Azure Marketplace new offers – November 9, 2022

by Contributed | Nov 9, 2022 | Technology

This article is contributed. See the original author and article here.

We continue to expand the Azure Marketplace ecosystem. For this volume, 125 new offers successfully met the onboarding criteria and went live. See details of the new offers below:

Get it now in our marketplace
	.NET on CentOS Stream 8: This offer from AskforCloud provides .NET on CentOS Stream 8. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Debian 10: This offer from AskforCloud provides .NET on Debian 10. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Debian 11: This offer from AskforCloud provides .NET on Debian 11. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on openSUSE 15: This offer from AskforCloud provides .NET on openSUSE 15. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Red Hat Enterprise Linux 7: This offer from AskforCloud provides .NET on Red Hat Enterprise Linux 7. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Red Hat Enterprise Linux 9: This offer from AskforCloud provides .NET on Red Hat Enterprise Linux 9. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on SUSE Enterprise Linux 12: This offer from AskforCloud provides .NET on SUSE Enterprise Linux 12. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on SUSE Enterprise Linux 15: This offer from AskforCloud provides .NET on SUSE Enterprise Linux 15. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides .NET on Ubuntu Server 18.04 LTS. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides .NET on Ubuntu Server 20.04 LTS. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Ubuntu Server 22.04 LTS: This offer from AskforCloud provides .NET on Ubuntu Server 22.04 LTS. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Windows Server 2012 R2: This offer from AskforCloud provides .NET on Windows Server 2012 R2. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Windows Server 2016: This offer from AskforCloud provides .NET on Windows Server 2016. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET on Windows Server 2022: This offer from AskforCloud provides .NET on Windows Server 2022. .NET is an open-source developer platform created by Microsoft. With .NET, you can use multiple languages, editors, and libraries to build for the web, for mobile devices, for IoT, or for other uses. You can write .NET apps in C#, F#, or Visual Basic.
	.NET SDK on Debian 10: This offer from AskforCloud provides a .NET software development kit (SDK) on Debian 10. The kit includes everything you need to build and run .NET applications. .NET is an open-source developer platform created by Microsoft.
	.NET SDK on Debian 11: This offer from AskforCloud provides a .NET software development kit (SDK) on Debian 11. The kit includes everything you need to build and run .NET applications. .NET is an open-source developer platform created by Microsoft.
	.NET SDK on openSUSE 15: This offer from AskforCloud provides a .NET software development kit (SDK) on openSUSE 15. The kit includes everything you need to build and run .NET applications. .NET is an open-source developer platform created by Microsoft.
	AI Signature Recognition: AI Signature Recognition from Cogniware uses algorithms and computer vision to verify the authenticity of signatures. Easily verify thousands of paper-based customer signatures. A demo version and a full version are available. The full version include automatic processing of photos and an implementation in your environment.
	AllegroGraph 7.3.0: AllegroGraph is a multi-modal graph and document database that supplies foundational structure for scalable enterprise knowledge graphs. Thanks to its database security, AllegroGraph is fit for HIPAA access controls, privacy rules for banks, and security models for policing, intelligence, and government.
	Azure CLI on Red Hat Enterprise Linux 9: This offer from AskforCloud provides the Azure Command-Line Interface (CLI) on Red Hat Enterprise Linux 9. The cross-platform tool allows you to connect to Azure and execute administrative commands through a terminal using interactive command-line prompts or a script.
	Azure CLI on Windows Server 2012 R2: This offer from AskforCloud provides the Azure Command-Line Interface (CLI) on Windows Server 2012 R2. The cross-platform tool allows you to connect to Azure and execute administrative commands through a terminal using interactive command-line prompts or a script.
	Azure CLI on Windows Server 2016: This offer from AskforCloud provides the Azure Command-Line Interface (CLI) on Windows Server 2016. The cross-platform tool allows you to connect to Azure and execute administrative commands through a terminal using interactive command-line prompts or a script.
	Azure CLI on Windows Server 2019: This offer from AskforCloud provides the Azure Command-Line Interface (CLI) on Windows Server 2019. The cross-platform tool allows you to connect to Azure and execute administrative commands through a terminal using interactive command-line prompts or a script.
	Azure CLI on Windows Server 2022: This offer from AskforCloud provides the Azure Command-Line Interface (CLI) on Windows Server 2022. The cross-platform tool allows you to connect to Azure and execute administrative commands through a terminal using interactive command-line prompts or a script.
	Azure Virtual Desktop on Ubuntu 22.04 for Developers: This offer from Ntegral provides Ubuntu 22.04 on a Microsoft Azure virtual machine. The desktop image comes preconfigured with Visual Studio Code, Git, and LibreOffice, an open-source office suite that’s compatible with Microsoft Office.
	Cassandra on Debian 10: This offer from AskforCloud provides Apache Cassandra on Debian 10. Cassandra is an open-source NoSQL distributed database trusted by thousands of companies for scalability and high availability. Cassandra enables developers to scale their databases dynamically, using off-the-shelf hardware, with no downtime.
