Visual Studio Licensing Explained

Introduction

The objective behind today’s post, is to serve as an overview for all those who want to learn more on Visual Studio Licensing. In my role as a Specialist in the field, I have gotten a wide range of questions on the subject. These range from license specific exceptions, towards benefits and ending up in full range license optimization exercises.

 

Visual Studio Editions

In terms of Visual Studio, there are currently four editions used ;

  • Visual Studio Code
  • Visual Studio Community
  • Visual Studio Professional
  • Visual Studio Enterprise

Where Visual Studio Code and Visual Studio Community are free, they do differ quite from the others. Where we will go into the detail of those in more detail individually. To get a full feature comparison between Community, Professional & Enterprise, do check out this page ; https://visualstudio.microsoft.com/vs/compare/

 

Product Terms

Looking for the product terms? You can find them here ; https://www.microsoft.com/licensing/terms/productoffering/VisualStudioSubscriptions/EAEAS

Continue reading “Visual Studio Licensing Explained”

Azure DevOps Governance 101 – How does Identity, Billing and Service Endpoints intertwine?

Introduction

A common discussion I have had in my role is around the “billing structure” of Azure DevOps. Though the discussion typically spreads out to other topics like identity and service connections for deployment. In today’s post, we’ll go over the general governance structure behind Azure DevOps.

 

High Level Structure

For this, let us start with a complex drawing! 😉

 

As a bit of an introduction ;

  • Azure Active Directory is a component used for identity on both the Azure DevOps side (organization level), Azure Subscription and on the contract level for Role Based Access Control (RBAC).
  • Azure DevOps has the concept of an organization, which can hold multiple projects. The billing & identity part reside on organizational level (marked in red). Where the service connections for deployment (pipelines) resides on project level (marked in green).
  • There can only be one AAD linked to an Azure DevOps subscription. Though you can invite users from another AAD tenant via a typical B2B invite. Thus granting access to users outside of the AAD tenant linked to that organization.
  • There can only be one Azure subscription linked for billing. Though you can have multiple Azure subscriptions linked as service connections for deployment.
  • Multiple Azure DevOps organizations can use the same Azure subscription for billing. This will even allow the scenario of multi org billing.

So far for the basics… Let us now delve deeper into various topics.

 

Billing

Each Azure DevOps organization is linked to an Azure subscription for billing. If you want to learn more on how to set this up, do check out this documentation page.

Next to that, you can also link multiple organizations to the same Azure subscription. Which then provides you with the ability to enable the concept of “Multi Organization Billing“. The advantage is that you can consolidate the user costs across organizations. Where if each organization would have their own Azure subscription, though the same users would be part of multiple organizations, they would need to pay multiple times. This you can mitigate by leveraging the same Azure subscription for billing purposes.

A common question here is the ability the share pipelines across organizations… This is not possible. The number of concurrent pipelines is linked to an organization and cannot be shared across.

 

Identity

Azure DevOps also provides you with the ability to integrate with Azure Active Directory. Want to learn more? Do check out this documentation page.

If you want to invite people from outside of the linked tenant, you can do this via a B2B invite. There is also no relationship with the AAD tenant to the linked Azure subscription for billing, or the one used on the billing aspect of your contract.

 

Deployment

Next to using an Azure subscription for billing purposes… You can also link Azure subscriptions (or other cloud services) via a Service Connection. This connection is the link you can then use in your pipelines. There is also no required link between the Azure subscription used for billing, or the ones used for service connections.

 

Closing Thoughts

As always, I hope this helps! Governance scenarios are common for any enterprise and the setup needed to achieve the most complex scenarios does not make the configurable concepts easier… Though no worries, there is a logic behind it. 😉

How to reverse engineer 3rd party mobile API calls with Postman

Introduction

Long story short… I have a heat pump that I can control via an app. At the end of the day, there is no official documentation on how I can directly (without the app) communicate to my heat pump. So I embarked on a journey to reverse engineer the API connectivity and see how I could tweak this. For those curious, my end goal I have in mind is to align the heat pump to the production of my solar installation. Or just call me a technical nutcase, that also works. 😉

 

Setup

For today’s post, I will show you how you can combine the native proxy function of your iOS device to route to Postman. Where you can then start tracing the API calls made by a native mobile application. Makes sense so far? Cool! Let’s get to it!

