Azure Flashcards
(265 cards)
1
Q
What are Azure VM Scale sets?
A
Automatically increase or decrease in response to demand or a defined schedule
2
Q
What is SQL Server Stretch Database ?
A
Dynamically stretch warm and cold transactional data from Microsoft SQL Server 2016 to Microsoft Azure
3
Q
Evolution of Computing
A
Physical Server -> VMs -> Containers -> Functions
4
Q
What is a region ?
A
A region is a grouping of multiple datacenters
Azure has 58 regions across 140 countries
5
Q
What is a geography?
A
A Geography is a discreet market of two or more regions that preserves data residency and compliance boundaries
6
Q
What are paired regions
A
Each region is paired with another region 300 miles away to ensure less downtime, disaster recovery
7
Q
What is Azure GRS ?
A
Azure Geo-redundant Storage(GRS) replicates data to a secondary region automatically, ensuring that data is durable even in the event that the primary region isn’t recoverable
8
Q
Are all cloud services available in every region ?
A
No, Not all cloud services are available in every region.
9
Q
What is Recommended region ?
A
A region that provides the broadest range of service capabilities and is designed to support availability zones now or in the future
10
Q
What is Alternate region ?
A
Alternate (other) region is a region that extends Azure’s footprint within a data residency boundary where a recommended region also exists . Not designed to support AZs
11
Q
What is General Availability?
A
General Availability(GA) is when a service is considered ready to be used publicly by everyone.
12
Q
How the availability of service is categorized in Azure ?
A
Azure categorizes availability into three types : Foundational , Mainstream and Specialized
13
Q
What is Foundational Availability?
A
When GA, immediately or in 12 months in Recommended and Alternate regions
14
Q
What is Mainstream Availability?
A
When GA immediately or in 12 months in Recommended Regions . May become available in Alternate regions based on the customer demand
15
Q
What is Specialized Availability ?
A
Available in Recommended or Alternatre regions based on customer demand
16
Q
What is Availability Zone ?
A
Availability is physical location made up of one or more datacenter
17
Q
What is Fault Domain ?
A
A logical grouping of hardware to avoid a single point of failure within an AZ group of virtual machines that share a common power source and network switch
18
Q
What is Update Domain ?
A
Azure may need to apply updates to the underlying hardware and software. Update domains ensure your resources do not go offline
19
Q
What type of domain is the Availability Zone in?
A
An Availability Zone(AZ) in an Azure region is a combination of a fault domain and an update domain
20
Q
What are different computing services provided in Azure ?
A
Azure provides Azure Virtual Machines, Azure Container Instances, Azure Kubernetes Service, Azure Service Fabric, Azure Functions, Azure Batch
21
Q
What are Azure Virtual Machines?
A
Windows or Linux virtual Machines. The most common type of Compute. You choose your OS, Memory, CPU, and Storage. You share hardware with other customers.
22
Q
What are Azure Container Instances?
A
Docker as a Service - Run containerized apps on Azure without provisioning servers or VMs
23
Q
What is Azure Kubernetes Service(AKS) ?
A
Kubernetes as a Service - Easy to deploy, manage, and scale containerized applications. Uses the Open Source Kubernetes (k8) software
24
Q
What is Azure Service Fabric?
A
Tier 1 Enterprise Containers as a Service
Distributed Systems Platform. Runs in Azure or on-premises.
Easy to package, deploy , and manage scalable and reliable microservices
25
What are Azure Functions ?
Event-driven, serverless compute(functions) run code without provisioning or managing servers. you pay only for the compute time you consume.
26
What is Azure Batch ?
Plans , schedules and executes your batch computer workloads across running 100+ jobs in parallel . Use spot VMS to save money (
previously used low priority VMs to save on compute)
27
What are different Storage Services provided in Azure?
Azure Blob Storage , Azure Disk Storage , Azure File Storage , Azure Queue Storage , Azure Table Storage , Azure Data box / Azure Data box heavy,
Azure archive storage , Azure Data Lake Storage
28
What are deployment slots?
Deployment slots allow the app to run different instances called slots. Slots are different environments exposed via a publicly available endpoint
29
Can we swap instances assigned to a slot on demand?
Yes , we can swap the instances assigned to a slot on demand .
30
What are different developer and Mobile Tools for Azure?
Azure SignalR Service , Azure App Service , Visual Studio , Xamarin
31
What are Azure DevOps services?
