploring the future of cloud management and security. Follow the Azure Tech Community for real-time updates, announcements, and product news throughout Ignite. See You at Microsoft Ignite 2025 With the right plan in place, every session becomes an opportunity to learn, grow, and connect. Explore these recommendations, save your favorites, and get ready for an unforgettable Microsoft Ignite 2025 experience.Build Your Microsoft Ignite Schedule: Top Sessions for IT Pros
Get Ready for Microsoft Ignite Welcome back to our Azure Tech Community Microsoft Ignite 2025 series! If you joined us for Your Guide to Azure Community Activations at Microsoft Ignite 2025, you already know that Microsoft Ignite isn’t just about product updates, it’s where ideas, innovation, and community come together. With hundreds of sessions across every area of Azure, it can be hard to know where to focus. That’s why we’ve curated a list of sessions tailored specifically for IT Pros to help you make the most of your time, strengthen your technical strategy, and get inspired for the year ahead. Use the Microsoft Ignite session scheduler feature in the session catalog to personalize your agenda, save your favorites, and organize your time at Ignite. Make Every Minute Count: Top Recommended Sessions for IT Pros Microsoft Ignite moves fast, so it pays to plan your path before you arrive. By organizing your schedule around your interests and goals, you’ll be able to maximize learning opportunities, connect with peers, and leave with actionable insights. The recommendations below highlight our top picks for IT Pros looking to streamline operations, strengthen security, and stay ahead in an evolving cloud landscape. End-to-End migration of applications with AI Agents to IaaS and PaaS (BRK140) See how Azure’s new AI-powered migration agents can simplify and accelerate every stage of your migration journey—from assessment to deployment. Architecting for resiliency on Azure Infrastructure (BRK178) Discover how to build resilient cloud solutions on Azure by leveraging availability zones, multi-region deployments, and fungible products. This session explores architectural patterns, platform capabilities, and best practices. Migrate and Modernize Windows and SQL Server Workloads with Azure (LAB506-R1) Get hands-on with practical approaches to moving core enterprise workloads to Azure, improving reliability, and optimizing costs. Govern your estate using PowerShell and the CLI with AI (BRK170) Discover how you can use AI for PowerShell and Azure CLI to boost automation and simplify complex commands. Turning Compliance Burden into Competitive Advantage with RegScale (THR820) Explore how to use Microsoft’s compliance and governance frameworks to drive efficiency and differentiation. Before diving into your targeted sessions, make time for these essential moments that set the stage for everything happening at Microsoft Ignite. Opening Keynote (KEY01) Hear from Microsoft leaders as they unveil the latest innovations shaping the future of AI, cloud, and the developer ecosystem. This is the session that sets the tone for the entire event. Innovation Session: Security in the Agentic Era – the Core Primitive (BRK1712) Gain a forward-looking perspective on how the rise of Agentic AI will reshape the security landscape for IT operations and enterprise systems. Innovation Session: Scale Smarter: Infrastructure for the Agentic Era (BRK1704) Dive into what’s new in Azure Infrastructure—from compute and networking to hybrid management and scalability. Hear from Azure engineering experts on best practices and innovations for modern cloud operations. Plan Smarter with the Session Scheduler With the “add to schedule” feature in the session catalog you’ll be able to: Browse and filter all Microsoft Ignite sessions by topic, product, or persona. Save your favorite sessions to build a personalized schedule. Set reminders and block time for networking, community booths, and demos. Stay Connected with the Azure Tech Community Your Microsoft Ignite journey doesn’t stop when the sessions end, the conversation continues across the Azure Tech Community. Share the sessions you’re most excited about using #MSIgnite #AzureTechCommunity, tag azure, and connect with other IT Pros exploring the future of cloud management and security. Follow the Azure Tech Community for real-time updates, announcements, and product news throughout Ignite. See You at Microsoft Ignite 2025 With the right plan in place, every session becomes an opportunity to learn, grow, and connect. Explore these recommendations, save your favorites, and get ready for an unforgettable Microsoft Ignite 2025 experience.Build Your Microsoft Ignite Schedule: Top Sessions for Solution Architects
