Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ag-AZ-900 > Module 5bb - Identity, Governance, Privacy and Compliance - Build a Cloud Governance Strategy, Resource Locks, Tags > Flashcards

Module 5bb - Identity, Governance, Privacy and Compliance - Build a Cloud Governance Strategy, Resource Locks, Tags Flashcards

1
Q

What is a Resource Lock?

A

It’s a mechanism used to prevent the accidental deletion or manipulation of a Resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Where do you manage Resource Locks

A

You can manage locks from the usual places: Azure Portal, Powershell, Azure CLI (az.exe) or from an ARM Template

In Azure Portal, go to any details page for a resource and click on Settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the three (3) levels can you apply Locks to?

A

Subscription, Resource Group or an individual Resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What two (2) types of Locks can be applied?

A

CanNotDelete - authorized can read and modify but cannot delete without removing the lock first

ReadOnly - authorized can only read, no modify, no delete. Equivalent to restricting everyone to “Reader” Role in RBAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What’s the process for changing or deleting a locked Resource

A
  1. Remove the lock
  2. Do whatever your account has permission to do

The extra step helps to keep your Resource secure even from Administrator actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Resource Locks adhere to RBAC permissions, so if you are the designated Owner of a Resource, you can override any Lock on that Resource (T/F)?

A

False! Locks apply to everyone even if you are the Owner!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

When locking a Resource Group, you prevent the Resource Group from being deleted, but not any of its contained Resources (T/F)?

A

False. Locking a Resource Group is transitive to all its internal Resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Tags?

A

Tags allow you to easily add Metadata to your Resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What scenarios make Tags useful?

A

Organizing Resources by Tags make them much easier to manage and filter should you need to:

  • Group Resources that may or may not be within the same Resource Group, to associate them to specific business needs, workflows, etc.
  • Cost Reporting
  • Group by SLA
  • Group by security level classification (Azure Gov)
  • Group by specific Governance or Regulatory Compliance requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How can you manage/apply/remove Resource Tags?

A

The usual! Azure Portal, Azure CLI, Azure PowerShell, ARM Templates or REST API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

When applying a Tag to a Resource Group, it applies to ALL Resources within that Resource Group (similar to Locking) (T/F)?

A

False. Tags do NOT auto-apply to child Resources by default. This is opposite of Resource Group locking, where the lock applies to all child Resources…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ag-AZ-900 (38 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions