- Access Control (IAM), 85–86
- access reviews, as Privileged Identity Management (PIM) feature, 74
- ACI. See Azure Container Instances (ACI)
- ACID (atomic, consistent, isolated, durable), 364
- ACR (Azure Container Registry), 247, 251–254
- activation and hosting component (Service Fabric), 331–332
- Active Directory (AD), 12–13
- Active Directory Federation Service (ADFS), 53
- adaptive query processing, 403
- ADF (Azure Data Factory), 358, 370
- ADLS (Azure Data Lake Storage), 370–371, 434
- Advanced Data Security (ADS), 397
- Advanced Message Queueing Protocol (AMQP), 484
- ADX. See Azure Data Explorer (ADX)
- AF (Azure Firewall), 158, 179–180
- aggregation, 377
- AIP (Azure Information Protection), 476, 479–480
- AKS. See Azure Kubernetes Service (AKS)
- answers
- assessment test, xlv–xlvii
- to review questions
- Azure, 682–683
- cloud development, 688–689
- compliance, 688
- Compute (hosting model), 685–687
- data storage, 687–688
- deployment, 689–690
- hybrid solutions, 688
- messaging, 688
- migrating, 689–690
- monitor and recover, 690–691
- networking, 684
- security and identity, 683–684
- antipatterns, 521–523
- API Management, 171, 462
- APIM (Azure API Management), 19–20
- APIs
- App Service, service tags and, 171
- App Service Environment (ASE), 16, 296
- App Service Plan (ASP), 296, 568
- append blobs, 428
- Application Gateway/WAF, 92, 98–99, 158, 174–178
- Application Insights, 21, 334, 629–631
- application layer security, 215
- application proxy, 54–56
- application security group (ASG), 137–138, 169–173
- application-bound identity provider databases, 78
- approval, as Privileged Identity Management (PIM) feature, 75
- architecture
- cloud
- about, 512–513
- design patterns, 234–237, 517–523
- design principles, 234–237, 515–517
- styles, 234–237, 513–514
- Archive Storage, 439
- ARM. See Azure Resource Manager (ARM)
- ASE (App Service Environment), 16, 296
- ASG (application security group), 137–138, 169–173
- ASP (App Service Plan), 296, 568
- ASP.NET, 307–308, 339–342
- ASR (Azure Site Recovery), 475, 548–549, 663–668
- assessment test
- answers, xlv–xlvii
- questions, xxxix–xliv
- Asynchronous Request/Reply pattern, 488–489
- ATM (Azure Traffic Manager), 170, 376
- atomic, consistent, isolated, durable (ACID), 364
- audit history, as Privileged Identity Management (PIM) feature, 74
- authentication (AuthN)
- about, 459, 526
- cloud, 525–531
- Privileged Identity Management (PIM), 74–75
- authorization (AuthZ), 459, 526
- auto scaling, 205–206, 343
- auto-heal, 235
- automated deployment, 269–270
- automatic healing, 515–516
- availability sets, 288–295
- Availability Zones, 118–119, 286–288
- AWS (Azure Web Sites), 5
- AZ-303 exam
- components of, 3–4
- objectives of, xxviii–xxxiii
- strategy for passing, 5–9
- AZ-304 exam
- components of, 3–4
- objectives of, xxxiv–xxxviii
- strategy for passing, 5–9
- Azure
- Azure VNT to resources, 164–168
- categories, 11
- certifications in, 2–3
- dedicated hosts, 270–271
- exam essentials, 33
- key terms, 34
- managed disk storage, 437
- networking limits, 157–158
- networking patterns, 155–157
- review question answers, 682–683
- review questions, 35–38
- Service Fabric, 335–336
- subscription, 80–82
- Azure Active Directory (AAD)
- AAD Connect, 13, 49–53
- about, 12–13, 40–44
- adding custom domains, 44–49
- application proxy, 54–56
- Azure AD Domain Services, 76–77
- B2B collaboration, 53–54
- compared with role-based access control (RBAC), 77, 78
- conditional access, 59–66
- Domain Services, 76–77
- exercises, 45–46, 47–49, 58–59, 62–66, 69–73, 301–302
- identity protection, 57–59
- managed identities, 75–76
- multifactor authentication, 66–74
- Privileged Identity Management (PIM), 74–75
- roles, 43
- self-service password, 54
- service level agreement (SLA), 56–57
- service tags and, 171
- Azure Administrator Associate, 2
- Azure Analysis Services, 371–372
- Azure API Apps, 16, 17
- Azure API Management (APIM), 19–20
- Azure App Service Web App for Containers, 16, 17
- Azure App Services
- about, 5–6, 16–17, 298–301
- Azure WebJobs, 309–312
- environments, 308–309
- exercises, 301–302, 303–305, 578–579, 592–593
- migrating, 565–566
- moving, 568–569
- recovery and, 673
- Web Apps, 301–306
- Web Apps for containers (Linux), 306–308
- Azure Application Gateway
- about, 201–202
- auto scaling, 205–206
- exercises, 203–205, 208–210
- hosting multiple websites, 206–211
- SSL termination, 202–205
- URL path-based redirection, 206–211
- Azure Arc, 607
- Azure Automation
- about, 600–604
- configuration management, 605–606
- exercises, 601–603
- process automation, 604
- update management, 606–607
- Azure Backup, 439–440, 653–663
- Azure Bastion, 32, 261
- Azure Batch, 312–317
- Azure Blob storage, 26, 27, 426, 427–430
- Azure Blueprints, 464, 465
- Azure Cache for Redis, 421–422, 492
- Azure Confidential Computing, 92, 99–102
- Azure Container Instances (ACI)
- about, 239–241
- container groups, 243–256
- containers, 241–243
- exercises, 253
- images, 241–243
- multicontainers, 243–256
- OS virtualization, 241–243
- Azure Container Registry (ACR), 247, 251–254
- Azure Content Delivery Network (CDN). See Content Delivery Network (CDN)
- Azure Cosmos DB
- about, 24–25, 408–412, 443
- API models, 412–413
- Data Migration tool, 564
- exercises, 409–412
- migration options, 416
- querying, 416–417
- service tags and, 171
- Azure Data Bricks, 371
- Azure Data Explorer (ADX)
- Azure Data Factory (ADF), 358, 370
- Azure Data Lake, 369, 371
- Azure Data Lake Storage (ADLS), 370–371, 434
- Azure Data Services, 673–675
- Azure Data Share, 450
- Azure Data Store, 377–381
- Azure Data Subject Request (DSR) Portal, 476
- Azure Database for MySQL, 422–423
- Azure Database for PostgreSQL, 423
- Azure Databox, 564
- Azure DevOps Expert, 2
- Azure File storage, 26, 27–28
- Azure Files, 430
- Azure Firewall (AF), 158, 179–180
- Azure Front Door
- about, 214–215, 519
- application layer security, 215
- custom domains and certificate management, 215
- multisite hosting, 214–215
- Azure Functions
- about, 18–19, 317–318
- bindings, 320–325
- exercises, 324–325
- hosting plans, 319–320
- runtime versions, 326
- supported programming languages, 326–327
- triggers, 320–325
