Saturday, 29 May 2021

Search made simple: native Elastic integration with Azure—now in preview

With the ever-increasing adoption of cloud-based solutions, and the incredibly complex make-up of the application architectures; the ability to effectively manage, orchestrate, and monitor the scenarios for search, security, and operations are becoming very critical for the success of the businesses.

As part of Microsoft Azure’s commitment to empowering customers to migrate and modernize their applications and run in the cloud, we work with partners to achieve this vision. We are announcing the preview release of the Elastic offering on Azure, which will be available in preview on May 25, 2021. We worked closely with Elastic, the company behind Elasticsearch, Kibana and Logstash, which provides observability, search, and security tools for users to monitor and understand the health and performance of their applications across their cloud and on-premises environments.

Read More: MS-700: Managing Microsoft Teams

Customers use Elasticsearch in all industries, applying the search and monitoring functionality across their VM resources, machine data, and more. They use Elastic to retrieve service logs, metrics, and visualize the data in Kibana for better decision making.

Azure Exam Prep, Azure Tutorial and Material, Azure Preparation, Azure Prep, Azure Certification

Configuring the Elastic stack on Azure can be a time-consuming process, which requires the knowledge and technical understanding of both the Elastic solution and Azure. Based on inputs from customers in the Open Source community and other users of the Elastic offering, we worked with Elastic to provide a seamless experience of their SaaS offering by integrating the deployment, billing, and support of the Elastic solution on the Azure cloud platform, made available through Azure Marketplace on May 25.

"The partnership with Elastic to integrate the Elastic workloads with Azure enables frictionless migration and operation of Elastic on Azure, customers not only get the benefit of a single portal experience, but can also centralize the management, billing and get support from Elastic for their Azure deployment."—Julia Liuson, Corporate Vice President, Developer Division.

Ease of deploying and managing logs through Elastic on Azure


This integration offers customers the ability to use the Elastic SaaS solution from the Azure Control plane. Customers will be able to provision a new Elastic service and configure their Azure resources to automatically send logs and metrics to Elastic. With an automated log-forwarding process, customers can easily configure their resource logs with Elastic through the resources Diagnostic Settings in the Azure portal. In addition, customers have the ability to manage the Elastic agent on Azure Virtual Machine extensions to configure logs and metrics emitted from their VM hosts.

Security and managing virtual network communication


Security and the ability to control traffic through virtual networks is a critical consideration for our customers. Private Link access allows customers to securely connect from their Azure Virtual Network into the virtual network on Elastic Cloud. With single-sign-on (SSO) implemented in the solution, customers can seamlessly transition between Azure and the Elastic Cloud with a unified Azure credential. Finally, these integrations are also complemented with unified billing for the Elastic service through Azure subscription invoicing.

"This integration allows customers to set up their Elastic with Azure resources easily and reduce the operational overhead. Customers can find, deploy, and manage Elastic from within the Azure Portal, apply search, monitoring real-time data for any workloads and applications and protect all the data within their own Azure environment while leveraging Azure’s global presence, flexibility, security, and compliance for the best user experience at scale."—Shay Banon, CEO of Elastic

Getting started with Azure Elastic service


Discovery and provisioning: Azure customers can find the service listed on Azure Marketplace and review the different plans offered and purchase it directly with single billing enabled. Within few clicks, you can deploy Elastic service in your desired subscription and datacenter regions with a preferred plan.

Azure Exam Prep, Azure Tutorial and Material, Azure Preparation, Azure Prep, Azure Certification

In Azure portal experience: Start using the Elastic service after provisioning, all Azure logs and applications can be easily connected. You can determine which Azure resource logs and metrics are sent to the Elastic resource.

Azure Exam Prep, Azure Tutorial and Material, Azure Preparation, Azure Prep, Azure Certification

Configuring logs: Configure resources to automatically send logs to your Elastic deployment.

Azure Exam Prep, Azure Tutorial and Material, Azure Preparation, Azure Prep, Azure Certification

Source: microsoft.com

Thursday, 27 May 2021

Azure is the home for your enterprise Java applications

Java is one of the most popular programming languages, used by over seven million developers to create everything from enterprise applications to complex robots. Over the past several years we’ve seen an evolution in the Java ecosystem, with the accelerated growth of open-source tools and frameworks like Spring. Microservice architectures are becoming more prevalent, and developers are building more applications on cloud platforms using containers and managed services. The Java ecosystem is complex and running Java applications in the cloud at an enterprise scale can be challenging. Our customers are asking us to help them modernize their Java applications and run them on an enterprise-grade platform—Azure.

Read More: PL-900: Microsoft Power Platform Fundamentals

We’ve made substantial investments in Java to support a wide range of customer workloads, from the development of Azure Spring Cloud with VMware as a managed destination for Spring Boot applications to the acquisition of jClarity, and the creation of our Microsoft Java Engineering Group. The Microsoft Build of OpenJDK provides a new supported Java runtime option on Azure with the potential for Azure-tuned optimizations—now generally available. We now support the full range of Java EE and Jakarta EE application servers through collaborations with Red Hat, Oracle, and IBM, with newly released offers for Red Hat JBoss Enterprise Application Platform (EAP) and IBM WebSphere on Azure Virtual Machines.

