Samcogan.com
1,198 FOLLOWERS
Hi, I'm Sam Cogan. I'm a Cloud Architect and Microsoft Azure MVP, focused on providing architecture and technical solutions for cloud based SaaS projects using Azure.
Samcogan.com
1w ago
This week Microsoft announced the GA of the new “v2” SKUs for Azure API Manager, these offer updated versions of the basic and standard SKUs, with some new features. Let’s look at the difference between the v1 and v2 SKUs, and whether you would want to use them.
Improvements in the v2 SKU
The v2 SKUs are mainly intended to improve on the v1 SKU and to bring in some features that previously had only been present in the Premium tier, which locked them behind an expensive monthly cost.
1. Improved Deployment Time
APIM deployment and scaling have always been painful. Deploying new instances can ta ..read more
Samcogan.com
1M ago
It’s time for the Azure Spring Clean. The annual event is organised by Joe Carlyle and Thomas Thornton to encourage you to look at your Azure subscriptions and see how you could manage it better.
In my contribution for this year, we will look at how you can leverage Azure Copilot to manage your Azure Tenants better.
What Is Azure Copilot
Azure Copilot is Microsoft’s AI assistant, but it is tuned to work with Azure. It has all the features of Chat GPT but is also aware of your Azure subscriptions and resources and can answer questions about them. If you want a more detailed introduction to Azu ..read more
Samcogan.com
2M ago
Deployment scripts are a feature of Bicep (and ARM templates) that allow you run either Azure PowerShell or Azure CLI scripts as part of your infrastructure as code deployment. This provides a means to do things in your deployment that Bicep can’t do natively. You’ll often hear this referred to as an “escape hatch”. If you can write it in Azure PowerShell or CLI (or any other PowerShell module if you download it), then you can do it in your deployment script. Some common use cases for this include:
Creating Azure AD users or applications
Perform any Azure Data Plane Operation
Call an external ..read more
Samcogan.com
2M ago
As of the 29th of February 2024, classic application insights will be deprecated. This means you need to switch any classic instances over to Workspace-based instances, which will use a Log Analytics workspace to store the data rather than within App Insights itself. If you use Application Insights, check which mode your workspaces are using.
There is a migration process to switch your workspace over, and it is pretty straightforward:
Go to the properties tab of the App Insights Workspace
Click the “Migrate to workspace based” option
Select the Log Analytics workspace to store the data ..read more
Samcogan.com
2M ago
Versioning of runtime and packages in Azure Automation has been a pain for a long time. All of your scripts in the same automation account will use the same version of PowerShell and have access to the same versions of any packages you install. If you update some package versions for one script, you risk breaking things for other scripts. If you want to use specific packages that can’t be used alongside other packages (such as AzureRM vs Az modules), then you can’t be sure you aren’t breaking other scripts that might rely on the other packages.
Runtime Environments is a new preview feature tha ..read more
Samcogan.com
2M ago
Another day of the week, another Copilot has been released by Microsoft. This time, it’s the turn of Azure. Azure Copilot is an AI assistant designed to help you with your Azure subscriptions, but what can it do, and is it any good? Let’s take a look.
What is Azure Copilot?
Azure Copilot is an AI assistant that combines a Large Language Model (LLM) with the Azure resource model and the data in your subscription. Essentially, it’s an AI that knows about your Azure subscriptions, and so you can ask it questions about your Azure resources. Some areas where it can help include:
Explore your resou ..read more
Samcogan.com
2M ago
Towards the end of 2023, Microsoft announced a new initiative around infrastructure as code for Azure called Azure Verified Modules. (AVM). This is an exciting idea, so let’s explore it more.
What Are Azure Verified Modules?
Azure Verified Modules is a new initiative focused on infrastructure as code modules for deploying Azure resources. It’s the successor to the CARML project (which it will replace) and aims to provide a few things:
A set of standards for what good Infrastructure as Code modules look like
A module repository for modules that implement these standards, currently for Bicep an ..read more
Samcogan.com
3M ago
This week, I encountered an annoying issue when deleting some resources, specifically Azure Backup Vaults (and recovery service vaults). I was deleting a resource group that contained several resources, including a backup vault. The delete started fine, and all the other resources got deleted, but the vault and the resource group did nothing for a long time before the deletion timed out with no further information.
The issue is that when you attempt to delete a resource group, it attempts to delete all the resources inside it, including the backup vault. However, the backup vault will not let ..read more
Samcogan.com
3M ago
AI is everywhere at the minute, and everyone is trying to develop a way to implement AI in their products or workflows. Azure’s open AI services are a great way to do this, but because they’re so easy to deploy and use, you can end up with a proliferation of AI services. The default security settings for these resources are often set up for convenience and ease of use, rather than locking down your precious data and IP. Hence, it’s worth understanding how to secure these resources and make your environments more secure. With the proliferation and popularity of AI services, they will become pri ..read more
Samcogan.com
5M ago
A couple of weeks ago we talked about how Microsoft is deprecating default internet access for VMs](https://samcogan.com/retiring-default-internet-access-for-vms/) in September 2025. This change is being done because it doesn’t meet Microsoft’s “secure by design” approach. However, you don’t need to wait till 2025 if you want to get ahead of the game and secure your outbound traffic due to the introduction of private subnets.
By declaring your subnet as private you disable default outbound access and out of the box any VMs in that subnet will not have access to the internet. If you do want the ..read more