Triggers and bindings in Azure Functions define how functions are invoked and how they interact with other resources. A function must have one trigger and can have multiple input and output bindings, allowing for flexible data handling without hardcoding service access. The article provides examples and code snippets for various programming languages to illustrate the configuration of triggers and bindings.

PostgreSQL is increasingly favored for Kubernetes workloads, now powering 36% of such databases. Azure offers two deployment options for PostgreSQL on AKS: local NVMe for high performance and Premium SSD v2 for optimized cost-performance, enhanced by the CloudNativePG operator for high availability. These innovations simplify the management of stateful applications, making Azure a robust platform for data-intensive workloads.

Learn how to automate the deployment of Azure SFTP using Terraform for a streamlined, version-controlled setup. The article provides a GitHub repository with necessary Terraform code, customization tips, and step-by-step instructions for creating and managing Azure SFTP resources efficiently.

Microsoft’s Azure Quantum group has outlined a plan to implement error correction in quantum computing, targeting a reduction of error rates from 1 in 1,000 to 1 in 1 million. Unlike IBM, which integrates both hardware and software for error correction, Microsoft provides access to various quantum hardware from different companies, allowing for flexible error correction schemes. The effectiveness of their proposed system has yet to be demonstrated with actual hardware.

The Cloud Privilege Escalation Awesome Script Suite provides tools for enumerating permissions across major cloud platforms like Azure, GCP, and AWS, helping users identify potential privilege escalation pathways and sensitive information access. It includes specific modules such as AzurePEAS for Azure environments and GCPPEAS for Google Cloud, utilizing advanced techniques for thorough permission analysis without altering any resources. Users can run these tools with various authentication methods and options for enhanced enumeration.

Azure Container Apps allows for time-based scaling using cron-type KEDA rules, enabling applications to automatically adjust their resource allocation based on predictable workload patterns. This guide details how to configure scaling actions for specific times using Azure Portal, CLI, and ARM templates, optimizing costs and resource usage. Key benefits include cost efficiency and simplicity in managing scaling rules.

Monkey365 is an open-source PowerShell module designed to facilitate security configuration reviews for Microsoft 365, Azure subscriptions, and Microsoft Entra ID. It helps identify security gaps and misconfigurations while providing recommendations based on industry best practices and compliance standards. The tool supports over 160 checks and generates reports aligned with the CIS benchmarks for enhanced security assessment.

Learn how to automate the generation and management of secrets, such as passwords, using Terraform and Azure Key Vault. The article covers creating a secure password, setting expiry dates, and implementing best practices for handling sensitive data in cloud infrastructure.

Azure Functions on Azure Container Apps is transitioning from the legacy V1 model to the recommended V2 model, which offers enhanced features, improved resource management, and simpler operations. The article outlines the limitations of V1, the advantages of V2, and provides a step-by-step checklist for transitioning to the new model, ensuring a smoother upgrade process for users.

Microsoft has announced significant upgrades to its Azure security protocols, including the purging of dormant tenants and the rotation of keys to prevent future breaches, particularly following a nation-state hack. The company claims to have made substantial progress on its Secure Future Initiative, focusing on enhanced authentication and defenses against potential attack vectors.

Grafana has updated its Prometheus data source to better align with specific cloud services, deprecating AWS and Microsoft Azure authentication in favor of dedicated plugins for Amazon and Azure. This move reflects Grafana's commitment to a "big tent" philosophy, emphasizing interoperability and tailored solutions for diverse observability tools while continuing to support the open-source community.

Bolthole is a proof-of-concept ClickOnce payload designed for Red Teams to gain initial access during authorized penetration tests. It facilitates a reverse SSH tunnel, CMD shell access, and SOCKS proxy functionality, allowing operators to pivot within the target environment seamlessly. The article provides detailed steps for setting up an Azure VM and configuring the necessary components for successful deployment and operation.

OktaGinx is a phishlet designed for Evilginx that enables the bypassing of Okta authentication when used in conjunction with Azure. It incorporates techniques to evade framebusters, enhancing its phishing capabilities.

