Please enable JavaScript.

Coggle requires JavaScript to display documents.

azure-fundamentals-600x600 Microsoft Azure Fundamentals (AZ-900 Exam) -…

- - - - Give your code to Azure, they will run it.
      - Promise of performance, no access to hardware
      - PaaS
    - - Serverless
        
        Functions
        
        Serverless code based micro services
        
        Small bits of event triggered code to run in the cloud
        
        1,000,000 execution free per month, $0.20 for next 1m
        
        Less access than PAAS
        
        No need to worry about plan or servers
        
        No worry about scaling
        
        Costs as low as £0 for no activity
        
        Azure Functions, Serverless Kubernetes, SQL, Cosmos DB
      - Container image
      - Azure Container Instance (ACI)
        
        Single instance, quick
      - Azure Kubernetes Service (AKS)
        
        Enterprise grade
        
        Runs on cluster of servers
      - Emulates an OS, lightweight, popular
    - - Over 200 t-shirt sizes
      - Scale sets
        
        Runs behind a load balancer
        
        Unlimited horiizonal scaling
      - Windows Virtual Desktop
        
        Citrix VAD
        
        VMware Horizon
    - - Azure Bot Service
      - Language
      - Speech
      - Vision
      - Web search
  - - - Managed Disks
        
        Managed disks provide better reliability for Availability Sets by ensuring that the disks of VMs in an Availability Set are sufficiently isolated from each other to avoid single points of failure.
        
        Managed disk provides enhanced manageability and high availability
        
        Eliminates the need to manage storage accounts for IaaS VMs.
        
        Secure by default – Role based access control, storage encryption by default and encryption using own keys.
        
        Storage account limits do not apply – No throttling due to storage account IOPS limits
        
        Big scale - 20,000 disks per region per subscription.
        
        Better Storage Resiliency - Prevents single points of failure due to storage Supports both Standard and Premium Storage disks
        
        Is an ARM (Azure Resource Manager) object (resource)
      - Unmanaged disks
        
        Less availability: Unmanaged disks do not protect against single storage scale unit outage
        
        Upgrading process is complex
        
        Owner need ti take care of encryption, data recovery plans etc.
        
        Must create a storage account before you create any new disk.
        
        Is not an ARM resource, but a file (.vhd) residing on a Azure Storage Account.
        
        A maximum of 40 disks per standard storage account is recommended, otherwise disks can be throttled
    - - Benefits
        
        Data backups, restore, disaster recovery and archiving
        
        Data for analysis
        
        Ideal for images, docs, videos, audio
      - Block blobs
        Block blobs are optimized for uploading large amounts of data efficiently.
      - Append blobs
        An append blob is comprised of blocks and is optimized for append operations.
      - Page blobs
        Page blobs are a collection of 512-byte pages optimized for random read and write operations.
      - General purpose v2, you pay for storage & disk I/O
    - - Simple and inexpensive
      - Accessible via the industry standard Server Message Block (SMB) protocol or Network File System (NFS) protocol
      - Azure file shares can be mounted concurrently by cloud or on-premises deployments.
      - Can be used to completely replace or supplement traditional on-premises file servers or NAS devices.
      - Azure file shares can be used as persistent volumes for stateful containers
    - - Azure Queue Storage is a service for storing large numbers of messages.
      - You access messages from anywhere in the world via authenticated calls using HTTP or HTTPS
      - Queues are commonly used to create a backlog of work to process asynchronously
    - - Hot
      - Cool
      - Archive
        
        Lowest cost
        
        High data retrieval costs
        
        Data takes several hours to retrieve
        
        Blob must be rehydrated to an online tier to be read
    - - LRS (local redundant, same region)
      - ZRS (zone redundant, multi DC)
      - GRS (Global, two regions)
      - GZRS (Global zone redundant , 6 copies)
  - - - Azure Firewall
      - Azure Application Gateway
      - Network Virtual Appliance
  - - - Physical hardware device designed to work with Azure
    - - Basic tier
      - Standard tier
  - - - GitHub Actions
        
        Automations
        
        Continuous Integration
        
        Push into Azure Web Apps
- - - - CapEx
  - - - Spending Limits
      - Reserved Instances
      - Low-cost Locations / Regions
      - VM Sizing
      - Shutdown VMs
      - Migrate to PAAS/SAAS
      - Budget alerts
    - - Constrained Instance size
      - Bring your own license (BYOL)
      - Choice of OS (Windows Linux)
      - Azure Hybrid Benefit (Re-use existing Windows & SQL License)
      - SQL Server Developer edition
  - - - Enterprise
        Commitment to spend a negotiated amount annually.
      - Web Direct
        General public princing
      - Cloud Solution Provider
        Third party cloud seller
    - - Data transfer out of region: charged
      - Data transfer within region: free
- - - - Data
      - Endpoints
      - Account
      - Access management
  - - - Pricing
      - RBAC
      - MFA
      - SSO
      - B2B / B2C
      - Identities
        
        Identity - Thing to protect
        
        Principal - Identity acting in a certain role
        e.g. standard user vs admin user
        
        Service Principal - Identity used by a service
  - - - Azure Firewall
        Managed, cloud based network security service. No packet filtering
      - Azure Application Gateway
        Load balancing including Web Application Firewall (WAF). Packet filtering
      - Network Virtual Appliances (NVAs)
        Suited to custom configurations. Similar to hardware firewalls
    - - Basic
      - Standard
- - - - Data to be analysed with queries (Log Analytics)
  - - - Provides a personalized view of the health of the Azure services and regions you're using
      - Customisable dashboard to track the state of your Azure services
- - - - < 8 hour response
    - - < 1 hour response
    - - < 1 hour response
    - - 15 min response
- - - - All services available
      - 200USD limit, can't be changed
      - Limit can be removed
      - 12 month, then expires
      - Can be upgraded to pay-as-you-go
- - - - Different language to CLI
  - - - Export JSON
      - Share Publish as Resource