Book Image

Azure Architecture Explained

By : David Rendón, Brett Hargreaves
Book Image

Azure Architecture Explained

By: David Rendón, Brett Hargreaves

Overview of this book

Azure is a sophisticated technology that requires a detailed understanding to reap its full potential and employ its advanced features. This book provides you with a clear path to designing optimal cloud-based solutions in Azure, by delving into the platform's intricacies. You’ll begin by understanding the effective and efficient security management and operation techniques in Azure to implement the appropriate configurations in Microsoft Entra ID. Next, you’ll explore how to modernize your applications for the cloud, examining the different computation and storage options, as well as using Azure data solutions to help migrate and monitor workloads. You’ll also find out how to build your solutions, including containers, networking components, security principles, governance, and advanced observability. With practical examples and step-by-step instructions, you’ll be empowered to work on infrastructure-as-code to effectively deploy and manage resources in your environment. By the end of this book, you’ll be well-equipped to navigate the world of cloud computing confidently.

Related Content you might be interested in

Current Title:

Small book image
Azure Architecture Explained
David Rendón | Brett Hargreaves
Sep, 2023 | 446 pages
Small book image
Azure for Decision Makers
Jason Milgram | David Rendoacuten | Jack Lee
Sep, 2023 | 146 pages
Small book image
Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
Brett Hargreaves
Jul, 2021 | 520 pages
Small book image
Azure Integration Guide for Business
Meacutelony Qin | Joshua Garverick | Trevoir Williams | Jack Lee
Sep, 2023 | 268 pages
Table of Contents (20 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1 – Effective and Efficient Security Management and Operations in Azure
Part 1 – Effective and Efficient Security Management and Operations in Azure
Free Chapter
2
Chapter 1: Identity Foundations with Azure Active Directory and Microsoft Entra
Chapter 1: Identity Foundations with Azure Active Directory and Microsoft Entra
Protecting users’ identities and securing the value chain – the importance of IAM in decentralized organizations
Authentication and authorization in Azure
Engaging and collaborating with employees, partners, and customers
The significance of digital identities in the modern IT landscape
Securing cloud-based workloads with Microsoft Entra’s identity-based access control
Summary
3
Chapter 2: Managing Access to Resources Using Azure Active Directory
Chapter 2: Managing Access to Resources Using Azure Active Directory
Understanding the need for IAM
Understanding Azure AD (now Microsoft Entra ID)
Understanding the capabilities of Microsoft Entra ID
Hybrid identity – integrating your on-premises directories (Azure AD Connect sync and cloud sync)
Summary
4
Chapter 3: Using Microsoft Sentinel to Mitigate Lateral Movement Paths
Chapter 3: Using Microsoft Sentinel to Mitigate Lateral Movement Paths
Understanding the Zero Trust strategy
Understanding lateral movement
Leveraging Microsoft Sentinel to improve your security posture
Enabling Microsoft Sentinel
Mitigating lateral movements
Summary
5
Part 2 – Architecting Compute and Network Solutions
Part 2 – Architecting Compute and Network Solutions
6
Chapter 4: Understanding Azure Data Solutions
Chapter 4: Understanding Azure Data Solutions
Technical requirements
Understanding Azure storage types
Understanding Azure database options
Summary
7
Chapter 5: Migrating to the Cloud
Chapter 5: Migrating to the Cloud
Technical requirements
Understanding migration options
Managing servers
Modernizing applications
Migrating data
Summary
8
Chapter 6: End-to-End Observability in Your Cloud and Hybrid Environments
Chapter 6: End-to-End Observability in Your Cloud and Hybrid Environments
Understanding the importance of a monitoring strategy
Working on an effective monitoring strategy
Azure Monitor – a comprehensive solution for observability and efficiency
Summary
9
Chapter 7: Working with Containers in Azure
Chapter 7: Working with Containers in Azure
Understanding cloud-native applications
Understanding the difference between virtual machines and containers
Azure Container Instances
Working with Azure Container Instances
Creating Azure Container Apps
Summary
Further reading
10
Chapter 8: Understanding Networking in Azure
Chapter 8: Understanding Networking in Azure
Connectivity in Azure
Hybrid networking
Load balancing
Network security
Summary
11
Chapter 9: Securing Access to Your Applications
Chapter 9: Securing Access to Your Applications
Technical requirements
Designing for security
Securing traffic
Securing keys and secrets
Using managed identities
Summary
12
Part 3 – Making the Most of Infrastructure-as-Code for Azure
Part 3 – Making the Most of Infrastructure-as-Code for Azure
13
Chapter 10: Governance in Azure – Components and Services
Chapter 10: Governance in Azure – Components and Services
Planning a comprehensive cloud governance strategy
Understanding Azure governance
Azure governance – components and services
Microsoft Cost Management
Summary
14
Chapter 11: Building Solutions in Azure Using the Bicep Language
Chapter 11: Building Solutions in Azure Using the Bicep Language
Unlocking the benefits of IaC with Azure Resource Manager
Authoring Bicep files
Bicep file structure
Summary
15
Chapter 12: Using Azure Pipelines to Build Your Infrastructure in Azure
Chapter 12: Using Azure Pipelines to Build Your Infrastructure in Azure
Understanding the relationship between continuous integration, continuous delivery, and pipelines
Understanding Azure Pipelines
Configuring Azure DevOps
Configuring Azure Repos
Configuring a build pipeline in Azure DevOps using the Classic Editor
Configuring a release pipeline in Azure DevOps using the Classic Editor
Configuring Azure Pipelines with YAML
Summary
16
Chapter 13: Continuous Integration and Deployment in Azure DevOps
Chapter 13: Continuous Integration and Deployment in Azure DevOps
DevOps transformation – achieving reliable and efficient software development through CI and CD practices
CI in Azure DevOps using the Classic Editor
CD in Azure DevOps
CI/CD baseline architecture using Azure Pipelines
Building a multistage YAML pipeline
Summary
17
Chapter 14: Tips from the Field
Chapter 14: Tips from the Field
Azure governance
Azure monitoring
Identity management and protection
Azure networking
Azure containers
Summary
18
Index
Index
Why subscribe?
19
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Securing keys and secrets

Securing your applications against network-level attacks is often the first line of defense. With the additional capabilities of a WAF, you can readily protect against many forms of attacks and issues in your code.

But not all attacks come head-on. Most attacks are usually through insider threats – either maliciously or accidentally. What we mean by this is that, if we think back to Mark Twain’s proverb, it’s those that seek to get around the front door that often cause the biggest problems.

Therefore, we need to think about attack vectors other than a direct one over the network. If our network is secure, and our frontend is secure, we must consider how the backend can be exploited.

From a network point of view, this is quite difficult; if an attacker has found a way around these controls, the next level of protection is usually authentication. Because the asset we want to protect is our data, we must consider strategies to protect...

Previous Section
End of Section 5
Next Section