Hey, this is Andrew Brown from exam Pro. And
welcome to my az 900 course, also known as the Azure fundamentals certification for the
Azure platform. So if you're new to cloud and you don't know anything, and you want
to get into it, this is the course for you. Because we're going to show you how to set
up your account. Look over the core services and more. And as always, I'd love to hear
your feedback. So if you're on Twitter or LinkedIn, definitely tell me how the course
is. And if you do pass, be sure to hashtag Azure Azure certified on Twitter, and I'll
definitely reach out to you. I hope you pass and I'll see you soon. Hey, this is Andrew
Brown from exam Pro. And we're looking at what is the az 900. So the Azure fundamentals
is the entry level cloud certification for Microsoft Azure. This certification is generally
referred to by its course code, which is the az 900. The az 900, is about knowing the Azure
core services, the fundamentals of cloud computing and having a bit of hands on experience working
with the Azure portal.
And if you look in the top right corner, that is what the certification
badge looks like once you earn it for the Azure fundamentals. And then just talking
about certifications in general for Azure. If you want to have a roadmap as to what you
do after this certification, as your breaks up their certifications, the role based certifications
as fundamental associate expert and specialty. So in the fundamentals, we have the az 900.
For the associate, we have the administrator, the developer, the AI engineer, the data scientists,
the data engineer, if you notice, for data engineer, you're gonna see there's two course
codes under it dp 200, dp 201, because some, some certifications require you to pass two
different exams.
So if you want to become a data engineer, you have to pass those two
exams, that the expert level or sorry, we sell the security in associate with the expert
level, we have the solution architect expert, where you have two exams, you have to pass.
Then there's the DevOps engineer, expert. And then for specialties, we have Azure for
SAP workloads, and IoT developer. So these are all the Azure certifications that are
role based, Azure or Microsoft used to have everything that was very service or technology
specific.
But things have changed to roles, which makes things a lot easier for people
that are hiring, because people that are hiring will look and say, Oh, you have the data engineer
certification, you must know how to do data engineering. So that is really simplifying
things. You can take any of these in any order that you like. So if you want to go to the
expert level right away, you absolutely can. But it's not generally recommended. It's you
should start with fundamentals associate go to expert, but you know, whatever you think
is best for you. That's what you have to decide. So here's the az 900, for what's commonly
obtained by sales and management to help inform VPS or CEOs reasons for their company to utilize
Microsoft Azure. And among developers, it's to show they have familiar knowledge with
cloud concepts. So anyone that's like, if you've had a program background, but just
don't have cloud experience, it's just a great way to tack on the cloud skill there at az
900 focuses on building security and business centric concepts, which makes sense because
if it's designed for sales and management, it's going to be things that are going to
help them convince to adopt it such as, like using the TCL calculator, and, and informing
decisions like that, like knowing SLA s and things like that to drive business decisions.
So what value does the az 900 hold? Well, if you're developer, it's not going to be
that useful on your resume, people aren't going to be trying to hire you just because
you have it, you really gonna have to move on to the associate or expert track.
But that
doesn't mean you shouldn't get this one. If you are a developer, and you already have
cloud knowledge, and another cloud provider, say you have AWS skills, you already have
an associate level. And you just want to show that you can work cross cloud grabbing this
certification just shows that Oh, yeah, okay, I poked around the Azure portal. So you'll
have that transferable knowledge. So that would be a good case to get it as a developer.
Or if you don't have any cloud certifications, and you want to make Azure the cloud provider
you want to use then that makes sense to go get. The main reason I tell people always
get a fundamental certification is because it helps them build confidence before you
take a harder certification. It also gets you familiar with the exam experience, whether
you do it in person or online, because that can be extremely stressful. Okay, so now you're
convinced that you want to go get the az 900. So you're going to be asking me, well, how
much time do I have to put in to gain the certification? Well, if you're developer,
say, you know, a junior to mid developer, and you've been working in industry for a
few years, but you don't have cloud experience, I'm going to say that you're going to have
to spend about eight hours of study if you're a bootcamp grad.
So you don't really have
any real world industry experience. But you want to try to tack on cloud as early as possible
to help your resume and stand amongst the crowd. You're probably gonna be spending 15
hours of study if you are in sales or management, so you just do not have a technical background,
but you're trying to understand Why you should adopt Azure or cloud for your business, you're
looking at 20 hours of study. And the way I recommend it is you want to put one to three
hours a day for seven days. And I mean, every single day, you don't want to spread this
stuff out. Now, next question is where do you take this exam. And the way it works with
most cloud service providers as they are partnered with a, a, a company that is also partnered
with a bunch of test centers around the world, and the one that Azure is partnered with is
called Pearson VUE. But the great thing about Pearson VUE is that you can either go in person
to a test center, so you'd use their Pearson Pearson VUE website, and it would tell you
test centers nearby.
Or you can take it from the convenience of your own home. So if you
have a web camera, and you have a very sparse room so that you don't have a bunch of things
in the background, and they can trust that you're in a secure location, the lets you
take it from your home office. And that's what we call the proctored exam. And the reason
we call that a proctored exam is because a proctor is a supervisor or person who monitors
students during an examination.
So you have those, both options available to you, if I
had to choose one or the other, I would strongly recommend going in person because online,
things can just go wrong, and you don't want to have that problem. But you know, it just
depends on you. Okay. And the last thing is, what does it take to pass the exam. So there
are three components here.
The first is to watch the video lectures and memorize key
information. The second thing is to do hands on labs and follow along with your own Azure
account. And I will show you how to set up your own account in here. But when we get
to the sections, definitely you should do it, just don't watch it, because that's going
to make a huge difference to help you pass. And the last is to do paid online practice
exams that simulate the real exam, you can pass the exam without using paid practice
exams at the foundation level, which is this certification. It's much harder the associate
and expert level. So you're going to have to go get a paid solution, if you are going
to go get paid practice exams, please do me the favor and use hours because it supports
us able to produce this content. So don't go and use one of those other paid providers
that do not provide free content. Because for us, if we made enough money, we'd make
everything free. And that's the whole point. So there you go. So now let's take a look
at the exam guide and break down what it is that we're going to need to do to pass the
exam and how we're going to have to study.
So the first thing is the content outline.
And this is basically the general domains, we're going to have to focus our time on the
first being cloud concepts, this is worth 15 to 25% of the exam, then you have Azure
core services, this is worth 30 to 35% of the exam, then you have security, privacy,
compliance, and trust, this is 25 to 3% of the exam, and then you have pricing and support,
which is 20 to 25% of the exam, you'll notice that there are ranges here.
So the thing is,
is that it's not a guarantee that exactly 25% of the questions are going to be of that
sort. So just be aware of that. Then onto grading. In order to pass this exam, you have
to score 700 out of 1000. So generally you what you're trying to get is around 70% to
pass I say around because you could get exactly 700. And you could fail because Azure uses
a scaled scoring meaning that the raw score that you get doesn't necessarily reflect the
final score. So you're going to want to score a bit higher than 70%. So you want to aim
for 75% or higher. The type of questions you'll see on the exam, we'll talk about here in
a moment. But there are between 40 to 60 questions. So that means you have you have the chance
of getting 12 to 18 questions wrong. I put an asterisk here, because people who have
actually taken exam has reported only been presented with 30 questions.
And I even reached
out to Azure support to clarify that to say, what is the real number and their official
answer was 40 to 60. But I know that when people are taking the exam, they're there,
their experience is different. There's not much I can do about it. It's just that's what
it is. It's going to be a bit fluid in terms of what your experience is going to be. But
let's just go with this and say there's 40 to 60 questions. In terms of the format of
the questions, you're going to see multiple choice, you're going to see multiple answer,
you're going to see maybe drag and drop, and then you might see a hot area hot areas usually
just means like a couple drop downs where you have to answer two things at once. And
the duration of the exam is 60 minutes. So that means you get one minute per question
roughly around that time, but the exam time is 60 minutes, but the seat time is 90 minutes.
So see time refers to the amount of time that you should allocate for the actual exam so
that you have time that includes reviewing instructions before you start your exam reading
accepting the NDA completing the actual exam itself, which is the exam time 60 minutes
And then provide feedback at the end of the exam, which is generally optional.
And the
last thing is, how long is this certification going to be valid for, it's going to be valid
for 24 months. So that means you're going to be able to hold on this for two years before
you have to get recertified. So there you go. So now I just wanted to quickly show you
the exam guide, they don't call their exam guide, literally exam guide, it's the Microsoft
Azure fundamentals skills measured. And so this gives you pretty much the information
for the breakdowns in terms of what stuff you might need to learn. But that doesn't
mean necessarily everything that is listed in here is actually on the exam.
But let's
just quickly go through it. So you have an idea. So the first is the cloud concepts domain.
And in here, we need to know, cloud terms such as availability, scalability, elasticity,
fault tolerance, disaster recovery, agility, haven't seen that on the exam before, but
they haven't listed there, then we have to describe the economics of scale capex versus
OPEX consumption based models, then you have to describe the different types of cloud cloud
models such as infrastructure as a service platform as a service Software as a Service,
then we have to describe public private and hybrid cloud models.
So there's that there,
then you have to know a bunch of different core services for Azure. So these ones I would
call them global infrastructure, they mostly have to do with networking, then you have
all your core services here. And then more core services or extended services, I suppose
then management tools, then you have your security, privacy, compliance and trust. So
more networking components around security, but these don't really show up in the exam
that much, but I've covered them anyway, just in case than Azure identities. So that's creating
accounts giving access to people, the big one there is really Azure Active Directory,
that other security tools. So this is just knowing about things like the Security Center,
which is a security tool, or just security services. within Azure, then we have governance.
So this is going to be like policies, role based access, just general access that has
to do but kind of with Azure identities up here.
Then monitoring tools, then we have
compliance data protection standards, this is generally just pointing to websites under
the Trust Center is just a website that lists compliance information that we have described
pricing SLA is lifecycle. So understanding the subscriptions, so you know, free versus
student versus enterprise, then here are just a bunch of pricing. So like they have a pricing
calculator and a TCL calculator and understanding the support plans, and then understand the
SLA s and then there's lifecycle stuff like understanding general availability. So yeah,
there you go. That's the that's exam guide outline. I mean, it has stuff down here below
about changes, that doesn't really matter. But yeah, that is the exam guide outline.
If you want more information about the actual, like the actual exam policies, this page is
really good for that I got this from the Azure support team.
So it says exam policies and
FAQs. So this would be about like retiring and certifications, or like how to book your
exam or they would have information here about retake. So what happens if you paid for it?
And like you missed it? Or how many retakes Did you get or how long the exam hours are?
So there's a lot of information here. So if you just want to scroll through it, but yeah,
here, like, they don't say on the exam that it's 60 minutes, they just say, oh, for general,
fundamental exams are 60 minutes.
So we just have to assume that is what that's the time
you get on the az 900. But yeah, just check out that page. And check this out if it interests
you. But you don't really have to, because we cover everything in the course that you
need to know. But I just wanted those resources. I wanted to make you aware of those resources,
just in case. Hey, this is Andrew Brown from exam Pro. And we're starting at the beginning
of our journey asking the most fundamental question, which is what is cloud computing.
So looking into the dictionary, cloud computing is described as the practice of using a network
of remote servers hosted on the internet to store manage and process data rather than
a local server or personal computer.
So when we're talking about local, we describe this
as being on premise. So being your own office or your own data center. And so this is where
you own the servers, you hire the IT people, you pay the rent or the real estate, you take
all the risk. Whereas with a cloud provider, if you're utilizing them, it's someone else
who owns the servers, someone else who hires the IT people someone else who pays or rents
the real estate, and you are only left with being responsible for configuring your cloud
services and code, and someone else takes care of the rest.
Sounds great, doesn't it?
So now what I want to do is just give you a quick overview of how servers have evolved,
and what we describe as cloud computing from a technical perspective, and we'll probably
dive deeper into this later in the course. But we're just going to get a good overview
here to understand from a business perspective. So way back in the day, what we had was dedicated
servers, if you wanted a server to run your web app or your technology, what you had to
do is you had to go buy a single, dedicated physical machine. And that was for one specific
business, and dedicated servers are still used today. But there's some downsides with
them. They're very expensive. They're high maintenance, however, you do get a great level
of customer customization and you and you potentially can have better, better security,
based on your use case, then came along was a virtual private servers. So we still had
one physical machine, but we it was still dedicated to a single business, but we figured
out how to take that physical machine and virtualize it into sub machines.
So now we
could fully utilize or better utilize that physical server with running multiple apps,
we didn't have to buy four different servers for for four different apps, we could easily
run for what a web apps into four virtual sub machines, then we had shared hosting.
And so this made it a lot easier for anybody who's building websites or WordPress is, but
the idea here is he had one physical machine, and it was shared by hundreds of businesses.
So it wasn't a single business, sharing the class, it was multiple businesses. So this
relies on most tenants under utilizing the resources, though. So if you had 100 people
on a server, and one person use more of the server than the others, then you could all
potentially suffer from that case, but at the very least, you are getting very, very
cheap servers. But there are definitely some limitations. So now coming down to cloud hosting,
Cloud Hosting gives us the best of both worlds. So we have multiple physical machines that
act as one system, which it could be described as the cloud.
And that system is abstracted
away into multiple cloud services. So you get the you get flexibility, scalability,
it's very secure. It's very cost effective. And it's highly configurable. So that is where
we're at. And so that is generally what cloud computing, Cloud Hosting is. Hey, this is
Andrew Brown from exam Pro. And we are looking at common cloud services. So a cloud provider
can have hundreds of cloud services are grouped into various types of services. And the four
most common types of cloud services for infrastructure is a service. And we'll talk about what that
is later on, would be compute. So this is where you have a virtual computer that can
run applications, programs and cold code, then you have storage. So this is where you
would have virtual hard drives that you could store files, then you'd have virtual networking,
because you have these computers and stored. So you need to put them in some kind of virtual
network. And then you have databases.
So just imagine a database that is running in the
cloud. Or if you're not familiar databases, just imagine that it's excel in the cloud,
but it powers your web apps. And one thing I want you to know about the term cloud computing
is that even though it says computing in the word, at this point, we just use it as a catch
all term. So it could refer to all of these categories.
So when I say cloud computing,
I could be referring to compute network storage and databases. But you can also say cloud
storage, cloud Compute Cloud databases, cloud networking, and people will know what you
mean. Hey, this is Andrew Brown from exam Pro, and we are looking at what is Microsoft.
So you've probably seen this logo before. And Microsoft is an American multinational
Computer Technology Corporation, headquartered in Redmond, Washington. And Microsoft makes
software phones, tablets, game consoles, cloud services, which is what we care about here
today. And they even have a search engine. And we're not just limited to that list. They
have tons of stuff. But Microsoft is best known for their operating operating system
called Windows. And they've been around since the 1970s. So they've been around for quite
a while in the tech sphere. So now that leads us to the question is what is Azure? So Azure
is what Microsoft calls their cloud provider service. And so it's called Microsoft Azure,
or we commonly refer to it as just Azure. And so here is the logo for it.
If you're
wondering, what is the name behind the service, it means bright blue color of the cloudless
sky. So sure, that's great. And so you'll hear me say cloud service provider frequently
it was throughout this course and it is abbreviated to CSP, but that's what Azure is. It is a
cloud service provider. So there you go. Hey, this is Andrew Brown from exam pro and we
are looking at the benefits Cloud computing. So what are the benefits? Well, we have a
big list here for you starting with cost effectiveness. So you pay for what you consume, there is
no upfront costs, you pay as you go, also abbreviated as P A YG. And you're sharing
the cost with 1000s of customers. So that's how you're getting that. That Low, low cost.
Another benefit is that you can go global, so launch workloads anywhere in the world,
just choose your region, and you are now in the global market.
Another benefit is that
the cloud is secure as a cloud providers take care of the physical security. And cloud services
can be secured by default, or you have the ability to configure access down to the granular
level. So you have a lot of security controls that you would have that you you would normally
not have, or you'd have to build out on pram. Now, the cloud is also known for being reliable.
So you can have data backups, disaster recovery, and data replication and fault tolerance.
The cloud is also scalable, you can increase or decrease your resources and services based
on the demand. The cloud is also elastic. So you can automate scaling during spikes.
And, and a drop the demand when there is no longer the demand for that stuff. And it's
also current, so the underlying hardware and manner software is patch upgraded and replaced
by the cloud provider without interruption to you.
And I mean, the last one, there is
cases of interruption, but generally, fewer interruptions than you would have on prem.
So there you go. Hey, this is Andrew Brown from exam Pro. And we are looking at the different
types of cloud computing. And we have this nice pyramid on left hand side to help us
understand how each type builds off the other. Starting at the top of our pyramid, we have
Software as a Service, also known as SAS. And this is a product that is run and managed
by the service provider, you don't worry about how the service is maintained. And it just
works and remains available. So you might not be aware of this, but you probably already
are using a SaaS product. So examples of that could be Salesforce, or Gmail, or office 365.
So those are the those are things that would be considered SaaS, and these are really for
customers. So it's just you wanting to use software, like general software on your computer,
but in the cloud.
The next category we have is Platform as a Service, abbreviated as past.
And so here we focus on development and management of your app applications. And so you don't
worry about provisioning, configuring or understanding the hardware or less. And this is really for
people that are building apps, but they don't, but they don't think about any of the infrastructure
underneath services like this would be Elastic Beanstalk on AWS Heroku, which is very popular
amongst junior developers, which is a third party service for launching web apps.
