General Availability of Managed DevOps Pools (MDP) for Azure DevOps

Microsoft announced that Managed DevOps Pools for Azure DevOps is now generally available! This milestone marks a significant advancement in improving developer productivity in the CI/CD loop, reducing your cloud bill for ES infrastructure, and minimizing the toil associated with creating and maintaining custom CI/CD infrastructure for your pipelines.

What is Managed DevOps Pools?

Managed DevOps Pools enable development and platform engineering teams to quickly spin up custom DevOps pools tailored to their workload’s unique needs. It combines the flexibility of Scale Set agents with the ease of maintenance of Microsoft Hosted agents, offering improved performance and advanced reliability features. Managed DevOps Pools is a fully managed service where VMs powering the agents are created and managed by Microsoft, reducing the time spent managing agents and improving reliability.

Key Features:

  • Tailored Pools: Create pools in any supported Azure region with any SKU, including ARM64 and GPU.
  • Custom Software: Customize the software installed on your agents using Microsoft-hosted quick starter images, selected marketplace images, or bring-your-own images.
  • Performance and Cost Optimization: Use Standby agent mode to configure predictions that ensure the correct number of agents are ready when needed.
  • Private Network Connectivity: The bring-your-own-network feature allows you to connect your agents to resources on your private network and control network security.

New Features:

  • Support for New Azure Regions: It is now available in Sweden Central, Brazil South, Japan East, UAE North, Korea Central, and Norway East.
  • Easy Discoverability: The Azure DevOps “Add agent pool” UI now includes the “Managed DevOps Pools” option.
  • Proxy Support: Set up Managed DevOps Pools to direct network traffic through a proxy.
  • IP Address Visibility: You can view the agent’s IP address in the Initialize job step of your pipeline log.
  • Resource Group or Subscription Move: Move your Managed DevOps Pools to another Azure resource group or subscription.
  • Ubuntu 24.04 Support: Support Ubuntu 24.04 with new images and bring-your-own options.
  • Azure Key Vault Integration: Configure your pool to download certificates from Key Vaults.

Looking Ahead

The general availability of Managed DevOps Pools is just the beginning. Microsoft will continuously improve and evolve the service. Upcoming features include:

  • Container-based agents
  • Support for SPOT VMs
  • Managed data disk support
  • Trusted root certificates
  • Faster pipeline starts
  • Log Analytics integration.

More details: Announcing the General Availability of Managed DevOps Pools (MDP) for Azure DevOps – Azure DevOps Blog

Windows 365 Link: Simplifying and Securing Cloud-Based Operating Systems

Microsoft has introduced a new category of cloud computing that allows users to access the full Windows 365 experience through streaming on a small computer. Windows 365 Link offers a cloud-based operating system experience, enabling users to stream their Windows desktop from Microsoft’s cloud to any device.

This enterprise-focused solution is designed for organizations adopting Windows 365, aiming to enhance user productivity, security, IT efficiency, and sustainability. The Windows 365 Link is Microsoft’s first Cloud PC, built to provide quick access to Windows 365 in seconds. It addresses virtualization challenges such as complex authentication steps, peripheral incompatibility, and latency issues, promising to resolve these with a solution that wakes up in seconds and quickly resumes work from the cloud.

The compact device supports two 4K monitors, has four USB ports, an Ethernet network port, and wireless connectivity with Wi-Fi 6E and Bluetooth 5.3. It offers high-performance video processing and conferencing capabilities, including Microsoft Teams, and integrates partner solutions like Cisco’s Webex.

Security is a priority, with the operating system locked down, no local data or apps, and no local admin privileges, reducing the risk of attacks. Authentication is passwordless, using Microsoft Entra ID, allowing access via multi-factor authentication methods such as the Microsoft Authenticator app, a QR code passkey, or a FIDO USB key.

The device simplifies IT management, reducing logistical challenges and costs for companies. Users only need to connect the PC, set up the internet, and authenticate their account to start working in minutes. The Windows 365 Link is available for initial testing in select countries and is expected to hit the market in April 2025 for $349.

đź“–Learn more: Windows 365 Link—the first Cloud PC device – Windows IT Pro Blog

5 Essential Skills for Microsoft Azure Beginners

If you’re new to Azure, diving into the world of cloud computing can feel overwhelming. Microsoft Azure is a powerful platform offering a broad range of services, and getting familiar with the fundamentals is critical.

Here are the top five skills every beginner should focus on to build a strong Azure foundation:

1. Cloud Computing Basics

Before diving into Azure specifics, it’s essential to understand the fundamentals of cloud computing. This includes grasping the core concepts of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Knowing how these models differ will help you choose the right services and solutions as you start to work with Azure.

Tip: Explore Azure’s free learning modules on Microsoft Learn to build a foundational understanding of cloud principles. This Learning Path is a great way to get started: Microsoft Azure Fundamentals: Describe cloud concepts – Training | Microsoft Learn

2. Azure Resource Management

Effective resource management is critical in Azure. This includes knowing how to create and manage virtual machines, storage accounts, and networking components. Start by learning to use the Azure portal, Azure CLI, and PowerShell to deploy and manage resources. Also, understanding Azure Resource Manager (ARM) templates (Json and Bicep) can be highly valuable for automating deployments.

Tip: Practice setting up resources in the Azure portal and then move to ARM templates or CLI commands for a more flexible, repeatable setup.

3. Networking Basics

Networking forms the backbone of cloud infrastructure, so basic networking knowledge is essential. In Azure, this means understanding virtual networks (VNets), subnets, and the importance of network security groups (NSGs). Familiarize yourself with concepts like VPNs, IP addressing, Peering, and load balancing as they apply to Azure.

