<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: okunola babatunde</title>
    <description>The latest articles on DEV Community by okunola babatunde (@okunola_babatunde_dff5cbd).</description>
    <link>https://dev.to/okunola_babatunde_dff5cbd</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2444490%2Fd83433fe-0cda-430e-ba78-2986e039a2fb.jpg</url>
      <title>DEV Community: okunola babatunde</title>
      <link>https://dev.to/okunola_babatunde_dff5cbd</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/okunola_babatunde_dff5cbd"/>
    <language>en</language>
    <item>
      <title>Mission 1: Arm Your Workstation</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Sun, 28 Jun 2026 17:15:16 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/mission-1-arm-your-workstation-438i</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/mission-1-arm-your-workstation-438i</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction:&lt;/strong&gt;&lt;br&gt;
Before anything else, your workstation is either your launchpad or your bottleneck. That’s what “Mission 1: Arm Your Workstation” is about.&lt;/p&gt;

&lt;p&gt;It’s the foundation of every serious developer journey. Not the language, not the framework, but the environment where everything happens. You can’t build fast or think clearly in a setup that constantly slows you down.&lt;/p&gt;

&lt;p&gt;Arming your workstation means turning your tools into a system. Your laptop becomes a command center, VS Code your cockpit, and the terminal your control room. Git, GitHub, Node.js, Docker, Postman, and Chrome DevTools stop being random tools and start working like a unified arsenal.&lt;/p&gt;

&lt;p&gt;But it’s not just software, it’s flow. The goal is to remove friction so ideas move smoothly from thought to execution. A clean, structured setup means less confusion and more building.&lt;/p&gt;

&lt;p&gt;Most beginners skip this. They jump into tutorials with messy environments and scattered tools, then wonder why progress feels slow. Professionals do the opposite, they build the environment first.&lt;/p&gt;

&lt;p&gt;So the mission is simple: set up your system like someone building at scale, not experimenting casually.&lt;/p&gt;

&lt;p&gt;Once your workstation is armed, everything changes. You don’t just learn faster, you execute better, think sharper, and build with momentum.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Implementation Guide&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Upgrade Local Arsenal&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Instruction Summary:&lt;/strong&gt;&lt;br&gt;
Refreshes your computer's package list and upgrades installed software to their latest, shiniest versions.&lt;br&gt;
Why It's Needed:&lt;/p&gt;

&lt;p&gt;A fully patched system keeps the gremlins away and prevents annoying errors when installing new tools.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Pillar Connection:&lt;/strong&gt;&lt;br&gt;
Operational Excellence — Keeping your digital house clean and ready for action.&lt;br&gt;
In order to refresh the package list so you can get the latest versions when installing. Run this Command on your system terminal*&lt;em&gt;"winget upgrade --all"&lt;/em&gt;*&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5k2nu4qf23d4rjhd2ass.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5k2nu4qf23d4rjhd2ass.png" alt="winget upgrade all" width="800" height="111"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fpj39qf8u7ppyedryam6w.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fpj39qf8u7ppyedryam6w.png" alt="app" width="800" height="128"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F37h6ohgpyahcbvm6tncs.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F37h6ohgpyahcbvm6tncs.png" alt="app" width="721" height="171"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fgaxbitdycubsd2oak2s1.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fgaxbitdycubsd2oak2s1.png" alt="app" width="797" height="133"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkzng0obo1fv4f0n4i0fm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkzng0obo1fv4f0n4i0fm.png" alt="app" width="800" height="241"&gt;&lt;/a&gt;. The applications highlighted above were successfully upgraded&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Install Git, Curl, and Docker&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Instruction Summary:&lt;/strong&gt;&lt;br&gt;
Installs** Git** (your code time-machine), &lt;strong&gt;Curl&lt;/strong&gt; (for downloading stuff), and &lt;strong&gt;Docker&lt;/strong&gt; (for running apps in isolated boxes).&lt;br&gt;
&lt;strong&gt;Why It's Needed:&lt;/strong&gt;&lt;br&gt;
These three tools are the absolute foundation of modern tech. You'll use them every single day!&lt;br&gt;
&lt;strong&gt;Pillar Connection:&lt;/strong&gt;&lt;br&gt;
Operational Excellence — Equipping yourself with industry-standard tools.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F9d4tfartbib4k99u43ov.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F9d4tfartbib4k99u43ov.png" alt="app" width="799" height="224"&gt;&lt;/a&gt;. The above applications have to be run individually to have them installed.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fjsjsmehqwbsczckktdub.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fjsjsmehqwbsczckktdub.png" alt="Git" width="800" height="159"&gt;&lt;/a&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8oh2ogjtu30g9icqgz55.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8oh2ogjtu30g9icqgz55.png" alt="Git" width="715" height="71"&gt;&lt;/a&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Finmk3uaz47d7vf44otqw.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Finmk3uaz47d7vf44otqw.png" alt="Git" width="800" height="186"&gt;&lt;/a&gt;&lt;br&gt;
Prints the installed Docker version to verify it's set up.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fh3xsyo5s1thrvmlud6nn.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fh3xsyo5s1thrvmlud6nn.png" alt="Git" width="800" height="35"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;3.** Introduce Yourself to Git**&lt;br&gt;
&lt;strong&gt;Instruction Summary:&lt;/strong&gt;&lt;br&gt;
Tells Git who you are so it can slap your name on every awesome piece of code you write.&lt;br&gt;
&lt;strong&gt;Why It's Needed:&lt;/strong&gt;&lt;br&gt;
Since we just installed Git, it needs to know who's driving! Without this, you can't save (commit) your work.&lt;br&gt;
&lt;strong&gt;Pillar Connection:&lt;/strong&gt;&lt;br&gt;
Security &amp;amp; Auditing: Knowing exactly who made what change.&lt;br&gt;
Run the following commands;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkp9vjy5szji9uenn3u3b.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkp9vjy5szji9uenn3u3b.png" alt="git config" width="799" height="224"&gt;&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Sets Git configuration (user name)&lt;/strong&gt;.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fge8w7h40l7lbmqpbaclm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fge8w7h40l7lbmqpbaclm.png" alt="GIT" width="800" height="46"&gt;&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Sets Git configuration (email).&lt;/strong&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fst5a6qhprwd2pg01lcvm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fst5a6qhprwd2pg01lcvm.png" alt="git" width="794" height="60"&gt;&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Sets Git configuration (user name, email, aliases, etc.)&lt;/strong&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxssnlydxzc9ze1cgl3qp.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fxssnlydxzc9ze1cgl3qp.png" alt="Git" width="800" height="273"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Create a GitHub Repository
&lt;strong&gt;Instruction Summary:&lt;/strong&gt;
Creates a remote home for your code on GitHub — think of it as your project's cloud backup and portfolio piece.
&lt;strong&gt;Why It's Needed&lt;/strong&gt;:
In real DevOps, code lives in a remote repository so the whole team can collaborate, CI/CD pipelines can trigger, and nothing is lost if your laptop catches fire!
&lt;strong&gt;Pillar Connection:&lt;/strong&gt;
Collaboration &amp;amp; Sharing — Every professional project needs a central remote repository.

&lt;ol&gt;
&lt;li&gt;Go to &lt;a href="https://github.com" rel="noopener noreferrer"&gt;https://github.com&lt;/a&gt; and sign in (or create an account if you don't have one)
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Ffjttxf2a8nr8qfldre3h.png" alt="github" width="796" height="33"&gt;
&lt;/li&gt;
&lt;/ol&gt;
&lt;/li&gt;
&lt;li&gt;Click the '+' icon in the top-right corner → 'New repository'
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fp29qbq4ndi6wc3za46ub.png" alt="github" width="649" height="65"&gt;
&lt;/li&gt;
&lt;li&gt;Name it: devops-lab
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fyfpdgvt2mvxnw9rcmxqe.png" alt="devops-lab1" width="800" height="174"&gt;
&lt;/li&gt;
&lt;li&gt;Leave it PUBLIC, do NOT add a README (we'll push our own code)
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Finvq5c0b1cg7rqyba0e8.png" alt="public" width="799" height="180"&gt;
&lt;/li&gt;
&lt;li&gt;Click 'Create repository'
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fnvzd23qqvrdbxeklmxnk.png" alt="create repository" width="799" height="278"&gt;
&lt;/li&gt;
&lt;li&gt;Copy the HTTPS URL — it will look like: &lt;a href="https://github.com/YOUR-USERNAME/devops-lab.git" rel="noopener noreferrer"&gt;https://github.com/YOUR-USERNAME/devops-lab.git&lt;/a&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F78zgl1tw0f4bnly5uvm2.png" alt="https" width="800" height="118"&gt;
&lt;strong&gt;&lt;a href="https://github.com/BAOKONCEPTS/devops-lab1.git" rel="noopener noreferrer"&gt;https://github.com/BAOKONCEPTS/devops-lab1.git&lt;/a&gt;&lt;/strong&gt;
## Summary
&lt;strong&gt;Mission 1: Arm Your Workstation&lt;/strong&gt; focuses on setting up a strong development environment before writing code. A well-prepared workstation gives you structure, speed, focus, and confidence. Tools like &lt;strong&gt;VS Code, Terminal, Git, GitHub, Curl, Docker,and Chrome DevTools&lt;/strong&gt; become part of your daily workflow, helping you build, test, debug, and deploy more efficiently.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;## Conclusion&lt;/strong&gt;&lt;br&gt;
A strong setup creates a stronger developer. When your workstation is organized and properly equipped, you reduce frustration, avoid setup problems, and build with more confidence. Before building great projects, you must first build the environment that supports your growth.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;## Key Takeaways&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Your workstation is the foundation of your developer journey.&lt;/li&gt;
&lt;li&gt;The right tools help you work faster and smarter.&lt;/li&gt;
&lt;li&gt;A clean setup reduces confusion and wastes time.&lt;/li&gt;
&lt;li&gt;Your laptop or PC should function like a command center.&lt;/li&gt;
&lt;li&gt;Good preparation helps you focus on building, not fixing setup issues.&lt;/li&gt;
&lt;li&gt;Professionals prepare before they build.&lt;/li&gt;
&lt;li&gt;strong workstation gives you confidence and momentum.&lt;/li&gt;
&lt;/ol&gt;

</description>
      <category>developertools</category>
      <category>workstationsetup</category>
      <category>terminalsetup</category>
      <category>armyourworkstation</category>
    </item>
    <item>
      <title># Securing Azure with Microsoft Defender for Cloud: Enabling Defender for Servers Plan 2 and Strengthening Compliance Controls</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Mon, 22 Jun 2026 20:27:32 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/-securing-azure-with-microsoft-defender-for-cloud-enabling-defender-for-servers-plan-2-and-1ol0</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/-securing-azure-with-microsoft-defender-for-cloud-enabling-defender-for-servers-plan-2-and-1ol0</guid>
      <description>&lt;h2&gt;
  
  
  Introduction
&lt;/h2&gt;

&lt;p&gt;As organizations continue to move critical workloads to the cloud, security has become a shared responsibility between cloud providers and customers. While cloud platforms such as Microsoft Azure provide a secure foundation, it is equally important for administrators and security professionals to actively monitor, protect, and maintain the security posture of their cloud resources.&lt;/p&gt;

&lt;p&gt;To gain practical experience in cloud security, I recently completed a hands-on exercise focused on Securing Azure with Microsoft Defender for Cloud Compliance Controls. The primary objective was to configure and enable Microsoft Defender for Servers Plan 2 within an Azure subscription, allowing for enhanced threat detection, vulnerability assessment, and security monitoring across cloud resources.&lt;/p&gt;

&lt;p&gt;This exercise provided valuable insights into how organizations can proactively identify security risks, meet compliance requirements, and strengthen their overall cloud security posture.&lt;/p&gt;

&lt;h2&gt;
  
  
  Understanding Microsoft Defender for Cloud
&lt;/h2&gt;

&lt;p&gt;Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) solution designed to help organizations secure their cloud environments.&lt;/p&gt;

