Category: Microsoft
Category Archives: Microsoft
Balancing “Car Simulator 2” and Outlook: Tips for Productivity on and off the Road
Hey everyone,
While I’ve been diving into “Car Simulator 2” for some relaxation, I’m also knee-deep in Outlook for work. It got me thinking, how do you all balance gaming and productivity tools like Outlook? Any neat tricks for managing both efficiently? I’d love to hear your thoughts on staying organized whether you’re behind the wheel in the virtual world or tackling your inbox in the real one!
Looking forward to your insights!
Hey everyone,While I’ve been diving into “Car Simulator 2” for some relaxation, I’m also knee-deep in Outlook for work. It got me thinking, how do you all balance gaming and productivity tools like Outlook? Any neat tricks for managing both efficiently? I’d love to hear your thoughts on staying organized whether you’re behind the wheel in the virtual world or tackling your inbox in the real one!Looking forward to your insights! Read More
Header background is being applied intermittently using Site Script in communication site
Hello All,
The problem is that while I am using some of the verbs in conjunction with the “setSiteBranding” in the site script, the header background color is not always set.
I’ve noticed that the site template functions flawlessly when I apply it to an already-existing site, but it only occasionally—not always—works when I use it to create a new site.
Can anyone please assist me on this?
Hello All, The problem is that while I am using some of the verbs in conjunction with the “setSiteBranding” in the site script, the header background color is not always set. I’ve noticed that the site template functions flawlessly when I apply it to an already-existing site, but it only occasionally—not always—works when I use it to create a new site. Can anyone please assist me on this? Read More
Pivot Table SubTotal does not agree with simple SUM operation
I have created a pivot table using one table and a calculated column using Power Pivot. Field “Three+” is displaying correctly but the sub total is incorrect. The other fields are displaying correct subtotals.
What am I missing?
Thanks
Brad
I have created a pivot table using one table and a calculated column using Power Pivot. Field “Three+” is displaying correctly but the sub total is incorrect. The other fields are displaying correct subtotals.What am I missing?ThanksBrad Read More
Embed pdf from SharePoint library with default zoom level
I want to embed a PDF file from a SharePoint site into my website. I have a link like https://etechua.sharepoint.com/sites/edocsrc/_layouts/15/embed.aspx?UniqueId=c385aa46-5a4a-4113-bc1b-e7d5768bab2d. Is it possible to set a default zoom level?
Currently, if we don’t specify it, the zoom level is set to fit page. I need it to be fit width.
I want to embed a PDF file from a SharePoint site into my website. I have a link like https://etechua.sharepoint.com/sites/edocsrc/_layouts/15/embed.aspx?UniqueId=c385aa46-5a4a-4113-bc1b-e7d5768bab2d. Is it possible to set a default zoom level?Currently, if we don’t specify it, the zoom level is set to fit page. I need it to be fit width. Read More
Condition Formula
Hello..
Pls. help me to apply formula if i want to get a profit Value of Customer X in region 5 for the month of May. how to get that this by using formula.
Hello.. Pls. help me to apply formula if i want to get a profit Value of Customer X in region 5 for the month of May. how to get that this by using formula. Read More
A feature request in edge
It would be really helpful if the edge app on startup shows the list of all edge profiles segregating them by personal and work, like the chrome’s startup screen.
It would be really helpful if the edge app on startup shows the list of all edge profiles segregating them by personal and work, like the chrome’s startup screen. Read More
OneDrive for MacOS – can’t search files in Spotlight
Hi
When using OneDrive on MacOS I can’t search my OneDrive files in Spotlight, making file access more cumbersome. I tried to edit the Spotlight search settings, but I don’t see my OneDrive folder there.
I checekd the SpotLight settings under preferences – and the “Folders” and “Documents” options are both set. Is this a OneDrive Limitation ?
Environment: MacBook Pro (Intel), Ventura 13.6.6
HiWhen using OneDrive on MacOS I can’t search my OneDrive files in Spotlight, making file access more cumbersome. I tried to edit the Spotlight search settings, but I don’t see my OneDrive folder there.I checekd the SpotLight settings under preferences – and the “Folders” and “Documents” options are both set. Is this a OneDrive Limitation ? Environment: MacBook Pro (Intel), Ventura 13.6.6 Read More
Insert the number of rows from a word table in the title
I have a Table and want to display in the Titel-row the number of colums the table has. How can I do this? please step by step advise since I am 68!