Get Ready for Microsoft Ignite Welcome back to our Azure Tech Community Microsoft Ignite 2025 series! If you joined us for Your Guide to Azure Community Activations at Microsoft Ignite 2025, you already know that Microsoft Ignite isn’t just about product updates, it’s where ideas, innovation, and community come together. With hundreds of sessions to choose from, it can be hard to know where to focus. That is why we have curated a list of sessions tailored specifically for Solution Architects to help you plan your week, strengthen your technical design strategy, and stay ahead of the latest advancements in Azure. Use the Microsoft Ignite session scheduler feature in the session catalog to personalize your agenda, save your favorites, and organize your time at Microsoft Ignite. Make Every Minute Count: Top Recommended Sessions for Solution Architects Microsoft Ignite moves fast, so it pays to plan your path before you arrive. By organizing your schedule around your interests and goals, you’ll be able to maximize learning opportunities, connect with peers, and leave with actionable insights. The recommendations below highlight our top picks for architects who want to design scalable, secure, and future-ready cloud environments. From start to scale: Realize agentic AI value (BRKSP464) Learn how to plan and scale intelligent systems built on Microsoft’s Agentic AI framework, combining performance, governance, and responsible design principles. Unleashing SAP Databricks on Azure: Modernize, analyze, and innovate (BRK136) Explore how Azure and Databricks integrate with SAP to deliver a high-performance data architecture for enterprises. Migrate and Modernize Windows and SQL Server Workloads to Azure (LAB506-R1) See how Azure’s modernization framework enables secure, scalable, and cost-efficient migration for enterprise systems. Innovation Session: Security in the Agentic Era – the Core Primitive (BRK1712) Gain a forward-looking perspective on how the rise of Agentic AI will reshape the security landscape for IT operations and enterprise systems. Microsoft Purview Compliance Manager: AI Compliance & Resilience (THR750) Learn how Microsoft Purview leverages AI to simplify compliance management, automate risk assessments, and streamline audits for hybrid and multi-cloud environments. Before diving into your developer sessions, make time for these essential moments that set the stage for everything happening at Microsoft Ignite. Opening Keynote (KEY01) Hear from Microsoft leaders as they unveil the latest innovations shaping the future of AI, cloud, and the developer ecosystem. This is the session that sets the tone for the entire event. Innovation Session: Scale Smarter: Infrastructure for the Agentic Era (BRK1704) Dive into what’s new in Azure Infrastructure—from compute and networking to hybrid management and scalability. Hear from Azure engineering experts on best practices and innovations for modern cloud operations. Innovation Session: Microsoft Fabric and Azure Databases - the data estate for AI (BRK1702) See how Azure Data services—spanning databases, analytics, and governance—empower organizations to unify data, build intelligent apps, and unlock insight-driven decision-making at scale. Plan Smarter with the Session Scheduler With the “add to schedule” feature in the session catalog you’ll be able to: Browse and filter all Microsoft Ignite sessions by topic, product, or persona. Save your favorite sessions to build a personalized schedule. Set reminders and block time for networking, community booths, and demos. Stay Connected with the Azure Tech Community Your Microsoft Ignite journey doesn’t stop when the sessions end, the conversation continues across the Azure Tech Community.Share the sessions you are most excited about using #MSIgnite and #AzureTechCommunity, tag azure, and connect with other architects exploring the future of cloud design and intelligent infrastructure. Follow the Azure Tech Community for real-time updates, photos, and highlights throughout Microsoft Ignite. See You at Microsoft Ignite 2025 With the right plan in place, every session becomes an opportunity to learn, grow, and connect. Explore these recommendations, save your favorites, and get ready for an unforgettable Microsoft Ignite 2025 experience.Building AI Agents: Workflow-First vs. Code-First vs. Hybrid
AI Agents are no longer just a developer’s playground. They’re becoming essential for enterprise automation, decision-making, and customer engagement. But how do you build them? Do you go workflow-first with drag-and-drop designers, code-first with SDKs, or adopt a hybrid approach that blends both worlds? In this article, I’ll walk you through the landscape of AI Agent design. We’ll look at workflow-first approaches with drag-and-drop designers, code-first approaches using SDKs, and hybrid models that combine both. The goal is to help you understand the options and choose the right path for your organization. Why AI Agents Need Orchestration Before diving into tools and approaches, let’s talk about why orchestration matters. AI Agents are not just single-purpose bots anymore. They often need to perform multi-step reasoning, interact with multiple systems, and adapt to dynamic workflows. Without orchestration, these agents can become siloed and fail to deliver real business value. Here’s what I’ve observed as the key drivers for orchestration: Complexity of Enterprise Workflows Modern business processes involve multiple applications, data sources, and decision points. AI Agents need a way to coordinate these steps seamlessly. Governance and Compliance Enterprises require control over how AI interacts with sensitive data and systems. Orchestration frameworks provide guardrails for security and compliance. Scalability and Maintainability A single agent might work fine for a proof of concept, but scaling to hundreds of workflows requires structured orchestration to avoid chaos. Integration with Existing Systems AI Agents