Az900notes Archives - Beginner's Forum

Azure Fundamentals (AZ900) certification preparation – short notes-V

September 19, 2020 Vipin V.K One comment

We are into our 5th post in the Azure fundamentals certification preparation notes series. If you haven’t already gone thru the previous posts, please have a look before starting here.

You can see this video to know how can you register for the Azure training and to get a certificaiton voucher without any payment.

[ Disclaimer : This is not a complete training material for the certification. This is just random (short) notes which we captured from course curricula, which will help the readers for their final revision/rewind before appearing for the exam. We do not offer any guarantee in passing the exam with this content ]

Few more things from the AZ900 curricula in continuation to the previous posts,

Monitoring and reporting

Azure Monitor : helps in monitoring how your applications are performing. This also helps in increasing the availability by identifying any failures proactively.

Data sources include Application monitoring data, guest-os monitoring data, Azure resource monitoring data, Azure subscription monitoring data, Azure tenant monitoring data.

-application insights : service for monitoring applications (availability, performance and usage)

-Azure Monitor for containers : service for monitoring the container workloads.

-Azure Monitor for VMs : A service which monitors and analyses the performance and health.

——————- advertisements ——————-

———————————————————

Azure Service Health :
– Azure status : About (service) outages in Azure.
– Azure service health : Service status and regions in Azure.
– Azure resource health : Health of the individual resources (VMs etc…)

Azure advisor :
– A dashboard giving recommendations on the subscriptions in 5 categories (HA,Security,Performance,Cost,Operational Excellence)

Account and Pricing

Azure SLA : SLA for support (uptime and Connectivity), mentioned in Percentage(%)
Service Credits : Penalty (maybe reduction in Bill) given to customers if Azure miss SLAs.
Composite SLA : A combined SLA for the service/product considering the underlying component SLAs.

——————- advertisements ——————-

———————————————————

TCO calculator : An online tool to estimate the savings in migrating to Azure. Gives detailed report.

Azure marketplace : Lists third-party apps and services available for purchase for Azure

Azure Support plans : 2:59:24 (video) or 1111 screenshot

Azure licensing : Using the existing windows/SQL purchased for on-prem in Azure. Azure HuB(Hybrid Use Benefit). BYoL – Bring your own license.

Azure subscriptions : Just your account.
– Free subscription : Free $200 credit for 30 days. Some things are free for 12 months
– Pay as you go : Charged at month-end based on usage.
– Enterprise
– Student : Free $100 credit for 12 months

Azure Pricing calculator : A tool for the pricing calculation.

Azure cost management : Gives detailed view on the spending.

—

That’s it from the series here. For the complete series click here .

–

Hope this series helped you in your certification journey. Please feel free to share your feedback/suggestions in the comments section.

–

Azure
Cloud

Azure Fundamentals (AZ900) certification preparation – short notes-IV

September 19, 2020 Vipin V.K Leave a comment

Thanks for reading our first, second and third posts in this series. Let’s get into the 4th post of the series Azure Fundamentals (AZ900) certification preparation short notes.

The intention of this series is to help your preparation for the AZ900 certification, or for your revision before taking the exam.

So, let’s get into the contents…

IoT Services

IoT Central – Connects your IoT devices to cloud
IoT Hub – Secure communication between the IoT apps and their managed devices
IoT Edge – allows processing and analysis of IoT devices data. A service built on Azure IoT Hub.
Windows 10 IoT Core Services – A cloud services subscription

——————- advertisements ——————-

———————————————————

Bigdata services

Azure Synapse analytics (SQL datawarehouse -formerly) : intended to run SQL queries against large DBs.
HDInsight : Run Open-sourced analytics software such as Hadoop,Kafka and Spark
Azure databricks : An apache Spark-based for Azure. Third-part databricks services within Azure.
DataLake analytics : Large storage for Raw data for bigdata. Analytics and reporting

AI/ML services

Azure Meachine learning service : Service for simplifying and running AI/ML related workflows in Azure. Python,R or Deep Learning workloads such as TensorFlow
Azure machine learning studio : Older service for AI/ML workloads

——————- advertisements ——————-

———————————————————

AI Services

Personalizer : personlized experience for every user.
Translator : real-time multi-language translator
Anomaly detector : detect anomalies in data and troubleshoot
Azure bot service : serverless bot service on-demand
Form recognizer : auto extraction of key/value, text, table etc.. from data
Computer vision : Content analysis from images
Language understanding : natural language understanding for apps,chat bots etc…
QnA maker : QnA bot. helps to create a question-answer structure over the data
Text analysis : helps in sentiment analysis. identifying names, phrases etc…
Content moderator : helps to detect potentially offensive content
Face : helps to identify the people and the emotions from images etc…
Ink recognizer : digital ink recognizer, such as handwriting, shapes etc…

