AZ-900 Terms and Fundamentals

high availability

Is one of the benefits of the cloud that help maintain availability due to network outages, app failure, power outages and more

Scalability

Benefit of the cloud that allows the ability to add or reduce resources; can be horizontal or vertical

Elasticity

Benefits of the cloud that allows the ability to scale automatically based on metrics like CPU and memory

Agility

Benefit of the cloud that efficiency and speed to be when scaling up or out

fault tolerance

Benefit of the cloud that moves you from an unhealthy VM or resources to a healthy one to maintain availability;

Disaster Recovery

Benefit of the cloud that helps maintain reliable backups and maintaining your app resources in an available region

On-premises Model

In this model you pay for hardware, and physical servers; CapEx that is not agile

Cloud Model

In this model, you only pay for what you use and have the agility of the cloud; OpEx our day to day expenditures

economies of scale

Reduction in cost that occurs with the purchase of larger quantities

IaaS

In this service the cloud provide handles mainly the computing aspect and the customer maintains the middleware and application; offers the greatest flexibility

PaaS

In this service the hardware, OS and other middleware is handled by the cloud provider; user only handles the application framework; Azure App Service, SQL Database, IoT Central

SaaS

In the service the cloud provider provides everything from computing power all the way to the application; large availability but low customization

Public Cloud

Is a multi tenant environment that is accessible on a public network and provides resources that are shared with the public; ex. Microsoft Azure

Private Cloud

Is a model like the public cloud but for a single company or tenant; can be hosted on premises or by a third party

Hybrid Cloud

Is a combination of both public and private cloud environments; Azure Stack can be utilized to achieve this type of environment.

Azure Regions

Data centers that are located within geographies that are hundreds of miles apart; help maintain disaster recovery and high availability

Availability zones

Are locations within a region that help maintain fault tolerance and high availability; there is a maximum of three per region; must be explicitly deployed for VMs, managed disks and public IP addresses but not for SQL and zone-redundant storage

ARM Azure Resource Manager

Is the system in Azure that works behind the scenes to deploy and organize your resources through templates in JSON

Resources groups

Containers for your Azure resources that allow you easily organize, deploy and update your resources; allow the use of tags

Azure Virtual Machines

Are software based computers that run on a host computer in a Azure data center; can be several OSs

Availability sets

Are created to avoid planned maintenance or unplanned downtime; are made up of physical racks and individual computers; have to be explicitly created

Scale sets

Allow you to choose which OS to run in an availability set and are also scalable; compatible with availability zones

Containers

Are zipped versions of an application that includes everything the app needs to run; usually run on Docker; ACI is a PaaS offering

Kubernetes

Is a container manager that holds several containers within a pod that run on computers called nodes and are controlled by a master node; AKS helps configure pods.

Azure Virtual Network

Allows one resource to connect to another and communicate internally; can be split into subnets with their own private IP addresses; can't communicate with internet unless IP addresses is public

Azure Load Balancer

Is a networking product that sits between the users and VM and manages the traffic; maintains a public IP addresses that communicates with the subnets

Azure Application Gateway

A load balancer that is ideal for HTTP traffic; can use a cookie and display customized pages

Virtual Private Network (VPN) Gateway

Connect to resources from an on premises location to an azure virtual network through encrypted traffic.

Azure Content Delivery Network

Deliver large files or streaming content over the Internet with the use of point of presence servers; the content has a time to live

Azure Traffic Manager

A domain naming system that enhances the speed and reliability of your application; using routing rules and connects traffic to endpoints determined

Azure Blob Storage

A storage product that is designed for unstructured data such as images, text and files; come in hot, cold or archive tiers

Azure Queue Storage

A storage product that maintains messages that are sent to applications to perform a certain task

Azure Disk Storage

A type of storage used on VMs; is available as a hard disks (HDD) or solid-state disk (SSD); can be managed or unmanged

Azure Files

A storage type that is a completely managed file share

Azure SQL Database

A relational database PaaS offering that uses schema and queries to organize and retrieve data respectively; single database and elastic pool (SaaS offering)