rarely operate in isolation. They need to plug into ERP systems, CRMs, and custom apps. Orchestration ensures these integrations are reliable and repeatable. In short, orchestration is the backbone that turns AI Agents from clever prototypes into enterprise-ready solutions. Behind the Scenes I’ve always been a pro-code guy. I started my career on open-source coding in Unix and hardly touched the mouse. Then I discovered Visual Studio, and it completely changed my perspective. It showed me the power of a hybrid approach, the best of both worlds. That said, I won’t let my experience bias your ideas of what you’d like to build. This blog is about giving you the full picture so you can make the choice that works best for you. Workflow-First Approach Workflow-first platforms are more than visual designers and not just about drag-and-drop simplicity. They represent a design paradigm where orchestration logic is abstracted into declarative models rather than imperative code. These tools allow you to define agent behaviors, event triggers, and integration points visually, while the underlying engine handles state management, retries, and scaling. For architects, this means faster prototyping and governance baked into the platform. For developers, it offers extensibility through connectors and custom actions without sacrificing enterprise-grade reliability. Copilot Studio Building conversational agents becomes intuitive with a visual designer that maps prompts, actions, and connectors into structured flows. Copilot Studio makes this possible by integrating enterprise data and enabling agents to automate tasks and respond intelligently without deep coding. Building AI Agents using Copilot Studio Design conversation flows with adaptive prompts Integrate Microsoft Graph for contextual responses Add AI-driven actions using Copilot extensions Support multi-turn reasoning for complex queries Enable secure access to enterprise data sources Extend functionality through custom connectors Logic Apps Adaptive workflows and complex integrations are handled through a robust orchestration engine. Logic Apps introduces Agent Loop, allowing agents to reason iteratively, adapt workflows, and interact with multiple systems in real time. Building AI Agents using Logic Apps Implement Agent Loop for iterative reasoning Integrate Azure OpenAI for goal-driven decisions Access 1,400+ connectors for enterprise actions Support human-in-the-loop for critical approvals Enable multi-agent orchestration for complex tasks Provide observability and security for agent workflows Power Automate Multi-step workflows can be orchestrated across business applications using AI Builder models or external AI APIs. Power Automate enables agents to make decisions, process data, and trigger actions dynamically, all within a low-code environment. Building AI Agents using Power Automate Automate repetitive tasks with minimal effort Apply AI Builder for predictions and classification Call Azure OpenAI for natural language processing Integrate with hundreds of enterprise connectors Trigger workflows based on real-time events Combine flows with human approvals for compliance Azure AI Foundry Visual orchestration meets pro-code flexibility through Prompt Flow and Connected Agents, enabling multi-step reasoning flows while allowing developers to extend capabilities through SDKs. Azure AI Foundry is ideal for scenarios requiring both agility and deep customization. Building AI Agents using Azure AI Foundry Design reasoning flows visually with Prompt Flow Orchestrate multi-agent systems using Connected Agents Integrate with VS Code for advanced development Apply governance and deployment pipelines for production Use Azure OpenAI models for adaptive decision-making Monitor workflows with built-in observability tools Microsoft Agent Framework (Preview) I’ve been exploring Microsoft Agent Framework (MAF), an open-source foundation for building AI agents that can run anywhere. It integrates with Azure AI Foundry and Azure services, enabling multi-agent workflows, advanced memory services, and visual orchestration. With public preview live and GA coming soon, MAF is shaping how we deliver scalable, flexible agentic solutions. Enterprise-scale orchestration is achieved through graph-based workflows, human-in-the-loop approvals, and observability features. The Microsoft Agent Framework lays the foundation for multi-agent systems that are durable and compliant. Building AI Agents using Microsoft Agent Framework Coordinate multiple specialized agents in a graph Implement durable workflows with pause and resume Support human-in-the-loop for controlled autonomy Integrate with Azure AI Foundry for hosting and governance Enable observability through OpenTelemetry integration Provide SDK flexibility for custom orchestration patterns Visual-first platforms make building AI Agents feel less like coding marathons and more like creative design sessions. They’re perfect for those scenarios when you’d rather design than debug and still want the option to dive deeper when complexity calls. Pro-Code Approach Remember I told you how I started as a pro-code developer early in my career and later embraced a hybrid approach? I’ll try to stay neutral here as we explore the pro-code world. Pro-code frameworks offer integration with diverse ecosystems, multi-agent coordination, and