This article is contributed. See the original author and article here.
Today, we are announcing the general availability of the latest generations of Azure Burstable virtual machine (VM) series – the new Bsv2, Basv2, and Bpsv2 VMs based on the Intel® Xeon® Platinum 8370C, AMD EPYC™ 7763v, and Ampere® Altra® Arm-based processors respectively.
The new generation of Azure burstable B-series v2 VMs are the lowest priced amongst general purpose VMs in Azure and now include native support for Arm-based workloads with the Bpsv2 series. B-series v2 VMs offer up to 15% better price-performance, up to 5x higher network bandwidth, and 10x higher remote storage throughput compared to the previous generation B-series VMs.
Azure customers today can select from a diverse range of Azure virtual machines that are tailored to meet the high CPU performance and utilization needs of their workloads. However, certain categories of workload do not require high levels of CPU utilization and performance on a continuous basis and can be run more cost-effectively on VMs optimized for burstable performance. With B-series v2 VMs, you can balance high CPU utilization and cost savings that automatically meets your workload’s real-time requirements. Burstable virtual machines provide high CPU utilization when applications need it and run at a baseline CPU utilization to save cost when high CPU utilization and performance are not required.
B-series v2 VMs are ideal for workloads that experience unpredictable spikes in demand and require occasional bursts of high CPU utilization. This capability makes burstable VMs ideal candidates for a variety of workloads such as web applications, small and medium databases, micro services, code repositories, CI/CD pipelines for development and test environments, and servers for proof-of-concept development that don’t require full CPU performance all the time, but occasionally need to burst to complete tasks quickly.
With the new Arm-based Bpsv2 VMs now available alongside x86-based Bsv2 and new AMD-based Basv2 burstable VMs, customers can now tailor their infrastructure for specific performance and price-performance requirements across CPU architectures. Arm-Based Bpsv2 VMs, with one physical core per vCPU, are ideal for many workloads like microservices, web apps, containers, and small to medium databases. While Bsv2 and Bav2 VMs can run these workloads, they also offer capabilities and infrastructure for monolithic, vectorized workloads, and others that don’t have affinity to Arm-based VMs.
You can choose from multiple memory ratios for a given vCPU size, giving you the flexibility to select the configuration and architecture that is ideal for your workload. Bsv2-series and Basv2-series offer up to 32 vCPUs and 128 GiB of RAM, and the Bpsv2-series offers up to 16 vCPUs with 64 GiB of RAM. All sizes support accelerated networking and network bandwidth up to 6.25 Gbps.To learn more about the pricing of Arm64-based and x86-based VMs, please visit the Azure Virtual Machines pricing pages.
The new Azure B-series v2 VMs support various Linux OS distributions including Canonical Ubuntu, Red Hat Enterprise Linux, CentOS, Debian, SUSE Enterprise Linux and more. Windows Server and Windows Client are supported on x86-based B-series VMs. Client application developers can take advantage of Azure’s highly available, scalable, and secure platform to run cloud-based software, build and test workflows. To help developers increase their agility and support their work, we’ve made Insider Preview releases of Windows 11 Pro and Enterprise available on Arm-based Azure B-series VMs. Access the full list of images in the Azure Marketplace.
The new virtual machines support all remote disk types such as Standard SSD, Standard HDD, Premium SSD and Ultra Disk storage. To learn more about various disk types and their regional availability, please refer to Azure managed disk type. Disk storage is billed separately from virtual machines and to learn more ondisk pricing please see pricing for disks.
You can also take advantage of Spot Virtual Machines, Reserved Instances and Saving Plan that are available for all new B-series VM families to potentially save even more. You can significantly reduce costs and improve your budget forecasting with Reserved VM Instances through upfront one-year or three-year commitments. With the Azure Savings Plan, you have the flexibility to save across multiple Azure Services, including this one. For workloads that can tolerate interruptions and have flexible execution time, using Spot Virtual Machines can significantly reduce the cost of running in Azure and further optimize your cloud spend. Eligible new Azure customers can sign up for an Azure free account and receive $200 Azure credit.
Start running your applications on Azure B-series v2 VMs today. We can’t wait to hear about the amazing workloads you will build with these new VMs.
Learn what our partners have to say about Azure’s latest burstable VMs:
This article is contributed. See the original author and article here.
