1
00:00:03,245 --> 00:00:07,935
Welcome to episode 357 of
the Microsoft Cloud IT Pro
2
00:00:07,935 --> 00:00:11,535
podcast recorded live
on October 16th, 2023.
3
00:00:11,965 --> 00:00:16,695
This is a show about Microsoft 365 and
Azure from the perspective of it pros and
4
00:00:16,695 --> 00:00:21,095
end users where we discuss a topic or
recent news and how it relates to you
5
00:00:21,465 --> 00:00:22,035
today.
6
00:00:22,035 --> 00:00:26,175
Ben and Scott run through the recently
announced community gallery capability
7
00:00:26,205 --> 00:00:29,135
that has been added to the
Azure Compute Gallery service.
8
00:00:29,515 --> 00:00:33,855
We also spend a little time talking
about the table level RAC read access
9
00:00:33,855 --> 00:00:35,935
control for log analytics workspace.
10
00:00:38,785 --> 00:00:41,055
Scott, you've had questions
for me in the past.
11
00:00:41,615 --> 00:00:45,255
I have a question for you this
morning. It kind of ties into.
12
00:00:45,395 --> 00:00:46,335
Tables are turning. I'm.
13
00:00:46,335 --> 00:00:47,168
Okay. Tables are turning.
14
00:00:47,555 --> 00:00:51,575
We were talking before we started
recording and you made a comment about you
15
00:00:51,575 --> 00:00:56,575
need to find more time to use
your green egg in your Blackstone
16
00:00:56,915 --> 00:00:57,895
to grill
.
17
00:00:58,275 --> 00:01:02,855
And it tied into an article I saw this
morning about a survey of workers that
18
00:01:02,855 --> 00:01:07,855
would take pay cuts for
these top tier perks and the
19
00:01:07,855 --> 00:01:10,135
biggest perks. I'm curious
what you think about these.
20
00:01:10,525 --> 00:01:14,535
This survey found that most workers would
take some kind of a pay cut for a four
21
00:01:14,535 --> 00:01:19,095
day work week consisting of four
eight hour days pay cut of 16 to
22
00:01:19,095 --> 00:01:22,535
20%. So essentially you're
giving up a day's salary, right?
23
00:01:22,595 --> 00:01:24,455
20% for four days of work.
24
00:01:24,665 --> 00:01:27,575
Large number of workers would also
take a pay cut from our vacation time.
25
00:01:27,845 --> 00:01:28,295
Same thing.
26
00:01:28,295 --> 00:01:33,055
16 20% doesn't say how much more
vacation time And then fully
27
00:01:33,315 --> 00:01:36,935
remote workers was obviously
one of the top ones.
28
00:01:36,935 --> 00:01:40,895
61% of people saying they would
take a pay cut for remote work.
29
00:01:41,335 --> 00:01:46,295
I think those were the big three more
vacation, four hour workday remote work.
30
00:01:46,715 --> 00:01:50,255
I'm curious, some people were like, I
would know that wasn't a pay cut one.
31
00:01:50,365 --> 00:01:53,775
Curious your thoughts. Would you
take a pay cut for any of those?
32
00:01:54,235 --> 00:01:57,215
Not that your employee could
listen or should do it for.
33
00:01:57,725 --> 00:01:59,375
More vacation? No,
34
00:01:59,815 --> 00:02:02,895
I think generally the thing to do is
like when you're walking into a new
35
00:02:03,095 --> 00:02:06,575
position is know your worth
and negotiate for it. Right?
36
00:02:06,635 --> 00:02:07,935
That's my thought. Even.
37
00:02:08,215 --> 00:02:09,815
Companies with very fixed policies,
38
00:02:10,215 --> 00:02:11,935
I think there's ways to
come to agreement there.
39
00:02:11,935 --> 00:02:15,215
Like you might land in a band
say with two weeks of vacation,
40
00:02:15,315 --> 00:02:16,455
but really you need like,
41
00:02:16,515 --> 00:02:19,695
you need three and that's what you're
used to and what you've had in the past.
42
00:02:20,195 --> 00:02:24,215
And I've run into that from some places
like having worked overseas where you
43
00:02:24,215 --> 00:02:25,775
just end up naturally with
more in a vacation time.
44
00:02:26,285 --> 00:02:30,895
Another interesting one is I've worked
at a bunch of law firms and law firms
45
00:02:31,285 --> 00:02:35,215
tend to have pretty generous vacation
policies, like three to four weeks.
46
00:02:35,735 --> 00:02:36,115
Interesting.
47
00:02:36,115 --> 00:02:37,815
For all employees regardless of level.
48
00:02:37,875 --> 00:02:41,975
So I got used to that pretty early on in
my career by doing some of that stuff.
49
00:02:42,045 --> 00:02:43,815
Like working with law firms
where I was like, Ooh,
50
00:02:44,215 --> 00:02:45,535
I just need three weeks .
51
00:02:46,155 --> 00:02:50,895
And now at Microsoft we do the DTO thing,
52
00:02:51,045 --> 00:02:55,895
discretionary time off, which
is effectively unlimited
time off but you know,
53
00:02:55,895 --> 00:02:59,685
you have to get, still get your manager's
approval and things like that. So no,
54
00:02:59,685 --> 00:03:04,565
I I don't think vacation time is one
that would be worth taking it for remote
55
00:03:04,565 --> 00:03:08,285
work. Yeah, absolutely. What you do,
if you are, if you think about it,
56
00:03:08,585 --> 00:03:13,525
if you're grinding away for say
like half an hour to an hour
57
00:03:13,525 --> 00:03:15,765
of commute one way each day,
58
00:03:16,345 --> 00:03:20,365
that's gonna be your eight hours
right there anyway . So,
59
00:03:20,505 --> 00:03:22,885
so just take the, take
the pay cut and do it.
60
00:03:22,885 --> 00:03:25,325
You were already putting the
time in. It is what it is.
61
00:03:25,825 --> 00:03:30,165
And generally you do come out ahead in
those deals just with the savings on
62
00:03:30,275 --> 00:03:34,165
mileage wear and tear gas. You
might up some more things at home.
63
00:03:34,625 --> 00:03:39,445
You might find that you go absolutely
crazy and end up with like microphones and
64
00:03:39,445 --> 00:03:42,325
fancy webcams, and
all the other stuff. But I,
65
00:03:42,445 --> 00:03:45,645
I think it all course fills
the gap pretty decently.
66
00:03:46,185 --> 00:03:48,365
The 40 workweek one is interesting.
67
00:03:49,125 --> 00:03:54,005
I would not want to do 32
hours I think for a 20%
68
00:03:54,225 --> 00:03:55,058
pay cut.
69
00:03:55,205 --> 00:03:59,725
I would rather do 40 hours like
we tend to do a standard in in the
70
00:03:59,725 --> 00:04:00,558
United States,
71
00:04:00,585 --> 00:04:05,125
but just let me do my 40 hours in four
days in four days and then I'm done.
72
00:04:05,285 --> 00:04:09,925
I can still do the same things and
I'll arguably have the same if not more
73
00:04:09,925 --> 00:04:14,405
output. So just let me, let
me do that and float through.
74
00:04:14,455 --> 00:04:17,405
Right. Especially I can
see the four and 40,
75
00:04:17,415 --> 00:04:21,565
especially if you're combining that with
the remote work because if you're doing
76
00:04:21,695 --> 00:04:25,205
eight to five and you're just doing a
quick lunch that's already nine hours.
77
00:04:25,615 --> 00:04:27,125
Lunch. What's lunch .
78
00:04:27,275 --> 00:04:28,205
Exactly. I.
79
00:04:28,205 --> 00:04:31,125
Don't, I don't get lunches
anyway so it it, yeah it's.
80
00:04:31,125 --> 00:04:32,965
The snacks sitting on my desk here.
