Category: News

OpenTofu has just blown out its first birthday candle and gifted us version 1.9.0, packed with features that make infrastructure management as delightful as a perfectly brewed cup of coffee. -Features that even Terraform itself doesn’t contain!

Key Highlights:

• Provider Iteration (for_each): Ever wanted to deploy resources across multiple regions without duplicating code? Now you can! With the new for_each capability in provider configurations, you can dynamically create multiple provider instances
  provider "aws" {
alias = "by_region"
for_each = var.aws_regions
region = each.key
}
• The -exclude Flag: Think of it as the opposite of the -target flag. This nifty addition allows you to exclude specific resources or modules during planning and application
  tofu plan -exclude=kubernetes_manifest.crds
• Performance Boosts: Significant improvements under the hood mean your deployments are faster and more efficient

Community Growth:

OpenTofu’s popularity is soaring faster than a caffeinated developer’s productivity. The registry now handles over 6 million requests daily, with GitHub downloads nearing 1.5 million—a 30% jump since the last release.

Ecosystem Enhancements:

• OpenTofu Search (Beta): Explore documentation for over 4,000 providers and 20,000 modules through the new search interface
• JetBrains Support: JetBrains’ 2024.3 release now offers OpenTofu integration, providing code completion and other features tailored for OpenTofu projects

Looking Ahead:

The team is already brewing up features for the next release, including a prototype for the OCI provider registry. They’re also seeking community input on related RFCs.

With these enhancements, OpenTofu 1.9.0 continues to empower DevOps professionals, making infrastructure as code more intuitive and efficient.

News: OpenTofu 1.9.0 is available now with provider for_each | OpenTofu

Microsoft has completed its EU Data Boundary project, ensuring that European Union (EU) and European Free Trade Association (EFTA) customers can now store and process their data within Europe. This initiative covers core cloud services like Microsoft 365, Dynamics 365, Power Platform, and most Azure services.

The project rolled out in three phases:

1. Phase 1 (January 2023): Focused on storing and processing customer data within the EU and EFTA regions.
2. Phase 2 (January 2024): Expanded to include pseudonymized personal data, ensuring even data altered to remove direct identifiers remained within these regions.
3. Phase 3 (February 2025): Ensured that professional services data from technical support interactions for core cloud services are stored within the EU and EFTA regions.

While this development enhances data residency and transparency, some analysts caution that true data sovereignty isn’t fully guaranteed. U.S. laws like the CLOUD Act may still grant the U.S. government access to data stored by American companies, regardless of where it’s physically located. Therefore, European organizations are advised to scrutinize these measures and consider local providers to ensure data remains under European jurisdiction without external interference.

In limited security instances requiring a coordinated global response, essential data may be transferred with robust protections to safeguard customer information. Microsoft emphasizes transparency and implements comprehensive security measures, including encryption and strict access controls, to ensure customer data remains protected.

This milestone reflects Microsoft’s commitment to supporting Europe’s innovation, growth, and technology needs as the region moves into an increasingly digital future.

News: Microsoft completes landmark EU Data Boundary, offering enhanced data residency and transparency – Microsoft On the Issues
Documentation: Microsoft EU Data Boundary Overview | Microsoft Trust Center

Microsoft Azure customers worldwide now gain access to HSM Ingress Controller to take advantage of the scalability, reliability, and agility of Azure to drive application development and shape business strategies.

Strid Tech AB today announced the availability of HSM Ingress Controller in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. Strid Tech customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined deployment and management.

“We’re proud to be able to deliver one of the first Kubernetes ingress controllers that can use HSM to offload TLS operations, increasing security for our customers and enabling security conscious companies to move workloads to Azure,” said Ulrik Strid, CEO of Strid Tech. “Making our solution available on the Microsoft Azure Marketplace allows us to provide these capabilities to a wider range of organizations.”

HSM Ingress Controller leverages best in class services from Microsoft like Azure Key Vault and Azure Kubernetes Services to deliver a high security solution. By terminating TLS towards Azure Key Vault, keys stay securely in FIPS-compliant storage. This enables more companies to migrate workloads to the cloud and take advantage of the scalability of Azure. HSM Ingress Controller follows the standard for ingress specifications, making it an easy transition from their current environment.

News: HSM Ingress Controller Now Available in the Microsoft Azure Marketplace – Strid Tech AB
Marketplace: Microsoft Azure Marketplace

Effective March 1, 2025, you can keep your records in Azure confidential ledger (ACL) at the reduced price of approximately $3 per day per instance. The reduced price is for the computation and the ledger use. 

To protect your records, automatically create signatures of your blob storage data and keep those in Azure confidential ledger. For forensics, you can verify the tamper protection of the data by verifying against the signature in ACL. Imagine doing this as you are migrating data from one system to another, or when you need to protect data from insider or administrator risks and confidently report that to authorities.  

If you keep your data in Azure SQL database, you can use their security ledger feature to auto generate record digests and store them in ACL for safeguarding.  You can use the SQL stored procedure to verify that no tampering or administrator modifications occurred to your SQL data. 

What is Azure confidential ledger and what is the change?

It is a tamper protected and auditable data store backed by a Merkle tree blockchain structure for sensitive records that require high levels of integrity protection and/or confidentiality. While customers from AI, financial services, healthcare, and supply chain continue to use the ledger for their business transaction’s archival needs and confidential data’s unique identifiers for audit purposes, we are acting on their feedback for scaling ledgers to more of their workloads with a more competitive price! 

How much does Azure confidential ledger cost?

–          Approximately $3/day/ledger

How can I use Azure confidential ledger?

–          Azure SQL database ledger customers can enable confidential ledger as its trusted digest store to uplevel integrity and security protection posture

–          Azure customers who use blob storage have found value in migrating their workloads to Azure with a tamper protection check via the Azure confidential ledger Marketplace App.

–          Azure customers who use data stores and databases (e.g. Kusto, Cosmos, and Log Analytics) may benefit from auditability and traceability of logs being kept in the confidential ledger with new compliance certifications in SOC 2 Type 2 and ISO27001.

News: Azure updates | Microsoft Azure
Blog: Price reduction and upcoming features for Azure confidential ledger! | Microsoft Community Hub
Documentation: Azure confidential ledger documentation | Microsoft Learn

Microsoft is once again hosting its Virtual Training Days!

Free 2-3 hours online sessions designed to level up your IT skills. From Azure and Microsoft 365 to the Power Platform, there’s something for everyone. A special highlight: participants can get a 50% discount on selected certification exams.

A great opportunity to upskill and expand your knowledge!

https://www.microsoft.com/de-de/events-de/virtual-training-days

Happy learning, and stay curious!