Day 452. Continuing the shit from day 451, since the #Azure Portal refuses to show you recently triggered remediation tasks, to figure out if a remediation task is running for your policy, simply create a new one. If the creation fails, one is already running.

Day 451. When triggering a remediation task for an #Azure Policy through the Azure Portal, the Portal won't immediately show you the remediation task. In our case, the remediation tasks usually only show up around 10 minutes after creation, after the remediation already has been completed.

Day 450. #Microsoft's OpenAI ChatGPT frontend probably was developed by some of their shitty AIs itself, because when you want to delete your account, they will translate "DELETE" to whatever language you're using but only accept it when you actually type "DELETE" to delete your account.

Day 449. Not #Azure, but links to #Microsoft Sharepoint Online (or whatever the name is) documents having ":x:" in them breaks the links in basically every Markdown editor. How are there still no short links in 2025?

Day 448. Continuing the shit from day 446, while the email we received said that the #Microsoft Cloud for Sustainability API has been deprecated and will be "terminated" on May 5, the official docs say that the API will be deprecated on May 30 and they don't say anything about a shutdown date. So now you can't even get consistent information about when a service will stop working.

Day 447. Continuing the shit from day 446, #Microsoft recommends to use the #Azure Carbon Optimization API to make up for the hastily shut down MCFS API, but the Carbon Optimization API is lacking historical data older than 1 year and does not allow writing custom queries. For example, using it, there is no way to get emissions grouped by resource type and by region at the same time.

Day 446. #Microsoft just decided to shut down the Microsoft Cloud for Sustainability API which you could to use to retrieve emissions data for your #Azure workloads. The deprecation notice was provided less than two weeks in advance before the API got shut down.

Day 445. You don't want to enable #Azure Defender's malware scanning on all of your Azure Storage accounts because it is too expensive? Think again, because enabling it would give you +5 Persistence skill points which you can then use to impress no one.

Day 444. How are Cloud Services Providers (CSPs) that resell you #Azure resources, "maintain" your Azure resources for you and restrict your access to self-service APIs for these Azure resources still a thing in 2025? Hint: It's 🤑.

Day 443. Another day, another #Azure security vulnerability. Creating a malicious firewall rule with the ID "../" for Azure SQL server will delete the entire SQL server when a privileged user tries to deactivate it.

Day 442. When registering a feature for the 'Microsoft.ContainerService' #Azure provider, the API response contains the provider's name with a lowercase 'M', even though it has an uppercase name in the providers list. Good luck automating your provider registration when the name of a single provider is not even conistent across APIs.

Day 441. This link in the API response of #Azure AKS simply redirects you to Bing. And the Bing search query isn't even working.

Day 440. In case the shit from day 439 confused you, #Azure subscriptions don't actually have anything to do with billing. That's what billing accounts are for. Azure subscriptions are just projects where your resources live. So there is no obvious reason why you should not be able to simply move your subscriptions to a new customer agreement.

Day 439. Have you considered switching from buying your #Azure shit through a third-party Cloud Solution Provider to a direct customer agreement with #Microsoft? Good luck moving all of your live Azure workloads one by one to new Azure subscriptions, because you won't be able to simply update the billing information on your existing subscriptions - for reasons no Azure engineer was yet able to explain to us.

Day 438. This is your friendly reminder to never trust anything you read in the #Azure docs in any lanaguage other than English (well actually, you should never trust anything you read in there). The German version of the VPN Gateway docs say something about a "Standard SKU" which does not exist. It's just a translation for "Basic SKU". But when you check out the docs for the different SKUs, suddenly "Basic" got translated to "Grundlegend".

Day 437. After creating a new #Azure subscription through the Azure CLI, the CLI won't have any knowledge of that subscription until you explicitly refresh its subscription list with "az account list --refresh".

Day 436. An #Azure Key Vault Contributor cannot access Key Vault secrets. Except when using access policies on the Key Vault, then he can elevate himself to access Key Vault secrets. What a great concept.

Day 435. When you recently created a new #Azure subscription and try to query costs data using the Cost Management API, the request will fail because there is no data yet. But instead of stating that, the API will tell you that the subscription does not have a valid "WebDirect/AIRS" offer type, whatever that is supposed to mean.

Day 434. Recently our #Terraform deployment pipeline went completely to shit with state refreshes of random #Azure resources failing. After spending some time investigating why the Service Principal allegedly was missing permission on some resources, it magically worked again on the next try without us changing anything. Azure RBAC has to be one of the most unreliable services they offer.

Day 433. Reimaging our #Azure Virtual Machine Scale Set failed with an "InternalExecutionError", whatever that means. But thankfully the response code is still 200 OK.