81
00:04:33,665 --> 00:04:38,405
So I have mixed feelings about remote
work and if that should be a pay cut.
82
00:04:38,425 --> 00:04:41,405
So I've always had this theory too
if you're going into the office,
83
00:04:42,025 --> 00:04:46,525
how much money is the company actually
spending for you to be in the office
84
00:04:46,635 --> 00:04:49,925
because they're paying for the
real estate, the electricity,
85
00:04:50,425 --> 00:04:52,165
the office supplies.
86
00:04:52,165 --> 00:04:56,165
There may be a lot of office supplies
that you actually get if you're in the
87
00:04:56,165 --> 00:04:58,845
office in terms of chairs
and desks and all of that.
88
00:04:59,225 --> 00:05:02,965
Should you actually be getting a pay
cut if you're working remotely or should
89
00:05:03,025 --> 00:05:07,165
the company actually be investing some
of that money back into you for you to
90
00:05:07,355 --> 00:05:10,165
provide some of that stuff as
you're working remotely? Pick.
91
00:05:10,185 --> 00:05:11,325
The company. ,
92
00:05:11,435 --> 00:05:15,845
there's lots of companies even
today with the whole rigmarole about
93
00:05:16,325 --> 00:05:21,045
returned office RRTO and all that
stuff that are carrying large
94
00:05:21,105 --> 00:05:23,685
chunks of their books in
commercial real estate.
95
00:05:24,245 --> 00:05:25,765
I think it's hard to make that flip.
96
00:05:26,385 --> 00:05:29,525
If you went to a company today and that
company didn't have offices and they
97
00:05:29,525 --> 00:05:32,885
said, oh, but we pay 20% less,
that smells a little fishy.
98
00:05:33,425 --> 00:05:35,885
But if they have a bunch of
offices other places and they go,
99
00:05:35,885 --> 00:05:38,525
well we let some people come into the
office and they make this much and they
100
00:05:38,545 --> 00:05:41,325
let some people stay from home,
like there's trade-offs there.
101
00:05:41,405 --> 00:05:46,165
I think that's a negotiation that you
can potentially like rationalize your way
102
00:05:46,165 --> 00:05:50,325
through as a remote
work from home employee.
103
00:05:50,765 --> 00:05:53,285
I would take that trail. I don't know
that I could go back to an office,
104
00:05:53,335 --> 00:05:54,168
let's put it that way.
105
00:05:54,465 --> 00:05:57,965
If somebody came and said you have to
go back to an office or take a 20% pay
106
00:05:57,965 --> 00:06:00,245
cut, I would take a 20% pay cut, I think.
107
00:06:00,715 --> 00:06:02,045
Take the pay cut and stay at home.
108
00:06:02,265 --> 00:06:06,005
I'm not gonna sell my house and move
someplace else and do all those things.
109
00:06:06,225 --> 00:06:09,525
And I also get what you're saying about
long commutes. Like if, to your point,
110
00:06:09,525 --> 00:06:14,085
if you're driving an hour a day spending
X number of dollars on gas and oil
111
00:06:14,085 --> 00:06:18,805
changes and maintenance on your
car or whatever those additional
112
00:06:19,125 --> 00:06:22,725
expenses are that do come with commuting,
just even from a time perspective,
113
00:06:23,135 --> 00:06:25,885
there is something to be said
for that too. But I'm with you.
114
00:06:26,005 --> 00:06:27,725
I don't know that I could
ever go into an office. I.
115
00:06:27,725 --> 00:06:30,205
Don't, I don't know that people
always think about it that way.
116
00:06:30,605 --> 00:06:33,125
like and you have
to have, I I think it helps.
117
00:06:33,195 --> 00:06:37,845
Like I've worked places where I've
had to do the long commute thing.
118
00:06:37,845 --> 00:06:42,765
Like when I lived in outside Washington
DC when I had to go down into the
119
00:06:42,965 --> 00:06:44,285
district for customers,
Uhhuh ,
120
00:06:44,355 --> 00:06:46,445
that was a two hour one way commute.
121
00:06:46,575 --> 00:06:50,725
There were some days where it was
taking me three hours to go one way just
122
00:06:50,725 --> 00:06:55,565
because of traffic timing for
things like I lived 35 miles
123
00:06:55,675 --> 00:07:00,365
outside of dc which meant that for
me to get down into the district,
124
00:07:00,395 --> 00:07:04,285
like you can't drive on the hve lanes
as a single driver in the morning.
125
00:07:04,285 --> 00:07:06,285
So you had to find it potentially
a different way to get in,
126
00:07:06,705 --> 00:07:09,885
but you didn't want to drive in all the
way to the district and have to deal
127
00:07:09,885 --> 00:07:11,365
with the traffic actually down there.
128
00:07:11,625 --> 00:07:15,005
So I would drive my
car to a park and ride.
129
00:07:15,165 --> 00:07:18,325
I would go from the park and ride to the
train and then I would take the train
130
00:07:18,325 --> 00:07:20,405
to where I need to be and
maybe catch another bus, right?
131
00:07:20,505 --> 00:07:24,005
If there wasn't a train that got you
within a walkable distance of the place
132
00:07:24,275 --> 00:07:27,445
that you were going. So it was
a little ridiculous sometimes.
133
00:07:27,445 --> 00:07:30,965
And I would get home at eight
at night , what did I do?
134
00:07:31,325 --> 00:07:32,025
. Yeah.
135
00:07:32,025 --> 00:07:33,285
So in cases like that,
136
00:07:33,555 --> 00:07:38,245
it's a totally worthwhile trade off and
it's not a trade off that everybody can
137
00:07:38,245 --> 00:07:42,085
make, but if you can make it, I think
it's, yeah, it's worthwhile doing.
138
00:07:42,085 --> 00:07:44,205
Like it is a quality of life thing. It.
139
00:07:44,205 --> 00:07:44,725
Was interesting,
140
00:07:44,725 --> 00:07:48,205
there was just an interesting survey and
I'd say we'd post a link to it but it
141
00:07:48,205 --> 00:07:52,125
was on the Jacksonville Business Journal
and it's a paid link so if we post a
142
00:07:52,125 --> 00:07:53,805
link you can't really get
to it anyways. ,
143
00:07:54,105 --> 00:07:57,165
it was interesting just to see
what some of those top things were.
144
00:07:57,195 --> 00:08:02,125
That and the four, I'm with you, the
four day, eight hours a day surprised me.
145
00:08:02,125 --> 00:08:06,925
It was like, so people just wanna work
32 hours instead of 40 hours. There.
146
00:08:07,085 --> 00:08:07,925
Are people that do that.
147
00:08:08,185 --> 00:08:13,165
So I've definitely worked in organizations
and and come across folks that
148
00:08:13,165 --> 00:08:15,285
do those kinds of things. Uh, we did a,
149
00:08:16,165 --> 00:08:21,085
I attended maybe last year and a
half ago a seminar that was put
150
00:08:21,085 --> 00:08:26,045
on by one of our more junior employees
who decided to take that trade
151
00:08:26,045 --> 00:08:30,605
off like totally negotiated down and
said you are gonna do 32 hours a week
152
00:08:31,305 --> 00:08:34,885
and that's it. And for a
whole bunch of reasons, right?
153
00:08:34,885 --> 00:08:37,045
They're just like work life
balance, mental health,
154
00:08:37,475 --> 00:08:40,965
this is a better model for
me kind of thing. Uhhuh,
155
00:08:41,005 --> 00:08:42,085
and there's
a lot of that in there.
156
00:08:42,085 --> 00:08:44,245
Like everybody is situationally different.
157
00:08:44,275 --> 00:08:49,045
Like not everybody is built to
do 40 hours of continuous context
158
00:08:49,045 --> 00:08:53,845
switching the entire time. So I can I
get that respect it, know what you want,
159
00:08:53,905 --> 00:08:56,085
go for it and grab it if it's an option.
