This document provides an overview of Microsoft Cloud OS and Azure services related to identity, governance, and storage. It discusses Microsoft certifications and learning paths for Azure. It covers Azure identity services like Active Directory, multi-factor authentication, and Azure AD Connect. It also summarizes Azure governance tools including policies, tags, and role-based access control. Finally, it outlines the various Azure storage services like Blob, File, Queue, and Disk storage.
Análisis de riesgos en Azure y protección de la informaciónPlain Concepts
Charla impartida en evento Protección y seguridad en entornos de Cloud Hibrida con Azure y O365 sobre Análisis de riesgos en Azure y protección de la información by Plain Concepts
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
It contains various cloud services like storage, database, push notifications, app services, machine learning, Internet of things support, API Management, cosmos DB etc. provides by Microsoft Azure.
Análisis de riesgos en Azure y protección de la informaciónPlain Concepts
Charla impartida en evento Protección y seguridad en entornos de Cloud Hibrida con Azure y O365 sobre Análisis de riesgos en Azure y protección de la información by Plain Concepts
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
It contains various cloud services like storage, database, push notifications, app services, machine learning, Internet of things support, API Management, cosmos DB etc. provides by Microsoft Azure.
Innovate with Sonata Azure Services Cloud-first approach is critical for digital journey. Businesses are confronting issues when they migrate to the cloud, and there is ambiguity over vision, scalability, security, and governance. Sonata, through its innovative models, new growth engines, digital processes, and products helps clients to Envision, Engineer and Evolve their digital journey.
Top 20 Azure Interview Questions and Answers in 2023.pptxAnanthReddy38
Cloud Architect: Designing and implementing cloud solutions using Azure services, ensuring scalability, security, and reliability.
Azure Developer: Developing and deploying applications on Azure, leveraging Azure services and APIs.
Azure Administrator: Managing and maintaining Azure infrastructure, including resource provisioning, monitoring, and security.
Data Engineer: Building data pipelines, performing data integration, and implementing data solutions using Azure data services.
DevOps Engineer: Automating deployment, monitoring, and management of applications and infrastructure using Azure DevOps and related tools.
CoLabora - Identity in a World of Cloud - June 2015CoLaboraDK
CoLabora UC User Group Meeting - June 2015.
Topic about: Identity in a World of Cloud - June 2015
Speaker: Jakob Østergaard Nielsen (www.mistercloudtech.com)
Microsoft Azure is Microsoft's cloud computing platform which enables rapid development of great solutions using its compute, storage, network and application services. The presentation focuses on how to get started with Azure and on fundamentals of some of the core features of Azure which every developer needs to know like Virtual Machines, SQL Database, App Services, Storage accounts and so on. The session will also include some quick demos, best practices, and tips for Azure Development. There will be something for everyone who is looking for advancing their technical skills with Microsoft Azure.
To work effectively with Office 365 you need to understand how to manage and configure identity for your environment. This presentation gives you an overview.
Trusted Microsoft Gold partners such as Web Synergies are helping enterprises build scalable & secure cloud-native applications by taking full advantage of the Azure platform.
Microsoft Cloud Identity and Access Management Poster - AtidanDavid J Rosenthal
Unlock the power of the cloud with enterprise-level identity services for all your cloud apps.
AZURE ACTIVE DIRECTORY
Use Azure Active Directory (Azure AD) at
global scale to centrally manage employee
access and provide single sign-on to
Microsoft services such as Azure, Office 365,
Dynamics CRM, Windows Intune, and
thousands of non-Microsoft cloud apps
MULTI-FACTOR AUTHENTICATION
Use Multi-Factor Authentication to protect
access to sensitive company information
and to help protect your organization from
malicious attacks.
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you're interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is?
This session will take you through the basics of identity in the Microsoft Cloud and show you to how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
Innovate with Sonata Azure Services Cloud-first approach is critical for digital journey. Businesses are confronting issues when they migrate to the cloud, and there is ambiguity over vision, scalability, security, and governance. Sonata, through its innovative models, new growth engines, digital processes, and products helps clients to Envision, Engineer and Evolve their digital journey.