Azure Boards , Azure Pipelines , Azure Repos , Azure Test Plans , Azure Artifacts , Azure DevTest Labs
32
What is InfraStructure as Code (IAC)?
The process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
33
What is Azure Resource Manager(ARM)?
Azure Resource Manager (ARM) allows you to programmatically create Azure Resources via JSON template
34
What is Azure QuickStart?
It is a library of pre-made ARM templates provided by the community and partners to help you quickly launch new projects for a variety of stack scenarios
35
What is a Virtual Network (vNet) ?
It is a Logically Isolated section of the Azure Network Where you launch your Azure Resources. You can choose a range of IPs using CIDR Range
36
What is SubNet?
SubNets are a logical partition of an IP Network into multiple smaller network segments. You are breaking up your IP range for VNet into smaller networks
Subnets need to have a smaller CIDR range than Vnet to represent their portion.
37
What is public subNet?
Subnet that can reach the internet
38
What is private subnet?
Subnet that cannot reach the internet
39
What are different Cloud - Native Networking Services?
Azure DNS, Azure Virtual Network, Azure Load Balancer, Azure Application Gateway, Network Security Groups
40
What is Azure DNS ?
provides ultra-fast DNS responses and ultra-high domain availability
41
What is Azure Virtual Network ?
A logical isolated section of the Azure Network for customers to launch Azure resources within
42
What is Azure Load Balancer ?
OSI Level 4 (Transport) Load Balancer
43
What is Azure Application Gateway ?
OSI Level 7 (HTTP) Load Balancer , can apply a web application Firewall
44
What are Network Security Groups?
A virtual firewall at the Subnet level
45
What is Azure Front Door ?
Scalable and Entry point of your global applications
46
What are different enterprise/hybrid networking services ?
Azure Front Door, Azure Express Route, Virtual WAN, Azure Connection, Virtual Network Gateway
47
What is Azure Express Route?
A connection between on premise to cloud from 50 Mbps to 10 Gbps
48
What is Virtual WAN ?
A Networking interface that brings many networking , security and routing functionalities together to provide a single operational interface
49
What is Azure Connection ?
A VPN Connection securely connects two azure local network via (IPsec)
50
What is Virtual Network Gateway?
A site-to-site VPN connection between an Azure virtual network and your local network
51
What is Azure Traffic Manager ?
It operates at the DNS layer to quickly and efficiently direct incoming DNS requests based on the routing method of your choice
52
What is Azure DNS ?
Azure DNS allows you to host your domains on Azure. You can create DNS zones and manage your DNS records
53
Will Azure DNS allow you to purchase domains?
No, it doesn't allow to purchase domains, it provides only the ability to manage the domains
54
Describe Azure Load Balancer?
It is used for evenly distributing incoming network traffic across a group of backend servers or resources.
55
What is public load balancer?
to load balance the incoming traffic coming from the internet to public-facing servers
56
What is internal or private load balancer?
to load balance the incoming internal network traffic to private facing servers
57
What are Scale Sets ?
This allows you to group identical virtual machines (vms) and automatically increase or decrease the amount of servers based on
Change in CPU, memory, disk, and network performance or on a predefined schedule
58
What is Internet of Things?
A network of internet-connected objects able to collect and exchange data
59
What is IoT Central ?
Connects your IoT devices to the Cloud
60
What is IoT Hub?
Enable highly secure and reliable communication between your IoT application and the devices it manage
61
What is IoT Edge?
A fully managed service built on Azure IoT Hub .
62
What is BigData ?
A term used to describe massive volumes of structured/unstructured data that is so large it is difficult to move and process using traditional database and software techniques
63
What is Azure Synapse Analytics?
Enterprise data warehousing and Big Data Analytics
Intended to run SQL queries against large databases for things such as reporting
64
What is HDInsight ?
Run open-source analytics software such as hadoop , Kafka and Spark
65
Why use slots?
Different environments for different purposes, Prewarming, easy fallbacks, and minimizing restarts.
66
Does Azure App Service provide built-in authentication and authorization support?
Yes it provides out-of-box authentication , you can sign in users and access data by writing minimal, or no code in your web app, RESTful API, mobile backend, and Azure Functions
67
What is Artificial Intelligence ?
Machines that perform jobs that mimic human behaviour
68
What is Machine Learning?