&lt;p&gt;It continuously assesses Azure resources, identifies security weaknesses, provides actionable recommendations, and helps organizations stay aligned with industry security standards and compliance requirements.&lt;/p&gt;

&lt;h2&gt;
  
  
  Some of its key capabilities include:
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continuous security assessment&lt;/li&gt;
&lt;li&gt;Threat detection and alerting&lt;/li&gt;
&lt;li&gt;Vulnerability management&lt;/li&gt;
&lt;li&gt;Security recommendations&lt;/li&gt;
&lt;li&gt;Regulatory compliance monitoring&lt;/li&gt;
&lt;li&gt;Advanced workload protection&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;By leveraging these capabilities, organizations can move from a reactive security approach to a proactive security strategy.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why Defender for Servers Plan 2?
&lt;/h2&gt;

&lt;p&gt;Microsoft Defender for Servers Plan 2 provides advanced protection for Azure and hybrid servers. It extends beyond traditional security monitoring by offering deeper visibility into threats and vulnerabilities.&lt;/p&gt;

&lt;h2&gt;
  
  
  Key benefits include:
&lt;/h2&gt;

&lt;p&gt;i. Vulnerability Assessment&lt;/p&gt;

&lt;p&gt;The solution continuously scans servers for security weaknesses, outdated software, and misconfigurations that attackers may exploit.&lt;/p&gt;

&lt;p&gt;ii. Threat Detection&lt;/p&gt;

&lt;p&gt;It analyzes activities and behaviors across workloads to identify suspicious activities and potential security threats in real time.&lt;/p&gt;

&lt;p&gt;iii. Endpoint Protection Integration&lt;/p&gt;

&lt;p&gt;Defender for Servers integrates with Microsoft Defender for Endpoint, providing advanced endpoint detection and response capabilities.&lt;/p&gt;

&lt;p&gt;iv. File Integrity Monitoring&lt;/p&gt;

&lt;p&gt;Administrators can track critical file changes that may indicate unauthorized access or malicious activity.&lt;/p&gt;

&lt;p&gt;v. Security Recommendations&lt;/p&gt;

&lt;p&gt;The platform generates prioritized recommendations that help improve the security posture of cloud resources.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Skilling tasks:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Configuring Microsoft Defender for Cloud Enhanced Security Features for Servers&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Review the ehanced security features for Microsoft Defender for Servers Plan 2&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Exercise Instruction:&lt;/strong&gt; Configuring Microsoft Defender for Cloud Enhanced Security Features for Servers&lt;/p&gt;

&lt;p&gt;However, in this guide, a step-by-step hands-on approach has been carefully outlined to demonstrate how to configure Microsoft Defender for Cloud Enhanced Security Features for Servers. The objective is to provide a practical and easy-to-follow learning experience that helps readers understand the configuration process, security benefits, and best practices for protecting Azure server workloads.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;Start a browser session and sign-in to the Azure portal menu.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Feq13ck3ahmddqgh9v696.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Feq13ck3ahmddqgh9v696.png" alt="sign-in to the Azure portal menu" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;In the Azure portal, in the Search resources, services, and docs text box at the top of the Azure portal page, type Microsoft Defender for Cloud and press the Enter key.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fubgaob5ucexkhuqbophs.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fubgaob5ucexkhuqbophs.png" alt="Microsoft Defender for Cloud" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;On the Microsoft Defender for Cloud, Management blade, go to the Environment settings. Expand the environment settings folders until the subscription section is displayed, then click the subscription to view details.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Funtlogx6j5qrwuyn2tys.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Funtlogx6j5qrwuyn2tys.png" alt="Expand the environment settings folders" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;In the Settings blade, under Defender plans, expand Cloud Workload Protection (CWP).&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fv8bbghm9mhrd8lx8av49.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fv8bbghm9mhrd8lx8av49.png" alt="Workload Protection (CWP)" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;From the Cloud Workload Protection (CWP) Plan list, select Servers. On the right side of the page, change the Status from Off to On, then click Save.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Frx71g2dm8rxwo4ee8blw.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Frx71g2dm8rxwo4ee8blw.png" alt="change the Status from Off to On" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;To review the details of Microsoft Defender for Servers Plan 2, select Change plan &amp;gt;.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fdy4oyumn5j1kf21n6k4m.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fdy4oyumn5j1kf21n6k4m.png" alt="Microsoft Defender for Servers Plan 2" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;To review the details of Microsoft Defender for Servers Plan 1, select Change plan &amp;gt;.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Frj7k60wc99mxud9ikoi1.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Frj7k60wc99mxud9ikoi1.png" alt="Microsoft Defender for Servers Plan 1" width="800" height="391"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Key Lessons Learned
&lt;/h2&gt;

&lt;p&gt;This hands-on experience reinforced several important cloud security concepts:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Security should be integrated into cloud deployments from the beginning rather than treated as an afterthought.&lt;/li&gt;
&lt;li&gt;Continuous monitoring is essential for identifying emerging threats and vulnerabilities.&lt;/li&gt;
&lt;li&gt;Compliance and security go hand in hand, helping organizations maintain trust and meet regulatory requirements.&lt;/li&gt;
&lt;li&gt;Automated recommendations can significantly reduce the effort required to improve cloud security.&lt;/li&gt;
&lt;li&gt;Defender for Cloud provides a centralized platform for managing security across Azure resources.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Business Value of Microsoft Defender for Cloud
&lt;/h2&gt;

&lt;p&gt;From a business perspective, Microsoft Defender for Cloud helps organizations:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Reduce security risks&lt;/li&gt;
&lt;li&gt;Improve compliance readiness&lt;/li&gt;
&lt;li&gt;Detect threats earlier&lt;/li&gt;
&lt;li&gt;Strengthen governance practices&lt;/li&gt;
&lt;li&gt;Protect critical business workloads&lt;/li&gt;
&lt;li&gt;Enhance visibility across cloud environments&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These capabilities ultimately contribute to a stronger and more resilient security posture.&lt;/p&gt;

&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;As more organizations continue to embrace the cloud, security is no longer something that can be treated as an afterthought—it has to be a priority from day one. Through this hands-on exercise, I had the opportunity to explore Microsoft Defender for Cloud and gain practical experience enabling Defender for Servers Plan 2 within an Azure environment.&lt;/p&gt;

&lt;p&gt;What stood out to me was how Microsoft Defender for Cloud simplifies the process of identifying security gaps, monitoring potential threats, and maintaining compliance from a single, centralized platform. It gave me a clearer understanding of how Azure administrators and security teams can take a proactive approach to protecting cloud resources rather than reacting to issues after they occur.&lt;/p&gt;

&lt;p&gt;As cloud environments continue to grow in scale and complexity, solutions like Microsoft Defender for Cloud become increasingly valuable. They help organizations strengthen their security posture, stay compliant with industry standards, and remain resilient against the ever-evolving landscape of cyber threats.&lt;/p&gt;

&lt;h2&gt;
  
  
  Summary
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Explored Microsoft Defender for Cloud&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Enabled Microsoft Defender for Servers Plan 2&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Reviewed security posture and recommendations&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Examined compliance controls and regulatory standards&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Learned how continuous monitoring improves cloud security&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Gained practical experience in protecting Azure workloads against modern threats&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>azure</category>
      <category>microsoftdefender</category>
      <category>cloudsecurity</category>
      <category>serversecurity</category>
    </item>
    <item>
      <title>Arm Your Workstation: The Holy Trinity of DevOps Tools</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Mon, 08 Jun 2026 11:47:57 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/arm-your-workstation-the-holy-trinity-of-devops-tools-8an</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/arm-your-workstation-the-holy-trinity-of-devops-tools-8an</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction:&lt;/strong&gt;&lt;br&gt;
When you’re setting up your development environment, it can feel a little like gearing up for battle. Every superhero has their gadget belt, and as developers, ours comes in the form of tools that make us faster, stronger, and more resilient. Three of the most essential gadgets you’ll want to strap on are Git, Curl, and Docker. Together, they give you control over your code history, the ability to talk to any server or API, and the power to run applications in neat, portable containers. Think of them as your starter pack for tackling real‑world DevOps challenges.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Implementation Guide&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Upgrade Local Arsenal&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Instruction Summary&lt;/strong&gt;&lt;br&gt;
Refreshes your computer's package list and upgrades installed software to their latest, shiniest versions.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why It's Needed&lt;/strong&gt;&lt;br&gt;
A fully patched system keeps the gremlins away and prevents annoying errors when installing new tools.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Pillar Connection&lt;/strong&gt;&lt;br&gt;
Operational Excellence — Keeping your digital house clean and ready for action.&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdh2xhhmvbls5u7klbsmm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdh2xhhmvbls5u7klbsmm.png" alt="winget install --all" width="798" height="100"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx3fz9tzwn0uqysn1ubij.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx3fz9tzwn0uqysn1ubij.png" alt="winget update --all" width="800" height="454"&gt;&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;2. Install Git, Curl, and Docker&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Instruction Summary&lt;/strong&gt;&lt;br&gt;
Installs Git (your code time-machine), Curl (for downloading stuff), and Docker (for running apps in isolated boxes).&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7iiy51uomvzpvaqjpnzc.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7iiy51uomvzpvaqjpnzc.png" alt="install Git, Curl and Docker" width="800" height="190"&gt;&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Why It's Needed:&lt;/strong&gt;&lt;br&gt;
These three tools are the absolute foundation of modern tech. You'll use them every single day!&lt;br&gt;
&lt;strong&gt;Pillar Connection:&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Operational Excellence&lt;/strong&gt; — Equipping yourself with industry-standard tools.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;To install Git, run this Command &lt;strong&gt;"winget install -e --id Git.Git"&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv059cxg7hlkw2bcy17co.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv059cxg7hlkw2bcy17co.png" alt="winget install -e --id Git.Git" width="800" height="134"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;To install Docker, use this command &lt;strong&gt;"winget install -e --id Docker.Dockerdesktop"&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0dbazadir6esyb4ywlqa.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0dbazadir6esyb4ywlqa.png" alt="winget install -e --id Docker.Dockerdesktop" width="797" height="128"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;To install curl, apply this command &lt;strong&gt;"winget install - e --id 
CURL.CURL"&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0bybp7h0pn8bglatr42j.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0bybp7h0pn8bglatr42j.png" alt="winget install -e --id CURL.CURL" width="800" height="193"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;To verify the installation of Git, run this command &lt;strong&gt;"git --version"&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhueuuqhpiolph2sktc81.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhueuuqhpiolph2sktc81.png" alt="git --version" width="797" height="92"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;To verify the installation of &lt;strong&gt;docker&lt;/strong&gt;, run this command &lt;strong&gt;"docker --version"&lt;/strong&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffi9rlvslkx8m6p5p0g99.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffi9rlvslkx8m6p5p0g99.png" alt="To verify Docker is properly installed" width="798" height="153"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;To verify the version of &lt;strong&gt;Curl *&lt;em&gt;installed, run this command *&lt;/em&gt;"curl --version"&lt;/strong&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff9zrma49im6fp7wv4e4k.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff9zrma49im6fp7wv4e4k.png" alt="to verify the version of curl installed" width="800" height="137"&gt;&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;3. Introduce Yourself to Git&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Instruction Summary:&lt;/strong&gt;&lt;br&gt;
Tells Git who you are so it can snap your name on every awesome piece of code you write.&lt;br&gt;
&lt;strong&gt;Why It's Needed:&lt;/strong&gt;&lt;br&gt;
Since we just installed Git, it needs to know who's driving! Without this, you can't save (commit) your work.&lt;br&gt;
&lt;strong&gt;Pillar Connection:&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Security &amp;amp; Auditing&lt;/strong&gt; — Knowing exactly who made what change. Your identity is needed to show and recognized by git, for the proper snapping of the code you are working it through any text editor. Do follow the underlisted procedure to walk you through;&lt;br&gt;
a. Sets Git configuration (user name,)&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;To configure your username, run this command &lt;strong&gt;"git config --global user.name 'Okunola Babatunde'"&lt;/strong&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5z2gsuyw1ovb5rw3trsx.png" alt="To configure user.name" width="800" height="67"&gt;
&lt;/li&gt;
&lt;li&gt;Sets Git configuration (email). To configure user email address, run this command &lt;strong&gt;"git config --global user.email 'your e-mail address'"&lt;/strong&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjjwbgkkv7frzq77rqadp.png" alt="to set user.email address." width="800" height="125"&gt;
&lt;/li&gt;
&lt;li&gt;To verify the existence of user name and user email address have been created, run this command &lt;strong&gt;"git config --list"&lt;/strong&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flye6hm286qjkwd8xmp4v.png" alt="to confirm user name and user email address exist" width="799" height="299"&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;4. Create a GitHub Repository&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Instruction Summary:&lt;/strong&gt; Creates a remote home for your code on GitHub — think of it as your project's cloud backup and portfolio piece.&lt;br&gt;
&lt;strong&gt;Why It's Needed:&lt;/strong&gt; In real DevOps, code lives in a remote repository so the whole team can collaborate, CI/CD pipelines can trigger, and nothing is lost if your laptop catches fire!&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Pillar Connection:&lt;/strong&gt; Collaboration &amp;amp; Sharing — Every professional project needs a central remote repository.&lt;/p&gt;