Join us at the second annual Power Platform Conference, sponsored by Microsoft, October 1-6 in Las Vegas! Discover, connect, and explore in-person across keynotes, sessions, breakouts, and more – dedicated to Microsoft Power Platform—Power Apps, Power Automate, Power BI, Power Pages, and Power Virtual Agents—and Dynamics 365 applications; and featuring the latest on AI-infused experiences, including Copilot. You don’t want to miss this unique opportunity to learn directly from leaders and community experts!
Learn more below and register today for updates leading up to the event. We look forward to connecting with you in Las Vegas!
Power Platform Conference at-a-glance
WHAT: The 2nd annual Power Platform Conference, featuring more than 100 speakers, 140+ sessions, 18+ workshops, and 35+ exhibitors. This is your opportunity to connect – and reconnect – with users from around the world, build personal and professional relationships, and gain valuable insight into what’s new and next for Microsoft’s business applications – including AI.
WHERE: MGM Grand, Las Vegas, Nevada
WHEN: Kicking off October 1 and 2 with pre-conference workshops, the event runs October 3-5. 2023, ending with post-conference workshops on October 6
WHO SHOULD ATTEND: Whether you’re a business leader, IT pro, developer or consultant, you’ll come away with the knowledge and skills you need to modernize your organization. Join thousands of other Power Platform and Dynamics 365 users, MVPs, technical experts from Microsoft and our partner community to gain deep insights, learn directly from Microsoft engineers, develop new skills to level-up in the workplace, and gain best practices to bring a new level of innovation and efficiency at your organization. You’ll also get a sneak peek at the latest updates and future roadmaps, see live demos, and get a chance to ask questions directly to the experts.
WHAT TO EXPECT: The learning-packed days feature more than 140 activities presented by Microsoft team members, Microsoft MVPs. and community experts—including:
Keynotes from thought leaders at Microsoft, who will provide insight into the future of Dynamics 365 and Power Platform. Featured speakers include Charles Lamanna, Corporate Vice President, Business Applications & Platforms; Thomas Dohmke, Chief Executive Officer, GitHub; Sumit Chauhan, Corporate Vice President, Office Product Group; and Arun Ulagaratchagan
Corporate Vice President, Azure Data.
Specialized sessions designed to deliver skills and best practices that be applied right away, including these sessions for Dynamics 365 users:
This article is contributed. See the original author and article here.
Welcome! This post is going to cover the end-to-end process of configuring and using Workload identity federation in Azure DevOps for your Terraform deployments. We’ll cover:
Why use Workload identity federation
What is Workload identity federation and how does it work
How can your organisation join the Workload identity federation preview
How to configure Workload identity federation using the Azure DevOps Terraform provider
How to use Workload identity federation in an Azure DevOps Pipeline with the Terraform task
Why use Workload identity federation
Up until now the only way to avoid storing service principal secrets for Azure DevOps pipelines was to use a self-hosted Azure DevOps agents with managed identities. Now with Workload identity federation we remove that limitation and enable you to use short-lived tokens for authenticating to Azure. This significantly improves your security posture and removes the need to figure out how to share and rotate secrets. Workload identity federation works with many Azure DevOps tasks, not just the Terraform ones we are focussing on in this article, so you can use it for deploying code and other configuration tasks. I encourage you to learn more about the supported tasks here.
What is Workload identity federation and how does it work
Workload identity federation is an OpenID Connect implementation for Azure DevOps that allow you to use short-lived credential free authentication to Azure without the need to provision self-hosted agents with managed identity. You configure a trust between your Azure DevOps organisation and an Azure service principal. Azure DevOps then provides a token that can be used to authenticate to the Azure API.
You can read more about how Workload identity federation works here.
In the first iteration Workload identity federation for Azure DevOps works within the scope of a Service Connection. A new type of Azure Resource Manager Service Connection is available that enables this:
Any task that supports a Service Connection and has been updated to use Workload identity federation can then use your configured trust to interact with Azure resources.
On the Azure side we need to configure Federated Credentials on an App Registration or User Assigned Managed Identity service principal. There are a few settings needed for this, which you can find in the Azure DevOps Service Connection or you can figure out up front:
Issuer URL: This is the a URL in the format https://vstoken.dev.azure.com/ where organisation-id is the GUID of your Azure DevOps organisation. For example https://vstoken.dev.azure.com/f66a4bc2-08ad-4ec0-a25e-e769dab3b294.
