Last week’s Azure news of interest to developers centered around service updates, Azure Security Center and some augmentation to existing services.
Legacy Storage version lifetime extended
Microsoft had announced that it would retire Azure Storage versions 2009-07-17 and earlier on Aug. 1. But apparently, enough early adopters raised enough of a fuss that Microsoft now says it’s postponing that retirement indefinitely.
That doesn’t mean Microsoft doesn’t want you to update. Oh, no. Quite the contrary: Those legacy versions are going to go away. Just not next week.
We still encourage all customers using deprecated service versions to upgrade to the latest service version in order to gain the benefits of new features and performance improvements. Twelve months notice will be provided once a new service version removal date is selected. (emphasis added)
Node.js library for Storage available
Azure Security Center is generally available
The first time I turned Azure Security Center on, my portal looked like a Christmas tree of red warnings, blue “mehs” and green “OKs”. Several of these were definitely problems that needed mending, such as network misconfigurations and endpoints not being protected by firewalls.
That said, Azure Security Center is very pessimistic, flagging a lot of things that in many cases aren’t really problems.
For example, I have some Azure SQL Databases that hold impersonal data (such as real estate listings, cancellations, election results, etc.).
Microsoft says I should be using Transparent Data Encryption on those databases; I say that all the records in those DBs wind up as JSON on websites with 200,000+ visits per day, so there’s zero need to encrypt.
Unfortunately, there’s no way to tell Azure Security Center to stop recommending TDE. At least, none that sticks between sessions.
Nonetheless, when it comes to web security, better to be paranoid than to find out you have enemies. To that end, security center does a fine job of making suggestions based not only on configuration, but also on metrics.
It’s being improved all the time and it’s free. And as is my case, just because Azure Security Center flags something doesn’t mean you can’t continue to do whatever it is that’s been flagged.
Check your Azure Active Directory certs by Aug. 15
On Aug. 15, Azure Active Directory will roll over its security certificates. Therefore, if you’re authenticating against an Azure Active Directory, or have built an app that uses Active Directory for authentication via the Graph API, you might have to make some changes to your application’s authentication scheme.
Microsoft advises that if you’ve used any of its current black-box authentication code — such as that which comes prepackaged in certain Visual Studio solutions — then you probably don’t need to do anything. It’s only if you’ve self-coded an Azure AD authentication scheme, and hard-wired the security certificate into that scheme, that you need to worry.
Nonetheless, if you are using Azure AD to authenticate, run through Microsoft’s instructions before Aug. 15 to avoid unpleasantness.
Odds and ends
- Azure Batch now has support for Message Passing Interface in Linux. It’s hard to believe this wasn’t available previously, since large-scale parallel computing in Linux pretty much requires MPI.
- You can now stream Azure diagnostics data to Event Hubs. This seems really handy, especially if you use Power BI or if you want to do regressions on your events to either better automate scaling, predict growth, etc.
- Related: The “new new” portal now supports configuring Power BI and Data Lake output for Stream Analytics.
- You can attach data disks to DevTest Labs VMs. I still don’t understand why DevTest labs is even needed, since PowerShell and Azure Resource Manager templates can automate VM spinups, or I could just use Puppet or Chef.
- Azure Media Services is beginning to make use of Azure’s expanded CDN options. Right now it looks like the Akamai-backed version of Azure CDN is available, with plans seemingly afoot to begin integrate the rebranded EdgeCast CDN at some future date.
- Azure Data Factory has new connectors for Cassandra and Salesforce. Additionally, the gateway Azure provides for on-prem to cloud data migration has been updated.