- Azure Hybrid Benefit, 546–547, 556–557
- Azure Information Protection (AIP), 476, 479–480
- Azure Key Vault
- Azure Kubernetes Service (AKS)
- about, 336
- clusters, 338
- compared with Kubernetes, 336–338
- development and deployment, 338–342
- exercises, 339–342
- Kubernetes compared with, 336–338
- maintaining, 342–344
- nodes, 338
- pods, 338
- scaling, 342–344
- Azure Load Balancer
- about, 134–135, 158, 211–212
- health probes, 213–214
- internal load balancer (ILB), 213
- outbound connections, 214
- public, 212–213
- service tags and, 171
- Azure Marketplace, 260
- Azure Migrate, 549–561
- Azure Mobile Apps, 16, 17
- Azure Monitor
- about, 20–21, 465, 621–627
- Application Insights, 629–631
- Azure Data Explorer (ADX), 631–634
- exercises, 621–625
- Log Analytics, 627–629
- Azure NetApp Files, 434
- Azure Network Security, 92, 98
- Azure Policy, 466–470, 476
- Azure Portal, 596
- Azure PowerShell, 466–467
- Azure Queue Storage, 26, 28, 430–432, 524–525
- Azure Recovery Services
- about, 651–652
- Azure Backup, 653–663
- Azure Resource Graph, 652–653
- Vault, 573
- Azure Relay/Hybrid Connection Manager, 218–220
- Azure Reserved Virtual Machine Instances, 314, 546–547, 557–558
- Azure Resource Graph, 652–653
- Azure Resource Manager (ARM)
- about, 87
- deploying with templates, 580–594
- exercises, 592–593
- Azure Sentinel, 459
- Azure Service Health, 619–620
- Azure Site Recovery (ASR), 475, 548–549, 663–668
- Azure Solutions Architect Expert, 2, 3–5
- Azure SQL Database
- about, 22–24, 165, 382, 443
- Azure Cosmos DB
- about, 408–412
- API models, 412–413
- migration options, 416
- configuration and security, 392–397
- containers, 413–415
- Cosmos.py code, 415–416
- data partitioning, 404
- databases, 413–415
- exercises, 383–384, 399–402, 406–408
- global replication concepts, 417–419
- items, 413–415
- migrating data, 397–403
- monitoring, 403–404
- partition keys, 413–415
- pricing models and limits, 388–392
- querying Azure Cosmos DB, 416–417
- selecting, 382–388
- service endpoints, 404–408
- SQL Managed Instance, 408
- SQL VM, 408
- Azure Status, 465
- Azure Storage, 25–27, 424–434
- Azure Storage Explorer, 373
- Azure Storage Queue, 498–499
- Azure Storage Security, 446–447
- Azure Synapse Analytics, 368–370
- Azure Table Storage, 26, 28, 420–421, 432–433
- Azure Traffic Manager (ATM), 170, 376
- Azure Virtual Datacenter (VDC), 477
- Azure Virtual Machine (VM)
- about, 15–16, 256–258
- creating, 259–271
- exercises, 140–141, 165, 187, 260, 261–263, 273–274, 279–280, 283–284, 291, 293, 296–297, 552–554, 570–572, 575–576, 656, 664–666
- extensions, 268–269
- managing, 271–297
- migrating
- about, 286–288, 551
- Azure Hybrid Benefit, 556–557
- Azure Reserved VM Instances, 557–558
- containers, 558
- Hyper-V, 551–555
- Linux, 555–556
- VMWare, 551–555
- Windows Server, 555–556
- moving, 569–576
- recovery and, 671–673
- scale sets, 288–295
- securing, 295–297
- Azure VMWare Solutions, 554
- Azure VNet
- to Azure resources, 164–168
- connecting with other, 134
- dedicated DNS Server in, 188–190
- exercises, 121–124, 132
- integrating, 158–163
- integration of, 460–461
- to Internet, 168
- key features and capabilities, 127–129
- Service Endpoints, 23
- subnets and, 142–154
- Azure VPN gateways, 195–197
- Azure Web Apps, 16, 166–167, 309–312
- Azure Web Sites (AWS), 5
- Azure WebJobs, 16, 309–312
- beta testing, 8
- bidirectional communication, 491
- Big Compute style, 514
- Big Data, 358–359, 513
- Binary Large Object (BLOB) storage, 363
- bindings, 320–325
- blessed images, 267
- block blob, 428
- Blue Screen of Death (BSOD), 235
- Border Gateway Protocol (BCP), 190–191
- botnet threats, 97
- bring-your-own-device (BYOD), 59
- brute force threats, 97
- business continuity and disaster recovery (BCDR) strategy, 30, 285, 475
- about, 650
- business continuity, 650–651
- disaster recovery, 651
- C
- C#, 326–327
- CaaS (container as a service), 230
- caching, 217
- Cassandra API, 24
- CentOS, 267
- certificate authority (CA), 527–528
- certificates
- authenticating, 527–528
- managing, 215
- certifications
- in Azure, 2–3
- obtaining, 3–5
- checkpointing, 493
- CI/CD (continuous integration/continuous deployment), 534
- Circuit Breaker design pattern, 520–521
- circuits (ExpressRoute), 190
- CiS (cloud-integrated storage), 440
- Classless Inter-Domain Routing (CIDR), 117, 139–140
- Clear Linux OS, 266, 267, 268
- CLI (command-line interface), 247
- client (Docker), 247
- client affinity, 516
- cloud
- about, xxi–xxii
- service models, 229–231
- speed of, 241
- cloud bursting, 312–313, 462
- cloud development
- about, 512
- architecture
- about, 512–513
- design patterns, 517–523
- design principles, 515–517
- styles, 513–514
- coding
- about, 523
- authentication, 525–531
- Azure Queue Storage SDK, 524–525
- connecting to regional/global database instances, 524
- reading encrypted data from databases, 531–532
- triggering background jobs, 523–524
- exam essentials, 539
- implementing security, 534–538
- integrated development environments (IDEs), 533–534
- key terms, 539
- review question answers, 688–689
- review questions, 540–541
- source code repositories, 533–534
- Cloud Services, 344–345
- cloud-integrated storage (CiS), 440
- CLRs (common language runtimes), 307
- Cluster autoscale, 344
- clusters, 330–331, 338
- CNAME record type, 185
- coding
- cloud
- about, 523
- authentication, 525–531
- Azure Queue Storage SDK, 524–525
- connecting to regional/global database instances, 524
- reading encrypted data from databases, 531–532
- triggering background jobs, 523–524
- Command and Query Responsibility Segregation (CQRS), 518
- command-line interface (CLI), 247
- common language runtimes (CLRs), 307
- communication component (Service Fabric), 332
- Competing Consumers pattern, 490–491
- compliance
- about, 458, 463
- Azure Blueprints, 465
- Azure Policy, 466–470
- exam essentials, 506
- exercises, 466–467, 468–469, 480–481
- governance and, 464–465
- key terms, 506–507
- Microsoft Cloud App Security (MCAS), 483
- monitoring, 648
- privacy, 475–477
- regulatory boundaries, 477–478
- reliability, 474–475
- resiliency, 474–475
- review question answers, 688
- review questions, 508–509
- security, 472–474
- Security Center, 478–482