	Cassandra on Debian 11: This offer from AskforCloud provides Apache Cassandra on Debian 11. Cassandra is an open-source NoSQL distributed database trusted by thousands of companies for scalability and high availability. Cassandra enables developers to scale their databases dynamically, using off-the-shelf hardware, with no downtime.
	Confidencial Encryption Technology: Confidencial’s selective encryption technology allows you to embed protected content within your Office documents and Microsoft Teams messages that’s viewable only by the individuals or groups you designate. Thus, you could create a document that contains portions visible only to HR, with other portions visible only to your legal department.
	Ctelo Office Connect for Microsoft Teams: Ctelo Office Connect is an add-on to Ctelo Business Phone that connects offices based in countries with strict telecom regulations. This makes it possible to deploy a global telephony solution based on Microsoft Teams.
	Ctelo Voice Channel for Microsoft Dynamics: Ctelo Voice Channel for Dynamics 365 Customer Service enables representatives to resolve customer service issues via phone. Part of the Ctelo Business Phone offering, Ctelo Voice Channel makes it possible to use the existing company telecom contract and phone numbers in both Microsoft Teams and Microsoft Dynamics.
	Docker on AlmaLinux 8: This offer from AskforCloud provides Docker Community Engine on AlmaLinux 8. Docker is a platform that enables developers and system administrators to build, run, and share applications with containers.
	Docker on AlmaLinux 9: This offer from AskforCloud provides Docker Community Engine on AlmaLinux 9. Docker is a platform that enables developers and system administrators to build, run, and share applications with containers.
	Docker on Oracle Linux 8: This offer from AskforCloud provides Docker Community Engine on Oracle Linux 8. Docker is a platform that enables developers and system administrators to build, run, and share applications with containers.
	Docker on Rocky Linux 8: This offer from AskforCloud provides Docker Community Engine on Rocky Linux 8. Docker is a platform that enables developers and system administrators to build, run, and share applications with containers.
	Docker on Ubuntu 22.04: This offer from AskforCloud provides Docker Community Engine on Ubuntu 22.04. Docker is a platform that enables developers and system administrators to build, run, and share applications with containers.
	env0 Pro: DevOps engineers, infrastructure-as-code developers, and site reliability engineers can use env0 to automate Terraform and Terragrunt Git flows, simplify the governance of cloud deployments, and manage the provisioning of teams, users, and environments.
	Fedora 36 Desktop: This offer from Ntegral provides Fedora 36 on a Microsoft Azure virtual machine. The desktop image comes preconfigured with Visual Studio Code, Git, and LibreOffice, an open-source office suite that’s compatible with Microsoft Office.
	Foxit eSign: Foxit eSign, an electronic signature tool, lets you quickly and easily prepare, send, sign, and track legally binding documents and agreements. Foxit eSign also can automate workflows. When you add Foxit eSign to Microsoft 365 and SharePoint, you can maximize document completion within your standard workflows.
	Locust, Packaged by Data Science Dojo: This offer from Data Science Dojo provides Locust on Ubuntu 20.04. Locust is an open-source load-testing framework for web apps. It’s based on Python and is used for quality assurance processes. Through Locust, web testers can determine the potential of a website to withstand a number of concurrent users.
	MetaSpark: Useful for project management, IT support, customer relationship management, or onboarding, MetaSpark consolidates tasks in one unified workspace. As teams deliver on their work, they can be recognized and rewarded based on company goals.
	Oracle 8.5 Minimal: This offer from Art Group provides an image of Oracle 8.5 built with a minimal profile. It contains just enough packages to run Oracle 8.5 within Microsoft Azure, bring up an SSH Server, and allow users to log in. Integrated cloud tools and technologies simplify infrastructure deployment.
	PULSE: Delivery deadlines are getting tighter for all storytellers, whether you’re a studio or a production company. By using PULSE, production teams and vendors will benefit from automation tools, a central storage location, and a collaborative workspace. Pull, transcode, and deliver production content to all your creative teams without data wrangling or manual file transfers.
	Red Hat Enterprise Linux 8.6 Desktop: This offer from Ntegral provides Red Hat Enterprise Linux 8.6 on a Microsoft Azure virtual machine. The desktop image comes preconfigured with an RDP-based remote desktop environment and LibreOffice, an open-source office suite that’s compatible with Microsoft Office.
	Rocky Linux 9 Desktop “Blue Onyx”: This offer from Ntegral provides Rocky Linux 9 on a Microsoft Azure virtual machine. The desktop image comes preconfigured with an RDP-based remote desktop environment and LibreOffice, an open-source office suite that’s compatible with Microsoft Office.
	Siemens NX: Siemens NX on Microsoft Azure lets you run your CAD tools on the cloud. NX is built on a flexible and extensible architecture, and it supports working from home, from the office, or a remote location with secure and uninterrupted access.
	Spark on Debian 10: This offer from AskforCloud provides Apache Spark on Debian 10. Apache Spark is an open-source analytics engine for executing data engineering, data science, and machine learning on single-node machines or clusters. It supplies high-level APIs in Java, Scala, Python, and R, along with an optimized engine that supports general execution graphs.