Machines that get better at a task without explicit programming
69
What is deep learning?
Machines that have artificial neural network inspired by human brain to solve human problems
70
What is personalizer?
Deliver rich, personalized experiences for every user
71
What is Translator?
Add real-time, multi-language text translation to your apps , website and tools
72
What is Anomaly detector?
Detect anomalies in data to quickly identify and troubleshoot issues
73
What is Azure bot service?
Intelligent , serverless bot service that scales on demand
74
What is a Form recogniser ?
Automate the extraction of text, key-value pairs, and tables from your documents
75
What is computer vision?
Easily customize computer vision models for your unique use case
76
What is Language Understanding?
Build natural language understanding into apps, bots and IoT devices
77
What is QnA maker?
Create a conversational question and answer bot from your existing content
78
What is Text Analytics?
Extract information such as sentiment, key phrases, named entities and language from your text
79
What is Content Moderator?
Moderate text and images to provide a safer, more positive user experience
80
What is Face?
Detect and Identify people and emotions in images
81
What is Ink recogniser?
Recognize digital ink content, such as handwriting, shapes and document layout
82
What is Serverless?
When the underlying servers, infrastructure, and OS is taken care of by the cloud Service Provider(CSP) It will generally be highly available, scalable and cost-effective
83
What are features of Serverless?[
Event-Driven Scale, Abstraction of Servers, Micro-billing
84
What is Event-Driven Scale ?
A serverless function can be triggered or trigger other events allowing you to compose complex applications and it just scales
85
What is the abstraction of servers?
Servers are abstracted away. Your code is described as functions . These functions can be running on different compute instances
86
What is Micro-billing?
Serverless compute could run for a fraction of a second
Billing into micro seconds will save money
87
What are Azure Functions?
Run small amounts of code known as serverless functions in your favourite language : c# , java , python , javascript , powershell
88
What is blob storage?
Serverless Object Storage . Just Upload files , don't think the underlying systems , resizing
89
What are logic apps?
Allows you to build workflows composed of Azure functions. Building a state machines for serverless compute
90
What is Event Grid?
Uses pub/sub messaging system to allow you react to events and trigger other cloud services such as Azure Functions
91
What is Azure Portal?
It is a web-based, unified console that provides an alternative to command-line tools. You can manage your Azure subscription with the Azure portal. Build, manage, and monitor everything from simple web apps to complex cloud deployments.
92
What is powershell?
Powershell is a task automation and configuration management framework. It is a command-line shell and a scripting language.
93
What does Powershell accept and return?
Unlike most shells, which accept and return text, Powershell is built on top of the .NET Common Language Runtime(CLR) and accepts and returns.NET Objects
94
What is Azure Poweshell?
A set of cmdlets for managing azure resources directly from the Powershell command line
95
What is Azure Cloud Shell?
Azure shell is an interactive , authenticated , browser-accessible shell for managing azure resources
It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or Powershell
96
What is a CLI?
A command Line Interface (CLI) processes commands to a computer program in the form of lines of text . Operating Systems implement a command line interface in a shell or terminal
97
What is Azure Trust Center?
A public-facing website portal providing easy access to privacy, security, and regulatory compliance information
98
What is Azure Active Directory?
Azure Active Directory(Azure AD) is Microsoft's cloud-based identity access and management service, which helps your employees sign in and access resources
99
What is Azure Security Center?
It is a Unified infrastructure security management system. It strengthens the security posture of your data centers and provides advanced threat protection across your hybrid workloads in the cloud
100
What is Key Vault?
It helps you safeguard cryptographic keys and other secrets used by cloud apps and services
101
What are features of Key Vault?
Secret Management, Key Management, Certificate Management, Hardware Security Module
102
What is secret management?
store and tightly control access to tokens, passwords , certificates , API keys , and other secrets
103
What is Key management?
create and control the encryption keys to encrypt your data
104
What is Certificate Management?
easily provision , manage and deploy public and private SSL certificated for use with Azure and internal connected resources
105
What is hardware Security Module?
secrets and keys can be protected either by software or FIPS 140-2 Level 2 validated HSMs
106
What is HSM(Hardware Security Module)?
It is a piece of hardware designed to store encryption keys
107
Is HSM Multi-tenant or Single-tenant?
HSM can be either Multi-tenant (Multiple customers virtually isolated on an HSM) or single tenant (single customer on a dedicated HSM)
108
What is DDos(Distributed denial of Service ) Attack?
