Azure Insights: Firewall rules; Enterprise integration; Azure uptime SLAs

April 12 2021

Azure pros discuss managing firewall rules for Azure SQL, enterprise integration, and Azure uptime SLAs.

Managing firewall rules for Azure SQL

Microsoft MVP Stanislav Zhelyazkov, writing on Cloud Administrator in Azure World, took a look at how to control Azure SQL firewall rules so that only certain IP addresses are configured. When the question came up in a Microsoft Q&A, he initially recommended Azure Policy, but decided to delve into the question more deeply.

Sharing the code used in the process, Zhelyazkov noted that he was able to track down resource aliases with Get-AzPolicyAlias -ResourceTypeMatch, drilling down with more specifics for SQL and firewall rules. The mode doesn't support tags and locations, and users will need to specify IP addresses in two different lists if they plan to identify particular IP addresses rather than an IP address range.

He wrote:

It is important to note that a policy to audit if specific rule exists is available on GitHub. That policy will only monitor if the rule for specific range exists but you cannot enforce it like the example above as it has auditIfNotExists effect.

Building enterprise integration platforms with Azure very quickly

Microsoft MVP Mike Stephenson think it's possible to easily script an integration platform, as well as setup automation with Azure DevOps pipelines and CI/CD. In a slideshow, he explained Terraform's role as an Infrastructure as Code offering which can help users abstract vendor APIs, communicate with multiple cloud providers, and carry out version control.

Stephenson demoed Terraform code structures and a the layout of an integration platform, and showed how to apply Azure DevOps pipelines. During the integration platform development, users can change the configuration of infrastructure for dev machines, push changes to a build environment with DevOps pipelines or extend changes to other environments.

Making sense of new Azure uptime SLAs

Microsoft MVP Sander Berkouwer, writing on The Things That Are Better Left Unspoken, looked into Microsoft's announced 99.99% uptime SLA which kicked in on April 1. Berkouwer intentionally avoided writing about it on April 1 so that no one would mistake it for an April Fool's Day joke. With the change, a variety of admin features are gone such as user sign-in to the Access Panel and the elimination of read, write, and delete entries in the directory. Additionally, admins can no longer provision or de-provision users to apps in the directory. He wrote:

In March 2021, the 45-minute outage referred to as LN01-P8Z by Microsoft, resulted in a 25% service credit (that organizations can claim until May 31st, 2021). If a similar outage would occur under the new uptime guarantee, this outage would result in the same service credit…Another noteworthy change is the new definition of Azure AD for the public service level agreement (SLA): It merely includes user authentication and federation.

In a separate post, Berkouwer discussed Azure AD Connect Health Agents.

FREE Membership Required to View Full Content:

Become a MemberLogin
Joining gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more, and it’s all FREE. You’ll also have the option to receive periodic email newsletters with the latest relevant articles and content updates. Learn more about us here
About MSCN Reporter

More about MSCN Reporter