AZ-400 Chapter 11 - 14 Flashcards
Storing secrets in service connections
like for git or jenkins
will have a token or password
OWASP
Security vulnerabilities
Test them with OWASP ZAP - does a baseline scan or a full active scan (can install on VM or container)
It’s a passive pen test
Azure Policy
use this to configure and enforce business rules
protects settings changes
can provide audit results
Defender for Cloud
closes server vulnerabilities
continually assess/hardens security
Monitor apps (mobile and desktop)
Mobile - use App Center. have to install crashes NuGet package in the app you deployed
Desktop - use Raygun, have to install it in the app via NuGet
Monitor Web Apps
structured logging - parameterized text
Application Insights - logs and metrics in this, lets you see availability
Metrics are stored for 93 days, metrics include requests/min, transactions/minute, error rate
Live Site Review
review an alert event
talk about what happened, what worked, what to improve, was the alert adequate
What is direct feedback?
In-product: non-intrusive, users do it inside the app. Anonymous
Public roadmap: share the backlog and get requests
Focus groups: time intensive
What is indirect feedback?
Gathering metrics
Sentiment analysis (twitter)
hypothesis development - test to see what users like
What KPI metrics can show DevOps success?
lead time
deployment freq
change failure rate
What is value stream mapping?
Keeping a lean process by eliminating waste
1 - get a baseline
2 - target a future state
3 - gains are analyzed
watch Lead Time and Process Time
Keys for data driven Devops
measure what matters
report against benchmarks
automate
develop insights
What are the 2 kinds of feedback loops?
Reinforcing - when one thing increases, so does another
Stabalizing - when one thing increases, another decreases. Eventually they come into balance
Application Insights
houses logs and metrics
can determine availability
use release annotations to see build data here
can implement tests in VS for this to trigger (called multi-step tests)
need an instrumentation key for this to reference App Insights
Can have KQL queries for searching logs (render will make bar chart)
Azure Monitor
can be added to the pipeline to check for active alerts