Category Archives: Microsoft Azure

SLG Azure Fridays – On Demand

Each Friday the Microsoft state and local government team hosts a webcast series called SLG Azure Fridays.  Over the past several weeks we have had some amazing speakers present on a wide range of exciting cloud topics.  Now you can watch these past webcast events on-demand.  Below is a listing of current webcasts which you can watch:

DevOps 101
This webcast covers how adopting and implementing a DevOps strategy within your organization can enable you to shorten cycle times while improving software quality by streamlining the entire development workflow, from the backlog, through build and test, all the way into production, with real-time monitoring for availability and performance as well as user analytics to help inform the business on what to focus on next. We will be discussing how adopting DevOps best practices while utilizing best-in-class tools and technologies can help you increase agility, improve quality and save time and money in the process.

Continuous Delivery to Azure using Visual Studio Team Services
During this webcast you will see how easy it is to create a new web application and utilize Visual Studio Team Services (VSTS) to implement CI/CD with Microsoft Azure.

“No Way am I putting My Data in the Cloud”, (Most IT Customers, 2013, pg. 1 )
Not understanding how databases in a cloud environment truly work can be scary. In this session we’ll help you understand the Pros, Cons, Risks, and Benefits to adopting an Azure Data Strategy. In this session we’ll focus on the technologies including Azure SQL Database, Azure SQL Data Warehouse, HD Insight, and Cosmos DB.

Disaster Recovery as a Service (DRaaS) – Azure Site Recovery (ASR) Overview and Demo
Strengthen your BCDR (Business Continuity and Disaster Recovery) strategy with a cloud-based disaster recovery solution that protects your environment by automating the replication of the virtual machines, based on policies that you set and control. Azure Site Recovery can protect VMware, physical servers, Hyper-V and Azure VMs while using Azure as your recovery site.

SLG Azure Fridays Community Call – Las Vegas Valley Water District
In this community call Will Wang and Chris Hagood from the Las Vegas Valley Water District talks about how they moved from the traditional waterfall approach for application development to agile and DevOps

To Monolith or to Microservice? A Journey with Service Fabric
Partner presentation by Justin Patten from Netrix (https://netrixllc.com/). The bread and butter of architecture for years has been the monolithic pattern. As of late, there has been a fundamental switch over to the world of microservices. Join us for a discussion on the advantages of microservices, when they should be utilized (hint – not always), and, of course, demos. The focus of the session will be on utilizing Azure Service Fabric as your microservice platform and how to leverage some of its platform capabilities to ensure the success of your application.

You can watch any or all of these past webcasts here:  http://aka.ms/SLGAzureFridays

If you would like to view and register upcoming events visit: http://slgevents.azurewebsites.net

Continuous Delivery to Azure using Visual Studio Team Services

On October 6, 2017 the Microsoft State and Local Government team hosted their second SLG Azure Fridays event with a presentation by me titled Continuous Delivery to Azure using Visual Studio Team Services.  This webcast demonstrated the following:

  • Use VS 2017 to build a new .NET core web app
  • Use GIT version control with VSTS
  • Create a continuous integration build pipeline
  • Create a continuous delivery pipeline

A recording of the webcast can be seen below.  To see a list of upcoming SLG Azure Fridays events, check out our registration site at http://slgevents.azurewebsites.net

SLG Azure Community

Interested in learning how your State and Local Government counterparts are leveraging the cloud to digitally transform the way they do business? Are you an innovator that wants to benefit from participating in a community of like-minded business and IT professionals? Government agencies provide critical services to the communities they serve, and the growing demand to do more with less available resources makes the hybrid cloud discussion more relevant than ever before. Join us every four weeks to learn from Microsoft customers that have embraced technology as an innovative and transformative way to deliver government-related services to the communities they serve.

The SLG Azure Fridays community is made up of Microsoft customers actively delivering services through the Microsoft Azure cloud, or seeking new ways to bring innovation to their organizations, and presentations will primarily be delivered by State and Local Government customers based on challenges and opportunities relevant to all customers across the country. The community provides a forum to present your innovative solutions, and to network with peers that are rising to the ever changing landscape of delivering government services at scale.

