Interested in a private company training? Request it here.
Setting up your infrastructure in Azure can be very complex. The platform offers hundreds of services and you need to decide which ones are useful and how to implement them in the best possible way for your organization. A number of factors will drive your decision: cost, manageability, performance, security, scalability.
As a company you will probably end up with multiple subscriptions and lots of resources. Structuring these Azure resources will be key to stay on top of it all.
Azure resources can be deployed with lots of different methods: the Azure portal, scripts (PowerShell, Azure CLI), declarative methods (ARM templates, Terraform, Bicep). Choosing the right method for your organization can reduce the cost of managing and creating your infrastructure components.
Hosting applications in the cloud can be done using various different compute options. Choosing the right solution in terms of cost, availability, ease of management is essential to provide a stable environment for your users.
Designing a network in the cloud is very similar to implementing your on-prem network. The same choices need to be made, the same services need to be provisioned.
To allow for easy communication between various application components both in the cloud and on-premisses, you need to design a name resolution strategy.
Protecting your applications against a failure is an important part of your infrastructure setup. Azure provides different services to help you accomplish this goal. The choice you make will have a significant impact on the price of the solution and the recovery time of your application.
By design, PaaS solutions have a public endpoint which makes them accessible over the Internet. This is not always the best implementation from security point of vue. Most PaaS services can be integrated with a VNet to limit public access.
To control access to the services in the Azure cloud, you need to carefully design an authorization strategy. Decide which resources users and services can access by implementing an RBAC mechanism. Consider where you are going to store your sensitive data and protect it accordingly.
Azure AD is the center of everything that is related to authentication and authorization in the cloud. Azure AD supports various authentication mechanisms and protection services that can help you secure your identities better and protect against possible identity theft. Instead of this centralized system, Microsoft also supports decentralized identities with Verified IDs.
Many companies host resources in the Azure cloud platform. But making design and architectural decisions is not always an easy task. There are many roads that lead to a similar solution. So the key is to find the best option for the job in terms of cost, manageability, high availability, security, ... In this course we will investigate various Azure services, compare them and debate about the best service for a given project. This course focuses on architecture and design, not on the technical implementation of Azure resources.
This course is intended for IT professionals who need to design an infrastructure architecture in Azure. Participants should have experience in Azure and understand the services and solutions offered by the platform.