Azure Cheat Sheet Flashcards
Azure Advisor
Azure Advisor evaluates your Azure resources and makes recommendations to help improve reliability, security, performance achieve operational excellence and reduce costs
Azure Advisor is designed to help you save time on cloud optimization
The recommendation service includes suggested actions you can take right away, postpone or dismiss
When youre in the Azure portal, the Advisor dashboard displays personalized recommendations for all your subscriptions
You can use filters to select recommendations for specific subscriptions, resource groups or services
Azure Blueprints
Azure Blueprints lets you deploy a Test/Dev environment with security and compliance settings already configured
In this way, development teams can rapidly build and deploy new environments with the knowledge that theyre building within organizational requirements
Azure Monitor
Azure Monitor is a platform for collecting data on your resources, analyzing that data, visualizing the information, and even acting on the results. Azure Monitor can monitor Azure resources, your on premises resources, and even multi cloud resources like virtual machines hosted with a different cloud provider
Azure Log Analytics
Azure Log Analytics is the tool in the Azure portal where you will write and run log queries on the data gathered by Azure Monitor
Log Analytics is a robust tool that supports both simple, and complex queries and data analysis
You can write a simple query that returns a set of records and then use features of Log Analytics to sort, filter and analyze the records
You can write an advanced query to perform statistical analysis and visualize the results in a chart to identify a particular trend
Azure Monitor Alerts
Azure Monitor Alerts are an automated way to stay informed when Azure Monitor detects a threshold being crossed
You set the alert conditions, the notification actions and then Azure Monitor Alerts notify when an alert is triggered
Azure Reservations
Azure Reservations offers discounted prices on certain Azure services.
Azure Reservations can save you up to 72 percent compared to pay as you go prices
To receive a discount, you can reserve services and resources by paying in advanced
Azure Spot VM
Azure spot VMs allow customers to purchase VMs from a pool of unused spare capacity at a significantly lower price - up to 90% less - than pay as you go
Azure Agility
Agility means that you can deploy and configure cloud based resources quickly as app requirements change
Azure Scalability
Means that you can add RAM, CPU or entire virtual machines to a configuration
Azure Elasticity
Means that you can configure cloud based apps to take advantage of autoscaling, so apps always have the resources they need
Agility is the ability to scale quickly. If that scaling is happening automatically, then we are talking about Elasticity. All of those terms directly explain the system’s ability to change resources at will.
Azure High Availability
Means that cloud based apps can provide a continuous user experience with no apparent downtime, even when things go wrong
Azure Disaster Recovery
It keeps data and other assets safe in the event of a disaster
Azure Application Insights
An Azure Monitor feature
Monitors your web applications
Application Insights is capable of monitoring applications that are running in Azure, on premises, or a different cloud environment
There are two ways to configure Application Insights to help monitor your application
You can either install an SDK in your applications, or you can use the Application Insights agent
The Application Insight agent is supported in C#.NET, VB.NET, Java, JavaScript, Node.js, and Python
Not only does Application Insights help you monitor the performance of your application, but you can also configure it to periodically send synthetic requests to your application
App Service
App Service includes full support for hosting web apps by using ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP or Python
You can choose either Windows or Linux as the OS
App Service enables you to build and host web apps, background jobs, mobile back ends, and RESTful APIs in the programming language of your choice without managing infrastructure
It offers automatic scaling and high availability
It enables automated deployments from GitHub, Azure DevOps, or any Git repo to support a continuous deployment model
HDInsight
HDInsight is a cloud service that makes processing massive volumes of data simple, fast and cost effective
Azure Trust Center
The Trust Center is an important part of the Microsoft Trusted Cloud Initiative and provides support and resources for the legal and compliance community
Azure Event Hubs
Azure Event Hubs is a big data streaming platform and event ingestion service
It can receive and process millions of events per second
Data send to an event hub can be transformed and stored by using any real time analytics provider or batching/storage adapters
Azure Service Health
Azure Service Health is a suite of experiences that provide personalized guidance and support when issues with Azure services affect you.
It can notify you, help you understand the impact of issues, and keep you updated as the issue is resolved.
