Hi everyone, welcome to this week's

Azure weekly update slightly early cuz

I'm traveling. I don't think I'll get

the opportunity to do it tomorrow. So,

hey, 16th of April. Uh we're not going

to have the chapters linked here because

hey, uh logistically that's challenging.

But new videos this week, I dived into

the new ability

to integrate the SFTP capability of

storage with Entra ID. So, no longer

have these local accounts at the storage

account level. Instead, this now works

with that centralized identity. So, it's

going to be a lot more manageable. I can

audit it. I can leverage things like

conditional access, MFA, etc.

And then this question has come up a

number of times, um is AI

being trained on my data, my

interactions in the Microsoft ecosystem?

So, I wanted to kind of just touch on

that super quickly. I'll provide the

links to the documentation, but

basically, if you're logged in with a

work or school identity, the answer is

no. If it's a personal identity, then

the default is yes for Copilot, but you

can opt out of it if you want.

So, on to what's new on the compute

side.

So, the standard V2 NAT Gateway is now

available as outbound for AKS workloads.

So, the big deal with the NAT Gateway V2

is it added support for zone redundancy,

IPv6, 100 gigabits per second of

throughput. And so, now I can leverage

that as the outbound connectivity when

you're using AKS in both a managed or

sort of bring your own VNet.

And the Azure Monitor

OpenTelemetry support now works for AKS

workloads. So, OpenTelemetry is

fantastic cuz it provides a standard way

that workloads can emit traces and logs

and metrics over the OpenTelemetry

protocol, OTLP.

So, if I have Azure Monitor at Insights

with the OTLP

ingestion capability, well, I can bring

in the data now from AKS workloads. Now,

to get that capability in AKS, you

either deploy the instrumentation from

the Azure Monitor OpenTelemetry

distribution,

or if it has it already, it's already

wired up, I can just use the auto

configuration capability

to get those signals sent in.

Um Azure Bastion now supports managed

identity for the storage of those

graphical sessions recording. Remember,

Azure Bastion is that managed jump box

experience.

And I can also record both RDP and SSH

sessions.

So, it puts that in a storage account.

Now, historically, I've had to use a

shared access signature token for that

access, but now I can use a managed

identity for the access to the storage

account. And that can be both a

system-assigned or a user-assigned

managed identity.

Um Azure Site Recovery now supports

virtual machines. They're going to be a

Gen2 that have an NVMe controller. So,

it's just expanding where I can now

leverage Azure um Site Recovery.

And Azure Batch, they've announced this

before, but the HBv2, the HC, and the NP

SKUs

are being retired. So, by the end of May

2027, you need to have moved to a newer

version of those SKUs, um or they're no

longer going to work for Azure Batch

pools.

On the storage side,

so Azure Files, remember Azure Files

supports both SMB and NFS,

where I can now have the granular

encryption in transit. So, what are my

requirements for encryption on the wire?

So, now at an SMB or NFS level, for

example, there's a require encryption in

transit for NFS setting, so I can

independently set the different

protocols based on my requirements.

Uh Azure Storage Mover is now in the Gov

Cloud. That's useful for moving at large

scale um file share content into Azure

Files.

Azure File Sync is now available in new

regions. So, if I want to synchronize

between Windows file shares uh with each

other,

but also via, so it goes via the cloud

endpoint to an Azure file share. Well,

that Azure File Sync service is now

available in new regions. So, Belgium

Central, Malaysia West, and Indonesia

Central. So, that's going to help if you

have certain regulatory requirements

where I need to make sure it stays

within a certain geography.

Smart tiering for storage has gone GA.

So, we already had like life cycle

management, we already have sort of the

actions we can define. Smart tiering

just follows those minimum times you

have to keep uh data in a tier to avoid

sort of early deletion rules, and we'll

just move it for you.

So,

for both blob and Data Lake, so I've

been able to hierarchical namespace, it

will move data between hot, cool, and

cold based on the usage pattern. So, if

it's not accessed for 30 days in hot,

it'll move it to cool. If it's not moved

for 90 days in cool, it'll move it to

cold. It's not going to move it to

archive. Remember, archive is offline.

If you access it, it's going to put it

back in hot and restart that whole

tiering cycle.

There's being introduced a minimum

billable object size for both cool,

cold, and archive. So, if an object is

smaller than 128

kibibytes, KiB,

it will get billed at 128.

That's going to take go into effect from

July 1st, 2026 for new storage accounts,

and July 1st, 2027 for existing storage

accounts. Hot tier has no minimum size,

but they are introducing that minimum

billable size um for those

cool, cold, and archive.

And I can now encrypt Premium SSD V2 and

Ultra Disk using a cross-tenant

customer-managed key. So, hey, the key

I'm using with those disk encryption

sets can live in a key vault in a

subscription under a different tenant

from the disks. It's really useful in

like those SaaS scenarios where you're

providing a solution for your customers

and the customer wants to maintain the

ownership and the control of the key,

well, you can now uh leverage that.

On the database side, so Event Grid

can now support ingestion of events from

Stripe. So, Stripe is widely used for

payments. So, there's lots of related

events. So, yes, there's a payment, but

there's a dispute, there's a refund.

There's a whole bunch of different types

of events that can happen. Well, I can

now ingest those directly into Event

Grid. Remember, Event Grid is fantastic

because rather than some end service

having to hammer poll, "Hey, do you have

something? Do you have something?"

Event Grid receives the event and will

then trigger whatever technology I want.

So, typically it's services like Azure

Functions. It could be a Logic App, a

webhook, an Event Hub, a Service Bus.

There's other things I can do, but Event

Grid can now act as that service to work

off of those.

Um Azure Managed Grafana basic SKU is

being retired um end of March 2027.

Basically, move to the standard SKU.

It's got better reliability, better

feature set. Uh if you don't move off of

that by the retirement date, it will

just be deleted.

And finally, miscellaneous.

Um the MIA image to efficient model.

There's too many Fs in that. I realize

that now. Um has been

uh released. This follows on from the

recent um

image 2 version that was just released.

So, this is our text-to-image model, and

this is basically a much faster, much

cheaper option. It's four times more

efficient. It's 41% lower priced. So,

now you get that flexibility. And that

was it. Sorry about the

constrained recording area today. I hope

that's useful. As always, till next

video. Take care.