Microsoft has introduced their new SRE Agent, which aims to assist users in troubleshooting connectivity issues by analyzing metrics and logs. However, the article raises concerns over the agent's flawed reasoning and the potential risks of automated actions taken without sufficient user oversight. Despite recognizing the tool's potential for efficiency, the author questions the reliability of the agent based on its demonstration.

Microsoft is addressing an outage affecting its Azure Front Door CDN, which has disrupted access to various Microsoft 365 services across Europe, Africa, and the Middle East. As of the latest updates, the company has restored approximately 98% of the service and is actively monitoring for full recovery, with the outage affecting only about 4% of previously impacted customers. The incident has been officially mitigated, and users have reported resolution of access issues.

A method for restoring a deleted container image from an Azure Container Registry using a running pod on an Azure Kubernetes Service node is presented. By utilizing the Azure CLI and containerd commands, users can retrieve the necessary image even when SSH access is disabled. The process involves checking for the image on the node and subsequently pushing it back to the registry.

Generative AI thrives in cloud environments, enabling organizations to overcome barriers to adoption and drive significant business value. By leveraging Azure's advanced infrastructure and tools, companies can implement real-time data insights, embed AI into enterprise workflows, utilize generative search for enhanced information access, and deploy intelligent AI agents to optimize operations and reduce costs. Migration to the cloud is essential for businesses aiming to innovate and scale their AI capabilities effectively.

Azure Kubernetes Service (AKS) networking involves understanding various network topologies and models, such as Kubenet and Azure CNI, to ensure efficient and secure connectivity for containerized applications. The article provides a comprehensive guide on different networking options, best practices, and real-world scenarios, emphasizing the importance of proper IP management and cluster configurations. It also highlights the transition from Kubenet to Azure CNI due to upcoming changes in service support.

Structuring Azure Firewall Policy rules is essential for effective management and troubleshooting. The article outlines a hierarchical approach that includes creating rule collection groups, rule collections, and prioritizing rules to ensure proper traffic management and security. Emphasizing the importance of planning before implementing rules can save time and resources in the long run.

Microsoft is implementing mandatory multifactor authentication (MFA) for Azure resource management operations starting October 1, 2025, as part of its ongoing efforts to enhance security against cyber threats. Phase 2 enforcement will require users to authenticate with MFA before managing resources, while workload identities will remain unaffected. Customers are encouraged to enable MFA for their users and prepare for the enforcement to ensure seamless access to Azure services.

Microsoft has updated the Azure SRE Agent, enhancing its capabilities for enterprise incident response and announcing that billing will begin on September 1, 2025. New features include granular permissions, expanded service skills, and integrations with incident management tools like ServiceNow, aimed at streamlining operations and improving uptime. The agent is designed to automate incident handling while ensuring security and adaptability for diverse operational styles.

The article discusses the implications of a leak involving Azure Active Directory client secrets, highlighting the potential security risks and the importance of securing cloud applications. It emphasizes best practices for managing client secrets to prevent unauthorized access and data breaches in cloud environments.

Microsoft has introduced container network logs in the public preview of Advanced Container Networking Services for Azure Kubernetes Service, providing detailed insights into network traffic. This feature enhances troubleshooting, security enforcement, and operational efficiency by monitoring various traffic layers and offering two modes of log storage. Users can visualize logs through Azure managed Grafana dashboards for better analysis and monitoring.

Azure offers three distinct containerisation services: Azure Kubernetes Service (AKS) for complex workloads requiring Kubernetes control, Azure App Service for straightforward web apps and APIs with minimal management, and Azure Container Apps for serverless, event-driven microservices. Choosing the right service depends on the specific needs of the workload, team expertise, and desired level of control. New cloud-native projects often benefit from starting with Container Apps for its balance of simplicity and power.

Microsoft will require paid subscriptions for hotpatching in Windows Server 2025 starting July 1, 2025, allowing admins to install updates without restarting. Currently, hotpatching is available for free in preview, but those testing it must disenroll by June 30 to avoid automatic subscription. The service will cost $1.50 per CPU core per month and is designed for both multi-cloud environments and on-premises servers via Azure Arc connectivity.

Multitenant logging in Container Insights allows customers using AKS to segregate container logs by different teams, enabling each team to access logs from their specific Kubernetes namespaces and manage billing in separate Log Analytics workspaces. The article outlines the scenarios supported, how to configure multitenancy using Data Collection Rules (DCRs), and steps for onboarding and managing these settings in an AKS cluster.

