Welcome to episode 359 of the Microsoft Cloud IT Pro Podcast recorded live on October 31st, 2023. This is a show about Microsoft 365 and Azure from the perspective of it pros and end users where we discuss the topic or recent news and how it relates to you. Microsoft applied skills as a new skilling platform to get hands-on experience in a lab environment that Ben and Scott dive into today.
They also discuss an upcoming roadmap item related to conditional access policies as well as ways to keep up with these messages in the Microsoft 365 message center. Finally, they wrap up the show with a new SKU coming to Azure Bastion, a Microsoft developer SKU that offers a lower cost option for Bastion with a few less features than the standard SKUs.
I had something I was gonna start off with but now I can't even remember what it was because it's just been that type of a week where we've meant to record like three different days and finally got around to it. . It happens, you know, life comes at you fest. It does, yeah. There was something I was thinking of that I was like, oh, I should kick off with that, but it's gone. So we might as well just jump into whatever else we wanna talk about.
Whatever else we wanna talk about. I have some stuff for you if I. Yeah, we have like a bunch of random news. This is gonna be a random news episode. If I can be so bold as. To Okay. Take over your show for just a moment. So we've talked a bunch about certification and skilling in the past and just overall changes in certs and role-based certs and all that stuff, particularly in the context of Microsoft 365 and the Azure certs, things like that. So a couple of observations.
So one, you and I had to recently renew our Azure infrastructure cert . One of the most interesting things to me about that beyond like how overjoyed I am, that the new certification process, no recert process no longer necessitates me going into a facility or sitting online with a proctor. Like I very much like that, but I was kind of surprised, I don't know if you've kind of had this same thought, but the score to pass on research has been dropping and dropping and dropping over time.
You and I did that on the same day and you know, we chatted afterwards and it was something like crazy. It was like you only needed like a 40% score to pass it. Yeah. Like not 60, not 70. It was extremely low on the bar. So I thought that was kind of interesting, like is that because certs are becoming too hard? I can't say I was a, you know, without getting too deep into it, I can't say I was a fan of many of the questions.
Like I would say 50% of them didn't make any sense anyway. So, you know, good luck if you can score 50%. Like maybe that's the thinking , but I thought it was kind of interesting that it was a low number of questions and it was potentially a low bar to pass on that side and I've seen people talking about it in other places to MAs it on and and threads and, and Facebook and, and all the socials, let's just say things like that.
So I don't know what your thoughts are on the certification side of it, but really weird kind of strange experience. Like what, what's the bar? Does the bar drop to 20%? Does it just drop to 0% in research go away? I don't know that that's valuable. Yeah, so 42% like I can't remember. It's, I wanna say it was like 25 to 30 questions. 42 percent's like getting 10 out of 25 questions, right? Like that would be failing in most cases.
And I saw some other people like you that were talking about it and I think I did see, and I can't remember where, so I don't have the source that there was some fluctuation in what that required percentage was based on the different exams. Like the one we just renewed was the Azure solution associate or something like that. It's the. Infrastructure one, yeah, the 1 0 4. Yeah. I wonder if the expert ones have a higher passing score, but I'm with you.
Anything that has a 42%, like does it really mean anything at that point in time? If you can get more questions wrong than you do, right, like , that doesn't seem like you could be certified. , especially when you have access to the internet while you take it like like right. There's not much of a timing or a pressure component here. Like you can just whip open a web browser and do whatever you need to get done there. So. I'm with you. It seems to be very much diluted.
I love the new certification process. I love the, or the renewal process. I love the fact that you can use learn in the exams. I haven't actually gone and tried one yet with that, but I agree. I feel like if you have an open, essentially an open book policy, the level required to pass should be going up not down because I do, I think it just dilutes the value of all these exams that anybody can go get a 42% um, search through the answers and all that.
But I would agree some of the questions were just like, here's a problem with open book. They have to write 'em so you can just do a quick search and find the answer. So I feel like they try to throw a trickery in there, which just leads to some very convoluted type questions. I don't know, the. Questions have always been convoluted. I feel like this has reached a new level of convolution though It.
Was an eye-opening experience for sure. But anywho, not to like rabbit hole too much on certs, but I don't know if you saw these, so there's, there's a new offering out there from Microsoft in the um, skilling credential space and it is called Microsoft Applied Skills. Have you heard of these yet? The name rings a bell but I don't remember where, I don't remember if we've talked about 'EM before as they were coming or if there were some other calls that I was on somewhere. These.
Are brand, brand new. They came out in between the time you and I last talked. So this is kind of a hot off, hot off the presses thing. So applied skills are a new skilling credential. I would say they're a skilling credential and not a certification. I think there's some, there's some nuance there in in the way they're positioned and
what they are meant to do. But broadly, I think if you take a step back and you think about it, so the role-based certifications are there to validate and verify technical proficiency or technical proficiency
in the context of concepts. So conceptually, you know like in the case of like an IS exam, what's AVA versus a vm, how do those compose And then maybe some down in the weeds kind of nitty gritty like what's a constraint of deploying a fashion host or a firewall in this kind of vnet or peering these kinds of things or what does container storage do with blah blah blah kind of thing.
But I think that's more high level even though it can get down into specific questions, it it's still broad, it's very wide and maybe not as deep as it can be due to the breadth that's there. So certifications, when you pass the certification exam they come with a certificate that says hey we have validated and we being Microsoft in this case has validated your technical proficiency in in this given
area. Like within this set of skills, again, we're thinking like kind of like width or breadth of over depth kind of thing. And applied skills kind of come at it from another angle. And I actually really like this 'cause I've been kind of pining for this potentially in Microsoft exams for a long time in that applied skills validate your technical proficiency in a specific skillset or area.
So where a certification exam today for the most part, most of the certs that are out there are role-based certifications. There are some specialty ones but even those don't get you like hands-on keyboard to validate applied skills are project-based and they get you hands-on keyboard in an interactive lab like a real live in the case of Azure, Azure environment. Not like one of the goofed out faked out environments like in a certification
exam. But more like an honest to goodness like hey we're gonna spin this up and validate that you can do A, A, B, C and D along the way and accomplish a specific set of tasks in you know, kind of a prescriptive amount of time to validate that you know what you're
doing. So rather than validating technical proficiency for width and not depth, this is kind of like going the other way and saying hey let's pull it in and ringfence it and get super specific like maybe we talk about storage versus just Azure Monitor and those are both different applied skill things that you can go and take. So they're all on demand.
Like it's not like a certification exam where you need to sign up online, go find a Pearson Center or schedule time with a proctor like just on demand in a web browser through the portal through clouds shell, through whatever kind of tooling you have along the way. And they have a whole bunch of these out. Like there's not a lot but I actually consider it like a pretty good set to
start with. So there's securing your storage with Azure files and blob storage, there's an applied skilling course Azure Monitor, there's deploying containers using AKS, there's implementing security through Azure DevOps, there's even one on configuring your C and and your security operations doing like all your SecOps using Microsoft Sentinel. Keep forgetting all the renames that they have in here. There's one on power Automate, create and manage automated processes by using Power Automate.
And then there's a whole bunch more of them that are supposedly coming and are going to be announced at Ignite in November along the way.
And just like a certification gives you sitting down for a role-based certification and passing it gives you like a piece of paper a a cert that says hey you've done this thing and applied skilling course when you get out the other side, should you meet all the requirements of the project that you're given, you too will get a verifiable credential on that side to say like Hey I went tinted this thing, I don't know in like I'm kind of 50 50 on it but in many cases, you know,
I think it's really kind of cool like I might actually look for people with hands-on keyboard experience in the case of a verified credential and applied skilling over sometimes the width that comes with a role-based certification exam. Yeah, we'll have to go give some of these a try because like you said there's eight of 'em right now primarily in the Azure space. Uh, I think there's one GitHub that you could argue asp.net core web app that consumes an API with GitHub if that's Azure or not.
There's the one Power automate one, there's one for Microsoft Defender for cloud which is still kind of Azure and then there's like six Azure ones. So it is, I'm gonna have to go give one or two of these a try. There's nothing really around Microsoft 365 yet unless you consider Power automate Microsoft 365. And I'm wondering if that's just a harder environment to create one of these in.
I feel like standing up an Azure resource or doing some stuff with Azure networking or core web apps, that's a lot easier to spin up like a hands-on keyboard skilling environment with that than like a brand new Microsoft 365 tenant with the right data and stuff to actually do anything meaningful. A couple of things to watch for with this one. I would encourage folks to go and take some of them.
I think Microsoft has been overly ambitious maybe in their categorization of some of these and maybe I'm, I'm, maybe I'm too close to some of it. Like I will fully admit that. So like I went and took the the blob and files one and it's tagged as an intermediate and it's really more like level 100 like hey beginner. Yeah getting hands on with these kinds of things. So that's okay. I think, you know, that gets figured out over time.
One of the other kind of thoughts that I had and I saw it pop up a lot in the comments on the tech community post about this one as well was does this dilute the value of certifications like those role-based certs in some way? 'cause you're gonna see folks that are gonna go out much like they do with certifications today where they take like 10 certs.
You're gonna see somebody go out and take like 50 applied skilling things and just bang, bang, bang, bang, bang, bang bang, like do them all and all of a sudden you're gonna walk out the other side with having a hundred Microsoft credentials inside of a inside of a week kind of thing. And I've actually seen some of that on LinkedIn already, like a whole bunch of like, hey I did this, I did this, I did this. Like yeah, I, okay, you took a hands-on lab, I got it . Right, all good.
Glad that you did it kind of thing. Glad you did it in general. I I like kind of the, the diversity that comes from this like you know, for the folks that need it, I would also potentially look at it as a way for people who are looking at the certifications.
Like if you're looking for other ways to get hands-on and validate before you take a cert, potentially good for that as well because I think that's one of the things that often misses in certification land, particularly in like the weird era we're in now where brain dumps and things are accessible and people do do those kinds of things right? Like you know, maybe you have less motivation to do that if you can just go get hands-on in what is today a free way to do it.
Like they're free for now I have to imagine these cost money at some point because they are running up services and compute just to get them done. Like you're, you're in a real Azure environment when you're doing it.
One last kind of thing to watch for with these is certification still, and I think you're mindful of this, still count towards things like partner requirements and meeting the bar to be in the, the partner network or one of the ISV programs at Microsoft and these credentials from Applied Skilling currently do not apply to things like the partner program.
So if you're in say like the cloud partner program and and you're an ISV in there or you're doing kind of the legacy MPN thing and haven't fully rolled over to one of the new partner programs yet, these do not count for, they do not count for that. Well and I don't know if you mentioned this, I didn't realize when you were saying to the assessments that these are also still timed. So if you go in to sign up for one of these assessments. Yeah they are.
Yeah it gives you a learning path similar to the certification like for the sim for Sentinel, they have a learning path through Microsoft to learn that they recommend you go through for Sentinel and then the assessment it does say you will have two hours to complete it. So it's not like you can just go in and take this assessment and take your time working your way through it and looking for all the answers and how you do
stuff. And again, I haven't taken one yet so I don't fully know what the experience is, but you do have a time limit in order to complete it and I can imagine one, it's maybe to validate that you do know it but to your point also is that they're spinning up resources, they just don't want a bunch of these running for 5, 6, 7 hours if you take a day to complete it. They wanna be able to spin up resources and spin them back down to save on their backend cost for. These over time.
I imagine these almost have to cost money and and I think that's even weirder when you try to position them like now where do they sit in the world of, well I already have an Azure environment, like maybe I'm like a visual studio subscriber or I get access to Azure through my employer or M 365, like wherever these things end up baking out. Like if you have access to power automate licensing, like is the credential the important thing or is the hands-on time with it
important? I have seen some things, you know on the socials as well about them potentially being a little bit buggy and like timing out kicking you out of the environment and you can't get back in for a couple days so your mileage may vary. Yeah, it's relatively new like this totally came across as kind of like a pre-announcement like hey here's a little bit that we have going on just to give you a tease and you know there should be some more about it at Ignite.
Huh? We'll have to watch Ignite and see what comes out. But that is interesting. I'm gonna have to go take at least one of these and see what it's like. You should. Do the power automate one, do one that like you're familiar with, like I said, I I did the blob one, do the power automate one just to see, just to see what you think about the way it's frame framed up or if there's another one in there. I know you've been spending a bunch of time on Sentinel and a couple other things.
Yeah I might do Sentinel too. Yeah. But go go in blind like definitely take it blind and see how it goes. Do you feel overwhelmed by trying to manage your Office 365 environment? Are you facing unexpected issues that disrupt your company's productivity? Intelligent is here to help much like you take your car to the mechanic that has specialized knowledge on how to best keep your car running Intelligent helps you with your Microsoft cloud environment because that's their expertise.
Intelligent keeps up with the latest updates on the Microsoft cloud to help keep your business running smoothly and ahead of the curve. Whether you are a small organization with just a few users up to an organization of several thousand employees they want to partner with you to implement and administer your Microsoft Cloud technology, visit them at intelligent.com/podcast.
That's I-N-T-E-L-L-I-G-I-N k.com/podcast for more information or to schedule a 30 minute call to get started with them today. Remember intelligent focuses on the Microsoft cloud so you can focus on your business. Alright Scott, so I have another question for you. Yeah. Have you ever wanted, I don't know if I wanna do that roadmap item, let's do this roadmap item, that roadmap item's a little ranty.
This one is a little interesting and I think something that people should be aware of is I saw this one come across and I'm curious to see how it comes to fruition and how it gets rolled out because this is, it's almost going back to something Microsoft used to did used to do. So this was added to the roadmap back on October 24 and starting in November. So I mean it could start already tomorrow from when we're recording, we're recording on the 31st.
By the time people hear us this may be well underway. Microsoft is gonna start automatically protecting customers with Microsoft managed conditional access policies. So what it sounds like Microsoft is doing, and we just spent a little time digging through this and looking through what we could find, I cannot find any docs on it like un [email protected] or any official announcement in tech community or any of that.
But Microsoft is going to create and enable a and this, I found this on Twitter, you told me to get off Twitter but I'm still on it and this is where I found it. They're gonna create a Microsoft managed and MFA for admin portals. So forcing MFA for accessing all your admin portals, MFA for per user MFA users. So I think this may be in kind of advance of maybe trying to get away from the per user MFA that's considered legacy at this point in time.
And then MFA for high risk sign-ins, which high risk sign-ins is a Azure ADP two feature. Mm-Hmm . So I'm assuming that. It is. They're also gonna look at a. Little bit of upsell in there, right? I'm assuming like maybe they look at your licensing if you don't have any Azure AD premium, maybe they're still doing security defaults and if you have P one you'll get like the first two admin portals and per user MFA and if you have PE two maybe they'll add and enable the MFA for high risk sign-ins.
But if you aren't paying attention and someday you randomly go in and you have all these new Microsoft managed conditional access policies or M FFA starts behaving differently in your tenant, this could be what's happening And they do say in the Microsoft 365 roadmap that all eligible tenants will be notified prior to this rollout. So you should get a notification.
The other thing I have not seen anything about is like I already have some of these policies or policies that meet this criteria enabled in my tenant. So if you already have these, will Microsoft just not add them? Will they kind of intelligently look at, oh they already have an MFA policy that covers admin portals so we're not going to deploy it. Will they still push it out there but not enable it? If you disable one of these, will they automatically get re-enabled?
There's a lot of interesting things because of the effects conditional access can have on your tenant as to how this will actually function going forward. TBD, so there's some, there's some weird language in the roadmap side of things. So it says all eligible tenants will be notified. I'm imagining that like in the back of my head I'm thinking great, you're gonna have to go and watch the message center. Like that's how you're gonna be notified if you are eligible, right?
So hopefully they are looking at those licensing components like and figuring that out like the whole ADP one versus P two and and kind of how that manifests. So like makes sense, right? I think they that they should do that but really, really weird. Like what are they gonna consider eligibility here? Is it going to be based on your licensing? Is it gonna be based on some kind of like minimum threshold for licensing? Like not a ton of clarity in how that one,
how that one manifests itself. So yeah, especially with kind of the broad coverage right between MFA for admin portal MFA for per user MFA and then like you said the MFA for high risk sign-ins as well. Yeah. And the fact that it technically could start hitting tenants tomorrow and there's no, again, there's no documentation that I could find. The only thing I've found from Microsoft official is the roadmap item. To. Be fair, the roadmap does, item does say you'll be notified, right?