Tip: Use the Azure portal’s built-in labs to create and configure your VNets and play around with NSG rules to control traffic flow.

4. Security Fundamentals

Security is critical in any cloud environment, and Azure provides several tools and best practices for protecting your applications and data. Begin by understanding Microsoft Entra ID (formerly known as Azure AD), Azure’s identity and access management service. Explore role-based access control (RBAC) to manage who has access to Azure resources and become familiar with basic security settings like firewalls, encryption, and managed identities.

Tip: Review Microsoft Defender to see security recommendations and use them to monitor and improve your security posture as you build.

5. Cost Management and Budgeting

Managing costs is often overlooked by beginners, but understanding Azure’s pricing and billing structure is crucial. Get familiar with the Azure Pricing Calculator and Azure Cost Management + Billing. These tools allow you to estimate and monitor costs, helping you avoid unexpected bills. Knowing how to set up budgets and alerts will ensure you stay within your budget as you explore Azure services.

Tip: Use the free Azure cost management resources and set up cost alerts to track spending on your account.

Final Thoughts

These five skills form the foundation for getting started with Microsoft Azure. As you grow more comfortable, you can explore more specialized areas like DevOps, data storage, or AI and machine learning on Azure. Remember, learning Microsoft Azure is a journey, and consistent practice is the key to mastery. Dive in, explore, and enjoy the power and flexibility that Azure brings to the world of cloud computing! I am always just a message away if you have any questions!

Speaking at the European Cloud Summit 2024

Join me at the European Cloud Summit to learn how to use Azure Policy to ensure a well-managed Azure infrastructure.

Tiago Costa speaking at European Cloud Summit

I’m excited to announce that I will speak at the European Cloud Summit, a premier event for cloud professionals and enthusiasts in Europe. The summit will occur from May 14 to 16, 2024, in Wiesbaden, Germany. It will feature over 100 sessions covering various topics related to cloud computing, such as architecture, security, DevOps, AI, IoT, and more. You can find more details and register for the summit at https://cloudsummit.eu/.


In this post, I’ll provide a sneak peek into what you can expect from my session and why Azure Policy is a game-changer for maintaining a robust and compliant Azure infrastructure.
My session is titled “Enforcing Governance and Compliance with Azure Policy: Best Practices for Well-Managed Azure”. In this session, I will explore the role of Azure Policy in ensuring a well-managed Azure infrastructure. Azure Policy enables organizations to enforce governance and compliance requirements by defining and enforcing policy rules across their Azure resources. I will discuss best practices for creating and implementing Azure Policy, including:

  • Setting up policies for resource deployment and management, such as naming conventions, locations, tags, and resource types.
  • Securing resources like encryption, firewall, identity, and access management.
  • Optimizing resource utilization, such as cost management, quota limits, and resource locks.


By the end of the session, attendees will have a deeper understanding of Azure Policy’s benefits and how to use it to enforce governance and compliance in their Azure environment. Whether you are new to Azure Policy or already familiar with it, you will find this session valuable and informative.


Stay tuned for more updates, and mark your calendars for my session. I hope to see you at the European Cloud Summit and share my insights and experiences with Azure Policy. If you have any questions or feedback, feel free to contact me at https://www.tiagocosta.com/contact/.

Unlocking FREE TLS Certificates on your Azure Web App

In the dynamic world of cloud computing, Azure stands out as a powerhouse, offering many services to meet the diverse needs of developers and businesses alike. A TLS (Transport Layer Security) certificate is an essential component of a secure and trustworthy website. In this article, we’ll explore Azure Tips and Tricks to add a TLS certificate to your Azure Web App without breaking the bank – in fact, for FREE!

Why TLS Matters?

TLS is crucial for ensuring secure communication between users and your website, safeguarding sensitive information such as login credentials and personal data. It encrypts the data exchanged between the user’s browser and your web server, preventing unauthorized access and potential security breaches.

Azure App Service and TLS.

Azure App Service makes hosting web applications, APIs, and mobile backends easy. However, enabling TLS on your Azure Web App traditionally involved purchasing a certificate, which could be a deterrent for smaller projects or developers on a tight budget. But fear is not! Azure offers a fantastic solution to obtain a TLS certificate for free.

Let’s dive into the step-by-step process:

Step 1: Access the Azure Portal

  • Log in to your Azure portal at https://portal.azure.com/ and select the Azure Web App for which you want to add the TLS certificate.

Step 2: Configure TLS Settings

  • In the left-hand menu, under the “Settings” sections, select “Certificates”. Here, you’ll see options for configuring your certificates.

Step 3: Create the TLS Certificate

  • Select “Managed Certificates” and then “+ Add certificate”.

Azure allows you to create a free App Service Managed Certificate, simplifying the process.

Step 4: Add Domain and Validate

  • Select your custom domain name and select “Validate”. Azure will automatically validate your domain, ensuring that you have ownership. After the validation process is completed, select “Add”.

Conclusion:

You’ve just added a free TLS certificate to your Azure Web App, enhancing the security and trustworthiness of your website. Azure’s user-friendly interface and App Service Managed Certificates have made the once daunting task of obtaining and configuring TLS certificates a breeze.

With this knowledge, you can confidently deploy your web applications on Azure, knowing you’re providing a secure environment for your users without breaking the bank. Stay tuned for more Azure Tips and Tricks to unlock the full potential of Microsoft’s cloud platform!