Azure AppHunter is an open-source PowerShell tool designed for security professionals to analyze and identify excessive or risky permissions assigned to Azure Service Principals. It enables users to enumerate dangerous Microsoft Graph permissions, detect privileged role assignments, and uncover potential escalation paths in Azure environments with minimal dependencies. The tool supports integration into automation and red teaming workflows, making it valuable for cloud security assessments.

KubeForenSys is a Python tool designed to collect data from Kubernetes clusters, particularly Azure Kubernetes Service, and send it to Azure Log Analytics for post-compromise analysis. It gathers various data types such as pod logs, Kubernetes events, command histories, and suspicious pod detections, while also automating the provisioning of necessary Azure resources. Users can customize the data collection parameters and ensure proper access and configurations for effective operation.

Starting Databricks clusters can incur significant unexpected costs due to data downloads during VM startup, especially when routed through Azure Firewall, leading to charges exceeding €3,000 monthly. Best practices to mitigate these costs include using Private Endpoints, careful monitoring of network traffic, and testing configurations in isolated environments before production deployment.

Microsoft Entra has introduced a new design feature aimed at enhancing control for guest users within Azure Active Directory. This update is part of a broader effort to improve user experience and security for organizations utilizing Microsoft’s identity services. The changes are expected to streamline access management while ensuring robust security protocols are maintained.

Default outbound access for Azure virtual machines will be retired on March 31, 2026, necessitating the transition to explicit outbound connectivity methods like NAT Gateway or Azure Firewall. Existing virtual networks will not be affected, but users are encouraged to adopt explicit methods for improved control and security. Guidance is provided for identifying resources using default outbound access and transitioning to recommended solutions.

The project deploys a Velociraptor container on Azure App Service to facilitate incident response investigations, providing advanced endpoint visibility and scalable threat hunting capabilities across various operating systems. It includes features like a flexible query language and artifact management for efficient forensic analysis. Users are advised to configure authentication and can choose between scaling options for larger environments.

The article discusses Microsoft's latest developments in AI, specifically highlighting their collaboration with Elon Musk's Grok AI and advancements in Azure AI Foundry. It emphasizes the strategic moves Microsoft is making to enhance its AI capabilities and competitive edge in the tech industry.

Azure Accelerate is a new offering from Microsoft designed to streamline cloud and AI transformations for organizations by providing access to expert guidance, funding opportunities, and comprehensive support throughout the implementation process. The initiative combines various Azure services and resources to help businesses modernize their operations, optimize investments, and successfully navigate their cloud journeys. Notable examples of successful Azure implementations showcase the platform's impact across various sectors.

ATEAM is a Python tool designed for reconnaissance of Azure services, enabling security researchers and Azure administrators to discover resources and tenant ownership information. It supports multi-threaded scanning, DNS validation, and exports results in various formats while utilizing an SQLite database for persistent storage of findings.

Microsoft has launched Azure Storage Discovery in preview, a fully-managed service that provides users with insights into their blob storage, including data evolution, cost optimization, and security recommendations. The service integrates with Azure Copilot, allowing users to analyze their storage estate efficiently using natural language queries and offers historical data for a comprehensive understanding of trends. Currently available in select regions, it features a free pricing plan for basic insights and a standard plan for advanced analytics, both free until September 30, 2025.

BlackCat is a PowerShell module aimed at validating the security of Microsoft Azure environments by identifying potential security risks and ensuring compliance with best practices. It requires PowerShell 7.0 or higher and the Az.Accounts module, and is set to be published on the PowerShell Gallery after completion. Users can also contribute to the project by providing feedback or making code contributions through GitHub.

The article discusses best practices for securing Terraform state files stored in Azure Blob Storage, emphasizing the importance of encryption, access control, and proper configuration to protect sensitive infrastructure data. It provides practical guidance on implementing these security measures effectively to mitigate risks associated with cloud infrastructure management.