I speculatively think that hey, that means you're gonna get a message in the admin center. My concern there is, and and I've seen this time and time again as Microsoft rolls out these new things is people don't read the admin center no matter how many times they've sent you the message, you don't see it there.
So I get that's not Microsoft's fault that you know, we as customers aren't following along and that they're doing everything they can to enter into this world of kind of secure by default posture. Like hey really can't fault anybody for that. It would be great to see them do more messaging about how to and more kind of prescriptive guidance about how to stay up to date with these things.
Like I would love to see, you know, like a targeted campaign going out to M 365 subscribers, particularly tenant uh, admins or service admins, uh, who are also potentially gonna be going in and looking at those things or the folks who are responsible for change management in an organization just to get them up to speed and help them understand things like best practices for cadence to check the message center.
Where do those emails come from to make sure that you know, they're, they're not being black hole someplace in your spam filter or something else. Like, you know, I think Microsoft is really good about telling you like, uh, hey we run this service under these ipss or you know, these are the FQ DNS that you need to potentially whitelist in your firewall for outbound communication. Like you need to be able to go for like M 365 to like this blob storage account to be able to download this thing.
They give you all that knowledge in the docs but they don't necessarily give you the other side of it, which is like what should I as a customer be looking out for and how often should I be doing it and what's the right cadence for me to be doing it? All right, so like should I be looking at the message center daily, weekly, monthly, what are the email addresses these come from and how do I make sure that they're not sent into the black hole abyss of a spam filter?
Heck, what's the email address you send it to? Like we've talked in the past about like the whole like Azure thing with admins versus COAD admins and how like, you know, service alerts and resource health alerts and things like that come out. Like it's a bit ambiguous about who gets emailed when these things happen and whether the folks getting emailed even have like valid mailboxes, . So, and I'd love to see Microsoft just do a little bit more on that side.
Yeah. And the message center in Microsoft 365 since we're talking about this, has gotten a little bit better in terms of email. Like if you go into the preferences you can go customize your view and choose which messages you wanna show or which services you wanna show messages for. And then they do have an email tab where you can receive email notifications to the primary email and it'll tell you which one it is or other email addresses
and then choose which emails you want to get emails for major updates. But. You have to go in and do that stuff. But you do have to go in and do it if.
Nobody ever tells you to do it, how do you know to do it True? Like it's a, it's a little bit of a chicken egg problem there and over time, like as they've adjusted the message center and they've kind of opened it up to you know, restricting certain admin roles from having access to it and then opening up like specific roles that have access to it for like folks in your change management organization or things like that.
Like I don't always know that that next click stop happens of actually communicating like, great, I gave you access now here's what I expect you to do with that access. Yeah. So that everything goes down the happy path. There's also something I've played with this before, I don't use it because it's really just me, but another interesting feature that they do have in the Microsoft 365 message
center is planner syncing. So if you do use planner, you have like an IT team that you want watching all of these, while they may not have access to the message center, you can set up planner syncing so that you can sync tasks into planner based on these updates to the message center, assign people, handle them, archive them off, know that somebody's seen them, et cetera, et cetera. Yeah. Then you need to use planer. . That's tough that that's a tough hill to climb. .
Is. True. I'd never seen that one that that one's actually, that one's interesting. Yeah. I tried it and again for me it was just too much because I'm the only one that caress about 'em. For me it's just as easy to go into my message center but to your point about how often I don't do it as often as I should. If you are running Microsoft 365, you should absolutely be doing it daily.