Microsoft is also using Java extensively. We see Java as critical to our success as a company, and it helps power some of our most strategic products like LinkedIn, SQL Server, Azure, Minecraft, and Yammer. We’re running hundreds of thousands of Java virtual machines (JVMs) in production for our internal systems (not including any customer workloads), and LinkedIn alone has thousands of Java microservices in production. Microsoft brings the expertise of running enterprise Java workloads, both internally and externally, to help our customers transform their business.

“I talk about our move to the cloud like this—imagine if you’re pulling into a racetrack pitstop and instead of changing the tires, you had to change out the whole engine. And in making the switch to Microsoft Azure, we changed out that engine—literally—overnight.”—Doug Wilson, Senior Director of Software Engineering, Kroger

Build using tools and frameworks you love

Azure provides first-class integration with DevOps tools popular with Java shops across integrated development environments (IDEs), build, automation, continuous integration and continuous delivery (CI/CD), and source code management (SCM). You can use the Azure Toolkits for IntelliJ and Eclipse to easily create, develop, configure, test, and deploy highly available and scalable Java apps to Azure, right from your favorite IDE such as IntelliJ, Eclipse, or Visual Studio Code. Plugins for Maven and Gradle allow you to natively build and interact with Azure services, and you can automate your workflows and deployments with GitHub Actions, Jenkins, and Terraform.

Azure Exam Prep, Azure Tutorial and Material, Azure Certification, Azure Preparation, Azure Career
Azure supports a wide range of developer tooling options for Java.

Microsoft is committed to the Java community and supports projects that improve the Java developer experience. We’ve contributed directly to OpenJDK—implementing ports from Windows and macOS on ARM, contributing enhancements to speed up Java builds on Windows, and helping to accelerate the development of the Shenandoah garbage collector. At Microsoft Build, we’re announcing general availability of the Microsoft Build of OpenJDK, a no-cost long-term support (LTS) distribution of OpenJDK that is open source and available for anyone to deploy anywhere.

It should also come as no surprise that GitHub is the home for open-source Java projects, with over 3.6 million hosted Java repositories. We’ve been working to further improve the support and resources available to Java developers, including offering free cloud compute cycles to support CI/CD and code scanning capabilities in GitHub repos, which are helping to power several of the top Java projects from organizations like Adoptium, Apache, Eclipse Foundation, Red Hat, and VMware.

“We’ve brought Java, Tomcat, Docker containers, Red Hat Enterprise Linux, SUSE Linux, and many other open-source tools into DevTest Labs, and they all work great.”—Peter Rothlaender, Manager of Cloud Solutions, Daimler AG

Ship faster with fully managed services


Organizations and developers want to focus on their applications, not managing and configuring infrastructure. If you want to run containerized apps, Azure has the best-of-breed Kubernetes platforms in Azure Kubernetes Service and Azure Red Hat OpenShift (ARO). Azure also offers the most fully managed hosting applications for Java of any major cloud platform, including Java SE, Tomcat, and Red Hat JBoss EAP (in preview) on Azure App Service and Spring on Azure Spring Cloud. For event-driven architectures, you can use Azure Functions with automated and flexible scaling. Managed services offer ease of use, higher productivity, and lower total cost of ownership.

Azure Exam Prep, Azure Tutorial and Material, Azure Certification, Azure Preparation, Azure Career
Azure supports all Java servers and frameworks on a range of managed compute destinations.

Azure Spring Cloud is a fully managed service for Spring Boot apps that lets you focus on building and running the apps that run your business. Simply deploy JARs or code and Azure Spring Cloud will automatically wire apps with the Spring service runtime. Once deployed you can easily monitor application performance, fix errors, and rapidly improve applications. It’s integrated into the Azure ecosystem and enterprise-ready.

Azure App Service lets you quickly build, deploy, and scale Java web apps and APIs on your terms. You can deploy EAR, WAR, and JAR files on Tomcat or Red Hat JBoss EAP (in preview) the way you want—with Maven plugins, from the command line, or from your IDE. Azure App Service includes built-in CI/CD integration and zero-downtime deployments with deployment slots. You can perform intelligent troubleshooting with Azure App Service diagnostics and optimize performance with Azure Monitor and Azure App Insights. Secure enterprise application hosting is possible with a variety of networking features or the single-tenant App Service Environment. If you have existing Tomcat web apps, you can use the App Service Migration Assistant to assess and migrate them to Azure App Service.

“We chose Azure Spring Cloud to concentrate on writing apps and running them with minimum overhead.”—Jonathan Jones, Lead Solutions Architect, Group Finance IT, Swiss Re

Easily extend your Java applications


Applications need supporting services like databases, integration, security, and monitoring. Azure offers a full range of managed database options, including Azure Database for PostgreSQL, Azure Database for MySQL, Azure Cosmos DB, and Azure SQL Database. Azure is the only cloud to offer hyperscale PostgreSQL, so customers can scale their databases almost limitlessly. Connect your applications with integration services like Azure Service Bus with Java Message Service (JMS) support and API Management. For data ingestion, you can use Event Hub or Event Grid. Get fully managed, native monitoring functionality for your Java workloads on Azure, including application performance monitoring (APM), through Azure Monitor Application Insights.