Managed Instance

Is for customers who want to easily integrate from on premises or non-Azure to Azure

Azure Cosmos DB

Is a database that makes use of NO SQL databases that eliminate schema; include key-value (Azure Table), column (Cassandra), document(Mango API) and graph (Gremlin)

Azure Marketplace

Is where you go to find the resources that you need; has ARM templates that can be saved for future deployment

Azure IoT Hub

is a PaaS offering that allows you to manage IoT devices through monitoring or messaging; C2D and D2C; permits the use of tags and device twins in JSON format; Standard ( allows C2D) and Basic Tier pricing

Azure IoT Central

a SaaS offering for IoT devices that allows you to manage and create an application for your devices; allows simulated devices and can apply rules and jobs based on data metrics

Azure SQL Data Warehouse ( Synapse Analytics)

Is a big data solution that makes use of SQL queries on a large scale for large amounts of data; utilizes decoupling to separate computing and storage to make queries more efficient; DWU for SQL pool; works with ML algorithms like Spark and Hadoop to prepare large data sets for analytics

Data warehousing Units

Is an abstract, normalized measure of compute resources and performance

Azure Data Lake Storage

A big data solution that is built on blob storage and uses hierarchical namespace which organizes objects and files into a hierarchy of directories for efficient data access

Azure HDInsight

Is an Azure cluster management service that implements cloud-based analytic platforms like Hadoop and Spark; are scalable i.e. can add mor nodes to the cluster; billed per-hour basis depending on cluster power

Azure Databricks

Is as an Apache sparked based analytics platform that allows you to gather data from several storage and database resources and perform analytics on them; makes use of server-less computing and is compatible in R, Python and Scala

Azure Machine Learning Service

A cloud based solution for building machine learning algorithms through Python programming; makes use of server-less computing

Azure Machine Learning Studio

A SaaS offering that allows drag-and-drop platform that helps you build, test, train and deploy Machine Learning models in the cloud using server-less computing; has pre-built templates to clean and do a test train split; also includes datasets

Serverless Computing

Is the ability to use excess VMs to do your computing without having to pay for them when not in use

Azure Functions

Is a server-less computing component that allows you to create trigger based functions through Python, Azure Portal Line, Azure Portal and Visual Studio

Azure Logic Apps

A server-less computing component that doesn't require code like a functions; allows you to create complex workflows that can connect several resources and reacts to a trigger; also allows trigger history

Azure Event Grid

Works with Azure functions and logic apps to connect resources and trigger jobs based on events that happen amongst your resources

Azure Portal

Lists all of the available resources available in the cloud; makes the use of ARM templates on the back-end and allows customizable dashboards

Azure PowerShell

Is a cloud-based platform that manages and administers Azure resource from the command line; allows users to create automated tools that utilizes ARM

Azure CLI (command Line Interface)

allows you to script interactions with Azure resources through the command lines of various languages like Python, Ruby and more; is not cloud based

Azure Advisor

is a tool that offers advise to help maintain high availability, security, low costs and efficiency for your Azure resources; can be accessed through the portal

Azure Firewall

a cloud-based security service that filters traffic based on NAT (network address translation ) rules, Network rules and Application rules; is a stateful security service; sits on the outside of the network; hub and spoke

DDoS Protection

a security service that prevents overwhelming attacks made to resource to make them unavailable; comes in a basic tier which includes and IPv4 and IPv6 and a standard tier which includes monitoring, only IPv6 and is $2,994 per month.