	Spark on Debian 11: This offer from AskforCloud provides Apache Spark on Debian 11. Apache Spark is an open-source analytics engine for executing data engineering, data science, and machine learning on single-node machines or clusters. It supplies high-level APIs in Java, Scala, Python, and R, along with an optimized engine that supports general execution graphs.
	Spark on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Apache Spark on Ubuntu Server 18.04 LTS. Apache Spark is an open-source analytics engine for executing data engineering, data science, and machine learning on single-node machines or clusters. It supplies high-level APIs in Java, Scala, Python, and R, along with an optimized engine that supports general execution graphs.
	Spark on Ubuntu Server 22.04 LTS: This offer from AskforCloud provides Apache Spark on Ubuntu Server 22.04 LTS. Apache Spark is an open-source analytics engine for executing data engineering, data science, and machine learning on single-node machines or clusters. It supplies high-level APIs in Java, Scala, Python, and R, along with an optimized engine that supports general execution graphs.
	VenueArc – Event Management: VenueArc streamlines event and venue management operations to help performing arts professionals increase accessibility, collaboration, productivity, and profitability. It features CRM integration, a contract generator, single sign-on through Azure Active Directory, and a pay-as-you-go model.
Go further with workshops, proofs of concept, and implementations
	Airport Analytics: 6-Week Proof of Concept: In this proof of concept, Glorious Insight will deliver its airport analytics platform on Microsoft Azure and assist in user adoption to drive successful outcomes. The platform will provide accurate collection of key performance indicators.
	App of the Future Greenfield Envisioning & Design: 5-Day Workshop: InCycle’s App of the Future offer provides a Microsoft-funded engagement to quickly envision, prototype, and design an app on Azure. InCycle will conduct a design workshop to uncover your top business objectives, then create a rapid Azure prototype and reference architecture design.
	Azure Arc Deployment: 1-Day Workshop: In this workshop, Chrisons will demonstrate how to manage, secure, develop, and operate infrastructure, apps, and Azure services. Participants will learn how to centrally manage a wide range of resources, including Windows and Linux servers, SQL Server, Kubernetes clusters, Azure Arc, and other Azure services.
	Azure Database Migration: 1-Week Implementation: Start your journey to Microsoft Azure with PetaBytz’s migration service. PetaBytz’s team of experts will move your database assets to Azure so you can meet key business demands, such as scale, uptime, security, automation, and data insight innovation.
	Azure DevOps, GitHub, and DevSecOps Workshops: Achieve a DecSecOps culture in your organization with Azure DevOps and GitHub. Over the course of a few workshops, DevTools will help your team adopt Azure DevOps and GitHub to achieve CI/CD features and application security in a DevSecOps workflow.
	Azure Optimization: 2-Hour Workshop: This workshop from Cloud Direct will tell you why and how to align your Azure environment to the Microsoft Azure Well-Architected Framework. You’ll be able review your Azure environment for opportunities to reduce spending, increase security, and boost technical performance.
	Azure Site Recovery Implementation: SVA will set up Azure Site Recovery to keep your applications operational during planned or unexpected outages. Azure Site Recovery provides you with replication, failover, and recovery processes. This offer is available only in German.
	Azure Stack HCI: 2-Day Workshop: Chrisons will show you how Azure Stack HCI works and how to implement relevant solutions, such as enabling servers or centralized cloud management. Azure Stack HCI is built to accommodate everything from a small, two-node deployment to a 16-node deployment spread across offices and datacenters around the world.
	Azure Stack HCI: 3-Hour Workshop: This workshop from Greeneris will introduce you to Azure Stack HCI and the benefits it can bring to your organization. Azure Stack HCI is a hyperconverged infrastructure cluster solution that hosts virtualized Windows and Linux workloads and their storage in a hybrid environment that combines on-premises infrastructure with cloud services.
	Azure Synapse and Power BI: 6-Week Pilot Implementation: KiZAN will deploy a pilot implementation of a modern data platform, provide opportunities to work with Microsoft Power BI and Azure Synapse in your production environment, and develop a plan to assist with a full production deployment of Power BI and Azure Synapse.
	Azure Virtual Desktop Implementation and Support: TOSYS will set up Azure Virtual Desktop so your company can try it out in small-scale or large-scale production use. Azure Virtual Desktop can be used for telework, regardless of whether the device is a PC or a smartphone. This service is available only in Japanese.
	CFO Cockpit Package for Financial Analysis: Using Microsoft Power BI, Polestar will create a dashboard that will give you a bird’s-eye view into your company’s financial performance. Analysis typically covers a profit and loss statement, a balance sheet, accounts receivable, accounts payable, and inventory.
	Churn Prediction Software Implementation: Using Azure Machine Learning, Polestar can help you identify employees with a greater likelihood of leaving your company. Being aware of the underlying parameters that could be responsible for attrition will give you the flexibility and time to act accordingly.
	CI/CD Pipeline Implementation (5 Weeks): In this implementation, Linnovate will create a continuous integration/continuous delivery (CI/CD) pipeline for a single containerized application in an existing Kubernetes environment using Azure DevOps.