Subject identifier: This is the mapping to your service connection in the format sc://// where organisation-name is your Azure DevOps organisation name, project-name is your Azure DevOps project name and service-connection-name is the name of your service connection. For example sc://my-organisation/my-project/my-service-connection.
Audience: This is always api://AzureADTokenExchange.
Here is what it looks like in the Azure Portal:
Once we have the service connection and federated credentials configured, we can use the service connection to authenticate to Azure. You’ll just need to grant your service principal some permissions in the subscription.
How can your organisation join the Workload identity federation preview
The preview is open to anyone, you can input the name of your Azure DevOps organisation into this form to sign up. Once signed up, you’ll have access to the feature flag and you’ll find it under the organisation ‘Preview Features’ menu. Turn it on and you’ll see the new Azure Resource Manager Service Connection types. You can find lots more information here.
How to configure Workload identity federation using the Azure DevOps Terraform provider
The Azure DevOps Terraform provider has been updated to support the creation of Workload identity federation Service Connections. The documentation can be found here.
The following example shows how to setup a Service Connection and User Assigned Managed Identity with Federated Credentials:
We have to supply the client id of our service principal in the credentials block service connection, so it knows which service principal is configured with federation.
We supply the string WorkloadIdentityFederation in the service_endpoint_authentication_scheme attribute to tell it the type of service connection we want to create.
We use the workload_identity_federation_issuer and workload_identity_federation_subject outputs of our service connection to populate the federated credentials. This is a shortcut for getting this information, which you of course get from elsewhere if you prefer.
Once you run this Terraform and create these resources you’ll be ready to use the Service Connection in your Azure DevOps Pipeline.
How to use Workload identity federation in an Azure DevOps Pipeline with the Terraform task
We have updated the two most popular Terraform Tasks to support Workload identity federation, these are:
The following example shows how to use the Microsoft DevLabs task in an Azure DevOps Pipeline:
jobs:
- deployment: deploy
displayName: Deploy with Terraform
pool:
vmImage: ubuntu-latest
environment: dev
strategy:
runOnce:
deploy:
steps:
- checkout: self
displayName: Checkout Terraform Module
- task: TerraformInstaller@0
displayName: Install Terraform
inputs:
terraformVersion: 'latest'
- task: TerraformTaskV4@4
displayName: Terraform Init
inputs:
provider: 'azurerm'
command: 'init'
workingDirectory: '$(workingDirectory)'
backendServiceArm: '${{ variables.serviceConnection }}'
backendAzureRmResourceGroupName: '$(BACKEND_AZURE_RESOURCE_GROUP_NAME)'
backendAzureRmStorageAccountName: '$(BACKEND_AZURE_STORAGE_ACCOUNT_NAME)'
backendAzureRmContainerName: '$(BACKEND_AZURE_STORAGE_ACCOUNT_CONTAINER_NAME)'
backendAzureRmKey: 'terraform.tfstate'
env:
ARM_USE_AZUREAD: true # This environment variable tells the backend to use AzureAD auth rather than trying a create a key. It means we can limit the permissions applied to the storage account and container to least priviledge: https://developer.hashicorp.com/terraform/language/settings/backends/azurerm#use_azuread_auth
- task: TerraformTaskV4@4
displayName: Terraform Apply
inputs:
provider: 'azurerm'
command: 'apply'
workingDirectory: '$(workingDirectory)'
commandOptions: '-auto-approve -var="resource_group_name=$(AZURE_RESOURCE_GROUP_NAME)"'
environmentServiceNameAzureRM: '${{ variables.serviceConnection }}'
env:
ARM_USE_AZUREAD: true
Right now you are probably thinking “how is this any different to what I do now?” and you’d be right to think that because there is no difference. The Workload identity federation implementation is abstracted away into the choice of Service Connection type. The task knows based on the type of Service Connection how to authenticate to Azure and set the relevant environment variables for you.
If you want to know how you can do it yourself outside of the terraform task, you can see an example of using the Azure CLI task here and here.
Conclusion
We’ve shown you how to configure and use Workload identity federation for Azure DevOps, we want you to SIGN UP FOR THE PREVIEW and start using it right away.
This article is contributed. See the original author and article here.