And
then you have the Google App Engine. So those are three examples there. And these are really
for developers. So platform service makes it easy for developers to build apps on the
cloud without worrying about all the stuff underneath. At the bottom, we have Infrastructure
as a Service IaaS. And this is the basic building blocks of cloud it. So provide access to networking
features, computers, and data storage space, don't worry about the ABOUT IT staff, data
centers, and hardware. And this is the true focus of our course here is focusing on this
layer. But the thing is, again, on this pyramid is that I do emphasize your service can have
platform as a service and software service on top of it. And so examples of infrastructure
service would be a Microsoft, Azure, AWS, or even Oracle Cloud. And so this is really
intended for administrators. So that is the three types of cloud computing. And there
you go, Hey, this is Andrew Brown from exam Pro. And we're looking at the types of cloud
computing responsibilities. So we saw the three categories there. But we don't really
understand what it is that we're responsible for what is the cloud service provider responsible
for? So let's lay out our categories.
And we're going to include on premise into this
because technically, on premise could be a private cloud and should be in the category
here. So we have on premise infrastructure as a service platform as a service and software
as a service. So when we're looking at applications, it's going to be the customer's responsibility
for on prem infrastructure pass. But when we have Software as a Service, the cloud service
provider is responsible for that, when looking at the data level is going to be the same
for software as a service, the cloud service provider is going to be responsible, but for
the rest, it's going to be the customer.
And then on the next level for the runtime. It's
going to be responsible on the cloud service drivers for the platform as a service and
software as a service. For middleware, it's going to be the same for the O s, like the
operating system that is running on the servers, it's going to be the same, then we get to
virtualization. Now it's the virtualization is responsible with the cloud service provider
and above and then from Storage, its or sorry, servers, it's the same as for storage, it's
the same and for networking, it's the same. So you can see that on premise, you're responsible
for everything. And the farther we move up the types of cloud computing, the less responsibility
you have, hey, this is Andrew Brown from exam Pro. And we were looking at Azure as deployment
models.
And the first model we're going to talk about is public cloud. And that's where
everything is built on the cloud service provider, you're not using anything on prem, or in your
own data centers, everything is running within Azure. And generally, this is known as cloud
native. But for some reason, Azure calls that public clouds. So that's what we're going
to use in the terminology here. And so here, I have an architectural diagram, where we
have a network on Azure. And within that network, we have a virtual machine running and a database
running. So that would be an example of public cloud, then we have private cloud. And this
is where everything is built on the company's data centers, also known as on premise, because
it's within the premises of the organization, like their physical location.
And it could
an organization organization could technically be operating their own cloud, but it'd be
private cloud, and it could be running some open source cloud software that mimics what
Azure would do, such as OpenStack. So it looks very similar. But you just put an OpenStack
in there. And it's running a virtual machine or a server, and it's also running a database.
And the last on our list here is hybrid.
So with hybrid, you're using both on premise
and the cloud service provider, and they're connected together. And so there's a lot of
different networking services that you can use that will facilitate the connection between
the two. In this case, we're using Express Route Express rose is a dedicated connection,
it's like having a fiber optic line running from your on premise data center to the Azure
network. So just one of the ways you can connect. And if we wanted to understand like the pros
and cons, I have this nice little table here, we'll just quickly go through it. So if you're
using public cloud, it's more cost effective security. It's, it's great controls are stronger
by default. But some people might not find the cloud will meet all their security requirements
because of government and regulatory, regulatory reasons, not because the cloud is not secure.
But it's just those those policies for level of configuration, it's going to be limited
based on what the cloud service provider exposes to you.
So there's a lot of configuration
there. It's just that if you're if you have your own servers, you obviously can do anything
and everything with them. For technical knowledge, you don't need to have as much in depth knowledge
of the underlying infrastructure, because you're not physically setting up servers,
or that networking, everything else. Now, coming down to private cloud, private cloud
is the most expensive option on our list. So you're going to be paying a lot of money
there. For security, there is no guarantee that is 100% secure, because you just don't
have the same kind of visibility that you would have with a cloud service provider.
With all those dashboards, it's just so hard to build out all that software, but you could
meet your security compliance requirements, depending on your situation. But this is becoming
less and less as more governments and larger organizations move over to the cloud, you
can configure infrastructure, exactly how you'd like because you literally have bought
the hardware and do anything you want with it. And the technical knowledge, you'll have
to have a serious amount of technical knowledge, you might even have a really hard time finding
the resources to to maintain all that stuff.
Then down below, we have the hybrid model.
So this could be more cost effective based on what you offload to the cloud and also
the cost of actually moving data back and forth. For security, you know, you have more
to secure. But technically, some things are easier to secure on the cloud than it is in
private. So maybe you have a boost and security, you're going to get the best of both worlds
in terms of configuration. And for technical knowledge, you're going to need to know both
the cloud and and like how to set things up on premise.
So that's the most work there.
And just one more deployment model here. I just wanted to talk about cross cloud. This
isn't something that is listed on the actual exam, but it's something that you should understand
and know. And so cross cloud is when you're using multiple cloud providers, sometimes
we will refer this as multi cloud or hybrid cloud. And so I just have an example here.
So there's a service called Azure arc. And what Azure arc does is it extends your control
plane. So you can run a containers, Kubernetes containers on different platforms.
And so
you could have AWS on the left hand side with Eks and GCP Kubernetes engine and so you could
be running virtual machines, and they're all treated like they're on the same network.
So cross cloud is becoming very popular with extremely large organizations where they they
have a very unique requirements, but I definitely want you to know what that is, because it
just gets left out. And it's definitely something that is part of the industry. So there you
go. Hey, this is Andrew Brown from exam Pro. And we're looking at the concept of total
cost of ownership to CEO. So what is the difference between on premise so having your own data
centers, and then using Azure, and you'll notice above it, it says capex and OPEX, we're
going to talk about that in the next slide.
But for the time, or for the time being, we're
gonna focus on the total cost of ownership. So to really make sense of this, I always
use this graphic here. And if you're wondering what that is, those are icebergs, people sometimes
think they look like teeth. And so just to make this drawing a little bit more clear,
I've added some penguins and a whale, so there's no mistaking it. And the reason we're using
this as a representation is because we have the top of the iceberg, which are the costs
that we're generally concerned about. But then we have those hidden costs, those costs
that we're not really thinking about that is underneath the water. And if you know icebergs,
they can be really big underneath, you don't know.
So on the left hand side, the cost that
we generally think of is the software license fees. And then for the cloud service provider,
we look at the subscription fees. And so when you're comparing these two, sometimes the
subscription fees can cost more than the software license fee. So you think, well, we should
really just use on pram because it's more cost effective. But when we take in the total
cost of ownership, all the costs involved, we're gonna see a very different picture.
On the left hand side, if you are on premise, you have to deal with the implementation,
the configuration and the training, but you also have to deal with the physical security
of your building, you have to pay for the hardware, you have to pay for the IT personnel,
you have to deal with maintenance.
Now on the right hand side on the cloud, you still
have to do implementation, and configuration and training. But that's about it. So there's
a big difference in terms of what you have to do. And you might ask, okay, well, what
is the amount of savings? Well, generally, people find that when they move from on prem
to the cloud, they save 75%. That's a lot of money, okay, 75% of what you generally
would spend. And so now all this stuff on the left hand side is now Azure is responsibility,
you don't take care of those anymore, Azure is going to take care of it for you.
So that's
total cost of ownership. Hey, this is Andrew Brown from exam Pro, and we're looking at
Capital versus operational expenditure. So on the left hand side, we have capex, so capital
expenditures. On the right hand side, we have operational expenditures OPEX. And so looking
on the left hand side, capital expenditure is spending money upfront on physical infrastructure,
so deducting the expenses from your tax bill over time, a lot of companies larger companies
are used to dealing with capital expenses. And they know how to work their tax bill.
And so that's why a lot of people are afraid to move on to the cloud, because they're used
to this, this this way of operating.
But let's talk about some of the things that would be
considered a capital expense. So again, it's anything that's physical, and then you're
buying it with money upfront. So computers, so that would be your server costs, if you
were to buy hard drives of your storage costs, if you bought routers, cables and switches
for your network, if you're purchasing things for backup and archive costs, if you had disaster
recovery.
So like an uninterruptible, power supply would be an example that you have your
data center cost. So that's your rent, cooling, physical security, your technical personnel,
so you're hiring people to do things for you. And so with capital expenses, you have to
guess upfront what you plan to spend. Now let's look at operational expenditure. So
operational expenditure is the costs associated when an on premises Center has shifted that
cost to the service provider. So here, in this case, it's the cloud service provider,
and the customer only has to be concerned with non physical costs.
So what's examples
of OPEX costs well, leasing software and customizing features, training employees in cloud services,
paying for cloud support, billing based on the cloud metrics, so compute usage, and storage
usage. And the advantage here is with operational expenses, you can try a product or service
without investing equipment. So we have flexibility of investment. And we also from the previous
slide, we saw that we have a huge reduction cost. So there's two reasons, really good
reasons to use the cloud. Hey, this is Andrew Brown from exam Pro. And we are looking at
cloud architecture terminologies and these are very important to help you conceptualize
the advantages of the cloud. And so we're going to go through these terms and then we're
going to go through them again in more detail in further slides. So at the top of our list,
we have availability and this is your ability to ensure a service remains available.
And
this this is generally known as high height being highly available or high availability
abbreviated to h a, that's a term you should know. Then we have scalability so your ability
to grow rapidly or unimpeded. Then you have a lasticity. So this is your ability to shrink
and grow to meet the demand. You have full tolerance. This is your ability to prevent
a failure, then you have disaster recovery. This is your ability to to recover, recover
from a failure. And this is known generally as high being highly durable or high durability.
D are. So there you go, Hey, this is Andrew Brown from exam Pro. And we are looking at
the concept of high availability. So this is your ability for your service to remain
available by ensuring there is no single point of failure, or ensure a certain level of performance.
So here I have a technical architectural diagram that is describing high availability.
So,
the idea behind this is that if you have a server, which runs your web application, if
you were to run redundant versions of your server, if anything happened to a single server,
traffic could always be routed to those other servers. And that way, your service would
remain available. Now, having multiple servers is great. But even what's better is having
multiple servers in multiple data centers because something could happen to a data center,
it could become unavailable because of a networking issue. So by being able to route traffic,
or that way, you're going to remain highly available. And and running a workload across
multiple availability zones and availability zones is what Azure calls their data centers
ensures that if one or two data center becomes unavailable, your service will remain available,
very, very common to run at least three servers across three data centers.
Now, how would
you distribute the traffic or manage the traffic to all three, and that's where an Azure load
balancer comes into play that green triangle with the arrows that is the representation
of a load balancer. So load balancer allows you to evenly distribute traffic to multiple
servers in one or more data center. And if a data center or server becomes unavailable,
so unhealthy, the load balancer will route the traffic to only available data centers,
with servers. So there you go, that is high availability. Hey, this is Andrew Brown from
exam Pro. And we're looking at the concept of high scalability. And this is your ability
to increase your capacity based on the increasing demand of traffic memory and computing power.
If you are a growing company, you're going to have to scale up, you're gonna have to
get bigger and better servers. But the there are different types of scaling. And the first
type is vertical scaling. This is the most obvious one people are gonna think of, and
it's called scaling up. And what we do is we just upgrade to bigger servers, we need
bigger hard drives, faster computers, that's vertical scaling.
But there's another kind
of scaling called horizontal scaling and horizontal scaling is is described as scaling out. And
what you're doing is you're just adding additional servers, because we saw with the high availability,
we have a load balancer, we can distribute traffic to multiple servers, and three servers
can equal the same thing as one big server. So horizontal scaling is when we add more
servers of the same size. Hey, this is Andrew Brown from exam Pro. And we're looking at
the concept of high elasticity. And this is your ability to automatically increase or
decrease your capacity based on the current demand of traffic memory and computing power.
So this sounds a lot like high scalability, but the key difference is that it's automatic.
And you can decrease the demand, not just increase it.
And so the way we would do that
is that we would have a virtual server, virtual machine or server, and if we needed more servers,
we would add more servers. And if we need less servers, we'd remove less servers. And
so this is going to be accomplished using horizontal scaling. So when we say we're scaling
out, this means we're adding more servers of the same size, when we're scaling in this
means we're removing more servers of the same size.
And generally, you're not going to use
vertical scaling for high elasticity, it's just extremely difficult to, to vertically
scale. Because if you have if you have to increase, let's say, your storage drive, and
then you decrease it, you could lose data. So it's not a good idea, or even feasible
to do vertical scaling with high elasticity. Now, how would you accomplish being an elastic
on Azure, while you use Azure as VM scale set, so scale sets automatically increase
or decrease in the response to demand or based on a defined schedule, and we'll talk about
those in greater detail later in this course. And then we have SQL Server, or server stretch
database, these dynamically stretch warm and cold transactional data from Microsoft SQL
Server 2016 to Microsoft Azure, not something we're going to cover, but it's generally the
same concept that skill sets do.
So there you go, that's high elasticity. Hey, this
is Andrew Brown from exam Pro. And we're looking at the concept of high durability. So this
is your ability to recover from a disaster and to prevent the loss of data. So this could
be solutions that recover from a disaster is known as disaster recovery d r, and so
I'm just going to ask you a bunch of questions to help you think about how to be highly durable.
So one question would be like, do you have a backup? So do you have a backup in place?
How fast can you restore your backup? Does your backup still work? How do you ensure
current live data is not corrupt. So that is the concept of high durability, there's
a variety of services to implement it. So it's not just a single service. But there
you go, that is the full list of cloud architecture, terminologies. Hey, this is Andrew Brown from
exam Pro, and we are looking at the evolution of computing.
And this is going to really
help you to understand the different layers of compute. And so we're going to start from
on the left hand side to dedicated and work our way all the way to functions. So what
I want you to know is that when we're talking about dedicated This is a physical server,
wholly utilized by a single customer. And so the idea is that this customer has purchased
this dedicated piece of hardware. But the thing with this is that you have to guess
your capacity. So when you buy it, it's like a capital cost or you're purchasing for for
like the whole, like, you have to plan how you're going to fully utilize it. So you're
gonna overpay, and you're gonna have underutilized servers. And the reason why is that when you
first launch your app, it might be small, and then you're expected to grow into that
space, but you're just not using that space until you grow into it. So it's considered
wasted. If you want to upgrade beyond your capacity, this is going to be slow and expensive,
you literally would have to buy a new server that's larger, and then move everything over,
you're going to be limited by your operating system.
So whatever operating system is installed,
that's what you're going to have, you're going to have multiple apps, if you do install multiple
apps onto a dedicated server, you might have conflicts in resource sharing. But generally,
it's recommended to only have a single primary application on a dedicated server, you are
going to have a guarantee of security, privacy and full utility of the underlying resources.
Because that is what that's the whole purpose of having a dedicated server is sometimes
dedicated servers where you have full control of everything is called bare metal. And that's
basically mimics what it was like to have a server on premise or back in the day, and
they still exist.
So that is dedicated, we'll move on to VMs. So now we're moving on to
virtual machines, also known as VMs. And so the idea here is that if you had a physical
server, and you had the capability of running virtual machines, that's like running a machine
within a machine. And so now you're able to run multiple applications on a single machine.
The technology that's used to actually run VMs is known as hypervisor there, sir, there
are some other kinds of the ones we need to know is hypervisor, so just know that that's
the software that makes virtual machines work, you are now sharing the physical server with
multiple customers, that is generally a good thing, because you are paying a fraction of
the server costs, you have to buy that server outright, you are still gonna be overpaying
for under underutilized. The under utilization of virtual machine, because it solves that
issue of wasted space, because you have to choose a particular size of virtual machine,
it's not going to be perfectly fit for your application, you are going to be limited by
your guest operating system.
So whatever OS that you've chosen, that's what you get. So
that's, that's what you have there. If you want to run multiple apps on a single virtual
machine, they can still result in conflict, resource sharing, but now customers that are
isolated from you aren't going to conflict with you. So you can run, you could run, if
you had three apps, you could run them as three virtual machines. So you're not have
that issue. But if they're on the same VM, you still have that issue. So there you go,
that is virtual machines. And we'll move on to containers. Hey, this is Andrew Brown from
exam Pro. And we are looking at the concept of containers. And so this takes it a step
further, where we have virtual machines, and we're running multiple containers. So we're
even, we're further subdividing the way that we run our applications. And the technology
that is used to run containers within a VM or on a physical server is called Docker,
Docker daemon.
If you're using Docker for cleaner education, that's the most common
one. But that's going to let you run multiple containers, and you can maximize the utility
of the available capacity. So this is extremely more cost effective, right? So that available
space is is always there for you to launch more servers within or you can or you can
expand the usage for your app to take up that available space, your containers share the
same underlying OS. So the containers are more efficient than multiple VMs. But the
great thing is, is that you can have different OSS. So the idea is that each container can
technically be running a different OS. And so now you have a lot more flexibility. It
doesn't seem like you could improve upon this further, but we will we move over to function.
So now we're going to take a look at the evolution of computing for functions and I bet you didn't
believe it. But we subdivided even further. And so we've taken our applications that were
running containers, and we broke up the apps into little pieces of code called functions.
And now we even have a more or better utility of our compute.
So we have a Managed VM running
manage containers. So we don't have to worry about the containers or configure them themselves,
functions are usually taken care of this is known as serverless compute, because you don't
set up anything, you just put your code online. And it just works, you might choose the memory
and the duration that you need to utilize. And that's all you pay for. You're only responsible
for your code, and data and nothing else. And it's extremely, extremely cost effective,
right? Because you're just paying for that individual function to run and all that underutilized
spaces is the problem of the cloud service provider, it's not your issue.
The only downside
is that there is a concept called cold starts meaning that when you launch a function, or
serverless, or a serverless code, it generally has to provision a server, because the the,
the cloud service provider doesn't want to be running servers, when they don't, they
don't, they aren't being utilized. So you might experience a cold start where you're
waiting for a server to start before your code will execute. There's definitely ways
around that. So there you go, that is the evolution of compute. Hey, this is Andrew
Brown from exam Pro. And we are looking at regions and geographies for Azure. So a region
is a grouping of multiple data centers. And for Azure, they call their data centers, availability
zones, as your has 58 regions available across 140 countries.