	Course to Implement Microsoft Sentinel: This course from Nebulan, available in Spanish, will give you practical experience in implementing Microsoft Sentinel. Participants will learn about threat detection, incident management, automation, and workbooks.
	Custom Application Development with Azure: Zure’s team will assist your company with application development using Microsoft Azure Platform as a Service technologies, which feature modern architecture choices and DevOps practices. Zure offers concept design services, application development, application support, and everything in between.
	Implementation of Azure Services: SEIDOR will implement Microsoft Azure services to help your business be more profitable and competitive. You’ll receive business continuity and optimization of systems and applications, investigation of cyber threats, and secure desktop and application delivery from any device and any location.
	IoT Apps Using PaaS: 2-Month Proof of Concept: Internet Initiative Japan Inc. will support customers’ IoT environment development with Azure Platform as a Service, licensing provisions, network functions, and selection of IoT devices. This service is available only in Japanese.
	LTI Sustainable Smart Spaces: 12-Week Implementation: LTI will implement its connected-building solution, which includes sensors and uses numerous Azure services, so your organization can optimize building performance and align to environmental and sustainability goals.
	Modern Secure Datacenter: 10-Day Implementation: Abtis specializes in managed security services for medium-sized companies. In this engagement, Abtis will provide cloud security management, cloud workload protection, and network security through various Azure services. This offer is available only in German.
	PetaMigrate: 3-Day Workshop: Learn about PetaBytz’s cloud adoption framework in this workshop, which will include an assessment of your organization’s IT landscape and guidance for a migration to Microsoft Azure. PetaBytz can enable you to adopt Azure services with minimal downtime.
	Power Move to Azure with Skytap: Using Skytap, Kyndryl will migrate your IBM AIX Power workloads to Microsoft Azure. Kyndryl provides production-ready preintegrated offerings that cover all transformation needs: strategy, development, migration, modernization, and management.
	Predictive Order Management System: 8-Week Implementation: Having a lean, efficient supply chain is vital for manufacturing, distribution, or retail businesses. In this engagement, Datamind will implement an AI-based predictive order management system to improve your supply chain efficiency and deliver daily order recommendations.
	Privileged Identity Management Jump-Start: Steeves and Associates will discuss the Privileged Identity Management service of Azure Active Directory, determine your company’s business and technical objectives, deliver a workshop to plot out an implementation​, and conduct an IT operations training.
	Sales Forecasting Implementation: Using Microsoft Power BI dashboards and data engineering with Python and Azure Data Factory, Polestar will forecast your sales over a specified period of time. This implementation is appropriate for retail stores, consumer packaged goods companies, or insurance agents.
	Secure App and Internet Gateway: 6-Week Implementation: LAB3 will deploy a secure internet gateway in your tenant to provide round-the-clock visibility and threat management that meets the protection standards of the Infosec Registered Assessors Program (IRAP). IRAP is governed and administered by the Australian Cyber Security Centre.
	Shield One Managed Security Service (1 Year): Get a bird’s-eye view of your cybersecurity with the security information and event management capabilities of Microsoft Sentinel. Signal Alliance can connect your Microsoft 365 suite and all other security tools to its Shield One managed service. This will provide continual monitoring and incident response for your enterprise platforms.
	Well-Architected: Public Cloud Security Posture Workshop: Elisa’s experts will introduce the security posture management and workload protection capabilities of Microsoft Defender for Cloud. You’ll later get an assessment of your public cloud security, followed by recommendations. Continuous posture monitoring by Elisa is available as an option.
Contact our partners
9A Connected Factory & Insights
App Modernization Assessment
Aquila Clouds FinOps
Aruba EdgeConnect Enterprise in Azure Virtual WAN
Automate Information Extraction from Images/Videos Using AI
Azure and Microsoft 365 License Consultancy: 4-Day Assessment
Azure Arc Hybrid Managed Services
Azure Assessment from Ascend
Azure Boards: 1-Hour Briefing
Azure DevOps: 1-Week Assessment
Azure Virtual Desktop: 3-Day Assessment
CB Blockchain Seal for SharePoint
Cerberus – Domain Analysis: 3-Month Assessment
Cerberus Strategic Assessment
Cloud Migration Readiness: 2-Week Assessment
Cloud Readiness Briefing
Cortex EIP Version 1.2.311
Custom Software Development: 2-Day Assessment
Cymmetri Platform
Data Modernization Discovery: 3-Day Assessment
DeepSense
delphai for M&A
delphai for Sales
EasyGov: Delivering Convenience & Transforming Governance
Ecosystem Intelligence
Enow’s Monitoring and Reporting for Microsoft 365
Exodus EMM Migration to Microsoft Intune
Eyeglass: Disaster Recovery Automation
Feelix: AI-Based Chronic Disease Management System
FlowFit
Fusion Analytics v16.5
Kontent.ai
Lizard Uni Bot
Managed Service and Shared SBC for Microsoft Teams
Move to Azure: 1-Week Assessment
NebulaGraph Enterprise
Noibit’s Managed Service for Microsoft Sentinel
Pavement Express
Power Finance: 1-Week Assessment
Predictive Safety Fatigue Management System
Sirus NGSI-LD Context Broker Web App
Software & Cloud Economics Assessment
Springboard: Infrastructure-as-Code Framework for Azure
TCS Envirozone
Tetrate Istio Distribution
Unified Customer Intelligence
Verizon 5G Edge