Top 20 Azure Interview Questions and Answers in 2023.pptxAnanthReddy38
Cloud Architect: Designing and implementing cloud solutions using Azure services, ensuring scalability, security, and reliability.
Azure Developer: Developing and deploying applications on Azure, leveraging Azure services and APIs.
Azure Administrator: Managing and maintaining Azure infrastructure, including resource provisioning, monitoring, and security.
Data Engineer: Building data pipelines, performing data integration, and implementing data solutions using Azure data services.
DevOps Engineer: Automating deployment, monitoring, and management of applications and infrastructure using Azure DevOps and related tools.
CoLabora - Identity in a World of Cloud - June 2015CoLaboraDK
CoLabora UC User Group Meeting - June 2015.
Topic about: Identity in a World of Cloud - June 2015
Speaker: Jakob Østergaard Nielsen (www.mistercloudtech.com)
Microsoft Azure is Microsoft's cloud computing platform which enables rapid development of great solutions using its compute, storage, network and application services. The presentation focuses on how to get started with Azure and on fundamentals of some of the core features of Azure which every developer needs to know like Virtual Machines, SQL Database, App Services, Storage accounts and so on. The session will also include some quick demos, best practices, and tips for Azure Development. There will be something for everyone who is looking for advancing their technical skills with Microsoft Azure.
To work effectively with Office 365 you need to understand how to manage and configure identity for your environment. This presentation gives you an overview.
Trusted Microsoft Gold partners such as Web Synergies are helping enterprises build scalable & secure cloud-native applications by taking full advantage of the Azure platform.
Microsoft Cloud Identity and Access Management Poster - AtidanDavid J Rosenthal
Unlock the power of the cloud with enterprise-level identity services for all your cloud apps.
AZURE ACTIVE DIRECTORY
Use Azure Active Directory (Azure AD) at
global scale to centrally manage employee
access and provide single sign-on to
Microsoft services such as Azure, Office 365,
Dynamics CRM, Windows Intune, and
thousands of non-Microsoft cloud apps
MULTI-FACTOR AUTHENTICATION
Use Multi-Factor Authentication to protect
access to sensitive company information
and to help protect your organization from
malicious attacks.
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you're interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is?
This session will take you through the basics of identity in the Microsoft Cloud and show you to how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
13. What you have to do with Azure for licensing
What is azure
enrollment ?
14. Azure enterprise agreement
The Enterprise Agreement is designed for
organizations that want to license software and
cloud services for a minimum three-year period.
As of October 10, 2022 direct EA customers won’t be able to manage
their billing account in the EA portal. Instead, they must use the Azure
portal.
15. What you have to do with Azure for licensing
What is azure
Subscription ?
16. Azure Account Hierarchy
Azure Enterprise
Department
Accounts
Subscriptions
https://ea.azure.com
https://account.azure.com
https://portal.azure.com
Resource groups
18. Role (role definition) is a Collection of action that assigned
identity will be able to perform
Role definition is an answer to question what can be done ?
19.
20. Security principal is an azure object (identity) that can be assigned
to a role (ex. Users, groups or application)
Security principal assignment is an answer to a question “who can
do it ?”
21.
22. Scope one ore more azure resource that access applies to
Scope assignment is an answer to a question “where can it be
done ?”
31. Azure Active Directory
Cloud based identity provider
Controls access to azure resource
Provides Authentication & Authorization service to Azure portal, Microsoft office 365 & other
SaaS services
Manage device using azure AD
Support Oauth, OpenID, SAML, ADFS authentication protocol
34. Azure Multi-Factor Authentication
Multi-factor authentication is a process in which users are prompted during the
sign-in process for an additional form of identification, such as a code on their
cellphone or a fingerprint scan.
Support following authentication method:
Microsoft authenticator Apps
OAuth hardware Token
SMS
Voice Call
35. Self-Service Password Reset
Azure Active Directory (Azure AD) self-service password reset (SSPR) gives
users the ability to change or reset their password, with no administrator or
help desk involvement.
Password change
Password reset
Unlock Account
36. Azure AD B2B
Azure Active Directory (Azure AD) B2B collaboration is a feature within External
Identities that lets you invite guest users to collaborate with your organization.
