Public Preview: Multicloud connector support for Google Cloud
We are excited to announce that the Multicloud connector is now in preview for GCP environments. With the Multicloud connector, you can easily connect your GCP projects and AWS accounts to Azure with the following capabilities: Inventory: Get an up-to-date, comprehensive view of your cloud assets across different cloud providers. Now supporting GCP services (Compute VM, GKE, Storage, Functions, and more), you can now gain insights into your Azure, AWS, and GCP environments in a single pane of glass. The agentless inventory solution will periodically scan your GCP environment, project the discovered resources in GCP as Azure resources, including all of the GCP metadata like GCP labels. Now, you can easily view, query, and tag these resources from a centralized location. Azure Arc onboarding: Automatically Arc-enable your existing and future GCP VMs so you can leverage Azure and Microsoft services, like Azure Monitor and Microsoft Defender for Cloud. Through the multicloud connector, the Azure Arc agent will be automatically installed for machines that meet the prerequisites. How do I get started? You can easily set up the multicloud connector by following our getting started guide which provides step by step instructions on creating the connector and setting up the permissions in GCP which leveraged OIDC federation. What can I do after my connector is set up? With the inventory offering, you can see and query for all of your GCP and Azure resources via Azure Resource Graph. For Azure Arc onboarding, you can apply the Azure management services on your GCP VMs that are Arc-enabled. Learn more here. We are very excited about the expanded support in Google Cloud. Set up your multicloud connector now for free! Please let us know if you have any questions by posting on the Azure Arc forum or via Microsoft support. Here is the mutlicloud capabilities technical documentation. Check out the Ignite session here!Accelerate your cloud migration journey with Azure Arc resource discovery in Azure Migrate (preview)
With Azure Migrate's new Arc-based discovery (preview), you can leverage your existing Arc-enabled servers and Arc-enabled SQL Server instances to quickly gain insights into: Migration readiness for Azure targets such as Azure VMs, Azure SQL Database, and Azure SQL Managed Instance. Savings potential for different migration strategies—all without deploying new on-premises infrastructure.
Question About Moving SCCM Partially Out of Intune
Good afternoon, I've been given an environment that currently has SCCM integrated into InTune. Our department head would like to partially remove our servers from being managed by InTune, but still be managed by SCCM. Is such a thing possible? If so, could you link what documentation is available to lead me into that? I appreciate it!Azure Migrate Expands Capabilities to Accelerate Migration to Azure Local
As organizations accelerate their digital transformation, Microsoft provides flexible paths to migrate and modernize applications, enabling businesses to choose the best approach for their needs - whether embracing the cloud, leveraging cloud-managed infrastructure locally, or balancing both. Unified management, governance, and security can be applied across all strategies, empowering organizations to utilize cloud-based tools, policies, and monitoring wherever their workloads reside. Many organizations operate virtualized environments and can optimize and modernize their infrastructure with several proven approaches. These strategies allow teams to maximize existing investments while exploring new opportunities for agility, cost savings, and growth. Three Paths to Modernization Modernize and Move: For applications ready to evolve, Azure’s IaaS and PaaS offerings provide a secure and scalable foundation to reduce costs, increase agility, and spark innovation. Azure Migrate supports readiness assessments, cost estimates, business case development, and seamless transitions - all while maintaining centralized governance and security throughout the process. Lift and Optimize: For VMware customers looking for a fast path to the cloud, Azure VMware Solution (AVS) allows organizations to rehost existing VMware workloads with minimal disruption and no code changes. AVS is a VMware VCF private cloud in Azure that allows organizations to leverage their portable VCF licenses and connect to 200+ Azure services. Customers can use Azure Migrate for assessment and planning, leverage VMware HCX for seamless migrations, and connect Azure Arc for centralized governance, unified management and enhanced security across cloud and hybrid environments. Edge-Optimized Deployment: For workloads that need to remain close to where data is created or consumed – whether for low latency, regulatory compliance, data residency, or sovereign requirements - Azure Local leverages Azure Arc to extend Azure services across distributed environments, providing a sovereign, cloud-managed platform with local control. Azure Local and its centralized management enabled by Azure Arc supports OEM hardware partners such as Dell, Lenovo, HPE, and more, ensuring flexibility, operational assurance, and compliance-ready governance. Enhanced and Unified Management: Across all three options, organizations can enhance their strategy with unified management, governance, and security via Azure control plane - benefiting from cloud-based capabilities no matter where their workloads run. General Availability: Azure Migrate supports VMware VMs to Azure Local Today, we are excited to announce the General Availability of Azure Migrate support for migrating VMware VMs to Azure Local. With this release, organizations can easily move their VMware workloads to cloud-managed infrastructure while maintaining consistency across environments. Key Features Orchestrate migrations from Azure portal: Gain full visibility into replication progress, cutover readiness, and migration history. Leverage an agentless architecture: Simplify