Azure Exam Prep, Azure Tutorial and Material, Azure Certification, Azure Preparation, Azure Career
Azure Spring Cloud and Java on Azure reference architecture with common Azure platform services, security, and integration.

We continuously work with enterprise customers to ensure we are focused on their needs including scaling, security, deployment, and cost requirements. Key themes emerge such as enforcing a Zero Trust security model, end-to-end monitoring and observability, and complete automation. Many customers have thousands of Java applications running on-premises. As they migrate these applications to the cloud, they need validated architectures that meet the requirements of their IT departments and regulators. In many customer environments, they also need to show direct mappings from on-premises system architectures to industry-defined security controls and benchmarks.

Our recently released reference architecture for Azure Spring Cloud and Java on Azure makes it easy to follow enterprise best practices in deploying Java apps in the cloud with a range for supporting services. Start with a strong foundation and easily add functionality as your needs expand.

“The availability of Azure Spring Cloud reference architecture reduced our internal cycles of researching architecture options and Spring Cloud feature sets, which allowed us to rapidly determine how we would want to implement and scale globally.”—Devon Yost, Enterprise Architect, Digital Realty Trust

Leverage the benefits of our strong partner ecosystem


Microsoft has a strong partner ecosystem that provides best-in-class solutions to bring your existing Java workloads to Azure and extend the functionality of your applications. From unique managed hosting options with joint development and support to Azure Marketplace images for popular Linux distributions, you can leverage a growing portfolio of Java-focused solutions.

Azure Exam Prep, Azure Tutorial and Material, Azure Certification, Azure Preparation, Azure Career
Microsoft has a strong partner ecosystem that provides many options for building and running Java applications.

Customers have substantial investments in mission-critical Java applications running on-premises and need fully supported environments to run these apps in the cloud. We’re announcing Azure Marketplace offerings for Red Hat JBoss EAP on Red Hat Enterprise Linux (RHEL) and IBM WebSphere, both running on Azure VMs. Red Hat JBoss EAP on Azure VMs includes flexible licensing options including bring your own subscription and pay as you go for RHEL. These offerings provide solution templates and Quickstarts to provision compute resources, install a base image, and provide configuration options. With the addition of Red Hat JBoss EAP and IBM WebSphere, customers now have a choice of Azure Marketplace offerings to deploy the most widely used Java enterprise application servers on Azure VMs (Oracle WebLogic, IBM WebSphere, and Red Hat JBoss EAP).

Many Java developers also use services like Redis for caching, Elastic for log analysis and observabilities, and Kafka for event streaming in their application architectures. Azure offers unique managed offerings for these services, including Redis Enterprise and Redis Enterprise Flash on Azure managed infrastructure, Elastic on Azure Marketplace for ELK-based monitoring and troubleshooting integrated with Azure, and Confluent Cloud with Azure portal and CLI integration. You can keep using your favorite services on Azure with the added benefits of managed infrastructure and support.

“Red Hat and Microsoft are both committed to extending choice and flexibility for organizations as they shift traditional Java applications to the cloud. Red Hat JBoss EAP on Azure offers customers a fully configured, jointly supported solution to make it easier for organizations to realize the benefits of cloud-based architecture. We look forward to continuing to build upon our long-standing relationship with Microsoft and expand support for our joint customers."—Rich Sharples, Senior Director of Product Management – Application Services, Red Hat

Source: microsoft.com

Tuesday, 25 May 2021

Azure gains 100th compliance offering—protecting data with EU Cloud Code of Conduct

I’m announcing that Azure has achieved adherence to the EU Cloud Code of Conduct (EU Cloud CoC), developed for cloud providers to align with the EU’s General Data Protection Regulation (GDPR). The EU Cloud CoC is the first GDPR code of conduct that has received the European Data Protection Board (EDPB) positive opinion, which was followed by final approval led by the Belgian Data Protection Authority. The EU Cloud CoC also marks the 100th compliance offering for Azure, more than any other cloud provider, providing customers a high level of assurance through controls, evidence, and verification.

The EU Cloud CoC serves as a basis for implementing the requirements of Article 28 of the GDPR for cloud providers acting as business-to-business processors under the GDPR. Because the EU Cloud CoC is approved by the EDPB, Azure customers can use Azure’s adherence to help demonstrate their own GDPR compliance, as well as cite it as a risk mitigator in a GDPR Data Protection Impact Assessment (DPIA). Article 40 of the GDPR specifically encourages the creation of codes of conduct, so as “to contribute to the proper application of the regulation.” SCOPE Europe acts as the independent monitoring body of the EU Cloud CoC.

“This verification of adherence for over 140 Azure services shows the broadness and robustness of our monitoring scheme, which applies strong safeguards to ensure that declared services are meeting all requirements set out in the Code. With the support of key companies like Microsoft, and now with its final approval, the EU Cloud Code of Conduct has solidified its position as an unparalleled market standard capable of ensuring GDPR compliance while fostering continuous innovation and growth.”—Jörn Wittmann, Managing Director, SCOPE Europe 

Azure Exam Prep, Azure Learning, Azure Tutorial and Material, Azure Preparation, Azure Guides, Azure Prep, Azure Guides

Microsoft Azure services are verified compliant with the EU Cloud CoC, Verification-ID: 2021LVL02SCOPE116. 

