Hi, Is this possible to update the zones of azure appgateway without having to recreate it ? Currently my app gateway is not using zones.

Edit: Idky why this some "expert" here getting pissed if I ask basic question. I am not ranting. I am adding some info. Where in doc does it says about this?

I am trying to create an AKS cluster with just 2 nodes for learning purposes, but I keep getting this error even though i have already upgraded from the free tier to the pay as you go model. I am not sure why it says insufficient quota? Can't they just assign me more quota for my cluster or am i supposed to request it ?

{"code":"InvalidTemplateDeployment","details":[{"code":"ErrCode_InsufficientVCPUQuota","message":"Preflight validation check for resource(s) for container service az-cluster in resource group az-cluster_group failed. Message: Insufficient regional vcpu quota left for location eastus. left regional vcpu quota 0, requested quota 4. Details: "}],"message":"The template deployment 'microsoft.aks-1738566358353' is not valid according to the validation procedure."}

What would be the difference in functionality between a vnet with an address space of 10.10.0.0/22 that has 4 /24 subnets defined, vs just setting the same 4 /24's as unique address spaces?

im trying to set up cluster aware updating but im running in to some intermittent issues.

When using cluster aware updating, i can only connect to the cluster with one of the cluster nodes IP addresses, the cluster name doesn't work. I found out this is because the cluster name resolves to an internal load balancer IP in azure, and there are no load balancer rules set up for all the various WinRM/RPC type stuff that Cluster aware updating relies on.

I tried editing the hosts file of my management machine so that the cluster name would resolve to each of the nodes inside of the cluster, essentially removing the need to make a load balancer rule. And this initially had some positive impact, but has gone back to displaying the exact same behaviour as before. This is just so intermittent that sometimes CAU can connect to the cluster name and start the update process, but then fails and cant contact the cluster etc.

my next step is to add a two load balancer rules that allow these ports as they are all the ones I've identified that were needed for Cluster Aware Updating to even connect to the nodes in the first place:

TCP: 0,53,88,135,137-139,389,445,464,636,1025,1026,3268,5985-5986,24158,49152-65535
UDP: 0,53,88,123,135,137-139,389,464,3343,5985-5986,24158,49152-65535

I believe the way it will work from that point is

1. CAU Makes a request to connect to Cluster name
2. Request resolves to Load balancer front end IP address
3. Load balancer accepts this and puts the request to one or both of the cluster nodes

At this point I believe it should be working. But I would really appreciate if anyone can think of any reason why this still wouldn't work, or if there is a better way of doing this?

Do you know how to resolve this?

subscription is being affected by a service health event:App Service - East AsiaStatus:Last update:ActiveImpact Statement: Starting at 01:10 UTC on 03 Feb 2025, you have been identified as a customer using App Service in East Asia

I'm currently in my 2nd semester of BSCS and planning to specialize in DevOps in future. I want to start learning about Azure and cloud computing, but I’m worried about whether DevOps will still be in demand when I graduate in 2028.

With AI automation improving rapidly, will DevOps roles be replaced, or will they evolve? Should I pivot to something else?

Also, which programming languages should I learn alongside DevOps to future-proof my skills? I’d appreciate insights from experienced professionals in the field!

If you want the architecture certification, should you take the Azure Developer Associate certification too?

I am confused because for a software architect I see value in both of these certifications somehow.

I have about 20 tables I drop and reinsert via SSMS Agent jobs daily at midnight.

Can this be automated as well in ADS? I want to move over to ADS but the one thing stopping me is automating the drop/reinsert queries referencing a Linked Server's tables.

I have SSMS on an AWS instance that runs 24/7 so this can be scheduled outside my work hours.