A malicious attempt to disrupt normal traffic by flooding a website with large amounts of fake traffic.
109
What is Azure Firewall ?
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources
110
What are Azure Firewall Features?
Centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks
111
What is Azure Information Protection?
Protects sensitive information such as emails and documents with encryption, restricted access and rights, and integrated security in office apps
112
What is Application Gateway?
Application Gateway is a web traffic load balancer(Layer 7 HTTP) that re-routes traffic based on a set of rules. A web Application Firewall (WAF) can be attached for additional protection on OSI layer 7
113
What is IDS/IPS?
Intrusion Detection System or Intrusion Protection System
A device or software application that monitors a network or a system for malicious activity or policy violations
114
What is Azure Advanced Threat Protection?
It is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
115
What is Microsoft Security Development Lifecycle?
MSDL is an industry-leading software security assurance process. Building security into each SDL phase of the development lifecycle helps you catch issues early, and it helps you reduce your development costs
116
What is Azure Policy ?
Azure Policy is a service you can use to create, assign, and manage policies. A policy allows you to enforce or control the properties of a resource.
Azure Policy evaluates resources in Azure by comparing the properties of those resources to business rules. These business rules, described in JSON format, are known as Policy definitions.
117
What is Azure role-based access control?
It helps you manage who has access to Azure resources , what they can do with those resources , and what areas they have access to
118
What is Azure role assignment?
Role assignments the way you control the access to resources
119
What does the role assignment consist of?
A role assignment consist of security principal, role definition, and scope
120
What is a Security Principal?
A Security Principal represents the identities requesting access to Azure resources such as
User: An individual who has a profile in the Azure Active directory
Group: A set of users created in Azure Active directory
Service Principal: A security identity used by applications or services to access specific Azure resources
Managed Identity: An Identity in Azure Active Directory that is automatically managed by Azure
121
What is Scope?
The scope is the set of resources that access for the role assignment applies to. Scope Access Control at the management, Subscription, or Resource Group level
122
What is role definition?
A role definition is a collection of permissions. A role definition lists the operations that can be performed, such as read, write, and delete.
Roles can be high-level, like an owner, or specific, like virtual machine reader.
Azure has built in roles. you can define custom roles
123
What is Lock resources?
As an admin, you need to lock a subscription, resource group, or resource to prevent other users from accidentally deleting or modifying critical resources.
Azure allows to delete, read-only
124
What is Azure Management groups?
Managing multiple subscriptions(accounts)into a hierarchal structure
125
What is Azure monitor?
Azure Monitor is a comprehensive solution for collecting , analyzing, and acting on telemetry from your cloud and on-premises environment
126
What is Azure service Health?
Information about current and upcoming issues such as service impacting events , planned maintenance, and other changes that may affect your availability
127
What is azure status ?
informs you of service outages in Azure
128
What is azure service health?
a personalized view of the health of Azure services and regions you're using
129
What is azure resource health?
information about the health of your individual cloud resources
130
What is azure advisor ?
It is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments
131
What recommendations does Azure Advisor provide?
High Availability, Security, Performance , Cost, Operational Excellence
132
What is SLA for Azure?
SLA describes Azure's commitments for uptime and connectivity
133
Will Azure provide SLAs for free and shared service?
No, Azure does not provide them
134
What is a composite SLA?
Different services have different SLAs
Composite SLA is when you combine SLAs across different service offerings
135
How to improve the overall SLA ?
By using fallback systems like queue to record transactions and process them later when the service is available will help
136
What is TCO calculator?
Estimate the cost savings you can realize by migrating your workloads to Azure
generate a detail report and export as a PDF to send to decision makers
137
138
What is Azure App Service Autoscaling ?
Scaling in and out - increase or decrease no of web servers
Based on load is called Auto scaling as opposed to scaling up and down - increasing memory,cpu power or storage capacity
139
When will autoscaling help?
Autoscaling helps when number of requests increase not when resource intense tasks increase
140
What are the possible autoscale conditions?
Scale based on a metric such as length of disk queue or the number of HTTP requests awaiting processing or according to a schedule
141
How autoscale action works?
Autoscale runs only if all scale-in rules are met or if any of scale-out rules are met
142
How do you enable autoscale in App service?