- tags, 470–472
- compression on the fly, 217
- Compute (hosting model)
- about, 228–229
- architectural styles, principles, and patterns, 234–237
- Azure App Services
- about, 298–301
- Azure WebJobs, 309–312
- environments, 308–309
- Web Apps, 301–306
- Web Apps for containers (Linux), 306–308
- Azure Batch, 312–317
- Azure Container Instances (ACI)
- about, 239–241
- container groups, 243–256
- containers, 241–243
- images, 241–243
- multicontainers, 243–256
- OS virtualization, 241–243
- Azure Functions
- about, 317–318
- bindings, 320–325
- hosting plans, 319–320
- runtime versions, 326
- supported programming languages, 326–327
- triggers, 320–325
- Azure Kubernetes Services
- about, 336
- clusters, 338
- development and deployment, 338–342
- Kubernetes compared with, 336–338
- maintaining, 342–344
- nodes, 338
- pods, 338
- scaling, 342–344
- Azure Virtual Machines
- about, 256–258
- creating, 259–271
- managing, 271–297
- best practices, 237–239
- choosing hosting models, 231–234
- cloud service models, 229–231
- Cloud Services, 344–345
- exam essentials, 348–349
- exercises, 244–246, 249–250, 251–252, 253, 260, 261–263
- HPC, 312–317
- key terms, 347–348
- monitoring, 640–642
- review question answers, 685–687
- review questions, 350–353
- Service Fabric
- about, 328–330
- architecture, 331–332
- Azure integration, 335–336
- best practice scenarios, 332–334
- clusters, 330–331
- nodes, 330–331
- Windows Virtual Desktop, 345–346
- Compute & Apps blade (Security Center), 481–482
- Compute category, products in, 11
- conditional access, 59–66
- configuration
- Azure SQL Database, 392–397
- managing, 605–606
- networking and, 14
- Connect Health, 51–52
- connected services, 446
- Consumption hosting plan, 319–320
- container as a service (CaaS), 230
- container entities (Azure Cosmos DB), 25
- container groups (Azure Container Instances (ACI)), 243–256
- Container Linux by CoreOS, 266, 267
- containers
- about, 16
- Azure Container Instances (ACI), 241–243
- Azure SQL Database, 413–415
- migrating, 558
- products in, 11
- Web App for Containers (Linux), 306–308
- Content Delivery Network (CDN)
- about, 125, 215–216
- CDN caching rules, 217
- dynamic site acceleration, 217
- file compression, 217
- geofiltering, 217
- content deployment, 585
- continuous integration/continuous deployment (CI/CD), 534
- continuous WebJobs, 309–312
- Contributor RBAC role, 78
- Core OS, 268
- CORS (cross-origin resource sharing), 306
- Cosmos.py code, 415–416
- costs
- Azure resources, 140
- Azure Virtual Machine, 277–281
- networking and, 13–14
- CQRS (Command and Query Responsibility Segregation), 518
- create, insert, update, delete (CRUD), 330
- credential leaking, 75
- cross-origin resource sharing (CORS), 306
curl
tool, 152
- D
- DaaS (database as a service), 22, 378
- DaaS (desktop as a service), 378
- daemon (Docker), 247
- data
- analysis of, 366
- monitoring, 642–646
- at rest, 100
- in transit, 100
- in use, 101
- data analytics/data warehouse, 365–373
- data backup, migration, and retention, 437–443
- Data Distribution Service (DDS), 484
- Data Migration Assistant (DMA), 23, 439
- Data Migration Service (DMS), 23
- data partitioning, 379, 404
- data storage
- about, 356–357
- Azure Batch, 316
- Big Data, 358–359
- choosing solutions for
- about, 359–360
- Azure Cache for Redis, 421–422
- Azure Data Store, 377–381
- Azure Database for MySQL, 422–423
- Azure Database for PostgreSQL, 423
- Azure SQL Database, 382–419
- Azure Storage, 424–434
- Azure Table Storage, 420–421
- data analytics/data warehouse, 365–373
- data backup, migration, and retention, 437–443
- document databases, 360–361
- graph databases, 362–363
- key/value pairs, 361–362
- Marketplace options, 424
- object storage, 363
- Oracle options, 424
- relational database management system (RDBMS), 363–365
- search engine databases, 365
- securing Azure data, 443–450
- shared files, 373–377
- zone replication, 434–437
- exam essentials, 451–452
- exercises, 374–376, 383–384, 399–402, 406–408, 409–412, 426, 440–442, 444–445
- extract, transform, load (ETL), 357–358
- key terms, 452–453
- NoSQL, 358–359
- online analytical processing (OLAP), 357–358
- online transaction processing (OLTP), 357–358
- products in, 11
- relational database management system (RDBMS), 357–358
- review question answers, 687–688
- review questions, 454–455
- Security Center, 479–481
- service tags and, 171
- data warehouse, 366, 369
- Database Access Migration toolkit, 565
- database administrator (DBA), 364
- database as a service (DaaS), 22, 378
- Database Experimentation Assistant (DEA), 564–565
- Database Management Assistant (DMA), 559–560
- database management system (DBMS), 258
- Database Migration Service (DMS), 381, 439, 560–564
- database throughput unit (DTU), 388–392
- database transaction unit (DTU), 22
- databases
- application-bound identity provider, 78
- Azure SQL Database, 413–415
- migrating
- about, 558–559
- Azure Data Migration Service, 560–564
- Azure Databox, 564
- Cosmos DB Data Migration tool, 564
- Database Access Migration toolkit, 565
- Database Experimentation Assistant (DEA), 564–565
- Database Management Assistant (DMA), 559–560
- SQL Server Migration Assistant, 560
- DBA (database administrator), 364
- DBMS (database management system), 258
- DDoS (distributed denial-of-service), 92, 97, 99
- DDS (Data Distribution Service), 484
- DEA (Database Experimentation Assistant), 564–565
- dead-letter queue (DLQ), 498
- Debian, 266, 267
- decoupling, 516–517
- Dedicated hosting plan, 319–320
- dedicated hosts, 270–271
- dedicated mode, 297
DeleteMessage()
method, 524–525
- demilitarized zone (DMZ) network pattern, 155, 156, 172
- deployment
- about, 544, 576–577
- with ARM templates, 580–594
- automated, 269–270
- Azure Kubernetes Services, 338–342
- content, 585
- DevOps, 594–600
- exam essentials, 608–609
- exercises, 578–579, 592–593, 596–598
- key terms, 609
- review question answers, 689–690
- review questions, 610–611
- with Visual Studio, 578–580
- deployment logs, 648–649
- deployment slots, 596
- design for self-healing, 235
- design patterns
- about, 517–518
- antipatterns, 521–523
- Circuit Breaker, 520–521
- cloud, 517–523
- Gatekeeper, 519–520
- in messaging, 487–492
