Azure architecture explained a comprehensive guide to building effective cloud solutions
Enhance your career as an Azure architect with cutting-edge tools, expert guidance, and resources from industry leaders Key Features Develop your business case for the cloud with technical guidance from industry experts Address critical business challenges effectively by leveraging proven combinatio...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, England :
Packt Publishing
[2023]
|
| Edición: | 1st ed |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009768139306719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright and Credits
- Foreword
- Contributors
- Table of Contents
- Preface
- Part 1 - Effective and Efficient Security Management and Operations in Azure
- Chapter 1: Identity Foundations with Azure Active Directory and Microsoft Entra
- Protecting users' identities and securing the value chain - the importance of IAM in decentralized organizations
- Authentication and authorization in Azure
- Engaging and collaborating with employees, partners, and customers
- The significance of digital identities in the modern IT landscape
- Modernizing your IAM with Microsoft Azure AD
- Life cycle management
- Leveraging the Microsoft Cloud Adoption Framework
- Azure AD terminology, explained
- Securing applications with the Microsoft identity platform
- Securing cloud-based workloads with Microsoft Entra's identity-based access control
- Azure AD
- Microsoft Entra Permissions Management
- Microsoft Entra Verified ID
- Microsoft Entra workload identities
- Microsoft Entra Identity Governance
- Microsoft Entra admin center
- Summary
- Chapter 2: Managing Access to Resources Using Azure Active Directory
- Understanding the need for IAM
- Understanding Azure AD (now Microsoft Entra ID)
- Exploring the Microsoft Entra ID editions
- Microsoft Entra ID Premium P2
- Understanding the capabilities of Microsoft Entra ID
- Task 1 - creating a new Azure AD tenant using the Azure portal
- Task 2 - creating and configuring Azure AD users
- Task 3 - creating an Azure AD group with dynamic membership
- Hybrid identity - integrating your on-premises directories (Azure AD Connect sync and cloud sync)
- Azure AD Connect sync
- Azure AD Connect cloud sync
- Azure AD Application Proxy
- Azure AD Conditional Access
- Azure AD PIM
- Assigning roles in PIM
- Summary.
- Chapter 3: Using Microsoft Sentinel to Mitigate Lateral Movement Paths
- Understanding the Zero Trust strategy
- Understanding lateral movement
- Leveraging Microsoft Sentinel to improve your security posture
- Collecting data
- Detecting threats
- Investigating anomalies
- Responding to incidents
- Enabling Microsoft Sentinel
- Global prerequisites
- Enabling Microsoft Sentinel using the Bicep language
- Enabling Microsoft Sentinel using the Azure portal
- Setting up data connectors
- Mitigating lateral movements
- An Office 365 impersonation following a suspicious Azure AD sign-in
- Suspicious inbox manipulation rules set following suspicious Azure AD sign-in
- Summary
- Part 2 - Architecting Compute and Network Solutions
- Chapter 4: Understanding Azure Data Solutions
- Technical requirements
- Understanding Azure storage types
- Structured data
- Unstructured data
- Semi-structured data
- Azure storage accounts
- Understanding Azure database options
- Azure SQL
- Azure Cosmos DB
- Creating a Cosmos DB account
- Summary
- Chapter 5: Migrating to the Cloud
- Technical requirements
- Understanding migration options
- Managing servers
- Update management
- VM backups
- Modernizing applications
- Scale sets
- Azure App Service/Web Apps
- Further modernization
- Migrating data
- Summary
- Chapter 6: End-to-End Observability in Your Cloud and Hybrid Environments
- Understanding the importance of a monitoring strategy
- Working on an effective monitoring strategy
- Azure Monitor - a comprehensive solution for observability and efficiency
- Components
- Data sources
- Consumption
- Summary
- Chapter 7: Working with Containers in Azure
- Understanding cloud-native applications
- Understanding the difference between virtual machines and containers
- Terminology
- Azure Container Instances.
- Working with Azure Container Instances
- Creating the Azure Container Registry instance
- Pushing a container image to ACR
- Creating an Azure Container Instance
- Deploying Azure Container Instance for web app
- Creating Azure Container Apps
- Summary
- Further reading
- Chapter 8: Understanding Networking in Azure
- Connectivity in Azure
- Design considerations for VNets
- Exercise 1 - design and implement a virtual network in Azure
- Enabling cross-virtual-network connectivity
- Using service chaining to direct traffic to a gateway
- The hub-spoke network topology in Azure
- Azure virtual NAT
- Hybrid networking
- Azure VPN Gateway
- Site-to-site VPN connections
- Point-to-site VPN connections
- Azure Virtual WAN
- ExpressRoute
- Decision tree on network topology
- Load balancing
- Load balancing non-HTTP(S) traffic
- Load balancing HTTP(S) traffic
- Network security
- Azure DDoS protection
- Azure Firewall
- Exercise 2 - Azure Firewall - implement secure network access using the Bicep language
- Azure WAF
- Summary
- Chapter 9: Securing Access to Your Applications
- Technical requirements
- Designing for security
- Securing traffic
- SQL database firewalls
- Web application VNet integration
- Azure Firewall
- Application Gateway
- Azure Front Door
- What to use and when?
- Configuring network-level security
- Testing and securing the app
- Creating an Azure application gateway
- Securing keys and secrets
- Using managed identities
- Summary
- Part 3 - Making the Most of Infrastructure-as-Code for Azure
- Chapter 10: Governance in Azure - Components and Services
- Planning a comprehensive cloud governance strategy
- Understanding Azure governance
- Azure governance - components and services
- Management groups
- Azure Policy
- Azure Blueprints
- Azure Resource Graph.
- Microsoft Cost Management
- Microsoft Cost Management components
- Summary
- Chapter 11: Building Solutions in Azure Using the Bicep Language
- Unlocking the benefits of IaC with Azure Resource Manager
- Authoring Bicep files
- Bicep file structure
- Working with parameters
- Parameter data types
- Bicep modules
- Previewing Azure deployment changes using what-if
- Summary
- Chapter 12: Using Azure Pipelines to Build Your Infrastructure in Azure
- Understanding the relationship between continuous integration, continuous delivery, and pipelines
- Understanding Azure Pipelines
- Configuring Azure DevOps
- Configuring Azure Repos
- Importing a repository into Azure Repos
- Configuring a build pipeline in Azure DevOps using the Classic Editor
- Configuring a release pipeline in Azure DevOps using the Classic Editor
- Configuring Azure Pipelines with YAML
- Summary
- Chapter 13: Continuous Integration and Deployment in Azure DevOps
- DevOps transformation - achieving reliable and efficient software development through CI and CD practices
- CI in Azure DevOps using the Classic Editor
- CD in Azure DevOps
- CI/CD baseline architecture using Azure Pipelines
- Building a multistage YAML pipeline
- Configuring a new project in Azure DevOps
- Configuring CI/CD pipelines with YAML
- Summary
- Chapter 14: Tips from the Field
- Azure governance
- Azure monitoring
- Identity management and protection
- Azure networking
- Azure containers
- Summary
- Index
- Other Books You May Enjoy.