&lt;h1&gt;
  
  
  1. Go to &lt;a href="https://github.com" rel="noopener noreferrer"&gt;https://github.com&lt;/a&gt; and sign in (or create an account if you don't have one). I have already created an account.
&lt;/h1&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr3slj54uvtdxuxy15ugb.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr3slj54uvtdxuxy15ugb.png" alt="github account creation" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  2. Click the '+' icon in the top-right corner → 'New repository'
&lt;/h1&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F51f6whdn2eln4hpxmtdm.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F51f6whdn2eln4hpxmtdm.png" alt="create a new repository" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  3. Name it: devops-lab
&lt;/h1&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F18vhulrd7oeok6p6mlb7.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F18vhulrd7oeok6p6mlb7.png" alt="devops lab" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  4. Leave it PUBLIC, do NOT add a README (we'll push our own code)
&lt;/h1&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi5l7luwk5u8ig8y8yyzy.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi5l7luwk5u8ig8y8yyzy.png" alt="leave it public" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  5. Click 'Create repository'
&lt;/h1&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsmmpnaphnu10zi0kd6x1.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsmmpnaphnu10zi0kd6x1.png" alt="create repo" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h1&gt;
  
  
  6. Copy the HTTPS URL — it will look like: &lt;a href="https://github.com/BAOKONCEPTS/devops-lab.git" rel="noopener noreferrer"&gt;https://github.com/BAOKONCEPTS/devops-lab.git&lt;/a&gt;
&lt;/h1&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiaiabgry6uam44wu7u7d.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiaiabgry6uam44wu7u7d.png" alt="copy url" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Summarily, setting up a development environment is more than just installing software — it’s about equipping yourself with the right tools to thrive. Git, Curl, and Docker act like a developer’s starter kit, each serving a distinct but complementary role. Git keeps track of your code’s history and evolution, Curl lets you communicate directly with servers and APIs, and Docker provides a portable way to run applications consistently across environments. Together, they form the backbone of modern DevOps practices, giving developers confidence and agility in tackling real-world challenges.&lt;/p&gt;

&lt;p&gt;In conclusion, think of Git, Curl, and Docker not just as technical utilities, but as companions on your coding journey. They empower you to collaborate without fear of losing progress, to experiment with APIs like a curious explorer, and to deploy applications with the ease of carrying them in your pocket. In a world where development can feel overwhelming, these tools remind us that resilience comes from preparation. Mastering them isn’t just about writing better code — it’s about becoming a developer who can adapt, communicate, and build with confidence.&lt;/p&gt;

</description>
      <category>devops</category>
      <category>curl</category>
      <category>workstationsetup</category>
      <category>git</category>
    </item>
    <item>
      <title>Create DNS zones and configure DNS settings</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Thu, 28 May 2026 20:28:23 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/create-dns-zones-and-configure-dns-settings-56d6</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/create-dns-zones-and-configure-dns-settings-56d6</guid>
      <description>&lt;p&gt;Introduction:&lt;br&gt;
Managing communication between workloads becomes much easier when services can connect using domain names instead of complex IP addresses. In this scenario, the organization wants to simplify internal name resolution within its Azure environment without deploying and maintaining a custom DNS infrastructure.&lt;/p&gt;

&lt;p&gt;To achieve this, a private DNS zone for contoso.com is created and linked to the application virtual network (app-vnet). This allows resources within the virtual network to automatically resolve internal domain names securely and efficiently. DNS records are also configured for the backend subnet to support seamless communication between workloads and services.&lt;/p&gt;

&lt;p&gt;This setup demonstrates how Azure Private DNS can provide a simple, scalable, and cloud-native solution for internal name resolution across Azure virtual networks.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Scenario&lt;/strong&gt;&lt;br&gt;
Your organization requires workloads to use domain names instead of IP addresses for internal communications. The organization doesn’t want to add a custom DNS solution. You identify these requirements.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A private DNS zone is required for contoso.com.&lt;/li&gt;
&lt;li&gt;The DNS will use a virtual network link to app-vnet.&lt;/li&gt;
&lt;li&gt;A new DNS record is required for the backend subnet.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Skilling tasks&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Create and configure a private DNS zone.&lt;/li&gt;
&lt;li&gt;Create and configure DNS records.&lt;/li&gt;
&lt;li&gt;Configure DNS settings on a virtual network.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;In this lab, I’ve shared a practical and easy-to-follow walkthrough for creating and configuring Azure Private DNS resources. The guide is structured to simplify the deployment process while helping you better understand how private DNS zones, virtual network links, and DNS records work together to support secure and reliable internal communication within Azure environments.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Exercise instructions&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Note:&lt;/strong&gt; This exercise requires the Lab 01 virtual networks and subnets to be installed. A template is provided if you need to deploy those resources.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Create a private DNS zone&lt;/strong&gt;&lt;br&gt;
Azure Private DNS provides a reliable, secure DNS service to manage and resolve domain names in a virtual network without the need to add a custom DNS solution. By using private DNS zones, you can use your own custom domain names rather than the Azure-provided names.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;On the Azure portal, search for and select Private dns zones.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsodcbksmodvwpb3zah83.png" alt="Private dns zones" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Create and configure the DNS zone.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbjsxxa6xkbnv3sv7e093.png" alt="Private dns zones" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Subscription    Select your subscription&lt;br&gt;
Resource group  RG1&lt;br&gt;
Name    private.contoso.com&lt;br&gt;
Region  East US&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Select Review + create and then select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fam8ixm55i802ouwus9nq.png" alt="select Create" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz7hqob9e3tzyn55fxevk.png" alt="select Create" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Wait for the DNS zone to deploy, and then select Go to resource.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fni35fmhgdoxmku39yaaf.png" alt="Go to resource" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Create a virtual network link to your private DNS zone&lt;/strong&gt;&lt;br&gt;
To resolve DNS records in a private DNS zone, resources must be linked to the private zone. A virtual network link associates the virtual network to the private zone.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the portal, continue working on the private.contoso.com DNS zone.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv10d38cshjzdrlmvx0y4.png" alt="DNS zone." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the DNS Management blade, select + Virtual network links.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0dgddukpwvjz8nvwx4ra.png" alt="Virtual network links" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Add” and configure the virtual network link.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Link name   app-vnet-link&lt;br&gt;
Virtual network app-vnet&lt;br&gt;
Enable auto registration    Enabled&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Faif2houmfkfjcqcuxmgu.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Faif2houmfkfjcqcuxmgu.png" alt="virtual network link" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Select Create and wait for the deployment to finish. If necessary, Refresh the page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn3coygbavld9jrpaimvr.png" alt="the deployment to finish" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxezn4zhb6kifgp7knmtn.png" alt="the deployment to finish" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Create a DNS record set&lt;/strong&gt;&lt;br&gt;
DNS records provide information about the DNS zone.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the portal, continue working on the private.contoso.com DNS zone.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsbxjvptalsyrjn9ljnp1.png" alt="DNS zone." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the DNS Management blade, select + Recordsets.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqhifban5sv7i591zl37c.png" alt="Recordsets" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Notice that two A records have automatically been created for each of the virtual machines.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftoh7s2i43yckzz2ew412.png" alt="two A records have automatically been created" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Add and configure a record set. When finished select Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwaog9buabrk83t4bmh2v.png" alt="record set" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Name    backend&lt;br&gt;
Type    A&lt;br&gt;
TTL 1&lt;br&gt;
IP address  10.1.1.5&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fds97wcgz94nuwtou5sx9.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fds97wcgz94nuwtou5sx9.png" alt="a private IP address" width="800" height="427"&gt;&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Note:&lt;/strong&gt; This record set implies there is a virtual machine in app-vnet with a private IP address of 10.1.1.5.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Summary:&lt;/strong&gt;&lt;br&gt;
This exercise focuses on configuring Azure Private DNS to enable internal domain name resolution within an Azure virtual network environment. A private DNS zone is created for contoso.com and linked to app-vnet using a virtual network link, allowing resources in the network to communicate using domain names instead of IP addresses.&lt;/p&gt;

&lt;p&gt;Additional DNS records are configured for the backend subnet to support workload connectivity and service discovery. By using Azure’s built-in DNS capabilities, the organization avoids the complexity of deploying and managing custom DNS servers while maintaining reliable and secure internal communication.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Conclusion:&lt;/strong&gt;&lt;br&gt;
Implementing Azure Private DNS offers a simple and effective way to manage internal name resolution for cloud-based workloads. By linking the private DNS zone to the virtual network and configuring DNS records for backend resources, services can communicate more seamlessly using easy-to-remember domain names instead of complex IP addresses.&lt;/p&gt;

&lt;p&gt;This approach not only simplifies network management but also improves scalability and reduces the operational effort required to maintain custom DNS solutions. Overall, Azure Private DNS helps create a more organized, reliable, and user-friendly cloud environment for both administrators and applications.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key takeaways:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Azure Private DNS allows workloads within a virtual network to communicate using domain names instead of IP addresses.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Private DNS zones simplify internal name resolution without requiring custom DNS servers.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Virtual network links enable DNS zones to be securely associated with Azure virtual networks.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;DNS records help map domain names to backend resources for easier workload communication and service discovery.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Using Azure-native DNS services improves scalability, simplifies administration, and supports secure internal networking.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
    </item>
    <item>
      <title>Configure network routing</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Thu, 28 May 2026 19:21:33 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/configure-network-routing-3h9h</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/configure-network-routing-3h9h</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction:&lt;/strong&gt;&lt;br&gt;
In a secure cloud environment, controlling how traffic flows between resources is just as important as protecting the resources themselves. To ensure Azure Firewall policies are consistently enforced, outbound traffic from application subnets must be routed through the firewall before reaching external destinations.&lt;/p&gt;

