Mutemwa Masheke, a product manager at Microsoft, introduces a new resource type called change tracking, part of the Azure governance team's product portfolio. Mutemwa, along with Arnav, presents on governance and the close integration with Azure Policy Code machine configuration, which enables scaling configuration settings using PowerShell. They discuss built-in policies in Azure Portal, exciting features on the roadmap, and the chill session welcoming questions throughout.
Mutemwa shares personal details, including his background, hobby of singing, and a fun fact about his brother's opinion on his singing. The discussion shifts to Azure Machine Config, which allows configuring settings dynamically across Windows and Linux servers for continuous auditing. Mutemwa introduces built-in content based on compliance standards like NIST and FedRAMP, as well as the ability to bring in custom requirements using open-source tooling.
The lecture delves into the process of conducting compliance scans, remediation of non-compliant resources, and advanced reporting features within Azure Machine Config. Mutemwa showcases a demo of configuring time zone settings using PowerShell scripts, generating MOF files, creating zip packages, and uploading them to Azure Storage for policy deployment.
The focus turns to upcoming roadmap items, including support for group policy scenarios, enhanced version management, managed identity support, and planned AI integration for server configuration at scale. Mutemwa addresses audience questions on CPU usage limits, first-class experiences for viewing settings as resources, and practical deployment scenarios for resource-intensive servers.
The session concludes with a Q&A segment discussing the feasibility of deploying Microsoft applications on resource-intensive servers, the representation of settings as ARM resources, and possible enhancements in providing a seamless and standardized experience for configuring settings in Azure Machine Config. The speaker expresses gratitude for the engaging session and positive feedback from the audience, wrapping up the informative discussion.
Chapters:
00:00:00 What's new with Azure machine configuration: spotlight on now open-source features - Mutemwa Ma…
00:00:10 Introduction
00:01:59 Azure Machine Config Overview
00:05:15 Custom Configuration Support
00:06:28 Enabling Custom Server Hardening
00:06:38 Simplifying Machine Configuration
00:07:33 Advanced Reporting Features
00:10:22 Remediation for Non-Compliance
00:12:43 Open Source Tooling for DSC Resources
00:23:05 Demo Preparation
00:26:54 Demo - Configuring Time Zones
00:35:27 Demo - Uploading Configuration Package
00:39:32 Future Roadmap Features
00:44:17 Versioning of Policies
00:49:29 Conclusion