160
00:08:56,155 --> 00:08:58,405
That was my question
for the day outside of,
161
00:08:58,585 --> 00:09:01,765
and I also saw an article in there
about mansions for sale in Jacksonville,
162
00:09:01,905 --> 00:09:05,525
but we don't need to talk about $25
million mansions in Jacksonville .
163
00:09:05,585 --> 00:09:05,985
No.
164
00:09:05,985 --> 00:09:06,818
No, no we don't.
165
00:09:07,185 --> 00:09:10,925
So news, there's a few news things.
We were just talking before this too.
166
00:09:10,955 --> 00:09:12,325
News feels like it's slowed down,
167
00:09:12,625 --> 00:09:17,565
but Ignite is now one
month away I think ish
168
00:09:17,715 --> 00:09:18,005
give.
169
00:09:18,005 --> 00:09:20,045
Or take. Yes. From one we're
recording this. We're about,
170
00:09:20,045 --> 00:09:23,205
we're we're about a month and a
week away, so maybe just about five.
171
00:09:23,205 --> 00:09:26,685
Weeks. By the time people
hear this it'll be like two,
172
00:09:26,945 --> 00:09:28,365
two and a half weeks away. But.
173
00:09:28,365 --> 00:09:29,198
Something like that. Yeah.
174
00:09:29,265 --> 00:09:34,005
As a result Microsoft has said we
announce news as it comes up now and
175
00:09:34,215 --> 00:09:35,845
we've definitely seen a
lot more news come out,
176
00:09:35,945 --> 00:09:39,645
but it is also very apparent that once
you would get within a month of ignite,
177
00:09:39,825 --> 00:09:44,685
the news kinda slows down and Microsoft
is definitely holding some stuff
178
00:09:44,715 --> 00:09:46,885
back to announce that Ignite in a month.
179
00:09:47,025 --> 00:09:51,285
So there's a few things that have trickled
out that we figured we'd talk about
180
00:09:51,295 --> 00:09:53,245
today. So do you wanna take the first?
181
00:09:53,395 --> 00:09:54,605
Yeah, what do you wanna start with?
182
00:09:54,965 --> 00:09:57,005
I don't know. You have a tab
highlighted here in the browser.
183
00:09:57,145 --> 00:09:59,965
Do you wanna start with
the, the one you're on?
184
00:09:59,995 --> 00:10:02,125
This was an interesting
one that I did not see.
185
00:10:02,495 --> 00:10:06,845
Let's start with sharing images
using community galleries like.
186
00:10:06,845 --> 00:10:08,165
Pictures, right? .
187
00:10:08,445 --> 00:10:12,685
, yeah sort of I guess maybe
if we consider A-V-H-D-A picture,
188
00:10:12,825 --> 00:10:14,205
do we consider V HD's pictures?
189
00:10:14,285 --> 00:10:16,485
A vhd is a picture of a virtual machine.
190
00:10:16,515 --> 00:10:18,605
They certainly tell a story. No.
191
00:10:18,945 --> 00:10:23,325
So in Azure there has been this
thing kicking around for a while now,
192
00:10:23,325 --> 00:10:25,725
which is the Azure Compute Gallery.
193
00:10:26,585 --> 00:10:31,405
So for a long time you've been able
to take a virtual machine in Azure
194
00:10:31,985 --> 00:10:35,845
or even potentially like a virtual machine
from your, from another environment.
195
00:10:35,985 --> 00:10:36,785
Not the best idea.
196
00:10:36,785 --> 00:10:39,605
But typically we'd start with an Azure
one just for the best experience.
197
00:10:40,105 --> 00:10:42,965
But you can take those images
and you can customize them.
198
00:10:42,985 --> 00:10:47,925
So say it's like a Windows image
and you want to cis prep that
199
00:10:47,925 --> 00:10:52,725
image, take it back to an out of the
box experience for running it through.
200
00:10:52,865 --> 00:10:56,405
You maybe wanna lay down your own
bits on top of it just to give you an
201
00:10:56,405 --> 00:10:57,725
accelerator, like whatever it is.
202
00:10:57,985 --> 00:11:02,925
So you've had the ability for a long time
to take those images and let start it
203
00:11:02,925 --> 00:11:04,885
out as oh just grab AVHD,
204
00:11:04,885 --> 00:11:09,005
then you would create like an image your
next VM from that VHD that's a pain.
205
00:11:09,225 --> 00:11:11,165
And then they introduce this
thing called a commute gallery.
206
00:11:11,345 --> 00:11:15,925
So effectively take your images and
have your images with things like
207
00:11:15,975 --> 00:11:18,885
versioning associated
with them. So okay great.
208
00:11:18,885 --> 00:11:22,645
I've got my golden image
for Windows server 2022,
209
00:11:23,355 --> 00:11:28,325
I've got my golden image for
my Ubuntu 20.0 0.4 LTS version
210
00:11:28,325 --> 00:11:31,605
that I run in my environment,
Myre, whatever it happens to be.
211
00:11:32,115 --> 00:11:34,765
Take those and then be able to like
version them as you patch them,
212
00:11:34,905 --> 00:11:36,885
update your applications,
all those kinds of things.
213
00:11:37,355 --> 00:11:39,765
Compute galleries have
traditionally been private.
214
00:11:40,185 --> 00:11:42,245
So there's been like
the Azure marketplace,
215
00:11:42,705 --> 00:11:45,965
hey go out to the marketplace
from an official publisher,
216
00:11:46,025 --> 00:11:50,485
be it Microsoft or one of the other
vendors that's in the marketplace that's
217
00:11:50,485 --> 00:11:54,845
been vetted by Microsoft and grab your
VDS from there or your images that you
218
00:11:54,845 --> 00:11:58,805
spin up. So a third party example
would be something like Kemp,
219
00:11:58,805 --> 00:12:00,845
like you wanna spin up a
load balancer from Kemp,
220
00:12:01,625 --> 00:12:05,325
you need like a NetScaler,
that kind of thing. Great,
221
00:12:05,345 --> 00:12:09,485
you can go spin those up and those
are vendor supported images from those
222
00:12:09,925 --> 00:12:14,485
companies And now there's a new flavor
that's kicking around which within the
223
00:12:14,485 --> 00:12:17,725
community gallery now you can or
so within the compute gallery,
224
00:12:18,215 --> 00:12:19,085
Azure Compute Gallery,
225
00:12:19,505 --> 00:12:23,805
you can now have private galleries
which is traditionally what you've had.
226
00:12:24,265 --> 00:12:29,045
And you can also have a community gallery
227
00:12:29,985 --> 00:12:33,165
and community galleries are interesting.
228
00:12:33,185 --> 00:12:37,965
So private galleries as they've existed
you could do rback sharing within
229
00:12:37,965 --> 00:12:38,798
your tenant.
230
00:12:39,065 --> 00:12:43,245
You could also do a what was
known as a direct shared gallery
231
00:12:43,755 --> 00:12:48,045
potentially over to
other users within your
232
00:12:48,285 --> 00:12:51,725
tenancy, other subscriptions, things like
that. But generally like your tenant,
233
00:12:52,115 --> 00:12:56,925
your Azure ad intra ID tenant
was a boundary for you for
234
00:12:57,165 --> 00:12:57,625
identity.
235
00:12:57,625 --> 00:13:02,565
So you couldn't really share those things
publicly with other Azure users if you
236
00:13:02,565 --> 00:13:04,405
wanted to do that. Let's say
you didn't, I don't know,
237
00:13:04,405 --> 00:13:06,685
you didn't meet the bar to go
into the public marketplace,
238
00:13:06,825 --> 00:13:09,485
you just didn't even know it was the
thing. You didn't wanna deal with it.
239
00:13:09,675 --> 00:13:13,085
Like you could just spin up one of these
community galleries Now because what
240
00:13:13,085 --> 00:13:17,405
community galleries allow you
to do is you can still do rback.