- Retry, 518–519
- Sharding, 520
- Throttling, 520
- design principles
- about, 515
- automatic healing, 515–516
- cloud, 515–517
- decoupling, 516–517
- designing for change, 517
- infrastructure as a service (IaaS), 517
- platform as a service (PaaS), 517
- redundancy, 515
- reliance, 515
- resiliency, 515
- scaling, 516–517
- self-healing, 515–516
- software as a service (SaaS), 517
- Desired State Configuration (DSC), 605
- desktop as a service (DaaS), 378
- destination network address translation (DNAT), 147, 179
- device platforms, conditional access policies and, 60
- DevOps
- exercises, 596–598
- working with, 594–600
- DIPRs (Dynamic IP Restrictions), 180–181, 520
- directory name, 41
- directory objects, 52
- disaster recovery (DR), 285, 474, 651
- disaster recovery as a service (DRaaS), 475
- distributed denial-of-service (DDoS), 92, 97, 99
- DLQ (dead-letter queue), 498
- DMA (Data Migration Assistant), 23, 439
- DMA (Database Management Assistant), 559–560
- DMS (Data Migration Service), 23
- DMS (Database Migration Service), 381, 439, 560–564
- DMZ (demilitarized zone) network pattern, 155, 156
- DNAT (destination network address translation), 147, 179
- DNS. See Domain Name System (DNS)
- Docker
- components of, 247–250
- images, 249–250
- document databases, 360–361, 415
- Document DB Data Migration Tool, 416
- Domain Name System (DNS)
- about, 184–186
- Azure private, 188
- Azure public, 188
- Azure-provided, 187–188
- dedicated Server in VNet, 188–190
- exercises, 187
- specifying servers, 193–194
- domains
- adding custom to Azure Active Directory, 45–47
- custom, 215
- exercises, 44–46
- dot-decimal notation, 143
- DPM (System Center Data Protection Manager), 655
- DR (disaster recovery), 285, 474, 651
- DRaaS (disaster recovery as a service), 475
- DSC (Desired State Configuration), 605
- DSR (Azure Data Subject Request) Portal, 476
- DTU (database throughput unit), 388–392
- DTU (database transaction unit), 22
- duplication detection, 496
- Dynamic IP Restrictions (DIPRs), 180–181, 520
- dynamic mode, 18
- dynamic site acceleration, 217
- E
- Easy Auth, 105–106, 537
- EDW (enterprise data warehouse), 365–366
- elastic database throughput unit (eDTU), 388–392
- elastic pool, 22
- Electronic Data Interchange (EDI), 237–238
- enclave, 101
- encryption
- about, 99–102
- data, 444–446
- reading encrypted data from databases, 531–532
- endorsed distributions, 267
- engine (Docker), 247
- enterprise data warehouse (EDW), 365–366
- environments (Azure App Services), 308–309
- ephemeral disk, 282
- ephemeral ports, 146, 147
- Etcd API, 24
- ETL (extract, transform, load), 357–358
- Event Grid, 499–503
- Event Hubs, 492–496
- Event-driven style, 514
- events, compared with messaging, 485
- exam essentials
- Azure, 33
- cloud development, 539
- compliance, 506
- Compute (hosting model), 348–349
- data storage, 451–452
- deployment, 608–609
- hybrid solutions, 506
- messaging, 506
- migrating, 608–609
- monitoring, 678
- networking, 222–223
- recovery, 678
- security and identity, 106–107
- exercises
- adding identity protection, 58–59
- Application Gateway/WAF, 176–178
- ASP.NET Core web applications, 339–342
- availability sets, 291
- Azure Active Directory (AAD), 45–46, 47–49, 58–59, 62–66, 69–73, 301–302
- Azure App Services, 301–302, 303–305, 578–579, 592–593
- Azure Application Gateway, 203–205, 208–210
- Azure Automation, 601–603
- Azure Backup, 656
- Azure Batch, 314
- Azure Blob storage, 426
- Azure Container Instances (ACI), 253
- Azure Container Registry (ACR), 251–252
- Azure Cosmos DB, 409–412
- Azure Data Explorer (ADX), 440–442, 494–496, 633
- Azure Data Migration Service (DMS), 561–562
- Azure DNS, 187
- Azure Functions, 324–325
- Azure Key Vault, 104, 444–445, 535–536
- Azure Kubernetes Services, 339–342
- Azure Monitor, 621–625
- Azure Policy, 466–467, 468–469
- Azure PowerShell, 466–467
- Azure Resource Manager (ARM), 592–593
- Azure Site Recovery (ASR), 664–666
- Azure SQL, 165
- Azure SQL DB, 383–384, 399–402, 406–408
- Azure subscription, 80–82
- Azure Virtual Machine, 140–141, 165, 187, 260, 261–263, 273–274, 279–280, 283–284, 291, 293, 296–297, 552–554, 570–572, 575–576, 656, 664–666
- Azure Virtual Networking, 121–124, 132
- Azure VPN gateways, 195–197
- Azure Web App, 166–167
- compliance, 466–467, 468–469, 480–481
- Compute (hosting model), 244–246, 249–250, 251–252, 253, 260, 261–263
- conditional access, 62–66
- content delivery network (CDN), 216
- creating AAD users, 46–47
- creating Azure files, 374–376
- custom roles, 88–91
- data storage, 374–376, 383–384, 399–402, 406–408, 409–412, 426, 440–442, 444–445
- deployment, 578–579, 592–593, 596–598
- DevOps, 596–598
- Docker images, 244–246, 249–250
- domains, 44–46
- Easy Auth, 537
- Event Grid, 499–501
- Event Hubs, 493
- global VNet peering, 159–162
- High Performance Computing (HPC), 303–305
- managed disks, 296–297
- Managed Identities (MI), 535–536
- management groups, 83
- messaging, 493, 494–496, 499–501
- migrating, 552–554, 561–562
- monitoring, 621–625, 633
- multifactor authentication (MFA), 69–73
- network security group (NSG), 171–172
- Network Watcher, 152–154
- recovery, 656, 664–666
- role-based access control (RBAC), 80–82, 83, 88–91
- scale sets, 293
- service endpoints, 406–408
- SSL termination, 203–205
- subnets, 150–154
- URL routing, 208–210
- VMWare, 552–554
- ExpressRoute, 136, 158, 190–192, 460
- extensions (Azure Virtual Machine), 268–269
- extract, transform, load (ETL), 357–358
- F
- F#, 326–327
- fault domains, 288
- features, 9–32, 127
- federation component (Service Fabric), 332
- file compression, 217
- File Integrity Monitoring (FIM), 96
- file share, 27
- File Transfer Protocol (FTP), 546
- firewalls, 450
- first in, first out (FIFO), 430–432
- five nines, 616
- forced tunneling, 172, 199–201
- forms, authenticating, 526
- fully qualified domain names (FQDNs), 179
- functionalities, 9–11
- Functions app, 20
- functions as a service (FaaS), 231
- G
- GA (Global Availability), 326
- Gatekeeper design pattern, 519–520
- Gateway Manager, service tags and, 171
- Gateway Subnet, 194–195
- geofiltering, 217
- geography, 125
- geo-redundant storage (GRS), 435, 436
- geo-replication, 252
- geo-zone-redundant storage (GZRS), 435, 437