By default, an app service plan implements manual scaling. Selecting custom autoscale reveals condition groups yoy can use to kanage your scale settings
143
What is Azure API Management Service?
Azure API management instance acts as an API Gateway . It is positioned between your APIs and Internet
144
What are the features of API Management?
API Documentation, Rate Limiting Access, Health Monitoring, Modern formats like JSON, Connections to any API, Analytics, Security, Pricing tiers - that provide different capabilities
145
What are different types of APIs
HTTP , WebSocket, GraphQL
146
What are different definitions of APIs
OpenAPI, WADL, WSDL
147
What is openAPI Specification?
It documents all endpoints and operations for RESTful APIs, and all input and output parameters. Open API was originally called swagger
148
What are some backend Azure resources ?
Logic App, App service, Function App, Container App
149
What is the best way to configure multiple apis at a time?
Tools like azure cli , azure resource manager or bicep templates or azure powershell can be used
150
What are policies in API management?
Policies provide powerful capabilities to change the behavior of an API through configuration. They exist as a collection of statements that are executed sequentially on the request or response of an API
151
What is Product?
A product is a collection of APIs. You can assign APIs to more than one product. You assign policies so that your products can have different access rules, usage quotas, and terms of use.
152
How azure cdn works?
When user requests a file with specific endpoint, the DNS routes to best performing POP location.If no edge servers in POP has that file , then POP requests file from origin server and caches till TTL sent in the headers from origin server
153
What is point of presence?
POP is point of presence . It has edge servers that cache the response from origin servers and provide the response back to users
154
What is CDN profile?
A CDN profile is a collection of CDN endpoints. Every endpoint represents a specific configuration of content deliver behavior and access.
155
What is Ignore query string caching?
Default option . A CDN POP simply passes thr request and any query strings directly to the origin server on the first request and caches the asset. New requests for the same asset ignores any query strings until the TTL expires
156
What is bypass caching for query strings?
Ecah query request from the client is passed directly to the origin server with no caching
157
What is cache every unique URL?
Every time a requesting client generates a unique URL, that URL is passed back to the origin server and the response cached with its own TTL . This is inefficient where each request is a unique URL, as the cache-hit ratio becomes low
158
Is there any limit on CDN profiles that can be created?
Yes , the number of CDN profiles that can be created is limited by the type of Azure subscription.
159
What is service bus queue?
It is designed to integrate applications or application components that may span multiple communication protocols, data contracts, trust domains or network environments
160
What is service bus queue?
It is designed to integrate applications or application components that may span multiple communication protocols, data contracts, trust domains or network environments
161
What is a storage queue?
Storage queue allows you to store millions of messages upto the total capacity limit of storage account. Queues are commonly used to create a backlog of work to process asynchronously
162
What is Azure Service Bus?
It is a message broker service hosted on azure platform . It provides functionality to publish messages to various applications and also decouple the applications. It offered a a secure platform for asynchronous transfer of data and state
163
How azure service bus queue works?
In queue, there is 1:1 relationship between sender and receiver. Messages are present in the queue until receiver process and completes the messages. Queue contains secondary sub-queue, called a DLQ automatically gets created . Wheb messages are not delivered to receiver or cannot be processed by receiver , such messages are pushed ti DLQ
164
What is configureAwait?
Is used on any Task or Task<> object to configure how the await behaves when awaiting the task. It takes bool parameter called continueOnCapturedContext, which determines whether the continuation after the await should run on the same context as the one started the task
165
What is configureAwait?
Is used on any Task or Task<> object to configure how the await behaves when awaiting the task. It takes bool parameter called continueOnCapturedContext, which determines whether the continuation after the await should run on the same context as the one started the task
166
How topics & subscriptions are different from queue?
Queue allows processing of a message by a single consumer. Whereas topics&subscriptions provide a one-to-many form of communication in a publish and subscribe pattern
167
How topics and subscriptions work?
Publishers send messages to a topic and consumers receive messages from subscriptions of the topic
168
What is messaging unit ?
Service Bus premium messaginv provides resource isolation at CPU and memory level so that each customer workload runs in isolation called messaging unit. Each premium namespace is allocated atleast one messaging unit
169
How scaling can be categorized?
Preemptive- if additional workload is expected due to seasonability ot trends , you can proceed to allocate more messaging units to the namespace before the workloads hit
Reactive - if additional workloads are identified by studying the resource usage metrics then additional resources can be allocated
170
What is Full Duplex vs half duplex communication?
