A blog about Cloud Computing, Data and DevOps

Windows Terminal

Windows Terminal was released in 2019 for Windows 10 on the Microsoft Store, and I only just found out about it. Not sure why I’ve been living under a rock all this time, but I’m absolutely loving this app. I found out about it after playing around with the GA release of Windows 11 last week and noticed that Windows Terminal was installed as part of the default build of the Windows 11 Pro edition.

Grant User JIT Access

An issue came up this week where some external consultants needed access to remote onto an Azure Windows VM to configure a third-party application. The consultants were given AAD logins and are working from home with dynamic IP addresses. What is the best way to grant them access to RDP onto the VM? The preferred method would be via a private endpoint into the VNet via point-to-site VPN or Bastion, but external consultants can’t be granted access that way.

Connect to SQLMI with Managed Identity

Consider the scenario where some PowerShell scripts need to be scheduled on an Azure virtual machine, which connects to an Azure SQL Managed Instance. The PowerShell script needs to run on a schedule and must be able to connect to the managed instance securely. You would rather not have to manage passwords. What’s the best way to do this? You guessed it, Managed Identity. This post will describe two ways of doing it, one using Azure AD with a Managed Identity and one using SQL Authentication and Azure Key Vault using a Service Principal.

SQL Managed Instance Server Audit Fails

I have set up server auditing for some managed instances in the same virtual cluster to record login success and failed events and write them to blob storage. Downstream, an ADF pipeline reads the events asynchronously and inserts them into a database for further analysis and reporting. Server audit stops writing Recently the server audit stopped writing to blob storage, even though the server audit status was still running and enabled.

Bicep Resource Not Found

Bicep stopped deploying with this error I’m trying to deploy a resource group which has two storage accounts in it with this PowerShell command using a bicep template: 1 New-AzResourceGroupDeployment -ResourceGroupName $resourcegroupName -TemplateFile .\azuredeploy.bicep -TemplateParameterFile .\azuredeploy.test.parameters.json Error New-AzResourceGroupDeployment: Cannot retrieve the dynamic parameters for the cmdlet. Build succeeded: 0 Warning(s), 0 Error(s) I haven’t made any code changes, just not deployed this resource for a while. I decided to update bicep to the latest version (at the time of writing is Bicep CLI version 0.

Minimum data file size on MI is 128 GB!

Storage underlying a Managed Instance Microsoft Azure should not require you to have deep understanding of the underlying technologies used to provide the service, after all the whole point of PaaS is to abstract you away from implementation details. One of these details is storage of data files in the file system. When provisioning a General Tier Sql Managed Instance, the maximum storage size for the instance is capped at 8 TB.

Deployments with Bicep and Azure DevOps

Goodbye JSON Since Microsoft released bicep version 0.3 I thought I’d give it a try because anyone that’s authored ARM templates will know, they tend to make your eyes bleed after a while. Bicep aims to drastically simplify the authoring experience with a cleaner syntax, improved type safety, and better support for modularity and code re-use. I’m sold! I reverse-engineered an existing simple template that deploys two storage accounts by using bicep decompile and got a template like this:

Sql Comments Style

Should we stop using -- in SQL comments? Interesting blog post from Brent Ozar on whether we should stop using -- for SQL Comments. I use these comments a lot because they are quick and easy for me to type. I don’t like voluminous comments but this is a good point. If clicking the link is too much effort for you, he is saying you should do this 1 2 3 4 5 6 SELECT * FROM dbo.

Submit PRs

Found an error in Microsoft documentation? Submit a pull request! Much of the Microsoft documentation is open source on GitHub which means that if you spot an error in either the code examples, the grammar, spelling, a typo or copy-and-paste error, you can quickly fix it and people reading the docs after you will benefit. This is such a difference from when I started using Microsoft products back in the 90s where nothing was open source and all documentation was either in a printed manual or a chm file.

⚠ Careful with Maintenance Window

Maintenance Window now in Preview (at the time of writing) On 2nd March 2021, Microsoft announced a long-awaited feature, at least by me, to give choice over when OS and SQL patching occurs behind-the-scenes in Azure SQL Managed Instance. Before this feature, Microsoft would patch the Virtual Cluster supporting Managed Instances outside of regular business hours in the region your Managed Instance is located. You now get two additional options: