Hey folks, James Lee here for another episode of Azure This Week, where we bring you the latest and greatest of all things Azure. And today I've got three updates that can help you go on to develop secure solutions in Azure. We'll take a look at the public preview of Microsoft Dev Box, general availability of dedicated host support for Azure Kubernetes Service, and general availability of NSG support for private endpoints. Step one for developing solutions in Azure is to have a machine with everything you need. If you're building a web app, maybe you need a PC with Visual Studio and perhaps a point-to-site VPN connection into your Azure virtual network.

Or perhaps you are developing games and maybe you need something entirely different. And what about if you are working remotely? Well to help ensure that developers can focus on writing code instead of having to burn through all of that time setting up their development machines, Microsoft has introduced Microsoft Dev Box. It's kind of like a developer-PC-as-a-service. This product allows you to provide self-service, on-demand access to Windows-based development machines. Now, these machines can be preconfigured to include all of the tools, connectivity, and security that you require for different development projects across your organization.

Now having standardized development environments available on-demand can not only help to minimize administration effort and costs, but it can also help to provide consistent security. Keen to start your cloud journey? We've just launched a new limited-time offer for our Personal Annual Plans, saving you 40%. These plans give you access to great course features like hands-on labs and practice exams, making it easier to kickstart your cloud career. If you are interested, then scan the QR code on the screen or click the link in the description below. But be quick, you've only gotten to the end of Friday to take up this offer. If you

are developing containerized solutions in Azure, you may have heard of Azure Kubernetes Service, also known as AKS for short. But what if you are developing a highly secret containerized solution? Maybe you love the idea of AKS and how easily you can get Kubernetes in the cloud with native Azure integration, but maybe you're not actually allowed to host your top secret containerized solution on infrastructure that other customers share with you. Well I'm sure you can see where I'm going with this story. With AKS now supporting dedicated hosts, you can now host your AKS containers on hypervisors that are dedicated just to you. Dedicated hosts have been around for a while now, allowing customers to run virtual machines and virtual machine scale sets on physical hypervisors that are dedicated to a single customer only.

And with this update, you can now leverage this secure technology for AKS as well. Azure has a range of services that are built for public global access, and that can be great. But let's say you've developed an app hosted on a virtual machine and it uses blob storage to house your highly confidential data. Now in this scenario, public accessibility - not so good. You don't want to end up on the front page of the news as a security breach story. Instead,

you would want to use something like private endpoints to disable that public accessibility, but still allow access to your storage account only from resources within a virtual network. Now, we have been able to do this for a while by using private endpoints and whilst there's support for a lot of different services for private endpoints, there wasn't support for network security groups to help restrict this private access further within the virtual network itself. Well with the release of network security group support for private endpoints, you can now configure network security group rules to control access to your private endpoints within your virtual networks. So if you want to allow only private access, you can still do that. But if you want to take it one step further and restrict private access, maybe to just a single virtual machine in your virtual network, you can now do that too. Well, that's a wrap for today everyone.

For more awesome updates on all things Azure, be sure to tune in again to next week's episode. Until then keep being awesome Cloud Gurus.