Serverless services

Functions : serverless compute. No need to provision/manage any servers.
Azure blob storage : blob storage service
Logic apps : allows you to build serverless workflows composed of Azure functions, building a state machine for serverless compute
Event grid : Pub/sub type. Allowing to react to events and trigger other services like Functions

Visual studio code : code editor

——————- advertisements ——————-

———————————————————

Regulation and compliance

Azure trust center : Online portal where we can check the security and regulatory compliance info (example GDPR – General Data protection Regulation)

Azure security compliance programs (2:16:30) :
– CJIS (Criminal Justice Information Services) – has to be compliant to access FBI’s CJIS Database
– Cloud Security Alliance (Star Certification) – Third party
– GDPR – European law, against anyone (org) collects and analyzes data tied to EU residents
– EU Model clause – transfers of data outside of EU.
– HIPPA (Health insurance portability and accountability act) – patient protected health info.
– ISO 27018 – processing of personal info by cloud service providers

Azure Active Directory

AD comes in four flavors
free – MFA, SSO, and basic security settings
Office 365 Apps – company branding, two-sync between on-prem and cloud
Premium 1 – Hybrid architecture,
Premium 2 – identity protection and identity governance.

Azure security Center : Infrastructure security management system – A UI with lots of options.

Azure key vault : Stores and manages tokens/keys etc…
– Secret management – keys,tokens,certificates etc…
– Key management – Encryption key creation and management
– Certificate management – manages SSL certificates
– HSM – Keys and secrets managed by FIPS compliant Hardware-Security-Module (FIPS 140-2 compliance for multi-tenant and FIPS 140-3 for single tenant)

——————- advertisements ——————-

———————————————————

Protection

Azure DDoS Protection : basic protection is always on and is free. Advanced version is paid and has more features including reporting, Expert support, SLAs.

Azure firewall : Network protection. High availability built-in no load balancers required.

Azure information protection : in our outlook. Protects sensitive data by encryption,restricted access etc…

RBAC (role-based ac)
– Security principal : identities requesting access to an azure resource.
— User, group, Service principal (a security identity used to access azure resources),Managed identity (an identity in Azure AD managed by Azure)- Scope : Defines a scope of a role. Controls at Management,subscription or resource group level.
– Role definition : Set of roles. R/W/Delete etc..

Lock Resources : Locking to avoid unexpected deletion etc… CanNotDelete(Delete), Read-Only are types of locks.

Management groups : Adding subscriptions (accounts) to a management group will have all the permissions on it. Accounts under “Finance” group will have permissions required for that team/group/dept (example)

That’s it for part-4. You can find the next section in this series here. For the complete series click here .

Azure
Cloud

Azure Fundamentals (AZ900) certification preparation – short notes-III

September 19, 2020 Vipin V.K One comment

In continuation to our previous 2 posts, here is the third post in the Azure fundamentals certification preparation series. As mentioned in our first post, we recommend you to read the complete documentation from the Microsoft Docs page.

We recommend you to go thru the first post and the second post before starting with this post.

So, here’s are the part-3 contents.

App integration services

Azure notifications hub : Pub/send – send push notifications to any platform from any backend
Azure API Apps : API Gateway- for building and consuming the APIs in cloud.Route APIs to Azure services
Azure Service Bus : Service Bus – A reliable MaaS (Messaging-as-a-S) and simple hybrid integration
Azure Stream analytics : Serverless Real-time analytics, from cloud to edge
Azure Logic Apps : Schedule,Automate and Orchestrate tasks, business processes and workflows. Ent Saas and Ent apps integration
Azure API Management : Hybrid, Multi-cloud. Put in front of existing APIs to add additional functionality.
Azure Queue storage : Messaging queue – data store for queuing an delivering messages between apps.

——————- advertisements ——————-

———————————————————

Dev and Mobile tools

Azure SignalR service : Easily adding real-time web functionality to apps. Kind of PUSHER for Azure
Azure App Service : Easy to use service for deploying web apps using .net,node.js, Java, Python, pHP. No need to worry about underlying infra. like HEROKU
Visual Studio : IDE designed for creating apps for Azure. Not visual studio code on laptops.
Xamarin : Mobile-App Framework – Create mobile apps with .Net and Azure.