Introducing the new Get Data Experience: Streamlining Your Data Ingestion Journey
We’re thrilled to unveil a brand new Get Data Experience – the next generation evolution of Ingestion Experience in Azure Data Explorer (ADX)! Designed with simplicity and efficiency in mind, this update streamlines the way you bring data into ADX. Whether you’re a seasoned data professional or just starting your data exploration journey, this new user experience is crafted to empower you every step of the way.
Supporting various auth methods for clusters’ connections
By allowing users to set up connections with alternative credentials, we now provide seamless experience for managing clusters from various user accounts or Azure AD directories.
When adding new cluster connections, if you have multiple user accounts and want to authenticate with a different account, or your account is linked to multiple Azure AD directories, you can follow the optional steps described in this document to create the connections.
Once connected, you can switch between clusters associated with different credentials within a unified interface, without a need to repeatedly sign in and sign out or switch directories.
In the above image The HomeCluster connection uses different credentials from those of the signed-in user, as indicated by the small icon of a person in the upper-left corner.
Heatmap – new visual in ADX dashboards
We’re happy to let you know that we just released a new Heatmap visual.
Heatmaps are graphical representations of data using color. They are most commonly used to provide a clear view of numerical values.
To learn more about heatmap visualization in ADX dashboards, read this document
This article is contributed. See the original author and article here.
For the month of September, we’re exploring learning resources to help you get started with Azure AI and Microsoft Copilots. Get an overview of copilots (AI assistants) available from Microsoft, get started with Azure OpenAI Service, and learn about Azure tools for building intelligent apps and working with machine learning.We also have updates about upcoming events, including details about .NET Conf and Microsoft Ignite.
Use Microsoft Copilots Microsoft offers a variety of copilots (AI assistance in the apps you already use). Check out GitHub Copilot, Microsoft365 Copilot, and Copilot in Viva Sales and discover what each can do for you.
GitHub Copilot documentation Get feedback and predictions from an AI pair programmer as you code. Here’s everything you need to know to get started with GitHub Copilot.
How Microsoft 365 Copilot works Curious about Microsoft 365 Copilot. Watch a demo to see how it works. See how Copilot can write a new business proposal, generate meeting summaries, and identify trends in your data.
Use Azure OpenAI Service Check out this collection of resources to learn everything you need to know to start using Azure OpenAI to build intelligent solutions. Explore Microsoft Learn resources to learn about generative AI, responsible AI, and prompt engineering.
Introduction to prompt engineering Do you know these best practices for working with prompt-based models? This Microsoft Learn documentation offers an intro to prompt engineering and advice for constructing prompts.
Develop Generative AI solutions with Azure OpenAI Service Learn how to develop generative AI solutions with Azure OpenAI. This Microsoft Learn path covers everything from natural language solutions and prompt engineering to working with DALL-E and tapping into your own data.
Build apps and custom models Explore curated resources from Microsoft Learn to help build your Machine Learning skills. Discover Azure tools to help you build apps and work with custom models.
Create computer vision solutions with Azure AI Vision Creating computer vision solutions is easier than you think. Start this Microsoft Learn path and discover how to use Azure Cognitive Services in common computer vision scenarios.
AI Builder documentation You don’t need coding and data science skills to build AI solutions. Delve into AI Builder documentation and discover a low-code path to intelligent apps in your organization.
Azure AI services documentation Build cutting-edge, market-ready applications with AI. Explore Azure AI services, including Azure OpenAI, Custom Vision, Bot Service, Azure Cognitive Service, and more.
AI learning and community hub Power your AI transformation with the Microsoft Cloud. Explore the AI learning and community hub to build AI skills, learn from experts, and find upcoming events.
Events and other highlights
Microsoft Ignite Registration for this year’s Microsoft Ignite is now open. Join us November 14–17, 2023 to explore the latest innovations, learn from experts, and level up your skills. Register now.
.NET Conf 2023 Save the date for .NET Conf, November 14–16. Join this free, 3-day digital event to watch live sessions, get answers from .NET experts, and celebrate the launch of .NET 8.
Azure Developers – Python Day Take your cloud dev skills to the next level. Watch the Azure Developers – Python Day event, available on demand, to learn cutting-edge skills and explore features in Azure designed specifically for Python developers.
Enterprise-grade Reference Architecture for JavaScript Explore this popular reference architecture for JavaScript, available on GitHub. This repo includes architecture patterns, best practices, and functional components that can be used to build modern JavaScript apps on Azure.
Recent Comments