This course teaches IT Professionals how to manage their Azure subscriptions, secure identities, administer the infrastructure, configure virtual networking, connect Azure and on-premises sites, manage network traffic, implement storage solutions, create and scale virtual machines, implement web apps and containers, back up and share data, and monitor your solution.
Course Outline
Lesson 1: Prerequisites for Azure administrators
- Introduction to Azure Cloud Shell:
- What is Azure Cloud Shell?
- How does Azure Cloud Shell work?
- When should you use Azure Cloud Shell?
- Introduction to Bash:
- What is Bash?
- Bash fundamentals
- Bash commands and operators
- Exercise – Try Bash
- Exercise – Terminate a misbehaving process
- Exercise – Use Bash and grep to filter CLI output
- Introduction to PowerShell:
- What is PowerShell?
- Exercise – Run your first PowerShell commands
- Locate commands
- Exercise – Locate commands
Lesson 2: Manage identities and governance in Azure
- Understand Microsoft Entra ID:
- Examine Microsoft Entra ID
- Compare Microsoft Entra ID and Active Directory Domain Services
- Examine Microsoft Entra ID as a directory service for cloud apps
- Compare Microsoft Entra ID P1 and P2 plans
- Examine Microsoft Entra Domain Services
- Configure user and group accounts:
- Create user accounts
- Manage user accounts
- Create bulk user accounts
- Create group accounts
- Create administrative units
- Configure subscriptions:
- Identify Azure regions
- Implement Azure subscriptions
- Obtain an Azure subscription
- Identify Azure subscription usage
- Implement Microsoft Cost Management
- Apply resource tagging
- Apply cost savings
- Configure Azure Policy:
- Create management groups
- Implement Azure policies
- Create Azure policies
- Create policy definitions
- Create an initiative definition
- Scope the initiative definition
- Determine compliance
- Interactive lab simulation
- Manage users and groups in Microsoft Entra ID:
- What is Microsoft Entra ID?
- Create and manage users
- Create and manage groups
- Use roles to control resource access
- Connect Active Directory to Microsoft Entra ID with Microsoft Entra Connect
- Secure your Azure resources with Azure role-based access control (Azure RBAC):
- What is Azure RBAC?
- Knowledge check – What is Azure RBAC?
- Exercise – List access using Azure RBAC and the Azure portal
- Exercise – Grant access using Azure RBAC and the Azure portal
- Exercise – View activity logs for Azure RBAC changes
- Allow users to reset their password with Microsoft Entra self-service password reset:
- What is self-service password reset in Microsoft Entra ID?
- Implement Microsoft Entra self-service password reset
- Exercise – Set up self-service password reset
- Exercise – Customize directory branding
Lesson 3: Configure and manage virtual networks for Azure administrators
- Configure virtual networks:
- Plan virtual networks
- Create subnets
- Create virtual networks
- Plan IP addressing
- Create public IP addressing
- Associate public IP addresses
- Allocate or assign private IP addresses
- Interactive lab simulation
- Configure network security groups:
- Implement network security groups
- Determine network security group rules
- Determine network security group effective rules
- Create network security group rules
- Implement application security groups
- Interactive lab simulation
- Configure Azure Virtual Network peering:
- Determine Azure Virtual Network peering uses
- Determine gateway transit and connectivity
- Create virtual network peering
- Extend peering with user-defined routes and service chaining
- Interactive lab simulation
- Configure Azure Load Balancer:
- Determine Azure Load Balancer uses
- Implement a public load balancer
- Implement an internal load balancer
- Determine load balancer SKUs
- Create back-end pools
- Create health probes
- Create load balancer rules
- Interactive lab simulation
- Configure Azure Application Gateway:
- Implement Azure Application Gateway
- Determine Azure Application Gateway routing
- Configure Azure Application Gateway components
- Design an IP addressing schema for your Azure deployment:
- Network IP addressing and integration
- Public and private IP addressing in Azure
- Plan IP addressing for your networks
- Exercise – Design and implement IP addressing for Azure virtual networks
- Distribute your services across Azure virtual networks and integrate them by using virtual network peering:
- Connect services by using virtual network peering
- Exercise – Prepare virtual networks for peering by using Azure CLI commands
- Exercise – Configure virtual network peering connections by using Azure CLI commands
- Exercise – Verify virtual network peering by using SSH between Azure virtual machines
- Host your domain on Azure DNS:
- What is Azure DNS?
- Configure Azure DNS to host your domain
- Exercise – Create a DNS zone and an A record by using Azure DNS
- Dynamically resolve resource name by using alias record
- Exercise – Create alias records for Azure DNS
- Manage and control traffic flow in your Azure deployment with routes:
- Identify routing capabilities of an Azure virtual network
- Exercise – Create custom routes
- What is an NVA?