Hi,

a few days after my quite happy post about how I taught myself Bicep, I'm very frustrated. Since 24h I'm trying to deploy and use DeekSeep-R1. I created all resources in Europe West, in France Central etc. -- I tried a few officially supported regions. I also tried different client libraries, including different languages - Python, JavaScript. Every time I get so far that I see Metrics showing my requests - and the requests also take their time -- basically exactly the time the playground (that works perfectly) request completion takes, the request would end up with a 500 Internal Server Error - contact Microsoft for support.

openai.InternalServerError: Error code: 500 - {'error': {'code': 'InternalServerError', 'message': 'Backend returned unexpected response. Please contact Microsoft for help.'}}

What kind of bad joke is this? I delete, re-deploy, move resources around, deploy in other regions, as I want. I diagnosed, read every single best practice guide I could find; the metrics show my requests, the requests take their time -- I'm 100% way past the auth layer. The requests are probably also billed. But yet, every single time the response is a freaking 500. I copied the code from the playground 1:1. I modified it in all kinds of ways. I know exactly what I'm doing as I used the OpenAI libs for two years now.

I had this weekend for finishing a research project with great impact. If it wasn't for this freaking issue taking 24h I would have already gotten my eval results. But of course -- no, the only roadblocker becomes the infra that is absolutely unreliable and unpredictable.

I would have really expected Azure to be more professional. If it was a small startup ran by a bunch of undergraduate students, I would understand. But a global infra provider throwing 500 around without a single option to recover from that? Not a single option to get details on the root cause? Not even redeploying in various ways gets you out of trouble? No support even if you pay in big chunks? No way to open an issue, except if you're rich? And even if you were, no timely support and resolution? Unbelievable.

I basically have to throw it all in the bin now, invest in infra with another provider, only to get a working solution real quick. This must be a bad dream. It seems to be pure luck if your infra on Azure is working or not. And if no, you're just unfortunate and there is nothing you could do. Maybe open another account and try your luck. Like playing Russian roulette?

"Device registration - To use the Authenticator app for passwordless authentication, the device must be registered in the Microsoft Entra tenant and can't be a shared device. A device can only be registered in a single tenant. This limit means that only one work or school account is supported for phone sign-in using the Authenticator app."

How then do you add a second (work ) email address to your MSA, if you have only one device?

Will this increase Azure costs in Canada and Mexico by 25%?

Does anyone know if and how the new tariffs might impact Azure costs? We have a sizable deployment coming up in Canada but are a US entity.

I am working in Wipro from 2.5 years of experience in azure Administrator.But now I want to switch as azure data engineer. my question , Is it a good thing or bad thing ? ..I want to know to what to learn and any jobs for freshers ?

So with the tarriff war ramping up between US and the rest of the world; how do you reckon it will affect pricing on services such as cloud computing and CSP licenses in the EU?

Microsoft is reselling It's cloud services for the EU market through a subsidiary in Ireland. Will that setup be enough to be considered non-import and shield us from increased costs? Or are we in "nobody knows" territory and anything can happen?

I guess It's mostly up to how EU wants to implement retalitory tarriffs right, as USA is happy to export/sell.

Any predictions or qualified guesses?

To clarify. I'm not arguing it will. Just curious if it might.

Hi there, I'm studying for AZ-900 and planning to take the exam soon, followed by AZ-104.

I have a question though: before taking the exam, do you connect with the examiner and have to show them your entire room where you're taking the exam? How does that work exactly? It seems a bit confusing, especially being on a video call with others during the exam.

Do you need a webcam or laptop camera to take the exam? Also, I use a laptop plus an external monitor, and I prefer to take the exam using the monitor. Is that possible, or do I have to use just the laptop screen? Sometimes it looks like I'm looking to the side (haha, silly concerns, but I'm curious).

Could you explain how the exam process works?

New to Azure and working on building out an environment that I expect to get up to around 10 VM's. I am looking at using ALB to provide some inbound connectivity to a couple of those VM's.

All VM's will need some outbound internet access--at a minimum there is EDR agent that needs outbound. Other VM's have misc. back-end services that need outbound internet and of course there will be outbound traffic associated with the inbound traffic on a couple VM's.

From my reading, the biggest concern with relying on ALB only for outbound is that SNAT ports have to be pre-allocated, so you have to be concerned with port exhaustion from specific resources, vs. NAT Gateway which doesn't require pre-allocation.

