Book Image

Microsoft Azure Architect Technologies: Exam Guide AZ-300

By : Sjoukje Zaal
Book Image

Microsoft Azure Architect Technologies: Exam Guide AZ-300

By: Sjoukje Zaal

Overview of this book

From designing solutions on Azure to configuring and managing virtual networks, AZ-300 certification can help you achieve all this and more. Whether you want to get certified or gain hands-on experience in administering, developing, and architecting Azure solutions, this study guide will help you get started. The book features not only the different exam objectives, but also guides you through configuring, managing, securing, and architecting Azure resources. Divided into five modules, this book will systematically take you through the different concepts and features as you advance through the sections. The first module demonstrates how to deploy and configure infrastructure. You will cover techniques related to implementing workloads and security, before learning how to create and deploy apps in the next module. To build on your knowledge, the final two modules will get you up to speed with implementing authentication, data security, and application and platform monitoring, along with covering Azure storage, alerting, and automation strategies. Finally, you’ll work through exam-based mock tests with answers to boost your confidence in passing the exam. By the end of this book, you’ll have learned the concepts and techniques you need to know in order to prepare for the AZ-300 exam, along with the skills to design effective solutions on Microsoft Azure.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Azure Architect Technologies: Exam Guide AZ-300
Sjoukje Zaal
Jan, 2020 | 540 pages
Small book image
Architecting Microsoft Azure Solutions - Exam Guide 70-535
Sjoukje Zaal
Apr, 2018 | 418 pages
Small book image
Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond
Riaan Lowe | Donovan Kelly
Jul, 2022 | 776 pages
Small book image
Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond
Brett Hargreaves
Jul, 2021 | 520 pages
Table of Contents (30 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Section 1: Deploying and Configuring Infrastructure
Section 1: Deploying and Configuring Infrastructure
Free Chapter
2
Analyzing Resource Utilization and Consumption
Analyzing Resource Utilization and Consumption
Understanding Azure Monitor
Creating and analyzing metrics and alerts
Creating a baseline for resources
Configuring diagnostic settings on resources
Viewing alerts in Log Analytics
Utilizing log search query functions
Summary
Questions
Further reading
3
Creating and Configuring Storage Accounts
Creating and Configuring Storage Accounts
Technical requirements
Understanding Azure Storage accounts
Creating and configuring a storage account
Installing and using Azure Storage Explorer
Configuring network access to the storage account
SAS and access keys
Implementing Azure Storage replication
Summary
Questions
Further reading
4
Implementing and Managing Virtual Machines
Implementing and Managing Virtual Machines
Technical requirements
Understanding VMs
Understanding Availability Sets
Understanding provisioning VMs
Understanding VM scale sets
Modifying and deploying ARM templates
Configuring Azure Disk Encryption for VMs
Summary
Questions
Further reading
5
Implementing and Managing Virtual Networking
Implementing and Managing Virtual Networking
Technical requirements
Understanding Azure VNet
Understanding IP addresses
Configuring virtual networks and subnets
Configuring private and public IP addresses
User-defined routes
Summary
Questions
Further reading
6
Creating Connectivity between Virtual Networks
Creating Connectivity between Virtual Networks
Technical requirements
Understanding VNet peering
Understanding VNet-to-VNet
Verifying virtual network connectivity
VNet peering versus VNet-to-VNet connections
Summary
Questions
Further reading
7
Managing Azure Active Directory (Azure AD)
Managing Azure Active Directory (Azure AD)
Understanding Azure AD
Creating and managing users and groups
Configuring a self-service password reset
Understanding conditional access policies
Working with Azure AD join
Adding custom domains
Summary
Questions
Further reading
8
Implementing and Managing Hybrid Identities
Implementing and Managing Hybrid Identities
Understanding Azure AD Connect
Installing Azure AD Connect
Managing Azure AD Connect
Password writeback
Password synchronization
Summary
Questions
Further reading
9
Section 2: Implementing Workloads and Security
Section 2: Implementing Workloads and Security
10
Migrating Servers to Azure
Migrating Servers to Azure
Understanding Azure Migrate
Azure Migrate tools
Migrating on-premises machines to Azure
Summary
Questions
Further reading
11
Configuring Serverless Computing
Configuring Serverless Computing
Technical requirements
Creating and managing objects
Managing a Logic App resource
Understanding Azure Event Grid
Understanding Azure Service Bus
Summary
Questions
Further reading
12
Implementing Application Load Balancing
Implementing Application Load Balancing
Technical requirements
Understanding Azure Application Gateway
Configuring an application gateway