Azure DevOps – Leveraging Pipeline Decorators for Custom Process Automation

by Contributed | Nov 8, 2022 | Technology

This article is contributed. See the original author and article here.

Introduction

Background

In the recent pandemic, health institutions all across the world have been pushed to their limits on about every facet. Through this, many such institutions have begun to reprioritize their modernization efforts around their cloud infrastructure to support increasing demands and hedge against uncertainty. As institutions are migrating their existing workloads into the cloud, a common challenge they are faced with is that many of their on-prem security processes and standards tend to not map one-to-one with the services they are being migrated to. With the sensitive nature of the healthcare industry, it is especially important to solution feasible routes to always ensure security and validation is in place end-to-end.

In this blog post, we will look at how Azure DevOps Pipeline Decorators can be leveraged to bridge the gap in our cloud environment with the customer’s existing security processes on their on-premises IIS server.

What are Pipeline Decorators?

If you have ever run across jobs executing on your azure pipelines that you have not previously defined, there is a good chance you may have already run into decorators before!

Pipeline decorators allow you to program jobs to execute before or after any pipeline runs across your entire Azure DevOps organization. For scenarios such as running a virus scan before every pipeline job, or any sort of automated steps to assist with governance of your CICD processes, pipeline decorators grants you the ability to impose your will at any scale within Azure DevOps.

Read further on decorators on Microsoft Learn: Pipeline decorators – Azure DevOps | Microsoft Learn

In this blog post, I will be walking through a sample process based on the customer scenario’s requirements, and how the pipeline decorators can fit in to assist with their governance objectives.

Scenario

Customer’s Azure DevOps organization has grown to a considerable size composed of numerous projects with various applications with no clearly defined process or standards they adhere to. All of these applications have been hosted on an on-premises IIS server, where the application teams are trusted to provide manual inputs to deployment variables.

Due to the lack of out-of-the-box controls for validating IIS file path permissions with Azure Active Directory identities within Azure DevOps, this was an area of concern with the customer as the deployed production applications effectively did not have any preventative measures to address malicious actors or human error overwriting existing applications.

When looking at the deployment tasks to IIS servers from Azure DevOps, the two primary variables the customer was looking to control were:

• virtualAppName– Name of an existing an already existing virtual application on the target machines


• websiteName– Name of an existing website on the machine group

Considering the RBAC strategy the customer has in mind with AAD, there will be a third variable to represent the ownership of the application via an AAD group.

• groupId– AAD ID of the application owner’s group

In the next section, I will outline a high-level process proposal based on these three variables, that goes into onboarding applications.

Solutioning

High-Level Process Proposal for Onboarding New Applications

For this demo’s purposes, we will make the following assumptions to build out a process that illustrates how application teams can successfully onboard and assist the operations team in successfully managing the application environment within their on-prem IIS server.

Assumptions

1. Ops team only require the following three parameters to help govern application deployments:
   
   
   
   • virtualAppName
   
   
   • groupId
   
   
   • websiteName
   
   
   
   


2. Application teams only need flexibility while building applications within the CICD pipelines, and currently do not have much concerns or the expertise to manage deployments.


3. Ops team wishes to also build security around these parameters such that only the authorized actors will be able to modify these values.

Onboarding New Applications

1. 
   

   Ops team provides a template (such as GitHub issues templates) for new application requests to the application teams, and captures the following IIS deployment-specific information:

   
   
   
   
   • virtualAppName
   
   
   • groupId
   
   
   • websiteName
   
   
   
   

   For this demo, I have created a simple GitHub issues YAML form which the operations team can leverage to capture basic information from the application teams, which can also be tied to automation to further reduce operational overhead:

   
   

2. Ops team is then notified of the request, and upon successful validation continues to provision an Application Environment with the captured information
   
   
   
   1. application environment in this context involves the following components:
      
      
      
      1. Key Vault (per application)
      
      
      2. Service Connection to application Key Vault with read permissions over secrets
      
      
      3. Place the application team provided, ops team validated virtualAppName, groupId, websiteName values as secrets
      
      
      4. Place Service Connection details in the project variable group to allow for the decorator to dynamically retrieve secrets for each project
      
      
      5. Application registered onto the IIS server that adheres to existing IIS server file management strategies
      
      
      
      
   
   
   
   


3. Once the environment is ready for use, notify the application teams by updating the issue template and now the application teams only need to focus on building and publishing their artifact within their CICD pipelines

Updating Existing Applications

1. Ops team provides a template for change requests to the application teams, and captures the following information:
   
   
   
   • virtualAppName
   
   
   • groupId
   
   
   • websiteName
   
   
   • Change Justification/Description
   
   
   
   


2. Core Ops team reviews and approves the change request


3. Update the application environment accordingly


4. Notify the application team
   
   

Now with the high-level process defined, we will now look at how we could bring in the relevant parameters into the decorators to impose validation logic.

