Generally Available: DCa/ECa v6 series AMD based confidential virtual machines (VMs)

Generally Available: DCa/ECa v6 series AMD based confidential virtual machines (VMs)
Microsoft is announcing the general availability of the new DCa/ECa v6 series AMD based confidential virtual machines (VMs) in the UAE North, Korea Central, West Central US, South Africa North, Switzerland North and UK South regions with 4th generation AMD EPYC™ processors. Featuring Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) security features, these VMs benefit from hardware-based encryption ensuring memory written by your VM can only be read or rewritten by your VM. You can migrate your workloads to these VMs without making changes to your code.
These confidential VMs are designed to offer a hardware-based and attested trusted execution environment (TEE) leveraging AMD SEV-SNP, which hardens guest protections to deny the hypervisor and other host management code access to VM memory and state and can protect against operator access. Keys used for VM memory encryption are generated by a dedicated secure processor inside of the CPU and cannot be read from software.

Public Preview: Azure Kubernetes Fleet Manager – update run approval gates
Azure Kubernetes Fleet Manager update runs now support approval gates. Gates can be placed before and after update groups and stages and provide additional control over the flow of the update run. Gates allow you to either manually approve the update run to continue or to integrate with other systems such as ticketing or health monitoring services to drive automated approvals.

These VMs consist of our new general purpose DCasv6-series and our new memory optimized ECasv6-series VMs. They offer better performance and better price-performance than our previous generation AMD based confidential VMs, making them an attractive option for a wide range of workloads that involve the processing of sensitive data such as PII and PHI

Generally Available: Distributed tracing for Durable Functions
Distributed tracing V2 for Durable Functions introduces a robust and comprehensive tracing model that enables developers to correlate operations in orchestrations, activities, and durable entities. This capability is particularly useful for Durable Functions, which often span multiple services and systems.

With this release, distributed tracing V2 now supports:

• All Durable Functions language SDKs
• Traces for durable entities
• Expanded trace span details for deeper insights into orchestration lifecycles and activity execution.
  An Application Insights resource must be configured to collect and visualize trace data.

Public Preview: Azure Functions .NET 10 support
Azure Functions now supports .NET 10 in Public Preview. To use .NET 10, adjust the target framework in your Functions project, and update references to Microsoft.Azure.Functions.Worker.Sdk to version 2.0.5 or later.

.NET 10 projects can be deployed to apps on both Linux and Windows. However, the Linux Consumption plan type is not yet supported. .NET 10 is only available to apps using the isolated worker model. If your app is still running on the legacy in-process model, migrate your application to the isolated worker model.

During the preview period, the latest preview version might not yet be available on Azure Functions right away. Please see the product documentation for the latest version available on the platform.

Public Preview: Azure MySQL Self Heal
You can now use self-healing tools to proactively resolve common server issues—without opening a support case. The new Self-Heal feature in Azure Database for MySQL – Flexible Server, is now available in Public Preview. Whether your server is unresponsive, stuck in a restart state, or experiencing log corruption, Self-Heal provides a one-click recovery experience directly in the Azure portal. You can trigger it anytime—even if no alerts are shown—giving you greater control over your server’s health and uptime. The system runs predefined, safe remediation workflows tailored to specific scenarios and clearly informs you of any potential impact before execution. Using Self-Heal helps you reduce downtime, avoid delays waiting for support, and maintain service reliability with minimal effort. With every new scenario supported, Self-Heal strengthens its role as an essential tool for managing MySQL workloads efficiently.

Generally Available: Azure Database for PostgreSQL flexible server in Austria East and Chile Central
Now you can deploy Azure Database for PostgreSQL flexible server in the Austria East and Chile Central regions.

Generally Available: Azure Databricks automatic identity management
Now you can streamline identity lifecycle operations using Azure Databricks automatic identity management. With this new, generally available capability, you can automate user provisioning and deprovisioning through native integration with Microsoft Entra ID—eliminating manual overhead, reducing security risks, and ensuring that users have timely access to the right data and tools. By aligning with enterprise identity governance policies, you can confidently scale your data and AI initiatives while maintaining compliance and operational efficiency. Automatic identity management gives you a more unified, secure, and intelligent platform experience. With deeper integration between Azure Databricks and Microsoft Entra ID, you benefit from simplified cloud-native data and AI workflows—all within a unified platform. You can focus on innovation, not administration.

Public Preview: File share centric management model (Microsoft.FileShares) for Azure Files
To simplify the experience of creating and managing file shares in Azure, Azure Files now supports a file share-centric management model offered by the Microsoft.FileShares resource provider. With this update, file shares become top-level resources in Azure and no longer require a storage account.File shares now offer independent provisioning of storage, IOPS, and throughput without competing with other file shares against shared storage account limits. They also provide granular networking and security controls, and predictable, flexible costs using the SSD provisioned v2 model. This streamlined experience enables faster provisioning (~2x faster), supports higher scale limits, and introduces share-level billing for clearer cost attribution.

Generally Available: Azure D192 Sizes in the Azure Dsv6 and Ddsv6-series VM Families
Announcing the addition of the D192 size to the Azure Dsv6 and Ddsv6-series Virtual Machines families, powered by the 5th Generation Intel® Xeon® Platinum 8573C (Emerald Rapids) processor. Dsv6-series virtual machines use Azure managed disks only, while Ddsv6-series virtual machines offer local, temp storage disks. These sizes are now generally available in several Azure regions.These new VM sizes offer 192 vCPUs and 768 GiB of RAM, making them ideal for general-purpose workloads such as enterprise-grade applications like SAP, SQL, in-memory analytics platforms, and large relational databases. They are also suitable for web and application servers with moderate to heavy traffic, batch processing tasks, developer and test environments, and other workloads requiring a balance of CPU performance and memory resources.
Azure Boost delivers up to 400k IOPS and 12 GB/s remote storage throughput for these VMs with NVMe-enabled local and remote storage for scalable performance. Additionally, Intel® Total Memory Encryption (TME) provides secure memory data protection.

Key Highlights

• Large Size: 192 vCPUs with 768 GiB of RAM for demanding workloads.
• Azure Boost: Up to 400K IOPS and 12 GB/s remote storage throughput and up to 82 Gbps network bandwidth.
• Security First: Intel® TME ensures data protection in system memory.
• NVMe Interface: 3X improvement in local storage IOPS for low-latency access.

Generally Available: Multitenant Managed Logging in Container Insights

The Multitenant Managed Logging feature in Container Insights is now generally available, offering customers who operate shared AKS clusters the ability to segregate container logs by team. This functionality enables teams to independently manage and access their container logs within Kubernetes namespaces while preserving centralized log collection in Azure Log Analytics workspaces.
With this feature, container logs (stdout & stderr) from different namespaces can be directed to different workspaces based on the team’s needs. This includes the ability to route logs from system namespaces (e.g., kube-system) to a dedicated infrastructure team workspace while sending application logs to other teams' workspaces. Additionally, the same logs can be sent to multiple workspaces to support diverse operational requirements.