To register for the SLG Azure Community event visit the SLG Events website.

DevOps 101

On September 22, 2017 the Microsoft State and Local Government team kicked off a new webcast series called SLG Azure Fridays.   Azure App Dev Technical Specialist, Brian Spann, presented DevOps 101. This webcast covers how adopting and implementing a DevOps strategy within your organization can enable you to shorten cycle times while improving software quality by streamlining the entire development workflow, from the backlog, through build and test, all the way into production, with real-time monitoring for availability and performance as well as user analytics to help inform the business on what to focus on next.   Upcoming SLG Azure Fridays events are always listed at https://slgevents.azurewebsites.net.  Limited spaces are available so register early.

SLG Azure Fridays

On October 6, 2017 at 1:30PM EDT the Microsoft State and Local Government team will be kicking off a new free webcast series titled SLG Azure Fridays.  This new weekly series is designed to cover technical Azure topics in the following categories for our State and Local Government customers:

  • Azure Application Development
  • Azure Infrastructure
  • Business Intelligence & Artificial Intelligence
  • Community

The first webcast will be Continuous Delivery to Azure using Visual Studio Team Services. 

You can learn more about these events or register at http://slgevents.azurewebsites.net

Important: Azure Government PowerShell change

A change was recently made to the Login-AzureRmAccount PowerShell cmdlet which may break existing scripts. 

For older versions of Azure PowerShell you would use the following to log into Azure US Government:

Login-AzureRmAccount –EnvironmentName AzureUSGovernment

With the new version of Azure PowerShell you will instead use:

Login-AzureRmAccount –Environment AzureUSGovernment

It is a simple change but you need to be aware of it in case you upgrade your Azure PowerShell and notice your scripts are no longer working.

Best practices for hosting Active Directory Domain Controllers in Azure

Recently I was having a discussion with another Cloud Solutions Architect about hosting domain controllers in Azure and how to protect them.  I thought I would post some of the best practices that we discussed:

  • Review the guide for hosting Active Directory domain controllers in Azure.
  • Use a dedicated Azure storage account for Active Directory domain controller disks. 
  • Ensure that the storage container for the domain controller’s OS and data disks is set to private access type (this is the default for new containers).
  • Use role based access control (RBAC) to limit who has access to manage the storage account and access keys.
  • Enable Azure Disk Encryption with key encryption key (KEK) for both the operating system and data disks.   This will utilize Azure Key Vault for storing the keys.   The Key Vault must reside in the same Azure region and subscription as the virtual machine.
  • Use RBAC to limit who has access to manage the Key Vault.
  • Keep domain controllers in their own virtual network subnet.
  • Implement an incoming deny all network security group rule on the domain controller subnet and then configure only the required ports for the domain controllers.
  • Set a static IP for the domain controller using PowerShell or the Azure Management Portal.  Never set a static IP address directly in the operating system.  You must always set the operating system to use DHCP.
  • Do not set public IP addresses on domain controllers.

Deploying domain controllers in Azure is an important step for providing an organization with resilient identity.  By taking precautions like you would on-premises you can have a safe and secure cloud environment.  The best practices listed above are not an exhaustive list of all configurations and settings that you should implement in order to have a secure domain controller environment in the cloud.  Please review all of the documentation and apply your own security requirements and standards to your cloud deployment.

Networking to and within the Azure Cloud

Microsoft’s Olivier Martin recently wrote a three part series called Networking to and within the Azure Cloud.  This is an excellent primer on understanding the options you have as an organization to connect different virtual networks and regions together using VPN or ExpressRoute connections.  I highly recommend checking this out even if you feel you have a solid understanding of networking in Microsoft Azure.

Part 1: Hybrid networking connectivity options
Part 2: Intra-cloud connectivity options
Part 3: Putting all these concepts together