Example:
Title Column: This Table contains xx Entries
Row 1
Row 2
…
Row x
I have a Table and want to display in the Titel-row the number of colums the table has. How can I do this? please step by step advise since I am 68!Example: Title Column: This Table contains xx EntriesRow 1Row 2…Row x Read More
Excel Formula help needed
Hi, sorry a real beginner here trying to be better!! I want to add certain column’s together but the formula adds the last column twice and I don’t know why.
I am using this formula =SUM(D11:D14:D19) D19 has been calculated twice, can anyone advise please?
Hi, sorry a real beginner here trying to be better!! I want to add certain column’s together but the formula adds the last column twice and I don’t know why. I am using this formula =SUM(D11:D14:D19) D19 has been calculated twice, can anyone advise please? Read More
Missing teams recordings
Hello every body
when I finished my lecture I noticed that it was saved in recording file but unfortunately there were no other recordings from the previous sessions I made;
I checked in one drive and I found the same thing only the last lecture was there.
thanx for your respond.
Hello every bodywhen I finished my lecture I noticed that it was saved in recording file but unfortunately there were no other recordings from the previous sessions I made;I checked in one drive and I found the same thing only the last lecture was there. thanx for your respond. Read More
Partner Blog | What’s new for Microsoft partners: April 2024 edition
Over the past few months, we have continued to add benefits and resources to the Microsoft AI Cloud Partner Program to help you and your customers realize the most from our latest technology. These changes have been informed by partner feedback and developed with the diversity of the partner community in mind.
In this blog, you’ll find links to expert insights, redesigned learning materials, and updated benefits to accelerate your growth in the coming year.
Announcements
State of the Partner Ecosystem: Chief Partner Officer Nicole Dezen showcased the latest Microsoft partner business news, changes, updates, and momentum in her annual State of the Partner Ecosystem post on the Official Microsoft Blog. Learn about program updates, including new designations and certifications for partners. Find out how we are equipping partners through AI skilling, and read about partners delivering AI solutions around the world.
New benefits packages: In January, we launched three new benefits packages designed to help partners at various stages of growth to develop their business. Find out which package is right for you by reading more on the partner blog.
Realigning global licensing for Microsoft 365: Last year Microsoft updated the way Microsoft 365, Office 365, and Teams were licensed in the European Economic Area (EEA) and Switzerland. We have recently announced our plan to extend that approach worldwide to ensure globally consistent licensing. Learn more.
Continue reading here
Microsoft Tech Community – Latest Blogs –Read More
Protect Against OWASP API Top 10 Security Risks Using Defender for APIs
Overview
The Open Web Application Security Project (OWASP) Foundation is a nonprofit foundation dedicated to improving software security through community-led open-source projects, education, and transparency. The OWASP API Security Project focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of APIs. In this post, we’ll dive into how Defender for APIs (a plan provided by Microsoft Defender for Cloud) provides security coverage for the OWASP API Top 10 security risks.
Defender for APIs offers full lifecycle protection, detection, and response coverage for APIs. Defender for APIs helps you to gain visibility into business-critical APIs. You can investigate and improve your API security posture, prioritize vulnerability fixes, and quickly detect active real-time threats.
Concepts
Security recommendations – Recommendations in Defender for Cloud are based on the Microsoft cloud security benchmark. The Microsoft cloud security benchmark is the Microsoft-authored set of guidelines for security and compliance best practices based on common compliance frameworks. This widely respected benchmark builds on the controls from the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST) with a focus on cloud-centric security. For a complete list of API security recommendations, see Security recommendations – a reference guide
Security alerts – Security alerts are the notifications generated by Defender for Cloud’s workload protection plans when runtime threats are identified in your Azure, hybrid, or multi-cloud environments. For a complete list of API security alerts, see Security alerts – a reference guide
Attack path analysis – Defender for Cloud uses environment context to perform a risk assessment of your security issues and subsequently identifies the biggest security risk issues. Defender for Cloud then analyzes which security issues are part of potential attack paths that attackers could use to breach your environment. To learn more, see Identify and remediate attack paths
Defender for APIs – OWASP API Security Coverage Mapping
OWASP API Risk
Defender for APIs Security Coverage
Broken Object Level Authorization (API1:2023)
(Security alert) Parameter enumeration on an API endpoint – A single IP was observed enumerating parameters when accessing one of the API endpoints
(Security alert) Distributed parameter enumeration on an API endpoint – The aggregate user population (all IPs) was observed enumerating parameters when accessing one of the API endpoints.
