Book Image

Azure for Architects - Third Edition

By : Ritesh Modi, Jack Lee, Rithin Skaria

Book Image

Azure for Architects - Third Edition

By: Ritesh Modi, Jack Lee, Rithin Skaria

Overview of this book

Thanks to its support for high availability, scalability, security, performance, and disaster recovery, Azure has been widely adopted to create and deploy different types of application with ease. Updated for the latest developments, this third edition of Azure for Architects helps you get to grips with the core concepts of designing serverless architecture, including containers, Kubernetes deployments, and big data solutions. You'll learn how to architect solutions such as serverless functions, you'll discover deployment patterns for containers and Kubernetes, and you'll explore large-scale big data processing using Spark and Databricks. As you advance, you'll implement DevOps using Azure DevOps, work with intelligent solutions using Azure Cognitive Services, and integrate security, high availability, and scalability into each solution. Finally, you'll delve into Azure security concepts such as OAuth, OpenConnect, and managed identities. By the end of this book, you'll have gained the confidence to design intelligent Azure solutions based on containers and serverless functions.

Preface

About Azure for Architects, Third Edition

1. Getting started with Azure

1. Getting started with Azure

Cloud computing

Understanding Azure

Azure as an intelligent cloud

Azure Resource Manager

Interacting with the intelligent cloud

Free Chapter

2. Azure solution availability, scalability, and monitoring

2. Azure solution availability, scalability, and monitoring

High availability

Azure high availability

Architectural considerations for high availability

Upgrades and maintenance

3. Design pattern – Networks, storage, messaging, and events

3. Design pattern – Networks, storage, messaging, and events

Azure Availability Zones and Regions

Virtual networks

Virtual network design

Cloud design patterns

4. Automating architecture on Azure

4. Automating architecture on Azure

Azure Automation

Azure Automation architecture

Concepts related to Azure Automation

Runbook authoring and execution

Using Az modules

Azure Automation State Configuration

Azure Automation pricing

Comparison with serverless automation

5. Designing policies, locks, and tags for Azure deployments

5. Designing policies, locks, and tags for Azure deployments

Azure management groups

Azure Blueprints

An example of implementing Azure governance features

6. Cost management for Azure solutions

6. Cost management for Azure solutions

Azure offer details

Understanding billing

Usage and quotas

Resource providers and resource types

Usage and Billing APIs

Azure pricing calculator

7. Azure OLTP solutions

7. Azure OLTP solutions

OLTP applications

Azure cloud services

Deployment models

Azure SQL Database

Single Instance

Managed Instance

SQL database pricing

Azure Cosmos DB

8. Architecting secure applications on Azure

8. Architecting secure applications on Azure

Application security

Azure Key Vault

Authentication and authorization using OAuth

Security monitoring and auditing

9. Azure Big Data solutions

9. Azure Big Data solutions

Data integration

A primer on Azure Data Factory

A primer on Azure Data Lake

Migrating data from Azure Storage to Data Lake Storage Gen2

Creating a solution using Databricks

10. Serverless in Azure – Working with Azure Functions

10. Serverless in Azure – Working with Azure Functions

The advantages of Azure Functions

Creating an event-driven function

Function Proxies

Durable Functions

Creating a connected architecture with functions

Azure Event Grid

11. Azure solutions using Azure Logic Apps, Event Grid, and Functions

11. Azure solutions using Azure Logic Apps, Event Grid, and Functions

Azure Logic Apps

Creating an end-to-end solution using serverless technologies

12. Azure Big Data eventing solutions

12. Azure Big Data eventing solutions

Introducing events

Event Hubs architecture

A primer on Stream Analytics

A sample application using Event Hubs and Stream Analytics

Provisioning a new resource group

13. Integrating Azure DevOps

13. Integrating Azure DevOps

The essence of DevOps

DevOps practices

Preparing for DevOps

DevOps for PaaS solutions

DevOps for IaaS

DevOps with containers

Azure DevOps and Jenkins

Azure Automation

Tools for DevOps

14. Architecting Azure Kubernetes solutions

14. Architecting Azure Kubernetes solutions

Introduction to containers

Kubernetes fundamentals

Kubernetes architecture

Kubernetes primitives

AKS architecture

Deploying an AKS cluster

Access and identity for AKS

Virtual kubelet

15. Cross-subscription deployments using ARM templates

15. Cross-subscription deployments using ARM templates

Deploying resource groups with ARM templates

Deploying resources across subscriptions and resource groups

Deploying cross-subscription and resource group deployments using linked templates

Virtual machine solutions using ARM templates

PaaS solutions using ARM templates

Data-related solutions using ARM templates

Creating an IaaS solution on Azure with Active Directory and DNS

16. ARM template modular design and implementation

16. ARM template modular design and implementation

Problems with the single template approach

Understanding the Single Responsibility Principle

Linked templates

Nested templates

Free-flow configurations

Known configurations

Understanding copy and copyIndex

Securing ARM templates

Using outputs between ARM templates

17. Designing IoT solutions

17. Designing IoT solutions

IoT architecture

High availability

Azure IoT Central

18. Azure Synapse Analytics for architects

18. Azure Synapse Analytics for architects

Azure Synapse Analytics

A common scenario for architects

An overview of Azure Synapse Analytics

Migrating from existing legacy systems to Azure Synapse Analytics

Common SQL incompatibilities and resolutions

Security considerations

Tools to help migrate to Azure Synapse Analytics

19. Architecting intelligent solutions

19. Architecting intelligent solutions

The evolution of AI

Azure AI processes

Azure Cognitive Services

Understanding Cognitive Services

Building an OCR service

Building a visual features service using the Cognitive Search .NET SDK

Safeguarding the Cognitive Services key

Consuming Cognitive Services

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Securing ARM templates

Another important aspect related to creating enterprise ARM templates is securing them appropriately. ARM templates contain the resource configuration and vital information about infrastructure, and so they should not be compromised or accessible to unauthorized people.

The first step in securing ARM templates is storing them in storage accounts and stopping any anonymous access to the storage account container. Moreover, SAS tokens should be generated for storage accounts and used in ARM templates to consume linked templates. This will ensure that only the holders of SAS tokens can access the templates. Moreover, these SAS tokens should be stored in Azure Key Vault instead of being hardcoded into ARM templates. This will ensure that even the people responsible for deployment do not have access to the SAS token.

Another step in securing ARM templates is ensuring that any sensitive information and secrets, such as database connection strings, Azure subscription...