Network Security Groups

is a security service that filters traffic that is within a network and uses rules that filter based on source and destination

Azure Active Directory

is an identity service that authorizes and authenticates users and assigns specific privileges for each user or create groups of like users; includes B2B collaboration and SSO

Multi-factor authentication

is a identity service that is available in the premium tier that allows you to add extra steps to authorizing users of your resources; in Azure there is two-step verification

Azure Security Center

is a security tool that is used for monitoring the compliance, health , security and potential threats of your Azure resources; includes a feature called JIT access

Azure Key Vault

is a secure way to store secrets, keys and certificates that are encrypted; these keys are used for applications and resources can call on it to retrieve keys

Azure Information Protection

a security tool that ensure that sensitive/confidential information such as e-mails or documents are protected and shared with intended recipients

Azure Advanced Threat Protection

is a security tool that protect your on-premises resources from network attacks using sensors to monitor traffic

Azure Policy

a governance methodology that allows you to determine how Azure resources are created and managed; ex. the size of a VM that can be deployed and the region it is deployed to.

Role-Based Access Control (RBAC)

a governance methodology that allows you to assign roles to users in a system or company; it is enforced by ARM through ARM templates; can be down to the resource level

Locks

is a governance methodology that can help prevent changes or deletion of a resource; is applied to everyone with access to the resource

Azure Monitor

is a single interface that can be accessed through the Azure portal that aggregates metrics for your Azure services; allows you to create alerts and reports/ graphs; can also connect with function apps or logic apps.

Azure Service Health

helps keep you up-to-date with the health of your resource by looking at them by region; also displays upcoming planned maintenance

Microsoft Privacy Statement

is a comprehensive statement that outlines how data and personal information is handled by Microsoft

Trust Center

a web portal where you can learn about how Microsoft handle security , compliance and privacy

Service Trust Portal

a portal that provides compliance tools for your resource and is the launch point for compliance manager, audit reports, data protection info and privacy

Compliance manager

a tool within the service trust portal that helps you visualize your compliance with industry standards like GDPR, ISO, and NIST

Azure Government

is a cloud environment that is specifically for the data that is controlled by the US government; employees working in this cloud must be US citizens

Azure Germany

is a cloud environment that is like Azure government but is for the compliance of data that resides in the EU; is available to customer in the EU and the UK; data centers are physically in Germany

Azure Subscriptions

is obtained automatically when you sign up for Azure and allows you to have access to Azure resources; each one has quotas or limits assigned to them.

Azure Subscription Types

include Free Trial, Pay-as-you-go and Pay-as-you-go Dev/Test

Azure Free Account

gives you access to Azure for 12 months and provide a $200 credit for 30 days; will have to upgrade to pay-as-you-go after 30 days

Cost Affecting Factors

include resource type, purchase method, region and billing zone

Zones

Geographies that are broken into groups for billing purposes; there are 4 total

Pricing Calculator

tool that is used to help you get an idea of the potential cost of the resource that you would use in Azure.

Total Cost of Ownership (TCO) Calculator

tool that is used to get an idea of how much could be saved in Azure based on the current on-premises setup one may have

Best Practice to Minimize Azure Costs

careful planning, ensuring full use of resources, allowing scalability and making use of the pricing and TCO calculator

Azure Cost Management

is a tool in Azure that allows you to analyze cost at a granular level and create a budget; can also configure alerts when cost are near budget

Support Plans

Basic (free), Developer, Standard, Professional Direct and Premier; the paid ones offer access to Support Engineers

Knowledge Center

helps you find documentation and blogs regarding common issues

Service Level Agreement (SLA)

defines specific availability targets and outlines what the cloud provider will do if those targets are not met; if not met usually credited to an Azure account invoice.

Public and Private Preview Features

beta offerings and updates that are not officially released and do not offer an SLA;

General Availability (GA)

is the point where a preview feature or service reaches quality and availability that suits the engineering team; is then given a SLA provided by Microsoft

Azure DevOps

provides developer services to support teams to plan work, collaborate on code development, and build and deploy applications; can be done in the cloud or on-premises

Azure DevTest Labs

is a "sandbox" environment that allows developer to to efficiently self-manage VMs and PaaS resources without waiting for approvals; can also set policies on VMs

Azure Service Bus

A message queueing system that connects applications, services, and devices, etc.

Azure Cognitive Services

services available to help developers build intelligent applications without having direct AI or data science skills or knowledge; Vision, Speech, Language, Web Search, and Decision

Still learning (2)

You've started learning these terms. Keep it up!