Implementing frontend IP configurations
Configuring load balancing rules
Managing application load balancing
Understanding Azure Front Door
Summary
Questions
Further reading
13
Integrating On-Premises Networks with Azure Virtual Network
Integrating On-Premises Networks with Azure Virtual Network
Technical requirements
Understanding Azure VPN gateway
Creating and configuring an Azure VPN gateway
Creating and configuring the S2S VPN
Verifying on-premises connectivity
Summary
Questions
Further reading
14
Managing Role-Based Access Control (RBAC)
Managing Role-Based Access Control (RBAC)
Technical requirements
Understanding RBAC
Configuring access to Azure resources by assigning roles
Configuring management access to Azure
Creating a custom role
Azure Policy
Implementing and assigning Azure policies
Summary
Questions
Further reading
15
Implementing Multi-Factor Authentication (MFA)
Implementing Multi-Factor Authentication (MFA)
Understanding Azure MFA
Configuring user accounts for MFA
Configuring verification methods
Configuring trusted IPs
Configuring fraud alerts
Configuring bypass options
Summary
Questions
Further reading
16
Section 3: Creating and Deploying Apps
Section 3: Creating and Deploying Apps
17
Creating Web Apps by Using PaaS
Creating Web Apps by Using PaaS
Technical requirements
Understanding App Services
Understanding App Service plans
Understanding Web App for Containers
Understanding WebJobs
Understanding diagnostic logging
Summary
Questions
Further reading
18
Designing and Developing Apps That Run in Containers
Designing and Developing Apps That Run in Containers
Technical requirements
Understanding Azure Container Instances
Understanding AKS
Summary
Questions
Further reading
19
Section 4: Implementing Authentication and Secure Data
Section 4: Implementing Authentication and Secure Data
20
Implementing Authentication
Implementing Authentication
Technical requirements
Understanding Azure App Service authentication
Implementing Windows-integrated authentication
Implementing authentication by using certificates
Understanding OAuth2 authentication in Azure AD
Understanding managed identities
Implementing managed identities for Azure resources service principal authentication
Summary
Questions
Further reading
21
Implementing Secure Data Solutions
Implementing Secure Data Solutions
Technical requirements
Understanding data security in Azure
Encrypting and decrypting data at rest
Encrypting and decrypting data in transit
Encrypting data with Always Encrypted
Understanding Azure confidential computing
Creating, reading, updating, and deleting keys, secrets, and certificates by using the Key Vault API
Summary
Questions
Further reading
22
Section 5: Developing for the Cloud and for Azure Storage
Section 5: Developing for the Cloud and for Azure Storage
23
Developing Solutions That Use Cosmos DB Storage
Developing Solutions That Use Cosmos DB Storage
Technical requirements
Understanding Cosmos DB
Create, read, update, and delete data by using appropriate APIs
Understanding partitioning schemes
Setting the appropriate consistency level for operations
Summary
Questions
Further reading
24
Developing Solutions That Use a Relational Database
Developing Solutions That Use a Relational Database
Technical requirements
Understanding Azure SQL Database
Provisioning and configuring an Azure SQL database
Creating, reading, updating, and deleting data tables by using code
Configuring elastic pools for Azure SQL Database
Understanding Azure SQL Database managed instances
Summary
Questions
Further reading
25
Message-Based Integration Architecture and Autoscaling
Message-Based Integration Architecture and Autoscaling
Technical requirements
Understanding Azure Integration Services
Routing events using Event Grid
Designing an effective messaging architecture
Implementing autoscaling rules and patterns
Summary
Questions
Further reading
26
Mock Questions
Mock Questions
27
Mock Answers
Mock Answers
28
Assessments
Chapter 1: Analyzing Resource Utilization and Consumption
Chapter 2: Creating and Configuring Storage Accounts
Chapter 3: Implementing and Managing Virtual Machines
Chapter 4: Implementing and Managing Virtual Networking
Chapter 5: Creating Connectivity between Virtual Networks
Chapter 6: Managing Azure Active Directory (Azure AD)
Chapter 7: Implementing and Managing Hybrid Identities
Chapter 8: Migrating Servers to Azure
Chapter 9: Configuring Serverless Computing
Chapter 10: Implementing Application Load Balancing
Chapter 11: Integrating On-Premises Networks with Azure Virtual Networks
Chapter 12: Managing Role-Based Access Control (RBAC)
Chapter 13: Implementing Multi-Factor Authentication (MFA)
Chapter 14: Creating Web Apps by Using PaaS
Chapter 15: Designing and Developing Apps That Run in Containers
Chapter 16: Implementing Authentication
Chapter 17: Implementing Secure Data Solutions
Chapter 18: Developing Solutions That Use Cosmos DB Storage
Chapter 19: Developing Solutions That Use a Relational Database
Chapter 20: Message-Based Integration Architecture and Autoscaling
29
Another Book You May Enjoy
Another Book You May Enjoy
Leave a review - let other readers know what you think