- Exercise – Create an NVA and virtual machines
- Exercise – Route traffic through the NVA
- Improve application scalability and resiliency by using Azure Load Balancer:
- Azure Load Balancer features and capabilities
- Configure a public load balancer
- Exercise – Configure a public load balancer
- Internal load balancer
Lesson 4: Implement and manage storage in Azure
- Configure storage accounts:
- Implement Azure Storage
- Explore Azure Storage services
- Determine storage account types
- Determine replication strategies
- Access storage
- Secure storage endpoints
- Configure Azure Blob Storage:
- Implement Azure Blob Storage
- Create blob containers
- Assign blob access tiers
- Add blob lifecycle management rules
- Determine blob object replication
- Upload blobs
- Determine Blob Storage pricing
- Interactive lab simulation
- Configure Azure Storage security:
- Review Azure Storage security strategies
- Create shared access signatures
- Identify URI and SAS parameters
- Determine Azure Storage encryption
- Create customer-managed keys
- Apply Azure Storage security best practices
- Interactive lab simulation
- Configure Azure Files and Azure File Sync:
- Compare storage for file shares and blob data
- Manage Azure file shares
- Create file share snapshots
- Implement soft delete for Azure Files
- Use Azure Storage Explorer
- Deploy Azure File Sync
- Create an Azure Storage account:
- Decide how many storage accounts you need
- Choose your account settings
- Choose an account creation tool
- Exercise – Create a storage account using the Azure portal
- Upload, download, and manage data with Azure Storage Explorer:
- Connect Azure Storage Explorer to a storage account
- Exercise – Connect Azure Storage Explorer to a storage account
- Connect Azure Storage Explorer to Azure Data Lake Storage
- Exercise – Connect Azure Storage Explorer to Azure Data Lake Storage
Lesson 5: Deploy and manage Azure compute resources
- Configure virtual machines:
- Review cloud services responsibilities
- Plan virtual machines
- Determine virtual machine sizing
- Determine virtual machine storage
- Create virtual machines in the Azure portal
- Connect to virtual machines
- Interactive lab simulation
- Configure virtual machine availability
- Configure Azure App Service plans:
- Implement Azure App Service plans
- Determine Azure App Service plan pricing
- Scale up and scale out Azure App Service
- Configure Azure App Service autoscale
- Configure Azure App Service:
- Implement Azure App Service
- Create an app with App Service
- Explore continuous integration and deployment
- Create deployment slots
- Add deployment slots
- Secure your App Service app
- Create custom domain names
- Back up and restore your App Service app
- Use Azure Application Insights
- Interactive lab simulation
- Configure Azure Container Instances:
- Compare containers to virtual machines
- Review Azure Container Instances
- Implement container groups
- Review Azure Container Apps
- Interactive lab simulation
- Manage virtual machines with the Azure CLI:
- What is the Azure CLI?
- Exercise – Create a virtual machine
- Exercise – Test your new virtual machine
- Exercise – Explore other VM images
- Exercise – Sizing VMs properly
- Exercise – Query system and runtime information about the VM
- Exercise – Start and stop your VM with the Azure CLI
- Exercise – Install software on your VM
- Create a Windows virtual machine in Azure:
- Create a Windows virtual machine in Azure
- Exercise – Create a Windows virtual machine
- Use RDP to connect to Windows Azure virtual machines
- Exercise – Connect to a Windows virtual machine using RDP
- Configure Azure virtual machine network settings
- Host a web application with Azure App Service:
- Create a web app in the Azure portal
- Exercise – Create a web app in the Azure portal
- Prepare the web application code
- Exercise – Write code to implement a web application
- Deploy code to App Service
- Exercise – Deploy your code to App Service
Lesson 6: Monitor and back up Azure resources
- Introduction to Azure Backup:
- What is Azure Backup?
- How Azure Backup works
- When to use Azure Backup
- Configure Azure Monitor:
- Describe Azure Monitor key capabilities
- Describe Azure Monitor components
- Define metrics and logs
- Identify monitoring data and tiers
- Describe activity log events
- Query the activity log
- Interactive lab simulation
- Configure Log Analytics:
- Determine Log Analytics uses
- Create a Log Analytics workspace
- Create Kusto queries
- Structure Log Analytics queries
- Configure Network Watcher:
- Describe Azure Network Watcher features
- Review IP flow verify diagnostics
- Review next hop diagnostics
- Visualize the network topology
- Improve incident response with Azure Monitor alerts:
- Explore the different alert types that Azure Monitor supports
- Use metric alerts for alerts about performance issues in your Azure environment
- Exercise – Use metric alerts to alert on performance issues in your Azure environment
- Use log search alerts to alert on events in your application
- Use activity log alerts to alert on events within your Azure infrastructure
- Use action groups and alert processing rules to send notifications when an alert is fired
- Exercise -Use an activity log alert and an action group to notify users about events in your Azure infrastructure
- Analyze your Azure infrastructure by using Azure Monitor logs:
- Features of Azure Monitor logs
- Create basic Azure Monitor log queries to extract information from log data
- Exercise – Create basic Azure Monitor log queries to extract information from log data
- Monitor your Azure virtual machines with Azure Monitor:
- Monitoring for Azure VMs
- Monitor VM host data
- Use Metrics Explorer to view detailed host metrics
- Collect client performance counters by using VM insights
- Collect VM client event logs