Full duplex - Both send and receive messages simultaneously , Half duplex - either send or receive
171
What is Azure Queue Storage?
It is a service for storing large numbers of messages. You can access messages from anywhere in the world via authenticated calls using HTTP or HTTPS. Queues are commonly used yo create a backlog of work to process asynchronously
172
What is Azure Queue Storage?
It is a service for storing large numbers of messages. You can access messages from anywhere in the world via authenticated calls using HTTP or HTTPS. Queues are commonly used yo create a backlog of work to process asynchronously
173
What does azure queue setvice contains?
Storage Account + Queue
174
Can you changes the contents of a message inplace in a queue?
Yes . If the message represents a work task, you could use this feature to update the status of the work task
175
What are managed identities?
A common challenge for developers is the management of secrets, credentials, certificates, and keys used to secure communication between services. Managed identities eliminate the need for developers to manage these credentials
176
How do services access azure key vault?
Managed Identities provide an automatically managed identity in Microsoft entra ID for services to use when connecting to resources that support Microsoft Entra authentication. Applications or srvicrs can use managed identities to obtain entra tokens without having to manage any credentials
177
What are types of managed identities in Azure?
System-assigned managed identities and user-assigned managed identities
178
What are types of managed identities in Azure?
System-assigned managed identities and user-assigned managed identities
179
What is a system-assigned managed identity?
It is directly tied to azure service instance. After the identity is created, the credentials are provisioned onto the instance
180
What is user assigned managed identity?
It is a standalone azure resource. After the identity is created, it can be assigned to one or more azure service instances. The lifecycle of a user-assigned identity us managed seperately from lifecycle of the azure service instance to which it is assigned
181
What are managed identites internally?
Internally, managed identities are service principals of a special type, which are locked to only be used with azure resources. When managed identity is deleted, corresponding service principal is automatically removed
182
Give an example for When to use managed identities?
If you want to build an app using azure app services that accesses azure storage without having to manage any credentials
183
What is Azure Active Directory?
It is a cloud-based identity and access management service
184
What is Azure AD Tenant?
Azure AD Tenant is a dedicated and trusted instance of Azure Active Directory that includes your users, groups and applications
185
What is Azure subscription?
It is associated to an azure offer , will contain your payment information, scale limits, any policirs abd will be the container for your azure resources
186
What is the relationship between azure active directory instance and azure subscriptions?
An azure active directory instance(Azure AD Tenant) can have multiple subscriptions depend on it for authenticate and authorize users , groups, applications. Whereas subscription can trust only on Azure AD Tenant
187
How an app in one Azure AD gets into othet Azure AD?
A service principal object is created within the target AD referencing the original app in source AD
188
What happens when you assign a user managed identity to a resource?
The resource gets all the access tied to the resources of that user managed identity
189
Is managed identity tied to an application?
Managed identity is tied to resource and application running on resource will be authenticated based on the identity created for that resource from Azure AD and receive token
190
Is managed identity tied to an application?
Managed identity is tied to resource and application running on resource will be authenticated based on the identity created for that resource
191
How managed identity works?
The application makes token request for managed identity endpoint , MI endpoint makes request with the client credentials stored in it to Azure AD. From there , token is sent to the application. Now, this application can make call to other application using token
192
What services are supported by Managed Identities with Azure AD?
Virtual Machines , App service, API Management, Container Instances, Container Registery Tasks, Event Hubs, Functions, Kubernetes Service, Logic Apps, Service Bus, Data Factory
193
How managed identity works?
The managed identity created for resource needs to be registered with the target in some shape or form
194
What is Azure App Configuration ?
It provides a service to centrally manage application settings and feature flags. Use App Configuration to store all the settings for your application and secure their accesses in one place
195
How app configuration is different from Azure Key Vault?
App configuration complements Azure Key Vault by centralize management and distribution of hierarchical configuration data for different environments and geographies, dynamically change application settings without the need to redloy or restart an app
196
How to add App configuration store to your application?
The easiest way is to add a client library to your code and configure the credentials
197
How does App configuration stores configuration data?
It stores data as key-value pairs.
198
What are label keys in Azure App Configuration?
Key values in App Configuration can optionally have a label attribute. Labels are used to differentiate key values with the same key. A key with different labels are treated as
Same key. A common use of labels is to specift environments like , appname:dbendpoint&label = Test , appname:dbendpoint&label = Staging
199
Are keys , values encrypted at rest ?