241
00:13:17,465 --> 00:13:21,165
So you can still do things like your
share your images using world based access
242
00:13:21,165 --> 00:13:26,005
control to a service principle,
anything like that. People,
243
00:13:26,005 --> 00:13:27,525
groups, whatever it happens to be.
244
00:13:28,305 --> 00:13:32,205
But it's not locked down
to a specific tenant.
245
00:13:32,545 --> 00:13:37,365
So a community gallery lets you
break the boundary of a single tenant
246
00:13:37,705 --> 00:13:41,725
and get out there to more of the
marketplace or you can just share things
247
00:13:42,205 --> 00:13:47,045
publicly. You can say hey I've got
this community image and I want to
248
00:13:47,275 --> 00:13:51,685
push it out for everyone
out there to be able to see
249
00:13:52,225 --> 00:13:53,805
and get hands on with.
250
00:13:54,505 --> 00:13:59,365
So it's another mechanism or another
way for publishers to share things
251
00:13:59,475 --> 00:14:04,325
potentially outside of
the Azure marketplace.
252
00:14:04,865 --> 00:14:09,685
And that's got like pros and cons to it.
253
00:14:10,405 --> 00:14:13,925
I think as consumers of images,
254
00:14:14,075 --> 00:14:17,205
like we need to be pretty careful there
'cause now there's maybe some additional
255
00:14:17,325 --> 00:14:20,325
vetting or things that
you'll want to have in place.
256
00:14:20,565 --> 00:14:23,365
'cause like marketplace
images are certified,
257
00:14:23,435 --> 00:14:27,805
they go through a certification
process both for Microsoft images and
258
00:14:28,235 --> 00:14:32,805
like Microsoft as the vendor who's
publishing them or you know Kemp,
259
00:14:33,265 --> 00:14:35,965
Citrix NetScaler, all
those kinds of things.
260
00:14:35,975 --> 00:14:40,805
Those all go through a certification
process. They're all good. Vetted, verify,
261
00:14:41,225 --> 00:14:43,885
run 'em with your production workloads.
You can do that with confidence,
262
00:14:43,885 --> 00:14:47,765
they'll be supported. There's
a slew of first party,
263
00:14:48,015 --> 00:14:52,605
third party images, like all the,
all that stuff just is there.
264
00:14:53,065 --> 00:14:56,765
But I think the biggest
thing is they are supported.
265
00:14:57,085 --> 00:14:59,605
is probably the biggest
thing. Uh, for marketplace images,
266
00:14:59,955 --> 00:15:00,885
community images,
267
00:15:01,755 --> 00:15:06,045
there's a certain degree of trust that
you're going to have with the publisher.
268
00:15:06,765 --> 00:15:11,485
'cause like you or I could just go create
a community gallery today and spin up
269
00:15:11,485 --> 00:15:14,925
an image and put it out there.
So you're trusting that A,
270
00:15:14,945 --> 00:15:16,605
we know what we're doing
when we build that image.
271
00:15:17,325 --> 00:15:22,325
B we are licensed to
build and distribute that
272
00:15:22,325 --> 00:15:22,595
image.
273
00:15:22,595 --> 00:15:26,765
Like there could be software licensing
or other things that come into play
274
00:15:26,765 --> 00:15:31,125
there. So this is really good for open
source stuff potentially depending on the
275
00:15:31,125 --> 00:15:32,485
license associated with that.
276
00:15:33,205 --> 00:15:36,765
I don't know how well or how much
it gets used for commercial stuff.
277
00:15:37,475 --> 00:15:38,605
It's also great for testing.
278
00:15:38,795 --> 00:15:42,645
Like I could see like a
bunch of marketplace vendors
potentially using this as a
279
00:15:42,645 --> 00:15:46,285
path to test their images and get them
out there. There's no like billing model,
280
00:15:46,765 --> 00:15:50,485
anything like that. Community images
are just free. So it really is like a,
281
00:15:50,645 --> 00:15:52,565
I think like an apple like
test flight kind of thing.
282
00:15:52,565 --> 00:15:54,645
Like it is very test kind of thing.
283
00:15:55,145 --> 00:15:59,725
And then that support angle is a
rough one I think in that images
284
00:15:59,725 --> 00:16:03,885
published through a community gallery
are supported by the owner of the image.
285
00:16:03,945 --> 00:16:08,245
So who's the person who made the
image that is who is ultimately
286
00:16:08,435 --> 00:16:12,205
responsible for support
on top of that thing.
287
00:16:12,745 --> 00:16:15,085
And Microsoft calls this out
in the documentation. Okay,
288
00:16:15,085 --> 00:16:18,125
like this is potentially an
area you could be interested in,
289
00:16:18,545 --> 00:16:21,405
but if you are a consumer
of community gallery images,
290
00:16:21,475 --> 00:16:25,525
like you're not just a
publisher but you're also
using them in your environment.
291
00:16:25,525 --> 00:16:30,205
Like you should exercise a degree
of caution there because
292
00:16:31,145 --> 00:16:35,245
you really do have more work to do. Like
you have to go verify the source again,
293
00:16:35,245 --> 00:16:36,965
there's no like certification scanning,
294
00:16:37,565 --> 00:16:39,045
anything like that that
happens on the way.
295
00:16:39,045 --> 00:16:40,685
Like there could be
malware in these things.
296
00:16:40,915 --> 00:16:44,365
Like it's really on you to
go and figure it out and,
297
00:16:44,365 --> 00:16:48,405
and there's mechanisms for folks to
report nefarious images to Microsoft.
298
00:16:48,405 --> 00:16:53,205
Like all that stuff's in place but
it doesn't stop it from getting
299
00:16:53,265 --> 00:16:57,365
out there as quickly the way it might
do in something like the regular Azure
300
00:16:57,365 --> 00:16:58,198
marketplace. Yeah.
301
00:16:58,285 --> 00:16:59,645
I was just looking through it.
302
00:16:59,665 --> 00:17:04,365
So if you go out to Azure and you
303
00:17:04,365 --> 00:17:07,125
browse for resources, you
can go look up and I'm,
304
00:17:07,285 --> 00:17:08,885
I think these are all community galleries.
305
00:17:08,885 --> 00:17:13,405
You can go look for the community
images in Azure and just start
306
00:17:14,005 --> 00:17:15,445
browsing through them.
307
00:17:15,585 --> 00:17:20,205
So in community images right now there are
308
00:17:20,415 --> 00:17:24,445
4,600 images and you're right,
309
00:17:24,545 --> 00:17:26,565
you don't know what any of them are.
310
00:17:26,665 --> 00:17:30,925
So one of them in here is from some
guy named Pete and the gallery is Pete
311
00:17:31,155 --> 00:17:36,005
Specialized and it's a
Windows 11 and they have AURL
312
00:17:36,225 --> 00:17:38,525
for the publisher's website,
313
00:17:38,535 --> 00:17:41,765
which just goes to his public blog.
314
00:17:41,915 --> 00:17:46,205
It's Peter and it's a software
engineer's log book. But to your point,
315
00:17:46,235 --> 00:17:50,885
it's what is actually in
this Windows 11 specialized
316
00:17:50,895 --> 00:17:55,245
image. Because one thing I
don't see on any of these is
317
00:17:56,105 --> 00:18:00,765
for all of these community
images, they have a name location,
318
00:18:00,885 --> 00:18:02,525
architecture publisher,
319
00:18:02,945 --> 00:18:05,965
but there's no description
on any of these.
320
00:18:06,525 --> 00:18:10,685
I don't even see a description field
where someone could go in and specify
321
00:18:11,515 --> 00:18:16,325
what this image actually is
or what's contained in it or
322
00:18:16,505 --> 00:18:19,685
why I might want to use
it. And I'm wondering if.
