Login is from an untrusted domain and cannot be used with integrated authentication

if you are using this connection string in SSIS using windows authentication

Data Source=myserver;Initial Catalog=mydb; Integrated Security=SSPI;Connect Timeout=15;

You will be able to develop your package and run. When it’s get deployed to SQL Server and someone try to run the package, they will get this error.

The reason, windows computer is not joined with Active Directory.

If you still want to run your SSIS package on server, use SQL Server authentication and use this connection string;

Data Source=myserver;Initial Catalog=mydb;User Id=myuser;password=mypassword;Connect Timeout=15;

Hope this will help

How to verify SQL Server is using NTLM / Kerberos authentication

You can execute the below TSQL Query to verify authentication used by SQL Server Connections.

USE master
GO

SELECT auth_scheme FROM sys.dm_exec_connections 
WHERE session_id = @@SPID;
GO

Expected Results

SQL – When SQL Server authentication is used
NTLM – When NTLM authentication is used
KERBEROS – When KERBEROS authentication is used

Reference

How to Verify and Register SPN for SQL Server Authentication with Kerberos Connections

Azure Virtual Network concepts and best practices

This article describes key concepts and best practices for Azure Virtual Network (VNet) .

VNet concepts

  • Address space: When creating a VNet, you must specify a custom private IP address space using public and private (RFC 1918) addresses. Azure assigns resources in a virtual network a private IP address from the address space that you assign. For example, if you deploy a VM in a VNet with address space, 10.0.0.0/16, the VM will be assigned a private IP like 10.0.0.4.
  • Subnets: Subnets enable you to segment the virtual network into one or more sub-networks and allocate a portion of the virtual network’s address space to each subnet. You can then deploy Azure resources in a specific subnet. Just like in a traditional network, subnets allow you to segment your VNet address space into segments that are appropriate for the organization’s internal network. This also improves address allocation efficiency. You can secure resources within subnets using Network Security Groups. For more information, see Network security groups.
  • Regions: VNet is scoped to a single region/location; however, multiple virtual networks from different regions can be connected together using Virtual Network Peering.
  • Subscription: VNet is scoped to a subscription. You can implement multiple virtual networks within each Azure subscription and Azure region.

Best practices

As you build your network in Azure, it is important to keep in mind the following universal design principles:

  • Ensure non-overlapping address spaces. Make sure your VNet address space (CIDR block) does not overlap with your organization’s other network ranges.
  • Your subnets should not cover the entire address space of the VNet. Plan ahead and reserve some address space for the future.
  • It is recommended you have fewer large VNets rather than multiple small VNets. This will prevent management overhead.
  • Secure your VNet’s by assigning Network Security Groups (NSGs) to the subnets beneath them.

Next steps

To get started using a virtual network, create one, deploy a few VMs to it, and communicate between the VMs. To learn how, see the Create a virtual network quickstart.

Resources;

https://docs.microsoft.com/en-us/azure/virtual-network/concepts-and-best-practices

Azure example of tagging

A resource tag consists of a name and a value. You can assign one or more tags to each Azure resource.

NameValue
AppNameThe name of the application that the resource is part of.
CostCenterThe internal cost center code.
OwnerThe name of the business owner who’s responsible for the resource.
EnvironmentAn environment name, such as “Prod,” “Dev,” or “Test.”
ImpactHow important the resource is to business operations, such as “Mission-critical,” “High-impact,” or “Low-impact.”

Here’s an example that shows these tags as they’re applied to a virtual machine during provisioning.

You can run queries, for example, from PowerShell or the Azure CLI, to list all resources that contain these tags.

Azure Policy is a service in Azure that enables you to create, assign, and manage policies that control or audit your resources. These policies enforce different rules and effects over your resource configurations so that those configurations stay compliant with corporate standards.

Read more about it here;

https://docs.microsoft.com/en-us/learn/modules/build-cloud-governance-strategy-azure/8-control-audit-resources-azure-policy

Reference;

https://docs.microsoft.com/en-us/learn/modules/build-cloud-governance-strategy-azure/7-organize-resource-tags