Azure Tip: Add an SSL/TLS certificate to you Azure Web App for FREE!!!

The Let’s Encrypt initiative is the market reference when we talk about free SSL certificates. It is a great initiative, but today, I want to talk about something super easy to implement under Azure Web Apps.

In Azure Web Apps, we now have the option to add a free, yes, you read it, FREE!!! SSL/TLS certificate. With this feature, you can create a certificate that can be used for SSL Binding for the selected sub-domain. App Service Managed Certificates are free of cost and fully managed by App Service to maintain the safety and security of your site at the highest level. This feature comes with some limitations:

  • No support for wildcard certificates
  • No support for naked domains
  • Cannot be exported
  • Does not support DNS A-records

If you have a workload that needs one of those features, currently, you cannot use this feature. You can Import App Service Certificates or even import your SSL/TLS certificate.

How to create the free certificate?

1. Navigate to the overview blade of your Web App and select the TLS/SSL settings option.

2. In the TLS/SSL settings blade, select the Private Key Certificates (.pfx) option.

3. In the TLS/SSL settings blade, select the + Create App Service Managed Certification option.

4. In the Create App Service Managed Certificates blade, in step 1, select the non-naked domain you want to create the SSL/TLS certificate and then press the Create button.

There you go, you just created a certificate for free for your Web App custom domain. All this for free with a super easy setup. If you like these Azure tips, leave your comments or questions in the comment box!

Productivity Hack: Kill back-to-back meetings

We are living a … let’s be positive and called it “special” time! Corona virus outbreak is among us, and everyone that can, is working from home. You still need to interact with your team, customers and partners, so all conference calls services are seeing an exponential growth. Microsoft Teams saw a huge growth last week when not only a lot of customers started to work from home, but also schools started to teach virtually. You can check this article that states that Microsoft Teams surged to 44 million users (https://www.windowscentral.com/microsoft-teams-surges-44-million-daily-users-amid-coronavirus-outbreak), so that you can understand the huge growth. In November of 2019, Microsoft reported 20 million daily users!

I don’t want to write a huge article explaining how back-to-back meetings are a productivity killer. There are other authors that can explain this way better than me. Some meetings can overrun and if you have another meeting schedule without breaks… well… you get it! It’s important to allow for some break between meetings. What about if we could do this in an automatic way? If you’re using Microsoft Outlook, YES YOU CAN!!!

I bring you an amazing feature that we can use to allow some break between back-to-back meetings.

  1. Open your Microsoft Outlook desktop app.
  2. Under File, select Options.
  3. Select the Calendar tab and then check the End appointments and meetings early checkbox.

With this option you will create a shorter meeting allowing some break between meetings for your colleagues, partners and customers.

Hope you liked this option!

Speaking at Building the Future 2020

From technical to business oriented and strategic scope sessions to tech demos and experiences, Building the Future 2019 helped people from all backgrounds to better understand how they can create their future. The first edition of Building the Future was just the beginning. Get ready to learn, meet and connect with the people that are building the future in 2020.

Toghether with Ricardo Fiel and Alexandre Vieira we will bring an amazing Serverless Lab. During more than 1 hour, you will be challenged to implement an end-to-end scenario using a supplied sample that is based on Microsoft Azure Functions, Azure Cosmos DB, Event Grid, and related services. The scenario will include implementing compute, storage, workflows, and monitoring, using various components of Microsoft Azure.

Can you imagine how many talks, hands-on sessions or workshops about themes such as Digital Transformation, AI, Machine Learning, Organizational Culture or Cybersecurity can fit in 2 days? Look at the agenda and build your own journey at https://buildingthefuture.pt/schedule

Last year recap:

If you’re attending find me and say hi!!!

MVP Award 2019-2020

On July, 1st, I got renewed as a Microsoft Azure MVP. 4 years in a row! It’s indescribable the felling and honor to be among the elite of Microsoft Azure Professionals. It’s in these days that my imposter syndrome comes to life.

Before starting this blog post I would like to thank for all the support that I got from several community members and specialy from my family that puts up with my absences when I choose to speak at events across the world, all the conference calls with other events organizers, etc… Without this support all this wasn’t possible. My wife Sofia is amazing and I’m very lucky to share my life with her!

But, today is not only a happy day, it’s also a sad day, because many awesome MVPs are not renewing. Personally, I would like to say a big THANK YOU to all of you!!! Your contributions across the years have been inspiring to make me a better professional. I have many MVPs to reference, but I would highlight @André Vala. Across the years I have been sharing time and adventures with him! We had organized amazing events in Lisbon and I’m sure that he is continuing to help on these activities and very shortly will be re-awarded. André is the backbone of some of our events. His insights and organization make out life easier in organizing those events.

A lot of people ask me what the Microsoft MVP program is, so here it goes: Microsoft MVP in a non-paid activity, it consists in sharing your knowledge on Microsoft technologies usually in conferences, online forums, videos, blog posts, … You can find more information about the MVP program here and a list of all the MVPs here.

Plans for next year?

  • Continuing to speak in amazing events across the world
  • Building new Azure focus communities to life – Announcement will be very soon!!!
  • Helping to make the change in the Azure world by teaching Azure to IT professionals, Developers and Architects
  • Helping amazing customer in moving to the cloud by building and designing state of the art workloads
  • Writing and producing amazing content, both in this site but also on LinkedIn Learning and other video-based tutorials
  • and some more to TBA activities. Keep your eyes on this space.

A final thank you, to all the professionals that I had shared my space with. It’s been an honor and I hope to share more amazing conversations with all of you! Come and join me on my next speaking engagements and let’s have a talk over some drinks.