323
00:18:19,795 --> 00:18:20,628
It's a little rough.
324
00:18:20,785 --> 00:18:24,885
So if you go look at the way to deploy
from a community image today, uh,
325
00:18:25,195 --> 00:18:26,925
lots of the examples like they,
326
00:18:26,925 --> 00:18:31,125
they start right off with CLI
and and and rest even over the,
327
00:18:31,785 --> 00:18:35,805
the portal deployment experience. But
if, if you dig down in and you go, okay,
328
00:18:35,805 --> 00:18:38,605
hey let's look and see how
you deploy this in the CLI,
329
00:18:38,875 --> 00:18:43,445
it's effectively do discovery, go out
and list the images that are available,
330
00:18:43,955 --> 00:18:47,205
list the community images that
are available. Funny enough,
331
00:18:47,785 --> 00:18:51,845
not a global resource, right? This
is still a a regional service.
332
00:18:52,265 --> 00:18:55,285
So go out and list the community
images that exist in this region.
333
00:18:55,835 --> 00:18:58,485
Show me all the community images
in east US in North Europe,
334
00:18:58,635 --> 00:19:02,725
like whatever happens to be where
you're deploying. Once you have that,
335
00:19:03,705 --> 00:19:08,165
the resource ID to that image. So,
336
00:19:08,165 --> 00:19:09,245
so effectively the string,
337
00:19:09,625 --> 00:19:13,925
here's the gallery name and the
GUI associated with that image.
338
00:19:14,065 --> 00:19:18,205
All that stuff all the way down to the
version that becomes like what you pass
339
00:19:18,315 --> 00:19:22,405
into a VM creed command to get things,
340
00:19:23,385 --> 00:19:26,605
get things spun up and
get them running. So yeah,
341
00:19:26,995 --> 00:19:28,765
it's new thing that's out there. I,
342
00:19:28,865 --> 00:19:33,365
I'd be interested to see what the
uptick on it is and if you do see like
343
00:19:33,605 --> 00:19:36,445
MSRC reports on these over time of, I,
344
00:19:36,525 --> 00:19:40,845
I could totally see a vendor coming
in and doing something like a,
345
00:19:41,005 --> 00:19:43,205
a bad actor vendors
maybe a bad choice word.
346
00:19:43,365 --> 00:19:46,125
A bad actor comes in and you know,
347
00:19:46,295 --> 00:19:50,565
slams a bunch of images into 60
regions or you've gotta play like
348
00:19:50,645 --> 00:19:55,565
whack-a-mole trying to figure out like
which region which bad actor is in and
349
00:19:55,625 --> 00:19:57,245
and where they've published
in images, things like that.
350
00:19:57,315 --> 00:20:01,725
There's more vetting for you
to do as a customer here.
351
00:20:01,725 --> 00:20:06,565
Like you really do have to trust where
these things come from because say
352
00:20:06,565 --> 00:20:10,525
you're using like a virtual machine
scale set and we're doing like VMSS and
353
00:20:10,525 --> 00:20:11,358
we're scaling things out.
354
00:20:11,745 --> 00:20:16,005
The way you're gonna do this is
community images aren't just like a,
355
00:20:16,595 --> 00:20:20,485
it's like a docker image in that it's
got like a version associated with it.
356
00:20:20,705 --> 00:20:22,045
So yeah like if the docker image,
357
00:20:22,045 --> 00:20:26,405
you might always do like docker on
image name and then a tag of latest like
358
00:20:26,405 --> 00:20:28,645
always give me the latest
one every time I run this.
359
00:20:28,825 --> 00:20:32,765
You can do the same kinds of things
and you'll see that if you dig into the
360
00:20:33,005 --> 00:20:37,645
resource U MRIs and the image definition
ur urs in that you're actually pointing
361
00:20:37,645 --> 00:20:42,605
down to version and version could
just be like latest it could be
362
00:20:42,645 --> 00:20:46,605
a tag and the next VMSS instance that
you bring up could potentially be running
363
00:20:46,605 --> 00:20:48,080
something different than the rest of it.
364
00:20:48,335 --> 00:20:50,285
There could have been something
bad that happened along the way.
365
00:20:50,845 --> 00:20:52,205
Whatever ear mileage may vary.
366
00:20:52,385 --> 00:20:54,685
Yes, I'm having fun going
through here and just going,
367
00:20:55,065 --> 00:20:56,205
HP has some stuff out here.
368
00:20:59,825 --> 00:21:03,525
Do you feel overwhelmed by trying to
manage your Office 365 environment?
369
00:21:03,585 --> 00:21:07,525
Are you facing unexpected issues that
disrupt your company's productivity?
370
00:21:07,555 --> 00:21:11,485
Intelligent is here to help much like you
take your car to the mechanic that has
371
00:21:11,485 --> 00:21:15,765
specialized knowledge on how to best keep
your car running intelligent helps you
372
00:21:15,765 --> 00:21:19,005
with your Microsoft cloud environment
because that's their expertise.
373
00:21:19,035 --> 00:21:23,165
Intelligent keeps up with
the latest updates in the
Microsoft cloud to help keep
374
00:21:23,165 --> 00:21:25,605
your business running smoothly
and ahead of the curve.
375
00:21:25,635 --> 00:21:30,005
Whether you are a small organization with
just a few users up to an organization
376
00:21:30,005 --> 00:21:34,205
of several thousand employees they want
to partner with you to implement and
377
00:21:34,205 --> 00:21:36,725
administer your Microsoft
cloud technology,
378
00:21:37,255 --> 00:21:40,645
visit them at intelligent.com/podcast.
379
00:21:41,105 --> 00:21:45,605
That's I-N-T-E-L-L-I-G-I-N
380
00:21:45,725 --> 00:21:50,685
k.com/podcast for more information
or to schedule a 30 minute
381
00:21:50,685 --> 00:21:52,285
call to get started with them today.
382
00:21:53,165 --> 00:21:57,125
Remember intelligent focuses on the
Microsoft cloud so you can focus on your
383
00:21:57,445 --> 00:22:01,165
business. So there's some good stuff.
384
00:22:01,355 --> 00:22:06,045
There's some an HP HPE ES morale
385
00:22:06,805 --> 00:22:11,405
software documentation. So they have an
image out there for their ESM morale.
386
00:22:11,485 --> 00:22:14,605
I don't even know what it is but they
have some images out there for that.
387
00:22:14,985 --> 00:22:18,805
It looks like it's primarily different
vendors that have built their services,
388
00:22:19,275 --> 00:22:22,165
bundled them into a VM
and pushed 'em out there.
389
00:22:22,465 --> 00:22:27,125
But then you do have these random ones
like Pete's specialized VM image, huh.
390
00:22:27,465 --> 00:22:29,245
It will be interesting
to see the uptake too.
391
00:22:29,245 --> 00:22:34,165
And I feel like at some point in
time you need better sorting or maybe
392
00:22:34,625 --> 00:22:39,085
you don't necessarily go to the community
image to find it but if you have a
393
00:22:39,285 --> 00:22:42,885
specific vendor that you buy software
from that you're using it from,
394
00:22:42,905 --> 00:22:46,845
it gives them an option to put it out
there and maybe trust them to point you to
395
00:22:46,845 --> 00:22:47,678
the right image.
396
00:22:47,755 --> 00:22:51,645
It's an interesting model of how do
you figure out if there's something out
397
00:22:51,645 --> 00:22:52,445
there you wanna use.
398
00:22:52,445 --> 00:22:57,125
I would almost wanna see it where you
could browse by publisher and that's
399
00:22:57,405 --> 00:23:00,925
a little hard to do maybe today like it,
400
00:23:00,925 --> 00:23:04,805
it'd even be nice if you could just
maybe browse by like publisher URI.
401
00:23:05,145 --> 00:23:08,165
So there's a couple extra fields
if you load one of these up.