&lt;p&gt;In this scenario, a route table is created and associated with both the frontend and backend subnets to centralize traffic management. A custom route is then configured to direct all outbound internet traffic to the Azure Firewall using its private IP address. This approach ensures that all traffic is inspected, filtered, and monitored based on the organization’s security policies before leaving the virtual network.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Scenario&lt;/strong&gt;&lt;br&gt;
To ensure the firewall policies are enforced, outbound application traffic must be routed through the firewall. You identify these requirements.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A route table is required. This route table will be associated with the frontend and backend subnets.&lt;/li&gt;
&lt;li&gt;A route is required to filter all outbound IP traffic from the subnets to the firewall. The firewall’s private IP address will be used.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Skilling tasks&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Create and configure a route table.&lt;/li&gt;
&lt;li&gt;Link a route table to a subnet.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;In this guide, I’ve provided a detailed step-by-step walkthrough that covers the complete process of configuring network routing in Azure from start to finish. The template is designed to simplify the deployment process and help you understand how traffic can be securely routed through Azure Firewall using route tables and custom routes.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Exercise instructions&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Create a route table&lt;/strong&gt;&lt;br&gt;
Azure automatically creates a route table for each subnet within an Azure virtual network. The route table includes the default system routes. You can create route tables and routes to override Azure’s default system routes.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Record the private IP address of app-vnet-firewall&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the search box at the top of the portal, enter Firewall. Select Firewall in the search results.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Faf1ss9jaszr436bgdlib.png" alt="firewall" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select app-vnet-firewall.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3bq0eh5d4wndl5gh5yic.png" alt="app-vnet-firewall" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select Overview and record the Private IP address.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw86n4gzi6pc4czim0sbi.png" alt="Private IP address" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Add the route table&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the search box, enter Route tables. When Route table appears in the search results, select it.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl89ygv8jx6tk5to8dtll.png" alt="Route tables" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the Route table page, select + Create and create the route table.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftn3qe6ojjn127e6y4knf.png" alt="Route tables" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Subscription    Select your subscription&lt;br&gt;
Resource group  RG1&lt;br&gt;
Region  East US&lt;br&gt;
Name    app-vnet-firewall-rt&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Select Review + create and then select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg25y255q1hb5oopapk5s.png" alt="Review + create and then select Create" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Wait for the route table to deploy, then select Go to resource.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fetwyoeivdotzgcpx2z7w.png" alt="Go to resource" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Associate the route table to the subnets&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the portal, continue working with the route table, select app-vnet-firewall-rt.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn91c1v81wcgm4tu7e1db.png" alt="route table" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade, select Subnets and then + Associate.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fazht9nvlysdjw6x2ywqt.png" alt="Subnets " width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7uavxu9wnv27ywz63t52.png" alt="Subnets " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Configure an &lt;strong&gt;association to the frontend subnet&lt;/strong&gt;, then select OK.
Property    Value
Virtual network app-vnet (RG1)
Subnet  frontend
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdml562lhso9r2c32ge7u.png" alt="ssociation to the frontend subnet" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Configure an &lt;strong&gt;association to the backend subnet&lt;/strong&gt;, then select OK.
Property    Value
Virtual network app-vnet (RG1)
Subnet  backend
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzyzggoialedzszpk2sdv.png" alt="association to the backend subnet" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Create a route in the route table&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the portal, continue working with the route table, select app-vnet-firewall-rt.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj4fplnt1o3u52uw1jd53.png" alt="oute table" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade, select Routes and then + Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgsmfhjjiw7fes2ircddj.png" alt="Routes " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Configure the route, then select Add.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Route name  outbound-firewall&lt;br&gt;
Destination type    IP addresses&lt;br&gt;
Destination IP addresses/CIDR range 0.0.0.0/0&lt;br&gt;
Next hop type   Virtual appliance&lt;br&gt;
Next hop address    private IP address of the firewall&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhji5gixrdlu9c50qoxir.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhji5gixrdlu9c50qoxir.png" alt="Configure the route" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Summary:&lt;br&gt;
This configuration focuses on implementing secure network routing within an Azure virtual network environment. By creating and associating a route table with the frontend and backend subnets, outbound traffic can be centrally controlled and redirected through Azure Firewall.&lt;/p&gt;

&lt;p&gt;The custom route uses the firewall’s private IP address as the next hop, ensuring all outbound traffic is inspected against configured firewall policies. This setup improves visibility, strengthens security enforcement, and helps maintain consistent traffic filtering across the environment.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Conclusion&lt;/strong&gt;&lt;br&gt;
Configuring network routing through Azure Firewall provides a reliable way to enforce centralized security policies across application workloads. By directing outbound traffic through the firewall, organizations gain greater control over network communication while reducing the risk of unauthorized or unmonitored traffic leaving the environment.&lt;/p&gt;

&lt;p&gt;This approach not only enhances security and traffic visibility but also creates a scalable foundation for managing and protecting cloud-based applications as infrastructure requirements continue to grow.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key Takeaways&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Route tables help control how traffic flows within an Azure virtual network.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Associating route tables with subnets ensures routing policies are consistently applied to resources within those subnets.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Custom routes can redirect outbound traffic through Azure Firewall for centralized inspection and filtering.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Using the firewall’s private IP address as the next hop ensures traffic passes through security controls before accessing external networks.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Centralized routing improves security visibility, policy enforcement, and overall network management within Azure environments.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>cloudcomputing</category>
      <category>routing</category>
      <category>azurenetworking</category>
      <category>firewall</category>
    </item>
    <item>
      <title>Create and configure Azure Firewall</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Thu, 28 May 2026 17:59:53 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/create-and-configure-azure-firewall-2b99</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/create-and-configure-azure-firewall-2b99</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction:&lt;/strong&gt;&lt;br&gt;
As organizations continue to move applications to the cloud, securing network traffic becomes more important than ever. In this scenario, the organization needs a centralized security solution for its application virtual network to better control and monitor traffic between resources and external services. To achieve this, Azure Firewall is deployed within the app-vnet to provide enterprise-grade network protection and traffic filtering.&lt;/p&gt;

&lt;p&gt;As application usage grows, the organization also requires more granular control over outbound access and stronger protection against potential threats. By implementing Azure Firewall policies, administrators can centrally manage and enforce security rules across the environment. Specific application and network rules are configured to allow secure access to Azure DevOps for application updates and DNS services for name resolution, while still maintaining strict traffic control.&lt;/p&gt;

&lt;p&gt;This setup demonstrates how Azure Firewall can help secure both north-south and east-west traffic, providing a scalable and manageable security architecture for modern cloud workloads.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Skilling Tasks&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Create an Azure Firewall.&lt;/li&gt;
&lt;li&gt;Create and configure a firewall policy.&lt;/li&gt;
&lt;li&gt;Create an application rule collection.&lt;/li&gt;
&lt;li&gt;Create a network rule collection.
This guide provides a step-by-step approach to creating and configuring Azure Firewall within an Azure virtual network environment. It covers the deployment of Azure Firewall, the creation of firewall policies, and the configuration of both application and network rules to secure traffic flow across the environment.
The guide also demonstrates how to manage outbound access, enable DNS resolution, and control application connectivity using centralized security policies. By following these steps, you can implement a scalable and secure network architecture that helps protect Azure workloads from unauthorized access and potential threats.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Exercise instructions&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Create Azure Firewall subnet in our existing virtual network&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the search box at the top of the portal, enter Virtual networks. Select Virtual networks in the search results.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F88jhc4mhn4woskcolqhv.png" alt="Select Virtual networks in the search results" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select app-vnet.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgqjw5vadaty9ee9sbzj2.png" alt="app-vnet." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select Subnets.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7pphbf9ldfv9644t2tvc.png" alt="Select Subnets" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Subnet.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe2nbfygoxe2lfdegs67v.png" alt="Select + Subnet" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Enter the following information and select Save.
Property    Value
Name    AzureFirewallSubnet
Address range   10.1.63.0/26
Note: Leave all other settings as default.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdos4x4hxgxd9ma1nfhzg.png" alt="Select + Subnet" width="800" height="427"&gt;
&lt;strong&gt;Note:&lt;/strong&gt; Leave all other settings as default.
&lt;strong&gt;Create an Azure Firewall&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;In the search box at the top of the portal, enter Firewall. Select &lt;strong&gt;Firewall&lt;/strong&gt; in the search results.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuvuadpmwurwpw9hl297n.png" alt="Firewall" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdjqwu0byd8ifpv0g7aqz.png" alt="Firewall" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Create a firewall by using the values in the following table. For any property that is not specified, use the default value.
Note: Azure Firewall can take a few minutes to deploy.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Resource group  RG1&lt;br&gt;
Name    app-vnet-firewall&lt;br&gt;
Firewall SKU    Standard&lt;br&gt;
Firewall management Use a Firewall Policy to manage this firewall&lt;br&gt;
Firewall policy select Add new&lt;br&gt;
Policy name fw-policy&lt;br&gt;
Region  East US&lt;br&gt;
Policy Tier Standard&lt;br&gt;
Choose a virtual network    Use existing&lt;br&gt;
Virtual network app-vnet (RG1)&lt;br&gt;
Public IP address   Add new: fwpip&lt;br&gt;
Enable Firewall Management NIC  uncheck the box&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnuh60uikrzwp3xzpqhmj.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnuh60uikrzwp3xzpqhmj.png" alt="fwpip" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Select Review + create and then select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkj9awakybox5dheqafbt.png" alt="Select Review + create " width="800" height="427"&gt;
&lt;strong&gt;Update the Firewall Policy&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;In the portal, search for and select Firewall Policies.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4cbi2vi8vliz0wqews4k.png" alt="Firewall Policies." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select fw-policy.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3sewqs6hz6u00wnhn6fx.png" alt="Select fw-policy" width="800" height="427"&gt;
&lt;strong&gt;Add an application rule&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade, select Application rules and then Add a rule collection.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd1oogetjl7ejjcce5s21.png" alt="Application rules" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyoy5epxp8qtoi0ekhjxm.png" alt="Application rules" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Configure the application rule collection and then select Add.
Property    Value
Name    app-vnet-fw-rule-collection
Rule collection type    Application
Priority    200
Rule collection action  Allow
Rule collection group   DefaultApplicationRuleCollectionGroup
Name    AllowAzurePipelines
Source type IP address
Source  10.1.0.0/23
Protocol    https
Destination type    FQDN
Destination dev.azure.com, azure.microsoft.com
&lt;strong&gt;Note:&lt;/strong&gt; The AllowAzurePipelines rule allows the web application to access Azure Pipelines. The rule allows the web application to access the Azure DevOps service and the Azure website.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Faua20v2j3h4xbza0m2s9.png" alt="application rule collection" width="800" height="427"&gt;
&lt;strong&gt;Add a network rule&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade, select Network rules and then Add a network collection.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq23aart0jdr58kwvgso9.png" alt="select Network rules " width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpmog82yb487xk4szgh3b.png" alt="select Network rules " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Configure the network rule and then select Add.
Property    Value
Name    app-vnet-fw-nrc-dns
Rule collection type    Network
Priority    200
Rule collection action  Allow
Rule collection group   DefaultNetworkRuleCollectionGroup
Rule    AllowDns
Source  10.1.0.0/23
Protocol    UDP
Destination ports   53
Destination addresses   1.1.1.1, 1.0.0.1
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fejekp8haiok8rcqearle.png" alt="Configure the network rule" width="800" height="427"&gt;
&lt;strong&gt;Verify the firewall and firewall policy status&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;In the portal search for and select Firewall.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft63rnsaiq1qn66cs4gwd.png" alt="firewall" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;View the app-vnet-firewall and ensure the Provisioning state is Succeeded. This may take a few minutes.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fscu7bqipja7u3hopl4g5.png" alt="Provisioning state" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the portal serach for and select Firewall policies.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvf9qbfe63r2gvc8ns743.png" alt="Firewall policies" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;View the fw-policy and ensure the Provisioning state is Succeeded. This may take a few minutes.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1vkdwpx7szavb29205vy.png" alt="Provisioning state " width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Summary:&lt;/strong&gt;&lt;br&gt;
In this scenario, Azure Firewall is used to provide centralized network security for the application virtual network. Firewall policies are implemented to simplify rule management and improve control over network traffic. Application rules allow secure communication with Azure DevOps for application updates, while network rules enable DNS resolution required for connectivity and resource access.&lt;br&gt;
However, using the Standard SKU provides support for both application and network rule collections, making it suitable for enterprise environments that require flexible traffic filtering and monitoring. The configuration also helps secure both external and internal traffic flows, improving the organizations overall security posture while maintaining application functionality.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Conclusion:&lt;/strong&gt;&lt;br&gt;
Implementing Azure Firewall within the application virtual network provides a strong foundation for centralized cloud security. By combining firewall policies with application and network rules, the organization can effectively manage traffic, protect workloads, and maintain secure access to essential services such as Azure DevOps and DNS.&lt;br&gt;
This approach not only improves visibility and control over network communications but also supports future scalability as the application environment grows. Overall, Azure Firewall offers a reliable and flexible solution for protecting modern Azure workloads against evolving security challenges.&lt;/p&gt;