fine-grained control over logic. While workflow-first and pro-code approaches both provide these capabilities, the difference lies in how they balance factors such as ease of development, ease of maintenance, time to deliver, monitoring capabilities, and other non-functional requirements. Choosing the right path often depends on which of these trade-offs matter most for your scenario. LangChain When I first explored LangChain, it felt like stepping into a developer’s playground for AI orchestration. I could stitch together prompts, tools, and APIs like building blocks, and I enjoyed the flexibility. It reminded me why pro-code approaches appeal to those who want full control over logic and integration with diverse ecosystems. Building AI Agents using LangChain Define custom chains for multi-step reasoning [it is called Lang“Chain”] Integrate external APIs and tools for dynamic actions Implement memory for context-aware conversations Support multi-agent collaboration through orchestration patterns Extend functionality with custom Python modules Deploy agents across cloud environments for scalability Semantic Kernel I’ve worked with Semantic Kernel when I needed more control over orchestration logic, and what stood out was its flexibility. It provides both .NET and Python SDKs, which makes it easy to combine natural language prompts with traditional programming logic. I found the planners and skills especially useful for breaking down goals into smaller steps, and connectors helped integrate external systems without reinventing the wheel. Building AI Agents using Semantic Kernel Create semantic functions for prompt-driven tasks Use planners for dynamic goal decomposition Integrate plugins for external system access Implement memory for persistent context across sessions Combine AI reasoning with deterministic code logic Enable observability and telemetry for enterprise monitoring Microsoft Agent Framework (Preview) Although I introduced MAF in the earlier section, its SDK-first design makes it relevant here as well for advanced orchestration and the pro-code nature… and so I’ll probably write this again in the Hybrid section. The Agent Framework is designed for developers who need full control over multi-agent orchestration. It provides a pro-code approach for defining agent behaviors, implementing advanced coordination patterns, and integrating enterprise-grade observability. Building AI Agents using Microsoft Agent Framework Define custom orchestration logic using SDK APIs Implement graph-based workflows for multi-agent coordination Extend agent capabilities with custom code modules Apply durable execution patterns with pause and resume Integrate OpenTelemetry for detailed monitoring and debugging Securely host and manage agents through Azure AI Foundry integration Hybrid Approach and decision framework I’ve always been a fan of both worlds, the flexibility of pro-code and the simplicity of workflow drag-and-drop style IDEs and GUIs. A hybrid approach is not about picking one over the other; it’s about balancing them. In practice, this to me means combining the speed and governance of workflow-first platforms with the extensibility and control of pro-code frameworks. Hybrid design shines when you need agility without sacrificing depth. For example, I can start with Copilot Studio to build a conversational agent using its visual designer. But if the scenario demands advanced logic or integration, I can call an Azure Function for custom processing, trigger a Logic Apps workflow for complex orchestration, or even invoke the Microsoft Agent Framework for multi-agent coordination. This flexibility delivers the best of both worlds, low-code for rapid development (remember RAD?) and pro-code for enterprise-grade customization with complex logic or integrations. Why go Hybrid Ø Balance speed and control: Rapid prototyping with workflow-first tools, deep customization with code. Ø Extend functionality: Call APIs, Azure Functions, or SDK-based frameworks from visual workflows. Ø Optimize for non-functional requirements: Address maintainability, monitoring, and scalability without compromising ease of development. Ø Enable interoperability: Combine connectors, plugins, and open standards for diverse ecosystems. Ø Support multi-agent orchestration: Integrate workflow-driven agents with pro-code agents for complex scenarios. The hybrid approach for building AI Agents is not just a technical choice but a design philosophy. When I need rapid prototyping or business automation, workflow-first is my choice. For multi-agent orchestration and deep customization, I go with code-first. Hybrid makes sense for regulated industries and large-scale deployments where flexibility and compliance are critical. The choice isn’t binary, it’s strategic. I’ve worked with both workflow-first tools like Copilot Studio, Power Automate, and Logic Apps, and pro-code frameworks such as LangChain, Semantic Kernel, and the Microsoft Agent Framework. Each approach has its strengths, and the decision often comes down to what matters most for your scenario. If rapid prototyping and business automation are priorities, workflow-first platforms make sense. When multi-agent orchestration, deep customization, and integration with diverse ecosystems are critical, pro-code frameworks give you the flexibility and control you