Yes keys and values are encrypted at rest and in transit
200
What is feature management?
It is modern software-development practice that decouples feature release from code deployment and enables quick changes to feature availability on demand. It uses a technique called feature flags
201
What are feature flag?
Feature flag is a variable with a binary state of on or off . It also had an associated code block. The state of feature flag triggers whether the code block runs or not
202
What is a feature manager?
A feature manager is ab application package that handles the lifecycle of all the feature flags in an application. It provides extra functionality, such as caching feature flags and updating their states
203
What is a filter in feature management?
A filter is a rule for evaluating the state of a feature flag. A user group, a device or browser type, a geographic location, and a time window are all examples of what a filter can represent
204
What does feature flag contain?
Each feature flag has name and a list of one or more filters that are used to evaluate if a feature’s state is on
205
Why do you need app configuration?
An application configuration settings should be kept external to its executable and read in from its runtime environment or an external source
206
What is Microsoft Authentication Library?
It enables developers to acquire tokens from the microsoft identity platform inorder to authenticate users snd access secured web apis
207
MSAL can be used to provide secure access to ms graph, own apis etc .within
208
How to get token from client application
First the client application needs to be initialized to get token from it using msal library
209
What is azure app configuration?
A service for centratization of app configuration and feature management
210
What is access management?
Process of controlling, verifying, tracking and managing access to authorized users and applications
211
What is access management?
Process of controlling, verifying, tracking and managing access to authorized users and applications
212
How access management works in azure?
If a user tries to perform an action on an azure resource , the role assignments against resource and user are checked for privileges and based on that access is given to the user
213
What is active directory domain services?
214
What is azure active directory?
215
What is azure active directory?
216
What is Azure Active Directory Domain Services?
217
What is role?
Role(role definition) is a collection of actions that the assigned identity will be able to perform
218
What are security principals?
Objects in the azure active directory that represent user, group of users , service principals, managed identity . Roles can be assigned to all of these security principals
219
What is security principal?
Security Principal is an Azure object(identity) that can be assigned to a role(ex. Users, Groups or Applications)
220
What is subscription?
It is a top level billing object
221
What is a management group?
It is a group of subscription or management groups
222
What is subscription made up of?
It is made up of resource groups
223
What is a scope?
A scope is one or more azure resource that access applies to
224
What is a Role assignment?
It is a combination of role definition, security principal and scope
225
What is Online Analytical Processing(OLAP) vs Online Transaction Processing (OLTP) ?
These are two different data processing systems designed for different purposes. OLAP is optimized for complex data analysis and reporting, while OLTP is optimized for transactional processing and real-time updates
226
What is blob storage?
Blob storage us optimized for storing massive amounts of unstructured data. Unstructured data is data that doesn’t adhere ti a particular data model or definition, such as text or binary data
227
What is blob storage designed for?
Serving images or documents directly to a browser, storing files , streaming video or audio, writing to log files etc
228
How objects in azure blob storage can be accessed?
Objects are available via Azure Storage REST API, Azure PowerShell, Azure CLI, or an Azure Storage Client Library
229
What are azure blob storage resource types?
Blob storage offers 3 types of resources
The storage account
A container in the storage account
A blob in a container
230
What is a storage account?
A storage account provides a unique namespace in Azure for your data. Every object that you store in Azure storage has an address that includes your unique account name
231
What is a container?
A container organizes a set of blobs, similar to a directory in a file system. A storage container can include an unlimited number of containers, and a container can store an unlimited number of blobs
232
What types of blobs are supported by Azure storage?
Azure storage supports 3 types of blobs
Block blobs - store text and binary data
Append blobs - are made up of block blobs but optimized for append operations like logging data
Page blobs - store random access files upto 8TB. Page blobs store Virtual hard drive (VHD) fules and serve ad disks fir Azure virtual machines
233
What is change feed in Azure Cosmos DB?
It is a persistent record of changes to a container in the order they occur. These changes can be processed asynchronously and incrementally, and the output can be distributed across one or more consumers for parallel processing
234
How change feed for a container can br processed?
It is available for partition key ranged of an Azure Cosmos DB Container. This allows it to be distributed across one or more consumers for parallel processing
235
What is the guarantee of change feed order?