Continue reading “How to reverse engineer 3rd party mobile API calls with Postman”

Moving an existing CosmosDB database/collection to CosmosDB Serverless when using MongoDB

Introduction

If we go several years back, I already leveraged the instant scaling of CosmosDB… Recently a new plan has been introduced to cover this behavior, being the Consumption Based / Serverless option! For a new project I immediately started using this one, and I am very happy about it. Where I came to a point where I said to myself, let us migrate the other databases (where fit) to this option too. For today’s post, I will go into the differences I noticed… and hopefully save you some time looking up things. 😉 Though be aware that I have been leveraging the MongoDB API/endpoint.

Continue reading “Moving an existing CosmosDB database/collection to CosmosDB Serverless when using MongoDB”

See what your users are experiencing with Clarity!

Introduction

A while back Mike was telling me he discovered “Clarity” existed and that I should REALLY take a look at it. I remember in initially was a it sceptic also thinking about where the potential overlap was with “Application Insights“.

As I have been working on a new project, I decided to take it for a test spin, and I must say I am impressed! Clarity is a simple and free service that allows you to see what your users are seeing. Plain “simple”… nothing more, nothing less. It will provide you insights on the usage, heatmaps of your web app and session recordings of users going through your web app. Which will help like a lot when you want to refine your user experience!

Quick skim through the service

Once signed up you are prompted to create a new project ;

Continue reading “See what your users are experiencing with Clarity!”

Identity based security for LogicApp to LogicApp communication

Introduction

For today’s post we’ll go through a simple (yet powerful!) example that shows you how to securely communicate between two LogicApps. For this we will leverage the concept of managed system identity on the sender and access token validation on the receiver.

Conceptual

To get a bit of an idea of the flow, let us take a look at the drawing below…

The sender (LogicApp on the top left) is foreseen of a Managed System Identity in AAD. It will leverage this capability to get an access token from AAD. In addition, we will include a specific audience in the scope. This refers to an application object inside of the AAD tenant.
This token will then be included in the authorization header (as a JWT token) towards the receiver (LogicApp on the top right). The receiver will validate the JWT token by checking the public keys of the issues (AAD). Next up, it will check if the Issuer and Audience provided match the defined policy. If all is okay, then it will accept the request.

Continue reading “Identity based security for LogicApp to LogicApp communication”

Azure Serverless Compute Options

Introduction
A bit less than a year ago I blogged my opinion on “Cloud Native”, where the objective of today is to provide a bit more nuance to this previous post. Let us categorize it as “progressive insights”, due to having these type of discussions on a virtually daily basis. Therefore I wanted to share this with a broader audience, as I expect this is valuable to all. Where I will also try to make it a bit more tangible to link it to “Serverless” options in Azure.

Continue reading “Azure Serverless Compute Options”

Logic Apps ; When do I go for a consumption or a fixed pricing model?

Introduction

Today’s post is about the Logic Apps billing model. As you might know, the Integrated Service Environment has been generally available since May 2019. Since then, there is a consumption plan and a fixed price approach for Logic Apps. Lately I have noticed that this still remains confusing… Let us try to demystify this one then? 😉

 

Bibliography

Continue reading “Logic Apps ; When do I go for a consumption or a fixed pricing model?”

How to estimate the costs of your Azure Kubernetes Service (AKS) cluster?

Introduction

Aside from the variety of technical questions, a very common discussion around Azure Kubernetes Service (AKS) is … “What will it cost me?”. In today’s post we’ll dissect how the pricing dynamics work and how you can optimize the cost for your cluster(s). Where this might not be rocket science, I do have noticed some organizations struggling with this. So with this I hope to help those out… 😉

Continue reading “How to estimate the costs of your Azure Kubernetes Service (AKS) cluster?”

Cloud Native in the Enterprise ; What about outsourcing?

Introduction

At the beginning of the month Geert posted the following question on Twitter ;

Where the “depends” was a common word to be found in this thread. 😉 So let us delve into this today, shall we?

Continue reading “Cloud Native in the Enterprise ; What about outsourcing?”