Building the Demo

Setting up our Demo Application Environment

In this example, I created a key vault named kv-demolocaldev, and placed the virtualAppName, groupId, and websiteName so we may retrieve the values later as shown below:

Now, we must create the project and subsequently create the service connection to the key vault scoped to the project.

To do this, I created an Azure Resource Manager Service Connection while using my demo identity, that is scoped to the resource group containing the key vault:

Once the service connection is done provisioning, you can navigate to the AAD object by following the Manage Service Principal link, which will allow you to retrieve the Application ID to be used when adding the access policy.

Selecting the Manage Service Principal link will take us to the AAD object, where we can find the Azure Application ID to add to our Key Vault access policy.

The service connection will only need GET secret permissions on its access policy.

Afterwards, we now capture the information about the service connection and key vault by creating a variable group on the application’s Azure DevOps project named demo-connection-details:

There will need to be additional steps taken to provision the IIS server as well with the parameters, but for this demo’s purpose we will assume that the provisioning steps have already been taken care of. Now with this, we can move onto building out our decorators.

Building the Decorators

For the pipeline side, the customer is looking to control both the pre-build with validating the input variables, and post-build in placing guardrails around deployment configurations with the validated parameters.

Both pre and post decorators will leverage the same key vault secrets, so we will start with integrating the key vault secrets into the YAML definition.

Pipeline decorators leverage the same YAML schema as the YAML build pipelines used within Azure DevOps. Meaning we can take advantage of conditional logic with repo branches, dynamic variables, and pull in key vault secrets with service connections.

The high-level logic we are attempting to demonstrate for the pre and post decorators are the following:

Pre:

1. Check for variables/conditions to bypass decorators


2. Using pre-established variables, connect to application’s Azure Key vault and retrieve secret values


3. For each of the deployment variables, process custom validation logic

Post:

1. Deploy the application/artifact to the IIS server

You can find the demo files within the following repo: https://github.com/JLee794-Sandbox/ADO-Decorators-PoC

Pre-build decorator

To ensure users can opt-out of the process during development, we can leverage the same YAML schema as build pipelines to construct our conditionals.

1. Check for variables/condition to bypass decorators

In the pre-build decorator YAML definition (located in Build/Pre/input-parameter-decorator.yml), for pipeline builds that run off the main branch, that also checks for a simple variable flag named testDecorator to be true for the decorator to execute.

steps:

– ${{ if and(eq(variables[‘Build.SourceBranchName’], ‘main’), contains(variables[‘testDecorator’],’true’) ) }}:

Following right after, I retrieve websiteName, groupId, and virtualAppName with the connection details we have placed within the demo-connection-details, which will be passed in by the build pipeline.

– task: AzureKeyVault@2

  displayName: ‘[PRE BUILD DECORATOR] Accessing Decorator Params from the key vault – $(decorator_keyvault_name), using $(decorator_keyvault_connection_name) connection.’

  inputs:

    azureSubscription: $(decorator_keyvault_connection_name)         # Service Connection Name (scoped to RG)

    KeyVaultName: $(decorator_keyvault_name)   # Key Vault Name

    SecretsFilter: ‘websiteName,groupId,virtualAppName’   # Secret names to retrieve from Key Vault

    RunAsPreJob: true

Now that the secrets have been pulled in, we can now run our custom validation logic for each. For the purpose of this demo, we will just check that each variable exists and throw an error through a simple PowerShell script.

– task: PowerShell@2

    name: ValidateDeploymentVariables

    displayName: ‘[PRE BUILD DECORATOR] Validate Deployment Variables (Injected via Decorator)’

    inputs:

      targetType: ‘inline’

      script: |

        $errorArr = @()

        try {

          Write-Host “VirtualAppName: $(virtualAppName)”

          # your input test cases go here

          # e.g querying the remote-machine to match the virtualAppName

        }

        catch {

          errorArr += ‘virtualAppName’

          Write-Host “##vso[task.logissue type=error]Input parameter ‘virtualAppName’ failed validation tests.”

        }
        try {

          Write-Host “GroupID: $(groupId)”

          # your input test cases go here

          # e.g querying the remote-machine to match the groupId against the local file permissions

        }

        catch {

          Write-Host “##vso[task.logissue type=error]Input parameter ‘groupId’ failed validation tests.”

          errorArr += ‘GroupID’

        }
        try {

          Write-Host “WebSiteName: $(webSiteName)”

          # your input test cases go here

          # e.g querying the web-site URL to see if site already exists, etc.

        }

        catch {

          Write-Host “##vso[task.logissue type=error]Input parameter ‘webSiteName’ failed validation tests.”

          errorArr += ‘GroupID’

        }
        if ($errorArr.count -gt 0) {

          # Link to your teams documentation for further explanation

          Write-Warning -Message “Please provide valid parameters for the following variables: $($errorArr.join(‘, ‘))”

          Write-Warning -Message “See <https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops&tabs=yaml%2Cbatch> for additional details”

          throw “Please provide valid values for $($errorArr.join(‘, ‘)).”

