In this article series, I will write about how we can migrate Azure Firewall Standard to Premium sku using PowerShell or Azure Resource Manageer Template. If you are using Azure Cloud, You are probably using Azure Firewall Standard in your Hub and Spoke topogolty to protect ingress and egress traffic for your services.

This article guides you with the required steps to manually migrate your Standard firewall and policy to Premium.

Before you start the migration, understand the migration tasks and plan ahead for the required maintenance window. Typical down time of 20-30 minutes is expected.

You might be managing a very complex or non-complex environment in your organization. At some point, your organization would probably have Azure Resources such as Public IP Address(s), Network Security Group(s), Traffic Manager, Virtual Network Peerings, VPN Gateway(s), etc.

I have seen this challenge in many Azure Environments. The leading question is, what is the attack surface of my organization, that can be exploited by an attacker. Identifying this type of endpoint can be complex sometimes. For all kind of these questions, we will claim the help of the Network Security Dashboard from Microsoft Azure.

The following article will explain how to register an existing physical or virtual machine running Windows to Azure Arc Control Plane using a fundamental PowerShell Script.

In order to start registering existing Windows Servers to Azure Arc, we need to install the Azure Connected Machine agent on each machine that you plan to connect using Azure Arc. Before starting this, we should ensure that we have the things below.

In our last article, I tried to explain how we can get a report for Secure Score details and assignments of Defender for Cloud Plans for each subscription. I will now expand these type of queries mainly for Virtual Networks.

If you are managing multiple Azure Hub environments, at some point, you will need to report the status of Virtual Network Peerings as well as Peering Flags for the connectivity side of it. As we said before, there are various ways to obtain it. If you have over a hundred subscriptions, I wouldn't prefer to use PowerShell for these types of reports for generating them. In my personal opinion, Azure Resource Graph is a solid and decent way to get results as an object in PowerShell, and then you can use data for generating HTML, CSV, Table Storage or updating SQL Table.

In our last article, we tried to understand Azure Resource Graph queries and use them for particular example scenarios. This part of our article series will cover Secure Score information on subscription levels. There are many different ways to accomplish this aim, but the easiest way to do this is by creating queries with Resource Graph.

Secure Secure information on Subscription level​

You can find Secure Score details under the microsoft.security/securescores. Later on, you can get the information that you wanted as a table with every property.

In the first part of our article series, we tried to understand the Azure Resource Graph service. Now with executing sample queries, let's try to detail and implement them. For example, let's suppose that we have a scenario like this: an organization with up to 500~ Azure Subscriptions that one person manages. And this person has to list all of the storage accounts.

We mentioned plenty of different ways to complete the scenario above before. If you wish, you can access this information from Azure Portal or use the Get-AzStorageAccount cmdlet on PowerShell by visiting every subscription. Of course, there is an easier way, and it is using Azure Resource Graph Query. Let's try this to get information in a more accessible way.

With this article, we will start an article series that will cover Azure Resource Graph and the particular features that make it different. You might never used or you might have never heard Azure Resource Graph before, but you will have a grasp of it with this article series. In this series, we will try to create and improve solutions that needed for real scenarios. Now without getting into detail, let's jump into our article.

What is Azure Resource Graph?​

We can define Azure Resource Graph as an Azure service extension of Azure Resource Manager for absolute beginners. To answer what it provides and why we should use it, we need to look at the examples like the actions that we can execute in subscriptions in our organization by using Azure Resource Graph. These examples are:

There are few points that I would like to address in our second article. We will cover all the configuration of Azure Front Door service. This article will be about how we can deploy Front Door service with Terraform in the most optimum way and how we can use this service more dynamically for multiple endpoint declarations. Before jumping into the article, going over the Front Door's logic and its elements might be beneficial. These elements can be listed as:

• Front Endpoints
• Binding SSL Certificate from KeyVault/Front Door Managed
• Backend Pools
• Routing Rules (https/http)
• Web Application Firewall Policy - Managed/Custom Rules

We can use Infrastructure as a Code for many distinct purposes. In this article series, we will try to understand how Terraform and Azure FrontDoor provisioning work together and make an end-to-end FrontDoor deployment. You may come across articles that compare FrontDoor and Application Gateway on this blog. FrontDoor is a successful, secure, and convenient load-balancing solution that works on Layer-7 created by Microsoft Azure. It is also used together with Microsoft services such as "Bing, Office 365, Xbox Live, MSN, LinkedIn ve Azure DevOps," and it is indeed incredible to have this infrastructure.

In the last article of our series, we will try to access the endpoint of Pipelines, and we will list pipelines expressions of all projects.

First of all, we need to look at the list of endpoint types down below.

Operation types for Pipelines​