402
00:23:08,665 --> 00:23:12,205
Say you push the community image out
there and and you sort of see the metadata
403
00:23:12,205 --> 00:23:15,805
associated with it. So there's name
of the resource that makes sense,
404
00:23:16,115 --> 00:23:21,045
what location does it live in?
What's its architecture X 86, X 64,
405
00:23:21,045 --> 00:23:25,485
that kind of thing. But there's also a
publisher URI and a legal agreement URL.
406
00:23:25,945 --> 00:23:27,165
So if you go look today,
407
00:23:27,275 --> 00:23:31,405
like there's a bunch of stuff even that
appears to be published by Microsoft
408
00:23:31,405 --> 00:23:33,045
where like they've just
skipped those fields.
409
00:23:33,445 --> 00:23:38,165
and publishing
URI is ww www.example.com
410
00:23:38,235 --> 00:23:40,405
kind of thing. If you
go out and browse it,
411
00:23:40,805 --> 00:23:45,005
I don't know if you were noticed
but like all the by default it's
412
00:23:45,585 --> 00:23:47,605
sorted by the public gallery name. Yep.
413
00:23:47,745 --> 00:23:52,565
So a bunch of stuff that shows up there
is for actual like Microsoft services,
414
00:23:53,035 --> 00:23:57,685
there's a ton of AKS images that
just fill up the first couple of
415
00:23:57,835 --> 00:23:58,475
screens,
416
00:23:58,475 --> 00:24:02,965
like different versions of Ubuntu
running different versions of container
417
00:24:03,285 --> 00:24:07,565
DA FIPs compliant container D and then
they have all like the permutations of
418
00:24:07,565 --> 00:24:11,165
that. So you see each image
like published globally.
419
00:24:11,665 --> 00:24:16,325
So okay there's one image but rather
than being in one one region it's in
420
00:24:16,415 --> 00:24:17,605
60 regions .
421
00:24:17,785 --> 00:24:22,325
Yes And just pushed all over the place
to prevent egress charges from eating up
422
00:24:22,325 --> 00:24:23,845
too much and things like that.
423
00:24:24,425 --> 00:24:29,365
But there's tons of just variants
of different things out there.
424
00:24:29,675 --> 00:24:30,215
Yeah,
425
00:24:30,215 --> 00:24:33,965
you'd have to go through the list and
see and I imagine most of this would be
426
00:24:33,965 --> 00:24:36,405
like very much like a test
flight ish kind of thing.
427
00:24:36,405 --> 00:24:41,245
Like a vendor comes to you and says hey
here's the image definition URI so that
428
00:24:41,245 --> 00:24:43,845
you don't have to go
searching for it this way.
429
00:24:43,875 --> 00:24:45,645
Yeah because even like
the way it is today,
430
00:24:45,645 --> 00:24:48,365
like grouping by like the public
gallery name and things like that,
431
00:24:48,435 --> 00:24:53,245
like it's a messy way to
get in there and view things
432
00:24:53,485 --> 00:24:53,605
a.
433
00:24:53,605 --> 00:24:54,305
Hundred percent.
434
00:24:54,305 --> 00:24:58,125
So definitely has potential I I agree
it needs some work to be able to sort
435
00:24:58,125 --> 00:25:00,285
filter, make it usable.
436
00:25:00,545 --> 00:25:05,485
If you wanna start in community images
versus a vendor telling you hey we
437
00:25:05,485 --> 00:25:07,165
have all these community images out here.
438
00:25:07,545 --> 00:25:12,285
Here's our public gallery name or here's
the link like you said directly to that
439
00:25:12,335 --> 00:25:13,605
image we have published for you.
440
00:25:13,665 --> 00:25:15,765
If you want, if you're up in the portal.
441
00:25:16,145 --> 00:25:20,285
So something you can do is in the
upper right if you're in the list view,
442
00:25:20,665 --> 00:25:25,485
go click on the list view and change
over to the summary view and then do
443
00:25:25,485 --> 00:25:28,165
something like summarize by location.
444
00:25:28,535 --> 00:25:32,805
We'll show you a map and the number
of deployed images out at out at each
445
00:25:33,125 --> 00:25:35,125
location. But you can then go in,
446
00:25:35,195 --> 00:25:39,885
there's a summary view for a gallery name
and you can just say hey show me like
447
00:25:40,025 --> 00:25:43,725
the top 10 publishers in the
gallery. Things like that. Hey.
448
00:25:43,725 --> 00:25:44,025
Scott,
449
00:25:44,025 --> 00:25:47,085
did you try clicking on the summary view
by location and then actually clicking
450
00:25:47,105 --> 00:25:47,938
on a location?
451
00:25:48,165 --> 00:25:50,725
I did not click on a location.
I mean they came up Oh yeah.
452
00:25:51,045 --> 00:25:53,805
, they're, they're
still working on that. They're.
453
00:25:53,805 --> 00:25:56,285
Broken some underlying APII think.
454
00:25:56,435 --> 00:25:57,565
Yeah that was my first one.
455
00:25:57,585 --> 00:26:00,445
I'm like oh it's deployed in
East US two and I got an error.
456
00:26:00,745 --> 00:26:04,405
So it's not just me ,
that's a, it's interesting.
457
00:26:04,405 --> 00:26:09,365
Maybe we should create a podcast gallery
Scott of all of our VMs of nothing
458
00:26:09,645 --> 00:26:11,845
'cause I don't have that
many customized ones.
459
00:26:12,235 --> 00:26:16,565
I've done a few for like dev box and
AVD where I've done some gold images
460
00:26:17,065 --> 00:26:20,925
but nothing that I don't know that I'm
pushing any public galleries anytime
461
00:26:20,925 --> 00:26:21,425
soon.
462
00:26:21,425 --> 00:26:23,645
I'd be super scared to publish most stuff.
463
00:26:23,645 --> 00:26:26,925
Like I think you'd have to be a little
bit of illegal eagle to get some of that
464
00:26:26,925 --> 00:26:29,765
out there, right? Like I would not
want to publish a Windows 11 image.
465
00:26:29,765 --> 00:26:33,365
Lemme put it that way for Pete's
special image gallery over there.
466
00:26:33,715 --> 00:26:37,125
That doesn't seem .
Something could be off there. Well.
467
00:26:37,125 --> 00:26:39,125
But you'd still have to license it, right?
468
00:26:39,225 --> 00:26:44,045
So it's not on you to
necessarily license the OSS or
469
00:26:44,045 --> 00:26:48,845
from a legally standpoint in terms
of somebody doing something on your
470
00:26:48,935 --> 00:26:52,165
image and it somehow
coming back on you. You.
471
00:26:52,165 --> 00:26:55,365
Just don't know. So in my
mind, let's put it this way,
472
00:26:55,365 --> 00:26:58,405
like given the choice between going and
getting like an Ubuntu image from the
473
00:26:58,405 --> 00:27:00,525
marketplace, Azure marketplace,
474
00:27:00,835 --> 00:27:05,725
okay that that certified scanned
publicly verifiable thing versus
475
00:27:05,925 --> 00:27:06,758
a community gallery.
476
00:27:07,105 --> 00:27:09,845
I'm either gonna go to the marketplace
or I'm gonna build my own. That's it.
477
00:27:10,065 --> 00:27:14,085
I'm not gonna go to the community gallery
and deal with deal with that kind of
478
00:27:14,085 --> 00:27:17,885
thing. Especially for a base image
in my head it would be like, ooh,
479
00:27:18,035 --> 00:27:20,045
base images marketplace, great,
480
00:27:20,105 --> 00:27:24,925
we can get those And then if whatever
you need in a base image isn't there in a
481
00:27:24,925 --> 00:27:28,565
base image like what's my overhead
to add it and maintain it,
482
00:27:28,885 --> 00:27:33,525
I bet that's gonna be like right in
line if not lower than dealing with
483
00:27:33,525 --> 00:27:36,285
something from a community
gallery. Yeah. And then I,
484
00:27:36,445 --> 00:27:40,925
I would think a lot of the community
gallery over time turns into probably what
485
00:27:40,925 --> 00:27:44,845
it looks like the AKS team is doing where
there are a bunch of like test images
486
00:27:45,065 --> 00:27:49,005
and variants and things like that
that you can go out and run with.