&lt;p&gt;*&lt;em&gt;Key Takeaways&lt;/em&gt;&lt;br&gt;
Completing this exercise provided practical experience in deploying and managing Azure Firewall to secure resources within an Azure virtual network. Throughout the configuration process, several important concepts became clear:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Azure Firewall serves as a centralized, cloud-native security solution that helps monitor and control both inbound and outbound network traffic across Azure environments.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Firewall policies simplify security management by allowing administrators to organize and manage NAT, network, and application rules from a single location.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Network rules provide granular traffic control by filtering connections based on IP addresses, ports, and protocols, helping secure communication between resources.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Application rules offer more advanced filtering by allowing or blocking traffic using fully qualified domain names (FQDNs), URLs, and web protocols such as HTTP and HTTPS.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Implementing Azure Firewall improves visibility, strengthens network security, and provides a scalable foundation for protecting modern cloud workloads.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>azurefirewall</category>
      <category>virtualnetwork</category>
      <category>cloudcomputing</category>
      <category>networking</category>
    </item>
    <item>
      <title>Create and configure network security groups</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Thu, 28 May 2026 14:17:06 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/create-and-configure-network-security-groups-59la</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/create-and-configure-network-security-groups-59la</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction:&lt;/strong&gt;&lt;br&gt;
Creating and configuring secure virtual networks in Azure is more than just connecting resources — it’s about building an environment where applications can communicate safely, efficiently, and without unnecessary exposure to the internet.&lt;/p&gt;

&lt;p&gt;Recently, I worked on a scenario focused on implementing Network Security Groups (NSGs) and Application Security Groups (ASGs) within an Azure virtual network architecture. The goal was simple: strengthen traffic control between frontend and backend systems while maintaining secure access for users and applications.&lt;/p&gt;

&lt;p&gt;The environment was designed around two critical subnets inside an Azure Virtual Network (VNet):&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Frontend Subnet&lt;/strong&gt;&lt;br&gt;
This subnet hosted web servers that needed to be accessible from the internet. To simplify management and improve security, an Application Security Group (ASG) was created and linked to the virtual machine interfaces belonging to the frontend servers.&lt;/p&gt;

&lt;p&gt;To allow secure user access, an inbound NSG rule was configured to permit HTTPS traffic using:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Protocol: TCP&lt;/li&gt;
&lt;li&gt;Port: 443&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This setup ensures encrypted communication between users and the web application while reducing unnecessary exposure.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Backend Subnet&lt;/strong&gt;&lt;br&gt;
The backend subnet contained database servers responsible for handling application data. Since database servers should never be directly exposed publicly, tighter controls were implemented using a dedicated Network Security Group (NSG).&lt;/p&gt;

&lt;p&gt;An inbound security rule was then created to allow traffic only from the frontend ASG to the backend servers using:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Service: MS SQL&lt;/li&gt;
&lt;li&gt;Port: 1433&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This approach follows the principle of least privilege by ensuring only approved frontend resources can communicate with the database layer.&lt;/p&gt;

&lt;p&gt;To complete the deployment, two Ubuntu virtual machines were provisioned using an Azure Resource Manager (ARM) template:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;VM1 deployed in the frontend subnet&lt;/li&gt;
&lt;li&gt;VM2 deployed in the backend subnet&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;One thing I appreciated during this project was how Azure networking services make it possible to create layered security models that are both scalable and easy to manage. Instead of assigning rules individually to every VM, ASGs and NSGs help centralize traffic policies and simplify administration as environments grow.&lt;/p&gt;

&lt;p&gt;This scenario reinforced the importance of:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Segmented network architecture&lt;/li&gt;
&lt;li&gt;Controlled inbound and outbound traffic&lt;/li&gt;
&lt;li&gt;Secure communication between application layers&lt;/li&gt;
&lt;li&gt;Infrastructure automation using ARM templates&lt;/li&gt;
&lt;li&gt;Cloud security best practices in Microsoft Azure&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Cloud networking is not just about connectivity anymore — security and intelligent traffic management are now at the center of modern infrastructure design.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Skilling Tasks&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Create an NSG.&lt;/li&gt;
&lt;li&gt;Create NSG rules.&lt;/li&gt;
&lt;li&gt;Associate an NSG to a subnet.&lt;/li&gt;
&lt;li&gt;Create and use Application Security Groups in NSG rules.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;In this guide, I’ll walk you through a simple step-by-step process for creating and configuring Network Security Groups (NSGs) in Azure. I will also cover how to create NSGs, set up security rules, associate NSGs with subnets, and use Application Security Groups (ASGs) to better control and secure network traffic between your resources. By the end of this walkthrough, you’ll have a clearer understanding of how Azure network security works in real-world environments.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Create the network infrastructure for the exercise&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;Note&lt;/strong&gt;: This exercise requires the Lab 01 virtual networks and subnets to be installed. A template is provided if you need to deploy those resources.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Use the icon (top right) to launch a Cloud Shell session. Alternately, navigate directly to &lt;a href="https://shell.azure.com" rel="noopener noreferrer"&gt;https://shell.azure.com&lt;/a&gt;.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdurrcw4poee6nsvd4mbc.png" alt=" Use the icon (top right) to launch a Cloud Shell session" width="800" height="543"&gt;
&lt;/li&gt;
&lt;li&gt;If prompted to select either Bash or PowerShell, select PowerShell.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fst9i2tbt6heyryzoromu.png" alt="If prompted to select either Bash or PowerShell, select PowerShell." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Storage is not required for this task Select your subscription. Apply your changes.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgehhal7bcifbwniw59o4.png" alt="Storage is not required for this task Select your subscription. Apply your changes." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Use these commands to deploy the virtual machines required for this exercise. This command was used to deploy the two virtual machines used for this project.
&lt;strong&gt;New-AzResourceGroupDeployment &lt;code&gt;
-ResourceGroupName RG1&lt;/code&gt;
-TemplateFile ./create-vnets-vms-template.json&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;In the portal search for and select virtual machines. Verify both vm1 and vm2 are Running.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2ohnt1yotgc4v4bz09vl.png" alt="In the portal search for and select virtual machines. Verify both vm1 and vm2 are Running." width="800" height="426"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3junbjdtu6q5qwgddpu7.png" alt="In the portal search for and select virtual machines. Verify both vm1 and vm2 are Running." width="800" height="426"&gt;
&lt;strong&gt;Create Application Security Group&lt;/strong&gt;
Application security groups (ASGs) let you group together servers with similar functions. For example, all the web servers hosting your application.&lt;/li&gt;
&lt;li&gt;In the portal, search for and select Application security groups.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe7iwgx7br3b4onlquyuj.png" alt="application security group" width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Create and configure the application security group.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F30a3ygwrrvw4fw1fcwp6.png" alt="Select + Create and configure the application security group" width="800" height="426"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Subscription    Select your subscription&lt;br&gt;
Resource group  RG1&lt;br&gt;
Name    app-frontend-asg&lt;br&gt;
Region  East US&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdugkf58083ip2wr02xfg.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdugkf58083ip2wr02xfg.png" alt="app-frontend-asg" width="800" height="426"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Select Review + create and then select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcqf0hyyrhkmfgbtvpd9v.png" alt="app-frontend-asg" width="800" height="426"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F01qjjolsvb06qj10axyx.png" alt="app-frontend-asg" width="800" height="426"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhcleuztmvgmh2rvsxejb.png" alt="app-frontend-asg" width="800" height="426"&gt;
&lt;strong&gt;Note:&lt;/strong&gt; You are creating the application security group in the same region as the existing virtual network.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Associate the application security group to the network interface of the VM&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the Azure portal, search for and select VM1.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy1c222brhc7qxtqqddlu.png" alt="VM1" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5b99o7vft9defx6ql7f8.png" alt="VM1" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the &lt;strong&gt;Networking blade&lt;/strong&gt;, select &lt;strong&gt;Application security groups&lt;/strong&gt; and then select &lt;strong&gt;Add application security groups&lt;/strong&gt;.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffygt8cieii08dnwdkluh.png" alt="app-frontend-asg" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl80413d02f2wrtetwxvm.png" alt="app-frontend-asg" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select the &lt;strong&gt;app-frontend-asg&lt;/strong&gt; and then select Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyr7dqbbhxd6tlk1vivpx.png" alt="![app-frontend-asg](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/fygt8cieii08dnwdkluh.png)
![app-frontend-asg](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/l80413d02f2wrtetwxvm.png)" width="800" height="427"&gt;
&lt;strong&gt;Create and Associate the Network Security Group&lt;/strong&gt;
Network security groups (NSGs) secure network traffic in a virtual network.&lt;/li&gt;
&lt;li&gt;In the portal search for and select Network security group.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fslnb3z65kwzvl6cpvco2.png" alt=" Network security group" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Create and configure the network security group.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foitcxwv5lyj8e835de8p.png" alt=" Network security group" width="800" height="427"&gt;
Property    Value
Subscription    Select your subscription
Resource group  RG1
Name    app-vnet-nsg
Region  westus2&lt;/li&gt;
&lt;li&gt;Select Review + create and then select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5zb2th11ruk9ewgbmc2t.png" alt="app-vnet-nsg" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkbps65gox0zh3fxsm629.png" alt="app-vnet-nsg" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6p5fqflaldrsrl8lb5da.png" alt="app-vnet-nsg" width="800" height="427"&gt;
&lt;strong&gt;Associate the NSG with the app-vnet backend subnet.&lt;/strong&gt;
NSGs can be associated with subnets and/or individual network interfaces attached to Azure virtual machines.&lt;/li&gt;
&lt;li&gt;Select Go to resource or navigate to the app-vnet-nsg resource.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7294em7waxmjraui1z59.png" alt="app-vnet-nsg" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade select Subnets.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjdwht3qtnsq562i3i5is.png" alt="app-vnet-nsg" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Associate
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33vzp5750d0yudqhuwxe.png" alt="Select + Associate" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select app-vnet (RG1) and then the Backend subnet. Select OK.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3wkskwgw6rui83czl8tc.png" alt="Select + Associate" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Create Network Security Group rules&lt;/strong&gt;&lt;br&gt;
An NSG use security rules to filter inbound and outbound network traffic.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;In the search box at the top of the portal, enter Network security groups. Select Network security groups in the search results.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fin1agwe4rs0mkkiidzzl.png" alt="Network security groups" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select app-vnet-nsg from the list of network security groups.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7kgharnc6m9624gle2t4.png" alt="app-vnet-nsg" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade, select Inbound security rules.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbka0ewjnf1ixvxwd9lxf.png" alt="Inbound security rules" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Add and configure an inbound security rule.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkjm4rmbfyquo2zrrbgo8.png" alt="inbound security rule" width="800" height="427"&gt;
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp5xdfpzymknjor4omiol.png" alt="inbound security rule" width="800" height="427"&gt;
Property Value
Source: Any
Source port ranges: *
Destination: Application Security group
Destination application security group: app-frontend-asg
Service: SSH
Action: Allow
Priority: 100
Name: AllowSSH&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;*&lt;em&gt;Key Takeaways *&lt;/em&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Application security groups help you group virtual machines by the apps they run, so you can easily set security rules for those apps.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Network security groups act like filters, controlling which traffic can move in and out of your Azure resources.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;You can attach one security group (or none) to each subnet or virtual machine’s network card.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Inside a network security group are rules that decide whether traffic is allowed or blocked.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;To make things easier, you connect virtual machines to an application security group, then use that group as the source or destination in your network rules.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Summary&lt;/strong&gt;&lt;br&gt;
In this scenario, the organization wants to strengthen security and better control the flow of network traffic within the &lt;code&gt;app-vnet&lt;/code&gt; environment. The setup includes a frontend subnet that hosts web servers accessible from the internet and a backend subnet that contains database servers used by the frontend applications.&lt;/p&gt;