Utilizing log search query functions

Azure Monitor is now integrated with the features and capabilities that Log Analytics was offering. This also includes creating search queries across the different logs and metrics by using the Kusto query language.

To retrieve any type of data from Azure Monitor, a query is required. Whether you are configuring an alert rule, analyzing data in the Azure portal, retrieving data using the Azure Monitor Logs API, or being notified of a particular condition, a query is used.

The following list provides an overview of all of the different ways queries are used by Azure Monitor:

  • Portal: From the Azure portal, interactive analysis of log data can be performed. In there, you can create and edit queries and analyze the results in a variety of formats and visualizations.
  • Dashboards: The results of a query can be pinned to a dashboard. This way, results can be visualized and shared with other users.
  • Views: By using the View Designer in Azure Monitor, you can create custom views of your data. This data is provided by queries as well.
  • Alert rules: Alert rules are also made up of queries.
  • Export: Exports of data to Excel or Power BI are created with queries. The query defines the data to export.
  • Azure Monitor Logs API: The Azure Monitor Logs API allows any REST API client to retrieve log data from the workspace. The API request includes a query to retrieve the data.
  • PowerShell: You can run a PowerShell script from a command line or an Azure Automation runbook that uses Get-AzOperationalInsightsSearchResults to retrieve log data from Azure Monitor. You need to create a query for this cmdlet to retrieve the data.

In the following section, we are going to create some queries to retrieve data from the logs in Azure Monitor.

Querying logs in Azure Monitor

To query logs in Azure Monitor, perform the following steps:

  1. Navigate to the Azure portal by opening https://portal.azure.com.
  2. In the left-hand menu, select Monitor to open the Azure Monitor overview blade. Under Insights, select More. This will open the Log Analytics workspace that we created in the previous step.
  1. On the overview page, click on Logs in the top menu. This will open the Azure Monitor query editor:
Azure Monitor query editor
  1. Here, you can select some default queries. They are displayed at the bottom part of the screen. There are queries for retrieving unavailable computers, the last heartbeat of a computer, and much more. Add the following queries to the query editor window to retrieve data:
    • This query will retrieve the top 10 computers with the most error events over the last day:
Event | where (EventLevelName == "Error") | where (TimeGenerated > ago(1days)) | summarize ErrorCount = count() by Computer | top 10 by ErrorCount desc
    • This query will create a line chart with the processor utilization for each computer from the last week:
Perf | where ObjectName == "Processor" and CounterName == "% Processor Time" | where TimeGenerated between (startofweek(ago(7d)) .. endofweek(ago(7d)) ) | summarize avg(CounterValue) by Computer, bin(TimeGenerated, 5min) | render timechart
A detailed overview and tutorial on how to get started with the Kusto query language are beyond the scope of this book. If you want to find out more about this query language, you can refer to https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-queries.
Previous Section
End of Section 7
Next Section