        }

And we are done with the pre-build decorator! Of course, while developing it is important to iteratively test your code. If you would like to publish your code now, skip to the (Publish your extension) section below.

Post-build decorator

For our post-build decorator, all we want to do is determine when the decorator should run, and simply invoke a deployment task such as the IISWebAppDeploymentOnMachineGroup task.

Of course, there are many more validation steps and tools you can place here to further control your deployment process, but for the sake of this demo we will just be outputting some placeholder messages:

steps:

– task: PowerShell@2

  name: DeployToIIS

  displayName: Deploy to IIS (Injected via Decorator)

  condition: |

    and

    (

      eq(variables[‘Build.SourceBranch’], ‘refs/heads/main’),

      eq(variables.testDecorator, ‘true’)

    )

  inputs:

    targetType: ‘inline’

    script: |

      # Validation steps to check if IIS

      # Validation steps to check if iOS or Android

      # > execute deployment accordingly

      Write-Host @”

        Your IIS Web Deploy Task can look like this:
        – task: IISWebAppDeploymentOnMachineGroup@

          inputs:

            webSiteName: $(webSiteName)

            virtualApplication: $(virtualAppName)

            package: ‘$(System.DefaultWorkingDirectory)***.zip’ # Optionally, you can parameterize this as well.

            setParametersFile: # Optional

            removeAdditionalFilesFlag: false # Optional

            excludeFilesFromAppDataFlag: false # Optional

            takeAppOfflineFlag: false # Optional

            additionalArguments: # Optional

            xmlTransformation: # Optional

            xmlVariableSubstitution: # Optional

            jSONFiles: # Optional

      “@

Publishing the Extension to Share with our ADO Organization

First, we need to construct a manifest for the pipeline decorators to publish them to the private Visual Studio marketplace so that we may start using and testing the code.

In the demo directory, under Build we have both Pre and Post directories, where we see a file named vss-extension.json on each. We won’t go into too much of the details around the manifest file here today, but the manifest file allows us to configure how the pipeline decorator executes, and for what sort of target.

Read more on manifest files: Pipeline decorators – Azure DevOps | Microsoft Learn

With the manifest file configured, we can now publish to the marketplace and share it with our ADO organization:

1. 
   

   Create publisher on the Marketplace management portal

   
   


2. 
   

   Install tfx command line tool

   
   

   npm install -g tfx-cli

   
   


3. 
   

   Navigate to the directory containing the vss-extension.json

   
   


4. 
   

   Generate the .vsix file through tfx extension create


   
   

   > tfx extension create –rev-version
   
   TFS Cross Platform Command Line Interface v0.11.0
   
   Copyright Microsoft Corporation
   === Completed operation: create extension ===
   
    – VSIX: /mnt/c/Users/jinle/Documents/Tools/ADO-Decorator-Demo/Build/Pre/Jinle-SandboxExtensions.jinlesampledecoratorspre-1.0.0.vsix
   
    – Extension ID: jinlesampledecoratorspre
   
    – Extension Version: 1.0.0
   
    – Publisher: Jinle-SandboxExtensions
   

   
   


5. 
   

   Upload the extension via the Marketplace management portal or through tfx extension publish

   
   


6. 
   

   Share your extension with your ADO Organization on the management portal
   
   

   
   


7. 
   

   Install the extension on your ADO Organization

   
   
   
   
   1. Organization Settings > Manage Extensions > Shared > Install
      
      
   
   
   
   

Testing the Decorator

Now that your pipeline decorators are installed in your organization, any time you push an update to the Visual Studio marketplace to update your extensions, your organization will automatically get the latest changes.

To test your decorators, you can leverage the built in GUI for Azure DevOps to validate your YAML syntax, as well as executing any build pipeline with the appropriate trigger conditions we have configured previously.

In our demo application environment, I updated the out-of-the-box starter pipeline to include our connection variable group, as well as specify the testDecorators flag to true:

variables:

– name: testDecorator

  value: true

– group: demo-connection-details

Running the pipeline, I can now see the tasks I have defined execute as expected:

Once we verify that the pre and post tasks have run as expected with the conditional controls evaluating in a similar manner, we can then conclude this demo.

Conclusion

Now with the decorator’s scaffolding in place, the customer can continue to take advantage of the flexibility provided by Azure DevOps pipeline’s YAML schema to implement their existing security policies at the organization level.

I hope this post helped bring understanding to how pipeline decorators can be leveraged to automate custom processes and bring governance layers into your ADO environment.

If you have any questions or concerns around this demo, or would like to continue the conversation around potential customer scenarios, please feel free to reach out any time.

Simplifying the cloud data migration journey for enterprises

by Contributed | Nov 7, 2022 | Technology

This article is contributed. See the original author and article here.

In this guest blog post, Kajol Patel, Senior Content Marketing Specialist at Data Dynamics, discusses digital transformation strategies for enterprises and how to utilize StorageX and the Azure File Migration Program to overcome common data migration challenges.