One thing Azure likes to promote
is that they have the most regions out of all cloud service providers, then we have
something what we call a geography. So geography is a discrete market of two or more regions
that preserve data residency and compliance boundaries and the geographies that are available
for Azure. We have the United States, then there's Azure Government, us, this is a geography
that's only for the US government.
So regular citizens cannot use it, then you have Canada,
that's where I'm from Brazil, and Mexico. And I just want to emphasize that data residency
and compliance boundaries for geography, and I just want to give you an example. So imagine,
you live in Canada, and you and you work for Canadian company, you want to guarantee that
the data will remain within Canada, for whatever government regular regulatory reasons. So
then you'd want to use the Canada as your geography because that data would never leave
Canadian soil. So that's the case there. And I just want to give you kind of a visual example.
So on the left hand side, we have two regions, we have US East one.
And we have the Europe,
Norway, East region. And in those regions, I'm not showing it here, because I don't want
to make it too complicated. But there would be availability zones, and we could launch
resources. So we have some servers, virtual machines, those are the images you see within
the regions. And generally, the way regions work in Azure is that when you go to launch
a resource, you choose the region at that time of creation. So if you're launching virtual
machine, it's going to give you an option to choose a region and you just choose from
that list.
So yeah, there you go. So I just made my way over to Azure. So I just typed
in Azure global infrastructure, because I just wanted to show you the big map of all
the regions. And where Azure is available all throughout the world. Because sometimes
it's nice to look here. So we can see we have stuff down in Australia, we have regions in
Africa, we have a region in South America, we have a lot in North America, we have a
lot in Western Europe.
And then we have some in Asia here. So we have Japan, China, all
over the place. So you know, if you want to look a little bit more into that, there's
a lot of good information here on the global infrastructure pages. But that's about it.
I just wanted to show you that world map. So now we're looking at paired regions. So
each region is paired with a another region 300 miles away. And the reason why Azure does
this is so that if one region is being updated, then the other one is still available, meaning
that if you're running if you're planning to make sure that you never have downtime,
you can put your resources in that paired region, and you're gonna have higher availability.
So some Azure services rely on paired regions for disaster recovery.
So when you turn those
services on, they're automatically going to launch in that paired region. One service,
which would help you leverage your paired region would be a service called Azure wall.
It's a feature of storage but it's called Azure geo redundant storage so replicate your
data to a secondary region automatically, ensuring that the data is durable enough In
the event of the primary region, is it recoverable. And just to give you an example of a paired
region, so let's say we're talking about Canada, so with Canada, you'd have Canada Central,
and then it's paired region is Canada, east, for North America. And when we say North America,
we're really talking about the United States. Its East us region paired with the West us
region.
And then for Germany, you have Germany Central, and German, Germany, north east.
So it gives you an idea how far away they are 300 miles, that's quite a distance. But
there you go. Hey, this is Andrew Brown from exam Pro. And we are looking at region types
and service availability for Azure. And what I want you to know about a service availability
regarding regions is that not all cloud services are available in every single region. And
there's infrastructure reasons as to why and there's compliance reasons as to why. So Azure
has two types of regions, they have recommended regions. These are regions that provide the
broadest range of service capabilities. What that means is that the majority of services
are going to be available in this region. And this recommended region is designed to
support availability zones, then you have alternate regions. And these are regions that
extends Azure footprint within a data residency boundary, where a recommended region also
exists.
But they're not designed to support availability zones. That doesn't mean you
can't launch resources within them. It just means that when you go to launch a resource,
you're not going to choose an availability zone. And these regions are labeled as other
when you're in the Azure portal. Now let's talk about general availability. So general
availability, abbreviated to ga is when a service is considered ready to be used publicly
by everyone. So if you have a service or product, and it was in beta, and now you're ready to
sell to people, that means that it's GA. But it's, but just because it's where you sell
it, there's also the conversation around whether it's actually available to us. And that's
going to be determined based on the category that the Azure cloud services in. And so Azure
categorizes three different types of availability for services. And the first one is foundational.
So a cloud service that is foundational is going to be available immediately in a recommended
and alternate regions, when it goes ga or at least in fifth 12 months of the time that
it was announced, then you have mainstream.
So these are cloud services that will become
immediately available in a recommender region or in 12 months when it goes GA. But for the
alternate region, it may become available based on the customer demand. And then the
last one is specialized. So Cloud services are in this category will become available
in recommended or alternate regions based on customer demand. So hopefully that clears
up service availability and region types. Hey, this is Andrew Brown from exam Pro. And
we are looking at special regions for Azure. So Azure has specialized regions to meet compliance
or legal reasons because they might not want they might want to work with specific governments
have. And to meet those requirements. They basically give them their own region. And
so the first on our list is the us and we have three regions that we know about.
So
we have the US Department of Defense Central, the US government, Virginia region, the US
government of Iowa region, and then we have an additional three that we just don't know
about it, because they're in secret locations. So maybe they're for area 51, we don't know.
And so the reason why they have these special regions is that if you just want to do business
with the government, they need these kind of regulations. Then on the other side, we
have China and so they have a region in China east and China north.
And these regions are
available through a unique partnership between Microsoft and 21 via net. And so Microsoft
does not directly maintain these data centers, but they worked with 21 v net to give you
accessibility to these regions. And probably to operate these regions, you'd probably be
assistant of these countries. And you'd also be an employee of the government. So it's
not going to be for citizens to use. But there you go. Hey, this is Andrew Brown from exam
Pro. And we are looking at availability zones for Azure. And so availability zones, abbreviated
to short for AZ and you'll hear me using that revision a lot in this course.
And you should
learn to remember that as well, is a physical location made up of one or more data center.
And so a data center is a secured building that contains hundreds of 1000s of computers
if you want a little visual, here is the inside of a data center. And there's a technician
working on a rack of servers and there's a dog in the data center. You should definitely
never have a dog in your data center. You'll probably hear me refer to available availability
zones as a data center because it's the easiest way to think of it but It actually can be
more than one data center.
Now, a region will generally contain three availability zones,
I say generally here because there are cases where there are less than three. But there's
actually very specific reasons as to having exactly three availability zones, data centers
within a region will be isolated from each other. So there'll be in different buildings,
but they will be close enough to provide low latency. And that low latency would probably
be in the sub milliseconds. I don't know what it is for Azure. But that's generally how
it'd be designed. Because you want it to feel like you're, it's on the same network. It's
common practice to run workloads in at least three azs. And that's why I was saying that
earlier, that's important to ensure services remain available. In the case, one or two
data centers fail fail.
And this is called high availability. And we'll definitely cover
this concept again, in this course, just to give you a bit of a visual, on the left hand
side, what we have is a region called US East one. And we have multiple availability zones.
Azure just labeled them one, two, and three. And so when you go to launch a resource, if
you look on the right hand side, you choose your region. So we are choosing us, East us,
then we were saying we're going to use availability zone, and then we choose which one we want
to launch it into.
So if we, if we choose to, it's going to go into availability zone
two, that doesn't mean we're gonna launch two instances, it just means availability
zone two. So there you go. Hey, this is Andrew Brown from exam Pro. And we're looking at
AZ supported regions for Azure. And so not every region has support for availability
zones, and we touched on this in the region section, but we'll touch on it here again.
So we know that there are regions called alternate or others and these do not have availability
zones whatsoever, then you have recommended regions, and these are supposed to have three
azs.
The reason why they might not have them is because it's a newer region. And Azure
is promising to add more regions within 12 months or whatever time period that they say.
But generally, what you want to do is when you have cloud resources, you want to launch
them where they have at least three AZ so which regions actually have three Z's. And
that is central us, East us, West us to West Europe, France, Central, north, Northern Europe,
Southeast Asia. So that is where you generally want to run your workloads. Now, what does
it look like when you tried to go launch a resource, and they and you choose a region
that doesn't have an availability zone? What's that gonna look like what's gonna look like
this, so you're going to availability zones going to be blanked out. And you'll have to
choose no infrastructure redundancy required.
And so that would be an example for Brazil,
South where it's just there are there is a single az, but it's described as not having
AZ so you just don't choose it in the interface. So there you go. Hey, this is Andrew Brown
from exam Pro. And we were looking at fault and update domains. So an availability zone
in an Azure region is a combination of a fault domain and an update domain. So a fault domain
is a logical grouping of hardware to avoid a single point of failure within an AZ.
So
basically, it's a group of virtual machines that share a common power source and network
switch. The reason why as your does is, is that so if part of the data center fails,
then other servers will be taken down with its let's say, there's a fire within the data
center and one particular region, it won't affect other hardware that is running, then
you have update domains. And so update domains is when Azure needs to apply updates to the
underlying hardware and software. But the thing is, is that because Azure is updating
them, it takes these machines offline. So the idea is that if you run your workloads
in another, like another domain, in the update domain, neither domain will be updated the
exact same time. And that way, you won't have downtime because of updates.
And so the way
fault domains and update domains work is that you use availability sets. So availability
sets is a logical grouping that you can use in Azure to ensure that your VMs you place
in the availability set are in different fault update domains to avoid downtime. And just
to really help with that visual here, what I'm going to do is just show you this here.
So each virtual machine and availability set is assigned a fault domain and update domain.
And so what you're looking at here is, you see those gray boxes, those are racks. In
your data center, a rack is just like it's like a closet for servers and all those servers
sit on top of each other.
And so each of those servers in that is where your virtual machine
might be deployed. So if you are deployed, if you have a server and it's deployed in
full domain zero and fault domain one, it could be any of the, the servers on that rack,
but then up to domains, you just might have very particular servers in that rack that
are Those update domains. So hopefully that makes that a bit clear and a little bit confusing.
But just remember the concept behind fault domains and update domains. And just to give
you a visual of what it would look like in the Azure portal, if you go ahead and create
a availability set, you name it. So here I call it production. And you would choose the
fault domains, and you would choose the update domains. And so I believe that what you're
doing there is that you're choosing the amount of domains that you want your, your virtual
machines to be distributed across.
And I keep on saying virtual machine, that's your server,
okay. So if you say, two fault domains, that means that when you launch two servers, and
you put them into that availability set, they're gonna be cross to fault, two different fault
domains. And if you launch five servers, and your update domains is at five, that means
it's going to be across five different servers that are isolated from each other. So hopefully,
that makes sense. But that's fault and update domains. So I quickly just wanted to show
you the default and update domains that are in Azure here. So the idea is, if you're launching
a virtual machine, and you want to control the availability set, what you can do is you
can go to down to here, where we have availability options, we're going to drop it down and choose
availability set.
And then we don't have an availability set. So I'm going to go ahead
and create one, if I just click there. And so when we create a set, we'd say, you know,
production set. And so we have these two, these two dialogues here. And so what what
it is, is when you say there's three fault domains, that means that if you were to launch
three VMs, and you put them all into this availability set, it'll be spread across three
different racks, so that if a rack goes out to other racks are operational, and so your
service will remain available. And then down below, it's the same thing on a rack, there
might be multiple machines, and certain machines, will will be will be scheduled for updates,
but they won't all be updated at the same time. So if you're saying this, you'll say
spread it across five machines. And that's all there really is to it. So I just wanted
to show you where that was, when you actually launch it for a virtual machine.
Hey, this
is Andrew Brown from exam Pro. And we are looking at creating ourselves our own Azure
account so that we can get some hands on experience with Azure. So what I've done here is I've
gone to Azure dot Microsoft COMM And that's what I want you to do as well. And then when
you're here, just look for a free account, they have it everywhere. So they have it here
and they have it here. And I bet you could even get it through sign in. Well, what I'm
going to do is just click free account here in the top right corner. And then when I'm
here, we're going to have another start free button. So we'll go ahead and click that.
And so now we have to login with our Microsoft account. Or if you don't have one, we'll create
one, I'm gonna create a new one. And I created an email just for this tutorial here. It's
called Azure exam pro Co. And I'm going to need to set a password. So I'm just going
to go off screen and generate myself a password.
Great. So I just generated myself out a very
strong password, I'm just going to paste that in there. And I'm going to proceed forward.
And so the next thing it's going to ask is just going to send me an email to my email
there. And I'm going to have to enter a verification code. So I'll be back here in a moment to
show you that code. Okay, so I went ahead and checked my email, and immediately I received
the verification code. So mine is 6599, yours is going to be different. So I'm just going
to go ahead and enter mine in here. So it was 6599. And I'm good, I don't need any tips
or offers, and then we'll proceed to next. And so now, before we proceed, we have to
complete this challenge here. So let's give it a go.
So we have x and five, w w w Q. All
right. And so after waiting a little bit, for this page to load, we have some information.
So we have to fill in our about you. So our country, your first name, last name, email,
phone number, identity verification by phone identity verification by card. Oh, wow, they
have a lot of steps here. And so we will make our way through here. So now I'm just going
to go ahead and fill in this information. And I'll see you here in a moment. So I just
filled in the About Us section here. And so what I'm gonna do is I'm going to just proceed
to next. And so now it's going to ask me to verify my identity by phone.
So I want a text
message. So I'm gonna click the text me button. And so I'm just going to check my phone for
that verification code. And so I received the text message for the verification code,
I'm just going to go ahead and enter that in. So mine happens to be 351033. Your codes
going to be different from my code. I'm going to go ahead and verify that code. Alright,
and so it looks like it's going to ask us to identify our verification by card. So we're
just waiting for something to load here.
And so what we're gonna have to do is we're gonna
have to enter in credit card information. So we'll just go ahead here and fill that
in. So I have gone ahead and filled in my credit card information, I'm just gonna proceed
to next. Great. And so now that it's been verified, I can go ahead and just go ahead
and click on the agreement. So I'm going to say I agree to the subscription. And the second
one, I do not have to check box. That's if I want to get tips in offers. But the first
one, I'll definitely check box because we have to, and we'll go ahead and sign up.
Great.
And so now we are here. And it looks like we are ready, I guess you could schedule a
live demo, which seems very generous of Azure. But I'm just going to go ahead and proceed
to the portal. And so here we are, we made it into Microsoft Azure. And what you're looking
at right now is the portal, it's telling me I have $250 worth of credits. If you're wondering
why it's higher than yours, or lower than yours, notice that it's in Canadian dollars.
So I believe that it's 200 USD, when that's converted my currency, it's a bit higher.
And so it might be different for for you.
But there you go, that's all we had to do
to create an account. And now we can actually start learning other things in Azure. Hey,
this is Andrew Brown from exam Pro. And I just wanted to quickly show you that you can
change the experience of your Azure Portal, if you just go all the way up here and click
the cog, you can switch the default view from home or dashboard, you can change the flyout
here, so it's docked, which is a lot easier when you're navigating stuff all the time.
And if you're choose, if you want to change your theme, you can go to a dark mode here.
Or even you can do a high contrast.
So very old school, but very easy on the eyes. So
just wanted to make that aware to you. Because you may feel that you want to change your
experience right off the bat. So there you go. Hey, this is Andrew Brown from exam Pro.
And we are looking at Azure computing services starting with Azure virtual machines. So virtual
machine is going to be the most common type of compute whenever you're launching a server,
I would just think of a virtual machine.
And your virtual machines could either be running
Windows or the Linux operating system. Now the great thing with virtual machines is you
get a lot of configuration. So you can choose your address, the amount of memory, the amount
of CPU, you can attach storage to it. The thing here is that because it's a virtual
machine, the the hardware shared with other customers, you can get dedicated, but generally,
it's shared. And then you get a virtual computer. So it seems like you have like 100% of the
resource, okay, then we have Azure Container instances. So this I would describe as Docker
as a service, you can run containerized apps probably runs Docker in both windows containers,
because I believe Windows has containers as well, but runs containerized apps on Azure
without provisioning servers, or VMs.
That makes that a lot easier for you. The next
sounds very similar, which is called Azure Kubernetes service. So it's Kubernetes as
a service, easy to deploy, manage, and scale containerized applications. So the idea here
is that Kubernetes is just another way of working with containers. But it's using an
open source library. Kubernetes has basically become the de facto for containers. And so
we've seen all the cloud providers try to make their own service or orchestration service,
but Kubernetes is kind of one out.
So you'll see it on all platforms. The next one is Azure
Service Fabric. This one can be a bit confusing, because it's described as many things. But
I'm going to describe it here as a tier one enterprise container as a service, application
or cloud service. So it's for distributed system platforms, it runs on on the Azure
cloud or on premise.
And the way they described is easy to package, deploy and manage scalable
and reliable micro services. And anytime you hear the word microservices, think of also
containers. So with Azure Container instances and Azure Kubernetes services, that's where
you'd also run micro services, then we have Azure Functions. So this would be event driven
serverless compute. Anytime we're talking about serverless compute, we're used to talking
about serverless functions, which are little bytes of code that you can just upload. And
it just works. You don't have to think about the servers or provision anything.
And you
only pay for the time that that code run. So serverless functions generally run for
a very short duration. And as soon as they're done, those underlying servers are shutting
off. And the last on our list here is Azure Batch. So you can plan schedule, execute your
batch compute workloads across 100 plus jobs in parallel. When I say jobs here, it's just
the code that you want to run. You can use spot VMs spot VMs might not be out at the
time of this, but it will be in the future. But generally, it's known as low priority
VMs. But the idea here is that there are virtual machines that are being underutilized. And
so Azure is allowing you to rent them at a more cost effective costs. And so if you're
doing a lot of scientific compute or other things, and it doesn't matter if these services
get interrupted, and you want to use those low priority VMs, that is a great way to save.
And that is the computing services.
Hey, this is Angie brown from exam Pro. And we are looking
at Azure storage services starting with Azure Blob Storage. So I would describe this as
objects serverless storage. So have you ever heard of object storage or service storage,
this is going to make sense to you. So you're able to store very large files and, and large
amounts of unstructured files. And the idea here is that you pay for only what you store.