Items come in the order of their modification time. This sort order is guaranteed per partition key and there’s no guaranteed order across the partition key values
236
How does the change feed in multi-region Azure Cosmos DB accounts?
In a multi-region Azure cosmos DB account, changes in one region are available in all regions. There is no guarantee of when changes will be available. Incoming changes to the same document may be dropped in latest version mode if there was a more recent change in another region, all changes will be captured in all versions and deletes mode
237
What are the change feed modes available?
Latest version mode and all versions and deletes mode
238
Is it possible to have different change modes across multiple applications for the same Azure cosmos DB container?
Yes , change feed can be consumed in different modes for multiple applications for the same azure cosmos db container
239
What is latest version mode?
In Latest version change feed mode, you see the latest change from an insert or update for all items in the feed, and the feed is available for the life of rhe container
240
Can we determine the change type for latest version change feed mode?
No , there is no indication whether a given change is from an insert or an update operation, and deleted aren’t captured. Changes can be read from any point in time as far back as the origin of your container. However, if an item is deleted it’s removed from the change feed
241
What is All versions and deletes mode?
All versions and deletes mode allows you to see all changes to items from created, updated and deletes.
242
What is Azure Event Grid?
It is a highly scalable, fully managed pub sub message distribution service that offers flexible message consumption patterns using HTTP and MQTT protocols.
243
What does Azure Event Grid do?
Using this, we can build data pipelines with device data, integrate applications, and build event-driven serverless architecturrs
244
What delivery does event grid support?
It can be configured to send events to subscribers(push delivery) or subscribers can connect to Event Grid to read events(pull delivery)
245
What delivery does event grid support?
It can be configured to send events to subscribers(push delivery) or subscribers can connect to Event Grid to read events(pull delivery)
246
What is a publisher?
An application that sends events to Event Grid. It can be the same application where the events originated, the event source.
247
What services can publish events to event grid?
Azure services publish events to event grid to anouncr an occurrence in their service. You can publish events from your own application hosted in or outside azure
248
What is a partner?
It is a kind of publisher that sends event from its system to make them available to Azure customers. Partners not only can publish events but can also receive events
249
What is an event?
An event is the smallest amount of information that fully describes something that happened in a system in a JSON format having source, time, type etc properties
250
What is an event source?
An event source is where the event happens. Each event source is related to one or more event types
251
What are topics?
A topic holds events that have been published to Event Grid. A topic is used for a collection of related events
252
What are system topics?
These are built in topics provided by azure services. Publisher owns the topics
253
What are custom topics?
These are application and third-party topics. You can see them in your subscription
254
What are custom topics?
These are application and third-party topics. You can see them in your subscription
255
What are partner topics?
These are used to subscribe to events published by a partner.
256
What are partner topics?
These are used to subscribe to events published by a partner.
257
What are event subscriptions?
A subscription tells Event Grid which events on a topic you’re interested in receiving. When creating the subscription, you provide an endpoint for handling the event
258
What are event handlers?
From an event grid perspective, an event handler is the place where the event is sent. The handler takes some further action to process the event
259
What are handler types supported in Event Grid?
Azure service or custom webhook can be used as handlers. Depending on the type of handler, event grid follows different mechanisms to guarantee the delivery of the event
260
What security is provided by Event Grid?
It provides security for subscribing to topics and when publishing events to topics. When subscribing, you must have adequate permissions on event grid topic.
261
Will Event grid provide durable delivery?
Yes, it tries to deliver each event at least once for each matching subscription immediately. If a subscriber’s endpoint doesn’t respond, event grid retries delivery based in fixed retry schedule and retry policy
262
Will event grid retry for every error for an event delivery attempt?
No, if the error returned by the subscribed endpoint is a configuration-related error that can’t be fixed with retries, event grid will either perform dead-lettering on the event or drop the event if dead-letter isn’t configured
263
How retry policy works?
Retry policy can be customized when creating an event subscription by using Maximum number of attempts - 1 to 30 , Event time-to-live(TTL) - 1 to 1440
264
Does Event grid use Azure Role-Based Access Control?
Yes , azure allows to control the level of access given to different users to do management operations such as post event subscriptions, create nee ones, and generate keys
265
Can we receive events by using webhooks?
Webhooks are one of the many ways to receive events from Azure Event Grid. When a new event is ready, event grid service POSTs an HTTP request to the configured endpoint with yhe event in the request body
