Azure Messaging, Queueing, and Events - Which service is right for your solution?

With Event Hub, IoT Hub, Service Bus, and Azure Storage Queue, Azure has a number of PaaS offerings available when it comes to Queueing, Eventing, and Messaging. The number of services and mystery about their purposes can lead to a bit of analysis paralysis when it comes to which service to use, and, more importantly, when to use each service.

This session will help you answer all of the following questions:
- Which service is used for ingesting a stream of data?
- What service responds to a single event?
- Do you need an Event Hub to use Event Grid or an Event Grid to use Event Hub?
- When should you use Azure Storage Queue vs Azure Service Bus Queue?
- Is there a way to have one message go to multiple Queues based on the interest or access level of a customer/client?
- How do you enhance a stream to make sure that critical failures are handled immediately?
- What is "at-most-once" vs. "at-least-once" delivery of messages and which services can guarantee these options?

In this session you will learn about the services available at Azure for queueing, handling events, and messaging, and you'll get to see working examples of when and how to use each of the various services.

By the end of the talk you'll be ready to choose the correct service for your solution with confidence.

Overviews and practical use-cases for each platform offering, with demos to work with each using C#.NET. This material is incredibly important for the AZ-204 exam as well as just to know as a .NET developer with Azure.

Azure Functions and APIM

You want to go Serverless. You think Azure functions are cool, but you're not sure how to use them to host multiple API Endpoints. You are also worried about the security of the Functions and the ability to throttle requests. You are also concerned that having multiple endpoints could be confusing for your customers and hard for your team to manage, especially when it comes to versioning your endpoints.

In this session, you'll see a practical approach to resolve all of these problems using Azure Functions with Azure API Management (APIM). You'll learn how to lock everything down with Azure Active Directory and Identity management, and you'll see how to use APIM Subscriptions to get the right information to the correct users with just one entry point facade (which can be throttled by subscription for various levels of access like basic and premium - or to just prevent bad players and DDoS attacks). You'll also learn about creating products to group your APIs for customer use, exposing on the APIs and Operations your customers need. You'll see how all of your API endpoints will be hosted from the same public endpoint (which of course can be set to your own custom domain).

Additional concepts will be the ability to enforce specific URI query string parameters that the user doesn't need to know about, and how to utilize additional services that host endpoints, as well as leverage third party APIs without your customers ever knowing where and how the backend is working.

We'll cover Azure Functions and authentication with Azure Active Directory. We'll build an APIM solution to communicate with the functions, setting up products and subscriptions to expose various products and levels of access to the APIs and operations for the customers, and we'll show how to test the various functions as we go using postman to create products and subscriptions.

Rescuing your GIT Repositories using Amend, Reset, Revert, Rebase, Bisect, and Cherry-Picking

Have you ever said: "I just pushed a commit to remote main instead of my branch! Help!"?

Have you ever been in the following scenario: "We merged two features to main but now only one of them needs to go to production without losing the code for the other one ASAP - what do we do?"

Have you ever thought you messed up your branch on rebase, and then can't figure out what happened, and/or had the fear that you might have lost work during a rebase operation?

What about the time where you accidentally put a secret into GitHub and you need it to look like that commit never happened to avoid getting fired?

In this session, we'll discuss the GIT commands of Amend, Reset, Revert, Rebase, Bisect, and Cherry-Picking to perform surgery on any GIT repository when the stuff hits the fan such as the four scenarios mentioned above.

After learning how to fix these scenarios, you can take the knowledge and use it to handle many more difficult scenarios using these same commands and strategies.

Attendees will learn about the listed commands and then will get a chance to see them in action. If time allows, other discussions around protecting a repository and squash and rebase strategies can be discussed. Attendees will also be given links to public repositories with instructions on how to rescue their repository in specific scenarios.

GIT: From beginner to Fearless

This training is an introduction to GIT for source control. We'll take a look at getting started with GIT on our own machines, as well as working with GIT at public/private repositories on GitHub and/or BitBucket. Tools we'll use include BASH and VSCode

GIT can scare people. It shouldn't. GIT is awesome, and it's something that everyone should be using - it can even be used for more than just code [yes, you can version documents and spreadsheets]!

This workshop is primarily geared towards those who do code in any language and/or do web development with any tech stack, however learning the basics and commands of GIT can benefit anyone.

The workshop will cover practical scenarios needed for anyone in a normal GIT workflow, how to interact with other developers, and ends with how to solve some more tricky problems that happen.

By the end of the day, you should no longer have any fear about wrecking your repository or losing your changes.