Azure Service health can also help you prepare for planned maintenance and changes that could affect the availability of your resources
Azure Databrick
Azure service that provides analytics and reporting
Azure Security Center
Azure Security Center by Microsoft is a solution that provides unified security management across hybrid cloud workloads
It offers threat protection for data centers within both cloud workloads and on premises
The platform also works with hybrid clouds that are not part of the Azure ecosystem
Azure Firewall
Azure Firewall is a cloud native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure
Its a fully stateful, firewall as a service with built in high availability and unrestricted cloud scalability
Network Security Group (NSG) `
You can use an Azure NSG to filter network traffic between Azure resource sin an Azure virtual network
A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources
For each rule, you can specify source and destination, port and protocol`
Azure Advanced Threat Protection
Microsoft Defender for Identity is a cloud based security solution that leverages your on premises Active Directory signals to identify, detect and investigate advanced threats, compromised identifies and malicious insider actions directed at your organization
Azure Policy
Azure Policy is a service in Azure that enables you to create, assign and manage policies that control or audit your resources
These policies enforce different rules across your resource configurations so that those configurations stay compliant with corporate standards
Azure Policy enables you to define both individual policies and groups of related policies, known as initiatives
Azure Policy evaluates your resources and highlights resources that arent compliant with the policies youve created
Service Trust Portal
Service Trust Portal is the Microsoft public site for publishing audit reports and other compliance related information relevant to Microsofts cloud services
STP users can download audit reports produced by external auditors and gain insight from Microsoft authored reports that provide details on how MIcrosoft builds and operates its cloud services
Azure AD Identity Protection
Identity Protection uses the leanings Microsoft has acquires from their position in organizations with Azure AD, the consumer space with Microsoft Accounts, and in gaming with Xbox to protect your users.
Microsoft analyzes trillions of signals per day to identify and protect customers from threats
Microsoft Privacy Statement
The Microsoft Privacy Statement explains what personal data Microsoft processes, how Microsoft processes it and for what purposes
Conditional Access
This is a tool that Azure AD uses to allow (or deny) access to resources based on identity signals
These signals include who the user is, where the user is, and what device the user is requesting access from
Conditional Access also provides a more granular MFA experience for users
For example, a user might not be challenged for a second authentication factor if theyre at a known location
Single Sign On (SSO)
SSO centralizes user identity, so you can disable an inactive account in a single step
Azure Cognitive Servcies
Azure Cognitive Services are cloud based AI services that help developers build cognitive intelligence into applications without having direct AI or data science skills or knowledge
Azure Logic Apps
Serverless, Azure Logic Apps is a cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations
Azure Functions
Serverless, it is a serverless compute service that lets you run event triggered code without having to explicitly provision or manage infrastructure
Azure Sentinel
Azure Sentinel, now known as Microsoft Sentinel, centralizes your threat collection, detection, response and investigation efforts.
It provides threat intelligence security and analytic capabilities that facilitate threat visibility, alert detection, threat response, and proactive hunting
Azure Traffic Manager
Azure Traffic Manager is a DNS based traffic load balancer
This service allows you to distribute traffic to your public facing applications across the global Azure regions
Traffic Manager also provides your public endpoints with high availability and quick responsiveness
Application Gateway
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications
Traditional load balancers operates at the transport layer (OSI layer 4- TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port
Azure Sphere
(IoT) Azure Sphere is a secured, high level application platform with built in communication and security features for internet connected devices
VM Scale Sets
Virtual machine scale sets let you create and manage a group of identical, load balanced VMs.
If you simply created multiple VMs with the same purpose, you would need to ensure they were all configured identically and then set up network routing parameters to ensure efficiency
Scale sets allow you to centrally manage, configure and update a large number of VMs in minutes
The number of VM instances can automatically increase or decrease in response to demand, or you can set it to scale based on a defined schedule
Azure Virtual Desktop
Azure Virtual Desktop is a desktop and application virtualization service that runs on the cloud
It enables you to use a cloud hosted version of Windows from any location
Azure Virtual Desktop works across devices and OS
Containers
Containers (PaaS) are a virtualization environment
Much like running multiple virtual machines on a single physical host, you can run multiple containers on a single physical or virtual host
Unlike virtual machines, you dont manage the OS for a container
Border Gateway Protocol
Border Gateway Protocol (BGP) works with Azure VPN gateways, Azure Route Server, or Azure ExpressRoute to propagate on premises BGP routes to Azure virtual networks
Azure Service Endpoint
Service endpoints are used to expose Azure services to a virtual network, providing communication between the two
Azure Key Vault
Azure Key Vault is a centralized cloud service for storing your applications secrets
Key Vault helps you control your applications secrets by keeping them in a single, central location and by providing secure access, permissions control and access logging capabilities
Azure Blob
This is an immensely scalable object store for text and binary data
Azure Blob Storage was designed to serve specific needs
If your business use case needs to store unstructured data like audio, video, images etc then you should probably go with this option.
