-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathAZ-103
More file actions
48 lines (39 loc) · 4.87 KB
/
AZ-103
File metadata and controls
48 lines (39 loc) · 4.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
...
AZ-103:
AZURE Subscriptions and Resources
Assign Administrator Permissions:
Roles:
- Classic Roles: Account admin, Service admin, Co-Admin
- Service Administrator: same as account admin, if the service admin changed, then account admin will lose access to the portal. Also this service admin can't add user out of the directory. (?)
- RBAC (Role-Based Access Control):
- owner: full access to all resources and can delegate access to others
- contributor: can't grant access to others, but can create and manage resources
- reader: view resources only
- user access admin: special acc, for root access and temporary usage
- and 70 built-in roles, custom roles
- AD roles
- Admin: Manage AD Resources
- Other: Billing, Device, User acc, etc.
Subscription -> Access Control (IAM) -> New (add) -> Select Role -> choose the user on which apply that selected role -> Save
Cost Center
- Quotas.
- Taging
To apply tags to a resource, you must have write access to the Microsoft.Resources/tags resource type. The Tag Contributor role lets you apply tags to an entity without having access to the entity itself.
Azure Service Bus
It's message broker. Data transferred between applications and services with binary messages. Scenarios: Messaging (journals, orders, etc); Decouple applications. Improve reliability and scalability of applications and services. Client and service don't have to be online at the same time. ; Topics and subscriptions. Enable 1:n relationships between publishers and subscribers.; - Message sessions. Implement workflows that require message ordering or message deferral.
- Namespace - is a container for all messaging components, often serve as application container.
- Queue - point-to-point communication. stores messages until receiving application is available to receive and process them.
- Topic - useful in publish/subscribe scenarios. Can have multiple independent subscriptions to receive all messages sent to a topic. You can youse rules and filters to define conditions that trigger optional actions.
- Message sessions - used to create FIFO (first-in, first-out)
- Auto-forwarding - chains a queue or subscription to another topic or queue.
- Dead Letter Queue (DLQ) - A DLQ holds messages that can't be delivered to any receiver. It holds messages that can't be processed. Service Bus lets you remove messages from the DLQ and inspect them.An application might, with help of an operator, correct issues and resubmit the message, log the fact that there was an error, and take corrective action. From an API and protocol perspective, the DLQ is mostly similar to any other queue, except that messages can only be submitted via the dead-letter operation of the parent entity. In addition, time-to-live isn't observed, and you can't dead-letter a message from a DLQ. The dead-letter queue fully supports peek-lock delivery and transactional operations.
- Scheduled delivery - You can submit messages to a queue or topic for delayed processing. You can schedule a job to become available for processing by a system at a certain time.
- Message deferral - A queue or subscription client can defer retrieval of a message until a later time. This deferral might be because of special circumstances in the application. The message remains in the queue or subscription, but it's set aside.
Batching - Client-side batching enables a queue or topic client to delay sending a message for a certain period of time. If the client sends additional messages during this time period, it transmits the messages in a single batch.
Transactions - groups two or more operations together into an execution scope. Service Bus supports grouping operations against a single messaging entity within the scope of a single transaction. A message entity can be a queue, topic, or subscription.
Filtering and actions - Subscribers can define which messages they want to receive from a topic. These messages are specified in the form of one or more named subscription rules. For each matching rule condition, the subscription produces a copy of the message, which can be differently annotated for each matching rule.
Auto-delete - Auto-delete on idle enables you to specify an idle interval after which a queue is automatically deleted.
Duplicate detection - An error could cause the client to have a doubt about the outcome of a send operation. Duplicate detection enables the sender to resend the same message. Another option is for the queue or topic to discard any duplicate copies.
Security protocols - Service Bus supports security protocols such as Shared Access Signatures (SAS), Role Based Access Control (RBAC) and Managed identities for Azure resources.
Geo-DR - When Azure regions or datacenters experience downtime, Geo-disaster recovery enables data processing to continue operating in a different region or datacenter.
Service Bus supports standard AMQP 1.0 and HTTP/REST protocols.