Broken Authentication (API2:2023)
(Security recommendation) API endpoints in Azure API Management should be authenticated – API endpoints published within Azure API Management should enforce authentication to help minimize security risk.
(Security recommendation) API Management calls to API backends should be authenticated – Calls from API Management to backends should use some form of authentication, whether via certificates or credentials.
Broken Object Property Level Authorization (API3:2023)
(Security alert) Previously unseen parameter used in an API call – A single IP was observed accessing one of the API endpoints using a previously unseen parameter in the request.
(Security alert) Unusually large response payload transmitted between a single IP address and an API endpoint – A suspicious spike in API response payload size was observed for traffic between a single IP and one of the API endpoints.
Unrestricted Resource Consumption (API4:2023)
(Security alert) Suspicious population-level spike in API traffic to an API endpoint – A suspicious spike in API traffic was detected at one of the API endpoints.
(Security alert) Suspicious spike in API traffic from a single IP address to an API endpoint – A suspicious spike in API traffic was detected from a client IP to the API endpoint.
(Security alert) Unusually large request body transmitted between a single IP address and an API endpoint – A suspicious spike in API request body size was observed for traffic between a single IP and one of the API endpoints.
(Security alert) Suspicious spike in latency for traffic between a single IP address and an API endpoint – A suspicious spike in latency was observed for traffic between a single IP and one of the API endpoints.
(Security alert) API requests spray from a single IP address to an unusually large number of distinct API endpoints – A single IP was observed making API calls to an unusually large number of distinct endpoints.
(Security recommendation) API Management direct management endpoint should not be enabled – The direct management REST API in Azure API Management bypasses Azure Resource Manager role-based access control, authorization, and throttling mechanisms, thus increasing the vulnerability of your service.
Broken Function Level Authorization (API5:2023)
No coverage
Unrestricted Access to Sensitive Business Flows (API6:2023)
(Attack path analysis) Internet exposed APIs that are unauthenticated carry sensitive data
(Security alert) Suspicious spike in API traffic from a single IP address to an API endpoint – A suspicious spike in API traffic was detected from a client IP to the API endpoint.
Server-Side Request Forgery (API7:2023)
No coverage
Security Misconfiguration (API8:2023)
(Security recommendation) API endpoints that are unused should be disabled and removed from the Azure API Management service – As a security best practice, API endpoints that haven’t received traffic for 30 days are considered unused and should be removed from the Azure API Management service.
(Security recommendation) API Management APIs should use only encrypted protocols – APIs should be available only through encrypted protocols, like HTTPS or WSS. Avoid using unsecured protocols, such as HTTP or WS to ensure security of data in transit.
(Security recommendation) API Management secret named values should be stored in Azure Key Vault – Named values are a collection of name and value pairs in each API Management service.
(Security recommendation) API Management should disable public network access to the service configuration endpoints – To improve the security of API Management services, restrict connectivity to service configuration endpoints, like direct access management API, Git configuration management endpoint, or self-hosted gateways configuration endpoint.
(Security recommendation) API Management calls to API backends should be authenticated – Calls from API Management to backends should use some form of authentication, whether via certificates or credentials. Does not apply to Service Fabric backends.
Improper Inventory Management (API9:2023)
Inventory dashboard – Centralized inventory of all managed APIs and related API security findings.
External exposure – Classify which API endpoints are exposed externally.
Sensitive data classification – Classify APIs that receive or respond with sensitive data, to support risk prioritization, including integration support with Microsoft MIP Purview.
Unsafe Consumption of APIs (API10:2023)
No coverage
API Security Testing
Microsoft Defender for Cloud supports third-party tools to help enhance the existing runtime security capabilities that are provided by Defender for APIs. Defender for Cloud supports proactive API security testing capabilities in early stages of the development lifecycle (including DevOps pipelines). The support for third-party solutions helps to further streamline, integrate, and orchestrate security findings from other vendors with Microsoft Defender for Cloud.
This support enables full lifecycle API security (extending to OWASP API top 10 risks), and the ability for security teams to effectively discover and remediate API security vulnerabilities before they are deployed in production. To learn more, see the following: Partner applications in Microsoft Defender for Cloud for API security testing (preview)
Next Steps
To learn more about how Defender for APIs augments the security offered by Azure Web Application Firewall (Azure WAF) and Azure API Management, see the following: Defender for APIs Better Together with Azure Web Application Firewall and Azure API Management.