&lt;p&gt;To improve security management, an Application Security Group (ASG) is used for the frontend web servers, making it easier to organize and manage virtual machines that belong to the same application layer. A Network Security Group (NSG) is also implemented to control and filter traffic between the frontend and backend resources, ensuring that only approved communication is allowed between the web servers and the database servers.&lt;/p&gt;

&lt;p&gt;For testing and deployment purposes, two Ubuntu virtual machines are created: VM1 in the frontend subnet and VM2 in the backend subnet. These virtual machines are deployed using an Azure Resource Manager (ARM) template provided by the IT team, helping automate and standardize the deployment process.&lt;/p&gt;

&lt;p&gt;In conclusion, using NSGs and ASGs in Azure helps create a more secure and well-organized network environment. By controlling how traffic flows between the frontend and backend resources, the organization can better protect its applications while still allowing the right communication between services. This setup also highlights how ARM templates make deployments faster, more consistent, and easier to manage in real-world cloud environments.&lt;/p&gt;

</description>
      <category>azure</category>
      <category>azurenetworking</category>
      <category>cloudcomputing</category>
      <category>asg</category>
    </item>
    <item>
      <title>Designing Secure Azure Networking for a Web Application Migration: A Practical Hub-and-Spoke Approach</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Mon, 25 May 2026 22:26:09 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/designing-secure-azure-networking-for-a-web-application-migration-a-practical-hub-and-spoke-2876</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/designing-secure-azure-networking-for-a-web-application-migration-a-practical-hub-and-spoke-2876</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;One of the biggest mistakes organizations make during cloud migration is focusing only on moving applications while neglecting the network architecture that supports them.&lt;/p&gt;

&lt;p&gt;In reality, networking is the backbone of every secure and scalable cloud environment.&lt;/p&gt;

&lt;p&gt;As part of my Azure cloud engineering journey, I’m currently working on a small but practical project focused on designing and implementing a secure Azure networking environment for a web-based application migration.&lt;/p&gt;

&lt;p&gt;The goal is not just to deploy resources, but to understand how enterprise-grade Azure networking is designed in real-world environments.&lt;/p&gt;

&lt;p&gt;And it all starts with Virtual Networks, Subnets, and Secure VNet Peering.&lt;/p&gt;

&lt;p&gt;Let’s break it down in a practical and simplified way.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The Scenario: You're the Cloud Architect&lt;/strong&gt;&lt;br&gt;
Imagine this: Your company is finally moving its web application to Azure. And guess who gets the first task? You.&lt;/p&gt;

&lt;p&gt;You need to build the virtual networks (VNets) and subnets from scratch. Oh, and they must talk to each other securely. No pressure, right? &lt;/p&gt;

&lt;p&gt;Here’s the game plan:&lt;/p&gt;

&lt;p&gt;Two VNets → app-vnet (for the app) + hub-vnet (for shared services)&lt;/p&gt;

&lt;p&gt;Two subnets in app-vnet → frontend (web servers) + backend (database servers)&lt;/p&gt;

&lt;p&gt;One subnet in hub-vnet → for a firewall (named AzureFirewallSubnet)&lt;/p&gt;

&lt;p&gt;Private, secure connection between VNets → via VNet peering&lt;/p&gt;

&lt;p&gt;Same Azure region → lower latency, no extra costs&lt;/p&gt;

&lt;p&gt;This is called a hub and spoke network architecture.&lt;br&gt;
hub-vnet = the center (firewall, monitoring)&lt;br&gt;
app-vnet = the spoke (your application)&lt;/p&gt;

&lt;p&gt;By the end of this tutorial, you'll have a production-ready network foundation in less than 10 minutes.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What I’m About to Build&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;1. Creating the Application Virtual Network (app-vnet)&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;This virtual network will host the application infrastructure.&lt;/p&gt;

&lt;p&gt;Inside this VNet, I’ll create two separate subnets:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Frontend Subnet&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;This subnet will host the web servers responsible for handling user requests and application traffic.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Backend Subnet&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;This subnet will host the database servers and internal application services.&lt;/p&gt;

&lt;p&gt;Separating frontend and backend resources into different subnets improves:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Security&lt;/li&gt;
&lt;li&gt;Traffic control&lt;/li&gt;
&lt;li&gt;Workload isolation&lt;/li&gt;
&lt;li&gt;Easier policy enforcement&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is one of the most important principles in cloud networking — segmentation.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Creating the Hub Virtual Network (hub-vnet)&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The second virtual network will act as the centralized hub.&lt;/p&gt;

&lt;p&gt;Inside the hub-vnet, I’ll create a dedicated subnet for the firewall.&lt;/p&gt;

&lt;p&gt;This firewall layer will help simulate how organizations centralize:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Security policies&lt;/li&gt;
&lt;li&gt;Traffic inspection&lt;/li&gt;
&lt;li&gt;Routing management&lt;/li&gt;
&lt;li&gt;Controlled communication between environments&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This architecture becomes extremely useful as environments grow larger and more complex.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Configuring Secure Virtual Network Peering&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Once both VNets are created, the next step is to establish Virtual Network Peering between them.&lt;/p&gt;

&lt;p&gt;This allows:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Secure private communication&lt;/li&gt;
&lt;li&gt;Low-latency connectivity&lt;/li&gt;
&lt;li&gt;Seamless resource access between VNets&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;One of the most interesting parts of Azure VNet Peering is that traffic remains on Microsoft’s private backbone network and never traverses the public internet.&lt;/p&gt;

&lt;p&gt;That means better:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Security&lt;/li&gt;
&lt;li&gt;Performance&lt;/li&gt;
&lt;li&gt;Reliability&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Here, is the technical details and guides to provision Hub-and-Spoke Approach.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Exercise instructions&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Note:&lt;/strong&gt; To complete this lab you will need an Azure subscription with Contributor RBAC role assigned. In this lab, when you are asked to create a resource, for any properties that are not specified, use the default value.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Create hub and spoke virtual networks and subnets&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;An Azure virtual network enables many types of Azure resources to securely communicate with each other, the internet, and on-premises networks. All Azure resources in a virtual network are deployed into subnets within the virtual network.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Sign in to the Azure portal - &lt;a href="https://portal.azure.com" rel="noopener noreferrer"&gt;https://portal.azure.com&lt;/a&gt;.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fs91whts43pi9ptkj36kz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fs91whts43pi9ptkj36kz.png" alt="![ ](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/a4p1h3616rsk684czqro.png)" width="800" height="479"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Search for and select Virtual Networks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkuq2nqzsq6sr72f6gxak.png" alt="Search for and select Virtual Networks." width="800" height="539"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Create and complete the configuration of the &lt;strong&gt;app-vnet&lt;/strong&gt;.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwprkive7x2xlqt1bh6eq.png" alt="Select + Create and complete the configuration of the app-vnet. " width="800" height="429"&gt; 
This virtual network requires two subnets, &lt;strong&gt;frontend&lt;/strong&gt; and &lt;strong&gt;backend.&lt;/strong&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Resource group  RG1&lt;br&gt;
Virtual network name    app-vnet&lt;br&gt;
Region  East US&lt;br&gt;
IPv4 address space  10.1.0.0/16&lt;br&gt;
Subnet name frontend&lt;br&gt;
Subnet address range    10.1.0.0/24&lt;br&gt;
Subnet name backend&lt;br&gt;
Subnet address range    10.1.1.0/24&lt;br&gt;
Note:Leave all other settings as their defaults&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk1rtrui80tmuvddat873.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk1rtrui80tmuvddat873.png" alt="app-vnet" width="800" height="427"&gt;&lt;/a&gt;&lt;br&gt;
When finished select “&lt;strong&gt;Review + create and then Create.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F24o7on29d58e9p3f7txd.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F24o7on29d58e9p3f7txd.png" alt="Review + create and then Create." width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftleg0pzzg8uuv7d6l73d.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftleg0pzzg8uuv7d6l73d.png" alt="Review" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Create the Hub-vnet virtual network configuration. This virtual network has the &lt;strong&gt;firewall subnet&lt;/strong&gt;.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Resource group  RG1&lt;br&gt;
Name    hub-vnet&lt;br&gt;
Region  East US&lt;br&gt;
IPv4 address space  10.0.0.0/16&lt;br&gt;
Subnet name AzureFirewallSubnet&lt;br&gt;
Subnet address range    10.0.0.0/26&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fve7e7serli2x8xh73bbh.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fve7e7serli2x8xh73bbh.png" alt="hub-vnet" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxrtrvvq3mtfx6mwtssfk.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxrtrvvq3mtfx6mwtssfk.png" alt="hub-vnet" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi3uewf53x7xmgiixi0gg.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi3uewf53x7xmgiixi0gg.png" alt="hub-vnet" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Once the deployments are complete, search for and select your ‘virtual networks`.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvmmfaqzxnx8ed82x9bvm.png" alt="search for and select your ‘virtual networks" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Verify your virtual networks and subnets were deployed.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4dpx6i2ht7df794y5kmz.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4dpx6i2ht7df794y5kmz.png" alt="Verify your virtual networks and subnets were deployed." width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh8f5bpp1ox04hez5422s.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh8f5bpp1ox04hez5422s.png" alt="Verify your virtual networks and subnets were deployed." width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Configure a peer relationship between the virtual networks&lt;/strong&gt;&lt;br&gt;
Virtual network peering enables you to seamlessly connect two or more Virtual Networks in Azure.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Search for and select the app-vnet virtual network.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5a595dw4zcnasx1zbno9.png" alt="Search for and select the app-vnet virtual network." width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;In the Settings blade, select Peerings.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmfx358dgxdd2qa8jww6c.png" alt="In the Settings blade, select Peerings" width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;+ Add a peering between the two virtual networks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgdk2pgvzkg37x71e0eac.png" alt="hub-to-app-vnet" width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiuux1knocxr44fs8kvyg.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fiuux1knocxr44fs8kvyg.png" alt="hub-to-app-vnet" width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Property    Value&lt;br&gt;
Remote peering link name    &lt;strong&gt;app-vnet-to-hub&lt;/strong&gt;&lt;br&gt;
Virtual network &lt;strong&gt;hub-vnet&lt;/strong&gt;&lt;br&gt;
Local virtual network peering link name &lt;strong&gt;hub-to-app-vnet&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Note:&lt;/strong&gt; Leave all other settings as their defaults. Select “Add” to create the virtual network peering.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Once the deployment completes, verify the Peering status is Connected.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwkatn3rcb552sioy3u3d.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwkatn3rcb552sioy3u3d.png" alt="the Peering status is Connected." width="800" height="427"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Key takeaways&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Networking first – No app is secure or scalable without a solid network foundation.&lt;/li&gt;
&lt;li&gt;Hub-spoke pattern – Centralize shared services (hub-vnet), isolate workloads (spoke-vnets).&lt;/li&gt;
&lt;li&gt;VNet peering – Private, fast, free (same region), and requires bidirectional setup.&lt;/li&gt;
&lt;li&gt;Subnets = security boundaries – Separate frontend (web) and backend (database) tiers.&lt;/li&gt;
&lt;li&gt;Plan IPs carefully – Overlapping address spaces break peering.&lt;/li&gt;
&lt;li&gt;Hands-on &amp;gt; theory – Building it yourself bridges the knowing-doing gap.&lt;/li&gt;
&lt;li&gt;Patterns over clicks – Understanding why matters more than knowing how.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;In conclusion,&lt;/strong&gt; Cloud engineering is so much more than just deploying virtual machines. Don't get me wrong—spinning up a VM is satisfying. But the real value? That comes when you start thinking bigger. When you stop asking "How do I make this work?" and start asking "How do I make this secure, scalable, and resilient enough to grow with the business?" That shift in thinking changes everything.&lt;/p&gt;

&lt;p&gt;This project gave me a chance to step into that mindset. I didn't just click buttons in the Azure portal. I dug into networking fundamentals—VNets, subnets, peering—and started to see how these pieces fit together in real enterprise environments. Not textbook diagrams. Not simplified labs. The kind of patterns you'd actually find in production.&lt;/p&gt;

