AZ900 Flashcards
Elasticity
Elastisitet: Du he møje load på en tjeneste så du øke f.eks RAM eller vCPU på server/AKS for at det sga fungera bra.
Agility
Agility: Du kan spinna opp en ny tjeneste rimelig fort.
Azure Service Health
After an outage, Service Health provides official incident reports called root cause analysis (RCA), which you can share with stakeholders
Azure ExpressRoute
For environments where you need greater bandwidth and even higher levels of security, Azure ExpressRoute is the best approach. ExpressRoute provides a dedicated private connectivity to Azure that doesn’t travel over the internet. (You’ll learn more about ExpressRoute in a separate unit later in this module.)
Azure Monitor
Azure Monitor is a platform that collects metric and logging data, such as CPU percentages. The data can be used to trigger autoscaling.
Application Insights is a feature of Azure Monitor that allows you to monitor running applications, automatically detect performance anomalies, and use built-in analytics tools to see what users do on an app.
Azure Advisor
Azure Advisor evaluates Azure resources and makes recommendations to help improve reliability, security, and performance, achieve operational excellence, and reduce costs.
The five recommendation categories for Azure Advisor are: Reliability, Security, Performance, Operational Excellence, and Cost.
Network Security Groups (NSGs)
Filter network traffic to and from Azure resources on Azure Virtual Networks. Set inbound and outbound rules. Inbound / Outbound.
Feks, all trafikk fra visse IPer, eller fra LoadBalancer, eller INGEN ting fra 443.
Regions
Regions: regions are made up of one or more datacenters in close proximity. 60 regioner globalt. 140 land.
Region pair
Region pair: Eks: East US –> West US minst 300 miles seperations
Availability Zones
Availability Zones: Fysisk sepererte datasenter, innenfor samme region
Vertical scaling
also known as “scaling up”, is the process of adding resources to increase the power of an existing server.
Horizontal scaling
also known as “scaling out”, is the process of adding more servers that function together as one unit.
Availability sets
Availability sets are a way for you to ensure your application remains online if a high-impact maintenance event is required, or if a hardware failure occurs.
Availability sets are made up of Update domains (UD) and Fault domains (FD):
Azure Resource Manager (ARM)
is the deployment and management service for Azure. It provides a consistent management layer that enables you to create, update, and delete resources in your Azure subscription. You can use its access control, auditing, and tagging features to secure and organize your resources after deployment.
ARM templates define an application’s infrastructure requirements for a repeatable deployment that is done in a consistent manner. A validation step ensures that all resources can be created in the proper order based on dependencies, in parallel and idempotent.
Azure Reservations
Azure Reservations offers discounted prices on certain Azure services. Azure Reservations can save you up to 72 percent compared to pay-as-you-go prices. To receive a discount, you can reserve services and resources by paying in advance.
Spending limits can suspend a subscription when the spend limit is reached.
Health advisories
Health advisories are issues that require that you take action to avoid service interruptions, such as service retirements and breaking changes.
Management groups
Management groups can be used in environments that have multiple subscriptions to streamline the application of governance conditions.
Resource groups can be used to organize Azure resources.
Administrative units are used to delegate the administration of Azure AD resources, such as users and groups.
Accounts are used to provide access to resources
VPN gateway
A VPN gateway is a type of virtual network gateway. Azure VPN Gateway instances are deployed to a dedicated subnet of a virtual network. You can use them to connect on-premises datacenters to virtual networks through a Site-to-Site (S2S) VPN connection.
Service endpoints
Service endpoints are used to expose Azure services to a virtual network, providing communication between the two.
Conditional Access
Conditional Access is a tool that Azure AD uses to allow or deny access to resources based on identity signals, such as the device being used. SSO enables a user to sign in one time and use that credential to access multiple resources and applications from different providers. MFA is a process whereby a user is prompted during the sign-in process for an additional form of identification. Hybrid identity solutions create a common user identity for authentication and authorization to all resources, regardless of location.
Azure role-based access control (RBAC)
Azure RBAC allows you to assign a set of permissions to a user or group.
Scale Sets
Azure Virtual Machine Scale Sets let you create and manage a group of load-balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide the following key benefits:
Easy to create and manage multiple VMs
Provides high availability and application resiliency by distributing VMs across availability zones or fault domains
Allows your application to automatically scale as resource demand changes
Works at large-scale
Scalability
Apps in the cloud can scale vertically and horizontally:
LRS / ZRS
Local Redudant Storage, alt innenfor samme storage account
Zone Redudant Storage,
