It has been a while since I wrote a blog post. New house and new responsibilities at work kept me kind of tied up for quite a while, but I have some posts I have been wanting to write for a while so here is the first one.
Azure Arc.
What is Azure Arc? According to the official Azure Arc page located here, it allows you to “Bring Azure services and management to any infrastructure”. OK, great. What does that mean?
In a nutshell, it allows you to treat non-Azure VMs (as well as SQL Servers and Kubernetes which I will NOT be covering in this post) as if they were Azure VMs. This means you can do almost everything you can do to an Azure Arc VM that you could do to an Azure VM. One thing that is missing, understandably, is the ability to remote into the VM from the portal page.
The screenshot below shows you an Ubuntu VM running on my local PC connected to my Azure tenant via Azure Arc. As you can see most of the features that you could see in an Azure VM are present. It even gives you advisor hints as you can see at the top of the image. It should be noted that some of the features shown, including Update management and Inventory, do not work via the portal even though they are shown.
Note the advisor hint is about installing the Log Analytics agent AKA the Microsoft Monitor Agent which we use with Azure Sentinel. By using Azure Arc, you can now create policies that can automatically install the agent for you!
You do still need to access each machine to install the Azure Arc agent however there is a way to do this using a Service Principal account to make it easier. For more information on how to do that, go to this page.
This is really just the tip of the iceberg as to what Azure Arc can do and how it can benefit you. I highly recommend that you take a look at it if you have any non-Azure VMs and see how it may benefit you!