Azure

Fundamentals

AZ900
Module 1

Cloud Computing
Cloud Computing Fundamentals
What is Cloud Computing?

Cloud computing is a technology that enables users to access and use

computing resources, such as servers, storage, and applications, over
the internet. Instead of owning and maintaining physical hardware,
users can leverage remote servers hosted in data centers to store data,
run applications, and perform various computing tasks.

Let’s understand with an example-

OpEx Vs CapEx
Operational Expense

● Pay as you go model.

● Bill is generated immediately.
● No depreciation

Capital Expenditure

● Upfront spending money on physical infrastructure.

● Cost have a value which reduces overtime.
Shared Responsibility Model
The shared responsibility model in cloud computing is a framework that
outlines the division of security responsibilities between a cloud service
provider (CSP) and its customers. It's a collaborative effort to ensure the
overall security of the cloud environment.
Shared Responsibility Model in Azure

Microsoft’s
Responsibilities

Physical Virtualization
Networking
Infrastructure Infrastructure
Shared Responsibility Model in Azure

User’s
Responsibilities

Configuration Identity &

Data Encryption Access
Management
Management
Shared Responsibility Model in Azure

Shared
Responsibility

Data Operating System Applications

Types of Cloud

Types of Cloud

Deployment
Model Service Model
Types of Cloud - Service Model
Types of Cloud - Deployment Model
Public Cloud

● Owned and managed by a third party cloud provider

● Can be accessed through public network.
● Provides IT resources to general public and multiple organizations.
● Perfect for organizations with growing and fluctuating demands.
Types of Cloud - Deployment Model
Private Cloud

● Cloud environment created in organization’s on site data center or

hosted by third party service provider.
● Organizations are responsible for maintaining the services they
provide.
● Does not provide access to users outside the organization.
Types of Cloud - Deployment Model
Hybrid Cloud

● Combines functionalities of both public as well as private cloud.

● Ideal for legacy companies.
Pillars of Cloud

Security Reliability
Safeguarding data and Ensuring consistent
resources from performance and
unauthorized access dependability of cloud
and breaches. services.

Availability Governance
Maximizing system Implementing policies
uptime and minimizing and controls to manage
downtime. and regulate cloud
resources effectively.
How to create an Azure account?
Click on the link here - https://azure.microsoft.com/en-in and choose
the option of Free Account.
How to create an Azure account?
You will be redirected to this page and click on “Start Free”
How to create an Azure account?
Sign up with your Microsoft account. If you don’t have one, you can create
a new one too.
How to create an Azure account?
Here are the services you would get with your free Azure account.
How to create an Azure account?
As Azure operates on a pay-as-you-go model, you'll need to input your credit/debit
card details. A nominal charge of 2 rupees will be made temporarily, but it will be
refunded in a few days. No additional automatic deductions will occur from your card.
How to create an Azure account?
Voila!! Your free Azure account is created. Click on “Go to Azure portal”
to get started.
How to create an Azure account?
Azure portal opens up.
Module 2

What is Azure?
Azure Overview
● Azure is a cloud platform by Microsoft that offers various cloud services and
resources for managing and storing data.
● Users can conveniently access these services via the Azure portal when connected to
the internet.
● Microsoft Azure services are widely used across all industries for running
applications, storing and analysing data, software development, machine learning,
artificial intelligence, and other services.
● Azure offers four different forms of cloud computing: infrastructure as a service
(IaaS), platform as a service (PaaS), software as a service (SaaS) and serverless
functions.
● Microsoft adopts a pay-as-you-go model for Azure, where subscribers receive a
monthly bill based solely on the specific resources and services they've utilized.
Why Azure?

Security 1

Best Hybrid Cloud

Solution
2

Cost Effectiveness 3

Quick and Adaptable 4

Azure Certifications
● A series of over a dozen certifications offered by Microsoft Azure is designed to assist
professionals working in cloud computing or those aspiring to begin a career in the
field.
● These certifications are categorized into different levels, and some certifications do
not have a group classification-

1 2 3 4

Fundamentals Associate-level Expert-level Speciality

Fundamentals
● Tailored for individuals without a technical background who are eager to embark on
their cloud computing journey, as well as for emerging cloud professionals who are
just initiating their career in the field.
Associate-Level
● Most appropriate for candidates possessing a robust grasp of the fundamentals of
Azure. If you already have a familiarity with Azure, you are well-prepared to
incorporate the certifications listed into your resume, showcasing your proficiency in
the platform.
Expert-Level
● Designed for those with a solid background in the cloud, including an associate-level
certification and hands-on cloud experience. If you already have experience and a
good understanding of Azure at the associate level, you can pursue an expert
certification.
Speciality
● These specializations emphasize Azure IOT Developer Specialty and Azure for SAP
Workloads. Specialty-level Azure certifications are designed to provide in-depth
expertise in specific areas, allowing professionals to showcase their specialized skills
and knowledge within the Azure ecosystem.
 Azure Core
Services

Compute Security

Storage Network
Azure Compute Services
● The Azure Compute service plays a crucial role in hosting and running applications,
ensuring they are live and available.

