Azure This Week

Developing with secure infrastructure in Azure

Episode description

Join James Lee this week for your Azure news roundup. This week is all about securing your solutions within Azure! We take another look at Microsoft Dev Box, now in public preview; you can now use dedicated hosts for AKS, and Azure private endpoints can now be controlled by network security groups. Oh, and try our free Azure security course:

0:33 Microsoft Dev Box public preview
2:20 Dedicated host support for AKS generally available
3:23 NSG support for private endpoints

Save 40% on our Personal Annual Plans:
Offer applies to customers who purchase, renew, or upgrade, to a Personal Plus Annual or Personal Basic Annual plan. Offer valid from 12:00AM MT on August 15, 2022 until 11:59PM MT on August 26, 2022. Offer may not be combined with any other offers. Offer includes access to the A Cloud Guru Platform only. Purchases made in connection with this offer do not include a free trial period and are subject to the Terms of Use.

Current free Azure courses:
Azure Active Directory Deep Dive
Introduction to Governance and Compliance on Azure
Intro to Serverless on Azure
Introduction to Microsoft Azure Security
Azure Storage Deep Dive

Join the discussion in Discord:

Series description

Azure This Week is your weekly news roundup for all things Azure. Join our expert hosts as they cover everything you need to know about the past week’s developments, keeping it short, fun and informative. Whether you’re just beginning your cloud journey, or you know your stuff, there’s something for everyone!

Hey folks, James Lee here for another episode of Azure This Week, where we bring you the latest and greatest of all things Azure. And today I've got three updates that can help you go on to develop secure solutions in Azure. We'll take a look at the public preview of Microsoft Dev Box, general availability of dedicated host support for Azure Kubernetes Service, and general availability of NSG support for private endpoints. Step one for developing solutions in Azure is to have a machine with everything you need. If you're building a web app, maybe you need a PC with Visual Studio and perhaps a point-to-site VPN connection into your Azure virtual network.

Or perhaps you are developing games and maybe you need something entirely different. And what about if you are working remotely? Well to help ensure that developers can focus on writing code instead of having to burn through all of that time setting up their development machines, Microsoft has introduced Microsoft Dev Box. It's kind of like a developer-PC-as-a-service. This product allows you to provide self-service, on-demand access to Windows-based development machines. Now, these machines can be preconfigured to include all of the tools, connectivity, and security that you require for different development projects across your organization.

Now having standardized development environments available on-demand can not only help to minimize administration effort and costs, but it can also help to provide consistent security. Keen to start your cloud journey? We've just launched a new limited-time offer for our Personal Annual Plans, saving you 40%. These plans give you access to great course features like hands-on labs and practice exams, making it easier to kickstart your cloud career. If you are interested, then scan the QR code on the screen or click the link in the description below. But be quick, you've only gotten to the end of Friday to take up this offer. If you

are developing containerized solutions in Azure, you may have heard of Azure Kubernetes Service, also known as AKS for short. But what if you are developing a highly secret containerized solution? Maybe you love the idea of AKS and how easily you can get Kubernetes in the cloud with native Azure integration, but maybe you're not actually allowed to host your top secret containerized solution on infrastructure that other customers share with you. Well I'm sure you can see where I'm going with this story. With AKS now supporting dedicated hosts, you can now host your AKS containers on hypervisors that are dedicated just to you. Dedicated hosts have been around for a while now, allowing customers to run virtual machines and virtual machine scale sets on physical hypervisors that are dedicated to a single customer only.

And with this update, you can now leverage this secure technology for AKS as well. Azure has a range of services that are built for public global access, and that can be great. But let's say you've developed an app hosted on a virtual machine and it uses blob storage to house your highly confidential data. Now in this scenario, public accessibility - not so good. You don't want to end up on the front page of the news as a security breach story. Instead,

you would want to use something like private endpoints to disable that public accessibility, but still allow access to your storage account only from resources within a virtual network. Now, we have been able to do this for a while by using private endpoints and whilst there's support for a lot of different services for private endpoints, there wasn't support for network security groups to help restrict this private access further within the virtual network itself. Well with the release of network security group support for private endpoints, you can now configure network security group rules to control access to your private endpoints within your virtual networks. So if you want to allow only private access, you can still do that. But if you want to take it one step further and restrict private access, maybe to just a single virtual machine in your virtual network, you can now do that too. Well, that's a wrap for today everyone.

For more awesome updates on all things Azure, be sure to tune in again to next week's episode. Until then keep being awesome Cloud Gurus.

More videos in this series

Is AI the real Web 3.0?

Have you heard our TECHnically Possible Podcast: In Azure news this week, Lars takes a look at the general availability of Azure OpenAI, Microsoft’s…

Master the Cloud with ACG

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?