- Azure Sentinel—A real-world example - Tue, Oct 12 2021
- Deploying Windows Hello for Business - Wed, Aug 4 2021
- Azure Purview: Data governance for on-premises, multicloud, and SaaS data - Wed, Feb 17 2021
The problem
Two main problems exist with the current portal. As the list of services that Azure offers has grown, so has the list on the left (I count 30 in my list today). Every new service gets its own icon, and not all of them are easy to identify at a quick glance.
The old Azure portal
But, more important, the approach in the current portal is resource focused. Each type of service has its own area; however, what if you need to create an application or a service that spans different Azure resources? You end up managing the backend database for an application in one place, the service bus connection in another, the VMs in a third one, and so forth. And the billing for all of those parts is listed separately so it’s a lot of work to collate that information on a per-application basis.
The solution
Taking its cues from DevOps principles, the new Azure portal is application focused. That is, you can use a template or put together the parts yourself for a particular application, and you can work with that as a single entity—a resource group. Microsoft’s premier example is a multi-server SharePoint farm, with all the VMs and other components, managed as a single entity, including expected billing for it. And you can delete the whole farm in one go. Resource groups also span IaaS and PaaS services in Azure. Not all Azure services are available in ARM or the preview portal yet, however.
The new portal is written completely in HTML 5, making it work well on all modern browsers, including your phone. The richness of the UI really shows the power of HTML 5.
Azure portal on a smartphone
Basic navigation
If you don’t have an Azure subscription, get a trial subscription so you can try out the following short walkthrough yourself. Then, head to https://portal.azure.com and log in.
The first thing you meet is the start board (sometimes called the dash board), which resembles the Start screen in Windows 8. Note that the same controls are also being used for the new web-based remote interface for Windows Server 2016 (not available in Technical Preview 3) and, of course, the Azure stack, so expect to see more of this style of web-based UI in the future.
On the left is a list of icons. Click the hamburger icon in the very top left to expand the list to include titles. The service health tile recently changed from showing the overall health of Azure globally to only showing the health of your running resources and any issues related to them.
Right-clicking a tile lets you unpin it from the start board or customize the size of the tile (see, I told you, it’s like Windows 8/10). Just like in the old portal, you can change the theme of the portal to one of four exciting flavors simply by double-clicking an empty area. The tiles on the start board are live and will update their information without you having to refresh your browser.
Let’s start by creating a new resource. Simply click the green New sign in the top left and select Compute, and you’ll be presented with a list of the most common types of VMs. Clicking Marketplace will take you to the full list of VM types available from Microsoft and third parties. Each of these areas that “slide out” is called a blade. Close the marketplace blades with the X and select Windows Server 2012 R2 Datacenter.
Notice that you have to choose the deployment model (classic or Resource Manager). This split personality is something that you have to get used to until all resources are ARM-based and available in the new portal. If you have existing resources that were created the old way (in this case, a virtual network that you want to connect to), select classic; otherwise, select Resource Manager.
Step through the four pages of information to enter for your new VM and click OK. This wizard-like process is called a journey. If you abandon a journey and do something else in the portal, the portal actually remembers what you were up to. Next to the Microsoft Azure text in the top left, you can click the down arrow to access recent journeys and blades. After you start filling up your screen with blades, you can use the minimize button to move them to the left side.
Creating a VM in the new portal has some advantages. Under the optional settings, you can define IP settings and domain join settings and turn on deep performance and diagnostics information. Although you could do this for VMs in the old model, these settings were only available through PowerShell.
Choosing settings for your new VM
If you’ve created many resources, you probably can’t pin them all to the dash board. Clicking All resources gives you a list of all your resources. You can filter this list based on your subscription (if your account is associated with multiple subscriptions) as well as free text you enter into Filter items.
Customizing all resources based on subscription
I would be remiss not to mention the keyboard shortcuts. H shows the start board and N shows the New hub. J moves focus to a prior blade in a journey, K moves it one blade forward, F moves to the first blade, and L moves to the last one.
Delegating access
One of the most exciting (and long overdue) features is the ability to delegate access to resources through Role Based Access Control (RBAC). Today, RBAC is still somewhat limited in that you can’t create your own custom roles; however, it’s still a lot more flexible than what is available in the old console.
Your new VM will have its own tile on the dash board. Clicking it will take you to the settings for it. On the essentials tile is an icon for people; clicking it opens the Users blade, and clicking Add lets you pick from one of the six built-in roles and then add user accounts to the role. These can be in your Azure AD (potentially synchronized from your on-premises AD), or you can invite external users who have a Microsoft account.
Picking an RBAC role for your resource
There’s another dimension to this as well. If you go to the bottom of the left-hand menu and click Browse, you’ll see all the different resources in the preview portal, including audit logs. Here you can see all actions you’ve taken and what steps that Azure took in response to those actions. You can filter this list based on subscription, resource group, resource type, and time.
Viewing the audit log
Tag – you’re it!
Next to the people icon is the tag button, which lets you create custom identifiers for resources. You could, for instance, have a tag for a department in your business with all the different departments as values. By associating a resource with one or more tags, you can group all resources with a particular tag. This feature is especially useful for billing because it’s now MUCH easier to see the monthly costs for all Azure resources that Marketing uses.
Customizing everything
The whole point of the new portal is that it lets you build custom “windows” to show just the resources you need to manage and just the right information for each of the resources. Clicking the three dots in the top right corner of your VM blade and then clicking Add tiles lets you pick from appropriate tiles for your resource. Selecting Customize instead lets you right-click any tile and resize it or pin it to the dash board.
Recently added is the ability to simply hover over a tile (technically called a part) to access the customization menu. If you click the blue edit text on the CPU monitoring tile, notice that you can select the time period that the graph shows as well as add other relevant performance counters. If you go to All settings, Diagnostics for your VM, you can turn on more in-depth event and performance-related information. You can also set up alerts to send you an email when your chosen threshold is breached.
You can add extensions to your VM for anti-malware, as well as add the access extension that lets you get to your VM even if you have forgotten the username and password or blocked the RDP port.
Resource view of Azure
For developers, there’s tight integration between Visual Studio online and web apps. You can create a VSO project directly from within the portal. And, if you go to https://resources.azure.com and log in, you can explore your deployed resources from an ARM perspective.
Summary
Don’t forget to delete your VM or at least stop it; doing so using the portal also deallocates it so that you’re no longer paying for it.
The power of the new portal can’t be underestimated. This short “how to” has just scratched the surface of setting it all up just how you like it. The best way to learn the portal is to play around with the tiles, customization, and different resources—something that I find a lot of fun.