It's basically unlimited storage, you don't have to resize the volumes, you don't have
to worry about filesystem protocols, you just upload files. And that's why it's considered
serverless storage, then we're gonna move on to Azure disk storage, this is the most
common type of storage you'll encounter. So we can describe it as a virtual volume. So
you're just choosing either an SSD, or HDD. So it's basically a hard drive in the cloud.
It has encryption by default, and it's attached to virtual machines.
So anytime you're spinning
up a virtual machine, it's probably spinning up also as your disk storage attached to it.
Then you have Azure file storage. So this is a shared volume that you can access and
manage like a file server. So it's going to use protocols such as SMB, the reason you'd
want this is that let's say you had multiple virtual machines, multiple servers, and you
wanted them to all share the same hard drive, that's what you use it for. Or if you need
to have users access it using those protocols. That's another way of doing that. Then you
have as your queue storage, now I put an asterisk in front of it, because this is just a weirdly
named service.
Because this is really, for a messaging queue. This is actually for application
integration by listed here, because they put the word storage on. So I just think it's
poorly named. And even the way to describe it is is just makes you think it's storage.
But it's a data store for queuing and reliably delivering messages between applications.
So it's just been integrating two applications together, passing messages along. Another
one that's confusing is Azure table storage, I would put this in the database categories.
And it's a no SQL database. And specifically, it's a wide column no SQL database. As they
describe, it's a no SQL store that hosts unstructured data independent from any schema. So just
be aware of those two, they're just very poorly worded. Then you have Azure Data box, and
also its upgraded version, the Azure Data box heavy This is a rugged briefcase, computer
and storage designed to move terabytes or petabytes of data. So imagine, somebody shows
up your door with this, this tower, that's a computer and you plug in your USB or whatever,
whatever you want.
And you transfer all your files locally on your on premise data center,
and then they they ship it because it's faster to ship the data on a physical piece of device
than it is to send it over the internet. That's what Azure Data box is. And then we have Azure
archive storage. So this is long term cold storage for when you need to hold on to false
for years, but you want the cheapest storage options. If you have lots of data. And it's
not, it's not doing anything, you definitely want to be putting on the cheapest possible
storage devices. Cheap meaning doesn't mean that they're not reliable just means that
they're not active, the disk are not active, actively spinning, nobody's accessing the
data on those hard drives.
The last one is Azure, Azure Data Lake storage. And so this
is a centralized repository repository that allows you to store all structured and unstructured
data at any scale when you're working with big data from multiple different sources,
and used to be in one place, that is the service for you. And so that is the Azure storage
services.
Hey, this is Andrew Brown from exam Pro. And we are looking at Azure database
services during the top of our list is Azure Cosmos dB. This is a fully managed no SQL
database. It's designed for scale with guarantee of 99.999% availability, as your loves talking
about this database. It's their flagship database because it works at incredible scale and incredible
performance. So whenever you're thinking about like, like super large databases, think of
Azure Cosmos dB. Next on our list is as your SQL database even though it doesn't have its
name. This is for the MS SQL engine. So if you're running Microsoft SQL, you're going
to want to use this.
It's fully managed with auto scale integrity, integrity, intelligence,
robust security says a lot of great features built around this four MSL SQL databases.
Now if you're not using MS SQL, and you're using something like MySQL, Postgres or MongoDB
they Azure database. So it's fully managed and scalable. With high availability and security.
Then you have SQL Server on VMs. Again, it doesn't have its name, but it's Microsoft
SQL engine. Okay? Anytime it says SQL servers, just assume that it's the Microsoft flavor
of SQL. And the idea for this one is that if you already have SQL servers running on
premise, within your data center, and you want to move them on to Azure, this is where
you use a lift and shift. So it takes those virtual machines and directly moves them onto
the cloud, you don't get all the functionality that you would with Azure SQL Database.
But
it's the easiest way to get onto the cloud. Then you have Azure synopsis analytics, previously
known as as your SQL Data Warehouse, it's because they added an analytics component
to it. But it's a fully managed data warehouse with integrity, integral security at every
low level skill at no extra cost, then you have Azure database migration service, so
migrate your databases to the cloud with no application code changes. So there's that
service, then you have Azure cache for Redis. So if you need an in memory cache, that is
using the open source Redis, you can use that. And last on our list is Azure table storage.
We mentioned this in the storage services. But to me, this is a database, it's not a
storage service, even though it's named as such, so why column no SQL database, a no
SQL store that hosts unstructured data, independent of any schema. So there you go, that's the
Azure database services. Hey, this is Andrew Brown from exam Pro. And we are looking at
application integration services on Azure.
Now, I didn't have room on the slide for this.
But just to tell you what application integration is, these are services that are designed to
help apps or services talk to each other. So it's basically the glue of services. The
first on our list here is Azure notifications hub. This is using publisher subscription
technology underneath. And this is for sending push notifications to any platform from any
back end. Next, we have Azure API apps. So this is essentially an API gateway. So you
can quickly build a consume API's in the cloud. And then the those API's will have API endpoints,
and you can route them to Azure services, or maybe functions or containers. But it's
a way of building an API in the cloud.
Then you have Azure Service Bus. And as the name
implies, it is a service bus. So reliable Cloud Messaging as a service, ma s and simple
hybrid integration. I know that's not very clear. That is the language that Microsoft
uses to describe it. But just what you need to know is that it is a service bus, then
you have Azure Stream Analytics. So this is serverless, real time analytics. Remember
that world word real time and think of this service from the cloud to the edge. Then you
have Azure Logic Apps. So you can schedule automate orchestrate tasks, business processes,
and workflows, and integrates with enterprise, SAS and enterprise applications.
Then you
have Azure API Management. This can be confusing, because we have another service called Azure
API apps, I don't know what we would generally call the service. They say it's a hybrid multi
cloud management platform for API's, across all environments, whatever that means. But
when I looked at it, what it does is you can put this in front of an existing API to add
additional functionality. So if you have an API, you put it in front of it, and it's a
basically a proxy to your API, and you get all this additional stuff.
Then last on our
list is Azure queue storage. We saw this in our storage service sections. And I had said
that I don't really consider this a storage service, I consider it an application integration
service. And this is a messaging queue. So it's a data store for queuing and reliably
delivering messages between applications. So there you go. That is the application integration
services on Azure. Hey, this is Andrew Brown from exam Pro. And we were looking at developer
and mobile tools that are commonly used with Azure. The first on the list is Azure signal,
our service and this is a real time messaging service, not to be confused with azures notification
service. This is for easily adding real time web functionality to applications. So if you
ever heard of pusher, it's just like pusher. So that is the equivalent there.
The next
we have is Azure App Service. So easy to use service for deploying and scaling web applications
with dotnet. No GS, Java, Python and PHP. I'm a bit sad, I don't see Ruby in there.
But what are you going to do? So it's for developers want to focus on building your
web apps, and not worry about the underlying infrastructure. So if you've ever used Heroku
Think of it like that, but for Azure. Next you have Visual Studio And Visual Studio is
a code editor. It's it's basically an ID and integrated development development environment
designed for creating powerful, scalable applications for Azure. You might have heard of Visual
Studio code, which is similar but different.
But I just wanted to make mention of Visual
Studio here. Then you have Xamarin. I think I'm pronouncing it right. And it's a mobile
app framework. It's for creating powerful and scalable native mobile apps and dotnet,
and Azure. And yeah, so that is the developer and mobile tools for Azure. Hey, this is Andrew
Brown from exam Pro. And we're looking at Azure DevOps Services. So Azure DevOps is
really just an umbrella service for a bunch of modern dev services. And we'll jump into
them right away. First being Azure boards, if you've ever used a combat board, that is
what Azure boards is.
And if you've ever used GitHub projects, it literally is that because
Azure, and GitHub are owned by the same company, Microsoft. And so they brought over that technology
to Azure. So deliver value to your users faster using proven agile tools, to plan, track and
discuss work across your teams. Then you have Azure pipelines. So build, test and deploy
ci CD that works with any language, platform and Cloud Connect to GitHub or any other provider
and deploy continuously. So if you need automatic deployments, that's what Azure pipelines is
for, then you have Azure repos. And this is exactly like GitHub repos. So get unlimited
code, cloud hosted private Git repos and collaborate to build better code with pull requests and
advanced file management. I really mean, it's just like GitHub repos, because it's just
that technology moved over to Azure. And you have as your test plan, so test and ship with
confidence using manual and exploratory testing tools. So this is just a way of setting up
tests. Have you ever used like, was it called Cypress or any other like, or any other testing
tools, it's just built into Azure, it'll, it'll open up a browser and literally test
your application and make sure it works as expected, then you have Azure artifacts, so
create hosts and share packages with your team.
So this is just package management,
but specifically for ci CD pipelines, so ci CD pipelines, they have to set up the servers,
and you have to have pre installed packages, that's just going to make it a lot easier
for you. Last is Azure dev test labs. So this is just an easy way to create dev test environments
for your developers. And that is the Azure DevOps Services.
Hey, this is Andrew Brown
from exam Pro, and we are looking at Azure Resource Manager. And just to understand the
service, we understand what infrastructure as code is, so also abbreviated as IAC. This
is the process of managing and provisioning computer data centers through machine readable
definition files rather than physical hardware configurations, or interacting configuration
tools. If that is complicated, all it means is that we're using scripts, we're using scripts
to set up less services like VMs, or databases or storage. So you don't have to manually
go through the interface or you can give that script to another team or company and they
can set up the exact same setup you have within seconds. So the the infrastructures code service
for Azure is called Azure Resource Manager or arm for short, and allows you to programmatically
create Azure resources via a JSON template, I'm just going to show you what that template
looks like. So you'd make this template and it will allow you to launch a virtual machine.
Okay, so instead of going to the interface, and clicking and doing a bunch of stuff, you
just define all the stuff you want to do in JSON.
This is a very short version of it,
there's definitely a lot more configuration that would be required. But here, this would
be a very easy way to set up a virtual machine using code. Hey, this is Andrew Brown from
exam Pro, and we are looking at Azure quickstart templates. So Azure quickstart templates is
a library of pre made ARM templates provided by the community partners to help you quickly
launch new projects for a variety of stack scenarios. So in the last slide, we just talked
about Azure Resource Manager where it's just a template to or a JSON file to quickly set
up resources. Well, that is taking that file and just sharing with other people, right,
but it's shared through actual vendors. Okay, so you could go to the Azure quickstart. And
let's say you wanted to deploy a Django app.
And I think it's like also vendors and also
community contributed scripts. So if you want to deploy an Azure or sorry, a Django app,
you could use that quickstart. If you wanted to deploy Ubuntu with a Docker engine, you
could use that script. If you wanted a CI CD containerized app. with Docker enterprise
Jenkins, you could use that script. And if you wanted a web app that was running Linux
with Postgres, you could use that script so it's just a quick way Getting Started. Hey,
this is Andrew Brown from exam Pro. And we are looking at Azure virtual networks, also
known as V net and the concept of subnets. So a virtual network and as we said, It stands
for V net is a logically isolated section of the Azure network where you launch and
your Azure resources. And when you create a virtual network, you have to define a certain
amount of IP addresses that you're going to use, which we call a cider range.
We'll come
back to that in a moment. But here is a graphical representation of your V net. So here we have
the Azure network. And then within that, we have a region, so US East one, and then we
would create our virtual network so that we can launch our Azure resources within. And
in there, we have two subnets, a public one, a private one. And then in the public one,
we have a virtual machine and the private one, we have a database and the end in the
public one, it's actually it can actually have access to the internet, where's the private
one, it does not. So not all services require a V net.
But most do so because you just have
to put your resources somewhere. And they have to go into a virtual network, which are
associated with an IP address, whether it's public or private. And then there's other
network controls that are involved. So now let's take a look at the cider range. So cider
range, I said is just an allocation of IP addresses that you're going to use in your
virtual network. All I want you to know is that C versus 10.0, point 0.0. That's the
name of our network. But we have that forward slash 16. That is the cider range. And the
lower the number, the higher the more IP addresses you get, I'm not going to get into the math
in this video, it's not necessary. But just understand that the forward slash 16 is a
very big number. And that's the amount of IP addresses that we can launch. So we could
essentially launch 65,000 servers within this virtual network. And so we can subdivide our
virtual network into subnets.
So it's a logical partition of an IP network into smaller network
segments. So that's what you're doing, you're breaking up into smaller IP ranges. And when
you create a subnets, they have to be smaller. So you have to you have to define a cider
range for those as well. But they have to be smaller than the V net. Remember, I said
the higher the number, the lower it is. So when you have forward slash 24, that's just
saying 256 IP addresses.
Alright. And one more thing is I want to note is that we have
things called public subnets, and private subnets, public subnets, reach the internet,
private subnets do not. So when you have sensitive things like your database, you don't want
that to be in a public subnet, but a web app, which generally has traffic coming from it
from the internet. That's okay. All right. And that's all we need to know here.
Hey,
this is Andrew Brown from exam Pro. And we're looking at the cloud native networking services.
Now, these networking services aren't super, super important for the exam, but I like to
go through them generally would make an architectural diagram for this, but it's just a bit too
complicated. So I thought we'll just go through and list them. So the first is Azure DNS.
And we do describe the service later in the course here. But this provides an ultra fast
DNS responses and ultra high domain availability. So if you have a domain name, and you just
want it to be managed by Azure, you can associate it with Azure DNS, then you have Azure virtual
network, we talked about this prior, but we'll talk about it again, short for V net, a logical
isolated section of your Azure network for customers to launch Azure resources within,
then you have Azure load balancer, and as the name implies, it is a load balancer, but
this one is at level four transport.
So it doesn't really understand requests, like what
a web application would send, it's more lower level. And so that's what that is, then you
have Azure application gateway. And this is an HTTP load balancer. So it does understand
like requests coming from a web server. And what you can do with it is you can actually
route based on HB requests to specific services. But it also you can apply a web application
firewall because it is an application load balancer. That's why you can ply that web
application firewall, which is a separate service, then you have network security groups.
So this is a way of protecting your subnets.
So it's a virtual firewall around your subnets
where you can say, allow these allow these ports to be open. And, and from who and and,
and such. So there you go. That's the cloud native networking services. And the reason
why they're cloud native networking is because you wouldn't use these with enterprise or
on or, or in hybrid models. It's just what you normally use. And most startups would
be using all these cloud, these networking services. So next we have enterprise or hybrid
networking services. So this is when you're using networking.
That is going to work on
prem to the cloud. So the first is Azure front door. So this is a scalable and secure entry
point for fast delivery of your global applications, such as making sure you have a secure entry
point into Azure from outside, then you have Azure Express Route, you want to remember
this one definitely for the exam, it probably will show up as a question. This is a connection
between your on premise to Azure cloud. And it can be between 50 megabytes per second
to 10 gigabytes per second. I'm pretty sure it's also secure. But the point is, is that
if you need a super, super fast connection, from your on prem data center to Azure, you'd
use this service Express Route. Remember, it's going to be on your exam, then you have
virtual LAN. So a network service that brings many networking security routing, functionality
together to provide a single operations, operational interface.
I know that sounds complicated,
but awareness, just a way of making networking easier by creating like a hub spoke model,
then you have Azure connection. So a VPN connection securely connects to Azure local networks
via IPsec. So that's just a way of creating a secure connection with Azure. Then you have
virtual network gateway, a site to site VPN connection between Azure virtual network and
your local network. So it's just a way of connecting with Azure. So there you go, that
is the networking services. Hey, this is Andrew Brown from exam Pro, and we are looking at
Azure Traffic Manager. So this service operates at the DNS layer to quickly and efficiently
direct incoming DNS requests based on the routing method of your choice.
So what you
do is you'd choose a routing method. So we got performance weighted priority, geog, geographic
multivalue sub net, and you'd be able to reroute your traffic so you can route traffic to servers
geographically, nearby to reduce latency failover to redundant systems in case primary systems
become unhealthy, or route to random virtual machines to simulate a B testings, I think,
like the best use cases fail overs for DNA at the DNS level, like that's a great one.
And just a visual example here. Imagine we had exam pro.co. And we had a production server
and a beta server. And we only want a 20% of our users to see the beta server. So we
could use I guess we use weighted there and we'd say 80%, on prod, 20%. There. And that's
how that would work. So there you go, that's Azure Traffic Manager.
Hey, this is Andrew
Brown from exam Pro. And we're looking at Azure DNS, I told you, we would come back
to this one, because we're on the networking slides, I just did not describe this in detail.
So as your DNS allows you to host your domain names on Azure, you can create DNS zones and
manage your DNS records. So if you wanted to add a record, like let's say we had example
CO and it was being managed by DNS as your DNS, we could add beta as a sub domain. And
we could use alias to route that to a load balancer or virtual machine. And then that
would go into our list of records. One thing that is interesting on is kind of like a downer,
which is Azure DNS does not allow you to purchase domain.
So it only gives you the ability to
manage DNS records, some other cloud providers, they allow you to purchase and manage but
only as your DNS does not at this time, maybe in the future. Hey, this is Andrew Brown from
exam Pro. And we are looking at Azure load balancer, we had only mentioned this briefly
in the networking services slide. And so we'll look at it more here. So as your load bouncer
is used for evenly distributing incoming network traffic across a group of back end resources
or servers, as your load bouncer operates on the OSI layer four, that's the transport
layer.
So it doesn't understand HTP requests, it's just sending packets back and forth.
So here is a graphical representation. So imagine you have the internet, and somehow
it's making its way to the load balancer, the load balancer is going to do is it's going
to distribute that amongst your virtual machines, virtual machines being your servers. And the
great thing is, is that you can have virtual machines in different availability zones,
and the load balancer can distribute it to to those and that's how we get high availability.
Okay. And now with Azure load balancer, you can create both a public load balancer, so
that's incoming traffic from the internet to public facing servers of servers that have
a public IP address with internal or an easier way described would be a private load balancer,
so incoming internal network traffic to private facing servers, so private IP addresses, so
there you go. Hey, this is Andrew Brown from exam Pro, and we are looking at scale sets.
