Managing Azure Subscriptions and Resource Groups
Learning Objective: In this module, you will learn about the administrative tools and components that make up an Azure subscription as well as the different available types of subscription. You will also learn about the various services provided by Azure. You will be introduced to Azure Resource Manager and how resources are organized into resource groups.
Topics:
- Introduction to Cloud Computing
- Overview of Microsoft Azure
- Microsoft Azure Services
- Azure Subscriptions
- Management Groups
- Azure Resource Manager
- Azure Portal and PowerShell
- Azure Resource Manager Policies
- Azure Policy Definition Structure
- Resource Management Locks
- Organizing Azure Resources
Hands-On:
- Create an Azure account
- Manage subscriptions, billing, and policies
- Configure Management Groups
- Use Portal and PowerShell to deploy and manage resources on Azure
- Create Azure policies
Azure Virtual Networks and Network Security
Learning Objective: In this module, you will be introduced to Azure virtual networking concepts and how do you create and configure them. You will also learn how system routes, routing tables, and routing algorithms are used. This module also introduces you to Azure DNS basics and Network Security Groups (NSGs). You will also learn how to implement NSGs considering service endpoints and policies.
Topics:
- Introduction to Azure Virtual Networks
- IP Addresses – Public and Private
- Classless Inter-domain Routing (CIDR)
- Subnets
- Network Interface Cards (NICs)
- Network Security Groups (NSGs)
- Network Security Group Rules
- Virtual Network Service Endpoints
- Service Endpoint Policies
- Azure Load Balancer
- Azure DNS
- Azure Firewall
- Azure Bastion Service
Hands-On:
- Create and Configure Virtual Networks
- Setup Network Security Groups (NSGs)
- Restrict Network Access to Resources with Service Endpoints
- Implement Azure DNS
- Configure Azure Firewall
- Deploy Azure Bastion Service
Overview of Azure Virtual Machines
Learning Objective: In this module, you will be introduced to Azure VMs, their supporting OS, sizing and pricing. You will also learn how to create and configure Windows and Linux VMs in Azure. This module also teaches you how to create custom VMs in Azure. You will also learn how VMs can be extended through custom scripts and Desired State Configuration.
Topics:
- Azure Virtual Machines
- Azure Resource Manager VM
- Introduction to ARM Templates
- Create a Custom Image of Azure VM
- Create a Managed Image of a Generalized VM
- Create an Image from VM Snapshots
- Creating a Linux Virtual Machine
- Virtual Machine Extensions
- Configuration Management using PowerShell DSC
- Run Custom Scripts using Custom Script Extension
- Azure Kubernetes Service (AKS)
- Azure Container Instances (ACI)
- App Service
- App Service Plans
Hands-On:
- Create Windows VMs in the Azure Portal
- Create Windows VMs with Azure PowerShell
- Create VMs using ARM Templates
- Deploy custom server images
- Configure Azure Kubernetes Service (AKS)
- Create a Web App Service
Overview of Azure Storage Services
Learning Objective: In this module, you will learn about storage accounts – Standard and Premium – as well as storage endpoints. You will also learn about data replication and work with Azure Storage Explorer to manage storage data. You will discover how a shared access signature (SAS) are used to provide delegated access to resources. You will also explore and understand disks and storage – Azure Blob Storage, Azure Files, and structured storage types like Table and Queue storage.
Topics:
- Azure Storage
- Azure Storage Replication
- Azure Storage Explorer
- Attach or Detach an External Storage Account
- Shared Access Signatures (SAS)
- Attach a Storage Account using SAS
- Azure Blob Storage
- Azure File Storage
- Azure Queue Storage
- Azure Table Storage
Hands-On:
- Create Azure Storage accounts
- Manage storage using Azure Storage Explorer
- Copy data by using AZCopy
- Secure storage using SAS
- Implement Blobs and Files storages
- Implement Table storage
Secure and Manage Azure Storage
Learning Objective: In this module, you will learn how to use Azure backup as a data protection solution and work with Azure File Sync. This module also teaches you how to use Azure CDN and how to transfer data to and from cloud using Import/Export service and Data Box.
Topics:
- Azure Backup
- Why Use Azure Backup
- Files and Folder Backup
- Application Backup
- Azure File Share
- Azure File Sync
- Content Delivery Network (CDN)
- How CDN Works
- Azure Import/Export Service
- Azure Data Box
Hands-On:
- Implement Azure Backup service
- Create an Azure File Share
- Implement Azure File Sync
- Store and access data using Azure CDN service
- Transfer data using Azure Import/Export service
Configure Virtual Machines for High Availability
Learning Objective: In this module, you will learn about the two main configuration areas for VMs: Networking and Storage. You will learn how to keep your VMs highly available sets and how to use scale sets to increase/decrease the number of VMs. This module also covers backing up and restoring VMs.
