Generally Available: Custom Secure Boot UEFI Keys for Azure Trusted Launch VM

Generally Available: Edit Network Features for Azure NetApp Files with No Downtime
We are announcing the general availability of Edit network features with no downtime for Azure NetApp Files volumes. Standard Network Features provide you with an enhanced Virtual Networking experience for a seamless and consistent experience along with security posture for Azure NetApp Files.
You are now able to edit existing Azure NetApp Files volumes and upgrade Basic network features to Standard network features with no downtime. This feature is available in all Azure NetApp Files enabled regions.

Upon choosing Standard network features, you can now take advantage of the below supported following new features for Azure NetApp Files volumes/delegated subnets:

• Increased IP limits for the VNets with Azure NetApp Files volumes on par with VMs, eliminating the need for you to rearchitect your network topologies
• Enhanced network security with support for Network Security Groups on the Azure NetApp Files delegated subnet.
• Enhanced network control with support for User-defined routes to and from Azure NetApp Files delegated subnets.
• Connectivity over Active/Active VPN gateway setup for highly available connectivity to ANF from on-prem.
• ExpressRoute FastPath connectivity to Azure NetApp Files. FastPath is designed to improve the data path performance (low latency and high bandwidth connectivity) between on-premises network and Azure virtual network.

Generally Available: Azure Managed Prometheus Supports Horizontal Pod Autoscaling for Replica Set Pods in AKS
Azure Monitor Managed service for Prometheus now supports Horizontal Pod Autoscaling (HPA) for the ama-metrics replica set pod by default.
With this update, the ama-metrics replica set pod which handles the scraping of Prometheus metrics with custom jobs can scale automatically based on the memory utilization. By default, the HPA is configured to support a minimum of 2 replicas (which is the global default) and a maximum of 12 replicas. Customers will also the have ability to set the shards to any number of minimum and maximum replicas as long as they are within the range of 2 and 12. HPA will automatically take care of scaling based on the memory utilization of the ama-metrics pod to avoid OOM kills.

Generally Available: Azure Load Balancer Health Event Logs
Azure Load Balancer health event logs are now generally available in all public, Azure China, and Government regions.

With health event logs, you can collect, store, and analyze information to help understand the health of your Azure Load Balancer resource. These built-in logs help you troubleshoot specific scenarios and allow you to identify and alert on availability issues affecting your load balancer. Examples of scenarios where Load Balancer health event logs can help are:

• Traffic distribution issues: When your load balancer may not be distributing traffic as intended, due to causes ranging from misconfiguration to Azure platform issues.
• Port exhaustion: When your load balancer may be experiencing outbound connectivity issues due to SNAT port exhaustion.
• No healthy backends: When your load balancer’s frontend has no healthy backend instances to distribute traffic to.

With Azure Load Balancer health event logs, you can monitor the health of your load balancer, without having to set up and manage complex metric-based alerts or build a custom data ingestion pipeline.

Generally Available: Custom Secure Boot UEFI Keys for Azure Trusted Launch VM

Trusted Launch VM now supports customizing secure boot UEFI keys. One or more of the secure boot keys and/or databases (PK, KEK, DB, or DBX) can be fully replaced or updated. This allows additional flexibility to further secure workloads using Trusted Launch virtual machines in Azure.

Trusted Launch VM improves security posture of workloads in Azure VM.

• Protect against persistent boot/kernel malware (improved security posture)
• Boot to a defined and trusted state
• Meet industry/NIST security best practices/standards + Microsoft security benchmark

Generally Available: Vaulted Backup Support for Azure Files Standard Shares
Azure Backup Vaulted support for Azure Files shares standard is now generally available providing enhanced data protection with the ability to configure snapshot and vaulted backup in a single policy and offers cross account/regional recovery.

Previously, customers had the ability to schedule point-in-time snapshots, now with vaulted backup you will have the following additional benefits:

• Vaulted backup support now enables adherence to the widely accepted 3-2-1 backup rule for Azure files protection alongside centralized management to gain visibility, monitor jobs, alerts and reporting using Azure Business Continuity Center.
• Protect against ransomware and malicious activities with immutable backups and soft delete functionality on recovery services vault.
• Long-term retention is essential for meeting compliance and audit requirements. Vaulted backup provides daily, monthly, and yearly backups that can be retained in cost-effective storage for up to 99 years.
  The vaulted backup for Azure Files - premium is in public preview. You will incur charges for vaulted backup of standard and premium files from 1st April 2025.