need. Hybrid approaches bring both worlds together for regulated industries and large-scale deployments where governance, observability, and interoperability cannot be compromised. Understanding these trade-offs will help you create AI Agents that work so well, you’ll wonder if they’re secretly applying for your job! About the author Pradyumna (Prad) Harish is a Technology leader in the WW GSI Partner Organization at Microsoft. He has 26 years of experience in Product Engineering, Partner Development, Presales, and Delivery. Responsible for revenue growth through Cloud, AI, Cognitive Services, ML, Data & Analytics, Integration, DevOps, Open-Source Software, Enterprise Architecture, IoT, Digital strategies and other innovative areas for business generation and transformation; achieving revenue targets via extensive experience in managing global functions, global accounts, products, and solution architects across over 26 countries.Generational Performance Leap for Azure Confidential Computing
At Microsoft, protecting customer data is a foundational commitment. Organizations moving their most sensitive workloads to the cloud require assurances beyond just encryption of data-at-rest and data-in-transit. They need robust protection while the data is in use, and they need it without sacrificing the performance of their business-critical applications. Confidential Computing emerged as a technology to address this need for data-in-use protection. For years, a key consideration for adopting confidential computing has been the perceived trade-off between stronger security and application performance. To provide our customers with transparent, third-party validation, Microsoft and AMD commissioned a technical analysis from Prowess Consulting, an independent research firm specializing in hands-on performance validation for the enterprise IT industry. Their report provides an assessment of our latest generation confidential VMs. Azure confidential VMs, powered by the latest 4th generation AMD EPYC™ processors, deliver both next-generation performance and hardware-enforced security, fundamentally shifting the conversation from a security trade-off to a performance dividend. Enterprises are required to handle sensitive information or personal data like transactions, analytics or intellectual property (IP) while operating under strict compliance regimes like GDPR or HIPAA can now seamlessly transition to the cloud, running their high performance, mission-critical applications on Azure’s latest confidential VMs. A Generational Leap in Performance While uncertainty surrounding the performance overhead of enabling confidential computing features and performance gaps, confidential computing has broadened its appeal as processors leap forward in both performance and capabilities with each successive generation. The motivation of the study was to identify a clear performance uplift by comparing the latest Azure DCasv6 confidential VMs, powered by 4th generation AMD EPYC™ processors, against the previous generation. The data confirms that upgrading delivers a significant and measurable performance uplift across the stack. A 77% gain in memory bandwidth, driven by architectural enhancements including the adoption of DDR5 memory, directly benefiting data-intensive applications. A 34% increase in Redis throughput, demonstrating substantial real-world gains for in-memory databases and caching workloads where latency is critical. A 30% rise in CPU throughput, confirming faster execution for compute-bound workloads on the latest generation of Azure confidential VMs. Quantifying the Overhead of SEV-SNP Beyond generational gains, the Prowess report sought to answer the critical question: What is the real performance overhead of enabling AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)? This hardware-level security feature isolates VMs by encrypting memory in use, protecting it even from the host hypervisor. The study compared confidential VMs (DCasv6) against general-purpose counterparts (Dasv6) running on identical 4th Gen AMD EPYC processors. The overhead introduced by these advanced protections was found to be minimal and predictable. An 8% overhead for CPU-intensive and Redis workloads. A mere 2% overhead for memory-intensive workloads. These results affirm that a robust security posture with a minimum impact on performance or latency, making it a practical choice for a broad spectrum of production workloads. From Technical Validation to Business Value For IT leaders and developers, these findings mean you no longer need to architect around performance limitations to achieve stronger security. The implications are clear: Confidentiality is a mainstream capability. With such minimal overhead, confidential computing is no longer a niche solution for only the most sensitive data, but a viable option for securing a diverse array of enterprise applications. Modernize with confidence. Organizations can now confidently migrate and modernize applications on Azure confidential VMs, gaining both hardware-enforced data protection and a significant performance boost. Unlock new possibilities. This validated performance enables the processing of sensitive data from financial analytics to healthcare insights in the cloud, scenarios that were previously constrained by security and performance concerns. This report validates our commitment to delivering a confidential cloud without compromise. Next Steps We encourage you to review the detailed report and explore how Azure confidential computing can fit into your security strategy. Read the full Prowess Consulting Technical Report for a deep dive into the methodology and results. Visit the confidential computing homepage to learn more about our comprehensive portfolio. Explore the DCasv6 and ECasv6-series VMs today.Your Guide to Azure Community Activations at Microsoft Ignite 2025