487
00:27:49,185 --> 00:27:52,325
So if I'm Citrix and I'm
publishing NetScalers out,
488
00:27:52,845 --> 00:27:57,525
I might have my marketplace images for
NetScalers and then maybe I have an
489
00:27:57,525 --> 00:28:01,685
entire test bed set of images that I
can let customers get on like early days
490
00:28:01,825 --> 00:28:04,485
for a new release to go vet something.
491
00:28:04,675 --> 00:28:05,165
Yeah,
492
00:28:05,165 --> 00:28:09,245
I think that's where I'd see a lot of
benefits to it 'cause looking through it,
493
00:28:09,365 --> 00:28:12,885
I did see a couple, let's
see if these come back up.
494
00:28:13,155 --> 00:28:17,605
Yeah there's some here that
you have nightly builds
495
00:28:17,945 --> 00:28:22,525
net service who are these
by edgeless systems has
496
00:28:22,555 --> 00:28:24,685
something out there. I
don't know what they do.
497
00:28:25,065 --> 00:28:29,445
Any cloud always encrypted open source
solutions for confidential computing.
498
00:28:29,465 --> 00:28:33,525
But if you go look for like nightly
you will see some of these images where
499
00:28:33,525 --> 00:28:38,005
there's nightly builds of stuff
or dev builds or beta builds and
500
00:28:38,605 --> 00:28:43,005
I agree with you there where if you have
some of those production workloads and
501
00:28:43,005 --> 00:28:46,445
you do wanna have give customers the
option to go test on a nightly build or a
502
00:28:46,445 --> 00:28:49,205
lab build or something like that,
this could be a good place for it.
503
00:28:49,265 --> 00:28:52,805
But again I think then you're
coming through the vendor's website.
504
00:28:52,845 --> 00:28:57,765
You're not necessarily out here browsing
for edgeless systems nightly builds
505
00:28:57,765 --> 00:28:58,598
because.
506
00:28:59,045 --> 00:28:59,878
.
507
00:29:00,125 --> 00:29:03,005
I don't know why. Yeah. So fascinating.
508
00:29:03,675 --> 00:29:06,005
More services see where it goes.
509
00:29:06,265 --> 00:29:09,725
But with that I have meetings coming
up Scott we have some more topics.
510
00:29:09,995 --> 00:29:13,845
Yeah we have more topics but we might
have to punt those for next week unless
511
00:29:13,845 --> 00:29:16,885
you had another quick one
you wanted to talk through.
512
00:29:17,145 --> 00:29:20,525
So we're talking galleries and rback
and sharing and things like that.
513
00:29:20,665 --> 00:29:23,085
So one that crossed my radar,
514
00:29:23,655 --> 00:29:27,525
we've talked a bunch about log analytics
and custo and things like that in the
515
00:29:27,525 --> 00:29:32,325
past table level AC in custo
516
00:29:32,525 --> 00:29:36,525
clusters. Have you seen this
one out there and kicking about.
517
00:29:36,745 --> 00:29:41,365
You sent this one to me a few
weeks ago 'cause we were talking
518
00:29:41,455 --> 00:29:46,045
about it from a sentinel
deployment perspective of
519
00:29:46,235 --> 00:29:51,085
what if I want to have a log analytics
workspace and layer sentinel on
520
00:29:51,085 --> 00:29:56,045
it but I don't necessarily want
everybody to have access to everything
521
00:29:56,265 --> 00:30:01,245
in my log analytics where maybe
those users using Sentinel doing
522
00:30:01,265 --> 00:30:05,765
it for those SIM workloads need
access to the entire log analytics
523
00:30:05,765 --> 00:30:06,425
workspace.
524
00:30:06,425 --> 00:30:11,125
But my app developers only
need access to certain data
525
00:30:11,225 --> 00:30:15,965
in there like the app services they're
working on where they're using it for app
526
00:30:16,165 --> 00:30:17,125
insights or something like that.
527
00:30:17,185 --> 00:30:22,085
And it was how do you secure your
logs if you're using a single instance
528
00:30:22,085 --> 00:30:24,925
of log analytics for
these different workloads?
529
00:30:25,265 --> 00:30:29,845
And you sent this to me when we were
talking about that 'cause up in before I
530
00:30:29,845 --> 00:30:31,365
had not seen this one. Yeah.
531
00:30:31,545 --> 00:30:35,845
So this is a capability
that is in preview uh,
532
00:30:35,865 --> 00:30:38,445
as far as being able to use like
Azure R back in this manner. Yep.
533
00:30:38,685 --> 00:30:43,605
TLDR is you end up with
a log analytics workspace
534
00:30:43,895 --> 00:30:48,485
where you're gonna create some some
new roles around that log analytics
535
00:30:48,485 --> 00:30:49,305
workspace.
536
00:30:49,305 --> 00:30:54,125
So you're gonna have a new role at the
workspace level like all up here's my
537
00:30:54,405 --> 00:30:58,165
deployed resource and all the tables
within it and what that role does,
538
00:30:58,715 --> 00:31:03,205
it's a kinda limited permission
role that has access to read
539
00:31:03,205 --> 00:31:08,165
workspace details and it has the
ability to run a query but it does not
540
00:31:08,165 --> 00:31:11,885
have the ability to read any
data from any tables in there.
541
00:31:12,145 --> 00:31:16,405
So that kind of gives you the ability to
go in and see hey what's out there But
542
00:31:16,405 --> 00:31:18,165
then if you actually wanna run against it,
543
00:31:18,165 --> 00:31:21,645
you need additional permissions to get
at it And then you have a table level
544
00:31:21,675 --> 00:31:26,245
role which effectively becomes a reader
role and those are just scoped down
545
00:31:26,505 --> 00:31:30,085
at the table level to let
folks in on that side.
546
00:31:30,145 --> 00:31:34,285
So in combination like when you have
both the roles and they both line up the
547
00:31:34,285 --> 00:31:34,565
right way,
548
00:31:34,565 --> 00:31:38,165
then you get this magical super set where
not only can you see the table and you
549
00:31:38,165 --> 00:31:42,805
have the ability to run queries
but now you have the additional
550
00:31:42,895 --> 00:31:47,765
grant and additional permission
to be able to execute a query,
551
00:31:48,385 --> 00:31:51,565
uh I guess execute a query, read
data out of the table. Yeah.
552
00:31:51,755 --> 00:31:52,045
It's.
553
00:31:52,045 --> 00:31:56,645
Weird because the permission is like
workspaces slash query slash read and it's
554
00:31:56,645 --> 00:31:56,765
really,
555
00:31:56,765 --> 00:32:00,845
it should be like WordSpace slash
query slash execute and read or
556
00:32:01,285 --> 00:32:03,645
whatever it happens
to be, something like that.
557
00:32:03,985 --> 00:32:06,565
But because these are are back rolls,
558
00:32:06,585 --> 00:32:10,325
you can do things like
action have a not action.
559
00:32:10,625 --> 00:32:15,085
So you could say like for
this user they're not allowed
to do this thing on this
560
00:32:15,085 --> 00:32:17,245
table, anything like that up and down.
561
00:32:17,785 --> 00:32:22,085
So it's pretty familiar once you know
what the roles are that are out there.
562
00:32:22,385 --> 00:32:25,925
So that customer role that you created
at the top and then the reader role for
563
00:32:26,035 --> 00:32:26,868
each table,
564
00:32:27,235 --> 00:32:32,165
it's just going ahead and applying
RAC at that point to get it out there.
