ARM templates now support the condition property on outputs, the copy() function will support non-object string inputs to produce an array, the newGuid() function will generate a new GUID each time a template is deployed and the utcNow() function will return the dateTime() in UTC.
Azure Policy is the best way to codify company policies into the core of Azure, reducing the time taken with external approval processes and documentation.
New functionalities have been added to Azure Policy, including root cause analysis and change tracking features. This means that you’ll be able to see why a resource evaluated as non-complaint and what changes were implemented directly by a policy.
Azure Blueprints allows you to deploy fully governed environments from the beginning. It’s now even easier for you to make compliant environments by releasing built-in blueprints for compliance certifications like ISO-27001.
Today, we are revealing a new Resource Provider called Microsoft.SqlVirtualMachine, a management service running internally on Azure clusters to handle SQL Server-specific configurations and deployments on Azure VMs. SQL VM resource provider enables dynamic updates of SQL Server metadata and orchestrates multi-VM deployments required for SQL Server HADR architectures. SQL VM resource provider also enables SQL Server specific browse and monitoring experiences.
Azure Policy Guest Configuration provides the capability to audit settings inside VMs on Azure. The newest policy offers the ability to check for installed applications.
There are three Guest Configuration policies in preview. The first policy, which audits password security settings for both Windows and Linux, was released at Ignite 2018.
We have added a policy to audit the encryption protocol in use by Windows Server IIS. The VM will be compliant if TLS version 1.1 or 1.2 is enabled and other protocols are disabled. The policy is named “[Preview]: Audit web server security settings inside Windows VMs.”
We recently published the third policy that audits whether an application is installed inside Windows VMs. The policy is named “[Preview]: Audit applications inside Windows VMs.”
We are now excited to reveal the continued expansion of Availability Zones into additional regions, North Europe and West US 2. This expanded coverage enables customers operating in the Europe and Western United States to build and run applications that require low-latency synchronous replication with protection from datacenter-level failures. With the combination of Availability Zones and region pairs, customers can create a comprehensive business continuity strategy with data residency in their geography of choice.