Topics:
- Azure Virtual Machine Storage
- Azure Virtual Machine Availability
- Fault and Update Domains
- Azure Load Balancer
- Automatic Scaling of Azure VMs
- VM Scale Sets
- Azure VM Backup
- Azure VM Monitoring with Azure Diagnostics Extension
- Azure Advisor
Hands-On:
- Attach a Managed Data Disk to a Windows VM
- Initialize a New Data Disk
- Configure Azure Load Balancer
- Create a VM Scale Set
- Implement Backup and Restore
- Enable Diagnostic Extension to Monitor Metrics and Logs
Network Traffic Distribution and Connectivity
Learning Objective: This module covers three ways in which traffic is distributed in a virtual network: Azure Load Balancer, Azure Traffic Manager and Azure Application Gateway. This module also deals with two specific types of inter-site connectivity: VNet-to-VNet connections and VNet Peering. You will learn when to choose which connectivity method, and how to implement and configure that method.
Topics:
- Azure Traffic Manager
- Azure Application Gateway
- Azure Virtual Network Routing
- Azure Virtual Network Connectivity
- Azure VPN Gateway
- BGP with VPN Gateway
- Virtual Network Peering
Hands-On:
- Implement Azure Traffic Manager
- Configure Virtual Network Gateways
- Configure BGP with Azure VPN Gateway
- Implement Virtual Network Peering
Integrate On-premises Network with Azure Virtual Network
Learning Objective: In this module, you will learn how to integrate on-premises network with Azure Virtual Network. You will implement Point-to-Site VPN Connections and ExpressRoute to connect your virtual networks. You will also learn important skills around troubleshooting common network issues with the help of Azure Network Watcher tool.
Topics:
- Azure Inter-site VPN Connectivity Methods
- Site-to-Site VPN Gateway Connection
- Point-to-Site VPN Gateway Connection
- VNet-to-VNet Connections
- Azure ExpressRoute
- Azure Virtual WAN
- Azure Network Watcher
- Resource Troubleshooting in Azure Network Watcher
Hands-On:
- Create and Configure Point-to-Site Connection
- Configure Vnet-to-Vnet Connection
- Configure Azure ExpressRoute
- Configure Azure Virtual WAN
- Implement Network Watcher
Monitoring and Access Management for Cloud Resources
Learning Objective: In this module, you will learn about Azure Monitor and its many capabilities to ensure your Azure architecture is working correctly. You will also learn about Log Analytics tool that provides a way for you to analyze and query all types of connected data. This module also focuses on the basics of Role-Based Access Control as it applies to users and groups.
Topics:
- Overview of Role Based Access Control
- Azure Monitor
- Log Analytics
- Azure Activity Log
- Alerts in Azure Monitor
- Custom roles in Azure
- Provide access to Azure resources by assigning roles
- Manage multiple directories
Hands-On:
- Manage Access using RBAC
- Grant Access for a Group using RBAC
- Configure Activity Log Alerts
- Create a custom role
Manage Azure Active Directory (AD)
Learning Objective: In this module, you will be introduced to the Azure Active Directory and the basics of implementing Azure AD objects. These objects include domains and tenants, users and groups, roles, and devices. In each lesson, you will practice how to configure these objects through the portal and with Azure PowerShell.
Topics:
- Identity Access Management
- Azure Active Directory
- Multi Factor Authentication
- Self-Service Password Reset
- Azure AD Identity Protection
- Azure AD Conditional Access
- Azure AD Domains and Tenants
- Azure AD Domain Services
- Azure AD Join
- Azure AD Single Sign-On
- Manage Azure AD Objects
Hands-On:
- Configure Self-Service Password Reset
- Implement Azure AD Identity Protection
- Configure Domains and Tenants, Users and Groups
- Enable Azure AD Domain Services
Implementing and Managing Hybrid Identities
Learning Objective: In this module, you will learn how to integrate Active Directory with your existing infrastructure. You will learn about different authentication options such as Single Sign-on and Pass-through authentication. You will also learn how to configure Azure AD Application Proxy. This module also focuses on MFA and its working. Lastly, you will learn how to use conditional access policies.
Topics:
- Hybrid Identity
- Password Hash Synchronization (PHS)
- Pass-through Authentication (PTA)
- Federated Authentication
- Azure AD Seamless Single Sign-On (SSO)
- Azure AD Application Proxy
- Password Writeback
Hands-On:
- Implement Password Hash Synchronization and Pass-through Authentication
- Implement App Proxy and Password Writeback
- Configure user accounts for Multi-Factor Authentication