And so this allows you to group identical virtual machines and automatically increase
or decrease the amount of servers based on the change in CPU, memory, disk network performance,
or on a pre defined schedule.
So when we talk about elasticity, we're talking about using
scale sets the ability to automatically increase or decrease the amount of servers. So here
is a visual representation. Imagine you have internet traffic, and it hits that load balancer.
And then we determined that the current load on the existing server is greater than 80%
CPU utilization, it's going to need some extra servers. And so what happens is the skill
set decides, okay, we're gonna have to add one or two more servers. And when that CPU
usage goes below 80%, but it says, okay, we don't need those servers anymore. Get rid
of them. Okay. So that is scale sets. Hey, this is Andrew Brown from exam Pro, and we
are looking at IoT services on Azure. And so before we get into it, what is IoT? So
IoT stands for Internet of Things. So a network of internet connected objects, usually hardware,
able to connect and exchange data.
So here is a graphical representation of IoT devices,
maybe you recognize some, let's just go through a quick list of things that could be IoT devices.
So you have smart bulbs, so maybe there's light bulbs in your house that are controlled
by the internet. Smart fridges who doesn't want one of those smart light switches, narrowband,
or wideband hardware, this is just a way of connecting to the internet, it's just like,
it's kind of like Wi Fi. Then you have security cameras, then you have voice command speakers.
So think of like Alexa, then you might have temperature pressure or humidity sensors,
if you're in the farming industry, you can use you can leverage leverage IoT devices
for that. Maybe you have drones, maybe you have phones, that could be an IoT device,
and even buttons. So AWS had these things called AWS, or dash buttons.
They weren't
popular. But the idea was, you could like press a button and like purchase something.
So like, if you always had to get like soap for your washer, you could have that button
right on your washer. But let's actually talk about the IoT services here. So the first
one here is IoT Central. So this allows you to connect your IoT devices to the cloud,
then you have IoT Hub. So this, this enables highly secure and reliable communications
between your IoT applications and devices that manages then you have IoT edge is a fully
managed service built on the Azure IoT Hub, and allows you allows data processing analysts
near the IoT devices. So this is really edge computing, I really should have highlighted
that for you. But this is where you are able to offload your compute from the cloud to
local computing hardware, such as IoT devices, phones, or home computers. So it's just a
way of saving money or utilizing your local network for compute. Then you have Windows
10, IoT Core services.
So this is a cloud services subscription that provides the essential
services needed to commercialize the device on Windows IoT, or 10 IoT Core, so basically,
it's long term Oh, support and services to manage device updates, and assess device health.
Alright, so there you go. That's your IoT services. Hey, this is Andrew Brown from exam
Pro. And we are looking at big data and analytics services on Azure. So before we jump into
it, let's talk about what is big data. So it is a term used to describe massive volumes
of structured and unstructured data that is so large, it is difficult to move in process
using traditional database and software techniques. So we need special services just to handle
them. The first on our list here is Azure synopsis analytics, formerly known as SQL
Data Warehouse. So it is enterprise data warehousing and big data analytics.
So it's intended to
run SQL queries against a large databases to generate things such as reporting. Then
you have HD Insight HD is short for Hadoop. But anyway, it runs open source analytics
software, such as Hadoop, Kafka and spark I imagined was called HD Insight because it
only supported Hadoop and then they added additional services, but that's just what
it's called. Then you have Azure Data bricks. So we have a patchy spark based analytics
platform optimized for Microsoft Azure Cloud Service platforms.
So third party data, bricks,
cloud services support with Azure, so data bricks, was made by the creators of Spark.
And yes, of course, you can run spark on HD Insight. But data bricks is its own cloud
service provider and Azure partnered up with them so that you can use it within the Azure
platform. Then you have data lake analytics, so an on demand analytics job service that
simplifies big data. And we saw what data lakes were when we looked at storage services,
but we'll describe them here just in a little bit.
Different way, a data lake is a storage
repository that holds a vast amount of raw data in its native format until it is needed.
So there you go, that is the big data and analytics services, we need to know. Hey,
this is Andrew Brown from exam Pro. And we are looking at artificial intelligence and
machine learning services on Azure. So a great way of describing that is to always have this
graphic here where we have this kind of like onion thing where each is dependent on the
other.
And we'll start with artificial intelligence. So what is artificial intelligence or AI,
this is where machines that perform jobs that mimic human behavior. Now, that doesn't mean
that the technology behind it has to be complex. It could be if all statements, but it could
be utilizing machine learning, it could be utilizing deep learning. But the point is,
is that it mimics human behavior, then you have machine learning.
And this is where machines
that get better at a task without explicit programming. So they are smart enough to learn
on their own, then you have deep learning. And so deep learning is where machines that
have an artificial neural network inspired by the human brain to solve complex problems.
So literally, it's like the power of the human brain. Maybe not as not as great as the human
brain, but quite quite close there. And AI could be leveraging ml, and deep learning.
So that's why it is like that. So when we want to do machine learning on Azure, they
have a service called Azure Machine Learning service.
So this is a service that that simplifies
running AI, ml related workloads, allowing you to build flexible pipelines to automate
workflows. So you can use Python, and R, you can run your deep learning workloads using
technologies such as TensorFlow. And so that's what you'd use. Now, there was a service called
Azure Machine Learning Studio, I think it's still around if you if you're still using
it. And that's the classic version of the service. And it does basically what Azure
Machine Learning service does.
But there's some limitations. So does not have like a
pipeline and other functionalities. And if you're wondering if you could easily migrate
from classic to the other one, it's not easy to migrate. So basically, you definitely always
want to start with Azure Machine Learning Services. No reason you'd want to use Azure
Machine Learning Studio, unless you're using it for legacy reasons. Hey, this is Andrew
Brown from exam Pro. And we're still looking at AI and ml services, specifically just AI
services, because Azure has a lot of them, and I'm just going to quickly go through them
and they're pretty self explanatory.
So the first one is personalized, it delivers a rich,
personalized experiences for every user using AI. Then you have translator it adds real
time multi language text translation to your apps, websites and tools. You have anomaly
detector detects anomalies and data to quickly identify and troubleshoot issues. Azure bot
service Intelligence Service a bot service at scales on demand form recognize, recognizer
automate the extraction of text key value pairs and tables from your documents. You
have computer vision, easily customized computer vision models for unique use cases, language
understanding, so build a natural language understanding into apps, bots and IoT devices.
We have q&a maker so create a conversational Question and Answer bot from your existing
content. Text Analytics, extracting information such as sentiment, key phrases, named entities
and languages from your text, content moderator, so moderate text and images to provide a safer
more positive user experience.
Face so detect and identify people and emotions in images,
ink, recognizer recognize digital ink content, and such as handwriting shapes, and document
layouts. So there you go, they have a lot of services, and they haven't even made time
to make all icons for them. That's how many they have. Hey, this is Andrew Brown from
exam Pro. And we are looking at serverless services on Azure. So what is serverless This
is one of the underlying servers or servers infrastructure and OS is taken care of by
the cloud service provider, it will generally be highly available scalable and cost effective.
So serverless is event driven at scale. So a service function can be triggered, or trigger
other events allowing you to compose complex application and just scale.
So with serverless
technology, it's like playing with Lego blocks. Then you have abstraction of servers, so servers
are abstracted away your code is described as functions. These functions can be running
on different compute instances. So if some people like to use Python, or some people
like to use JavaScript, you can mix and match there. Then you have micro billing. So when
you have traditional servers, you probably be billed by at least a second some bill by
the hour. But the thing is, if you're not using the server for the whole second or hour,
You're paying for compute that you're not using.
So serverless functions will bill you
in the microsecond. So you're saving money because you're not paying for unused computation.
Now, let's quickly walk through some of the serverless services. I'm sure there's more
than this, but this is what I think are worth highlighting. So the first is Azure Functions
to run small amounts of code known as serverless. functions in your favorite languages, you
got C sharp, Java, JavaScript, Python and PowerShell. And if Azure is listening, please
can you support Ruby, because I love using Ruby. Then you have blob storage. So this
is serverless. object storage, just upload your files, don't think about the underlying
file systems resizing, basically unlimited space, and you can upload pretty darn large
files. Then you have Logic Apps allows you to build serverless workflows composed of
Azure Functions, building a, I would say this is you building a state machine for serverless
compute, then you have event bridge, which seems a bit similar, but it's not it uses
pub sub messaging systems to allow you to react to events and trigger other Azure cloud
services such as Azure Functions.
So there you go, that is serverless services. Hey,
this is Andrew Brown from exam Pro. And we are looking at the Azure portal. So the Azure
portal is a web based unified console that provides an alternative to command line tools.
You can manage your Azure subscription with the Azure portal, build, manage, monitor everything
from simple web apps to complex cloud deployments. So what does that mean? It just means the
browser that you use to access Azure. So anytime you're logged into Azure, that is the portal,
that's all you need to know. There's another thing about Azure Portal, and that's Azure
preview portal. So the thing is, is that sometimes there are new features, or new products that
Azure has made that are not necessarily generally available, but you can get a sneak peek of
them sooner if you use the Azure preview portal.
So that could be previews, betas, or other
pre releases. So the way you do that is very similar how to how you'd access the regular
portal. But if you want to test preview of new features, you go to the preview dot portal
azure.com. Or if you're looking for a stable release, in production, ready features, you
just use portal dot Azure calm. So that's all you need to know about the Azure portal.
So I just wanted to quickly show you what the portal looks like.
We are going to show
you in this course how to create your own account and work within the portal. I already
have one set up here. And I've already logged in. And if I go to the top here, I actually
have this portal link now. And when I go here, we can see what the portal looks like. So
this is the portal, you can see that it's telling me about my spend, but I'm on the
dashboard. Right now, on the left hand side, we have this hamburger menu where we can explore
the services, we can go up here and search them as well. So whatever I'm looking for,
if it's monitor, we can go there. And that's pretty much it. This is the portal. So it's
just the browser when you're logged in, you can interact with any cloud resources. Hey,
this is Andrew Brown from exam Pro. And we are looking at PowerShell for Azure. So first
of all, what is PowerShell.
So PowerShell is a task automation and configuration management
tool. But an easier way to think of it, it's just it's a command line shell it's also a
scripting language. And so when I say a command line shell, I mean this thing, this blue thing.
And so if you have a Windows machine, you can actually you'd have to I think have Windows
Professional, but you can go ahead and install this. And it's allows you to automate things
using its scripting language, as well as in this, this program. Now, the PowerShell is
available on Azure as well. And we'll get to that a moment, let's just talk about the
benefits of PowerShell over traditional, traditional shells.
So shell could be something like bash
or Zed sh, which would accept and return tax. But PowerShell is built on top of the dotnet
Common Language Runtime, so CLR. And it accepts and returns dotnet objects. So those objects
make it a lot easier to automate scripting. And so PowerShell is available on Azure, and
it's known as Azure PowerShell. And so we have a set of command commandlets for managing
Azure resources directly from the PowerShell command line. And if you're wondering how
you'd access PowerShell, you could use Cloud Shell, which we'll talk about here in a moment.
Okay, so I just wanted to quickly show you PowerShell, I'm on my Windows computer right
now. And this is natively installed on my, my windows 10 computer, and I can type in
commands here.
And so this is just give me a list of all my, my my directories in in
this current folder. But I just also want to show you that we have PowerShell here in
the Azure portal. So I'm using the Cloud Shell up here, and I've chosen to use PowerShell.
And you can see it's pretty much the same experience with some extra things that make
it easier to work on cloud. So that's it Hey, this is Andrew Brown from exam Pro. And we're
looking at Visual Studio code. So Visual Studio code is a free source code editor, meaning
it at its code made by Microsoft, for Windows, Linux and Mac OS. And you can even run it
in the cloud. If you're wondering what it looks like this is the editor. And this is
not to be confused with Visual Studio. So Visual Studio is an ID, and is also for programming.
But it has a lot of functionality built in here is Visual Studio Code open source? Well,
they say that it is but I don't know to what degree I don't know if it's 100% open source.
But this is the most popular text editor or code editor out right now.
And Microsoft has
or sorry, Azure has a service called, like Visual Studios workspaces that's on Azure
and allows you to spin up these developer environments using this editor right in the
cloud. I don't think it's gonna be on your exam. But I just thought it was cool to mention.
And if you don't have a code editor, I strongly recommend downloading this one for your computer
because it is great. So I just wanted to quickly show off Visual Studio code here. So if you
wanted to go download yourself, you just type in Visual Studio code into Google. And you
should end up here, you can download a version, it's for Windows, Mac, and Linux, so you can
download for anything, and you can run it in the cloud on Azure, or even launch your
own server on other other other cloud providers. I just have happened to have Visual Studio
Code open here with an open source project.
Just to show you what it looks like. The thing
that people really like about it is just It looks great, and it has really good plugins.
So if I just go to extensions here, you can anything you need, you can add it and enhance
this editor here. If you don't have a code editor, I strongly recommend downloading this.
And I just wanted to make make you familiar with this editor here. Hey, this is Andrew
Brown from exam Pro. And we're looking at Azure Cloud Shell.
So Azure Cloud Shell is
an interactive authenticated browser accessible shell for managing Azure resources. And so
it provides the flexibility of choosing the shell experience that best suits the way you
work. So you can either use bash, or PowerShell, we just talked about PowerShell. And this
is the place where you could use it in Azure. So just to give you a visual, if you ever
want to access the Cloud Shell, it's all the way up in the header there in the portal.
And so you click that button, it opens up PowerShell or it will depends on what you
choose, but it will open it up down below. And then you'll be able to use PowerShell
right away and also the CLR right away, which we'll talk about next is the Azure Salesforce.
Hey, this is Andrew Brown from exam Pro.
And we are looking at Azure see ally. So what
is the CLR will CL eyes stands for command line interface. And it processes commands
to a computer program in the form of lines of text. And the operating system implements
a command line interface in a shell or terminal. So we saw a shell earlier, which was PowerShell.
But we'll look at what CLR commands look like here in a moment. So the Azure COI can be
installed on Windows, Mac and Linux. once its installed, you would type A z followed
by other commands to create, update, delete, view and manage your Azure resources. And
so to really show you what that code looks like, down below, we have a bash script. But
this could easily be PowerShell. And you have the commands AZ and then you'd have what it
is that you want to do.
So if you wanted to create a group, you type a C group create
an E provide the name and the location. Or let's say you wanted to launch a virtual machine,
which is a server you do AZ VM create, and then provide those other parameters. So that
is how you would programmatically create Azure resources. And there's tons and tons of ci
commands for Azure. So you basically anything you're looking at pretty much can be created
with the CLR programmatically. Hey, this is Andrew Brown from exam Pro, and I'm going
to show you how to create resource groups. And the reason why we are going to make one
is because without one, we're not going to be able to launch pretty much any resource
until we do so because you always have to choose a resource group when launching Azure
resources. So even though it shows up here on our dashboard, if it doesn't, I want you
to go up here at the top and type in resource group.
And we'll go ahead and click resource
group here. And then all the way on the left hand side, I want you to click on Add. And
we're just going to have to use our free trial which is our type of subscription. I'm just
going to type in exam pro as the resource group. We're going to stay in US East, because
that is where the most most of the services are available Azure and that's what I'm going
to be using throughout. This course is always using US East. So we'll go down here and hit
Create plus, review, plus, create Because there's really nothing else to check. And
once validation pass, this might happen instantaneously for you, you might have to wait a few seconds,
go ahead and hit Create. And so now we have created our resource group. And there is no
cost resource group. So there's no worry about happiness, or whether you keep it around,
don't delete it, or you're going to notice that the group hasn't showed up just yet,
you're gonna have to hit refresh.
And sometimes Azure is a bit slow about showing resources
when you create them initially, and when you delete them. So I'm just going to wait a little
bit here. And I'm just going to keep on refreshing. And I'll see you back in a few minutes. All
right, so waited a couple of minutes. And if you just go ahead up here and hit refresh,
now we can see that we have our resource group.
So that's all there really is to it. Nothing
super exciting there. I'm just going to click Microsoft Azure at the top here to get back
to my dashboard. And I'll see you in the next follow along. Hey, this is Andrew Brown from
exam Pro. And we're going to look at making our own virtual network. So we made a resource
group, but we also need a virtual network or V net.
So we actually have some network
to launch our resources within. So what I want you to do is make your way all the way
to the top here, and we're going to go ahead and type in V net, which will get virtual
networks and go ahead and click that. If you notice, you don't have any network. So we're
gonna have to go ahead and create our own. So go ahead and hit the Add button. And we're
going to have a bunch of options here, I'm just going to name this, or sorry, we're going
to choose that resource group. So exam Pro, and we're just going to name this exam pro
v net. And there are some additional steps here, we'll just take a peek here, we don't
really need to change anything, but we'll just take a look.
So for IP address, you can
set the IP address space, it's going to default to 10 dot 0.0 416, which is very good for
us, you can see that it supports ipv6, which is great. It's going to create us a default
subnet which is going to be 10 dot 0.04, slash 24. That's going to be a subnet with like
256 IP addresses, which is great. Go to the Security tab, we have DDoS protection basic
and you definitely want to stay on that because that is free.
Same thing with the firewall,
we don't want it on because that's going to cost extra money, I'm gonna go back to basics,
we're gonna hit review plus create, we're just gonna wait for validation to complete,
this could be instantaneous for you, or you could wait a few seconds, it's different for
everybody. And now the validation has completed, we'll go ahead and hit Create. And so we'll
just wait for that to finish creating. Great, so it's created. So it's just saying deployment
is underway. So we're just gonna have to wait a little bit here until says deployment is
complete, it's already done super fast.
And we'll go ahead and hit go to resource. And
so now we are in our virtual network. And we have a bunch of settings on the left hand
side. So address space, subnets, etc, etc. Nothing we need to know at this level, we
just need that virtual network so we can launch resources in. So now that we have resource
groups and virtual networks, we can start launching resources. So there you go, I'll
see you in the next follow along. Hey, this is Andrew Brown from exam Pro. And I'm going
to show you how to launch your own server on Azure. And so a server would be considered
some kind of computing service.
