Management Groups, Policies and Blueprints, Oh My!

My head is still swimming from all the information at Microsoft Ignite this year.  In this post I’m going over three reoccurring topics that makes managing and compliance of an Azure environment easier.  These are Management Groups, Policies and Blueprints.


Continue reading “Management Groups, Policies and Blueprints, Oh My!”

Azure Disk Encryption, V2

Disk EncryptionThe only constant is change.  I noticed some new information came out this month while working on a project that requires encrypting disks.  This information significantly changes how Azure Disk Encryption can be applied to Windows and Linux VM’s.  This is an update to my previous article on Azure Disk Encryption with the intention of outlining the new, easier method of encrypting Azure disks. Continue reading “Azure Disk Encryption, V2”

Write Data from PowerShell to Azure Table Storage

I worked on a project recently that wrote data from PowerShell into a CSV file.  The goal was to do real time trending based on the output, but I ran into an issue with file locks as PowerShell and the other program competed for access to the CSV.  That’s when I got the idea to write to Azure Table Storage instead of to a CSV.  The project didn’t work out for other reasons, but I did work out how to write data into Azure Table Storage instead from PowerShell.  This post is about how I did that. Continue reading “Write Data from PowerShell to Azure Table Storage”

Azure VM and Internet Access

I recently worked on a project to deploy several VM’s in Azure.  One of the requirements for this was to block all internet access from the Azure VM’s.  This is a prudent step in securing an environment; preventing malicious code from web based threats.

Update 1/2018 – Microsoft has implemented NSG Service Tags for storage and Azure SQL.  Information on that is located here.  Additional information and the opportunity to vote on adding other services can be found here.


To accommodate this, a Network Security Group (NSG) was created and applied to the VM Subnet.  Several rules were applied, including one similar to the picture below.  The rule simply blocked traffic from the VirtualNetwork out to the Internet on any source or destination port.

After the rule was put in place and tested I began to setup the rest of the environment.  Right away I ran into trouble, the VM’s took up to 30 minutes to deploy and errored out with the message “New-AzureRmVm : Long Running Operation Failed with status ‘Failed’. Continue reading “Azure VM and Internet Access”