Tech Updates for Busy People, July 2023
Table of Contents
Here are some of the updates that I found interesting for this month. There are definitively more updates I’m missing, but here I’m trying to cover those that relate to the work I’m doing during this period. I hope you find them useful as well.
Terraform
Import: Generating configuration
With this new feature on Terraform 1.5.0, you can now generate code for those resources that you have imported into your state file. Just have in mind that this code generation might not work initially for all resources, but it is a great feature that would probably be improved in future versions.
Checks
Terraform Check was introduced in version 1.5.0. This is a command that helps you validate your infrastructure using assertions.
There is a great blog post on HashiCorp’s blog that explains how to use the check
command in real-life scenarios
8 Terraform continuous validation use cases for AWS, Google Cloud, and Azure
AWS
AWS Control Tower - New Proactive Controls
There are 28 new proactive controls in AWS Control Tower. This launch enhances AWS Control Tower’s governance capabilities, allowing users to implement controls at scale across your multi-account AWS environments by blocking non-compliant resources before they are provisioned. More information can be found here.
AWS WAF now supports URI path aggregation key for rate-based rules
AWS WAF now supports URI path as an aggregation key for rate-based rules; with this feature, now you can track request rates for any URI path and apply rule actions based on the number of requests received. Rate-based rule statement
Azure
Virtual Network Encryption - Preview
With this, users can enable encryption of traffic between Virtual Machines and VMSS within the same virtual network and between regionally and globally peered virtual networks. \ Encryption is done at the data-link layer, using the IEEE 802.1AE MAC Security Standards (MACsec). For additional information visit the Virtual Network Encryption Azure documentation.
Microsoft Dev Box is Now GA
This reminds me of AWS’s Cloud9 IDE and a podcast I heard recently; on this podcast they were talking about the need for development environments in the cloud for those use cases that have high-security requirements and other exciting use cases. This finally closes the gap from the Azure side, where many customers were deploying AVD for their developers. Microsoft Dev Box.
Private Link support for Application Gateway is Now GA
Private Link for Application Gateway allows you to connect workloads over a private connection spanning across VNets and subscriptions. When configured, a private endpoint is placed into a defined virtual network’s subnet, providing a private IP address for clients looking to communicate with the gateway.
Here’s the official documentation Application Gateway Private Link, and here’s the link with the instructions to configure it Configure Application Gateway Private Link
Azure Front Door Migration Tools Now GA
The tools that help you migrate from Azure Front Door Classic to Standard or Premium is now GA. Azure Front Door Migration Tool General Available.
And for those needing to migrate from Azure Front Door Standard to Premium, there is a another tool that can help you with this process Upgrade from Azure Front Door Standard to Premium
Azure Premium SSD v2 Disk Storage Now GA
Azure Premium SSD v2 Disk Storage is now available in more regions. This next-generation storage solution offers advanced general-purpose block storage at a fair price, it delivers sub-millisecond disk latencies for demanding IO-intensive workloads at a lower price when compared with Ultra Disks and even Premium SSDs. \
One important limitation is that SSD v2 Disks cannot be used as OS disks. Premium SSD v2. You can also check the pricing here on the Premium SSD v2
section.
Cross-Region Load Balancer is Now GA
Azure announced the general availability of cross-region Load Balancer. This is a great feature for those customers that need to deploy their applications in multiple regions. It now offers a 99.99% SLA, UDP support, and Floating IP. More information available here
Crash Consistent VM Restore Points - Preview
A crash-consistent VM restore point is an agentless solution that stores the VM configuration and point-in-time snapshots for all managed disks attached to a Virtual Machine. This is the same as the status of data in the VM after a power outage or a crash. Using Crash consistent restore points you can plan and protect your Azure VMs backup and/or disaster requirements. \
Regions supported: West Europe and EastUS2. Azure states that they will continue to rollout support in all regions in the coming weeks. Crash Consistent VM Restore Points
Azure Boost - Preview
Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS, such as networking, storage, and host management, onto purpose-built hardware and software.
Two important things to keep in mind; first: this will be only available for some experimental SKUs (at least initially), and second: you need to use one of the latest versions of the DPDK that supports MANA.
More information can be found here.
Upgrade Windows Server end-of-support (EOS) with Azure Migrate - Public Preview
With Azure Migrate, you can upgrade legacy Windows servers while migrating to Azure, minimizing effort, downtime, and risk. By creating a copy of the server in Azure and performing the upgrade there, the impact on the original server is minimized, ensuring a secure and efficient transition. Please check the documentation for the Windows Server versions supported Windows Server end-of-support (EOS): Upgrade seamlessly with Azure Migrate (Public preview)
Tools and Other Stuff
System Initiative
I came across this new project called System Initiative. It is a project that aims to provide a set of tools to help you manage your infrastructure. It is still in its early stages, but it looks promising. System Initiative
Bitwarden
I’ve been using Bitwarden for a while now, and I’m very happy with it. It is a great open-source password manager that gives you lots of flexibility. Go ahead and check by yourself Bitwarden