To learn more about how Azure API Management helps mitigate risks against the OWASP API risks, see the following: Recommendations to mitigate OWASP API Security Top 10 threats using API Management
Microsoft Tech Community – Latest Blogs –Read More
App Service *.azurewebsites.net TLS Cert Renewal for Web Apps, Functions, and Logic Apps (Standard)
This blog contains information about *.azurewebsites.net TLS certificate changes for Web Apps, Functions, and Logic Apps (Standard). Customers should not be impacted by this change. The scope of services affected includes Web Apps, Functions, and Logic Apps (Standard); Logic Apps (Consumption) and resources hosted on an ASE are not impacted. This change is limited to public Azure cloud; government clouds are not affected.
Every Web Apps, Functions, and Logic Apps (Standard) has its own default hostname that goes by “<resource-name>.azurewebsites.net” where App Service secures it with a wildcard *.azurewebsites.net TLS certificate. The current intermediate Microsoft PKI Subordinate CA certificates were set to expire on June 27th, 2024. App Service used these intermediate certificates in the default TLS certificate *.azurewebsites.net. On March 13th, 2024, App Service renewed the TLS certificate and used a new set of Subordinate CAs while the root certificate remained the same. Due to the distributed asynchronous nature of the renewal process, there isn’t an exact date when the new TLS certificate will be visible to individual Web Apps, Functions, and Logic Apps (Standard).
Terminology and Concepts
Certificate Authority: (CA) An entity that is responsible for the creation, issuance, revocation, and management of certificates. The term applies equally to both Roots CAs and Subordinate CAs.
Root CA: The top level Certification Authority whose Root Certificate is distributed by Application Software Suppliers and that issues Subordinate CA Certificates.
Root Certificate: The self‐signed certificate issued by the Root CA to identify itself and to facilitate verification of certificates issued to its Subordinate CAs.
Subordinate CA: (Sub CA) A Certification Authority whose certificate is signed by the Root CA or another Subordinate CA.
We expect that this change will be a non-event and will not impact customers. However, you may be impacted if an application has incorrectly taken a hard dependency on the *.azurewebsites.net TLS certificate, for example by way of “certificate pinning”. Certificate pinning is a practice where an application only allows a specific list of acceptable Certificate Authorities (CAs), public keys, thumbprints, etc. Applications should never pin to the *.azurewebsites.net TLS certificate. Applications requiring certificate stability should use custom domains in conjunction with custom TLS certificates for those domains. You can refer to the recommended best practices section of this article for more information.
Recommended best practices
Certificate pinning of *.azurewebsites.net TLS certificates is not recommended because the *.azurewebsites.net TLS certificate could be rotated anytime given the nature of App Service as a Platform as a Service (PaaS). In the event that the service rotates the App Service default wildcard TLS certificate, certificate pinned applications will break and disrupt the connectivity for applications that are hardcoded to a specific set of certificate attributes. The periodicity with which the *.azurewebsites.net TLS certificate is rotated is also not guaranteed since the rotation frequency can change at any time.
If an application needs to rely on certificate pinning behavior, it is recommended to add a custom domain to a Web Apps, Functions, and Logic Apps (Standard) and provide a custom TLS certificate for the domain which can then be relied on for certificate pinning.
Note that applications which rely on certificate pinning should also not have a hard dependency on an App Service Managed Certificate. App Service Managed Certificates could be rotated anytime, leading to similar problems for applications that rely on stable certificate properties. It is best practice to provide a custom TLS certificate for applications that rely on certificate pinning.
Refer to our documentation for best practices for Azure App Service for more information.
Microsoft Tech Community – Latest Blogs –Read More
FAQ: Marketplace private offers through CSP?
Q: is it possible for a customer procuring Azure via a CSP (Cloud Solution Provider) to make Marketplace purchases? If so, can this also be a private offer from the ISV (even if it’s likely the CSP managing the subscriptions/billing ID for the end customer)?
I am particularly interested in how the customer will get the ISV SaaS solution deployed at their end (in this case through the CSP who own the subscription).
A: It really depends on the CSP –> customer agreement. Some CSPs charge for purchasing from the marketplace, for others it is free. There are two common scenarios:
1- The customer creates a separate subscription/billing account as “pay as you go” and did the purchase of a private offer
2- The CSP purchased the offer on the behalf of the customer and here they can choose to overcharge or not
Assumed the following:
1- In order to receive a private offer, you need to “own” the billing accountID – usually in this scenario, it belongs to the CSP
2- You still need to be an Enterprise Admin or Billing Account owner to purchase (it is not always allowed by the CSP)
Overall:
The customer should get in contact with the CSP, either getting the right setup or agreeing on the “overcharge”
You should also refer to the following documentation related to this topic:
Video tutorials
Private Offers for CSP Partners Overview
Private Offer Creation by ISVs for CSP Partners
The CSP Partner Private Offer Purchase Process
Q: is it possible for a customer procuring Azure via a CSP (Cloud Solution Provider) to make Marketplace purchases? If so, can this also be a private offer from the ISV (even if it’s likely the CSP managing the subscriptions/billing ID for the end customer)?