And the one we're going to do right now is we're going
to use virtual machines. So go all the way at the top here to search, I want you to type
in a virtual machine. I know it's on our dashboard here. But just to get in the habit of always
being able to find stuff, it's great to use the search. And then once we're here on the
left hand side, I want you to click Add. And we're going to be presented with a lot of
different options. So the first thing we need to do is choose our resource group, we have
another resource group we that was created here for us for Azure, I wouldn't worry about
let's just choose the one that we created.
I'm going to name this virtual machine, I'm
going to call it my VM, we're going to launch in USBs. If we want to choose an AZ we could
so we go to availability zone and choose one I'm just going to stick to no infrastructure,
then we have Ubuntu here, it's using the latest version, it might be different for you, I
wouldn't worry too much about it. Then we need to choose our size. This is going to
really determine our cost here. This is $89. Canadian, I'm just going to go ahead and hit
select here. And we're just going to sort on the right hand side based on cost and we're
going to choose the most inexpensive server which is the b1 Ls. So that's one VPC, eu
and half a gigabyte of RAM.
Because this is just an example app. We're not going to do
a or server we're not going to do anything with it. So might as well make sure we're
not overspending our free credits. We have the option to add a public key This is what
you generally would want to do. But that's a lot of work. And so for this demo, so we're
just going to choose password. They're very finicky about the passwords here that it has
to have a uppercase, lowercase special character. Number, and it also has to be 12 characters.
So I'm going to type in testing with a capital T testing, 123, exclamation exclamation, and
then testing with a capital on the T 123. Explanation exclamation.
So there we go. We
don't need any inbound ports, I'm gonna say none because we're not SSH. Again, I'm just
going to click forward here to show you some of the other options. So we could choose our
the type of disk we'd be attaching. So it's by default on premium, you might want to use
standard or standard HDD. Generally, when you're launching web apps, you want SSD, if
we did choose standard, it would say, hey, you should really use premium. So we're just
going to go back to premium, you're going to notice that the disk is encrypted by default,
so you can't have an unencrypted disk. That's a very good default option.
If we go over
to networking, it's going to automatically select our V net that we chose, and the default
subnet that we that it created when we created the V net. And then here, we could choose
whether we want an IP address or not. If it had no IP or public IP address, it would still
have a private IP address. And that would that would mean that it would like it's really
intended for a private subnet. It has a network security group set on two basic here. And
that's pretty much it here, you can also put it behind a load balancer, we're not going
to do that. Let's go over to management, management, we have a couple options here, like identity,
auto Shut, shut down backup, these are all fine, we're just gonna leave it alone for
advanced, we could put custom data in here, that means we could provide it a script that
it would use to initially set up the server, we're not going to do that.
And that's about
it. So I'm gonna go back to basic, and I'm going to scroll all the way down the bottom,
and I'm gonna hit review, review plus create. And what we're gonna have to do is wait for
this validation step. That was very fast, it might take multiple seconds for you, or
even a minute. But sometimes it's faster than others. So now I'm going to go down below
and hit Create.
And we're just going to wait for that deployment to be submitted, it's
going to say deployment is underway. And then soon, it's going to say deployment is complete.
So I'll see you back here in a moment when deployment is complete. Great, so we had to
wait a few minutes there. And now it says deployment is complete. And we can press proceed
to go to resource. And so here's our virtual machine, we have some CPUs and networks on
disk. So there's some activity here. If we wanted to gain access to it, there should
be a Connect button here, we're not going to be able to gain access to it, because we
just didn't set it up in a way. That was the case, we have a few options down the left
hand side such as the disks that are actually attached to it, and maybe the size here. So
if maybe if we wanted to resize, change it to a larger size, we could go ahead and do
that.
But there's nothing really exciting here to do, I just wanted to show you how
to launch your own virtual machine. And now that we have our own virtual machine launch,
I'm gonna go back to overview, we're going to go ahead and delete that because this is
now costing us money. It's not costing us a lot of money. But again, we're done here.
So we'll just go ahead and delete, we're going to say yes to delete. And now it says it's
still in the virtual machine. And so we're just gonna wait until this is finished a leading.
And a lot of times, you can just look at the progress up here. And it'll say deleting the
virtual machine could take a few seconds, it could take a few minutes, it just depends.
So all I'll see you here in a little bit when this is done deleting. So after waiting a
little while here, it says it's how it successfully deleted the virtual machine. If we want to
make sure that it's deleted, let's go make our way over to virtual machines, the talker
in the search.
And you're going to notice that it's still showing up there. But it said
it was deleted. And this is the thing with Azure is that it takes time for it to propagate.
So what we'll have to do is just hit refresh, and now it's gone. So just be aware that sometimes
the consistency in terms of what you see in the UI is a bit delayed. And so if you remember
clicking Delete, and it says that it deleted it, just have a bit of patience there and
hit refresh and just double check to make sure that's the case. So there you go. Okay,
great. So now that we've done that, let's actually go learn how to do a different kind
of compute, which is serverless functions. So if we want to launch your own serverless
function, by the way, if you're not at the screen, just click on Microsoft Azure here
at the top.
And we're going to go to our search and we're going to type in functions. And
so on the left hand side, I want you to click on Add. And then what we're doing is we need
to create a function app. So we're going to be on our free trial. We're going to choose
our resource group we created earlier, we're going to name this I'm just call this this
is the function app names. I have just saved my my app. My app is not available yet. They're
all unique nicknames, I just call exam pro app, you might have to change this a few times
before you get what you want. And then for publish, we're going to use code, we don't
want use a Docker container, that's too much work. And we're gonna just use node j s, which
is just JavaScript version 12.
Sounds great to me, we're going to change this to make
sure that you s east. To make our lives a little easier, there's nothing wrong with
Central, it's just I want everything to be consistent. So everything's very predictable
in these. In these follow along here, we'll go all the way to the top and look at hosting
just quickly here, we're gonna see that we have a storage account. Okay, nothing exciting
here, it's going to either be Linux or Windows, this doesn't really matter to us, we can let
it be windows, go back to basic, I'm gonna go ahead and hit review plus create. So we're
gonna wait for this validation step to complete here. So again, it could take a second or
it could take a minute, just depends on the day with Azure. So we'll just wait here a
little bit. There we go. It's just finished validating, and it go ahead and hit Create.
And now we're waiting for that initial deployment.
So we're gonna see the deployment is on its
way, and then we have to wait for deployment to be complete. So it's in progress, it's
underway, this shouldn't take too long, and should say that it's complete here in a moment.
Great. So after waiting a few minutes, here, our deployment is complete, we'll go ahead
and hit go to resources. So now what we need to do is we need to go create ourselves a
function. So on the left hand side, make your way to functions. And then in here, we're
going to add ourselves a new function. And so we have a lot of presets here for us, it's
not gonna matter what we choose, while it does, and I'm going to say, Let's choose HTTP
trigger, we're going to leave with a default name, that's fine, we'll have it stay as function
for authorization level, we'll go ahead and create that function.
So once that function
is, has been created here, and it's already done, let's start adding our code. Because
again, the whole point of serverless is that you don't have to worry about servers, you
just add your code, and it works. And so here's some code it already has for us. What I'm
gonna do is I'm just gonna add myself a console log. console. log is just like saying, hello,
world. So we're gonna say hello, world. And then I'm gonna hit save. And now it's just
connecting to Application Insights. I don't know if it's actually running it. Yeah, it's
connected. Great. And now let's go ahead and hit test. And so we have a bunch of options
here, I'm not going to fill in anything, I'm just going to hit run. And we're going to
see what the output is. Okay, great. So you know, I'm just looking at how this actually
works. And I think what we need to do is we need to actually pass a name and to the, to
the query string here.
So what we'll do is we're just going to go ahead and type in query
here, and we'll put a name, and we'll say, Andrew. Um, and so that should do it. So let's
just hit run. Okay, great. So it's saying, hello, Andrew. So there you go. That's all
you have to do to create a serverless function. And it doesn't cost us anything to keep this
around. So we don't necessarily have to delete it. If you did want to go delete it, I guess
we'd go back here, we'd have to go back to functions here. And I will just click Delete.
Here, we'll type in Yes, it will hit Delete. And there you go. So that's, that's all there
is there to it for serverless compute, go back to Microsoft Azure here, back to the
dashboard.
And we'll see you in the next follow along. Hey, this is Andrew Brown. And in this
video, I'm going to show you how to set up blob storage. And so if you remember through
the actual course, Blob Storage is like serverless storage, so you don't have to worry about
running out of space or resizing your disk. So let's go to it. At the top here, I want
you to type in blob storage. And you're going to go to storage accounts. And this is where
you end up creating all of your storage accounts, you can see that we have a couple of storage
devices from the virtual machine and when we created the serverless serverless function
there, so go ahead and hit Add. And what we're going to do is choose exam Pro, or whatever
you called yours when we were at the resource groups step. Then we're gonna have a storage
device and I say my blob storage. Oh, that'd be all lowercase my blob storage. And that's
already taken. So we'll say exam pro blob storage and it can't have hyphens.
There we
go. And so we're gonna launch it in US East. We have the difference between standard and
premium. I think we'll stick with standard We have storage type v2, or v1 or Blob Storage,
we want Blob Storage, we have some replication options here, I'm just gonna leave it alone.
We have access here hot or cool, we're just gonna leave it hot. And we can just look at
networking here for a moment, we're gonna leave this alone, we're just gonna look advanced
at the moment. So nothing exciting there, we go back to basic hit review, plus create,
we'll have to wait for validation. We'll go ahead and now hit Create. And then it should
say deployment underway, we're waiting to see to say deployment complete, you might
be getting into the rhythm of how grading services now it's almost always the same process.
And we'll just wait here till this is a complete. Okay, great. So I just waited a minute there.
And now, that's all set up. So let's go ahead and hit go to resource. And then we have a
lot of stuff around here.
So what we want to do is want to start uploading files. But
I think we have to create a container first to go all the way down here, left hand side
and go to containers, we're going to create a new container, I'm going to call this Star
Trek, it's going to be a private container. So it's only just for me, we'll hit Create.
And now we should be able to click into that container.
Alright, so now we know that we
have that container, what we can do is go ahead and upload our first file, I just happen
to have a file on my desktop here. So I'm just going to go select that there and upload.
All the options by default are great here, we'll just hit upload. And there we go. So
we just upload a file into our blob storage. Yep, so that's all there really is to it.
So now that we're all done there, we can just go ahead and delete this container.
So I think
we'll just go back to storage accounts. Not sure if we have to delete the containers,
first, I guess we'll find out. And we'll just go here to Blob Storage, we'll go ahead and
hit Delete. And we'll hit yes, we'll go to delete. And there you go. So just go back
to Microsoft Azure there and back on your desktop, and I'll see you in the next follow
along. Hey, this is Andrew Brown from exam Pro. And I'm going to show you how to use
Cloud Shell. So if you want to, it actually doesn't matter where you are, because Cloud
Shell is accessible anywhere. When you're in the Azure portal. It's actually this icon
up here.
So what I want you to do is go ahead and click that. And what it's going to do
is ask you whether you want bash or PowerShell, I'm going to choose PowerShell, we're going
to use our free tier and it's going to we're going to need to create some storage with
it. I'm just gonna drag that up there a bit. So we'll just wait for it to create that storage
device. So now we get this blue screen, which is very typical of PowerShell.
And so it's
gonna have to initialize our accounts. So we're just gonna wait here a little bit until
that's done. Great. And so now we have our Cloud Shell. And so one of the advantages
of having a Cloud Shell is that if you want to do the CLR, and start doing things programmatically,
within Azure, you can do that very easily here. So we already have the CLR installed,
we can just type in AZ whoops, typing clear here, AZ account list. And there we go. So
we got some account information back there. So that's all I wanted to show you for PowerShell,
we can go ahead here and I think we can just power it off, or that would restart it, we
just hit X. And there you go. That's it. Hey, this is Andrew Brown from exam Pro. And we
are looking at the Azure Trust Center. So all it is it's a public facing website portal
providing easy access to privacy, security and regulatory compliance information.
So
there it is, that is the portal. If you type in Azure Trust Center, that's the way you
get to it. And the idea here is that you know, whatever information your organization needs,
it's just all public facing, so you don't even have to log in to get access to it. But
it just helps you make security decisions for your company. Alright, so I just went
ahead there and went to Google and typed in Microsoft Trust Center.
And so this is the
page here. So if we just scroll on down here a little bit, we'll see that we have Microsoft
Azure. And here we have a bunch of options where we can read about their security, security,
privacy, privacy and compliance. Let's go into compliance for Azure. and here we can
see a list of a bunch of compliance programs that Azure is meeting. So we have a ton here.
So if we went into GDPR It might ask us to sign in. So I'll just hit Andrew, in Canada.
And I agree. Okay, and so now I can read all about GDPR. So it gives me a lot of detailed
information about this compliance program and how it applies to Azure.
So there's a
lot of interesting stuff here, I'll just go back here, we can click on security. And so
there's just some generalized information here. But generally, what you're looking for
when you are coming to here is really this compliance programs. That's what everybody's
always looking for, is to read about that stuff in detail. And so that's all you have
to do to get there. So yeah, there you go. Hey, this is Andrew Brown from exam Pro, and
we're looking at compliance programs for Azure. So enterprise companies will not buy your
software solutions unless they are secure. And so how would you go about meeting their
security compliance requirements, and that's where compliance programs come into come into
play.
So basically, an enterprise company is going to say to you, we'll only do business
with you if you are NIST compliant, or if your P IP da compliant, or if you are HIPAA
compliant. Or if you are FIPS, 140, hyphen, two compliant, you might say, well, that's
a lot of stuff. But you know, after a while, you just start to remember them. But at first,
it is extremely daunting, but I thought it'd be fun to go through some of the compliance
programs. And it actually might help your exam, they might ask you about some of these
programs. So we'll just go down the list. So the first one here is the criminal justice
Information Services, the cgis. So this is any US state or local agency that wants to
access the fpis cgis database is required to adhere to this security policy. So that's
their compliance program. Then you have the Cloud Security Alliance star certification.
This is an independent third party assessment of a cloud providers security posture, then
you have general data protection, regulation, the GDPR.
So a European privacy law imposes
new rules on companies, government agencies, nonprofits, and other orgs that offer goods
and services to people in the EU or collect and analyze data tied to EU residents. So
if you're dealing with data in the EU, you got to care about the GD p r. You have EU
model clauses, so contractual, contractual guarantees around transfers of personal data
outside the EU. Then you have HIPAA. So this is the one that you're going to want to remember
this is the Health Insurance Portability and Accountability Act. So for US federal law
that regulates patient protected health information, whenever you're dealing with hospital stuff
you're dealing with HIPAA, then you have is ISO 27018. So this is an international standard.
And it is the code of practice or so Code of Practice covering the processing of personal
information by cloud service providers. That's a good one to remember. Then we have Ida.
So this is a multi tier cloud security, Singapore outside of Singapore, it is Singapore's the
organization, but this one is called mt CS.
So operational. Singapore security management
standard, a standard, a common standard that cloud service providers can apply to address
customer concerns about the security and confidential confidentiality of data in the cloud and impact
on businesses of using cloud services, not one you have to remember but interesting know
this one you want to remember service organization controls sock One, two and three independent
third party examination reports that demonstrate how the company achieves key compliant controls
and objectives. I know there's a lot sorry. Then we have the National Institute of Standards
and Technology NIST cybersecurity framework CSF, you definitely want to know this one.
It's a voluntary framework that consists of standard guidelines and best practices to
manage cybersecurity related risks. Then you have the UK Government, G Cloud. So that's
cloud computing certification for services used by government entities in the UK. And
the last one is FIPS. And we will be talking about FIPS. Again, in this course here. So
this is the US and Canadian government standard that specifies the security requirements for
cryptographic modules that protect sensitive information. So there you go, that's compliance
programs. Hey, this is Andrew Brown from exam Pro, and we are looking at Azure Active Directory.
So Azure Active Directory, abbreviated to ad is Microsoft's cloud based identity and
access management service, which helps your employees sign in and access resources.
If
you work for a larger company and they use Microsoft products. They're probably using
Active Directory and you're already familiar with this. But if you're not, let's learn
up on this because this is a super important service to the Azure and Microsoft ecosystem.
So Azure directory would work with external resources. So it would maybe give you access
to your office 365 to the Azure portal, which is what we're using for two different types
of SaaS applications, it could also grant us access to internal resources. So if you
have applications running within your network, or maybe you're using Azure Active Directory
to gain access to actual workstations on premise, so actual workstations with Azure Active Directory,
you can implement single sign on. And Azure Active Directory comes in four edition. So
we have free, which provides MFA SSO, basic security and usage reports user management,
then we have the next level up office 365.
And by the way, each version has the features
prior to it. So with Office 365 apps, you get company branding SLA to sync between on
prem and cloud, which is really nice. For premium one, you get hybrid architecture,
advanced group access, can conditional access, and then premium to you have identity production
and identity governance. But if I didn't make it clear, active directory is what you use
to help your employee sign in and access resources. That is what it does, it controls access to
resources. So there you go. Hey, this is Andrew Brown from exam Pro. And we are looking at
multi factor authentication.
So what is MFA? So MFA is a security control where after you
fill in your username, or maybe three email and password into a login portal, so this
login portal could be the Azure portal, this could be you logging into Facebook, the idea
is that you have to use a second device such as a phone to confirm that it's you logging
in. And so why do we use MFA? Well, MFA protects against people who have stolen your password
because they might have your password, but they don't have your phone or whatever device
that you're using for MFA. So, MFA is an option most cloud providers have. And just as I said
before, most social media websites have it. So Facebook, Twitter, they all have it.
So
just to give you a visual example, we have a forum where I'm entering my email and password,
then we have a phone, which is our MFA in this case, and then we get authorization.