GetMessage()
method, 524–525
- GitHub change notification types, 7
- Global Availability (GA), 326
- global replication concepts, Azure SQL Database, 417–419
- global shard-map manager database, 404
- global VNet peering, 134, 158–162
- globally redundant storage (GRS), 125
- governance, compliance and, 464–465
- graph databases, 362–363
- graphical processing units (GPUs), Azure Batch and, 312
- graphical user interface (GUI), API Apps and, 306
- Gremlin API, 24
- GRS (geo-redundant storage), 435, 436
- GRS (globally redundant storage), 125
- GZRS (geo-zone-redundant storage), 435, 437
- H
- hardware and network security
- about, 92–93
- Application Gateway/WAF, 98–99
- Azure confidential computing, 99–102
- Azure DDoS protection, 99
- Azure Network Security, 98
- Microsoft Trust Center, 93
- Security Center, 93–98
- HCM (Hybrid Connection Manager), 54, 136, 190, 462
- health probes, 213–214
- High Performance Computing (HPC), 233–234, 303–305, 312–317
- hop, 138
- Horizontal Pod Autoscale (HPA), 343
- horizontal scale, 377
- host identifier, 144
- hosting models
- choosing, 231–234
- defined, 229
- hosting plans, 319–320
- HPC (High Performance Computing), 233–234, 303–305, 312–317
- HTTP (Hypertext Transfer Protocol), 100
- hub and spoke network pattern, 155, 157
- hybrid Azure networking
- about, 190
- configuring VPN devices, 198
- creating Gateway Subnets, 194–195
- creating local network gateways, 197
- creating virtual networks, 193
- creating VPN connection, 198–199
- creating VPN gateway, 195–197
- ExpressRoute, 190–192
- forced tunneling, 199–201
- site-to-site VNP gateway, 192–193
- specifying DNS Servers, 193–194
- Hybrid Connection Manager (HCM), 54, 136, 190, 462
- hybrid network pattern, 155
- hybrid solutions
- about, 458–459
- computing, 462–463
- data solutions, 463
- exam essentials, 506
- key terms, 506–507
- networking
- about, 460
- API management, 462
- Express Route, 460
- Hybrid Connection Manager (HCM), 462
- Network Watcher, 461
- Traffic Manager, 462
- VNet integration, 460–461
- VPN Gateway, 460
- review question answers, 688
- review questions, 508–509
- security, 459
- hyperscale, 235
- Hypertext Transfer Protocol (HTTP), 100
- Hyper-V, 286, 551–555
- I
- IaaS (infrastructure as a service), 229, 517
- IANA (Internet Assigned Number Authority), 145
- IDE (Integrated Drive Electronics), 281
- identity as a service (AAD), 12–13
- identity protection, 57–59
- IDEs (integrated development environments), 533–534
- IIS (Internet Information Services), 180
- ILB (internal load balancer), 213, 308
- ILPIP (instance-level public IP), 135
- images
- Azure Container Instances (ACI), 241–243
- defined, 239–240
- using, 261–263
- Import/Export, 442, 566
- Improperly Instantiating Objects antipattern, 521–523
- infrastructure as a service (IaaS), 229, 517
- input/output operations per second (IOPS), 258
- instance-level public IP (ILPIP), 135
- integrated development environments (IDEs), 533–534
- Integrated Drive Electronics (IDE), 281
- Integrated Windows Authentication (IWA), 12, 528–529
- integration and testing (I&T), 470
- intellectual property (IP), 59
- internal load balancer (ILB), 213, 308
- Internet
- Azure VNet to, 168
- connecting with the, 134–136
- service tags and, 171
- Internet Assigned Number Authority (IANA), 145
- Internet Information Services (IIS), 180
- IOPS (input/output operations per second), 258
- IP (intellectual property), 59
- IP addresses, whitelisting, 24
- IP masquerading, 146
- IP restrictions, 180–184
- IP Security, 180
- IPv4, 139–140
- IPv6, 145
- isolated network pattern, 155
- I&T (integration and testing), 470
- item entities, Azure Cosmos DB, 25
- items, Azure SQL Database, 413–415
- IWA (Integrated Windows Authentication), 12, 528–529
- J
- Java, 307–308
- JavaScript, 326–327
- justification, as Privileged Identity Management (PIM) feature, 74
- just-in-time, as Privileged Identity Management (PIM) feature, 75
- K
- kernel, accessing, 242
- key performance indicators (KPIs), 618
- key terms
- Azure, 34
- cloud development, 539
- compliance, 506–507
- Compute (hosting model), 347–348
- data storage, 452–453
- deployment, 609
- hybrid solutions, 506–507
- messaging, 506–507
- migrating, 609
- networking, 220–221
- key/value pairs, 361–362
- KPIs (key performance indicators), 618
- KQL (Kusto Query Language), 631–632
- Kubernetes, compared with Azure Kubernetes Service, 336–338
- KUSTO cluster, 631
- Kusto Query Language (KQL), 631–632
- L
- labels, 649
- Language Understanding Intelligent Service (LUIS), 365
- Linux
- Azure Virtual Machine and, 266–268
- Web App for Containers, 306–308
- Windows Backup compared with, 661–663
- workloads, 555–556
- local network gateways, 197
- locally redundant storage (LRS), 395, 434–436
- locations, conditional access policies and, 60
- Log Analytics, 21, 334, 627–629
- Logic Apps, 20, 503–505
- logical load metrics, 331
- long-term retention (LTR), 396, 438
- LRS (locally redundant storage), 395, 434–436
- LUIS (Language Understanding Intelligent Service), 365
- M
- MaaS (messaging as a service), 484
- MABS (Microsoft Azure Backup Server), 655
- machine learning (ML) model, 102
main()
method, 320–321
- maintenance
- Azure Kubernetes Services, 342–344
- Azure Virtual Machines and, 272–281
- malicious software threats, 97
- managed disk storage, 281–285
- managed disks, 294–295, 296–297
- Managed Identities (MI)
- about, 75–76, 103
- authenticating, 530
- exercises, 535–536
- managed instance, 22
- Managed Service Identity (MSI), 75–76
- management component (Service Fabric), 332
- management group, 83
- manual scaling, 343
- Marketplace
- Azure Batch, 316–317
- options for data and storage, 424
- MARS (Microsoft Azure Recovery Services), 655
- MCAS (Microsoft Cloud App Security), 483
- messaging
- about, 458, 484
- Azure Storage Queue, 498–499
- choosing a service for, 485–487
- Event Grid, 499–503
- Event Hubs, 492–496
- events compared with, 485
- exam essentials, 506
- exercises, 493, 494–496, 499–501
- key terms, 506–507
- Logic Apps, 503–505
- monitoring, 646–647
- Notification Hub, 505
- patterns in
- about, 487–488
- Asynchronous Request/Reply pattern, 488–489
- Azure Cache for Redis, 492
- Competing Consumers pattern, 490–491