There's usually at least a handful per day. And then other days, I was just flipping through mine October 26th, they must have gone through and updated a bunch of items. There were 27 updates or messages to the message center on October 26th. It looks like it was maybe seven or eight of the new messages and then they updated like 20 of 'em. Which could be timelines,
it could be usually it's just timelines updated. Yeah, a lot of these are just, we updated the rollout timeline of when it's gonna happen. It's going slower than we thought, faster than we thought, et cetera. But absolutely Microsoft 365 message center. If you're not doing it daily, you should be doing it daily if you care or if you just wanna live on the edge, just wait until something random pops up. . Wait until one day you log into your tenant and purple is green and it's all
just upside down. Exactly. One other news, Scott, I have another roadmap item but I might get ranty on that one. . Depends. On if you want me to rant. Sure. If. You you wanna rant, you can rant. Or do you wanna actually do news? What are you highlighting over here? We. Can go back to Agile land for a little bit if you want. Let's go back to this one 'cause this one intrigues me and I hadn't seen this one yet. Deploy Bastion.
Yes. So, so we've talked about Bastion in the past. I think one of the, one of the friction points with a lot of Azure SKUs is pricing. Like how do you get hands-on with these things with like minimal experience? What's the right way for you to get in and not spend the absolute most money possible upfront? And some services like Bastion can do that they can, they can run away from you a little bit. Like, you know, you've got a bunch of different things going on there.
So one of the new things that happened with Bastion is they recently announced a new developer SKU that's available. So it's, it's out in preview, you know, preview comes with restrictions. So it's only in a couple end user acceptance regions that are out there. North central us, west Central us, west Europe and North Europe to kind of go ahead and get started with it. But I didn't see pricing published with it.
But it's called out in the doc like the pricing page on like azure.com hasn't been updated with the new SC U yet, but all the docs are out there on Microsoft Docs. So TBD what the cost is but it's gonna be lower cost than anything else that's out there for bastion today. So it's a dku, it's missing a couple things, particularly like scaling, like you're not gonna have any kind of scale out operations in there. You're not gonna have any kind of advanced security features,
anything like that. You absolutely are still going to need, you know, bastions for accessing your virtual machines in a vnet. So you still need V nets and virtual machines and the right roles and the right ports and protocols and just all those kinds of things set up and ready to go for you. So I think the big differences with the developer SKU and there's some really interesting differences in here. the developer SKU can't RDP to a Linux machine.
But then again neither can the basic SKU of Bastion, which honestly I never realized this and explains a whole lot about the last couple times I've deployed Bastion and have not been able to RDP to my Linux host . Like that makes a whole lot of sense now and it's never told me that in the portal it will not do SSH again or does the basic sku. There's no customization around things like ports. So customizing, import, customizing, inbound ports, anything like that.
Funny enough from an authentication side, like we, we should talk in the future about how Microsoft has been doing a bunch of messaging around to like the future of NTLM versus BERROS and things like that. But even though you can only connect to Windows hosts, you can't do any type of curb off end to that. So I, I thought that was kind of interesting. You also don't have the ability to do some of like the advanced security controls like disabling copy paste, anything like that along the way.
And then I think I called it out but no scaling either. You can't also connect to VMs that are across peered fee nets. So you can do that with both the basic and standard SKUs. So like I said, uh, TBD to see where pricing falls for this one. But in general like I really do like to see these kinds of things come up because the less friction and less cost you put in place of getting hands-on with these types of services, ultimately the broader deployment you can kind of drive downstream.
I think it is a really nice like carrot to hang out there and get customers comfortable with it and say they just get comfortable with it through the portal or whatever and then they're ready to move on to you know, PowerShell for deployment or arm templates, things like that because it's just a skew of bastion. It's not like a whole net new resource provider or anything like that.
Like it's kind of immaterial and and trivial to go ahead and do things like move from the portal to a deployment script using PowerShell or the CLI bicep arm templates, any kinds of those, any kinds of those things. Interesting enough you can also upgrade from the developer SKU to the
basic or standard tiers. So that's very nice to see as well. Like you can start, you can get started with it, maybe you find there's some friction or a limitation there and now that you're comfortable with the service you just want to go ahead and upgrade and get yourself to where you need to be. But it's really just bastion with a lower cost and a lower set of features that are associated with, like I said like all the other prerequisites,
they all stay the same. Like need to make sure you have enough address space, need to make sure you've got a vnet with uh, a subnet with enough address space for that bastion host. You know you gotta be using standard port, standard protocols, all those kinds of things. Yes, I like this one as well 'cause I think you talk about getting familiar with it but I also see this as a way for you to better secure your infrastructure.
