kevinhakanson.com

Will the real Azure please stand up?

April 18, 2020 #azure #random

Naming things is hard. Each of these “Azure” names appear somewhere (or at some time) in the documentation:

  • Azure
  • Microsoft Azure
  • Azure Cloud
  • Microsoft Cloud
  • Windows Azure

At the time of this post, Azure has 58 regions worldwide and available in 140 countries. Some of the Azure definitions include:

  • A region is a set of datacenters deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network.
  • A geography is a discrete market, typically containing two or more regions, that preserves data residency and compliance boundaries.
  • Availability Zones are physically separate locations within an Azure region. Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking

There are also references to “Sovereign regions” or ”National cloud deployments“:

In addition to our global network of datacenters, Microsoft cloud services are available in three separate national clouds. These national cloud versions are physical and logical network-isolated instances of Microsoft enterprise cloud services that are confined within the geographic borders of specific countries and operated by local personnel.

Current national clouds include:

  • Microsoft Cloud for US Government
  • Microsoft Cloud Germany
  • Azure and Office 365 operated by 21Vianet in China

Microsoft Cloud for US Government (a.k.a. ”Azure Government”) is only for US government agencies and their partners. It uses physically isolated datacenters and networks (located in U.S. only) but has the same underlying technologies as global Azure.

Microsoft Azure China is a physically isolated instance of Azure operated by 21Vianet and requires an account separate from an Azure global account.

Microsoft Cloud Germany (a.k.a. “Microsoft Cloud Germany (Sovereign)”) is a physically isolated instance of Microsoft Azure operated by a data trustee. However, Microsoft Azure Germany are the Frankfurt and Berlin datacenter regions of global Azure. Confused? Welcome to Azure Germany explains it as:

Since August 2018, we have not been accepting new customers or deploying any new features and services into the original Microsoft Cloud Germany locations.

Based on the evolution in customers’ needs, we recently launched two new datacenter regions in Germany, offering customer data residency, full connectivity to Microsoft’s global cloud network, as well as market competitive pricing.

If you prefer code to documentation, Get-AzEnvironment “gets endpoints and metadata for an instance of Azure services,” and az cloud list can “list registered clouds,” giving you programmatic ways to uncover even different names.

PS /home/kevin> Get-AzEnvironment | Select-Object -Property Name, ActiveDirectoryAuthority, ResourceManagerUrl | Format-Table

Name              ActiveDirectoryAuthority           ResourceManagerUrl
----              ------------------------           ------------------
AzureCloud        https://login.microsoftonline.com/ https://management.azure.com/
AzureUSGovernment https://login.microsoftonline.us/  https://management.usgovcloudapi.net/
AzureGermanCloud  https://login.microsoftonline.de/  https://management.microsoftazure.de/
AzureChinaCloud   https://login.chinacloudapi.cn/    https://management.chinacloudapi.cn/

PS /home/kevin> az cloud list --query "[].{Name:name,ActiveDirectoryAuthority:endpoints.activeDirectory,ResourceManagerUrl:endpoints.resourceManager}" --output table
Name               ActiveDirectoryAuthority           ResourceManagerUrl
-----------------  ---------------------------------  -------------------------------------
AzureCloud         https://login.microsoftonline.com  https://management.azure.com/
AzureChinaCloud    https://login.chinacloudapi.cn     https://management.chinacloudapi.cn
AzureUSGovernment  https://login.microsoftonline.us   https://management.usgovcloudapi.net/
AzureGermanCloud   https://login.microsoftonline.de   https://management.microsoftazure.de

But wait, there’s more. If you have an “Azure Stack” (a.k.a ”Azure Stack Hub”) and make a call to Set-AzEnvironment or az cloud register, you can name it whatver your want. I call dibs on AzureKevinHakansonCloud.

Kevin Hakanson

Multi-Cloud Certified Architect | DevSecOps | AppSec | Web Platform | Speaker | Learner | Builder
Twitter | LinkedIn | GitHub | Stack Overflow | Credly

© 2024 Kevin Hakanson (built with Gatsby)