This week in Azure
Short holiday week in the US, but not a quiet one. John’s update runs through a tight list and the AI side leads it: Claude Sonnet 5 is generally available in Microsoft Foundry. Read the data-residency section before you get excited, because for a Swiss or EU shop that caveat is the whole story.
The rest is solid storage and platform work. Client-side blob integrity goes GA. VM restore points get Instant Access for application-consistent points. Storage Mover picks up Google Cloud Storage as a source. And Microsoft pulled its quantum-safe deadline forward to 2029, which is the item that should actually change a roadmap.
AI
Claude Sonnet 5: GA in Microsoft Foundry
Claude Sonnet 5 reached general availability in Microsoft Foundry on July 1st, 2026, a couple of days after Opus 4.8 and Haiku 4.5 went to production. You build with it through your existing Azure account: Azure-native authentication, billing, networking, governance and data controls, wired into Foundry Agent Service.
Pricing is promotional through August 31st, 2026 at $2 per million input tokens and $10 per million output, moving to $3 and $15 after that. Inference is processed in Azure with a choice of Global or US data zones, and Anthropic operates as the data processor.
Now the part that matters if you’re reading this from Zurich. There is no European data zone for Claude on Foundry yet. The models sit behind a European endpoint in Foundry Sweden, but the deployment type is Global Standard, so inference can be routed anywhere, including US infrastructure. The data-residency guarantees you get running Claude through Bedrock in Frankfurt or Vertex in an EU region do not extend to Foundry today. Anthropic’s compliance page lists Foundry Europe as “coming 2026” with no date. So for regulated workloads in banking or healthcare, this is not production-approved yet. If you need EU residency now, stay on a provider that gives it to you and revisit Foundry when the European zone lands.
Storage
Client-side blob integrity (CRC64-NVME): GA
Client-side data integrity for Azure Blob Storage is now generally available, built into the latest Blob SDKs for .NET, C++ and JavaScript. With validation on, the SDK computes a CRC64-NVME checksum over the data and the service verifies it before acknowledging the write. The same runs in reverse on read, and multi-part transfers reconcile individual checksums against a whole-object checksum.
The point is catching silent corruption that happens between your app and the service: in client-side code, on faulty client hardware, or in a proxy sitting in the path. CRC64-NVME was chosen because modern x86 and ARM CPUs accelerate it in hardware, so the cost is low. If you move data you actually care about, turn this on when you next update the SDK.
Azure Storage Mover: Google Cloud Storage source (preview)
Azure Storage Mover adds Google Cloud Storage as a migration source, in public preview, moving GCS objects into Azure Blob. Like the AWS S3 path that went GA earlier, this is a managed cloud-to-cloud transfer with no self-hosted agent to stand up, and it does incremental syncs after the first pass so cutover stays short.
If you’re consolidating multi-cloud storage onto Azure, that’s one more source you no longer have to script yourself. Preview, so treat it accordingly, but the direction is clear.
Compute
VM restore points: Instant Access for application-consistent points
Virtual Machine restore points now support Instant Access for application-consistent points, on VMs with Premium SSD v2 or Ultra disks as data disks. With Instant Access enabled on the restore point collection, disk restore starts straight from the snapshot without waiting for full hydration, which cuts your RTO materially.
Concrete limits: it needs API version 2025-04-01 or later, snapshot retention runs 1 to 30 days with a default of 7, and you can create up to 50 concurrent Instant Access restore points per subscription per region. If you run recovery drills against modern high-performance disks, this is a real improvement to how fast you come back. Check the service limits before you design around the concurrency cap.
Database
Az.PostgreSqlFlexibleServer PowerShell module
The PowerShell story for Azure Database for PostgreSQL gets a cleaner shape. The module is renamed to Az.PostgreSqlFlexibleServer, building on the old Az.PostgreSql and aligning with the 2026-01-01 preview REST API. It brings support for PostgreSQL 18 and for elastic clusters.
If you automate Postgres provisioning and management from PowerShell, this is where the new capabilities land. Update your scripts to the renamed module so you’re not stuck behind on API features.
Observability and security
Quantum Safe Program pulled forward to 2029
The one to put on a planning calendar. On June 30th, 2026, Azure CTO Mark Russinovich announced Microsoft is accelerating its Quantum Safe Program, with a new target to move its products and services to post-quantum cryptography by 2029. The reasoning is blunt: a cryptographically relevant quantum computer may arrive sooner than assumed, and the migration work is large, so the runway has to start now.
The near-term focus is three areas: upgrading network cryptography, building crypto-agility for stored data, and modernising the trust chains behind identity, signing and certificates. Adopting TLS 1.3 is the baseline that makes hybrid and post-quantum key exchange possible as the standards mature, and PQC requirements are being folded into the Secure Future Initiative.
This isn’t a product you toggle on. It’s a signal about where the platform is heading and how soon. If cryptographic agility isn’t already a line item in your architecture, this is the week it earned one. My governance framework guide is a reasonable place to start thinking about where crypto policy sits in your estate.
Final thoughts
Two things worth acting on this week.
Client-side blob integrity: it’s GA, it’s in the SDK, and it costs almost nothing. Turn it on for anything you’d hate to see silently corrupted. Small change, real protection.
The quantum-safe acceleration is the strategic one. 2029 is not far when you count the systems that touch encryption, which is all of them. Start with crypto-agility: know where your keys, certificates and TLS versions live, and make them changeable without a rebuild. You can’t migrate what you can’t inventory.
And on Claude Sonnet 5, the capability is real but the compliance answer for European workloads is not there yet. Don’t let a promising GA headline pull sensitive data into a Global Standard deployment that can leave the region. Wait for the EU data zone, or run Claude where residency is already guaranteed.
Sources
- John Savill, “Azure Update - 3rd July 2026,” YouTube, https://www.youtube.com/watch?v=RQmWSjKIQJY
- “Claude Sonnet 5 is now generally available in Microsoft Foundry,” Azure AI Foundry Blog, https://techcommunity.microsoft.com/blog/azure-ai-foundry-blog/claude-sonnet-5-is-now-generally-available-in-microsoft-foundry/4530737
- “Claude Reaches GA on Microsoft Foundry: European Enterprises Cannot Deploy It,” InfoQ, https://www.infoq.com/news/2026/07/claude-foundry-ga-europe/
- “Announcing General Availability of Client-Side Data Integrity Protections in Azure Blob Storage,” Azure Storage Blog, https://techcommunity.microsoft.com/blog/azurestorageblog/announcing-general-availability-of-client-side-data-integrity-protections-in-azu/4531364
- “Get started with cloud-to-cloud migration in Azure Storage Mover,” Microsoft Learn, https://learn.microsoft.com/en-us/azure/storage-mover/cloud-to-cloud-migration
- “Create Virtual Machine restore points,” Microsoft Learn, https://learn.microsoft.com/en-us/azure/virtual-machines/create-restore-points
- “Az.PostgreSql / Az.PostgreSqlFlexibleServer module,” Microsoft Learn, https://learn.microsoft.com/en-us/powershell/module/az.postgresql/
- “Accelerating the quantum-safe timeline,” Microsoft Security Blog, https://www.microsoft.com/en-us/security/blog/2026/06/30/microsoft-advances-quantum-safe-security-as-the-risk-timeline-shifts/