AZURE FUNDAMENTALS
Links:
Microsoft Azure Certifications * ✅
Become Microsoft Certifications ✅
Crie sua conta ✅**
Comparação entre os serviços ✅
Microsoft Datacenters ✅
Azure Support✅
Microsoft Q&A ✅
Serviços do Azure compatíveis com CLI do Azure✅
Virtual-machines sizes✅
Create Personalized VMs in PowerShell
✅
Triggers for Azure Functions✅
Application Gateway Resources✅
POP Locations CDN✅
Storage Account✅
Storagem Account Redundance✅
DMA - Overview✅
[IOT Central](https://docs.microsoft.com/en-us/azure/iot-central/core/overview-iot-central)✅
Defense in depth✅
DDos Protection✅
Serviços gratuitos do Azure✅
Conceitos de Nuvem:
Vantagens:
High Availability
Scalability
Agility
Geo-Distribution
Disaster Recovery
Desvantagens:
Conexão com internet
Why is more cheaper to use?
Lower your operating costs
Run Your infrastructure more efficiently
Scale as your business needs change
Cloud Service Models:
SAAS - Service as a Service
PAAS - Plataform as a Service
IAAS - Infraestruture as a Service
Serverless Computing:
Automatically provisions,
Scales and manges the infrastructure required;
Cloud Types:
On-premise
Híbrid
Public Cloud
Distribuição dos serviços:
Geography
Region
Availability Zone
Cada região tem seu par de disponibilidade, no mínimo, com 500km de distância.
Paymment:
Pay as you go
Reserved Virtual Machine Instances
Spot Pricing
Subscriptions:
Logical containers for resources.
Any Azure Account can have multiple subscritions
Azure Cost Management
Gerenciamento do custo da sua conta azure
gratuitamente.
ps.: Alertas de custos
Support Azure
Basic
Developer
Standard
Professional Direct
Azure CLI
Interface para management resources
in command line.
Serviços do Azure
Compute Services
Azure Virtual Machines (IAAS)
Azure App Service
Azure Container Instances
Azure Kubernetes Service
Windows Virtual Desktop
Azure Functions
Sizes of Virtual Machines
General purpose
Compute optimized
Memory optimized
Storage Optimized
GPU
High performance compute
Conexão:
RDP - Windows
SSH - Linux
VMs Scale Sets
Load balenced VMs
Customized VMs
App Service PaaS
Web applications
REST APIs
Mobile back ends
Host web sites
Web Applications
Web apps for Containers
API Apps
Azure Container Instances
Isolated containers
Azure Kubernetes Service
You only manage and maintain the agent nodes.
Windows Virtual Desktop
Set up a multi-session Windows 10
Virtualizes Microsoft 365 Apps
Provide Windows 7 virtual desktops
Bring your existing Remote Desktop Services
Azure Functions (serverless)
Less code
Less Infrastructure
Save costs
Networking
Virtual Network
Load Balancer
Application Gateway
VPN Gateway
ExpressRoute
Content Delivery Network
VNET
private network
Address space
Subnets
Regions
Subscription
x.x.x.0 - endereço de rede
x.x.x.1 - gateway (Azure)
x.x.x.2, x.x.x.3 - mapear IPs de DNS
x.x.x.255 - endereço de difusão de rede
Load Balancer
OSI model
layer four
80 port
http / https / tcp / udp
VPN Gateway
Connection between Azure and on-premise network
site to site
multi-site
vnet to vnet
point to site
ExpressRoute
Dedicated link
Content Delivery Network
CDN offers developers a global solution for rapidly delivering high-bandwidth content to users by caching their content
Pontos de acesso:
Microsoft / Verizon / Akamai
Types
Public Load Balanced
Internal load balanced
Application Gateway
Seven Layer
url router
Storage and Databases
Storage
Blob - Non strutucture
Disk - Anexa os discos para VMS
File - SMB or NFS
Archive
Storage Account
Locally-redundant storage - LRS
Zone-redundant storage
Geo-redundant storage
Geo-zone-redundant storage
Read-Acess
Azure Managed Disks
Azure handles the rest.
Disks types
ultra disks
SSD
Standard SSDs
Standard hard disk drivers (HDD)
Acess tiers - Storage
Hot - Optimized
Cool - At least 30 days
Archive - At least 180 days
Databases
Cosmos DB
Azure SQL
MySQL
PostgreeSQL
Database Migration Services
Azure SQL
Azure SQL Database
Azure SQL Managed Instance
SQL Server on Azure VMS
Azure PostgreSQL
Single Server
Flexible Server (Preview)
Hyperscale (Citus)
DMS
Migrations from multiple database sources
DMA
Data Migration Assistant
Upgrade to a modern data plataform by detecting compatibility.
Azure IOT / BIG DATA / DEVOPS
Internet of Things - IOT Central (Paas) / IOT Hub SaaS
Big Data - Azure Data Lake Analyticks
Devops
Big data - Machine Learning
MLOps
Cognitive Services
Bot Services
Cognitive Services
Vision
Speech
Natural Language
Decision
Serach
Azure DevOps
Azure Boards
Azure Pipelines
Azure Repos
Azure Test Plans
Azure Artifacts
Segurança
Defense in Depth
Security Azure Firewall
Network Security Groups (NSG|)
Azure DDoS Protection
Azure Defender
Azure Key Vault
Azure Information Protection
Advanced Threat Protection
Azure Sentinel
Azure Dedicated Hosts
Defense in Depth
Military defensive strategy to secure a critical position using multiple defensive perimeter.
Camadas:
Physical Security
Identity & Acess
Perimeter
Network
Compute
Application
Data
Security Posture
Confidentiality
Integrity
Availability
Azure Firewall
Built-in high availability
Availability Zones
Unrestricted Cloud Scalability
Application FQDN filtering rules
Network traffic filtering rules
FQDN Tags
Service tags
Treat intelligence
Outbound SNAT support
Inbound DNAT support
Multiple public IP addresses
Azure Monitor logging
Forced tunneling
Web categories (preview)
Certifications
NSG
Filtrando na camada de rede.
Firewall interno, aumentando a segurança
Azure DDoS Protection
Analyzing and discading DDoS trafic at the Azure Network Edge
Basic x Standard
Azure Security Center
Score
Complience
Inventory
On-premise or in a cloud
Recomendations
Azure Defender
Security alerts and advanced threat protection for virtual machines, SQL Databases, containers, web apps, your network and more
Azure Information Protection
discover, classify, and protect documents and emails by applying labels to content.
Azure threat protection
AAD, Monitor Logs, and Azure Security Center
Monitora tentativas de logins, MFA, etc.
Azure Sentinel
SIEM - Analisa vários eventos e automatiza respostas
Identiry Services / Compliance
Azure Active Directory
Single Sign-On
Multi-Factor Authentication
Azure Policy
Azure RBAC
Azure Monitor
Azure Health
Compliance
click to edit