I am particularly interested in how the customer will get the ISV SaaS solution deployed at their end (in this case through the CSP who own the subscription).
A: It really depends on the CSP –> customer agreement. Some CSPs charge for purchasing from the marketplace, for others it is free. There are two common scenarios:
1- The customer creates a separate subscription/billing account as “pay as you go” and did the purchase of a private offer
2- The CSP purchased the offer on the behalf of the customer and here they can choose to overcharge or not
Assumed the following:
1- In order to receive a private offer, you need to “own” the billing accountID – usually in this scenario, it belongs to the CSP
2- You still need to be an Enterprise Admin or Billing Account owner to purchase (it is not always allowed by the CSP)
Overall:
The customer should get in contact with the CSP, either getting the right setup or agreeing on the “overcharge”
You should also refer to the following documentation related to this topic:
Configure ISV to CSP partner private offers in Microsoft Partner Center – Marketplace publisher | Microsoft Learn
Video tutorials
Private Offers for CSP Partners Overview
Private Offer Creation by ISVs for CSP Partners
The CSP Partner Private Offer Purchase Process Read More
Running python/flask app on IIS using ASP.Net Core Module handler
Looking for insight into running/flask app using a modern/maintained method.
wfastcgi is essentially deprecated (version 3.0.0 was released 7 years ago).
HttpPlatform handler was replaced by the asp.net core module even before that (2016).
I’ve made some progress using the ASP.Net Core Module handler – but when I try to launch the app I get an error:
Application ‘/LM/W3SVC/1/ROOT’ with physical root ‘C:inetpubwwwroot’ failed to start process with commandline ‘“C:Python312python.exe” C:inetpubwwwrootapp.py’ with multiple retries. Failed to bind to port ‘11905’. First 30KB characters of captured stdout and stderr logs from multiple retries:
Nothing in the python log.
Any feedback appreciated.
Looking for insight into running/flask app using a modern/maintained method. wfastcgi is essentially deprecated (version 3.0.0 was released 7 years ago).HttpPlatform handler was replaced by the asp.net core module even before that (2016). I’ve made some progress using the ASP.Net Core Module handler – but when I try to launch the app I get an error:Application ‘/LM/W3SVC/1/ROOT’ with physical root ‘C:inetpubwwwroot’ failed to start process with commandline ‘“C:Python312python.exe” C:inetpubwwwrootapp.py’ with multiple retries. Failed to bind to port ‘11905’. First 30KB characters of captured stdout and stderr logs from multiple retries:Nothing in the python log. Any feedback appreciated. Read More
Stakeholders AI
amMicrosoft Legal international Organisation and Stakeholders partners for Cloud business.
amMicrosoft Legal international Organisation and Stakeholders partners for Cloud business. Read More
pnp Modern Search – People – Search Source Scope
Hi everyone,
I’m looking for some advice from anyone that has experience of the SharePoint ‘pnp Modern Search’ (v4) tool.
We have a requirement to build a people search which does not search across the tenant ‘GAL’, but instead would search to a more localised scope, for example a SharePoint list within the scope of the site hosting the pnp Modern Search page.
I had a look at the documentation (Create a useful People Search – PnP Modern Search (v4) (microsoft-search.github.io)) and in the section ‘Configure Search Results’ there is mention of a ‘Result Source ID’ which appears to be where the scope is defined. Unfortunately I can’t find more detail than this in the documentation, IE to specify what other sources would be acceptable and if these include a local SharePoint list.
I would like to try and determine the answer for this before configuring and deploying only to find the required functionality is not available.
Thanks very much for your help!