So the first case that is one factor, right, so if we didn't have to use a phone or another
device, I'd be considered one factor. And then multi factor or two factor authentication
would be the, the addition of another device to confirm that that it's you. And pretty
what pretty much what's common is to use your phone and to install an app on your phone.
And then what that phone will do is it will give you a random number that expires, like
every, I don't know, 10 seconds, you have to enter that in with your username and password
or as a second step, and then you gain access to Azure Portal. Hey, this is Andrew Brown
from exam Pro. And we are looking at Azure Security Center. So Azure Security Center
is a unified infrastructure security management system. It strengthens the security posture
of your data centers and provides advanced threat protection across your hybrid workloads
in the cloud.
That sounds really fancy. But let's take a look at what that is. So that's
what it is down below. It's a bunch of graphs. And it's gonna tell you, if you are compliant
with particular policies, they'll tell you about your security, hygiene, all sorts of
security stuff, so you have a good visual about your security within Azure. So there
you go. Hey, this is Andrew Brown from exam Pro, and we're looking at Key Vault. So Azure
Key Vault helps you safeguard cryptographic keys and other secrets used by cloud apps
and services.
And so within Key Vault, it has a bunch of functionality in it. So one
thing it can do is manage your secrets store, store and tightly control access to tokens,
passwords, certificates, API, keys, and other secrets. It also has key management. So it
can create and control encryption keys used to encrypt your data. Then we have certificate
management so easily provision, manage and deploy public and private SSL certificates
for use with Azure and internal connected resources. And then it also is a hardware
security module. So secrets and keys can be protected either by software, or FIPS, 142
or 140, hyphen to level two validated HSM, I told you that we would be talking about
hips again, and we are right now. So to understand HSM The last thing we're talking about, which
stands for a hardware security module, it's a piece of hardware designed to store your
encryption keys.
And it literally looks like something like that. So Azure would have bought
one of these are a tons of these and that is what is storing your cryptographic keys.
And this piece of hardware is special because when you store keys on it, they're stored
in memory, meaning They're not written to disk. If that thing shuts down, the the keys
are gone and nobody can steal your data. It's just a security measure. And that security
measure has to do with FIPS. Okay, so FIPS 147. Two is a US and Canadian government standard
that specifies the security requirements for cryptographic modules to protect sensitive
information. So for hsms, that are multi tenant, they're generally going to be a 140 hyphen,
two compliant, multi tenant, meaning that, that there's more than one customer that is
using that piece of piece of hardware, but they're virtually isolated from each other.
And then if you have a single tenant HSM, they're generally going to be FIPS 140, hyphen,
three compliant, so a single customer on a dedicated HSM, it's better to be FIPS 140,
hyphen, three compliant. But what FIPS 140 hyphen two is pretty good for most people.
So there you go.
Hey, this is Andrew Brown from exam Pro. And we were looking at Azure
DDoS protection. So before we talk about DDoS protection, let's talk about what DDoS is,
that stands for distributed denial of service attack, this is a malicious attack, to disrupt
the normal traffic by flooding a website with large amounts of fake traffic. So to get this
better visualize, imagine there is somebody that doesn't like you, and you have your servers,
and they want to attack you and they want to stop your your server from running. So
what they can do is they can send a remote commands to a bunch of computers that they
control. And these could also be in a cloud service provider or their own data center,
and from a foreign country. And what they'll do is they will send 1000s upon 1000s of fake
requests to your server.
So they'll they'll have packets they're sending to you with IP
addresses, all those IP addresses are made up so we so they're just fake traffic, and
then they will flood you with so much traffic that your your servers are going to crash,
the network is going to crash, you're not gonna be able to do anything. But the great
thing is, is that the majority of cloud service providers, including Azure have built in DDoS
protection. So just by using a cloud service provider, you're going to have a certain level
of protection against DDoS attacks.
And to talk about the different levels. Azure offers
two tiers of DDoS protection. So DDoS protection, basic is free, it's already turned on. It's
it protects all of azures global network. So if you're using Azure, you already get
DDoS protection, if you need something more advanced, because the attacks are extremely
more complex, and you need more visibility, and you need professional support. There's
the DDoS protection standard plan. So that starts at $2,944. You might say that's high,
but trust me, I've experienced the dossing. And when you're a DDoS, you're willing to
pay that amount and it works right away, you'd get metrics alerts reporting, you'd get a
DDoS expert, so that you can talk to you or a team that you can talk to. And they'd have
a guarantee of application cost protection. So SLA, so if, if they couldn't prevent the
attack, and if you lost the cost of money, they're going to give you credits or help
you out. Okay, so that is DDoS protection for Azure. Hey, this is Andrew Brown from
exam Pro. And we are looking at Azure firewall, which is a managed cloud based network security
service that protects your Azure virtual network resources.
So the way it works is you're going
to set up a V net, which is a virtual network, and you're gonna attach that firewall, you're
going to use it as a point of entry for all your traffic. And then what you're going to
do is you're going to have spoke v net. So when I say spoke, I just mean other virtual
networks that you've created, that are intermediate to your traffic, so the traffic is gonna pass
through that V net into those other ones. And our V net with the firewall is going to
decide what traffic's allowed to flow through and what's not to which other v nets that
have specific virtual machines so that we get protection. But let's talk about some
of the features of the Azure firewall. So the first thing is you, you essentially create
enforce at essentially creates enforce and logs application network connectivity policies
across subscriptions, and virtual network. So subscriptions, meaning multiple accounts,
uses a static public IP address for your virtual network resources, allowing outside firewalls
to identify traffic originating from your virtual network that's very useful.
High availability
is built in at no additional cost. So you don't have to create load balancers and do
all that work yourself. You can configure, you can configure it during deployment to
span multiple easy's so that it has high availability. There's no additional costs for a firewall
deployed in an availability zone. There's an additional cost for inbound and outbound
data transfers associated with ACS, which is, is, is typical. So there you go, Hey,
this is Andrew Brown from exam Pro. And we're looking at Azure Information Protection, also
known as AIP. And what this does is it protects sensitive information, such as your emails
or documents with encryption. And it restricts access based on rights. And it's integrated
directly into Office apps. So if you're using PowerPoint, or word or exchange or any of
the Microsoft 360 suite, where you're going to have this, this button called protect,
and you can drop it down and you can change the access controls the privacy controls of
your data.
And this is really important if you are a larger Corporation. And this kind
of stuff really matters to you. So that is Azure Information Protection, just think of
that button that you click, and then you have those security controls. Hey, this is Andrew
Brown from exam Pro. And we're looking at Azure application gateway. So I believe we
talked about application gateway earlier. And it is a load balancer. And specifically,
it's an application load balancer. So it operates on layer seven. So it's dealing with HTTP
requests. And because it's dealing with HTTP requests, it can actually understand the nature
of a request. And you can create rules to route traffic to other places. Another really
great feature of Azure application gateway is you can attach a web application firewall.
And it will protect on the layer seven. So you can set up rules, just as you were setting
up routing rules, you can set up security rules about what should be able to flow in
and out of this load balancer to give you a visual down below, you have the internet,
you have your application gateway, and you can optionally attach your your wife to it.
And as traffic flows through, you can create some rules.
So let's say you had a server
that served up all your JavaScript assets, and a server that served up all your images,
you could make a rule that saying when the path matches this, only send it to this server
and when the path matches that, only send it to that server. Okay, so there's, there
you go, that's Azure application gateway. Hey, this is Andrew Brown from exam Pro. And
we are looking at Azure Advanced Threat Protection, also known as ATP. And so before we talk about
the service, let's talk about what is IDs and IPS. I know there's a lot of acronyms
being thrown at you today.
So IDs stands for intrusion detection system, and IPS stands
for intrusion protection system. And what that is, it's a piece of technology that monitors
a network, or systems for malicious activity, activity or policy violations. And so the
difference between an IDP IPS is or sorry, IDs and an IPS is an IDS detects an IPS protect,
so it actually takes action in the ladder. And I'm not sure if advanced advanced threat
protection is just an IDS, or an IPS, but it doesn't hurt to call in the same category.
It's not a big deal. So it Azure Advanced Threat Protection, ATP is a cloud based security
solution that leverages your on premise Active Directory signals to identify, detect and
investigate advanced threats, compromised identities and malicious insight actions directed
at your organization. So there you go, that's what it does. Hey, this is Andrew Brown from
exam Pro. And we were looking at the Microsoft Security development lifecycle, also known
as STL. Or some people might call it an STL. So STL is an industry leading security security
asset assurance process. And it's a Microsoft wide initiative and a mandatory policy since
2004.
So that means Microsoft uses it, because they made it. The STL has played a critical
role in embedding security and privacy in Microsoft software, software and culture.
So building security into each STL phase of the development lifecycle helps you catch
issues earlier. And it helps you reduce your development costs. So it's talking about these
phases. These are the phases for it. So you have training requirements, design, implementation,
verification, release response. If you wanted to implement this yourself, I bet they have
a big white paper on it like a PDF you can read through, but it's just a business process.
And it's just saying, the sooner we implement stuff into our pipeline in terms of development,
the sooner we can reduce security risks, and that is actually called pushing left because
the farther left you start implementing security the earlier on the better.
Security will be
in your entire pipeline. So there you go. Hey, this is Andrew Brown from exam Pro. And
we are looking at policies. So an Azure policy is a service that you can use to create, assign
and manage policies. A policy allows you to enforce or control the properties of a resource.
an Azure policy evaluates resources in Azure by comparing the properties of those resources
to business rules. And these business rules described in JSON format are known as policy
definitions. So if it's not clear, just yet, do not worry, we're going to be looking at
policy definitions very soon. But just understand what Azure policies do. They're used to create,
assign, manage policies and enforce and control properties of your resources. Hey, this is
Andrew Brown from exam Pro. And we are looking at Azure role based access controls our b
a c, so this is a service in particular, but it's more of a concept of how all the components
of gaining access to resources works.
So as your role based access control helps you manage
who has access to resources, what they can do with those resources, and what areas they
have access to. So you have a role assignments. And this is the way you control access to
resources. So a role assignment consists of three elements, you have the security principle,
the role definition, and the scope. So talking about the security principle, first, this
represents the identity requesting access to the Azure resource. So this is who wants
to have access, you could have a user, which is an individual profile in your Azure Active
Directory, you could have a group of users in your Azure Active Directory, you could
have a service principal. So this is a security identity used by applications or services.
To access specific Azure resources. This is what a a service wants access. And you'd have
managed identity, this is identity in Azure Active Directory that is automatically managed
by Azure, that one's a bit more harder to describe.
But that's not that important for
the exam. Then the last part of the component here is scope. So this is the set of resources
that the set of resources that the role assignment is going to be granted access to. So scoping,
scope, actually strolls at the management subscription or resource group level. So to
explain that, the idea that I'm trying to get here is that you have resources down below,
right, and that is what you want to gain access to. But you can set scope at the management
group level, you can set scope at the subscriptions level, you can set scope at the resource groups
levels. So just to talk about the three management group is when you're managing a bunch of accounts,
subscription is an individual account and resource groups is a grouping of resources.
So wherever you want to apply that scope, you can choose any any one of those three,
they're now looking at a role definitions or role definition is a collection of permissions.
And so remember, we were talking about a policy earlier, this is kind of where that comes
in.
Because policies are permissions. A role definition lists the operations that can be
performed, such as the read, write, and delete, roles can be high level like owner or specific
like a virtual machine reader. And just to give you an example, so as your has built
in roles, and you can define your own custom roles, but I think you have to pay more to
be able to do custom roles, because that's through Azure Active Directory. But the built
in roles you need to know which is owner, contributor reader, and user access administrator,
these are the four fundamental built in roles. Now, look at the graphic there, we have the
green and the red. So for an owner, you can read, you can grant you can create, update
and delete resources, you can do everything as a contributor, all you can do is read,
create, update, and delete, you can't grant access, you can't, you can't allow other users
to gain access to your resources. Then you have a reader.
So a reader, as the name implies,
can only read resources they can't create and delete, they can't grant access to other
users. And then a user acts as administrator only grant. So their job is to give access
to other resources, but they can't do anything themselves. So there you go, that is role
based access controls. Hey, this is Andrew Brown from exam Pro. And we are looking at
Lock resources. So as an image, you may need to lock a subscription resource group or resource
to prevent other users from accidentally letting other users delete or modify critical resources.
So in the Azure portal, you can set the following lock levels you can set it to be cannot delete.
And so in the Azure portal, this will just be called delete. And this authorized This
will allow authorized users can still read and modify resource but they cannot delete
the resource.
Then you have read only and in the Azure portal, it's going to be read
hyphen only. And this is so that authorized users can read a resource, but they can't
delete or update a resource. Hey, this is Andrew Brown from exam Pro. And let's look
at Azure Management Group. So Azure Management groups is a way of managing multiple, multiple
subscriptions. And when you hear the word subscriptions in Azure just think accounts,
because that's an easier way to think about it into a hierarchical structure. So each
directory is given a single top level management group called the root Management Group. All
subscriptions within a management group automatically inherit the conditions applied to the management
group. And so this is a graphical representation.
So at the top, you have your root management
group, and then create management groups underneath. So human resources, it marketing, production
developers, whatever you want. And underneath, you have those individual subscriptions. Again,
just things like an account. So that is Azure Management groups. Hey, this is Andrew Brown
from exam Pro, and we are looking at Azure monitor. So Azure monitor is a comprehensive
solution for collecting, analyzing and acting on elementary dental telemetry from your cloud
and on premise environment. So if you were to go into Azure monitor on the left hand
side, you'd see all these options, activity log alerts, metrics, logs, service, health,
etc. And so that's what Azure monitor is, it's it's like an umbrella for a bunch of
services underneath. And so here's an example of a bunch of information in the form of a
dashboard, about monitoring and analytics. So with Azure monitor, you can create a Visual
Dashboard, as we can see here, you can create smart alerts, you can create automated actions,
and you can collect logs, so that you have log monitoring.
So there you go. Hey, this
is Andrew Brown from exam Pro. And we're looking at Azure service health. So this is about
information about current upcoming issues such as service impacting events, planned
maintenance, and other changes that may affect your availability. So going down the list,
we have Azure status, which informs you of service outages in Azure as your service health
as is a personalized view of the health of the Azure service and regions you're using.
And then Azure resource health is information about the health of the individual cloud resources,
such as your VM. So if you're ever wondering the state of your health, you can use Azure
service health and if you noticed, it was an option under Azure monitor. So if you're
looking for it, that's where you go to find it. Hey, this is Andrew Brown from exam Pro,
and we're looking at Azure advisor. So average Azure advisor is a personalized cloud consultant
that helps you follow best practices to optimize your Azure deployments.
The ad, the advisor,
dashboard displays personalized recommendations for all your subscriptions for the following
five categories, high availability, security, performance, costs, and operational excellence.
And since we're in the security category, that's what we mostly care about is security.
But it would also be important for the pricing section there as well. So the first thing
we're gonna look at is actually the Azure advisor recommendation for costs. So here,
you can see that it's telling you where the most impact can occur and leaving, tell you
how much money you can save if you follow its recommendations of the new app security.
And so here, it has 21 recommendations, if we click into it, it would tell you what kind
of things that you could improve in your system to improve your security.
So there you go,
that's Azure AD. Hey, this is Andrew Brown from exam Pro. And we are looking at SLA s
for Azure. So SLA stands for service level agreement. And this describes Asher's commitment
for uptime and connectivity. That, that means like if you have a web server, Azure is going
to say, yeah, we guarantee 99.9% of the time it's going to remain running throughout the
year, it's not going to go down. So that's kind of the idea behind an SLA for Azure SLA
is are individually individualized per Azure service. So they don't have broad SLA is you're
gonna have to investigate each service to figure out what the commitment of Azure is
for that service.
And the way we describe these SLA is in terms of uptime and connectivity
is through performance targets. Now, performance target is just a representation in the form
of a percentage. So if somebody were to say to you, you know, this service hat is 99%,
likely of not failing, that's called two nines. And then you have the three nines, and then
you have five nines, and then you have nine nines. And the higher this number goes up,
the more reliable the the better coverage this SLA is going to give you so you want
something that has a higher number of nines, and it's not always just nines, it could be
99.9.
Nine 5%. But just understand that when someone says nine nines, they're talking about
that last value there. And it is like one of the highest. One of the highest guarantees
that SLA can give, I can't remember, there's like 11 nines, there might be 11 nines. But
generally nine nines is the upper limit. And just to mention it is that for Azure, if you
are using the free tier of shared tears, you do not get SLA because they just do not provide
support for those because you're consuming everything for free.
So you have to be paying
to get the advantage of that SLA guarantee. So I did say that the SLA is our service specific.
And so if you want to actually go investigate, all you got to do is type in Azure SLA into
Google. And you should be able to make your way to this page. And what we can do is we
can click into any of these here. So if I go to database, and we choose Cosmos dB, and
we just expand our information here, we get tons of information about their SLA s.
And
then our performance targets are down here. So we have this for availability, this is
for read availability. So they have a lot of information. And as I said, it's for basically
any service, anything you want, just click into it. And they have all that SLA information.
So there you go. Hey, this is Andrew Brown from exam Pro, and we are looking at service
credits for Azure. So a service credit is when a custom customer would get a discount
on their Azure bill as competent as compensation for an underperforming Azure product or service
based on the SLA.
So, those guarantees that Azure gives, if they don't meet those guarantees,
then they owe you money. And the way they do it is through credits, right. So credits
is just like virtual money, I actually don't know what a like what a service credit is
worth. But I just know that you know, if they if they do not meet those SLA is they're gonna
back it and give you your money back in some sense. So just an example here, if we have
Azure virtual machine, remember, a virtual machine is a server, if you had monthly uptime
percentage of 99.9.