- Publisher/Subscriber pattern, 488
- Queue-Based Load Leveling pattern, 489
- Sequential Convoy pattern, 489–490
- recovery and, 675–677
- review question answers, 688
- review questions, 508–509
- Service Bus, 496–498
- messaging as a service (MaaS), 484
- MFA. See multifactor authentication (MFA)
- MI. See Managed Identities (MI)
- microservices, 329, 338
- Microservices style, 514
- Microsoft Authenticator app, as authentication method, 68
- Microsoft Azure Backup Server (MABS), 655
- Microsoft Azure Recovery Services (MARS), 655
- Microsoft Cloud App Security (MCAS), 483
- Microsoft Distributed Transaction Coordinator (MSDTC), 247
- Microsoft Enterprise edge (MSEE) routers, 190–191
- Microsoft Message Queuing (MSMQ), 247, 484
- Microsoft Trust Center (MTC), 92, 93, 464
- migrating
- about, 544
- to Azure
- about, 544–548
- Azure Migrate, 549–551
- Azure Site Recovery, 548–549
- Azure App Services, 565–566
- Azure SQL Database, 397–403
- Azure Virtual Machines
- about, 286–288, 551
- Azure Hybrid Benefit, 556–557
- Azure Reserved VM Instances, 557–558
- containers, 558
- Hyper-V, 551–555
- Linux, 555–556
- VMWare, 551–555
- Windows Server, 555–556
- databases
- about, 558–559
- Azure Data Migration Service, 560–564
- Azure Databox, 564
- Cosmos DB Data Migration tool, 564
- Database Access Migration toolkit, 565
- Database Experimentation Assistant (DEA), 564–565
- Database Management Assistant (DMA), 559–560
- SQL Server Migration Assistant, 560
- exam essentials, 608–609
- exercises, 552–554, 561–562
- Import/Export, 566
- key terms, 609
- review question answers, 689–690
- review questions, 610–611
- ML (machine learning) model, 102
- mobile apps, 306
- Mobile category, products in, 11
- Model-View-Controller (MVC), 345
- Mongo API, 24
- MongoDB API, 24
- monitoring
- about, 614–615, 615–619
- Azure Monitor, 621–634
- Azure Service Health, 619–620
- Azure SQL Database, 403–404
- by component
- about, 634–635
- compliance, 648
- compute, 640–642
- data, 642–646
- messaging, 646–647
- network, 638–640
- security, 635–638
- deployment logs, 648–649
- exam essentials, 678
- exercises, 621–625, 633
- labels, 649
- review question answers, 690–691
- review questions, 679–680
- tags, 649
- Monolithic Persistence antipattern, 521–523
- MSDTC (Microsoft Distributed Transaction Coordinator), 247
- MSEE (Microsoft Enterprise edge) routers, 190–191
- MSI (Managed Service Identity), 75–76
- MSMQ (Microsoft Message Queuing), 247, 484
- MTC (Microsoft Trust Center), 92, 93, 464
- multicontainers, 243–256
- multifactor authentication (MFA)
- about, 66–69, 529
- enabling, 69–74
- exercises, 69–73
- implementation of, 60
- as Privileged Identity Management (PIM) feature, 74
- types of, 67–68
- multisite hosting, 214–215
- multitiered style, 513
- MVC (Model-View-Controller), 345
- MX record type, 185
- N
nameresolver
tool, 152
- NAT (network address translation), 146
- .NET Core, 307–308
netstat
tool, 147
- network address translation (NAT), 146
- network identifier, 144
- Network Logger, 120
- network map, 183–184
- network security groups (NSGs)
- about, 98, 128–129, 137–138, 271–272
- exercises, 171–172
- traffic filtering with, 169–173
- network traffic filtering, 137–138
- network traffic routing, 138–142
- network virtual appliance (NVA), 155, 169–173
- Network Watcher, 120, 152–154, 461
- networking. See also hybrid solutions, networking
- about, 13–14, 112
- advanced concepts and tools, 143–154
- Azure Virtual Machines and, 271–272
- Azure virtual networking
- about, 117
- Azure networking limits, 157–158
- Azure networking patterns, 155–157
- Azure VNet, 127–129
- connecting with Azure resources, 129–134
- connecting with Azure VNets, 134
- connecting with Internet, 134–136
- connecting with on-premise resources, 136–137
- key features and capabilities, 127–168
- network traffic filtering, 137–138
- network traffic routing, 138–142
- regions, 117–127
- site-to-site overview, 163–164
- VNet to Azure resources, 164–168
- VNet to Internet, 168
- Vnet to VNet integration, 158–163
- VNets and subnets, 142–154
- exam essentials, 222–223
- hybrid
- about, 114–115, 190, 460
- API management, 462
- Azure Virtual Network, 115–117
- configuring VPN devices, 198
- creating Gateway Subnets, 194–195
- creating local network gateways, 197
- creating virtual networks, 193
- creating VPN connection, 198–199
- Express Route, 460
- ExpressRoute, 190–192
- forced tunneling, 199–201
- Hybrid Connection Manager (HCM), 462
- Network Watcher, 461
- site-to-site VNP gateway, 192–193
- specifying DNS Servers, 193–194
- Traffic Manager, 462
- VNet integration, 460–461
- VPN Gateway, 195–197, 460
- key terms, 220–221
- Microsoft global network, 112–114
- monitoring networks, 638–640
- products in, 11
- recovery and, 669–670
- review question answers, 684
- review questions, 224–225
- security
- about, 92–93
- Application Gateway/WAF, 98–99
- Azure confidential computing, 99–102
- Azure DDoS protection, 99
- Azure Network Security, 98
- Microsoft Trust Center, 93
- Security Center, 93–98
- ODBC Driver 17 SQL utility, 164
- offsets, 493
- 127.0.0.1 IPv4 address, 144
- online analytical processing (OLAP), 357–358
- online transaction processing (OLTP), 357–358
- on-premise
- connecting with resources, 136–137
- migrating from, 286
- open source, 307, 377
- open standards, authentication and, 529–530
- OpenAPI, 20
- OpenID, 529–530
- openSUSE, 267
- operating systems, 234
- Oracle, 424
- Oracle Linux, 267
- orchestration, 234, 254–256
- OSI layers, 208
- OS-level virtualization, 241–243
- outbound connections, 214
- Owner RBAC role, 78
- P
- P2S (Point-to-Site) connection, 136
- PaaS (platform as a service), 230–231, 517
- page blobs, 428–429
- partition keys, 413–415
- Pass-Through Authentication, 53
- password
- as authentication method, 68
- self-service, 54
- Password Hash Synchronization, 53
- PAT (port address translation), 135, 146
PeekMessage()
method, 524–525
- Perf View, 21
- permissions
- controlling for resources, 87
- providing to resources, 85–86
- role-based access control (RBAC), 78–81
- PHP, 307–308
- physical partitions, 415
- PIM (Privileged Identity Management), 74–75
- platform as a service (PaaS), 230–231, 517
- pods, 338
- point-of-presence (POP), 216
