
Explore how Azure API Management acts as a hybrid, multi-cloud API gateway that manages microservice APIs, secures access, and enables multi-channel and B2B integrations.
Create your first Azure API management instance by configuring a new resource group, selecting Australia East, and designating an administrator before provisioning.
Engage in a hands-on, Azure portal-focused track that builds API management, Azure Functions, Logic Apps, App Service, and Log Analytics, with an expected monthly bill around 100 dollars.
Explore API management basics, including importing an API, mock responses, and basic protection. Learn how to debug APIs with Visual Studio Code and manage versions and revisions in API management.
Import your first API into your API management and enable application insights monitoring to track performance, then import an open API, set the URL suffix, and test operations.
Create and publish api products that host one or more apis, enforce subscriptions and admin approval, and test with the portal using echo api and demo conference api.
Explore how to mock API responses using an inbound policy to enable mock responses for a 200 application/json result, decoupling API consumers from backend development for agility.
Strengthen API protection with subscription keys, inbound and outbound policies, URL masking in responses, and throttling to guard against data leaks and unauthorized access.
Import app service api into api management by creating a resource group and web app in Australia East with dotnet seven, then import and test the api.
Discover how to debug and trace APIs in api management by enabling tracing for an hour, viewing inbound, outbound, and backend details, and understanding subscription keys and headers.
Explore API revisions, not versions, and learn to create, test with mock responses, and switch the current revision using the revisions tab or UI.
Create and test a new api version within a version set, using path-based identifiers, and understand how versions differ from revisions for safe, paced migration.
Install the Azure API Management extension and manage API operations, policies, and testing from Visual Studio Code, including creating API management instances and using a subscription key.
Add and test a manual API in API management, configure HTTP and HTTPS traffic, and create operations like get and get status. Avoid wildcard operations due to security risks.
Import an Azure function app into api management by creating a dotnet 6 function with an http trigger, then import it as an api and test a get operation.
Import a logic app into API management by hosting it in Australia East on a consumption plan, exposing it as an API, then test for 200 responses.
Automate API deployments with Azure DevOps by implementing API ops and building CI/CD pipelines for API management across test and prod environments.
Implement extractor and publisher pipelines in Azure DevOps to extract API definitions and deploy changes through dev, QA, and prod environments under API ops and version control.
Import a demo conference API into dev API management, extract definitions with a pipeline, and deploy the API via CI/CD to dev, QA, and prod.
Create a named value called secrets in dev API management, propagate via CI/CD pipelines to QA and prod environments, and note that secrets should not be stored in configuration files.
Configure Azure Key Vault named values to store secrets for Azure API Management across dev, QA, and prod; enable managed identities and fetch secret values via Key Vault secret identifiers.
Configure and assign application insights loggers to dev, qa, and prod API management instances via configuration.yaml, using environment-specific instrumentation keys.
Configure backends across environments by mapping API management to distinct function apps with configuration.yaml and named values. Implement dev, QA, and prod deployments.
Configure diagnostic settings for a dev api in api management and enable application insights logs via configuration.yaml, then deploy through the pipeline to qa and prod with environment-specific application insights.
Extract specific APIs from dev api management and propagate changes across dev, qa, and prod using the configuration extractor and extract pipeline.
Create and commit multiple extractor files per team to extract specific APIs, configure per API HTML or YAML artifacts, and run pipelines to deploy last-commit artifacts to the correct folder.
Use Visual Studio Code to edit the dev API management, create a branch, commit and push changes, and trigger pipelines to deploy to dev, QA, and prod environments.
Demonstrates cleaning up api ops by removing the Azure DevOps organization, deleting ci cd dev, qa, and prod resource groups, and removing api management, application insights, and function apps.
Protect access to APIs in API management using Azure Active Directory tokens, and extend security with Azure B2C and client certificates, plus protocols and ciphers in Azure API management.
Learn to protect backend APIs with Azure AD in API management by registering apps, configuring OAuth2 for the developer portal, and validating JWT tokens with inbound policy.
Learn how to secure access to APIs in api management with Azure AD B2C by acquiring and validating tokens using B2C apps, user flows, and oauth 2 configurations.
Learn how to secure APIs with client certificates in Azure API Management by generating self-signed certificates in Azure Key Vault, configuring access, and enforcing certificate-based authentication.
Configure protocols and ciphers for api management, enabling tls 1.2 and ssl 3 for client and back-end traffic, noting required defaults and weak ciphers, and consult security architects for decisions.
Publish your APIs in Azure API Management by configuring subscriptions and managing users. Secure the developer portal with Azure Active Directory, Azure B2C, or basic authentication, and customize notification templates.