So if it was under that, then you get a service credit of 10%. If it
was under 99, then you get a service credit of 25%. And if it was under 95, you get a
service credit of 100%. So I guess what that means is maybe it's the cost of what you spent.
But anyway, I'm not exactly sure. But I would take a guess that if let's say the uptime
was under 95%. And they're going to give you a service credit of 100%. Maybe it's 100%
of your resources given back to you. So if you spend $100, you get that $100 back. So
there you go. Hey, this is Andrew Brown from exam Pro. And we are looking at composite
SLA. So we had said earlier that different services have different SLA s. And the problem
with that is that when you have different servers different SLA is it's kind of hard
to understand what the actual guarantee is when you use them in combination.
So composite
SLA is just a way of understanding what the actual SLA guarantee underneath is for the
performance target. So imagine you have a web application. And that web application
uses an SQL database. So the web app has a guarantee of 99.95%. Because maybe that's
the performance target for the virtual machine, and then the SQL databases 99.99%. So what
is it? Is it 95 99.95%? Or is it four nines? We don't know. So if we had to calculate,
calculate that for the SLA with the web app and SQL database, that would come out to 99.94%.
Don't ask me on the math, that is the example that we are given.
But just understand that
that's what it would come out to become it would come up to 99.94%. And so you'd have
an overall reduction of the SLA, whereas the SQL database would have 99.9%. So how could
we improve our SLA and consider that in our design, so we get the the SLA that we want.
And so you can do is you can add in fallback systems that will improve the overall SLA.
And if you logically think about it, it makes sense why that would work. So imagine you
have that SQL database and it goes down. But if you had a queue, and that queue was saving
all the transaction attempts that the web app was trying to write to the database and
saving the queue, it wouldn't matter if the database went down.
Because once the database,
one backup, all those transactions would be there. And then those transactions would then
complete. And so by using the cue, which has a 99.9% uptime, based on the math down below,
and don't ask me how the math works, but the the the outcome would be an SLA of 99.95%.
And so that's an improvement over 99.94% so that is called composite SLA isn't there you
go. Hey, this is Andrew Brown from exam pro and we are looking at the TCS calculator for
Azure. So if you remember, earlier in the course, we talked about the total cost of
ownership. That's what TC O stands for. It's about showing an enterprise enterprise that
that operates on premise how much money they would save if they moved on to cloud on to
Azure. So that's what the TCL calculator does, it estimates the cost savings, you can realize
by migrating your workloads to Azure. So what it can do is it can generate, generate out
a detailed report and export as a PDF to send to your decision makers.
Now you have to input
all the information in but it's going to help you convince your boss convinced the executive
level that it's time to move over to the cloud, because they'll be saving tons and tons of
money. And so if you want to use that calculator, you just got to go to azure.microsoft.com,
forward slash pricing, Ford slash calculator, and it's going to give you an idea of how
much you'll save. And now this is only a little bit of what it generates out. Because it's
a it's a very detailed report. But in this example, it would compare on premise add to
the cost savings of Azure. And in this case, this person would be saving $130,000 over
five years. And it's going to vary on use case. But yeah, that is the TCL calculator.
So I just wanted to quickly show you the TCL calculator in action, if you want to find
it yourself, just type in Azure TCL calculator into Google. And you should be able to find
your way here. So what I've done here is I've defined my workload.
So in my workflow, I
defined some servers. So we have some Linux servers, we have 10 of them four processes,
four cores, eight gigabytes of RAM. And then here I've added four servers that are databases
running Postgres, then I added some HDD drives. So I said three terabytes, two terabytes backup,
etc. And then I defined some network bandwidth. So going on to the next step, we're going
to adjust our assumptions. This helps us to make it even more accurately estimate. So
we can choose our our currency, some other additional features, we might want to consider
where we might save money, like using Azure hybrid benefit. And then down below, we can
tweak some of our costs that we do know about for our on prem. So there's a lot here to
tweak it to make it more accurate. And then if we go to next, we're going to get our,
our savings, here's just wait a moment.
And so over a five year period, we should save
$666 and 158 cents. And you can drop it down, if you want to do one year we'll go to one
year. So here it says $381. And we have a lot of graphics here, as you can see, and
then down below, you should be able to download it. So you can just go ahead and download
the results there. And that is the TCL calculator. Hey, this is Andrew Brown from exam Pro. And
we are looking at the Azure Marketplace. So the Azure Marketplace is a place where there
are apps and services made available to you by third party publishers to quickly get started
on Azure. And so the apps available of the apps and services that can be available could
be free, they could be free trial that could be paid as you go, or that could be bring
your own license. So just an example of what that looks like if you were logged into the
Azure portal, and you searched for marketplace, what you could do here is you could type in
a variety of things.
So like here, I'm typing in WordPress. And here I have a bunch of WordPress
is that are provided by third party publishers that have been vetted by Azure. And and again,
they could cost money, they could have a free trial, it could be 100%, free, but whatever
you need, it's generally in the marketplace, it's a great place to go check out. So just
be aware of that. So I just wanted to quickly show you the Azure Marketplace. So you'd have
to have an account to actually see it. But we do show you that in this course.
But anyway,
I'm just going to go up here to the top and type in marketplace. And this will pull up
the marketplace. And here you can see we have a huge amount of categories of things that
we can launch. So whatever we need, and I think I showed before WordPress, but we'll
type that in there. So enter in WordPress, and there's all these servers. So you can
click into there. It might, it might have plans associated with it if there's any price,
but you just go ahead and hit Create. And then that would start the process of creating
a virtual machine and you go through that and you'd subscribe to whatever the underlying
costs would be. But you can see there's just tons of stuff in here. So and you can sort
by price, sort by operating system.
So there you go. Hey, this is Andrew Brown from exam
Pro. And we are looking at Azure support plans. And so we have four support plans. We have
basic developer standard and professional direct. Technically, we have five we count
enterprise, I don't think it's going to be on the exam. And there's not a lot of information
around it because you got to call sales to find out that those enterprise price and support.
So let's just go through the difference between these things is it's definitely important
for your exam. So we're looking at the basic support plan and everybody gets the basic
support plan.
When you sign up. You get email support only for billing and accounts. If
you have any questions about your your bills, or questions about your account, you can get
answers from support. Now, for developers standard and professional direct, you get
tech support, and you get email tech support for all levels. And generally, over talking
just for developer, they're only going to reply during the business hours. But if you
had standard or professional direct, they have people answering emails, 24, seven around
the clock, I think the general response time for email support, no matter what level it
is, is about 24 hours. But you know, it's just going to vary. So I would say that if
you need something that is more urgent, then you're going to want that phone support. And
so phone support is for standard and professional direct, and that's 24. Seven. So if it's a
Saturday, and it's 9pm, and you need to call support, you can do that. And sometimes you
only have to wait 10 to 15 minutes, I'm not sure if Azure has chat, but it's very common
for cloud service providers to provide both chat and phone support, and you wait 10 to
15 minutes, and you get access there.
Now for third party support, if you are using
technologies, like Ruby on Rails, spring Jango, those things aren't really part of Azure,
they're third party software that you're using to build your web application. And Azure is
going to try to do their best effort to support you, even though it's not what they've built.
And that's not what they have to do. But they're going to do their best effort for developer
standard and professional direct. So that is advantage for paying for support. Now,
in terms of response times, when you open up a ticket, you can say, the severity of
your ticket, and that's going to determine how fast they respond if you need the response.
So if there's a ticket, and you say that it has minimal business impact, so maybe it's
like general questions or something that's going to be considered a severity C, and for
developer in standard, they're going to respond within eight hours or less, for professional
director can get that in four hours or less.
So again, it's just general questions. Now,
if you have something that it's going to have a moderate business impact, then the time
is going to be a lot faster, they call that severity be. So it's going to be less than
four hours. And then for professional direct is going to be less than two hours. And so
this would be if your production system was compromised, but it's not taking your business
down. Now, if you have a critical business impact, that means your your web app is 100%
down and you are losing money, by the minute, you open up a ticket called critical business
impact, which is severity c actually should be severity a it's just a spelling mistake
there.
But if they would respond within an hour or less. So what I find is that there's
like even though they say an hour or less, it's not always the case. But that's generally
how fast they're going to respond. Now for other services, you get as your advisor, the
health status, the community support, and Azure documentation, all these support plans.
The only reason we're mentioning this here, and they mentioned it on their support page,
but they're just trying to say, hey, just be aware that you have these additional support
tools that you can use at any given time that are self serve, so the community support and
the Azure documents.
Now if you need some general guidance on your architecture, you're
going to get that with developer and standards. So you can definitely ask questions there.
If you are using professional direct, you actually get access to team in that in that
team, there's a pool of people that you may you may get when when you talk to them, where
they'll give you a guidance, and they call those operational support and proactive guidance
by by pro direct delivery managers. So professional directors, it's called pro direct. And so
they have delivery managers, I don't know if that means that they're developers. But
the point is, is that they're going to put some extra effort to help you there. And then
also, you can actually access webinars led by Azure engineers.
So that's really cool
as well, if you pay for the professional direct. So just going through all the support plans
here for the pricing. So basic is free. And when you sign up, if you don't use the plan,
you are using basic. And then for developers $29 per month USD for standard, it's $100
USD per month. And for professional direct, it's 1000 USD dollars per month. So there
you go, that is the Azure support plans.
So I just wanted to show you how to get to this
support plan page in case you want to investigate a bit further, but pretty much my graphic
sums up everything that is included in the SERP support plans. So if you want to find
this, you just go to Azure, just type in Google as your support plans and you should be able
to make your way here, you'll notice we have the four plans and then there's enterprise
support. And if we go here, there's more information on this. But again, you'll have to call support
to find out the actual price and offerings there. But yeah, just take a look here and
see if there's anything I missed, but I'm pretty sure I have have everything you need
in the main graphic from the slide prior. Hey, this is Andrew Brown from exam Pro. And
we are looking at Azure hybrid benefit.
So many customers have invested already in Windows
servers licenses, and they want to repurpose their investment on Azure. This happens because
enterprises had been working with Microsoft servers even before Azure existed, or they
were on premise originally. And so they wanted to use the software. So they purchased the
licenses, but now they're ready to move on to Azure. And so since they've already got
a special deal with Microsoft, because they purchase those licenses, they want to keep
those deals and bring them to the cloud. So that's where the Azure hybrid benefit comes
into play, also abbreviated as hub.
Sometimes it's called Azure hybrid use benefit in Microsoft
documentation, but for some reason, Azure, they just dropped the word use, but the abbreviation
is hub. So this gives customers the right to use these licenses for virtual machines
on Azure. And so such types of virtual machines would be Windows servers, or SQL servers.
And I would imagine this would probably happen with a lift and shift, which I think we described
somewhere in this course.
So hub can be turned on and off at any time for existing virtual
machines. And hub can be applied at deployment time for new VMs. And I just wrote, bring
your own license down here, just because we are talking about licensing, and I just want
to get you more exposure to that term, bring your own license, b y o L. And so that just
means that someone's purchased the license, and they want to apply it, they want to bring
it on to Azure. So there you go, that is Azure hybrid benefit. So I just wanted to quickly
show you this page here, which is the Azure hybrid benefit page. If you were to type into
Google as your hybrid benefit, you definitely make your way here, what I wanted to show
you is that they actually have this nice little calculator down below.
So if you do have licenses,
and you're bringing them over and you want to run workloads on Azure, you can fill this
stuff out, and it'll give you an idea of what you might save. So I just wanted to make you
aware of that. So there you go. Hey, this is Andrew Brown from exam Pro. And we are
looking at Azure subscription. So an Azure subscription, I would describe as the equivalent
of saying my Azure account. I don't know why they use the term subscription, because to
me, it's just confusing. But I always try to reinforce that it's just your account.
And there are four tiers of Azure subscriptions. The first is the free subscription. So when
you first sign up, this is the the account that your subscription you're going to have,
you have to provide a credit card to complete the process, you're going to get 200 USD credits
free for 30 days, and certain Azure products will be free for 12 months.
Now, the whole
point of this free subscription is to help you avoid charges. And there are some limitations.
I remember when I was trying to add another user. I couldn't grant them access. So there
was definitely some some limitations here too, to prevent you from being charged, but
it's not a complete sandbox. So it is possible to get charged and count if you start using
things outside the free tier, or if you burn through your credit. So just be careful there.
And then once you are ready to switch or to upgrade and unlock everything, then you can
switch to pay as you go subscription, also abbreviated to PAY g some people might call
that on demand.
And so for this, you still need a credit card required. But since you've
already entered it in the free subscription stage, no problem here, you're going to be
charged at the end of the month based on on consumed cloud resources, then you have an
enterprise agreement. So if you are an enterprise, you can make a deal to Azure and agree to
receive a discounted price for licenses and cloud service. But I bet you're paying a lot
of money, like compared to the normal person, but the deal is worth it for you.
So just
be aware, if you're an enterprise, go talk to Azure, they want to make a deal. And the
last is the students subscription. So the students subscription, you do not require
a credit card, you get $100 USD credits for 12 months, but it requires a valid student
email. So there is a little bit of a vetting process there. So you definitely have to be
in school to get that but it is a very nice option to have. So there you go, that is the
Azure subscription models. Hey, this is Andrew Brown from exam Pro. And we are looking at
Azure pricing calculator. So configure it estimate the costs of Azure products, you
don't have to sign in to use this tool. And what you can do is download an Excel spreadsheet
and share that those costs with your boss. So to get there, you go to azure.microsoft.com
forward slash pricing forward slash calculator. And from there you can you can go in here
and you can fill out different things.
So there's a bunch of different categories of
those common one would probably be a virtual machine. So you go in there and you say what
regions it's going to launch in what OS and all the types of configuration it's going
to give you an estimated cost. So this one down below is an upfront cost of $0 with a
monthly cost of 100 52 dot $62. So if you're not sure how to make sense of all the pricing,
go here and play around and you will get a clear picture of what you're going to spend
on Azure. So I just wanted to show you the pricing calculator. So if you just went to
Google and typed in Azure pricing calculator, you should be able to make your way to this
page. And so down below, we have a bunch of products. We also have example scenarios,
which is very nice to see here. So let's say we wanted a CI CD pipeline here, and we said
add to estimate, we can get that information for all these components, I'm just going to
go to single products, because it's a bit easier to view.
So let's say we wanted to
determine our costs for storage. So let's just go to storage here. And we will try storage
accounts. And then down below, we've now added storage. And so we can enter some information
to try to determine our costs. So we could do blob file storage, table storage, I'm gonna
go with file storage, I'm actually not gonna go with blob, it's just easier to calculate.
And so we're gonna have the performance tier two premium redundancy LRS. And we're gonna
be East us. And so if we had 1000 gigabytes, I guess it's a terabyte, that's $150. If we
had X amount of write operations, X amount of listing, create container operations, read
operations. And here we'd have $150 as a monthly cost. So here, you just have to tweak it based
on your consumptions.
And then generally, they'll show you like purchase options. But
really, this just means like go sign up for an Azure account. But I just wanted to show
you what that looks like in just so that you know that you can go explore any cost, and
try to calculate something before you use it. Hey, this is Andrew Brown from exam Pro.
And we are looking at Azure cost management. And so this service allows you to perform
cost analysis. So you can visualize the spending of your Azure cloud resources. But you can
also create a budget under the service.
So when you set a budget, you're going to, you're
going to define a threshold and you're going to be alerted when you're approaching or you've
exceeded that threshold. And so just to give you a visual representation there that is
for the cost analysis. So you can see you get beautiful graphs, and you can drill down
and filter that stuff out to really understand how you're spending stuff on Azure. So definitely
check it out. And there you go. Hey, this is Andrew Brown. From exam Pro, I'm going
to show you how to book your exam for the az 900. So what I want you to do is type in
Pearson VUE Azure, or Pearson, Vue Microsoft into Google, and you should make your way
to this page. And then what you're going to want to do is on the right hand side, go ahead
there and click login, then it's gonna ask what certification you want to type in the
az 900.
And so there is the certification there, then we're going to see this page is
going to show some intermediate information about the certification, what we're going
to do is go ahead and schedule a Pearson VUE. Now there is a sort of certiport. But that's
if you're a student or an instructor, we are neither. So we are going to be choosing the
Pearson VUE mode, there's this drop down here that literally does nothing. I don't know
why they have it here. I thought maybe it would change the price. Maybe it would change
the availability if based on where you are. But we'll go ahead there and hit schedule
with Pearson VUE, what's going to do is ask us to log into our Microsoft account. Mine
is called Azure exam pro cow, it's the same account I created when I created my Azure
account. And then I'm just gonna put my password in there. We'll hit sign in. And then the
next step is it's going to ask me to fill in my certification profile.
So this is all
personal information relating to me. And notice that you have to enter in exactly as your
government issued identification, so you can book the exam. So I'm going to fill this in
and proceed to the next step. And I'll see you there. Alright, so we're on to the next
step here. And so we finished my profile, separate exam discount, I'm not a Microsoft
employee, I didn't attend event, so I'm not getting any cool discounts here. So we're
just going to go ahead and proceed to Pearson VUE to schedule our exam. So just wait here
a moment. And so now that we're on to here, it's going to ask how do you want to exam
at a local Test Center at my home office, or private access cloud, I'm going to show
you how to do it a local test center, we might not have any options here, but we'll give
it a go. And we're gonna choose our language, English is the case here. And it's going to
say the price and etc, we'll go to next.
And so what it's going to do is it's going to
show me locations that are nearby to me. So down below, you have a graph and you have
some stuff there. So we'll just take a look here. And so what I can do is I can click
on a location, so I'm just going to choose the Mississauga center. That one's pretty
good. So I'm going to go ahead and check box app. And we're gonna have to select at least
three test centers here. So I'm gonna choose this one and that one will proceed to next.
And so now we have some options here to schedule I want them to stop One will have to go back
to this one here. And then we will choose our time.
And so from there, all we have to
do is add to order pay and there you go. So that's all it takes to book your exam. So,
good luck on your exam..