The workshop general outline will look something like this:

Getting Started
Git Basic Info
A single-person/developer general flow
A simple multiple-person/developer flow
Advanced GIT commands to rescue your material
Release Management
Using GIT from Visual Studio or Eclipse

Architecting and Building Event-Driven Serverless Solutions in Azure

This workshop is an intense dive into working with resources at Azure in an event-driven, serverless architecture, however the material can be utilized to complete the solution no matter what your levels of development and/or azure experience currently are.

In this workshop, you'll build an event-driven architecture with serverless technologies at Azure, leveraging and learning about the following services:
- Azure blob storage (and blob storage created events)
- Azure AI Vision (formerly Cognitive Services - Computer Vision)
- Azure Event Grid for topics and subscriptions
- Azure Functions for processing data and classifying results as needs review or ready for import
- Azure Logic Apps to send email (via SendGrid or another provider)
- Azure SQL to store the finalized results for the "legacy" system
- Service Bus to Queue results for processing so that your team can review and approve or correct results from computer vision asynchronously
- Azure App Service to show the final results of the processing and allow for review/approval of pending import data based on vision results for the images

After completing the workshop, attendees will be able to take the skills they've learned and apply them to solutions for both enterprise and personal projects.

The Attendees will need to be able to access an Azure Subscription and GitHub. This should be done on personal, non-work email accounts and non-work machines, unless the attendee is certain those accounts are in compliance with their company and also will not present access issues from a remote location at the conference.

This workshop is a proven guided activity with step-by-step instructions. The attendees will be able to complete the activities by walking through step-by-step instructions during the workshop and any additional work they want to do can still be completed post workshop.

The first part of the workshop will start by presenting the real-world problem and a bit of brainstorming on the architecture, then it will be all about implementation. We'll talk about the different services within Azure as we go.

The attendees can complete this on their own or in groups.

Attendees will need access to a personal email, Azure Subscription, and GitHub.

All attendees will be directed to the repo for the workshop, where full walkthroughs and resource information exists (so they can take the workshop home and do it again)
https://github.com/AzureCloudWorkshops/ACW-ServerlessArchitecture

Protecting Your Secrets using Azure Key Vault, Azure App Configuration, GitHub, and C# MVC

Your team has been working well for a long time, but developers keep checking in the connection strings to Azure Services (like SQL Databases and Storage). You know that once you check in a secret it should be considered compromised so you've built a robust rotation strategy and you are ready to move forward, but you want to solve the real problem, which is preventing the team from checking in (and even knowing) what your secrets are. Another problem that you noticed is that Application Insights and your users are logging sensitive information that needs to be sanitized.

In this session you will learn how to get notifications when users have checked in secrets using GitHub and third-party tools. You'll also see how to leverage secrets in your code without having to know the secrets, both locally and at Azure via the Azure Key Vault.

You will then learn how to leverage secrets that need to be shared to Azure App Configuration and have the ability to use them from your local and Azure environments.

To complete the journey, you will then learn how to capture output before committing to your logs (or app insights) with a few simple code changes to make sure that sensitive information is sanitized before being permanently recorded.

This talk also has a backing repo with step-by-step instructions.

Enhancing Application Security and Resiliency on Azure: Networking and Deployment Strategies

While deploying applications on Azure's public backbone is straightforward, it often leaves the applications vulnerable to various attack vectors. Additionally, recent changes to Azure App Service mean that built-in regional failover is no longer provided.

This session aims to deepen your understanding of Azure's networking and security services to help you build private, secure, resilient applications.

During the session, we will explore fundamental architectures like hub-and-spoke models and the use of primary and secondary regions for high availability.

You'll gain insights into implementing security measures such as service endpoints and private endpoints to safeguard your applications.

You'll also learn about several secure network ingress tools/services including Azure Bastion, Azure Firewall, Site-to-Site and Point-To-Site VPN connections, Azure Front Door, and Web Application Gateway so you can know how to make the correct choice for your application and organizational needs.

Furthermore, the session will address how to integrate automated deployment practices while ensuring robust perimeter security.

By the end of this session, you will have a comprehensive overview of Azure tools and strategies to deploy applications with enhanced security, reduced attack surfaces, regional resiliency, and secure network communications.

This talk addresses a very big problem in the Azure cloud space where many teams are just deploying to the public backbone. By the end of the talk, attendees will have a better understanding of the Azure Networking resources they should be in command of to deploy an application that has network perimeter security.

Automated resource deployment with Bicep

This hands-on workshop provides a day of training that teaches you how to work with Bicep. The workshop starts by introducing Bicep and the key components that are necessary to understand when working with automated deployments and infrastructure as code.