deployment across large VMware environments without installing agents on source VMs. Replicate with no downtime impact: Keep critical workloads running while data synchronizes in the background. Migrate securely with sovereign control: Maintain full data residency and operational sovereignty while keeping all VM migration traffic and data entirely on-premises. Perform cutovers with minimal downtime: Use optimized Azure Migrate techniques to reduce disruption. This GA milestone brings several advanced features shaped by customer and partner feedback during the preview, such as: Static IP address retention for Windows and Linux VMs. PowerShell migration support for scripting and automation. Advanced compute and disk customization during migration. Get Started! Ready to get started? Visit Azure Migrate documentation to explore: Monthly product updates. Prerequisites and requirements. Tutorials for VMware to Azure Local VM migrations. FAQs and troubleshooting guides. Thank you to our Community We’d like to thank all the customers and partners who participated in the preview program and provided invaluable feedback. Your input has directly shaped this GA release, and we’re excited to continue building with you.Operate everywhere with AI-enhanced management and security
Farzana Rahman and Dushyant Gill from Microsoft discuss new AI-enhanced features in Azure that make it simpler to acquire, connect, and operate with Azure's management offerings across multiple clouds, on-premises, and at the edge. Key updates include enhanced management for Windows servers and virtual machines with Windows Software Assurance, Windows Server 2025 hotpatching support in Azure Update Manager, simplified hybrid environment connectivity with Azure Arc gateway, a multicloud connector for AWS, and Log Analytics Simple Mode. Additionally, Azure Migrate Business Case helps compare the total cost of ownership, and new Copilot in Azure capabilities that simplify cloud management and provide intelligent recommendations.Public Preview: Audit and Enable Windows Recovery Environment (WinRE) for Azure Arc-enabled Servers
Windows Recovery Environment is a secure, isolated partition that enables diagnostics and repair when a system encounters critical failures – such as a stop error (commonly known as the blue screen of death). WinRE provides a reliable fallback mechanism for mission-critical workloads, allowing IT administrators to recover systems quickly and securely. With this Public Preview, Azure Arc introduces a set of Azure Policies that allow organizations to audit and enable WinRE across their fleet of Arc-enabled Windows Servers. These policies are powered by the Machine Configuration component of the Azure Connected Machine agent, which ensures secure and compliant configuration enforcement. Through the Azure Policy, the Azure Connected Machine agent detects whether WinRE is configured and reports its health status. If WinRE is not configured and the WinRE partition has been provisioned, customers can enable WinRE through the Azure Policy. These Azure Policies are available at no additional cost for servers covered under: Windows Server 2012 Extended Security Updates (ESUs) Microsoft Defender for Servers Plan 2 Windows Server Software Assurance attestation Windows Server Pay-as-you-Go licensing For other servers, these policies will incur charges associated with Azure Machine Configuration. To get started, deploy and assign these Azure Policies to Azure Arc-enabled servers in your existing subscription. [Preview]: Audit Windows machines that do not have Windows Recovery Environment (WinRE) enabled [Preview]: Configure Windows Recovery Environment (WinRE) on Windows machines Auditing and enablement of WinRE through Azure Arc underscores the capability of Azure Arc to increasingly afford resiliency across hybrid, multicloud, and edge workloads.Announcing the General Availability of the Azure Arc Gateway for Arc-enabled Servers!
We’re excited to announce the General Availability of Arc gateway for Arc‑enabled servers. Arc gateway dramatically simplifies the network configuration required to use Azure Arc by consolidating outbound connectivity through a small, predictable set of endpoints. For customers operating behind enterprise proxies or firewalls, this means faster onboarding, fewer change requests, and a smoother path to value with Azure Arc. What’s new: To Arc‑enable a server, customers previously had to allow 19 distinct endpoints. With Arc gateway GA, you can do the same with just 7, a ~63% reduction that removes friction for security and networking teams. Why This Matters Organizations with strict outbound controls often spend days, or weeks, coordinating approvals for multiple URLs before they can onboard resources to Azure Arc. By consolidating traffic to a smaller set of destinations, Arc gateway: Accelerates onboarding for Arc‑enabled servers by cutting down the proxy/firewall approvals needed to get started. Simplifies operations with a consistent, repeatable pattern for routing Arc agent and extension traffic to Azure. How Arc gateway works Arc gateway introduces two components that work together to streamline connectivity: Arc gateway (Azure resource): A single, unique endpoint in your Azure tenant that receives incoming traffic from on‑premises Arc workloads and forwards it to the right Azure services. You configure your enterprise environment to allow this endpoint. Azure Arc Proxy (on every Arc‑enabled server): A component of the connected machine agent that routes agent and extension traffic to Azure via the Arc gateway endpoint. It’s part of the core Arc agent; no separate install is required. At a high level, traffic flows: Arc agent → Arc Proxy → Enterprise Proxy → Arc gateway → Target Azure service. Scenario Coverage As part of this GA release, common Arc‑enabled Server scenarios are supported through the gateway, including: Windows Admin Center SSH Extended Security Updates (ESU) Azure Extension for SQL Server For other scenarios, some customer‑specific data plane