Core Azure Services

Get Started. It's Free
or sign up with your email address
Core Azure Services by Mind Map: Core Azure Services

1. Physical Components

1.1. Geographies

1.1.1. Meet data residency and compliance boundaries

1.1.2. Customers can select where their data is stored

1.1.3. Contains two or more **regions** Region Collection of **data centers** Round Provides flexibility and scale Preserves data residency Each region has **Region Pairs** Tips Special Regions Has **Availability Zones** Availability Sets

1.1.4. Putting Geography and Regions Together Availability Zone in an Azure Region

2. Logical Components

2.1. Subscription

2.1.1. Azure Subscription

2.1.2. Logical container

2.1.3. Subscription links to Azure Active Directory (AAD) for authentication and authorization

2.1.4. Multiple subscriptions can be created by the account holder Useful for? To be able to report on resources used by specific groups of people

2.1.5. Subscription options Pay-as-you-go Billed monthly to a credit card Free account 12 months, $260 credits per month, over 25 free services Member offers Use monthly credits, monthly billing, and more

2.1.6. Subscription considerations Be aware of the service limits for each subscription type Pay-as-you-go subscription by default only allows for 20 vCPUs Some limits can be raised

2.1.7. Subscription Billing Boundary Subscription is applied to group Isolate billing to specific group (e.g., specific special project)

2.1.8. Subscription Access Control Boundary Subscriptions are applied to organizational departments Departments billed individually

2.2. Management groups

2.2.1. Group Azure objects in a collection Contains subscriptions or other management groups Example Example: Management groups organizing subscriptions and other management groups Manage policies, access, and compliance for the entire group

2.2.2. Limitations You're limited to a total of 10,000 management groups A management group hierarchy can only support up to **six** levels You cannot have multiple parents for a single management group or subscription

2.3. Resource groups

2.3.1. What is it? Logical container for Azure services

2.3.2. What is it for? Deploy, manage, and monitor resources in a group Structure Able to easily set up deployments using ARM template

2.3.3. Properties Resources should have the same lifespan Each resource can only exists in a single resource group But resources can be moved between resource groups Resources can be assigned to **different regions within the resource group** Deleting a resource group deletes all the resources in the group

2.4. Azure Resource Manager (ARM)

2.4.1. Management layer that is used to access and manage Azure resources

2.4.2. Create, update, delete, organize, manage, control, and tag resources in the Azure subscription Example? When creating a new web app in Azure App Service, ARM will pass your request to *Microsoft.Web * **resource provider**, because it knows all about web apps and how to create them

2.4.3. Can be accessed using... Azure Portal (Web UI) Azure PowerShell (CLI) Azure Command-Line Interface (CLI) REST Clients

2.4.4. The tools, Azure API, ARM, Resource Provider, and Azure Resources

2.4.5. Benefits ARM allows you to easily deploy multiple Azure resources at once ARM makes it possible to reproduce any deployment with consistent results at any point in the future ARM allows you to create **declarative templates** for deployment instead of requiring you to write and maintain complex deployment scripts ARM makes it possible to set up dependencies so that your resources are deployed in the right order every time

2.5. Overview

2.6. Azure Marketplace

2.6.1. Partners, solution providers, and Independent Software Venders (ISVs) can offer customized solutions

3. Core Resources

3.1. Compute Resources

3.1.1. Common services for compute Virtual Machines IaaS Physical computer that is virtualized Includes... Managed the same as physical machine Susceptible to... Availability Sets Scale Set Azure App Service PaaS Build enterprise-grade web, mobile, API apps on any platform Azure provides a fully managed, secure, and scalable platform for the apps Allows you to choose between a VM preconfigured with runtime stack (e.g., Java, .NET, etc.) or a Docker container Azure Functions How does it work? Containers Concepts Azure Services for Containers Windows Virtual Desktop (WVD) Windows 10 desktop hosted in Azure Support remote work VMs are fully managed and scalable Illustration Creation FSLogix

3.1.2. Provide compute resources Disks Processors Memory Operating Systems Networking

3.1.3. On-demand service for running cloud-based apps

3.2. Networking Resources

3.2.1. Virtual Networks Isolates and segments Azure resources within the network Connects various Azure resources and on-premises Provides filtering and routing of network traffic Contained ONLY to one **Region** Virtual networks CAN NOT span multiple regions **Virtual Network Peering** or **VPN Gateway** can be used to connect different regions Illustration All of the resources in VNet A can communicate with each other All of the resrources in VNet B can communicate with each other The resources in VNet A **CAN NOT** communicate with the resources in VNet B, and vice versa

3.2.2. VPN Gateway Traffic is encrypted Only one VPN gateway is allowed per virtual network workaround for this limitation? Illustration Add **VPN Gateway** to connect our resources in VNet A to our on-premises environments We can also allow VPN clients to access our resources in Azure It's also possible to connect VNet A to another virtual network in Azure (e.g., VNet B) Three connection types VNet-to-VNet site-to-site point-to-site

3.2.3. Network Peering Virtual network peering Connect virtual networks in the same region Global virtual network peering Connect virtual networks across regions Traffic is private Never transverses the internet Traffic travels over Microsoft's backbone infrastructure instead of the Internet ...but not encrypted!

3.2.4. ExpressRoute Provide private connection to Azure and Microsoft 365 Connectivity provider Data does not transverse the public internet Lower latency Higher bandwidth up to a max of 10 Gbps (can be adjusted) Microsoft calls an ExpressRoute connection a *circuit * Typical ExpressRoute configuration MSEE = Microsoft Enterprise Edge

3.3. Storage Resources

3.3.1. Stores files, messages, and tables

3.3.2. Properties Secure Massively scalable Highly available Highly durable

3.3.3. Supported Data Types Structured data Has a schema Rigid format Relational data Typical usage: **Database** Semi-structured data Ad-hoc schema Non-relational format Known as NoSQL data Uses tags for data location Typical usage: Tab delimited files, **CSV**, **XML**, and **JSON** Unstructured data No schema or data structure examples

3.3.4. Storage Services **Blob** Used for **unstructured data** Highly scalable Microsoft recommends blob storage for most scenarios Types Means of storage Tips Common uses... Tiers Blob Storage Lifecycle **Disk storage** Provides persistent storage for Azure virtual machine disks Attach a data disk to VMs for storing data All Azure disks are backed by page blobs in Azure Storage Types Managed vs. unmanaged disks **Azure Files** Backed by Azure Storage Uses **Server Message Block (SMB)** protocol Fully managed **file share** Lift and shift Supports multiple connections Example Possible problem Table Queue

3.4. Database Resources

3.4.1. PaaS offerings

3.4.2. Fully managed

3.4.3. Types NoSQL Database Types Cosmos DB Relational Azure SQL Database Azure Database for MySQL Azure Database for PostgreSQL

4. Azure Marketplace

4.1. A single repository containing services provided by **third-party vendors**

4.2. All templates in the Azure Marketplace are ARM templates that deploy one or more Azure services

4.2.1. Some templates deploy a single resource e.g., Web App template

4.2.2. Other templates create many resources that combine to make an entire solution