Terraform and Bicep are prominent infrastructure-as-code tools, with Terraform being a cloud-agnostic solution and Bicep specifically designed for Microsoft Azure. Bicep simplifies the JSON syntax of ARM templates and offers native Azure integration, while Terraform boasts a rich provider ecosystem and state management features. Understanding their differences can help users choose the right tool for their deployment needs.

Microsoft and VIAcode offer a free guide for migrating Linux workloads to Microsoft Azure, highlighting the benefits of running Linux on Azure, including significant cost savings and a zero-downtime migration framework. The guide includes expert insights, case studies, and strategies for optimizing performance and AI-readiness post-migration.

Microsoft has launched the Azure Service Health Built-In Policy (Preview) to automate and enhance the deployment of Service Health alerts across Azure subscriptions. This new policy simplifies the setup process, ensuring consistent notifications for platform-level issues, while allowing for customization and flexibility in alert management. It complements the existing Azure Monitor Baseline Alerts without replacing them.

Explore the integration of Azure Multi-Factor Authentication (MFA) with Duo's Entra ID and its external authentication methods. This webinar provides insights into enhancing security protocols and compliance for organizations using these technologies.

The post details how to implement a "build once, deploy everywhere" strategy using Azure Developer CLI (azd) for provisioning environment-specific infrastructure and promoting applications from development to production. It emphasizes using conditional Bicep deployment, environment variable injection, and an automated CI/CD pipeline to ensure consistent deployments across different environments.

Microsoft and Hugging Face have expanded their collaboration to make over 10,000 open models easily deployable on Azure, enhancing accessibility for developers while ensuring secure deployment alongside company data. The initiative aims to empower enterprises to build AI applications using a diverse range of models, with ongoing updates and support for various modalities.

The article outlines how to implement a "build once, deploy everywhere" strategy using Azure DevOps Pipelines with the Azure Developer CLI. It highlights the benefits of using CI/CD artifact systems for improved traceability and cross-job compatibility, and presents a multi-stage pipeline structure that enhances deployment processes through better separation of concerns and validation checks.

The blog post outlines best practices for implementing DNS in Azure landing zones, emphasizing the importance of a well-structured DNS architecture for secure and scalable enterprise deployments. It discusses various components like Private DNS Zones, DNS Private Resolvers, and forwarding rulesets, and provides guidance on configuring DNS settings to facilitate efficient communication across virtual networks.

A comprehensive guide for deploying AI models using vLLM on Azure Kubernetes Service (AKS) with NVIDIA H100 GPUs and Multi-Instance GPU (MIG) technology is provided. It outlines the necessary prerequisites, steps for infrastructure creation, GPU component installation, and model deployment, enabling efficient utilization of resources and cost savings through hardware isolation.

The article discusses the process of deploying and managing Azure Virtual Machines, focusing on advanced networking and security features. It provides insights on best practices for configuration and management to enhance the performance and security of virtual environments in Azure.

The article discusses the use of data attributes in Azure, explaining how they can enhance the functionality and data handling within Azure applications. It highlights practical examples and best practices for implementing these attributes effectively.

The article discusses the integration of service groups in Azure using Terraform with the AzAPI provider. It highlights best practices and the advantages of managing Azure resources through code, specifically focusing on the automation and efficiency Terraform provides in handling service groups. Additionally, it addresses common challenges and solutions encountered in the process.

Zone redundancy is now enabled by default for all Azure Container Registry (ACR) SKUs in regions that support Availability Zones, enhancing the resiliency of container artifacts without any additional cost or configuration required from users. This automatic upgrade protects against single-zone outages and applies to both new and existing registries. The Azure portal and CLI may not yet reflect this change accurately, but it is actively being addressed by Microsoft.

Launch a secure and scalable Slack bot for Azure support tickets using Azure Container Apps, featuring zero-admin secrets management, RBAC access, and auto-scaling. This guide provides a production-ready blueprint for integrating Slack with Azure support, emphasizing speed, security, and cost efficiency for digital native teams.

Cloud logging best practices are essential for organizations migrating to cloud environments, helping them meet security, regulatory, and business needs. By understanding the differences between data and control plane logging across major cloud service providers, organizations can develop a customized logging framework that optimizes visibility and compliance. Collaboration with legal and compliance teams is crucial for navigating regulatory requirements and ensuring effective logging strategies.