It helps maybe Microsoft from a security standpoint because if you ever wanna have some fun turn on a VM you don't care about, you're too cheap or you don't want to deploy Bastion. So you just leave port 33 89 open to the internet and don't bother like limiting it to just your IP address or something and watch how long it takes for that server to start getting uh, hammered with people trying to log into it remotely.
It's incredible. So by turning on something like Bastion two, you reduce that risk, make it a little bit more secure from that remote access standpoint. And a lot of these already servers are already ping into, tend to be kind of in line with the developer skew. They tend to be to be developers that need ARDP into a server to deploy something, to set something up.
So having a lower cost skew to just get Bastion going and have some additional security around that remote access to VMs for your developers is going to be a nice option because Bastion does add up quickly. It's one of those services that you look at the pricing and you don't think it's a big deal, right? It's 19 cents per hour for the basic 29 cents for standard, but then you start reading all the fine print that it is billed hourly from the moment it's deployed until the is deleted.
So if you're turning this on for unlimited access to your vm, it's 19 cents an hour per hour every day you're paying $4 and 50 cents a day times what? 30 ish days? It adds up to $135 a month or so for Bastion unless you're actually going in and creating it and deleting it every time you need to access the server. I wanna see where the pricing lands for this one because even the developer sku, at least from the documentation side, is still gonna be priced at the, that per hour price.
That way per hour. Pricing. So you know, if it comes in at 15 cents versus 19 cents, I don't think that's a material thing that's gonna move, move the needle. We'll see how low it can go given it doesn't have any needs for auto scale or anything like that. If I was to guess, even looking at like standard basic, it's a 10 cents per hour.
If they could get it down to like nine or 10 cents per hour, kind of half the cost or literally move it down, I would love to see that where it's in the ballpark of like 60, $65 per month. I wonder if I go deploy one and just crank it up like I see if it shows up in cost management or something. Who knows if the meters are rolled out yet. We'll see. , I like that one. I'm going to maybe go turn that on too. 'cause I have used Standard, I've used that quite a bit for different VMs that I deploy.
I use Bash in a bunch of places and I feel like every time I use it, like I'm compelled to tear it down because of the price. 'cause lots of the things I'm doing are dev test scenarios. I get that automation's there. But realistically like if I'm doing something to play around for a couple weeks, like it's way easier for me to just keep it on and just pay the cost of it and it would be way nicer if that cost was less. You do better than me. I'm even cheaper.
I just don't deploy it and I go modify my NSG to only allow RDP access from my IP address. There are places that I have to deploy it like I'm compelled by policy. You must. Fair enough. Alright, well that maybe does it for the news for today.
I think I've got stuff to go do that is Halloween today and I have pork to pull for dinner and stuff to set up outside because we are in Florida and we just hang out outside all evening , unlike those northerners that I talked to up in Chicago in Michigan today where it just snowing up there. It's. Gonna be another balmy 80 degree Thanksgiving here in Jacksonville, Florida. So. Halloween Thanksgiving's a few weeks away. Yeah.
Halloween, Thanksgiving, they, they all, they all blend together after a while. One of those holidays, the fall holidays turns. Out they're both events where uh, people get dressed up and just eat a bunch of candy in the United States. So it's. True. I would argue though the Thanksgiving food is way better in the us It. Is. I'm in it for all the pies for dessert. Oh yes, absolutely.
I need to go see which houses have good candy that I need to go trick or treating with my kids and grab some or bribe them to get me some extra. Yours are still young enough to do it. All right, well I'll let you go. Enjoy your Halloween. Thanks and we'll chat again. Alright. Enjoy your uh, Halloween as well and we'll talk again soon. Thanks. Ben. If you enjoyed the podcast, go leave us a five star rating in iTunes.
It helps to get the word out so more it pros can learn about Office 365 and Azure. If you have any questions you want us to address on the show or feedback about the show, feel free to reach out via our website, Twitter, or Facebook. Thanks again for listening and have a great day.