Microsoft Ignite 2025 is right around the corner! From November 18–21 in San Francisco, we’re excited to bring the Azure community together for four days of learning, connection, and fun! Whether you’re joining us onsite at the Moscone Center or tuning in online, the Community Space will be buzzing with MVP meetups, interactive theater sessions, and plenty of opportunities to network. This is the first in a series of posts highlighting what you can expect at Microsoft Ignite. Today, we’re spotlighting Azure Community activations across Infrastructure, AI, Data, and MVP programs. In upcoming posts, we’ll dive deeper into sessions tailored for IT professionals, developers, and even first-time attendees. Azure Infrastructure Microsoft Ignite is packed with practical insights to help you migrate, modernize, and secure workloads. Learn how to Troubleshoot AKS networking with Agentic AI and strengthen your AI workload resiliency with Azure’s networking stack. Dive into migration best practices with sessions on moving data for analytics, lessons from Azure MVPs, and community insights from real-world projects. And don’t miss the fan favorite: Learn Infrastructure-as-Code through Minecraft —where cloud automation meets creativity. AI & Agents If you’re passionate about AI, the community sessions will put you at the center of what’s next. Connect with peers at the Global AI Community meetup. Get a sneak peek at what’s coming with Azure AI Insiders. Hear directly from MVPs and Microsoft leaders on shaping the future of Azure AI Foundry and how AI is transforming customer innovation. Azure Data For those focused on data, Microsoft Ignite is your chance to learn, influence, and connect. Share your feedback on SQL Server Management Studio and Copilot in SSMS. Bring your toughest questions to a Q&A with Azure Data Leadership. And join the community to explore real-world data intelligence solutions and career-building opportunities across the data ecosystem. MVP Program Interested in becoming a Microsoft MVP or expanding your community impact? Learn how to get nominated and grow your influence in So you want to become an MVP? Join program leads and MVPs to hear their stories in Becoming an MVP in Azure, AI, or the Data Platform. These sessions are the perfect place to start if you’re looking to give back and level up your community journey. Stay Connected Year-Round The conversations doesn't stop after Microsoft Ignite. Join the communities that keep the learning going: AKS Community (Infrastructure) Azure AI Foundry (AI) Global AI Community (AI) Fabric Community (Data) Azure Data Community (Data) Fellow Developers And this is just the beginning. Microsoft Ignite is packed with opportunities to learn from experts, connect with peers, and explore what’s next with Azure. Stay tuned for our upcoming posts, where we’ll share curated session highlights designed for different audiences to help you make the most of your Microsoft Ignite experience. 👉 Be sure to mark your calendar, start building your schedule, and get ready to be inspired at Microsoft Ignite 2025Agentic Power for AKS: Introducing the Agentic CLI in Public Preview
We are excited to announce the agentic CLI for AKS, available now in public preview directly through the Azure CLI. A huge thank you to all our private preview customers who took the time to try out our beta releases and provide feedback to our team. The agentic CLI is now available for everyone to try--continue reading to learn how you can get started. Why we built the agentic CLI for AKS The way we build software is changing with the democratization of coding agents. We believe the same should happen for how users manage their Kubernetes environments. With this feature, we want to simplify the management and troubleshooting of AKS clusters, while reducing the barrier to entry for startups and developers by bridging the knowledge gap. The agentic CLI for AKS is designed to simplify this experience by bringing agentic capabilities to your cluster operations and observability, translating natural language into actionable guidance and analysis. Whether you need to right-size your infrastructure, troubleshoot complex networking issues like DNS or outbound connectivity, or ensure smooth K8s upgrades, the agentic CLI helps you make informed decisions quickly and confidently. Our goal: streamline cluster operations and empower teams to ask questions like “Why is my pod restarting?” or “How can I optimize my cluster for cost?” and get instant, actionable answers. The agentic CLI for AKS is built on the open-source HolmesGPT project, which has recently been accepted as a CNCF Sandbox project. With a pluggable LLM endpoint structure and open-source backing, the agentic CLI is purpose-built for customizability and data privacy. From private to public preview: what's new? Earlier this