Hi everyone, I’m looking for some advice from anyone that has experience of the SharePoint ‘pnp Modern Search’ (v4) tool.We have a requirement to build a people search which does not search across the tenant ‘GAL’, but instead would search to a more localised scope, for example a SharePoint list within the scope of the site hosting the pnp Modern Search page. I had a look at the documentation (Create a useful People Search – PnP Modern Search (v4) (microsoft-search.github.io)) and in the section ‘Configure Search Results’ there is mention of a ‘Result Source ID’ which appears to be where the scope is defined. Unfortunately I can’t find more detail than this in the documentation, IE to specify what other sources would be acceptable and if these include a local SharePoint list. I would like to try and determine the answer for this before configuring and deploying only to find the required functionality is not available. Thanks very much for your help! Read More
Talk Track for SaaS Azure Platform Validation
Azure Marketplace seeks to make the publishing flow as streamlined as possible. We don’t want lengthy, manual engagements to review a publisher’s solutions to validate if it is built on top of Azure (like others public cloud marketplace do, taking 2+ weeks for review). Toward that end, the new page within the transactable SaaS offer creation flow will capture additional information from the publisher to enable the marketplace team to perform validation that the transactable offer is built on Azure.
Experience
The information gathered will enable post-publish validation that the offer is built on Azure in accordance with SaaS offer requirements for Azure Marketplace. For details on the policy, go here: Azure platform policy for SaaS offers.
The new page is found under the new Supplemental content tab and will act like a survey to gather information about the publisher’s SaaS offer to understand if it is fully hosted in the publisher’s Azure or fits another SaaS model. The information gathered will enable post-publish validation that the offer is built on Azure in accordance with SaaS offer requirements for Azure Marketplace. For details on the policy, go here: Azure platform policy for SaaS offers. If there are any questions or concerns regarding how the solution is built on Azure, a notification will be sent and the publisher will receive a follow up.
This SaaS validation will not qualify the publisher’s offer for Co-sell or make it Azure benefit eligible (MACC eligible), but it will make that process smoother and quicker in the future.
As some policies are validated post-publish, successfully publishing an offer does not mean it has been fully validated to conform with all policies.
The page functions like a survey with dynamic content based on the information provided about the SaaS offer. See the start of the page below seen under the Supplemental Content tab:
As long as the page is completed and the publisher seeks to Review & Publish, the offer submission will not be blocked in the publishing process. The validation will be initiated as the SaaS offer is published and will trigger a review post-publish. SmartCert tooling will initiate notification if there are any questions or concerns regarding how the solution is built on Azure, a notification will be sent, and the publisher will receive a follow up. Note: if a managed ISV has an existing offers that is found to be in non-compliance, the Certification team will work with the PDM/PTS for that ISV on the outreach and next steps.
The page should not show up for non-transactable SaaS offers (i.e., Contact Me listings). If the page does not show up for the offer, then it is not required, and no action is needed for that offer.
Timing
During Public Preview starting January 31, the module will be visible, but the completion will be optional for existing SaaS offers. We have notified publishers on March 1st, and publishers with existing offers must complete this information within 90 days. This module will move to GA and completion will be require for all transactable SaaS offers May 31st.
Support Standard Response:
The Supplemental Content module is now part of the publishing flow for SaaS offers that are intended to transact through the Azure Marketplace. The module will be required to complete publishing for each transactable SaaS offer. If an offer is not a transactable offer, then the information is not required, and the Supplemental Content module will not show up for your SaaS offer.
For new offers, this module will become available when you select the SaaS offer type and setup the offer to be transactable through the Azure Marketplace.
For existing offers, (1) please go to Partner Center, (2) navigate to the Marketplace Offers workspace, (3) review your offers and select a SaaS offer to update, (4) in the SaaS offer select the “Supplemental Content” tab, (5) complete the module, and (6) after you are finished, select “Review and Publish.” The module will need to be completed for each of your SaaS offers and the questions are specific to that SaaS offer.
If the Supplemental Content tab does not show up for a SaaS offer, then that listing is most likely a listing-only offer (i.e., Contact Me), does not require the information, and no action is needed from you for that offer.
This information will be required for appropriate SaaS offers within 90 days of notification (March 1st).
Microsoft Tech Community – Latest Blogs –Read More
Combine FinOps best practices and Microsoft tools to streamline and optimize your workloads
Cloud adoption is not a one-and-done endeavor, but an iterative process. Constant innovation means there are new and better cloud-based solutions available every day. That impacts your cloud workloads and the way you manage them. And as your use of cloud grows, so does the scale of your cloud deployments. If you’re a large enterprise organization, you may have hundreds or even thousands of cloud subscriptions. To keep costs in check, you need to continuously examine your workloads or subscriptions to understand how to get the most from cloud. You need a way to cut through the noise so you can prioritize your attention and resources and focus on your desired business outcomes.