During the first part of the workshop, you'll learn about:
- Creating Bicep files
- Deploying resources (a simple storage account) to a single resource group using the command line
- Parameters
- Variables
- Modules
- Outputs
- Orchestration of multiple deployment files for a subscription-level deployment from the command line
- How to create Azure Service Principals and set the correct permissions to authorize a third-party solution like GitHub to deploy to your subscription
- Automating your first orchestrated pipeline to your Azure subscription using GitHub actions

As the day progresses, you'll learn how to:
- Create specific Azure resources using Bicep to deploy a robust web application with App Service, Key Vault, Application Insights, Log Analytics, and SQL Server
- Leverage prior modules to get the output from a previous deployment to configure settings like Key Vault Secrets on the App Service configuration page

You'll then see how to set the CI/CD pipeline to deploy the application code.

The day finishes up with a final look at moving your shared secrets into Azure App Configuration with a couple of small changes to the Bicep pipeline and the application code.

This workshop has both a Bicep and a Terraform path, so the attendees will be able to leverage the training materials provided to learn about Terraform as well if they are so inclined, even after the conference is over.

Sam and I delivered both paths at Codemash 2024, with half-day workshops and determined that either path is best served as a full-day workshop.

co-presenter for this is Sam Gomez

GitHub Actions for architecture deployment and CI/CD

As your team has moved to modernize your applications, you are now looking to create robust deployments utilizing GitHub Actions. You know that you will have the responsibility to create pipelines that will both deploy architecture and also the application code.

In this session, you'll learn how to create GitHub Actions that will deploy your architecture using ARM or Bicep to Azure. You will learn about the various parts of the GitHub action, including steps, jobs, and tasks. You'll learn how to create service principals to authorize your GitHub action to deploy to your Azure subscription, and you'll learn how to store the relevant information in GitHub secrets so that the two services (Azure and GitHub) can play nicely together. You'll also learn how to set an environment to ensure that you don't deploy to the wrong subscription if the pipeline is triggered incorrectly.

You'll also learn how to create various triggers on the pipeline, either for push or pull-request, as well as manual workflow triggers. You'll also learn how you can build single-stage or multi-stage pipelines, and how to require the first stage to complete before the second stage will execute.

Your multi-stage pipeline can be useful for either a dev/prod deployment or an architecture/app deployment in multiple environments.

At the end of this session, you'll have the resources and information you need to create robust deployment pipelines for your team, both for the architecture and for the application deployment itself.

This is an introduction and overview that shows some various approaches to building pipelines. Some time will be spent on a few basics of the YAML and layout of the pipeline, what sections are for, and how it all works. No time will be spent on creation of Bicep/ARM or application code. This talk is all about the pipeline and leverages pre-built bicep and an azure web application.
This talk will mention tools for code scanning and other additional devsecops concerns, but will not cover them.

Navigating Azure's Container Services for Cloud-Native Applications

Choosing the right service for deploying cloud-native applications can be daunting with the array of options available. Whether you're scaling to handle massive workloads, running short-lived jobs, or maintaining constant availability for low-traffic applications, selecting the appropriate service is crucial.

This talk will concentrate on Azure's offerings for deploying containerized applications to the cloud. Through this session, you'll gain a comprehensive understanding of when and why to use:

- Azure Container Registry
- Azure Container Instances
- Azure App Service for Containers
- Azure Container Apps: A serverless platform suitable for both HTTP and non-HTTP applications that need to scale dynamically, including to zero.
- Azure Kubernetes Service (AKS)

By the end of this session, you'll be equipped with the knowledge to make informed decisions on which Azure service to use for your specific container deployment needs, and have a solid understanding how to get up and running in all the services.

This talk presents the attendee with information about the listed services and how to choose the correct one for their applications, with quick samples of each service in action.

The Independent MCT’s Guide to Life, the Universe, and Everything

Are you ready to explore the freelancer/independent galaxy? Armed with your proverbial towel and an insatiable sense of adventure, this session will guide Microsoft Certified Trainers (MCTs) through the highs, lows, and the exciting opportunities of freelancing. Inspired by the interstellar wisdom of Douglas Adams’ The Hitchhiker’s Guide to the Galaxy, we’ll chart a course through the infinite improbabilities of running your own show. Discover how becoming a Microsoft Partner opens doors to selling courses and labs, and learn how to wield tools like AI and Copilot to supercharge your productivity and creativity. Whether you’re already navigating the galaxy or preparing for your first hyperspace jump, this talk will leave you with practical advice, memorable metaphors, and a fresh perspective on freelancing life. So long, and thanks for all the contracts!

This talk is designed for trainers who want to do their own thing but don’t have the "big training partner" capability of multiple MCTs on staff. We’ll explore everything from taking contracts to creating a company and becoming a partner to achieving success as a Freelancer in the MCT world. Topics include leveraging AI tools for productivity and enhancing training, understanding key rules and gotchas that trainers might encounter, and navigating the often-overlooked administrative side of training delivery (not just the technical side). Whether you're just starting out or looking to level up your independent journey, this session is your guide to freelancing success