The objects which are being stored in Blob do not necessarily have an extension
Azure Files
Unlike the Blob Storage, the File Storage allows the cloud share of the fully managed file and these files should be accessible with the industry SMB
The main difference between Blob and File storage is the form of the data
Azure File Storage allows only structured data
Azure Queue
This is a messaging store for consistent messaging between application components
Azure Tables
NoSQL Stores for schema less stroage of structured data
Azure Disks
This is block level for Azure VMs
AzCopy
This is a command line utility that you can use to copy blobs, or files from your storage account. With AzCopy, you can upload files, download files, copy files between storage accounts and even synchronize files
Azure Storage Explorer
This is a standalone app that provides a graphical interface to manage files and blobs in your Azure Storage Account
Azure File Sync
This is a tool that centralizes your file shares in Azure Files and keeps the flexibility, performance and compatibility of a Windows file server
Azure Migrate
This is a service that helps you migrate from an on premises environment to the cloud
Azure Fault Tolerance
This is the ability of an OS to respond to a hardware or software failure
The ability of a system to continue operating despite failures or malfunctions is referred to as fault tolerance
Azure Data Box
This is a physical migration service that helps transfer large amounts of data in a quick, inexpensive and reliable way
Azure Synapse
It is a limitless analytics service that brings together enterprise data warehousing and big data analytics
Zero Trust
This is a security model that assumes the worst case scenario
Trust assumes breach at the outset and then verifies each request as though it originated from an uncontrolled network
Azure Cloud Shell
This is a browser based shell tool that allows you to create, configure and manage Azure resources using a shell
Azure Cloud Shell supports both PowerShell and Azure CLI which is a bash shell
Azure PowerShell
This is a shell with which developers, DevOps and IT professionals can run commands called command-lets
These commands call the Azure REST API to perform management tasks in Azure
The Azure CLI
This is functionally equivalent to PowerShell, with the primary difference being the syntax of commands
While Powershell uses Powershell commands, the Azure CLI uses Bash commands
Azure Arc
Arc lets you extend your Azure compliance and monitoring to your hybrid and multi cloud configurations
Azure Arc simplifies governance and management by delivering a consistent multi cloud and on premises management platform
Azure Resource Manager (ARM)
Is the deployment and management service for Azure
it provides a management layer that enables you to create, update and delete resources in your Azure account
Anytime you do anything with your Azure resources, ARM is involved
Azure Resource Manager Templates
It is structure for creating resources
They can be used to specify and automate the creation of resources that are similar
By using ARM templates, you can describe the resources you want to use in a declarative JSON format
TCO
The TCO Calculator helps you estimate the cost savings over time of operation a solution in Azure compared to operating in an on premises data center
Pricing Calculator
This is designed to give you an estimated cost for provisioning resources in Azure
You can get an estimate for individual resources, build out a solution, or use an example scenario to see an estimate of the Azure spend
The pricing calculators focus is on the cost of provisioned resources in Azure
Cost Management
It provides the ability to quickly check Azure resources costs, create alerts based on resource spending, and create budgets that can be used to automate the management of resources
Locally Redundant Storage
Locally redundant storage (LRS) replicates your data three times within a single data center in the primary region
LRS provides at least 11 9s of durability of objects over a given year
Zone Redundant Storage
For Availability Zone enabled regions, zone redundant storage replicates your Azure Storage data synchrnously across three Azure availability zones in the primary region
ZRS offers durability for Azure Storage data objects of at least 12 nines over a given year
Geo Redundant Storage
GRS copies your data synchrnously three times within a single physical location in the primary region using LRS
It then copies your data asynchronously to a single physical location in the secondary region (the region pair) using LRS
GRS offers durability for Azure Storage data objects of at least 16 9s over a given year