● It serves as the foundation for executing various applications in a real-time

environment.

● Azure Compute handles deployment, hosting, management, and the actual running
of applications, making it essential for the overall functioning of diverse software in
the Microsoft Azure ecosystem.

● This service provides the necessary infrastructure to support the execution of

applications seamlessly.
 Azure Compute Services
Virtualization

● Virtualization is a technology that allows you to create a simulated or virtual version

of something, such as a computer or an operating system, within another system.
● It enables one physical machine to run multiple virtual machines, each with its own
isolated environment, as if they were independent and separate entities.
 Azure Compute Services
Azure Virtual Machine

● An Azure Virtual Machine is a computing resource provided by Microsoft Azure,

which is a cloud computing platform.
● Azure VMs allow you to run virtualized Windows or Linux servers in the cloud.
● These virtual machines operate just like physical computers but are hosted and
managed in Microsoft's data centers.
Azure Compute Services
 Azure Compute Services
Azure App Service

● Azure App Service is PaaS (Platform-as-a-Service) cloud service by Microsoft. This

service takes away some of the additional responsibilities of customer, and gives it
back to cloud provider, for which customer is responsible while working with Azure
VMs.
 Azure Compute Services
Azure Functions (Serverless)

● Azure Functions is a service from Microsoft that lets you run code without worrying
about servers. It responds to certain events or conditions, like when an order comes
in on an IoT system or a new message arrives in a queue.

● Azure Functions allows the users to implement their logic in particular pieces of
code. These are known as “functions”. Various functions run at various times of
response.

● When the requests increase, Azure Functions create as many resources and function
instances as required as per the need. Again, when the requests decrease, the extra
resources and function instances are deleted automatically.
Hands - On
Azure Storage Services
● Microsoft Azure Storage is a cloud storage service provided by Microsoft Azure,
offering a scalable and secure solution for storing and retrieving data in the cloud.
● Azure Storage is-
○ Durable
○ Secure
○ Scalable
○ Managed
○ Accessible
Azure Blob Storage
● Azure Blob Storage is a cloud-based storage service provided by Microsoft Azure. It
allows you to store and manage large amounts of unstructured data, such as text or
binary data.

● It saves text and binary data to facilitate big data analysis through Data Lake Storage
Gen2. Blob Storage allows direct browser access to image files, PDFs, or documents
using a single link.

● Blobs support streaming for audio and video, and they enable distributed file access
and log file management.
Azure File Storage
● Azure File Storage serves as a suitable choice when there's a need for a shared drive
connecting multiple servers or users.

● Microsoft Azure File storage is a type of Azure service that was designed to support
the needs of the Azure VM environment. That storage is, in essence, a network share.
You can store files there that can be accessed from different Virtual Machines.

● File Storage can be used if your business use case needs to deal mostly with standard
File extensions like *.docx, *.png and *.bak then you should probably go with this
storage.
Azure Queue Storage
● Azure queues are like virtual mailboxes where you put messages.

● Imagine you have someone sending messages (a sender) and someone else picking
them up and doing something with them (a client).

● Each message has special features, like a time limit before it disappears (expiry time).

● So, it's a way to organize and manage messages between different parts of a system.

● Azure Queue Storage is a service provided by Microsoft Azure, which is a cloud

computing platform. It's like a virtual "message queue" that helps different parts of a
program or different programs communicate with each other.

● Decoupling the components is one of the advantages of message queue services.

Azure Table Storage
● Azure Table Storage is a cloud-based NoSQL data store provided by Microsoft Azure.
It is designed to store and retrieve large amounts of semi-structured data, making it
suitable for scenarios where you need to manage and query massive datasets.

● If you have a super large amount of data and you want to store it in a NoSQL manner
in Azure and performance is not a concern for you, you can definitely go for the Azure
table storage, which is very cheap and could fit into your budget.
Networking in Azure
● Azure offers a variety of networking services to help users build, deploy, and manage
applications and services in the cloud. These services enable organizations to
establish secure and scalable network architectures. Here are some key Azure
networking services:

○ Azure Virtual Network

○ Load Balancer

○ Application Gateway

○ Traffic Manager
Azure Virtual Network
● Azure Virtual Network is the fundamental building block for your private network in
Azure. It allows you to create isolated networks to host your VMs and other Azure
resources.