565
00:32:32,265 --> 00:32:36,245
So I've been having to play around with
it like it's pretty seamless like I mean
566
00:32:36,245 --> 00:32:41,045
it's, it really does just bring your
scope for RAC down to a lower level
567
00:32:41,635 --> 00:32:46,085
down to that table level within
a log analytics resource.
568
00:32:46,385 --> 00:32:48,925
So there still might be some weird
things in there like you mentioned like
569
00:32:48,925 --> 00:32:52,165
Sentinel is one of those
things that really should
have access to all the tables
570
00:32:52,165 --> 00:32:52,998
that are out there.
571
00:32:53,185 --> 00:32:57,485
So you need to think your way through
that one and what that looks like and
572
00:32:57,485 --> 00:33:00,285
maybe even like where
users execute queries from,
573
00:33:00,505 --> 00:33:03,205
do they execute them from Sentinel
which is running on say like a managed
574
00:33:03,525 --> 00:33:07,005
identity and it has access to everything
or do you give them access to the log
575
00:33:07,005 --> 00:33:11,685
analytics workspace where then they're
coming in as their user principle and all
576
00:33:11,685 --> 00:33:13,725
that kind of stuff to get to
where they need to be. And it.
577
00:33:13,725 --> 00:33:17,605
Also looks like you talked
about permissions but it
also has a couple different
578
00:33:17,985 --> 00:33:19,645
access control modes.
579
00:33:20,095 --> 00:33:24,365
Going back to kind of the example that
I had talked about where you can set
580
00:33:24,395 --> 00:33:29,005
workspace permissions where
it doesn't allow granular RAC
581
00:33:29,425 --> 00:33:33,045
and you essentially have access to
everything but they also have a user or a
582
00:33:33,075 --> 00:33:37,005
user resource or workspace permissions
where it's not even going and it looks
583
00:33:37,005 --> 00:33:38,445
like and setting it up the table.
584
00:33:38,785 --> 00:33:42,925
But if you use that control
mode you can do granular RAC
585
00:33:43,355 --> 00:33:47,965
granted based on the
resource they can view
586
00:33:48,025 --> 00:33:52,885
versus just a let's go set it
on this table or this table and
587
00:33:53,415 --> 00:33:54,845
going down that route. This.
588
00:33:54,845 --> 00:33:56,925
Will be the new mode going forward.
589
00:33:57,165 --> 00:34:02,165
I I like my sense is once
this GA is that the old
590
00:34:02,185 --> 00:34:05,645
way of table level access and the reason
I say it's probably gonna go away is
591
00:34:05,765 --> 00:34:09,205
'cause they started calling it the legacy
method of setting table level
592
00:34:09,275 --> 00:34:09,745
read.
593
00:34:09,745 --> 00:34:10,805
That's usually a good hint.
594
00:34:10,825 --> 00:34:15,805
That's my hint that at some point
like when this capability GA's they'll
595
00:34:15,805 --> 00:34:17,165
get away from the old way of doing it.
596
00:34:17,565 --> 00:34:22,005
'cause the old way of doing it
was still Azure identity driven
597
00:34:22,665 --> 00:34:26,965
but you were doing a ton with custom
roles at the end in in that one and you
598
00:34:26,965 --> 00:34:31,845
really had to get like super
granular in your definitions
599
00:34:32,025 --> 00:34:36,685
of those roles to get them to where they
needed to be and really get 'em like
600
00:34:36,685 --> 00:34:39,965
dialed in. So this is potentially
a little bit easier there.
601
00:34:39,965 --> 00:34:42,205
There might be trade-offs in
granularity or things like that.
602
00:34:42,205 --> 00:34:46,125
Like we'll see if they even introduce
like additional additional levels in
603
00:34:46,125 --> 00:34:46,585
there.
604
00:34:46,585 --> 00:34:50,645
Do you get to the point where there is
say like a query versus a read versus an
605
00:34:50,645 --> 00:34:55,645
update kind of RAC thing that you can
push in at a table level? You know,
606
00:34:55,745 --> 00:34:57,005
who knows? We'll see if it gets there.
607
00:34:57,145 --> 00:34:59,885
Got it. So that table level,
I'm reading this article more,
608
00:35:00,105 --> 00:35:03,885
the access control mode is
that differentiation has
been around for a couple
609
00:35:03,885 --> 00:35:05,285
years now. Since 2019.
610
00:35:05,675 --> 00:35:10,365
It's just the table level
RAC stuff that's in preview
611
00:35:10,825 --> 00:35:12,285
that's brand new. I.
612
00:35:12,285 --> 00:35:15,725
Think it's confusing though 'cause
technically like when I go look at the old
613
00:35:15,725 --> 00:35:19,525
stuff, the old table level
of access was also RAC.
614
00:35:19,525 --> 00:35:21,205
Like it was all based on on it.
615
00:35:21,205 --> 00:35:22,445
Was still got it Azure.
616
00:35:22,445 --> 00:35:27,045
Roles and application of those roles
to an identity, those kinds of things.
617
00:35:27,145 --> 00:35:31,845
So I think this is bringing more clarity
to what are the permissions within
618
00:35:31,845 --> 00:35:34,485
those roles and potentially
like rationalizing,
619
00:35:34,515 --> 00:35:35,925
make that management a little bit easier.
620
00:35:36,115 --> 00:35:39,325
Yeah, I found it. This is the one
disadvantaged to shared tab. Scott,
621
00:35:39,405 --> 00:35:40,238
I can't see where you are.
622
00:35:40,265 --> 00:35:44,965
The set table level read access
versus the legacy set table read
623
00:35:45,345 --> 00:35:47,405
access in this article. Huh?
624
00:35:47,515 --> 00:35:49,725
It's a confusing one but
kicking out there in preview.
625
00:35:49,755 --> 00:35:52,445
It's been in preview for I
think like a month or two now,
626
00:35:53,115 --> 00:35:56,285
like a little hot minute. So
hopefully not too much longer.
627
00:35:56,305 --> 00:35:57,765
And then that one GA's sounds.
628
00:35:57,765 --> 00:36:00,885
Good. I need to go look at this one some
more too. This one's on my list, Scott,
629
00:36:00,945 --> 00:36:03,085
my never ending list.
This one makes it there.
630
00:36:03,215 --> 00:36:05,405
There we go. Added to the
list. All right, success.
631
00:36:05,585 --> 00:36:07,845
Sounds good. Well I have a
meeting now in three minutes.
632
00:36:08,145 --> 00:36:12,965
So with that we will wrap it up
on this Monday morning and get to
633
00:36:13,105 --> 00:36:18,085
our work week a meeting and then we
have to go renew some Azure certs
634
00:36:18,085 --> 00:36:20,045
because they're expiring.
635
00:36:20,505 --> 00:36:22,645
Yep, sounds like a plan. Alright.
636
00:36:23,045 --> 00:36:24,365
. Well thanks Scott.
637
00:36:24,655 --> 00:36:28,605
Enjoy the rest of your day week and I'm
sure we will talk to you a little later
638
00:36:28,605 --> 00:36:29,245
this week. All.
639
00:36:29,245 --> 00:36:30,485
Right, thanks Ben. Yep. bye-Bye.
640
00:36:32,865 --> 00:36:36,685
If you enjoyed the podcast, go leave
us a five star rating in iTunes.
641
00:36:36,865 --> 00:36:41,405
It helps to get the word out so more
IT pros can learn about Office 365 and
642
00:36:41,415 --> 00:36:42,248
Azure.
643
00:36:42,505 --> 00:36:46,205
If you have any questions you want us
to address on the show or feedback about
644
00:36:46,225 --> 00:36:50,605
the show, feel free to reach out via
our website, Twitter, or Facebook.
645
00:36:50,865 --> 00:36:53,165
Thanks again for listening
and have a great day.