Azure Exam Prep, Azure Learning, Azure Tutorial and Material, Azure Preparation, Azure Guides, Azure Prep, Azure Guides
Microsoft has long demonstrated our commitment to meet and exceed the requirements of EU data protection laws. For instance, we were the first major technology company to affirm our compliance with the GDPR and to extend core GDPR rights and protections to our consumer customers globally—not just to those in the EU. Earlier this month, we announced the EU Data Boundary for the Microsoft Cloud, which by the end of 2022 will go beyond our existing data storage commitments and enable commercial or public sector customers in the EU to process and store all of their data in the EU.

Microsoft submitted Azure’s attestation of adherence to the EU Cloud CoC based on facts submitted to SCOPE Europe, relying on third-party audits from three widely-regarded certifications: ISO/IEC 27001 (Information Security Management System), ISO/IEC 27701 (Privacy Information Management System), and ISO/IEC 27018 (Cloud Privacy), which are foundational to Azure security and compliance. Customers and evaluators can verify Azure’s adherence to these and other security and privacy standards, such as SOC 1-3, FedRAMP, NIST 800-53 HITRUST, and PCI DSS in Azure Security Center. Azure combined certifications and offer hundreds of built-in security controls—such as authentication, access, encryption, and logging—that are mapped to these standards.

Source: microsoft.com

Saturday, 22 May 2021

Develop production-scale modern web apps quickly with Azure Static Web Apps

Azure Exam Prep, Azure Certification, Azure Preparation, Azure Career

Azure Static Web Apps was first announced in preview in May 2020 and today we are happy to announce the general availability of Azure Static Web Apps, including a free plan for easy product exploration and a standard plan for advanced capabilities supported by an enterprise Service Level Agreement (SLA). The Azure Static Web Apps hosting service aligns with the growing demand from consumers and businesses to establish a web presence with global reach and minimal effort.

Modern web app design patterns leverage microservices best practices for performance, agility, and extensibility. Azure Static Web Apps is a turnkey service for these modern full-stack web apps with pre-built and pre-rendered static front-ends, and serverless API backends. Develop with popular front-end frameworks or static site generators, quickly build and test your apps locally, and deploy with a simple check-in. This enables you to focus on your app, while Azure takes care of the deployment and infrastructure.

With Azure Static Web Apps you can take advantage of features designed for high productivity:

◉ Globally distributed content for production apps

◉ Tailored CI/CD workflows from code to cloud

◉ Auto-provisioned preview environments

◉ Custom domain configuration and free SSL certificates

◉ Built-in access to a variety of authentication providers

◉ Route-based authorization

◉ Custom routing

◉ Integration with serverless APIs powered by Azure Functions

◉ A custom Visual Studio Code developer extension

◉ A feature-rich CLI for local development

From code to cloud with Azure Static Web Apps

Azure Static Web Apps works with both GitHub and Azure DevOps to keep your apps up to date as your code changes with no DevOps configuration required. Commits and pull requests trigger a tailored workflow to build and deploy your app to Azure. Preview environments are created for pull requests to make it easy to validate changes before you merge them.

Every Azure Static Web App gets a free SSL certificate that is fully managed and automatically renewed by Azure. You can bring your own custom domain, and we're also introducing full support for root domains through ALIAS records with this release.

Azure Static Web Apps integrates with Azure Functions to simplify extending your app with serverless API endpoints. Starting with this release you can even bring an existing Azure Functions project and use that as your API. This allows you to take advantage of the full set of triggers, bindings, and extensions that Azure Functions offers. Azure Functions scale dynamically so your app is always ready to meet market demand.

Authentication and authorization are built-in as well. You can use our authentication flow with granular route security. Plus, now you can bring your own authentication provider and integrate it with your static web app.

Development from Azure Static Web Apps benefits from a tailored VS Code extension. The extension is designed for high productivity and makes it easy to create static web apps, extend with serverless APIs, and establish a deployment workflow. The new Azure Static Web Apps CLI provides a high-fidelity local replica of the cloud production environment with mocked hosting platform features for authentication, custom routing, and authorization rules to support local development.

Azure Exam Prep, Azure Certification, Azure Preparation, Azure Career

Azure Static Web Apps is a great option to accelerate the development and time to market for full-stack modern web apps using commonly built libraries and frameworks like Angular, React, Svelte, Vue, or Blazor.

Source: microsoft.com

Thursday, 20 May 2021

Ground processing with space data 5x faster with Azure

Azure Exam Prep, Azure Preparation, Azure Certification, Azure Tutorials and Material

Microsoft has teamed with Ball Aerospace to develop the prototype for the Commercially Augmented Space Inter Networked Operations (CASINO) Program Office, facilitated by the Defense Innovation Unit, demonstrating agile cloud processing capabilities in support of the United States Space Force.

The rising number of satellites proliferating in low earth orbit (LEO) presents a new data challenge for the ground segment of missions—a segment that is often overlooked. For increasingly distributed mission environments, Microsoft Azure delivers the processing power and analysis necessary for these large datasets.