Azure DevOps services

Azure boards : Similar to Kanban boards. Faster delivery using agile tools (to plan, track and discuss work across teams)
Azure pipelines : CI/CD (contin Integration/Cont Delivery) pipelines (build,test and deploy) with GitHub or any other Git provider
Azure Repos : Unlimited Cloud hosted Private Git Repos for developement
Azure Test plans : Extraordinary testing tools for Test and ship
Azure Artifacts :
Azure DevTest Labs : Easy way to create devtest environments for your devtest requirements

ARM (Azure Resource Manager) : Is an example of IaC (Infrastrucre as Code). Allows programmatically create Azure resources via JSON template.
Azure Quickstart Templates : A library of pre-made ARM templates. Community driven.

——————- advertisements ——————-

———————————————————

Networking services

vNet and Subnet : You have to have a vNet, a broader network CIDR range and that is divided into multiple subnets (private and public for example).
vNet can be 10.0.0.0/16 and 2 subnets can be 10.0.1.0/24 and 10.0.10.0/24 for example

Cloud-Native networking services : Azure DNS, vNet, Azure Load balancer (Transport layer), Azure application load balancer (web apps), Network security groups (firewall)

Enterprise/Hybrid networking service :
Azure Front door : Secure entry point for fast delivery of your global apps
Azure Express route : A superfast connection between on-prem and Azure (50Mbps to 10Gbps)
Virtual WAN : Single operation interface which brings many networking, security and routing functionalities together
Azure Connection : A VPN connecting 2 azure local networks
Virtual Network Gateway : Site to Site VPN between Azure and Local network

Azure Traffic Manager : routing the incoming traffic based on the parameters set.
Weighted, Performance, Priority, Geographic,Mutlivalue, Subnet etc… To which server instance the application request should go.

Azure DNS : allows to create and manage the DNS records (does not allow purchasing the domain names). We can create A record, C-name, SOA, NS record etc…

Azure Load balancer : Operates at transport layer. Can be public facing network or internal network.

Scale Set : allows a group of identical VMs to be added or removed automatically.

More details in the next post. You can find the next section in this series here. For the complete series click here .

Azure
Cloud

Azure Fundamentals (AZ900) certification preparation – short notes-II

September 19, 2020 Vipin V.K 2 comments

Second post from our Azure Fundamentals (AZ900) certification preparation notes. If you haven’t gone through the first post in this series, you can find it here.

This series intents to helps those who are preparing for the AZ900 certification, so that you don’t have to go through the complete documentation. This also helps in your revision if you have already prepared for your exam.

So, let’s get into the contents in this section.

Azure Regions, AZs, Geography and Datacenters

AZ – one ore more DCs. Better practice is to have workload running in 3 AZs for HA. 99.99% SLA

Availability Set : Ensures that the resources are in different racks in same DC. 99.95% SLA

Fault domain : Grouping of hardware considering to avoid single point of failure

Update domain : Grouping of hardware considering to avoid single point of failure during software update

Region – AZ – Geography (is the data residency and compliance boundary – data will be within the country boundary), a geography will have minimum 2 regions at a far physical distance

Recommended Region : broadest service capabilities. Supports AZs.

Alternate (other) Region : A region within the data residency boundary (Geography) having recommended region as well. Not designed to support AZs.

——————- advertisements ——————-

———————————————————

Special Regions : for legal and compliance requirements basically for governments. China and US are having a few special regions (US DoD Central, US Gov Virginia, US Gov Iowa, China East etc…) .

Three categories of services

Foundational : Once the service is GA, it will be immediately (or in 12 months) be available in all (recommended and Alternate) regions

Mainstream : Once the service is GA, it will be immediately (or in 12 months) be available in recommended regions. Available in Alternate regions based on customer request

Specialized : Available in any region as per customer request.

Compute services

Azure VMs : Most common type of Compute service. Choose your own OS and hardware requirements. Underlying hardware will be shared with other customers.
Azure container service : Docker as a service. Run containers without having any servers or VMs.
Azure Kubernetes Service (AKS) : K8s as a service. to deploy,manage scale cotinerized apps. Open source K8 software.
Azure Service Fabric : Tier-1 Enterprise container as a service. Distributed systems platform. On Azure or On-premises.
– Easy to package, deploy and manage scalable and reliable microservices (A Cont service or AKS instance maybe)
Azure functions : serverless compute. No need to provision/manage any servers.
Azure batch : plans,schedules and executes batch computer workloads.

