Deploying Azure Policy Definitions via Azure DevOps (Part 1)

Introduction Recently I needed to deploy a large number of Azure policy and initiative definitions at customer’s environments using Azure DevOps. These definitions needed to be deployed to different environments (different Management Group hierarchies in different Azure AD Tenants). I faced some difficulties when working on this solution, due to the following limitations: 1. Currently templates do not support Management Groups So I can’t use ARM templates in this case. But, I still needed to develop a solution no matter where should the definitions being deployed (either to a management group or a subscription). 2. Limitations in Azure PowerShell cmdlet

Continue reading

PowerShell Module For JSON Schema Validation

Background Few days ago, I needed to validate JSON files against a predefined schema in a build pipeline in Azure DevOps. The validation needed to be performed using the Pester framework, and fail the build if the validation failed. In the past, I’ve always used this script (https://gist.github.com/JamesNK/7e6d026c8b78c049bb1e1b6fb0ed85cf) from James Newton-King, which leverages the JSON.Net libraries he developed. However, this time, I couldn’t it the script working on my Windows 10 laptop. I tried different versions of the DLLs, some won’t load, and the version that loads fine on my laptop threw some errors about System.Runtime library not referenced in

Continue reading

Sharing My Azure Resource Graph Resources

I have created a public GitHub repo to store and share resources I created around Azure Resource Graph: https://github.com/tyconsulting/AzureResourceGraph I have add queries, scripts I have developed over the last few months, as well as few how-to articles. I will continue updating this repo whenever I have developed new contents to add. Feel free to clone it, fork it, and submit issues, PRs if you’ve spotted any errors.

Continue reading

New SCOM Management Pack: Easy Tune from Cookdown

Squared Up should not be a stranger for any seasoned SCOM administrators. For me, it is absolutely my favourite ISV when it comes to SCOM. Recently, at Experts Live USA, Squared Up has announced a new brand name called Cookdown, which is focused on extending the capabilities of SCOM (i.e. management packs development). When we firstly heard the name “Cookdown” at Experts Live USA, all the SCOM folks in the room laughed (in a good way). You must be a hardcore SCOM person to understand and appreciate the name. Originally in SCOM, the term“Cookdown” refers to a process that you

Continue reading

New Book Release: Inside Azure Management

I have been pretty busy over the last few months, largely because I was working on the new book titled Inside Azure Management with few MVP friends. We have finally got to a stage to publish the preview version few days ago. The Inside Azure Management book is the successor of our popular book Inside Microsoft Operations Management Suite. It contains 16 chapters and covered the following areas: Implementing Governance in Azure Migrating Workloads in Azure Configuring Data Sources for Azure Log Analytics Monitoring Applications Monitoring Infrastructure Alerting and Notification Monitoring Databases in Azure Monitoring Containers in Azure Implementing Process

Continue reading

Extracting High Resolution Icons from the Azure Portal

I found myself and friends are constantly looking for high resolution icons for various Azure products when working on design documents, presentation slide decks, or designing stickers to put on our laptops. Although Microsoft provides free download for the Azure icon set, unfortunately, the icon set does not get updated often. at the time of writing this blog, the latest version of the icon set is over 1 year old (https://www.microsoft.com/en-us/download/details.aspx?id=41937). There are few posts out there showing you how to extract icons from the Azure portal, but they all require 3rd party tools. I had requirements for some icons

Continue reading

NiCE Active Office 365 Management Pack for SCOM

If you are monitoring your Office 365 services in SCOM, you probably already know how bad the Microsoft Office 365 MP is. In my opinion, it is one of the worst written SCOM MP from Microsoft. That’s why there are many 3rd party or community solutions for monitoring O365 in SCOM. Recently, my favourite SCOM management pack ISV NiCE (https://www.nice.de) has released a MP for monitoring various Office 365 components. The NiCE Active O365 MP monitors Office 365 services using synthetic transactions by simulating activities such as user login, sending test emails etc. In my opinion, this is a very

Continue reading

Upcoming Conferences and Book Release

It’s been a while since my last post. Other than the 2-week holiday I had in China around Christmas and New Year period, I spent most of my December and January working on a new book called Inside Azure Management. This book is the successor of our best selling Inside OMS book. The band (5 authors listed on the cover) got together few months ago, and started working on a new version. Since OMS doesn’t exist anymore, we have renamed the book to “Inside Azure Management”, and covered additional topics such as Azure Governance, Application Insights, Azure Monitor, Azure Migration,

Continue reading

Configuring Azure Resources Diagnostic Log Settings Using Azure Policy

In an Azure Policy definition, the “effect” section defines the behaviour of the policy if defined conditions are met. For example, the “Deny” effect will block the resource from being deployed in the first place, “Append” will add a set of properties to the resource you are deploying before being deployed by the ARM engine, and “DeployIfNotExists” deploys a resource if it does not already exist. In the old days, the biggest limitation I have faced was the use of “DeployIfNotExists” effect was only limited to built-in policies. In another word, If Microsoft hasn’t already created a policy for you,

Continue reading

My Journey to a Smarter Home (Part 3)

This is the 3rd part of the blog series. I have covered my home network setup using Ubiquiti Unifi devices in part 1, and Xiaomi home automation products in Part 2. In this part, I will discuss my experience with Google Home and Sonos products. It’s been over a month since the last part, this is because I was waiting for Google Home Hub to be released so I can get my hands on it and included it in this post. Google Home Speakers I bought my first Google Home speaker when they were firstly released in Australia last year

Continue reading
%d bloggers like this: