Jonathan Harris, Cobweb Solutions Architect, writes …
This blog contains the Azure infrastructure updates for the week beginning 12 July 2021:
Disk performance is included for free with these VM types. If a VM is operating below the allocated disk performance (Input Output Operations – IOPS) the VM starts to build credit. If extra IOPS are required, then the disk performance will burst above the regular performance threshold. You can find more information on the Microsoft Docs site – Managed disc bursting.
An Application Service Environment (ASE) provides isolated and dedicated environment for running App Services (Windows and Linux Web apps, Docker containers and functions) at high scale. It has no shared components. It is deployed into a subnet in a VNet. It is consumed using the isolated v2 App Service plans. Isolated v2 plan removes the charge per hour for the stamp fee, which is applicable in the original Isolated plan. Isolated_v2 plan also introduces one- and three-year Reserved Instances.
For more information, visit the Microsoft Docs site – App Service Environment overview.
For the Application Gateway Web Application Firewall (WAF) there is a new Common Rule Set (CRS) version 3.2 in preview. This includes improvements with performance and protection against vulnerabilities for Web Apps.
Privileged Identity Management (PIM) can now be used to access customer environments (shared with the provider). The provider can request to elevate their permissions on the customer’s environment. The provider will need the Azure AD P2 licence, not the customer.
This change allows secrets that would have been previously stored in an environment variable to be stored in Azure key vault instead of within the App. This now works for Windows and Linux applications, and can be a System or User assigned managed identity.
If you’d like more information about any of the updates summarised above, get in touch with the Cobweb team (0333 009 5941 / email@example.com) – and I’ll be happy to jump on a call.