● Why to use Azure VNets?

○ Provides an isolated environment.

○ Subnet can access the public cloud.

○ Traffic can be easily filtered from resources.

○ Highly secured.

○ High network connectivity.

○ Building sophisticated network topologies in a simple manner.

Azure Virtual Network
● Components of Azure Virtual Network

○ Subnets- This lets user segment the virtual network into one or more
sub-networks. Subnets provide several benefits, including improved security,
efficient network traffic management, and better organization of resources.

○ Routing- In Azure, routing refers to the process of directing network traffic

between different networks or subnets. Understanding how routing works is
crucial for designing a network architecture that meets your application's
requirements.
Azure Virtual Network
● Components of Azure Virtual Network

○ Network Security Groups - In Azure, Network Security Groups (NSGs) are a

crucial component for controlling inbound and outbound network traffic to and
from Azure resources. NSGs act as a basic, stateful, and rule-based firewall,
allowing you to define rules that permit or deny traffic based on various criteria.
 Load Balancer
● A load balancer distributes user traffic across multiple instances of your applications.

● Load balancer basically reduces the risk of performance issues.

Uses of Azure Load Balancer

○ Load balance both internal and external Azure virtual machine traffic.

○ Distribute resources within and across zones to increase availability.

○ Configure Azure VM outbound connectivity.

○ Monitor load-balanced resources with health probes.

○ Access VMs in a virtual network by port and public IP address with port
forwarding.
 Application Gateway
● In Azure, an Application Gateway is a load balancer service that enables you to
manage and optimize the traffic to your web applications. It acts as a traffic manager,
directing client requests to the appropriate servers based on various factors.

● It is usually used when you expect many users in your apps or wish to manage web
traffic based on incoming requests.

● Application Gateway balances the traffic across multiple servers and supports routing
to a specific server based on request components.
 Azure Traffic Manager
● Azure Traffic Manager is a load balancing solution provided by Azure Cloud Services
Platform that enables in controlling and load balancing the flow of traffic to specific
endpoints.
● These endpoints include any resource from the Azure Cloud Services platform
including virtual machines, websites and databases.
 Working of Traffic Manager
● It's like a global traffic cop, directing users to the nearest website endpoint, based on
their location. Here's how it works:
○ User Requests: When a user from, say, Asia tries to access your website, their web
browser sends a DNS request.
○ Traffic Manager Intervenes: The DNS request is intercepted by Azure Traffic
Manager.
○ Location Detection: Traffic Manager detects the user's location based on their IP
address.
○ Route Optimization: Based on the user's location, Traffic Manager directs them to
the nearest website endpoint. In this case, it would be the endpoint located in Asia.
○ Seamless Delivery: The user is then connected to the nearest endpoint and can
access your website quickly and without any delays.
IAM (Identity & Access Management)
● Azure Identity and Access Management (IAM) is a comprehensive set of services and
features that helps you manage who has access to what in Azure.
● Azure IAM enables you to:
○ Grant and manage access to Azure resources based on the principle of least
privilege.
○ Securely store and manage access keys and other sensitive credentials.
○ Monitor and audit access to your Azure resources.
○ Meet compliance requirements for access control and data security.
Azure RBAC
● Azure role-based access control (Azure RBAC) enables access management for Azure
resources. It’s an authorization system built into the Azure Resource Manager.
● You can use Azure RBAC to define which specific users should be allowed access to
Azure cloud resources and assign a set of privileges for each user group.
● There are around 70 roles for RBAC but here are the ones which are very
fundamental-
○ Owner
○ Contributor
○ Reader
○ User Access Administrator
Azure Cost Management
● Azure Cost Management is a suite of tools within the Azure platform designed to
help you track, analyze, and optimize your cloud spending. It provides complete
visibility into your Azure resource usage and costs, allowing you to identify
cost-saving opportunities and make informed decisions about your cloud
investments.
● Benefits of cost management are-
○ Increased cost visibility
○ Improved cost control
○ Optimised resource allocation
○ Informed decision making
○ Reduce risk of unexpected billing
 Azure Cost Management
Features of Cost Management-

● Cost analysis: View detailed cost breakdowns by resource, service, resource group, subscription,
and management group.
● Budgeting: Set budgets to track your spending against predefined limits and receive alerts when
you approach or exceed your budget.
● Recommendations: Get personalized recommendations for optimizing your costs, such as
identifying underutilized resources, reserving resources for predictable workloads, and exploring
alternative pricing options.
● Cost allocation: Allocate costs to different departments, projects, or teams for better cost tracking
and chargeback.
● Exports and reports: Download cost data and generate reports for further analysis and reporting.
● Integrations: Integrate with other Azure services and third-party tools to automate cost
management tasks.