Read More: MD-100: Windows 10

The CASINO Program Office demonstrated fast, flexible, and extensible commercial capabilities for ground processing in support of defense missions. The project also confirmed the potential to transform the analysis of space data across a wide array of industries, including agriculture, ecological study, sustainability, and disaster response.

Microsoft-Ball Aerospace team demonstrates a new method of space analytics

This project represents a huge leap forward in reducing the time to actionable insight—if you are on the ground in a tactical edge vehicle or located at a command center, users can obtain necessary information accurately, quickly, and securely.

To execute the demonstrations, the team transmitted simulated overhead persistent infrared (OPIR) data through Telesat satellites to Azure in the datacenter, as well as directly to a tactical vehicle equipped with an Azure Stack Edge device. The overhead satellites captured images of the environment, which were then pushed to both Azure and the Azure Stack Edge device where machine learning algorithms processed the images and detected certain activity or features. This machine learning identification generated insights that were converted to messages and disseminated across multiple endpoints.

Azure provided the foundational engine for the Ball Aerospace event-driven architecture, which was built in such a way to be extensible and fast. This build allowed for more satellite streams to be added with minimal disruption to speed and ensured different types of satellite imagery could be analyzed quickly.

These demonstrations exhibited:

1. Speed, scale, resilience: In the majority of test scenarios, data was captured, processed, and re-deployed, on average, 5x faster than the customer’s established target speed. The architecture created a scalable model which allowed for multiple processing chains. Re-deployment and ready-to-go failover were achieved with no capital expenditure costs.

2. Event-driven architecture: The system was built in a flexible and scalable way, making it easy to replace or add algorithms without major change to the production system.

3. Cloud-native: The system was built in Azure and worked at the Azure edge. This construction significantly reduced development time, created predictable resiliency, reduced resource demands, increased compliance, and provided clear financial insight for rapid scaling.

4. Continuous integration and deployment of AI and machine learning: Fast, repeatable, and traceable. The raw data captured by the satellites could be saved and worked on in the background, continuously improving the AI and machine learning model.

5. Infrastructure as a code: Scripts were generated to deploy the required infrastructure into Azure at any datacenter, providing the ability to quickly adjust resources as required.

“Our tests showed that the cloud is, in fact, a viable solution for data processing, exploitation, and dissemination of data that is not only fast but also flexible, secure, scalable, and resilient. For years, the military has envisioned an agile and connected force structure. During the demonstration, the CASINO team proved that we are ready to field low-latency links today, which moves this vision much closer to reality.”—Steve Smith, Vice President and General Manager, Systems Engineering Solutions, Ball Aerospace

Azure Machine Learning and AI allow our customers to gain advanced analytics capabilities that enable predictive modeling and actionable insights from a wide array of inputs, including OPIR satellite data. To disseminate this data securely and quickly, customers can harness Microsoft’s global fiber network.

Azure Exam Prep, Azure Preparation, Azure Certification, Azure Tutorials and Material

By combining satellite data with other sources directly in Azure, the Microsoft-Ball Aerospace team demonstrated an innovative approach for ground processing, which opens the possibilities for a range of public sector and commercial applications.


The joint demonstration with Ball Aerospace for direct satellite-to-cloud communication and accelerated ground data processing provides the Department of Defense, including the United States Space Force, with additional capabilities to support and shape the future as the mission continues to advance. Learn more about analyzing data from space—the ultimate intelligent edge scenario.

Source: azure.microsoft.com

Saturday, 15 May 2021

E-commerce on Azure increases security with Payment Card Industry Three-Domain Secure compliance

Azure Exam Prep, Azure Learning, Azure Preparation, Azure Guides, Azure Prep

More customers than ever are shopping from home in the current health environment, and companies are responding by rapidly deploying cloud-based e-commerce solutions. Azure is helping these companies meet their customers' needs with robust, customizable, and scalable e-commerce solutions that process transactions quickly and securely. 

Security is paramount for both e-commerce providers and customers, and we are always working to make Azure as secure as possible. 

Today we’re announcing that Azure is one of the first hyperscale cloud service providers to achieve Payment Card Industry Three-Domain Secure (PCI 3DS) certification. 

Azure retained a qualified 3DS Assessor Company to conduct an assessment of Azure's PCI 3-D Secure Environment (3DE) in accordance with the PCI 3DS Core Security Standard. The PCI 3DS Core Security provides a framework for implementing security controls that support the integrity and confidentiality of card-not-present transactions using the EMV 3-D Secure (3DS) messaging protocol. EMV 3DS provides an additional layer of security for card-not-present transactions by enabling cardholders to authenticate to their card issuers before making online transactions. 

The Azure cloud platform offers various product offerings that may be used by customers to support their own PCI 3DS payment solutions. Although the Azure cloud platform does not manage 3DS Domains or their functions, Azure’s PCI 3DS certification enables Azure customers to implement their own 3-D Secure Environment (3DE) on the Azure cloud platform and unblocks them from pursuing their own PCI 3DS certification. 

Azure’s PCI 3DS certification offers great news to customers looking to create more secure e-commerce solutions while complying with the PCI 3DS Core Security Standard.