destinations (e.g., your Log Analytics workspace or Key Vault URLs) may still need to be allow‑listed per your environment. Please consult the Arc gateway documentation for the current scenario‑by‑scenario coverage and any remaining per‑service URLs. Over time, the number of scenarios filly covered by Arc gateway will continue to grow. Get started Create an Arc gateway resource using the Azure portal, Azure CLI, or PowerShell. Allow the Arc gateway endpoint (and the small set of core endpoints) in your enterprise proxy/firewall. Onboard or update servers to use your Arc gateway resource and start managing them with Azure Arc. For step‑by‑step guidance, see the Arc gateway documentation on Microsoft Learn. You can also watch a quick Arc gateway Jumpstart demo to see the experience end‑to‑end. FAQs Does Arc gateway require new software on my servers? No additional installation - Arc Proxy is part of the standard connected machine agent for Arc‑enabled servers. Will every Arc scenario route through the gateway today? Many high‑value server scenarios are covered at GA; some customer‑specific data plane endpoints (for example, Log Analytics workspace FQDNs) may still need to be allowed. Check the docs for the latest coverage details. When will Arc gateway for Azure Local be GA? Today! Please refer to the Arc gateway GA on Azure Local Announcement to learn more. When will Arc gateway for Arc-enabled Kubernetes be GA? We don't have an exact ETA to share quite yet for Arc gateway GA for Arc-enabled Kubernetes. The feature is currently still in Public Preview. Please refer to the Public Preview documentation for more information. Tell us what you think We’d love your feedback on Arc gateway GA for servers—what worked well, what could be improved, and which scenarios you want next. Use the Arc gateway feedback form to share your input with the product team.
SQL Server enabled by Azure Arc is now generally available in the US Government Virginia region
We’re thrilled to announce that SQL Server enabled by Azure Arc on Windows is now generally available in the US Government Virginia region. With this, U.S. government agencies and organizations can manage SQL Server instances outside of Azure from the Azure Government portal, in a secure and compliant manner. SQL Server enabled by Azure Arc resources in US government Virginia can be onboarded and viewed in the Azure Government portal just like any Azure resource, giving you a single pane of glass to monitor and organize your SQL Server estate in the Gov cloud. Available Features Currently, in the US Government Virginia region, SQL Server enabled by Azure Arc provides the following features: Connect your SQL Server to Azure Arc (onboard) a SQL Server instance to Azure Arc. SQL Server inventory which includes the following capabilities in the Azure portal: View SQL Server instances as Azure resources. View databases Azure resources. View the properties for each server. For example, you can view the version, edition, and database for each instance. Subscribe to Extended Security Updates in a production environment. Manage licensing and billing of SQL Server enabled by Azure Arc. License virtual cores. Review licensing limitations. All other features aren't currently available. How to Onboard Your SQL Server Onboarding SQL Server enabled by Azure Arc in the Government cloud is a two-step process that you can initiate from the Azure (US Gov) portal. Step 1: Connect hybrid machines with Azure Arc-enabled servers Step 2: Connect your SQL Server to Azure Arc on a server already enabled by Azure Arc Limitations The following SQL Server features aren't currently available in any US Government region: Failover cluster instance (FCI) Availability group (AG) License physical cores (p-cores) with unlimited virtualization. License physical cores (p-cores) without virtual machines. SQL Server associated services: SQL Server Analysis Services SQL Server Integration Services SQL Server Reporting Services Power BI Report Server Future Plans and Roadmap This is a major first step in bringing Azure Arc’s hybrid data management to Azure Government, and we will continue to do additional enhancements to achieve service parity. Conclusion The availability of SQL Server enabled by Azure Arc in the US Gov Virginia region marks an important milestone for hybrid data management in Government. If you’re an Azure Government user managing SQL Server instances, we invite you to try out SQL Server enabled by Azure Arc in US Government in Viginia region. And please, share your feedback with us through the community forum or your Microsoft representatives. Learn More: SQL Server enabled by Azure Arc in US Government SQL Server enabled by Azure Arc Update: September 12, 2025 As part of our ongoing improvements, we’ve lifted certain limitations in US Government Virginia. You can now onboard SQL Server enabled by Azure Arc environments with: Always On availability groups Associated SQL Server services: SQL Server Analysis Services SQL Server Integration Services SQL Server Reporting Services Power BI Report Server Update: September 22, 2025 As part of our ongoing improvements, we’ve lifted more limitations in US Government Virginia. You can now have SQL Server enabled by Azure Arc environments with: License physical cores (p-cores) with unlimited virtualization. License physical cores (p-cores) without virtual machines.Troubleshoot the Azure Arc Agent in Azure using Azure Monitor & Log Analytics Workspace
This article explores how to centralize logging from on-premises servers—both physical and virtual—into a single Log Analytics Workspace. The goal is to enhance monitoring capabilities for the Azure Arc Connected Machine Agent running on these servers. Rather than relying on scattered and unstructured .log files on individual machines, this approach enables customers to collect, analyze, and gain insights from multiple agents in one centralized location. This not only simplifies troubleshooting but also unlocks richer observability across the hybrid environment.