——————- advertisements ——————-

———————————————————

Storage Services

Azure Blob storage : Object storage
Azure Disk storage : Block storage
Azure File storage : NAS
Azure Queue storage: Messaging queue for apps (SNS in AWS)
Azure Table storage: NoSQL database table storage
Azure databox/databox heavy : For moving TB/PBs of storage. Snowball example
Azure Archive storage: Cheap long-term cold storage. (Glacier example)
Azure datalake storage: Centralized repo for all structured/unstructured data at any scale (bigdata)

Database services

Azure Cosmos DB : Fully managed NoSQL DB
Azure SQL DB : Fully managed MS SQL DB
Azure DB for MySQL/PSQL/MariaDB : Fully managed MySQL,PostgreSQL,MariaDB scalable and high available.
SQL server on VMs : MS SQL engine on VMs. Lift-n-shift MS SQL servers from on-prem to cloud
Azure synapse analytics (Azure SQL data warehouse) : fully managed data warehouse on cloud. security and scale
Azure DB migration service : to migrate your DB to cloud without any changes.
Azure cache for Redis : (Open-source) Redis caching for your DBs for performance.
Azure table storage : Wide column NoSQL DB – A NoSQL store that hosts unstructured data independant of schemas

More details in the next section. You can find the next section in this series here. Click here for the complete series.

Azure
Cloud

Azure Fundamentals (AZ900) certification preparation – short notes-I

September 19, 2020 Vipin V.K 2 comments

Azure certifications are of high industry demand right now and Azure Fundamentals (AZ-900) is the right starting point for the certifications. You can see here how you can get a free Azure training and an exam voucher you can use for the certification.

In these series of posts, we are sharing a certification preparation notes for you. Instead of going thru the detailed content over internet, you can refer these short notes in your exam preparation.

We recommend referring to the Microsoft Docs page for the detailed notes.

Types of compute

Virtual machines : Emulating a computer system without having dedicated hardware. It can run the guest operating system on shared hardware. Consumers can deploy multiple virtual machines on the physical hardware as they need (depending on the hardware limitation also).

——————- advertisements ——————-

———————————————————

containers : containers serves the execution environments for applications without a guest operating system. A container will have the application and all the dependencies packaged in it. example : Docker

serverless computing : Lets you to build and run applications without worrying about the underlying server/host.Cloud provider runs the server for you.

Cloud computing benefits

Cost-effective : Consumer doesn’t have to pay for and maintain the hardware and infrastructure for their needs. Cloud provider allows a pay-as-you-go pricing.

Scalable : Lets the consumer scale their environment (both scaling up and scaling out) as per the demand

Elastic : Based on the needs, the cloud can automatically allocate more resources and can be de-allocated automatically once the requirement is completed.

Global : You can provision your resources in any region across the globe, totally redundant.

Reliable : reliability via redundancy, backups and disaster recovery solutions all inbuilt.

Secure : Physical (to the physical infrastrucure) and digital (relevent authentication for data access) security assured.

CapEx and OpEx

CapEx : all the expenditures in (initially) setting up the environment. Upfront expense.

examples include the Server, Storage, Networking, DataCenter infrastructure and Technical resources expense etc…

Benefits : Fixed expense and consumer can plan the budget.

——————- advertisements ——————-

———————————————————

OpEx : With Cloud Computing the consumers has to worry about on the operation expenses (the billing for the infra and services) which involves limited upfront payment.

Benefits : You do not have to pay full amount upfront.

Cloud deployment models

Private Cloud : Cloud environment within your data center. Complete control on the hardware/physical infrastructure and the physical security.

Public Cloud : Hardware is being managed completely by the cloud provider and the consumers use the required infra and services.

Hybrid Cloud : A combined model of private and public cloud models, adding the benefits of both the models to the consumer.

——————- advertisements ——————-

———————————————————

Types of cloud services

IaaS (Infrastructure as a Service) : A computing infrastructure for the consumer without having hardware with them. Consumer has the maximum control of the infra in this model compared to the other services.

PaaS (Platform as a Service) – For running/testing an application on the required platform without worrying about the infrastructure.

SaaS (Software as a Service) – Consumer can avail the software services from cloud without being concerned about the infra and the platform running it. Office365 is an example.

Hope this section will help you in your certification journey. You can find the next section in this series here. For the complete series click here.

Azure
Cloud