Workload management is the process of defining how your resources are running in a given Azure environment. It means running resources only when necessary and at the level or capacity needed for the active workload. An effective workload management and automation plan can significantly reduce costs by adjusting configuration to match supply to demand dynamically, ensuring the most effective utilization. Are your workloads running all the time or are they running based on your business or organizational needs? Learn to optimize your cloud and build your skills to make the most of Azure. Once you understand how your workloads operate day-to-day you can automate certain processes to keep everything running at optimized levels.
FinOps best practices tie in closely here. FinOps encourages collaboration within your organization, increasing visibility into your cloud investment to all levels of the organization while helping you gain more financial control and predictability to optimize cloud spend.
This blog was written to help you better understand workload management and automation within the FinOps Framework and how to implement it in Azure using specific tools within Microsoft Cost Management and Advisor. Let’s take a closer look at each of these tools and how you can use them in conjunction with FinOps capabilities to understand and forecast your bill, optimize workload costs, and control your spending.
Microsoft Cost Management
Once you’ve begun migrating to Azure, you can use Microsoft Cost Management to continually track and monitor your cloud spending and improve the cost-effectiveness of your current investments. Microsoft Cost Management is available to anyone with access to a billing account, subscription, resource group or management group. You can access Cost Management within the billing and resource management experiences or separately as a standalone tool optimized for FinOps teams who manage cost across multiple scope. For ad-hoc exploration of cost data you can use cost analysis in Azure portal. If you need to integrate with your custom reporting, you can automate cost data exports.
Microsoft Cost Management enables you to access your cost datasets through Exports and the exported data can be analyzed using tools like Microsoft Fabric. Let’s take a closer look at these two tools.
A new and improved Exports experience
Data is important if you want to build and analyze custom reports, but FinOps datasets are often large and challenging to manage. We recently improved the Exports experience to help you streamline your FinOps practice. The new Exports experience, currently in preview, includes automatic exports of more cost-impacting datasets, including price sheets, reservation recommendations, reservation details, and reservation transactions, optimized to handle large datasets while enhancing the user experience.
The new Exports functionality also improves file manageability and reduces download latency. File partitioning, which breaks files into manageable smaller chunks, and file overwrite, which replaces the previous day’s file with an updated file each day in daily export, helps you save on storage and network costs. We’ve also added support for the FinOps Open Cost and Usage Specification (FOCUS) dataset, which combines amortized and actual costs and reduces data processing times. If you want to understand the details of an invoice and the resources that went into those charges, use Exports to download the data into a storage account. Depending on the file size, you can then use a custom reporting system solution such as Fabric, Excel or PowerBI to analyze the data.
Use Fabric to simplify your analytics needs
Once you have the data you want, how do you visualize it, analyze it, and build custom reports? That’s where Microsoft Fabric comes in. Microsoft Fabric is an all-in-one analytics solution. With Fabric, you don’t need to piece together different services from multiple vendors because Fabric offers a comprehensive suite of services, including data lake, data engineering, and data integration, all in one place, giving you a highly integrated, end-to-end, and easy-to-use product designed to simplify your analytics needs. By creating a single platform with tools for every data professional in a unified experience and architecture, Fabric reduces the cost and effort of integrating analytics services.
Fabric also includes Copilot functionalities. With Copilot in Microsoft Fabric, you can use natural language to create dataflows and pipelines, write SQL statements, build reports, or even develop machine learning models. Copilot in Fabric is currently in public preview with Power BI, Data Factory, Data Engineering, and Data Science experiences. For example, in Power BI, you can create reports and summarize your insights into narrative summaries in seconds. In Data Factory, you can simply describe how you want to ingest and transform the data using natural language and Copilot does the rest. When working in a notebook in Data Engineering or Data Science, you can more quickly enrich, model, analyze, and explore your data.
Azure Advisor
Azure Advisor is designed to help you focus your efforts and save time on cloud optimization. It orchestrates and guides your journey to create and maintain well-architected workloads on Azure. Several tools within Advisor can help you optimize your workloads. Let’s take a closer look at them:
Get tailored recommendations with Advisor Reviews
How do you determine how to get the most bang for your buck when it comes to optimizing your Azure workloads? Advisor Reviews, which is only available to those who have field assistance, allows you to apply a set of filters and get automated recommendations to improve each of your resources and subscriptions. And the Azure recommendations under this scenario are personalized even more. A Microsoft representative learns about your mission-critical workloads, analyzes your applications, and manually inputs tailored recommendations to help you improve resiliency. The recommendations are prioritized according to our best estimate of significance to your environment and available through Advisor so you have a single point of entry to view them.
