Locale selector icon
Mar202125

Deprecating Functionality for Azure Classic CSP

We are deprecating functionality for classic CSP (Cloud Solution Provider Program for Azure) for just resellers (not tier 2 distributors). For all new features, we will not be including classic CSP in support of the feature. If future issues are identified, depending on the severity, we may not fix them. Please move your customers over to Azure Plan as soon as possible. Note, there are no known issues in the product, but you’ll notice we will not be deriving Resource Groups for classic CSP. There is currently no timeline for full deprecation, but it is something to be aware of for planning. If you have any questions, please reach out to your TAM.

Update to Azure VM Rightsizing Recommendations

When generating rightsizing recommendations for Azure VMs, we will now take into account temporary disk limitations for VM types. For example, if an instance family does not have temporary disks, we will not recommend an instance family with a temporary disk.

Update to FlexReports — Contextual Inline Help for AWS

With the introduction of CloudHealth FlexReports you can view what each measure or dimension signifies by browsing through the AWS data dictionary, which may be overwhelming considering the numerous fields in an AWS CUR. Today, we’re happy to announce that we’ve added inline content in the context of a specific measure or dimension, which helps you to decide which fields to include in the reports. The mouse-over info icon provides the details about the field, along with examples as applicable. Learn more about the FlexReports contextual help in this Help Center Article.

Deriving Resource Groups from Azure Bills — Coming Soon

In the coming weeks, we will begin to derive Resource Groups from EAs and Modern Commerce bills (including Azure Plan). You will still need to configure the Service Principal to collect all information, but also drawing from bills will help with allocating costs in Perspectives prior to granting the Service Principal the necessary permissions on the Subscription.

Updates to Azure CIS 1.3 Policy — Coming Soon

In the coming weeks, we will be releasing our next group of updates to the Azure CIS security policy. The following policies will be added to the default policy:

  • 2.1 Ensure that Azure Defender is set to On for Servers

  • 2.2 Ensure that Azure Defender is set to On for App Service

  • 2.3 Ensure that Azure Defender is set to On for Azure SQL database servers

  • 2.4 Ensure that Azure Defender is set to On for SQL servers on machines

  • 2.5 Ensure that Azure Defender is set to On for Storage (Manual)

  • 2.6 Ensure that Azure Defender is set to On for Kubernetes (Manual)

  • 2.7 Ensure that Azure Defender is set to On for Container Registries

  • 2.8 Ensure that Azure Defender is set to On for Key Vault (Manual)

  • 2.9 Ensure that Windows Defender ATP (WDATP) integration with Security Center is selected

  • 2.10 Ensure that Microsoft Cloud App Security (MCAS) integration with Security Center is selected

  • 2.13 Ensure 'Additional email addresses' is configured with a security contact email

  • 2.14 Ensure that 'Notify about alerts with the following severity' is set to 'High'

  • 2.15 Ensure that 'All users with the following roles' is set to 'Owner'

  • 4.2.2 Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account

  • 4.2.3 Ensure that VA setting Periodic Recurring Scans is enabled on a SQL server

  • 4.2.4 Ensure that VA setting Send scan reports to is configured for a SQL server

  • 4.2.5 Ensure that VA setting 'Also send email notifications to admins and subscription owners' is set for a SQL server

  • 5.1.4 Ensure the storage account containing the container with activity logs is encrypted with BYOK

  • 5.1.3 Ensure the storage container storing the activity logs is not publicly accessible

Amazon S3 Bucket List Price Attribute — Now Deprecated

With Amazon S3 class-to-bucket mappings and boundaries becoming a blur, the bucket list price concept has become obsolete. To adapt to changes in S3 pricing, we deprecated list price columns from the S3 bucket report. If you have any questions about this change, please reach out to us at s3-report-updates@groups.vmware.com. Learn more about Amazon S3 Storage classes in this Amazon S3 User Guide.