Azure Function Linux PowerShell – Generally Availability
- Azure Functions now support PowerShell on Linux OS
Azure Container Apps Custom Virtual Network – In Preview
- Azure Container Apps is an easy way to run microservices container based applications. Az Container App use the Azure Kubernetes Services (AKS) for running Containers, however with Az Container App you don’t need a deep knowledge of AKS in order to run the Containers. Previously Az Container Apps could only be deployed into a new Azure vnet, with this change Container Apps can be deployed into an existing Az vnet. This provides more control over the Az networking.
Azure PostgreSQL Backup – Generally Available
- Long backup, required for compliance reasons, is now available for PostgreSQL databases. Long term backups use Azure Blob storage to optimise the spend.
PostgreSQL Hyperscale Updates – Generally Available
- Hyperscale uses data sharding to spread data over multiple database servers to provide huge scale and high performance. PostgreSQL now meets compliance for certain country specific compliance certifications:
- Private Link is now available. This allows the database to be accessed via an internal IP address, from inside the network, without having to allow access via the public Internet.
SQL in IaaS Enhancements – Generally Available
- Updates to SQL running on a Virtual Machine:
- Retention length of backups increased from 30 to 90 days.
- The ability to change the storage settings when deploying a new SQL VM, previously Marketplace images came with pre-built SQL configurations.
Azure SQL Updates – Generally Available
- Azure SQL can now use the Azure Key Vault Managed Hardware Security Module (HSM) to store a Bring Your Own Key (BYOK) with Transparent Data Encryption (TDE).
- TDE is used for encrypting data at rest. A key is used to encrypt/decrypt the data, this key can now be stored in the Az KV HSM. The HSM is a highly available, compliant cloud service, allowing customers to safeguard cryptographic keys.
Azure SQL Updates – Public Preview
- Azure SQL now has support for User-Assigned Managed Identity for TDE BYOK.
- Managed Identities are used to authenticate any service (such as SQL) with Azure AD, without having to add credentials in the code. Once enabled the identity can be given access to Azure Key Vault prior to configuring TDE BYOK. There are two types of Managed Identities (System and User). Azure SQL already enabled for System Managed identities – this is when the Azure AD identity is enabled for each resource. User Managed identity (public preview) can be assigned to multiple Azure resources, eliminating the need to individually turn on System Assigned Managed Identity for each Azure SQL server or Managed Instance.
Azure Monitor updates
- Action groups can be tested. Action groups are used to send an email, API on a trigger. Now possible to test the action without waiting for the trigger.
- The Azure Monitor Agent (AMA) can now be automatically upgraded. The AMA is used to gather performance metrics from VMs and is deployed via a Data Collection rule in Azure Monitor, to each VM. The AMA version can be automatically upgraded when new version are released.
Azure Payment HSM – In Preview
- This is dedicated Hardware Security Modules for customers requiring the highest security, lowest latency and highest performance for financial institutions for Payment Card Industry (PCI) workloads in Azure.
AAD Connect v2 Update
- Azure AD Health component is now FIPS compliant.
Azure Virtual Desktop Updates
- Migrating from Classic Azure Virtual Desktop (autumn 2019 version) to the ARM (spring 2020 version) can now be converted automatically.