Explore how subscriptions secure api access with subscription keys, define scope for all apis, a particular api, or a product, and manage key rotation in Azure api management.
Manage user accounts in API management by adding users, assigning authentication types (basic, B2C, or Azure Active Directory), subscribing them to products, and handling invitations and password resets.
Manage groups in API management to control user access to products via administrators, developers, and guest groups, plus custom groups. Assign members and product access through access control settings.
Secure access to the developer portal and APIs by using Azure Active Directory B2C for external users, Azure Active Directory for internal users, or avoid basic authentication.
Learn to customize notification templates in API management, including the developer welcome letter via html with header title and first name, and set administrator and originating emails for notifications.
Explore the developer portal in azure api management, covering main vs deprecated portals, publishing changes, and customizing pages, media, layouts, and authentication testing with azure ad or b2c.
Provision and scale API management with pricing tiers and cost control, auto or manual scaling, and high availability across zones and regions, including Azure Front Door as CDN and RBAC.
Understand the capacity metric in API management as a workload indicator. Use a 30-minute view to decide scaling, targeting 60–70% (40% for a single unit) per API management instance.
Plan and manage API management costs using the Azure pricing calculator and cost analysis in the Azure portal, compare scaling capacity versus upgrading tiers, and set budgets with alerts.
Learn how to upgrade and scale Azure API Management by adjusting scale out capacity units across developer, basic, standard, and premium tiers, and understand downgrades and downtime.
Enable zone redundancy for API management to boost resiliency and high availability across availability zones; upgrade to premium, ensure balanced deployments, and expect 15–45 minutes for changes.
Configure autoscale for Azure API management in standard and premium tiers, using capacity-based scale-out and scale-in rules with min 2 and max 4 instances and 30-minute thresholds.
Learn how to deploy API management across multiple Azure regions to improve availability, with gateway replication and a primary-region control plane.
Configure Azure front door with API management, enabling TLS offloading, global load balancing, and caching; restrict API management to front door traffic by IP ranges.
Compare the compute platform options for API management, focusing on STV1 and STV2, and highlight zone redundancy, private endpoints, and DDoS protection to boost resilience and security.
Create and manage independent workspaces in API management to decouple teams, enabling isolated development while controlling access with workspace-level roles and overall service permissions.
Explore role-based access control in Azure API Management, focusing on API Management service contributor, service reader, and service operator roles to control changes at the API Management and workspace levels.
Learn how Azure Active Directory managed identities let API management securely access AD-protected resources without passwords or key rotations, and compare system vs. user assigned identities for Key Vault access.
Integrate API management with event grid to send notifications to Azure or non-Azure services via webhooks, configure event subscriptions, and test with a product creation workflow.
Implement disaster recovery for Azure API Management using backup and restore by storing backups in blob storage and restoring via managed identities, with zone redundancy and multi-region considerations.
Move API management across regions using backup and restore. Relocate near API consumers, leverage regional features, and choose between different name or same-name migration with the same pricing tier.
Validate API management service updates using Azure's safe deployment practice framework. Apply canary and pilot phases, deploy non-critical alongside premium tier instances, and monitor 24 hours to prevent prod disruption.
Explore API management networking by comparing external and internal vnets and configure Application Gateway to expose public APIs while securing internal ones, with private endpoints to reduce costs.
Configure Azure API management in an external vnet by creating a vnet, subnet, and public IP with a DNS label, then apply an NSG and inbound/outbound rules to secure traffic.
Switch api management from an external to an internal vnet by creating a new public ip, updating security rules, and testing apis from a vm in the vnet.
Demonstrates accessing an API management in an internal vnet from a VM using Postman. Configures hosts to map the private IP endpoints and include the subscription key for a response.
Learn to integrate application gateway with api management in an internal vnet, using path-based routing and health probes to route external traffic publicly and protect internal APIs.
Enable private endpoints for API management to route traffic through a private link on the Microsoft backbone network. Map the API hostname to an IP with a DNS private zone.
Understand how public and private IP addresses are used by API management in external vs internal vnets, and how the origin reveals IPs in requests.
Protect your api management from DDoS attacks by enabling DDoS protection on the Vnet, creating a DDoS protection plan, and applying it to the virtual network, internal or external.
Explore caching in API management by comparing internal and external caching and applying various caching policies to leverage both approaches.
Learn how to enable internal caching in Azure API Management, using inbound and outbound case policies to cache responses and boost API performance.
Learn how external caching augments API management beyond internal limits, configure Redis as an external cache, and apply external caching policies to ensure private connectivity and cache hits.
Explore how to export API definitions from API management in two formats, enabling you to use your APIs in other tools and workflows.