Data is foundational to any digital transformation strategy, yet enterprises worldwide struggle to find reliable and cost-efficient solutions to manage, govern, and extract valuable insights from it. According to a recent report published in Statista, the total volume of enterprise data worldwide increased from 1 petabyte (PB) to 2.02 PB between 2020 and 2022. This sizeable jump in volume indicates a 42.2 percent average annual growth in data over the last two years. The report also highlights that a majority of that data is stored in internal datacenters. Data storage and processing is costly and energy-intensive for enterprises.

Additionally, the cost of software for collection, analysis, and management of terabytes and petabytes of data residing in multiple storage centers adds to the expenditure. Breaking down siloes to extract real-time insights often ends up costing the enterprise exorbitant amounts of IT resources and revenue.

As unstructured data sprawl continues to grow, enterprises are turning to the cloud and embracing data as a strategic and valuable asset. By extracting useful insights from data, businesses can accelerate their digital journey by making data-driven decisions in real time to meet peak demand, grow revenue, and minimize storage cost. Enterprises such as Microsoft that offer cloud solutions give clients access to subscription-based remote computing services. It enables them to adjust cloud consumption to meet changing needs. As a possible recession looms, organizations that rely on the cloud are more likely to experience cost reduction as they effectively manage risk and compliance.

However, most enterprises face numerous challenges while migrating to the cloud: proprietary vendor lock-in, lack of migration skills, a labor-intensive process, and inadequate knowledge of data estate.

Top 3 data migration challenges for enterprises:

• Lift-and-shift blind spots: Lack of knowledge of enterprise unstructured data estate may result in post-migration complexities such as security malfunction and non-compliance.


• Lack of visibility: No clarity about what, when, and where around data may result in lack of storage optimization and delayed migration timelines.


• Complexity of scope and scale: Lack of an integrated approach, governance, and skills, decrease in efficiency, low time to effort ratio, and other redundancies can cause chaos.

In a webinar hosted by Data Dynamics, Karl Rautenstrauch, Principal Program Manager, Storage Partners at Microsoft, spoke about the top challenges faced by enterprise customers while migrating to the cloud: “Over nine years of working closely with partners and customers in the field of migrating datasets and applications to Azure, we see a consistent theme of every enterprise in every industry being a little overburdened today – too much to do, too little time, and too few people, hence most of these enterprises are seeking automation. They want to ensure that they can engage in complex activities like moving an application comprised of virtual machines, databases, and file repositories in the simplest way possible with the least risk possible.”

He further emphasized the most consistent requirement for all customers he has worked with, regardless of size, was to migrate large data sets securely, quickly, and with minimal risk and disruption to user productivity.

Migrating file data between disparate storage platforms is always a daunting process. Microsoft recently announced the Azure File Migration Program to make customer data migration much easier and more secure. It helps address the customer’s need to reduce the time, effort, and risk involved in complex file data migration.

Speaking at the webinar, Rautenstrauch emphasized the value of on-demand compute and modern cloud services: “We have built a platform of services called Azure Migrate, which is freely available, and it has cloud-driven capabilities. These services help customers move virtual machines easily, databases, and now even containerized applications in an automated, risk-free fashion. One area that is neglected is unstructured data, so what we are going to do is address it in the Azure File Migration Program.”

The Azure Migrate hub offers many effective tools and services to simplify database and server migration but doesn’t address the need for unstructured data migration. Hence, Azure File Migration Program is becoming a new favorite among enterprises possessing unstructured data sprawl.

Jurgen Willis, VP of Azure Optimized Workloads and Storage, states in his blog, “Azure Migrate offers a very powerful set of no-cost (or low-cost) tools to help you migrate virtual machines, websites, databases, and virtual desktops for critical applications. You can modernize legacy applications by migrating them from servers to containers and build a cloud native environment.”

Data Dynamics transforms data assets into competitive advantage with Azure File Migration

With over a decade of domain experience and a robust clientele of 300+ organizations, including 28 of the Fortune 100, Data Dynamics is a partner of choice for unstructured file data migrations. StorageX is Data Dynamics’ award-winning solution for unstructured data management. The mobility feature of StorageX provides intelligence-driven, automated data migrations to meet the needs and scale of global enterprises. 

Having migrated over 400 PB of data encompassing hundreds of trillions of files, this feature is trusted and proven and delivers without losing a single byte of data. It provides policy-based and automated data migration with reduced human intervention and without vendor lock-in. StorageX has proven capabilities to multi-thread and migrates at the speed where you can move millions and billions of files in hours, making it one of the most scalable and risk-free data migration solutions. 

It can easily identify workloads and migrate data based on characteristics such as the least-touched files, files owned by specific users or groups, or hundreds of other actionable insights. StorageX Migration is a powerful migration engine that moves large volumes of data across shares and exports with speed and accuracy.

Here’s a detailed comparative study of StorageX versus traditional migration tools.

Microsoft is sponsoring the use of Data Dynamics’ StorageX as a part of the Azure File Migration Program. Enterprises can leverage this product to migrate their unstructured files, Hadoop, and object storage data into Azure at zero additional cost to the customer and no separate migration licensing.

Learn more about the Azure File Migration Program or reach us at solutions@datdyn.com I (713)-491-4298 I +44-(20)-45520800