&lt;p&gt;And here's what stood out to me the most:&lt;/p&gt;

&lt;p&gt;Every great cloud deployment—whether it's a small startup or a global enterprise—starts with a solid network foundation. You can have the most brilliant application code in the world, but if your network is messy or insecure, nothing else really matters.&lt;/p&gt;

&lt;p&gt;This hands-on learning reminded me why I got into cloud engineering in the first place. It's not about memorising services or chasing certifications. It's about bridging that gap between knowing the theory and actually building something real.&lt;/p&gt;

&lt;p&gt;And honestly? That's the kind of learning that sticks with you.&lt;/p&gt;

</description>
      <category>azure</category>
      <category>azurenetworking</category>
      <category>hubandspoke</category>
      <category>virtualnetworking</category>
    </item>
    <item>
      <title>Manage tags and locks</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Fri, 13 Mar 2026 19:28:04 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/manage-tags-and-locks-2ok9</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/manage-tags-and-locks-2ok9</guid>
      <description>&lt;p&gt;Cloud environments can scale rapidly, making proper organization and protection essential. After completing tasks such as creating a subnet, updating a virtual machine, and working with an Azure storage account, the next step was to improve governance by implementing tags and resource locks.&lt;/p&gt;

&lt;p&gt;Tags allow administrators to attach key-value metadata to resources, making it easier to categorize, track, and manage them across the environment. Resource locks, on the other hand, help prevent accidental deletion or modification of critical resources, adding an extra layer of protection.&lt;/p&gt;

&lt;p&gt;During this exercise, I revisited the previously created resources and applied appropriate tags, locks, or both to strengthen management and oversight.&lt;br&gt;
A simple guide to implement, how locks and tags are set, is stated bellow.&lt;/p&gt;

&lt;h2&gt;
  
  
  Add tags to a virtual machine
&lt;/h2&gt;

&lt;p&gt;You’ll start by adding a pair of tags to the virtual machine. One tag will be to identify the purpose of the virtual machine and the other will be to indicate the department the machine supports.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Login to Microsoft Azure at &lt;a href="https://portal.azure.com" rel="noopener noreferrer"&gt;https://portal.azure.com&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual machines.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdz2dk995u6973lmn7nxg.png" alt=" " width="800" height="540"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual machines under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7qctrk1is0zs0q6dwepz.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vm virtual machine.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fijpvcifprtwukjdx5qzz.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;From the menu pane, select Tags.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4u67pfjuncecn13oohf3.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On one line for Name enter Department and for Value enter Customer Service
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fir4sm72b6dkjm5k0ktug.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On the next line, for Name enter Purpose and for Value enter FTP Server.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8zzz6ebmb18dvprf5b34.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Apply.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb6knzravsv7q6ecg3afp.png" alt=" " width="800" height="425"&gt;
While you’re working on the virtual machine, it’s a great time to add a resource lock.
## Add a resource lock to a VM&lt;/li&gt;
&lt;li&gt;If necessary, expand the Settings submenu.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffeofri8o3vgb97c9qsy0.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Locks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqra10k1ggqvin2u9uup3.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fea6zuxw0m36jpv1s0xl8.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;For the name, enter VM-delete-lock.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flswt8e6ooiir9i0lj98r.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;For the Lock type, select Delete.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fty10wehbvtddzd01aluc.png" alt=" " width="800" height="425"&gt;
You may enter a note to help remind you why you created the lock.&lt;/li&gt;
&lt;li&gt;Select OK.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9kwhxhz05p3mb7kwcnr7.png" alt=" " width="800" height="425"&gt;
That’s it. Now the VM is protected from deletion and has tags assigned to help track use. Time to move onto the network.
Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzyoz77wsmbmayal7ebga.png" alt=" " width="800" height="425"&gt;
## Add tags to network resources&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual networks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9ybzebem6a3w190redhx.png" alt=" " width="800" height="540"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual networks under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9y0ztal330uapw2kz6gj.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vnet network.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8xjndisxpqql1qsoi5tf.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;From the menu pane, select Tags.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5fqr6ktlfhrkeboela7x.png" alt=" " width="800" height="425"&gt;
## Note:
Notice that now you can select an existing tag to apply or add a new tag. You can also select just the name or value and apply create something new in the other field.&lt;/li&gt;
&lt;li&gt;For the Name select Department.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwrs5gf4du96t015oqhdi.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;For the Value enter IT.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3kld02mc2d03xzrj4t2u.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Apply.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm5njvwi2rmam51e77fau.png" alt=" " width="800" height="425"&gt;
Now both the VNet and VM have are organised.&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;Using tags and resource locks is a simple but powerful way to maintain organization, visibility, and security in Azure environments as they continue to grow.&lt;/p&gt;

</description>
      <category>azuregovernance</category>
      <category>resourcemanagement</category>
      <category>azureadmin</category>
      <category>cloudinfrastructure</category>
    </item>
    <item>
      <title>Control storage access</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Fri, 13 Mar 2026 19:04:51 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/control-storage-access-44eg</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/control-storage-access-44eg</guid>
      <description>&lt;p&gt;The effective storage management is key to a secure and efficient cloud environment. Recently, I worked hands-on with Azure storage accounts, creating a storage container and a file share, and uploading files to both. Containers provide scalable, structured object storage, while file shares allow SMB/NFS-style access for team collaboration.&lt;/p&gt;

&lt;p&gt;This exercise helped me practice setting permissions, managing access keys, and ensuring data is organized and secure—skills essential for modern cloud operations.&lt;br&gt;
Here, in this practical guide, I have shared with you how storage container and fileshare have been created, and how restriction is set on the container's content.&lt;/p&gt;

&lt;h2&gt;
  
  
  Create a storage container
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;Login to Microsoft Azure at (Azure Portal)[&lt;a href="https://portal.azure.com" rel="noopener noreferrer"&gt;https://portal.azure.com&lt;/a&gt;]
From the Azure portal home page, in the search box, enter storage accounts.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi5c68iovwkafybn2dlaf.png" alt=" " width="800" height="531"&gt;
&lt;/li&gt;
&lt;li&gt;Select storage accounts under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6x7zhd5dx690u9ypcea8.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the storage account you created in the Prepare exercise
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4zh6rggv32i0z1etaxzm.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;The storage account name is the hyperlink to the storage account. (Note: it should be associated with the resource group guided-project-rg.)
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F12rlkh4mnjrk2qjzfu7x.png" alt=" " width="800" height="425"&gt;5. On the storage account blade, under the Data storage submenu, select Containers.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fv6kwh1vbbqy1s84n7d2v.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Add container.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4p51iny30idskrvaqx43.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;In the Name field, enter storage-container.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgpwswr118hwpkod1psig.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff3njz7qmjqn0heuqz6qm.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Upload a file to the storage container
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;Select the storage container you just created.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F67rvd1l3llnrm36ywgrv.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Upload and upload the file you prepared.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fii2yd46p48gboeveugit.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Once the file is ready for upload, select Upload.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fipv3hjjs37we40npkf13.png" alt=" " width="800" height="425"&gt;
With the file uploaded, notice that the Access tier is displayed. For something we uploaded just for testing, it doesn’t need to be assigned to the Hot access tier. In the next few steps, you’ll change the access tier for the file.
## Change the access tier&lt;/li&gt;
&lt;li&gt;Select the file you just uploaded (the file name is a hyperlink).
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5p0amkq3tokipcvczb7q.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Change tier.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6sc9vugfdiqfdx4px7zb.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Cold.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhtteyzvc7m5b270vl2mk.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Save.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6e2i9o489a2cs4p50u2a.png" alt=" " width="800" height="425"&gt;
## Note:
You just changed the access tier for an individual blob or file. To change the default access tier for all blobs within the storage account, you could change it at the storage account level.&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F599uol9hxvye1846z4vf.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter storage accounts.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8i2ddltvknxgna2era9d.png" alt=" " width="800" height="550"&gt;
&lt;/li&gt;
&lt;li&gt;Select storage accounts under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbyuqn07ielm9vz6if01b.png" alt=" " width="800" height="536"&gt;
&lt;/li&gt;
&lt;li&gt;Select the storage account you created in the Prepare exercise.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwgu9y5kft0ogf7agpk8b.png" alt=" " width="800" height="428"&gt;
The storage account name is the hyperlink to the storage account. (Note: it should be associated with the resource group guided-project-rg.)
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F12gwqpj05pzvo9qi0c1s.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On the storage account blade, under the Data storage submenu, select File shares.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqeyzo19gfq9kd5ly8w23.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select + File share.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi39028xyeq948nmsfjk1.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On the Basics tab, in the name field enter file-share.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr0wfjhf9tb4kiatjzf27.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On the Backup tab, uncheck Enable backup
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F77me7s6up2s56mbnud8o.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Review + create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5n9oz40wdc9u7mfbr02v.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0vugpuig2o9pmh6bi2db.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Once the file share is created, select Upload.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzevkiqcciaigjyf7qr7c.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Upload the same file you uploaded to the blob storage or a different file, it’s up to you.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3t1gv3cfz0x9kjpe1v1c.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk87slxijf8epnzdxpxnz.png" alt=" " width="800" height="425"&gt;The next piece of the puzzle is figuring one way to control access to the files that have been uploaded. Azure has many ways to control files, including things like role-based access control. In this scenario, the Azure admin wants you to use shared access tokens or keys.
## Create a shared access signature token&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter storage accounts.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3mrqhcfk1bigqkckv5su.png" alt=" " width="800" height="539"&gt;
&lt;/li&gt;
&lt;li&gt;Select storage accounts under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fks03n2r97rvrahic3tn8.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the storage account you created in the Prepare exercise.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6ilxiplutm8fsz9cy7dy.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On the storage account blade, select Storage browser.
Expand Blob containers
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fevfvln7537u46ejtm3di.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Expand Blob containers
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmm4w0fm3uxg3s1xfxwt1.png" alt=" " width="800" height="425"&gt;
## Note:
Blob container is another name for the storage containers. Items uploaded to a storage container are called blobs.&lt;/li&gt;
&lt;li&gt;Select the storage container you created earlier, storage-container.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fn34jnd2rkms0zqwm8uhv.png" alt=" " width="800" height="425"&gt;7. Select the ellipses (three dots) on the end of the line for the image you uploaded.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fahaat5g9xwpqw8w9oil4.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Generate SAS
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjbpw2wb4w786skile6z8.png" alt=" " width="800" height="425"&gt;
## Note: When you generate a shared access signature, you set the duration. Once the duration is over, the link stops working. The **Start automatically populates with the current date and time.Set 9. Signing method to Account key.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5tug0ruiu25zvjwtr0f8.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Set Signing key to Key 1
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmzhtjacf8hbqtlg02ist.png" alt=" " width="800" height="425"&gt;
## Tip: There are two signing keys available. You can choose either one, or create SAS tokens with different durations.&lt;/li&gt;
&lt;li&gt;Set Stored access policy to None.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fucminuvo2ulzhkrazhsh.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Set Permissions to Read.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6p8g27td50gmd0i3jrdq.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Enter a custom start and expiry time or leave the defaults.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6z946ga9dnyicl2mjys7.png" alt=" " width="800" height="425"&gt;14. Set Allowed protocols to HTTPS only.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa8nvbaum6b00bfj47idf.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Generate SAS token and URI.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffk35or4b32c3gbz4d1d3.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Copy the Blob SAS URL and paste it in another window or tab of your browser. It should display the image you uploaded. Keep this tab or window open.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjangxbj8h5axzub5p4j7.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvpwo8g2r3h1dgdborpac.png" alt=" " width="800" height="425"&gt;
With the SAS token created, anyone with that link can access the file for the duration that was set when you created the SAS token. However, controlling access to a resource or file is about more than just granting access. It’s also about being able to revoke access. To revoke access with a SAS token, you need to invalidate the token. You invalidate the token by rotating the key that was used.
## Rotate access keys&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter storage accounts.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0ph3ybqfr8vziv58m3rp.png" alt=" " width="800" height="540"&gt;
&lt;/li&gt;
&lt;li&gt;Select storage accounts under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0oy1uw6v9xp4qxq7qb19.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the storage account you created in the Prepare exercise.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpis0lpiup9wd3gth790z.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Expand the Security + networking submenu.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fobw6glga5mf7vv4068gd.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Access keys.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F897ajzyv9q2jf3zdk3t3.png" alt=" " width="800" height="425"&gt;6. For Key 1, select Rotate key.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7lci979edgv3kmwd79g0.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Read and then acknowledge the warning about regenerating the access key by selecting Yes.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjffqna72vpnbko8ek1v9.png" alt=" " width="800" height="425"&gt;8. Once you see the success message for rotating the access key, go back to the window or tab you used to check the SAS token and refresh the page. You should receive an authentication failed error.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq66tn2xkdlqoj2lb5nw6.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Conclusion:
&lt;/h2&gt;