I don't think I would run into port exhaustion even with 1 IP and doing an even split (6400 ports for 10 VM), but I could go from single IP to 2/4 prefix for less money spent than the cost for a NAT Gateway to be running 24x7.

Is there anything I am missing on the outbound side with ALB vs NAT Gateway? Is there a reason I really should add NAT Gateway to cover the outbound internet access?

I want to be able to read/write from/to an SSHFS share on a remote server from inside an Azure App Container.

I have read up on volumes, bindings, mounts but haven’t been able to find example that doesn’t use Azure Files as the shared folder.

Is there a way to do this? And if there is, how do I set it up?

When I create a normal user in my tenant, when I sign in for the first time, it prompts me to create MFA. When I click "next", I get MFA policy is misconfigured. Work with your admin to enable notification and verification code for mobile app in the policy. If I create a global admin, this does not happen, MFA is created as I would expect.

I have verified that "Security Defaults" are enabled in Entra ID, what else can I look at to solve my issue?

Thanks in advance

EDIT: I believe this was user error; I was telling users to use TOTP MFA, but I never enabled that method in Entra. Hopefully this helps someone else who does something dumb like me.

I'm trying to set up a SAML SSO when Firebase is my SP and Entra ID (formally Azure ad) is my IDP but I keep getting mismatch errors:

{     "error": {         "code": "auth/invalid-credential",         "message": "SAML Response <Issuer> mismatch."     } }

This is how I configured both Firebase and Entra ID:
(followed Scott's advise here)

https://preview.redd.it/wokhv6owtpge1.png?width=1485&format=png&auto=webp&s=c4a1dbe1d74433d36e2150827337aff8ebb091b4

Hi all,
I am a developer.
I need to familiarize with Teams and recordings, I need to send them to an Azure function.
Therefore I was even willing to pay for the premium account just to learn what I need.
I have created a brand new account located this time in Switzerland using my internet domain, however now I am stuck anyways because for Switzerland it requires a vat tax id.
I am fairly new to Switzerland and I don't have a company, but even if I had one in many places it is not even mandatory to register for VAT ID.
What do you suggest?

I’ve got a couple of logic apps that are costing approximately $40 a month each. Not a huge amount by any means but when the others are less than a dollar it adds up. It seems like the high costs is because it’s using the sharepoint “when file is created or modified” connector.

My understanding was it only triggers when a file is created or modified (duh) and would then charge for the execution. It seems like maybe it instead is constantly checking for file changes and will charge accordingly. Is this correct? The folder it is looking for is only changed once or twice a week but we need it to fire off straight away when a file exists there.

So basically I’m currently in Canada and Az-104 costs me 140USD to schedule. I am basically an Indian citizen so can I schedule the exam in India. As the exam is online and would cost me around 70USD( converted price from Indian Rupees) to schedule.

Where can I find the AZ-900 course to start prepping for the exam?

I see there are many courses in Udemy but I’m not sure which would the “Right” or more qualified one. I’m looking to start my Azure journey.

Thanks!

Hi!

I want to join an Azure VM to an AD Domain. The DC runs on a different Azure Vm in the same subnet. However it does not find the domain due to DNS issues.

How can I set the DNS server for that particular VM? I don’t want to do it on the VNet, because there are other ressources in this VNet as well

Hi everyone

I have recently bought whizlabs for az 104 and I am unable to create a resource groups via cloud sandbox environment as well as labs and their support is not responsive during night times.

Can anyone suggest why this is happening?

Are they really worth it?

Because at the time of purchasing there were quite quick in responding to the questions I had.

Please advise

Hello, I created a free Azure account to study and work on a small project. I couldn't create the MySQL database due to an error, so I gave up. Shortly after, I tried to cancel my subscription (even though I hadn't created anything), but I was told that I can't cancel my free subscription because I'm no

My linked Gmail account is the one I use to access Office tools. What can I do?

I have an Azure Communication Services (ACS) project and am looking for experts to help me out (paid, of course). Send me a DM if you are interested.

Impossible to fail?

My data provider doesn't want us to use delta share connector in synapse piepline. I can use function app and use python. Any suggestions on how to do that?