A simple invitation and redemption process
lets partners use their own credentials to
access your company's resources. You can
also enable self-service sign-up user flows to
let external users sign up for apps or
resources themselves.
37. Azure AD B2C
Azure AD B2C is a Customer Identity and Access Management (CIAM) solution
that lets you build user journeys for consumer- and customer-facing apps.
With Azure AD B2C, customers can sign in
with an identity they've already established
(like Facebook or Gmail). You can
completely customize and control how
customers sign up, sign in, and manage
their profiles when using your applications.
38. Azure AD B2B vs B2C
B2B collaboration - Collaborate with external
users by letting them use their preferred identity
to sign in to your Microsoft applications or other
enterprise applications
Azure AD B2C - Publish modern SaaS apps or
custom-developed apps (excluding Microsoft
apps) to consumers and customers, while using
Azure AD B2C for identity and access
management.
39. Azure AD Connect
Azure AD Connect is an on-premises Microsoft
application that's designed to meet and
accomplish your hybrid identity goals. Azure AD
Connect provides the following features:
Password hash synchronization
Pass-through authentication
Federation integration
Synchronization
Health Monitoring
40. Password hash synchronization
Password hash synchronization is an extension to the directory synchronization feature
implemented by Azure AD Connect sync. You can use this feature to sign in to Azure AD
services like Microsoft 365. You sign in to the service by using the same password you use
to sign in to your on-premises Active Directory instance.
41. Pass-through Authentication
Azure Active Directory (Azure AD) Pass-through Authentication allows your users to sign in
to both on-premises and cloud-based applications using the same passwords. This feature
provides your users a better experience - one less password to remember
This feature provides your users a
better experience - one less
password to remember, and reduces
IT helpdesk costs because your
users are less likely to forget how
to sign in.
44. Health Monitoring
Azure Active Directory (Azure AD) Connect Health provides robust monitoring of your on-premises identity
infrastructure. It enables you to maintain a reliable connection to Microsoft 365 and Microsoft Online
Services. This reliability is achieved by providing monitoring capabilities for your key identity components.
Also, it makes the key data points about these components easily accessible.
45. Azure AD vs Azure AD DS vs On Prem ADDS
Azure AD Azure AD Domain Services On-Prem ADDS
Authentication
Oauth/OpenID Connect/WS-
Federation Kerberos and NTLM Protocol Kerberos and NTLM Protocol
Object Policy Management
Mobile Device Management
(MDM) software like Intune Group Policy Group Policy
Communication HTTP & HTTPS LDAP LDAP
Structure
Flat/No Forest-Domain
Hierarchy
Singel Domain / OU Structure
Possible with limitation
Forest Multidomain
hierarchy/OU Structure
Possible
Schema
Schema modification not
possible
Schema modification not
possible
Schema modification is
possible
47. Governance In Azure
Governance in Azure is one aspect of Azure Management (Framework)
Azure has many services and tools that work together to provide complete management.
These services aren't only for resources in Azure, but also in other clouds and on-premises.
Governance in Azure is primarily implemented with two services. Azure Policy allows you to
create, assign, and manage policy definitions to enforce rules for your resources
Azure Cost Management allows you to track cloud usage and expenditures for your Azure
resources and other cloud providers.
Why azure governance ?
Organize and structure resource
Standardize and Define
Transparency of resource
Controll accsess & Cost
Enfroce Policies
48. Azure Policy
Allow to create, assign and manage policy
Runs evaluations and scans for non-compliant resources
Advantages: Enforcement and compliance, apply policies
at scale, Remediation
50. Implementing Azure Policy
Implementing policies from github
Policies written in JSON
Create custom policy definition
Include one or more policies
Requires planning
52. Resource Tag
Azure Resource tags logically organizes
resources.
You apply tags to your Azure resources giving
metadata to logically organize them into a
taxonomy. Each tag consists of a name and a
value pair.
56. Azure Storage
The Azure Storage platform is Microsoft's cloud storage solution for modern data storage
scenarios. Azure Storage offers highly available, massively scalable, durable, and secure
storage for a variety of data objects in the cloud. Azure Storage data objects are accessible
from anywhere in the world over HTTP or HTTPS via a REST API
57. Azure Storage Service
Azure Blobs: A massively scalable object store for text and binary data. Also includes
support for big data analytics through Data Lake Storage Gen2.
