Azure on Ajo Mathew

A Practical Guide to Handling Azure Alerts During Planned Maintenance

Tue, 25 Nov 2025 00:00:00 +0000

Problem description

Availability alerts for VMs in a resource group were configured. During planned maintenance (for example, a VM reboot), the team receives VM availability notifications that are false positives. How can we avoid or resolve these false alarms?

Approaches

The alert in question uses VM availability metrics evaluated every 1 minute with a 5‑minute lookback window.

Option 1 — Disable the alert during the maintenance window

When you stop the VM, disable the alert.
When you start the VM, re-enable the alert.

This is a simple approach but requires coordinating the start/stop process with alert management.

Azure Container Groups for hosting

Mon, 22 May 2023 00:00:00 +0000

Few days ago I was in need of a quick and easy option to host few containers with Azure for one of my Demos. I didn’t want to go with the headache of having an AKS or VM with docker installed. So I picked ACI ( Azure Container Instance ) with an nginx vm for reverse proxy – Since this was to be presented quick we we went the dirty way.

Use Azure NSG and Azure Service Tags to block internet and allow to Azure Portal

Mon, 27 Feb 2023 00:00:00 +0000

My Client got a requirement to block internet access inside a Subnet \ Vnet only using NSG and allow connection only to Azure Portal.

Client is using Azure Private Endpoints to enable private access to Azure Storage , Databricks and other services hence other resource access from within the VMs inside VM is working as expected.

The requirement from security team is to lock Azure Vnet & Subnet from internet and enable only direct Portal access.

Azure DevOpos pipeline Yaml variables not substituting azureResourceManagerConnection

Thu, 03 Mar 2022 00:00:00 +0000

While setting up an Azure ARM deployment pipeline using yaml. Below is my template.yaml file

parameters:

 - name: azRMConnection
 type: string
 - name: subscriptionID
 type: string
 - name: resourceGroupName
 type: string
 - name: deploymentLocation
 type: string
 default: "[resourceGroup().location]"
 - name: armTemplateFilePath
 type: string
 - name: armTemplateParameterFilePath
 type: string
 - name: overrideParameters
 type: string

steps:
 - task: AzureResourceManagerTemplateDeployment@3
 displayName: "ARM Template Deployment"
 inputs:
 deploymentScope: 'Resource Group'
 azureResourceManagerConnection: '${{parameters.azRMConnection}}'
 deploymentMode: Incremental
 subscriptionId: ${{parameters.subscriptionID}}
 action: 'Create Or Update Resource Group'
 resourceGroupName: ${{parameters.resourceGroupName}}
 location: ${{parameters.deploymentLocation}}
 templateLocation: Linked artifact
 csmFile: ${{parameters.armTemplateFilePath}}
 csmParametersFile: ${{parameters.armTemplateParameterFilePath}}
 overrideParameters: "${{parameters.overrideParameters}}"

And this is my actual main.yaml looks like

Azure ARM template copy function - Using Objects as parameters with multiple resource properties

Sat, 30 Oct 2021 00:00:00 +0000

I was following this Azure Document to try out Azure ARM copy operation to loop through properties of an azure resource. Looks like the page was not updated correctly so I raised an issue with the MS Docs github page. This was just minor change - where NSG properties were not correctly reprsented in that example document. You can follow below correct ARM templates.

ARM template

{% gist 659a893a3a941d72f824e0f703c13fda %}

Parameter

{% gist c4bcdc862196719e79c010d1d61dc4d9 %}

Azure Container Groups for hosting ?

Sat, 25 Jul 2020 00:00:00 +0000

Few days ago I was in need of a quick and easy option to host few containers with Azure for one of my Demos. I didn’t want to go with the headache of having an AKS or VM with docker installed. So I picked ACI ( Azure Container Instance ) with an nginx vm for reverse proxy - Since this was to be presented quick we we went the dirty way.

Uninstall Az Powershell Module forcefully and completely

Mon, 08 Jun 2020 00:00:00 +0000

I’m primarily using PowerShell to address Azure automation activities from running from local to Azure itself. The most painful task encountered is about upgrading PowerShell Az modules and making it work with VsCode.

After many trial and error, this is the best method I could recommend to uninstall the PowerShell Az module.

Get-installedmodule Az.*| foreach-object{Uninstall-Module -Name $_.Name -Verbose -AllVersions -force}

If you encounter running the above code snippet from the no-Admin account, switch to the Admin account. Incase Az.Accounts module is adamant in getting uninstalled, open a cmd - As Administrator and run below command. This will rid your system of Az modules.

After (lot of ) Hacks - A working way to deploying Azure SQL on Virtual Machine using terraform

Mon, 25 May 2020 00:00:00 +0000

I am very new with terraform. I was trying out terraform to deploy an SQL VM to Azure. SQL VM in Azure has undergone many changes recently from using SqlVmIaasExtension to manage SQL VM instance to a new resource type Microsoft.SqlVirtualMachine/SqlVirtualMachines

To implement the best practice of SQL, we had to fall to PowerShell DSC. Now Azure natively support disk management(new Storage Type) via SqlVirtualMachine resource type.

I wanted to get new Storage type implemented via terraform azurerm_mssql_virtual_machine. This resource in terraform under module azurerm supports everything except new storage types.

Linux Log Rotate and archive rotated file.

Tue, 08 May 2018 00:00:00 +0000

I was checking an article on how to upload archived logs to azure blob. As initial set up I’ve updated logrotate.conf(/etc/logrotate.conf) with below settings.

file to edit:

/etc/logrotate.conf

{% gist 5d2a8a1bf8cb0f619b45a39785dee395 %}

Then updated syslog rotate config to test on how messages files can be archived. Make sure the destination path is created. In this case I’ve got /opt/logs/ referenced. file edited /opt/logrotate.d/syslog

{% gist bacb68f7f66e346d1d80f2a934c00856 %}

This will ensure the last rotated log file would be copied to /opt/logs/. You can have any other scripts configured to upload to blob from here. Once these settings are in place test run(force run) logrotate -f /etc/logrotate.conf. Result of the operation can be found below