&lt;p&gt;Mastering Azure storage accounts, containers, and file shares enables admins to control access, simplify file sharing, and maintain scalable, secure cloud environments.&lt;/p&gt;

</description>
      <category>azurestorage</category>
      <category>filesharing</category>
      <category>storagemanagement</category>
      <category>azureadmin</category>
    </item>
    <item>
      <title>Manage virtual machines</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Fri, 13 Mar 2026 18:30:32 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/manage-virtual-machines-3c8d</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/manage-virtual-machines-3c8d</guid>
      <description>&lt;p&gt;Managing virtual machines in Azure isn’t just about creating them—it’s about placing them strategically within the network for efficiency and visibility. After updating network settings to support subnet segmentation, I moved an existing Linux VM to a newly created subnet. This ensures better traffic isolation, simplifies monitoring, and lays the groundwork for scalable deployments.&lt;/p&gt;

&lt;p&gt;Migrating the VM to its dedicated subnet preserved the integrity of the existing network while enhancing visibility into its resource utilisation and network flow. Proactive network management like this, keeps the cloud environment organised, secure, and easier to maintain.Here, these procedures guide you on how to do it yourself in a less stressful way.&lt;/p&gt;

&lt;h2&gt;
  
  
  Move the virtual machine network to the new subnet
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;Login to Microsoft Azure at (Azure Portal)[&lt;a href="https://portal.azure.com" rel="noopener noreferrer"&gt;https://portal.azure.com&lt;/a&gt;]&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual machines.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq479did9s1bvvg2lt7ew.png" alt=" " width="800" height="550"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual machines under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4ah34pslm3ts5taupqet.png" alt=" " width="800" height="545"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vm virtual machine.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fo3b2h1lcvtszo64r1u0e.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;If the virtual machine is running, select Stop.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F851n136rfumpeglbdhxl.png" alt=" " width="800" height="425"&gt;
## Note:
In order to make some configuration changes, such as changing the subnet, the VM will need to be restarted. You can request the change without stopping the VM, but Azure will force a restart before completing the change.&lt;/li&gt;
&lt;li&gt;Wait for the Status field to update and show Stopped (deallocated).
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwxu3tud1of19i0llzwsv.png" alt=" " width="800" height="423"&gt;
&lt;/li&gt;
&lt;li&gt;Within the Networking subsection of the menu, select Network settings.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsnwo4n5ltkxeqtrg1s7n.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select the Network interface / IP configuration hyperlink for the VM.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F87ikxqvpwqanr5lb6k6u.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;On the IP Configurations page, update the Subnet to ftpSubnet.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjao17zevl602xftgheij.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Apply.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5wkyq7k0yot8czve3qxq.png" alt=" " width="800" height="425"&gt;11. Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwzq8peb9tczcpdc19lwt.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Vertically scale the virtual machine
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual machines.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flkp6f57htuugbj93tj9e.png" alt=" " width="800" height="535"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual machines under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Factgt91iizb9jk4nchqt.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vm virtual machine.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Falrk6gk3k7vqzllkkzmt.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Locate the Availability + scale submenu and select Size.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fihnommirpuj0p2r8l157.png" alt=" " width="800" height="425"&gt;5. Select a new VM size D2s_v5 for example. (Note: If you don’t see the same size as shown in this exercise, select something similar.)
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9w5ttgcj8nvdnmp4l95s.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Resize.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjmh5vgxbix0f9i2g0y7g.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffh1uwki0b298c19xrb75.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Attach data disks to a virtual machine
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual machines.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj6hy1b850lvsw7qk2zdl.png" alt=" " width="800" height="542"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual machines under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fizw8grp2q1d3x2k5annt.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vm virtual machine.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fizh46dami64ztmqxul8b.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Locate the settings submenu and select Disks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fso7v50k17oyz0ub14aox.png" alt=" " width="800" height="425"&gt;5. Select Create and attach a new disk.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl16sn7nrwymmdqfgymuf.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Leave LUN as default.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzcs60ohfgzczjh751s5x.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Enter ftp-data-disk for the Disk name.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuzbaste05hapf6ir88f5.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Leave the Storage type as default.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqktqmk3d6ispfgabqb36.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Enter 20 for the Size.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fc4hhkgj5al13s1nrln8p.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Apply to create the new storage disk and attach the disk to the machine.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvxohqzas1r71rk2nnxs4.png" alt=" " width="800" height="425"&gt;11. Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fryqidle253qmclekb42j.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Configure automatic shutdown on a virtual machine
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual machines.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnhmlzw18p2a4uwuf5rl1.png" alt=" " width="800" height="548"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual machines under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1yszfx1203tw2pnrwo5v.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vm virtual machine.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Febzvqno0jhxzd82a0tr1.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Under the Operations submenu, select Auto-shutdown.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frw5vuera85qsdgkrnsru.png" alt=" " width="800" height="425"&gt;5. In order to let late uploads finish, set the Scheduled shutdown to 7:15:00 PM.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcrntmsekmx71lf5q508t.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Save.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fza59gvji7l07s2k3h0id.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcjdb8pr9j5ew95u61uft.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Conclusion:
&lt;/h2&gt;

&lt;p&gt;Using dedicated subnets for VMs is a straightforward, yet impactful practice in Azure. It enables workload isolation, better performance monitoring, and future-proofing of the infrastructure—keeping operations smooth and manageable.&lt;/p&gt;

</description>
      <category>networksegmentation</category>
      <category>cloudinfrastructure</category>
      <category>linuxvm</category>
      <category>azurevm</category>
    </item>
    <item>
      <title>Update the virtual network</title>
      <dc:creator>okunola babatunde</dc:creator>
      <pubDate>Fri, 13 Mar 2026 18:05:49 +0000</pubDate>
      <link>https://dev.to/okunola_babatunde_dff5cbd/provisioning-a-dedicated-subnet-for-a-new-linux-ftp-server-in-azure-38g4</link>
      <guid>https://dev.to/okunola_babatunde_dff5cbd/provisioning-a-dedicated-subnet-for-a-new-linux-ftp-server-in-azure-38g4</guid>
      <description>&lt;p&gt;As part of supporting an Azure Admin in managing cloud resources, I assist with specific tasks rather than maintaining the entire infrastructure. Currently, one Linux virtual machine (VM) is under-utilised, and there’s a requirement to deploy a new Linux VM to act as an FTP server. To ensure effective monitoring of network traffic and resource utilization for the FTP server, the Azure Admin has requested the creation of a dedicated subnet. The existing subnet will remain unchanged to accommodate future VM deployments. Here is a simple guide to provisioning a subnet for a Linux FTP Server. To achieve this goal, you need to follow a step-by-step guide as stated bellow&lt;/p&gt;

&lt;h2&gt;
  
  
  Create a new subnet on an existing virtual network (vNet)
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;Login to Microsoft Azure at (Azure Portal)[&lt;a href="https://portal.azure.com" rel="noopener noreferrer"&gt;https://portal.azure.com&lt;/a&gt;]&lt;/li&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual networks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpksp8xh2pabpl1x805i0.png" alt=" " width="800" height="545"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual networks under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0dnc2z8emrng8xlogizs.png" alt=" " width="800" height="496"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vnet virtual network.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flo1he9irr8qxprgale7s.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;From the guided-project-vnet blade, under settings, select Subnets.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fybpy1r1gtla12m1vh4m1.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;To add a subnet, select + Subnet.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjjzskecgf8mz85dimxyo.png" alt=" " width="800" height="429"&gt;
&lt;/li&gt;
&lt;li&gt;For Subnet purpose leave it as Default.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0tgreei5nbd9b33h9str.png" alt=" " width="800" height="429"&gt;
&lt;/li&gt;
&lt;li&gt;For Name enter: ftpSubnet.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe54z0582fnbia1nsnn4q.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Leave the rest of the settings alone and select Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnxxuxckzyba061rrfl07.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb1z6cr8kl6t8walrx3j3.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Create a network security group
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual networks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fstlqd1yvzzyiey27tmav.png" alt=" " width="800" height="542"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual networks under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpq4654mefe4h4zel01bd.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select Network security groups.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9i6ku70sa6y04s78zui2.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcx69utq16ksadfpjw5nu.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Verify the subscription is correct.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fodlkwlnj8owrtjhhor5x.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-rg resource group.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzyb18gw27960agpoizz5.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Enter ftpNSG for the network security group name.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frsaeun4q562otieaya3a.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select Review + create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd6g1kzc0nbmecxc8yndd.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Once the validation is complete, select Create.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbqqgkg8999wmviuohi4t.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Wait for the screen to refresh and display Your deployment is complete.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpb7sxvggf2whbb5nrj4y.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Select Go to resource.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhct3v6zkaeav50tarcb7.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Create an inbound security rule
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;Under settings, select Inbound security rules.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb7hnu7j0u4r61b5vtdwl.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Select + Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flfsinpo6riztkwyolpgr.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Change the Destination port ranges from 8080 to 22.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fio2bi2cro9gxh79je7y5.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Select TCP for the protocol.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff1et498o9nvbh4y4whza.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Set the name to ftpInbound.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe4rf4o0eo42gfn7dxv5l.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;li&gt;Select Add.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgjhdifw8pfbk31254uwr.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Select Home to return to the Azure portal home page.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb0b2ieb2f2kewxbkmx10.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Associate a network security group to a subnet
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;From the Azure portal home page, in the search box, enter virtual networks.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frmm8llb6lbu1b4d4979e.png" alt=" " width="800" height="539"&gt;
&lt;/li&gt;
&lt;li&gt;Select virtual networks under services.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffwfmng7lt4c08un1lu4q.png" alt=" " width="800" height="425"&gt;
&lt;/li&gt;
&lt;li&gt;Select the guided-project-vnet virtual network.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fblohfksngdqcehv5b6h8.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Under settings, select Subnets.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft2w8y8fit33l5etx8pw6.png" alt=" " width="800" height="428"&gt;
&lt;/li&gt;
&lt;li&gt;Select the ftpSubnet you created.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy3y0bqv1pf7chzdh4fp1.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;On the Edit subnet page, under the Security section heading,
update the Network security group field to ftpNSG.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fph5coeeqvs755rza0h8i.png" alt=" " width="800" height="426"&gt;
&lt;/li&gt;
&lt;li&gt;Select Save.
&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgp96qdufgplkzkym8fdi.png" alt=" " width="800" height="427"&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Conclusion&lt;/strong&gt;&lt;br&gt;
In Azure, planning network segmentation and resource allocation is essential for performance, monitoring, and security. By provisioning a new subnet for an FTP server, the infrastructure becomes more organised, maintainable, and transparent for administrators tracking usage metrics. This approach exemplifies proactive cloud governance and prepares the environment for future scaling needs.&lt;/p&gt;

</description>
      <category>azurenetworking</category>
      <category>cloudinfrastructure</category>
      <category>linuxvm</category>
      <category>subnetprovisioning</category>
    </item>
  </channel>
</rss>