Customers can download the Azure PCI 3DS 1.0 Package which contains all of the information necessary to leverage Azure’s PCI 3DS certification including the following documents as described below:

• Azure PCI 3DS Shared Responsibility Matrix

• Azure PCI 3DS White Paper

• Azure PCI 3DS Attestation of Compliance

Azure PCI 3DS Shared Responsibility Matrix

The Azure PCI 3DS Shared Responsibility Matrix describes the Azure PCI 3DS assessment scope and illustrates the PCI 3DS compliance responsibilities for Azure and its customers. It is intended to be used by Azure customers and their compliance advisors to understand the scope of the Azure PCI 3DS assessment and expectations for responsibilities when using Azure services as part of the customer's 3DE.

Understanding the shared responsibility for implementing security controls in a cloud environment is essential for customer building systems and utilizing services in Azure. The Azure PCI 3DS Shared Responsibility Matrix supports Azure customers implementing and documenting security controls for a system built on Azure by clearly delineating each PCI 3DS requirement's responsibilities. Implementing a specific security control may be the responsibility of Azure, the responsibility of Azure's customers, or a shared responsibility between Azure and its customers.

Azure PCI 3DS White Paper

Our new Microsoft Azure Cloud Platform for PCI 3DS White Paper provides guidance to Azure PCI 3DS customers on the PCI 3DS Core Security Standard and how the Azure 3DE can be utilized to implement a 3DE on the Azure cloud platform. The paper was produced on behalf of Microsoft Azure by Coalfire Systems, who conducted assessment activities including document reviews, staff interviews, and data center walkthroughs to validate the Azure 3DE against PCI 3DS Core Security Standard 1.0. The paper also examines the relationship between the PCI Data Security Standard (PCI DSS) and 3DS Core Security Standard and defines the responsibilities shared by Azure and its customers to meet the PCI 3DS Core Security Standard requirements.

Azure PCI 3DS Attestation of Compliance

Azure’s PCI 3DS Attestation of Compliance (AoC) provides evidence that Azure complies with the PCI 3DS Core Security Standard based on an assessment conducted by a qualified 3DS assessor company and is accessible through the Service Trust Portal

Notes on PCI 3DS deployment on Azure

Customers should note that different cloud service models affect how responsibilities are shared between Azure and its customers. Azure does not directly perform the functions of a 3DS Server (3DSS), 3DS Directory Server (DS), or 3DS Access Control Server (ACS), and Azure customers may host their own 3DS environment on Azure using services offered. It is the customer's responsibility to assess and understand their full scope of responsibility for implementing security controls and ensuring security controls are implemented in accordance with their compliance obligations.

A 3DS entity can choose to outsource the hosting and management of its hardware security module (HSM) infrastructure to a third-party service provider if the applicable requirements are met. Entities performing 3DS functions that use the Azure environment to host their 3DE are still subject to the PCI 3DS Core Security Standard and must have their environment assessed for all applicable requirements.

Microsoft continues to be at the forefront of e-commerce solutions to leverage the power of the cloud. Our e-commerce platform lets you analyze site traffic and browse-to-buy conversion rates to define special offers and new products based on customer behavior. Create personalized shopping experiences with targeted content and offers and increase satisfaction through ongoing engagement—before, after, and at the point of sale. When demand for your products or services takes off—predictably or unpredictably—be prepared to handle more customers and more transactions automatically.

Source: microsoft.com

Wednesday, 12 May 2021

Low-code development series: Modernize your IoT future with Azure and Microsoft Power Platform

Azure Exam Prep, Azure Learning, Azure Prep, Azure Career, Azure Tutorial and Material

In 2021, each month there will be a monthly blog covering the webinar of the month for the low-code application development (LCAD) on Azure solution. LCAD on Azure is a solution to demonstrate the robust development capabilities of integrating low-code Microsoft Power Apps and the Azure products you may be familiar with. 

In this blog, I will briefly recap LCAD on Azure, provide an overview of IoT on Azure and Azure Functions, how to pull an Azure Function into Microsoft Power Automate, and how to integrate your Power Automate flow into Power Apps.

What is LCAD on Azure? 

LCAD on Azure was created to help developers build business applications faster with less code. Utilizing Microsoft Power Platform, and more specifically Power Apps, helps developers scale and extend their Power Apps with Azure services. For example, a pro developer who works for a manufacturing company would need to build a line-of-business (LOB) application to help warehouse employees track incoming inventory. That application would take months to build, test, and deploy. Using Power Apps, it can take only hours to build—saving time and resources. 

However, say the warehouse employees want the application to automatically place procurement orders for additional inventory when current inventory hits a determined low. In the past, the development team would require another heavy lift to rework their previous application iteration. Due to the integration of Power Apps and Azure, a professional developer can build an API in Visual Studio (VS) Code, publish it to their Azure portal, and export the API to Power Apps, integrating it into their application as a custom connector.

Afterward, that same API is reusable indefinitely in the Power Apps’ studio for future use with other applications, saving the company and developers more time and resources.