- point-time restore (PITR), 438
- Point-to-Site (P2S) connection, 136
- poison messages, 491
- port address translation (PAT), 135, 146
- PostgreSQL, Azure Database for, 423
- PowerShell, 200–201, 326–327
- pricing models and limits, Azure SQL Database, 388–392
- primary key, 364
- privacy, compliance, 475–477
- Privileged Identity Management (PIM), 74–75
- process automation, 604
- product names, 9–11
- products, 127
- programming languages, supported in Azure Functions, 326–327
psping
tool, 152
- public IP addresses, 134–135, 157
- public load balancer, 212–213
- Publisher/Subscriber pattern, 488
- Python, 307–308, 326–327
- Q
- questions
- assessment test, xxxix–xliv
- review
- Azure, 35–38
- cloud development, 540–541
- compliance, 508–509
- Compute (hosting model), 350–353
- data storage, 454–455
- deployment, 610–611
- hybrid solutions, 508–509
- messaging, 508–509
- migrating, 610–611
- monitoring, 679–680
- networking, 224–225
- recovery, 679–680
- security and identity, 108–109
- Queue-Based Load Leveling pattern, 489
- R
- RBAC. See role-based access control (RBAC)
- RCA (root-cause analysis), 620
- RDBMS (relational database management system), 22, 357–358, 363–365
- RDMA (Remote Directory Memory Access), 312–313
- RDP (Remote Desktop Protocol), 546
- read-access geo-redundant storage (RA-GRS), 396, 435, 436
- read-access geo-zone-redundant storage (RA-GZRS), 435, 437
- Reader RBAC role, 78
- recovery
- about, 614–615, 649–650
- Azure Recovery Services, 651–668
- business continuity and disaster recovery (BCDR), 650–651
- exam essentials, 678
- exercises, 656, 664–666
- by product type
- about, 668–669
- Azure App Services, 673
- Azure Data Services, 673–675
- Azure Messaging Services, 675–677
- Azure Virtual Machines, 671–673
- networking, 669–670
- review question answers, 690–691
- review questions, 679–680
- recovery point objective (RPO), 667
- recovery time object (RTO), 667
- Red Hat Enterprise, 266, 267, 268
- Redeploy, 285
- redundancy, in design principles, 515
- regional dependencies, 552
- regional global database instances, 524
- regions
- in Azure Virtual Networking, 117–127
- changing, 286–288
- registry, Docker, 247
- regulatory boundaries, 477–478
- relational database management system (RDBMS), 22, 357–358, 363–365
- reliability
- compliance, 474–475
- design principles, 515
- reliability component (Service Fabric), 332
- Remote Desktop Protocol (RDP), 546
- Remote Directory Memory Access (RDMA), 312–313
- Representational State Transfer (REST) API, 237
- request unit (RU), 414–415
- resiliency
- compliance, 474–475
- design principles, 515
- resource groups, 84, 286–288
- resource locks, 273–277
- resource providers, 91, 586–591
- resources
- about, 127
- connecting with other Azure, 129–134
- controlling permissions for, 87
- deploying, 576–600
- moving in Azure
- about, 567–568
- Azure App Services, 568–569
- Azure Virtual Machines, 569–576
- on-premise, 136–137
- providing permissions to, 85–86
- rest, data at, 100
- Retry design pattern, 235–236, 518–519
- review questions
- answers to
- Azure, 682–683
- cloud development, 688–689
- compliance, 688
- Compute (hosting model), 685–687
- data storage, 687–688
- deployment, 689–690
- hybrid solutions, 688
- messaging, 688
- migrating, 689–690
- monitoring, 690–691
- networking, 684
- recovery, 690–691
- security and identity, 683–684
- Azure, 35–38
- cloud development, 540–541
- compliance, 508–509
- Compute (hosting model), 350–353
- data storage, 454–455
- deployment, 610–611
- hybrid solutions, 508–509
- messaging, 508–509
- migrating, 610–611
- monitoring, 679–680
- networking, 224–225
- recovery, 679–680
- security and identity, 108–109
- role-based access control (RBAC)
- about, 49, 78–84
- compared with Azure Active Directory (AAD), 77, 78
- controlling access, 84–85
- controlling permissions to resources, 87
- custom roles, 87–91
- exercises, 80–82, 83, 88–91
- permissions, 78–81, 85–87
- providing permissions to resources, 85–86
- roles, 78–79
- roles
- Azure Active Directory (AAD), 43
- custom, 87–91
- defined, 78
- exercises, 88–91
- root-cause analysis (RCA), 620
- router, 146–147
- routing table, 139
- RPO (recovery point objective), 667
- RTO (recovery time object), 667
- RU (request unit), 414–415
- Ruby, 307–308
- run from package, 318
run()
method, 321–323
- runtime, 239–240
- runtime versions, 326
- S
- S2S (Site-to-Site) connection, 136, 163–164, 192–193
- SaaS (software as a service), 41, 517
- SAS (Shared Access Signatures), 102–103, 434, 447–449
- SAS signature, 449
- scale sets, 288–295
- scaling
- Azure Kubernetes Services, 342–344
- design principles and, 516–517
- SCSI (Small Computer System Interface), 281
- SDKs (software development kits), 238, 621
- SDLC (software development life cycle), 594
- SDM (semantic data model), 371–372
- search engine databases, 365
- search engine optimization (SEO), 365
- Secure Sockets Layer (SSL), 202
- security and identity
- about, 40
- Azure Active Directory (AAD)
- AAD Connect, 49–53
- about, 40–44
- adding custom domains, 44–49
- application proxy, 54–56
- Azure AD Domain Services, 76–77
- B2B collaboration, 53–54
- conditional access, 59–66
- identity protection, 57–59
- managed identities, 75–76
- multifactor authentication, 66–74
- Privileged Identity Management (PIM), 74–75
- self-service password, 54
- service level agreement (SLA), 56–57
- Azure data, 443–450
- Azure SQL Database, 392–397
- Azure Virtual Machine, 295–297
- cloud, 534–538
- compliance, 472–474
- exam essentials, 106–107
- hardware and network security
- about, 92–93
- Application Gateway/WAF, 98–99
- Azure confidential computing, 99–102
- Azure DDoS protection, 99
- Azure Network Security, 98
- Microsoft Trust Center, 93
- Security Center, 93–98
- hybrid solutions, 459
- monitoring, 635–638
- products in, 11
- review question answers, 683–684
- review questions, 108–109
- role-based access control (RBAC)
- about, 78–84
- controlling access, 84–85
- controlling permissions to resources, 87
- custom roles, 87–91
- providing permissions to resources, 85–86
- security products and techniques, 102–106
- Security Center
- about, 92, 93–94, 478–479
- advanced cloud defense, 96
- Compute & Apps blade, 481–482