Changes in Azure Administrator Associate certification

Microsoft Learning just announced changes in the Azure Administrator Associate Certification. In resume the Azure Administrator Associate certification has been modified and now you only need to pass in one exam: AZ-103: Microsoft Azure Administrator.

This change will be live starting May 1, 2019. This new exam combines skills from AZ-100 and AZ-101, but basically is all AZ-100 plus some topcis that come from AZ-101. You can find the topics that are coming from AZ-101 at the full object domain in yellow.

Some points to understand with this change:

  • If you already have the AZ-100 exam, you will get the Azure Administrator Associate certificate.
  • AZ-100 and AZ-101 will be retired on the May 1, 2019
  • Official Instructor Led and Online Training will be available on May 1, 2019.
  • If you had taken the AZ-101 (with a pass or fail score) you don’t get the Azure Administrator Associate certificate, but you will get the Microsoft Exam voucher.

If you have any questions, please do it on the comments section. I will answer to everyone questions on this.

You can also find more information in the official Microsoft Learning blog post: https://www.microsoft.com/en-us/learning/community-blog-post.aspx?BlogId=8&Id=375217

AZ-103: Microsoft Azure Administrator exam object domain

1. Manage Azure subscriptions and resources (15-20%)

1.1 Manage Azure subscriptions

May include but not limited to: Assign administrator permissions; configure cost center quotas and tagging; configure Azure subscription policies at Azure subscription level

1.2 Analyze resource utilization and consumption

May include but not limited to: Configure diagnostic settings on resources; create baseline for resources; create and rest alerts; analyze alerts across subscription; analyze metrics across subscription; create action groups; monitor for unused resources; monitor spend; report on spend; utilize Log Search query functions; view alerts in Log Analytics

1.3 Manage resource groups

May include but not limited to: Use Azure policies for resource groups; configure resource locks; configure resource policies; implement and set tagging on resource groups; move resources across resource groups; remove resource groups 1.4 Managed role based access control (RBAC) May include but is not limited to: Create a custom role, configure access to Azure resources by assigning roles, configure management access to Azure, troubleshoot RBAC, implement RBAC policies, assign RBAC Roles

2. Implement and manage storage (20-25%)

2.1 Create and configure storage accounts

May include but not limited to: Configure network access to the storage account; create and configure storage account; generate shared access signature; install and use Azure Storage Explorer; manage access keys; monitor activity log by using Log Analytics; implement Azure storage replication

2.2 Import and export data to Azure

May include but not limited to: Create export from Azure job; create import into Azure job; Use Azure Data Box; configure and use Azure blob storage; configure Azure content delivery network (CDN) endpoints

2.3 Configure Azure files

May include but not limited to: Create Azure file share; create Azure File Sync service; create Azure sync group; troubleshoot Azure File Sync

2.4 Implement Azure backup

May include but not limited to: Configure and review backup reports; perform backup operation; create Recovery Services Vault; create and configure backup policy; perform a restore operation

3. Deploy and manage virtual machines (VMs) (20-25%)

3.1 Create and configure a VM for Windows and Linux

May include but not limited to: Configure high availability; configure monitoring, networking, storage, and virtual machine size; deploy and configure scale sets

3.2 Automate deployment of VMs

May include but not limited to: Modify Azure Resource Manager (ARM) template; configure location of new VMs; configure VHD template; deploy from template; save a deployment as an ARM template; deploy Windows and Linux VMs

3.3 Manage Azure VM

May include but not limited to: Add data discs; add network interfaces; automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent by using custom script extensions; manage VM sizes; move VMs from one resource group to another; redeploy VMs

3.4 Manage VM backups

May include but not limited to: Configure VM backup; define backup policies; implement backup policies; perform VM restore; Azure Site Recovery

4. Configure and manage virtual networks (20-25%)

4.1 Create connectivity between virtual networks

May include but not limited to: Create and configure VNET peering; create and configure VNET to VNET; verify virtual network connectivity; create virtual network gateway

4.2 Implement and manage virtual networking

May include but not limited to: Configure private and public IP addresses, network routes, network interface, subnets, and virtual network

4.3 Configure name resolution

May include but not limited to: Configure Azure DNS; configure custom DNS settings; configure private and public DNS zones

4.4 Create and configure a Network Security Group (NSG)

May include but not limited to: Create security rules; associate NSG to a subnet or network interface; identify required ports; evaluate effective security rules

4.5 Implement Azure load balancer

May include but is not limited to: Configure internal load balancer, configure load balancing rules, configure public load balancer, troubleshoot load balancing

4.6 Monitor and troubleshoot virtual networking

May include but is not limited to: Monitor on-premises connectivity, use Network resource monitoring, use Network Watcher, troubleshoot external networking, troubleshoot virtual network connectivity

4.7 Integrate on premises network with Azure virtual network

May include but is not limited to: Create and configure Azure VPN Gateway, create and configure site to site VPN, configure Express Route, verify on premises connectivity, troubleshoot on premises connectivity with Azure

5. Manage identities (15-20%)

5.1 Manage Azure Active Directory (AD)

May include but not limited to: Add custom domains; Azure AD Join; configure self-service password reset; manage multiple directories;

5.2 Manage Azure AD objects (users, groups, and devices)

May include but not limited to: Create users and groups; manage user and group properties; manage device settings; perform bulk user updates; manage guest accounts

5.3 Implement and manage hybrid identities

May include but not limited to: Install Azure AD Connect, including password hash and passthrough synchronization; use Azure AD Connect to configure federation with on-premises Active Directory Domain Services (AD DS); manage Azure AD Connect; manage password sync and password writeback

5.4 Implement multi-factor authentication (MFA)

May include but is not limited to: Configure user accounts for MFA, enable MFA by using bulk update, configure fraud alerts, configure bypass options, configure Trusted IPs, configure verification methods