IoT on Azure and Azure Functions

This webinar aims to understand how to use Azure IoT Hub and Power Apps to control an IoT device. To start, one would write the code in Azure IoT Hub to send commands directly to your IoT device. In this webinar, Samuel wrote in Node for Azure IoT Hub and wrote two basic commands: toggle fan on and off.

The commands are sent through the code in Azure IoT Hub, which at first run locally. Once tested and confirmed to be running correctly, the next question is how can one rapidly call the API from anywhere across the globe? The answer is to create a flow in Power Automate and connect that flow to Power Apps, which will be a complete dashboard that controls the IoT device from anywhere in the world. To accomplish this task, you have to first create an Azure Function, which will then be pulled into Power Automate using a Get function creating the flow.

Azure Exam Prep, Azure Learning, Azure Prep, Azure Career, Azure Tutorial and Material
Once you've built the Azure Function, run and test it locally first, test the on and off states through the Azure Function URL. To build a trigger for the Azure Function, in this case, a Power Automate flow, you need to create an Azure resources group to check the Azure Function and test its local capabilities. If the test fails it could potentially be that you did not create or have an access token for the IoT device. To connect a device, IoT, or otherwise to the cloud, you need to have an access token.

In the webinar, Samuel added two application settings to his function for the on and off commands. After adding these access tokens and adjusting the settings of the IoT device, Samuel was able to run his Azure Function successfully.

Azure Function automated with Power Automate

After building the Azure Function, you can build your Power Automate flow to start building your globally accessible dashboard to operate your IoT device. Samuel starts by building a basic Power Automate framework, then flow, and demonstrates how to test the flow once complete. He starts with an HTTP request and implements a Get command. From there, it is a straightforward process to test and get the IoT device to run.

Power Automate flow into Power Apps

After building your Power Automate flow, you develop a simple UI to toggle the fan on and off. Do this by building a canvas Power App and importing the Power Automate flow into the app.

To start, create a blank canvas app, and name it. In the Power Apps ribbon, you select button, and pick the button’s source, selecting Power Automate and add a flow. Select the flow that is connected to the Azure IoT device—its name should be reflected in the selection menu. If everything is running correctly, your IoT device will turn on. In the webinar, Samuel is running out of time, so he creates a new Power Automate flow, which he imports into the canvas app.

Source: microsoft.com

Sunday, 9 May 2021

Azure Availability Zones in the South Central US datacenter region add resiliency

Azure Exam Prep, Azure Tutorial and Material, Azure Learning, Azure Preparation, Azure Career

As businesses move more workstreams to the cloud, business continuity and data protection have never been more critical—and perhaps their importance has never been more visible than during the challenges and unpredictability of 2020. To continue our commitment to supporting stability and resiliency in the cloud, Microsoft is announcing the general availability of Azure Availability Zones from our South Central US datacenter region.

Azure Availability Zones are unique physical locations within an Azure region that each consist of one or more datacenters equipped with independent power, cooling, and networking. Availability Zones provide protection against datacenter failures and unplanned downtime. These are further supported by one of the top industry-leading service level agreements (SLA) of 99.99 percent virtual machine uptime.

For many companies, especially those in regulated industries who are increasingly moving their critical applications to the cloud, Availability Zones in South Central US provide the option for customers to choose the resiliency and business continuity options that support their business. Availability Zones provide our customers with added options for high availability with added fault tolerance against datacenter failures while supporting data protection and backup. Customers can choose to store data in the same datacenter, across zonal datacenters in the same region, or across geographically separated regions. Finally, data is protected against accidental customer deletion using role-based access control and immutable storage applied through forced retention policies.

Availability Zones in South Central US build upon a broader, rich set of resiliency features available with Azure that support customer resiliency. Key among these are:

◉ Azure Storage, SQL Database, and Cosmos DB all provide built-in data replication, both within a region and across regions.

◉ Azure managed disks are automatically placed in different storage scale units to limit the effects of hardware failures.

◉ Virtual machines (VMs) in an availability set are spread across several fault domains. A fault domain is a group of VMs that share a common power source and network switch. Spreading VMs across fault domains limits the impact of physical hardware failures, network outages, or power interruptions.

◉ Azure Site Recovery supports customers in disaster recovery scenarios across regions and zones.

The creation of Availability Zones in South Central US benefits our customers in many ways, including increased service availability guarantees, which reduces the chance of downtime or data loss should there be any failure. These zones also help ensure data storage protection for peace of mind. Data protection is our priority, even over recovery time. We can endure a longer outage and data can still be protected because of zone availability. Data is also replicated in triplicate. As we kick off a New Year, resiliency and stability for our customers are still crucial. We’re optimistic and excited to see the impact these Availability Zones will have on customers, their digital transformations, and ultimately their success.

Source: microsoft.com

Thursday, 6 May 2021

Microsoft acquires Kinvolk to accelerate container-optimized innovation

Microsoft Online Exam, Microsoft Preparation, Microsoft Certification, Microsoft Learning, Microsoft Tutorial and Material

The ability to run Kubernetes anywhere, whether in the cloud or on-premises, has been a high priority for Azure customers looking to rapidly innovate, with increasing customer focus on the benefits of container-optimized workloads and operating systems, lean application modernization, easier operations, and platform resiliency.

To support this rapid evolution, we’re announcing that Microsoft has acquired Kinvolk GmbH.