- data storage, 479–481
- policy and compliance capabilities, 94–95
- resource security hygiene, 95–96
- Threat Protection, 96–98
- tier differences, 94
- security information and event management (SIEM), 638
- security principals, 84
- security rules, 137
- self-healing, 235, 515–516
- self-service password, 54
- semantic data model (SDM), 371–372
- SEO (search engine optimization), 365
- Sequential Convoy pattern, 489–490
- Server Integration Services (SSIS), 398
- Server Message Block (SMB), 27, 100, 374
- serverless computing. See functions as a service (FaaS)
- Serverless computing style, 514
- Service Bus, 28–30, 496–498
- service endpoints
- about, 450
- Azure SQL Databases, 404–408
- exercises, 406–408
- Service Fabric
- about, 328–330
- architecture, 331–332
- Azure integration, 335–336
- best practice scenarios, 332–334
- clusters, 330–331
- nodes, 330–331
- service level agreement (SLA), 56–57, 615
- Service Management Automation, 607
- service principals, 85, 103, 531
- service tag, 170–171
- Service Trust Center, 464
- service-oriented architecture (SOA), 185, 328
- sharding, 415
- Sharding design pattern, 520
- Shared Access Signatures (SAS), 102–103, 434, 447–449
- shared files, 373–377
- SIEM (security information and event management), 638
- sign-in risk, conditional access policies and, 60–62
- Simple Object Application Protocol (SOAP), 237–238
- single database, 22
- single sign-on (SSO), 52–53, 459
- Site Recovery, 30–32
- Site Recovery Deployment Planner (SRDP), 32
- Site-to-Site (S2S) connection, 136, 163–164, 192–193
- site-to-site VNP gateway, 192–193
- size, Azure Virtual Machine, 277–281
- SKU types, 196–197
- SLA (service level agreement), 56–57, 615
- slot swap, 300
- Small Computer System Interface (SCSI), 281
- SMB (Server Message Block), 27, 100, 374
- SMS, as authentication method, 68
- SNAT (source network address translation), 135, 146
- SOA (service-oriented architecture), 185, 328
- SOA (start of authority), 188
- SOAP (Simple Object Application Protocol), 237–238
- socket, 147
- software as a service (SaaS), 41, 517
- software development kits (SDKs), 238, 621
- software development life cycle (SDLC), 594
- software-driven wide area network (SWAN), 318
- source code repositories, 533–534
- source network address translation (SNAT), 135, 146
- SQL. See Structured Query Language (SQL)
- SQL Information Protection, 480
- SQL Managed Instance, 408
- SQL Server, 22–23
- SQL Server Migration Assistant (SSMA), 439, 560
- SQLCMD utility, 164
- SRDP (Site Recovery Deployment Planner), 32
- SSE (Storage Service Encryption), 446
- SSIS (Server Integration Services), 398
- SSL (Secure Sockets Layer), 202
- SSL offloading, 202–205
- SSL Termination, 202–205
- SSMA (SQL Server Migration Assistant), 439, 560
- SSO (single sign-on), 52–53, 459
- start of authority (SOA), 188
- sticky sessions, 516
- storage. See data storage
- Storage Explorer, 433
- Storage Service Encryption (SSE), 446
- StorSimple, 440
- Structured Query Language (SQL)
- styles, 513–514
- subnets
- Azure VNet and, 142–154
- exercises, 150–154
- subscriptions
- changing, 286–288
- defined, 498
- Superfluous Fetching antipattern, 521–523
- SUSE Linux Enterprise, 266, 267, 268
- SWAN (software-driven wide area network), 318
- Synchronous I/O antipattern, 521–523
- System Center Data Protection Manager (DPM), 655
- System Center Orchestrator, 607
- T
- tags, 470–472, 649
- TCP, 149
tcpping
tool, 152
- Team Foundation Services (TFS), 534
- TEEs (trusted execution environments), 101
- templates, ARM, 580–594
- tenant (AD), 12–13, 41
- testing component (Service Fabric), 332
- Threat protection, 96–98
- Throttling design pattern, 520
- time-bound, as Privileged Identity Management (PIM) feature, 74
- time-to-live (TTL), 186
- TLS (Transport Layer Security), 202
- tokens, 105–106
- tools, networking, 152
- topology, 183–184
- traffic filtering, with NSG, ASG, and NVA, 169–173
- Traffic Manager
- transient event, 238
- transit, data in, 100
- transport component (Service Fabric), 332
- Transport Layer Security (TLS), 202
- triggered WebJobs, 309–312
- triggers
- Azure Functions, 320–325
- for background jobs, 523–524
- trusted execution environments (TEEs), 101
- TTL (time-to-live), 186
- 2017 C++ redistributable utility, 164
- TXT record type, 185
- TypeScript, 326–327
- U
- Ubuntu, 267, 268
- Ubuntu Server, 266
- UDP, 149
- update domains, 288
- update management, 606–607
- URL path-based redirection, 206–211
- user acceptance testing (UAT), 470
- user-defined functions (UDF), 415
- user-defined route (UDR), 172
- users (Azure Active Directory), 47–49
- V
- VDC (Azure Virtual Datacenter), 477
- vertical scale, 377
- virtual, 345
- virtual hard disk (VHD), 15, 264
- Virtual Machine. See Azure Virtual Machine (VM)
- virtual machine scale set (VMSS), 263
- Virtual Network Appliances (VNA), 363
- virtual networks
- about, 98
- creating, 193
- private address space, 133
- service endpoints, 131
- virtual nodes, 344
- virtualization-based security, 101
- Visual Studio, deploying with, 578–580
- VMSS (virtual machine scale set), 263
- VMWare, 286, 551–555
- VNA (Virtual Network Appliances), 363
- voice call, as authentication method, 68
- Volume Shadow Copy Service (VSS), 662
- VPN connection, 198–199
- VPN devices, 198
- VPN Gateway, 195–197, 460
- W
- WASL, 20
- WCF (Windows Communication Foundation) framework, 237–238
- Web API, 233
- Web Application Firewall (WAF), 99, 174, 450
- Web applications, 233, 514
- Web Apps
- about, 301–306
- for containers (Linux), 306–308
- Web category products, 11
- web farm, 202
- Web-queue-worker style, 514
- websites, hosting multiple, 206–211
- whitelisting IP addresses, 24
- Windows Authentication, 528–529
- Windows Azure Guest Agent, 573
- Windows Backup, Linux compared with, 661–663
- Windows Communication Foundation (WCF) framework, 237–238
- Windows Server operating system, 263–266, 555–556
- Windows Subsystem for Linux (WSL), 242
- Windows Virtual Desktop, 345–346
- Wireshark, 120
- Workflow management style, 514
- WSDL, 20
- Z
- 0.0.0.0/0 address prefix, 141
- zone replication, 434–437
- zone-redundant storage (ZRS), 434–435, 436
- zones, changing, 286–288
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.