year, we launched the agentic CLI in private beta for a small group of AKS customers. Their feedback has shaped what's new in our public preview release, which we are excited to share with the broader AKS community. Let’s dig in: Simplified setup: One-time initialization for LLM parameters with ‘az aks agent-init'. Configure your LLM parameters such as API key and model through a simple, guided user interface. AKS MCP integration: Enable the agent to install and run the AKS MCP server locally (directly in your CLI client) for advanced context-aware operations. The AKS MCP server includes tools for AKS clusters and associated Azure resources. Try it out: az aks agent “list all my unhealthy nodepools” --aks-mcp -n <cluster-name> -g <resource-group> Deeper investigations: New "Task List" feature which helps the agent plan and execute on complex investigations. Checklist-style tracker that allows you to stay updated on the agent's progress and planned tool calls. Provide in-line feedback: Share insights directly from the CLI about the agent's performance using /feedback. Provide a rating of the agent's analysis and optional written feedback directly to the agentic CLI team. Your feedback is highly appreciated and will help us improve the agentic CLI's capabilities. Performance and security improvements: Minor improvements for faster load times and reduced latency, as well as hardened initialization and token handling. Getting Started Install the extension az extension add --name aks-agent Set up you LLM endpoint az aks agent-init Start asking questions Some recommended scenarios to try out: Troubleshoot cluster health: az aks agent "Give me an overview of my cluster's health" Right-size your cluster: az aks agent "How can I optimize my node pool for cost?" Try out the AKS MCP integration: az aks agent "Show me CPU and memory usage trends" --aks-mcp -n <cluster-name> -g <resource-group> Get upgrade guidance: az aks agent "What should I check before upgrading my AKS cluster?" Update the agentic CLI extension az extension update --name aks-agent Join the Conversation We’d love your feedback! Use the built-in '/feedback' command or visit our GitHub repository to share ideas and issues. Learn more: https://aka.ms/aks/agentic-cli Share feedback: https://aka.ms/aks/agentic-cli/issuesYour guide to Azure Compute at Microsoft Ignite 2025
The countdown to Microsoft Ignite 2025 is almost over— Microsoft Ignite - November 18–21, 2025! Whether you’ll be joining us in person or tuning in virtually, this guide is your essential resource for everything Azure Compute. Explore the latest advancements, connect with product experts, and expand your cloud skills through curated sessions and interactive experiences. Attendees will have the opportunity to dive deep into new product capabilities and solutions, including ways to boost virtual machine performance, enhance resiliency, and optimize cloud operations. Be sure to add these sessions to your schedule for a personalized and can’t-miss Ignite experience. Bookmark this guide for quick access to all the latest Azure Compute news and updates throughout Ignite 2025! Featured sessions Tuesday BRK171: What's new and what's next in Azure IaaS Level: Intermediate 200 In this session, we’ll introduce the latest capabilities across compute, storage, and networking. Uncover the advancements in Azure IaaS, driving performance, resiliency, and cost efficiency. We will present how Azure’s global backbone, enhanced capabilities, and expanding portfolio can support mission-critical, cloud native and AI workloads —while built-in security and flexible tiering help right-size app deployments and accelerate modernization. Tuesday, November 18 | 2:30 PM-3:15 PM PST Wednesday BRK430: Inside Azure Innovations with Mark Russinovich Level: Advanced 300 Join Mark Russinovich, CTO and Technical Fellow of Microsoft Azure. Mark will take you on a tour of the latest innovations in Azure architecture and explain how Azure enables intelligent, modern, and innovative applications at scale in the cloud, on-premises, and on the edge. Featuring some of the latest Compute announcements with Azure Boost. Wednesday, November 19, 2:45 PM PST Other related IaaS sessions Use the following as a guide to build your session schedule with an emphasis on our Azure Compute topics. These sessions will be in person and recorded. Sessions Tuesday-Thursday will be live streamed. Thursday BRK176: Driving efficiency and cost optimization for Azure IaaS deployments Level: Intermediate 200 Control cloud spend without compromising performance. This session shows how Azure IaaS helps IT leaders optimize costs through flexible pricing, built-in tools, and smart resource planning. Learn how to align infrastructure choices with workload requirements, reduce TCO, and make informed decisions that support growth and innovation. You will gain a deeper understanding of how Azure delivers a comprehensive set of services, tools, and financial instruments to optimize your cloud costs at scale. Thursday, November 20 th , 9:45 AM PST BRK217: Resilience by design: Secure, scalable, AI-ready cloud with Azure Level: Advanced 300 Resiliency is foundational. Explore how resiliency on Azure enables secure, scalable, AI-ready cloud architectures. Learn to set resilience goals, simulate failures, and orchestrate recovery. See live demos and