Azure Files: Managed file shares for cloud or on-premises deployments.
Azure Queues: A messaging store for reliable messaging between application
components.
Azure Tables: A NoSQL store for schemaless storage of structured data.
Azure Disks: Block-level storage volumes for Azure VMs.
58. AzureBlob Storage
Unstructured storage for storing object
store image, video, and file of any type
Use Cases : Streaming video and images direct
to user, Storing data for backup and restore,
disaster recovery, and archiving, Storing data
for analysis by an on-premises or Azure-
hosted service.
59. AzureBlob Storage
Easy way to create file shares
support smb 2.1 and 3.0
Mount on windows, linux, or Mac
Azure file sync dan be utilized to sync file
server on premise with Azure Files
60. AzureBlob Storage
Azure Table storage is now part of Azure Cosmos
DB, In addition to the existing Azure Table storage
service, there is a new Azure Cosmos DB Table API
offering that provides throughput-optimized
tables, global distribution, and automatic
secondary indexes
A NoSQL key-value to store
Schemaless design
Structured or unstructured data
Access using Odata protocol and LinQ queries
WCF data service .NET libraries
61. Queue Storage
Queue storage gives you asynchronous message
queueing for communication between application
components, whether they are running in the
cloud, on the desktop, on-premises, or on mobile
devices.
62. Disk Storage
Azure managed disks are block-level storage
volumes that are managed by Azure and used with
Azure Virtual Machines. Managed disks are like a
physical disk in an on-premises server but,
virtualized
64. Azure Storage Replication Explained
LRS (Locally Redundant Storage) ensure your data is replicated three times within a single
datacenter. These
datastores are updated using synchronous writes to guarantee all three copies are kept
up to date
65. Azure Storage Replication Explained
ZRS (ZONE REDUNDANT STORAGE) copies your data synchronously across three Azure availability
zones in the primary region. For applications requiring high availability, Microsoft recommends
using ZRS in the primary region, and also replicating to a secondary region.
66. Azure Storage Replication Explained
Geo-redundant storage (GRS) brings additional redundancy to the data storage over both LRS or
ZRS. Along with the three copies of your data stored within a single region, a further three
copies are stored in the twinned Azure region
67. Azure Storage Explorer
Upload, download, and manage Azure Storage blobs, files, queues, and tables, as well as Azure
Data Lake Storage entities and Azure managed disks. Configure storage permissions and access
controls, tiers, and rules.
68. Understanding Az Copy
AzCopy is a command-line utility that you can use to copy blobs or files to or from a storage
account.
69. Managing Access : Container Permission
A shared access signature (SAS) provides secure delegated access to resources in your storage
account. With a SAS, you have granular control over how a client can access your data.
74. Availability options for Azure Virtual Machines
Availability Zones
Virtual Machines Scale Sets
Availability Sets
75. Availability Zones
Availability zones expands the level of control you have to maintain the availability of the
applications and data on your VMs. An Availability Zone is a physically separate zone, within an
Azure region. There are three Availability Zones per supported Azure region.
76. Virtual Machines Scale Sets
Azure virtual machine scale sets let you create and manage a group of load balanced VMs. The
number of VM instances can automatically increase or decrease in response to demand or a
defined schedule
77. Availability Sets
An availability set is a logical grouping of VMs that allows Azure to understand how your
application is built to provide for redundancy and availability.
78. What does an Availability Set consist of?
Consisting of logical groups that protect the VMs against hardware failures and also allow back-
end updates to be applied safely without affecting the performance of your deployed IaaS VMs,
these are grouped as Update Domains and Fault Domains
Update Domains:- Local grouping of underlying Azure hardware that can be maintained or
rebooted at the same time.
Fault Domains:- Local grouping of underlying Azure hardware that share the same hardware
such as networking and power supplies.
79. CREDITS: This presentation template was created by Slidesgo,
including icons by Flaticon, and infographics & images by Freepik
THANKS