Kinvolk’s founding mission statement is “to build and promote an enterprise-grade open cloud-native stack”—we think this fits perfectly with our growing customer needs and our ongoing investments in open source and Kubernetes.

Kinvolk has a rich, innovative history in open source cloud-native distributed computing, including Kubernetes, eBPF, community building, and container-optimized Linux, as well as critical early work with CoreOS (the company) on the rkt container runtime. Kinvolk ultimately went on to create Flatcar Container Linux, a popular alternative to CoreOS Container Linux, as well as the Lokomotive and Inspektor Gadget projects.

Microsoft is excited to bring the expertise of the Kinvolk team to Azure, where they will be key contributors to the engineering development of Azure Kubernetes Service (AKS), Azure Arc, and future projects that will expand Azure’s hybrid container platform capabilities and increase Microsoft’s upstream open source contributions in the Kubernetes and container space. Stay tuned for more technical details soon.

Building with open source communities

In addition, Microsoft respects and wants to learn from the Kinvolk team’s great track record in starting, building, and nurturing open source community projects, and Microsoft is committed to maintaining and building upon Kinvolk’s open source culture. The Kinvolk team will remain active in their existing open source projects and will be essential to driving further collaboration between Azure engineering teams and the larger open source container community.

Flatcar Container Linux has a sizeable community of users on Azure, as well as other clouds, and on-premises. We know the CoreOS community has been on a winding journey over the years—we want to assure the Flatcar community that Microsoft and the Kinvolk team will continue to collaborate with the larger Flatcar community on the evolution of Flatcar Container Linux. Microsoft is committed to Flatcar Container Linux community development and will invest in working with the Flatcar community to create a growth path forward together. We’ll have our first meeting with the community within the coming weeks and invite anyone interested to attend and join the conversation.

We’re excited to bring the Kinvolk team and their technologies to Microsoft and look forward to the contributions they bring to Azure, our customers, and the open source community.

Source: microsoft.com

Tuesday, 4 May 2021

Easily build real-time apps with WebSockets and Azure Web PubSub—now in preview

Real-time application scenarios such as chat for streaming videos, interactive whiteboards for remote education, and IoT dashboards are becoming ever more popular. Businesses are keen to build such applications for enhanced user experiences and real-time interactions with end customers.

Today, we are announcing the preview of the Azure Web PubSub service for building real-time web applications with WebSockets. WebSocket is a standardized protocol that provides full-duplex communication. It is key to building efficient real-time web interactions and is supported by all major browsers as well as web servers. Azure Web PubSub enables you to use WebSockets and the publish-subscribe pattern to easily build real-time web applications, like live monitoring dashboards, cross-platform live chat, real-time location on maps, and more.

Azure Web PubSub, Azure Exam Prep, Azure Certification, Azure Preparation, Azure Career, Azure Tutorial and Material, Azure Learning
Figure 1: Azure Web PubSub service usage scenarios

Fully managed, globally available


Real-time scenarios often require high-frequency data flows and large quantities of concurrent connections between the client and server. For example, a finance app to visualize market data may need up to 100,000 connections and live data with low latency in milliseconds. A non-trivial infrastructure setup is required to get such functionality up and running at scale. To implement a WebSocket-based real-time experience, a developer would first need to set up infrastructure for handling client connections, establish mechanisms to scale it on demand and ensure the setup is able to meet business SLA requirements. This infrastructure management takes away a developer’s time from focusing on end-user experiences, and we built Azure Web PubSub service to solve this. The service offers built-in support for large-scale client connections and highly available architectures so that developers can focus on the application logic that delivers real-time connected experiences. 

Azure Web PubSub, Azure Exam Prep, Azure Certification, Azure Preparation, Azure Career, Azure Tutorial and Material, Azure Learning
Figure 2: Azure Web PubSub service in Azure portal

Native WebSocket support


The Azure Web PubSub service supports native WebSocket and a wide variety of programming languages (including C#, Python, and Java) through WebSocket APIs. This gives you the flexibility to build real-time cross-platform applications, and also migrate your existing WebSocket-based applications easily.

Besides the raw WebSocket support, this service also offers the json.webpubsub.azure.v1 subprotocol, which enables clients to do publish-subscribe effectively without routing data between service and backend server code. Taking the cross-platform live chatting example, the backend server code (a Web App or Function) may need to parse the client message for natural language processing, sentiment analysis, and other AI-enabled functionalities. On the other hand, action events (such as read receipt) don’t have to be routed through the Web App or Function. In this scenario, the client would send the events to targets directly through the Azure Web PubSub service using the subprotocol.

Serverless real-time applications with Azure Functions


The Azure Web PubSub service is natively integrated with Azure Functions and allows you to build serverless applications in C#, JavaScript, Python, and Java using WebSockets. Serverless solutions for real-time applications—using Azure Functions and Azure Web PubSub service—allow you to write less code, maintain less infrastructure, and save on costs. Consider a location tracking live dashboard. You can use Azure Functions to integrate and process the location data from IoT devices, and then leverage Azure Web PubSub service to broadcast the location data to multiple live dashboard clients to visualize real-time location information for your customers.

Source: microsoft.com