discover how shared responsibility empowers teams to deliver trusted, resilient outcomes. Thursday, November 20 th , 1:00 PM PST BRK178: Architecting for resiliency on Azure Infrastructure Level: Intermediate 200 Discover how to build resilient cloud solutions on Azure by leveraging availability zones, multi-region deployments, and fungible products. This session explores architectural patterns, platform capabilities, and best practices to ensure high availability, fault tolerance, and business continuity for mission-critical workloads in dynamic and distributed environments. Thursday, November 20, 1:00 PM PST BRK148: Architect resilient apps with Azure backup and reliability features Level: Advanced 300 Learn to use self-serve tools to strengthen zonal resiliency for critical workloads. Assess and validate resilience across VMs, DBs, and containers. Explore enhanced data and cyber resiliency with immutability and threat detection to guard against ransomware. Discover expanded workload coverage and real-time insights to proactively protect your applications and infrastructure. Thursday, November 20, 3:30 PM PST Friday BRK146: Resiliency and recovery with Azure Backup and Site Recovery Level: Advanced 300 This session will show how to secure, detect threats, and quickly recover critical workloads across Azure environments using advanced backup and disaster recovery solutions. It covers modern techniques like threat-aware backups, container protection, and seamless disaster recovery to help meet compliance and recovery objectives. Friday, November 21, 9:00 AM PST BRK149: Unlock cloud-scale observability and optimization with Azure Level: Advanced 300 In this session, we'll deep dive into how Azure Monitor delivers end-to-end observability across your cloud and hybrid environments, helping you detect issues early and reduce mean time to recovery. We'll also share how new Copilot in Azure agents can extend this visibility into actionable cost and carbon efficiency insights—helping you identify optimization opportunities, validating recommendations, and streamlining resource performance for business impact. Friday, November 21 st , 10:15 AM PST BRK173: Azure IaaS best practices to enhance performance and scale Level: Advanced 300 Azure IaaS can deliver excellent performance and scalability across a broad range of workloads. With high-throughput storage, low-latency networking, and intelligent auto-scaling, Azure supports demanding apps with precision. Learn how to optimize compute, storage, and network resources to meet performance goals, reduce costs, and scale confidently across global regions. Dive into the latest capabilities Azure Boost, Compute Fleet, Azure Virtual Machines, Azure Storage and Networking offer. Friday, November 21, 10:15 AM PST BRK172: Powering modern cloud workloads with Azure Compute Level: Advanced 300 Uncover new VM offerings announcements and explore innovations like Azure Boost. Dive into the latest compute innovation at the core of Azure IaaS. Whether you're running mission-critical enterprise apps or scaling cloud-native services, discover how these innovations are unlocking new value for customers and get a preview of what’s coming next. Friday, November 21, 11:30 AM PST BRK168: Azure IaaS platform security deep dive Level: Advanced 300 As organizations accelerate their cloud adoption, robust security for your Infrastructure as a Service platform is more critical than ever. This session will provide a comprehensive exploration of Azure’s security architecture, best practices, and innovations across four pillars: foundational security, compute security, network security, and storage security. Attendees will gain actionable insights to strengthen their cloud posture, ensure compliance, and protect sensitive workloads. Friday, November 21 st ,11:30 AM PST Upskill yourself with hands on labs This section explains that live demos and hands-on labs are exclusively available to those who attend in person, providing them with a direct, firsthand experience. Tuesday LAB500: Attain unified observability and optimization in Azure Level: Intermediate 200 Get an AI-powered view of your Azure workload health and performance while uncovering cost and carbon savings. In this lab, use AI to investigate anomalies, correlate telemetry, and drive optimization. Apply FinOps and sustainability insights, align health with SLI/SLO targets, and improve monitoring posture for lasting efficiency. Please RSVP and arrive at least 5 minutes before the start time, at which point remaining spaces are open to standby attendees. Tuesday November 18 th , 2:45 PM PST LAB520: Start, Get and Stay Resilient with Azure Level: Intermediate 200 Understand the Start, Get, and Stay Resilient journey. Get equipped with tools & insights to architect mission critical applications with Azure’s Resiliency and Configuration experiences. Assess your resiliency posture, apply recommendations, validate your posture and orchestrate recovery. With the Essentials Machine Management bundle from Azure, manage and maintain the state of your resources, enforce configurations across devices and ensure resilience is not a one-time goal but an ongoing state. Please RSVP and arrive at least 5 minutes before the start time, at which point remaining spaces are open to standby attendees. Tuesday, November 18 th , 4:30 PM PST