View recommendation details – such as recommended actions and impacted resources – and solution options, including postponing or dismissing a recommendation. If you accept recommendations, you can then check your Advisor Score to see if the changes you invested in improved your score. Periodically return to Advisor to review and implement recommendations to continuously improve your workloads.
Identify gaps with Advisor Assessments
We recently introduced a new Assessment tab within Advisor that you can use to improve your workloads in the areas that matter most to your business. Advisor Assessments is a new experience in Azure Advisor that curates a set of questions about your infrastructure to help us identify gaps and opportunities in your workloads across five pillars: reliability, security, cost optimization, operational excellence, and performance efficiency. This is especially useful for early cloud adopters or early Azure customers. Based on the type of assessment you choose, you will be guided through a series of curated questions about your Azure infrastructure, workload etc. Based on your responses, we will generate tailored and prioritized recommendations to improve your Azure architecture. To use these new assessments, you’ll need Contributor Access on a subscription to take the assessment and Reader Access on a subscription to view the generated recommendation.
Previously, the results of these assessments were available for export where you could work on them offline. Now, everything is available in one place, so you can take assessments on, and receive recommendations directly within, the Advisor platform. There is no limit on the number of assessments that can be taken for a subscription, although you’ll be notified if someone else has already created an assessment for the same subscription/workload. To see all Microsoft assessment choices, go to the Learn platform > Assessments.
Understand where you can reduce spend with the Cost Optimization workbook
The Cost Optimization Workbook brings together all vital information about potential savings and opportunities for rate optimization and highlights tactical recommendations to help you understand how and where you can reduce spend. For example, the workbook will highlight any discounts available to you that you might not yet be taking advantage of. Within the workbook, you can use the Tabs function to focus your cost-reduction efforts in the areas of Compute (including Savings Plan), Azure Hybrid Benefit, Storage, and Networking. Use Filters to focus on a specific workload, apply a recommended optimization directly from the workbook, or share insights with your team.
We’re currently working to bake automation into the workbook for use cases within compute, storage, and networking so you can take an iterative approach to reducing costs. For example, if you find a workload that has virtual machines (VMs) that are not allocated but still incurring costs, the workbook will search for them and send an alert so you can choose to stop it. Not only will the Cost Optimization Workbook provide you an opportunity to find potential savings, but the workload management automation piece impacts other capabilities like your budget and real-time decision-making.
Estimate the cost of creating new or expanding existing deployments with the Pricing Calculator
The Azure Pricing Calculator is a web-based tool that makes it easier to plan and estimate the cost of creating new or expanding existing deployments by providing cost estimates based on the services used. With this tool, you can estimate the cost of running your workloads and explore various configurations of many different Azure services as you identify which SKUs and how much usage keeps you within your desired price range. The calculator also provides a cost estimate for your Azure consumption with your negotiated or discounted prices and strategic pricing offers such as Azure Hybrid Benefit, Reserved Instances and Azure savings plan for compute. The estimate is split into upfront and monthly costs. Your input from the Pricing Calculator can also help estimate the cost of any changes to your deployed workloads. That data can help inform more specific recommendations based on your current usage.
We’ve recently added six example scenarios to the Pricing Calculator, such as “add an enterprise data warehouse” or “add advanced analytics on big data.” Depending on your chosen scenario, the Pricing Calculator will walk you through the pieces you’ll need to build that scenario and the estimated cost. For example, if you want to add Azure Web Apps to deliver value faster to your customers with a continuous integration and continuous deployment (CI/CD) pipeline that pushes each of your changes automatically to Web Apps, you will need a VM, storage, bandwidth, and several services or functions. Once you select those pieces, you can choose how and where to deploy them and apply any savings plans. Not only does the Pricing Calculator help you understand the ingredients you’ll need to achieve your new scenario, it also provides a cost estimate based on your choices so you can better plan your next move.
Reducing costs by ensuring effective utilization
Each of the tools discussed here can be used to enable FinOps capabilities and help you develop an effective workload management and automation plan to reduce costs by adjusting configuration to match supply to demand, ensuring the most effective utilization. In addition, we recently released a FinOps Review Assessment based on guidance from the FinOps Foundation framework that can help you work to align your business with FinOps practices and principles.
You can learn even more about using FinOps best practices for workload management and automation at aka.ms/finops/solutions.
Microsoft Tech Community – Latest Blogs –Read More