Export your API definitions from Azure API Management to Postman, authenticate with Azure, configure a Postman environment with the subscription key, and test the get speakers operation.
Export APIs from API management to the Power Platform by creating a connection in the API management instance. Import them into your activated Power Platform account.
Explore API management policies and their flexibility, including policy fragments for reuse, policy expressions, and error handling across access restriction, authentication, and cross-domain transformation.
Explore how API management policies shape request handling across inbound, backend, outbound, and on-error sections, and apply them at global, workspace, product, API, or operation scopes.
Explore policy fragments in Azure API Management to centrally manage and reuse policy definitions across API statements, while noting inheritance limits and the fragment size cap.
Explore policy expressions in Azure API Management, using C# syntax to craft single-line and multi-line policies, leverage the context variable to manipulate headers, operation names, and response status codes.
Explore how the on error clause in API management policies handles exceptions, using last error data to populate response headers while noting security risks and development-only exposure.
Explore access restriction policies in api management, including header checks, ip whitelisting, quotas, rate limits, token validation (jwt or active directory), and client certificates.
Master advanced policies in API management, from control flow and forward requests to mock responses, retry logic, one way requests, and concurrency control, with practical examples.
Explore authentication policies in api management, including basic authentication, client certificates, and managed identity, and learn how to securely connect api management with a function app.
Gain insight into caching policies by reviewing internal caching in API management and external caching via Redis, and learn about the various caching policy options.
Configure cross-domain policies in api management to allow browser-based and legacy plugin requests, with global scope and explicit origins, methods, headers, and jsonp callback controls.
Explore GraphQL resolver policies in Azure API Management, configuring SQL resolver, Cosmos DB resolver, and HTTP data source, and learn how to publish events to a GraphQL subscription.
Explore transformation policies in api management, including json xml conversions, masking urls, forward request and set back end policies, set body and http header, and rewrite url.
Master validation policies in API management by validating content bodies, GraphQL requests, and data, plus parameters, headers, and status codes to prevent backend error exposure.
Debug policies in Azure API Management with VS Code, enable tracing, test the get speakers operation, and use breakpoints to diagnose gateway connectivity.
Explore API management monitoring, including analytics, app insights, metrics, and alerts, and configure diagnostic settings for API management.
Analyze analytics in API management to track requests, unauthorized activity, and failures over 30 days, optimize response time, caching, and geography insights.
Explore application insights in API management to monitor logging, analyze failed requests and response times, identify top failures, explore slow operations, and consider caching and availability tests for healthier services.
Explore API management metrics, focusing on the capacity metric to guide scaling. Use 30-minute trends to keep capacity around 60–70% and review gateway and back end requests metrics for performance.
Configure alerts for API management metrics using a capacity signal with a 70% threshold over six hours and trigger an action group with email and an Azure function.
Configure diagnostic settings for api management by adding a new setting named RDS API, selecting all logs and metrics, and pushing them to a log analytics workspace.
Delete your Azure API Management instance and all configured resources, including function apps, storage accounts, and app service plans. Consider removing the resource group to clean up your subscription.
Explore Azure Functions app, a fully managed serverless solution that helps you write less code, maintain less infrastructure, and pay less money, while supporting multiple languages and real-time data processing.
Create a function app in the Azure portal in Australia East, with net six on Windows and a consumption plan, then enable storage and application insights and test the url.
Create an Azure Functions app in Visual Studio 2022 with an http trigger, then publish to Azure portal, provisioning a storage account and app service plan.
Create and publish an Azure Functions app in Visual Studio Code, configure a dotnet 7 http trigger, install required extensions and Azure Functions Core Tools, and deploy to Azure Portal.
Integrate a function app with a virtual network, enable private endpoints, and route traffic through the Microsoft backbone network for secure access to a service bus and storage.
Establish private endpoints and vnet-based access restrictions to let a function app securely connect with Azure Service Bus, and test access from a vm inside the vnet.
Implement outbound NAT gateway to route all function app traffic through a single public IP, protecting outbound addresses within a vnet and subnet for secure azure communications.
Create and test an http function inside a function app, and learn how to configure bindings, triggers, and function.json. Note that all functions must share one language.
Develop and debug Azure functions locally with a multi-function function app, configure local settings and hosting, use storage emulator, and publish to Azure for production.
Learn to remotely debug an Azure function app from Visual Studio in your local environment. Attach to Azure App Service, toggle debug mode, and follow safe development practices.
Learn to create a blob storage trigger function app in Azure, configure a blob container named trigger, and use the function to process new files with monitoring via Application Insights.
Create a queue storage trigger function app by provisioning a new resource group, function app, and storage account; configure a queue and connection string, then monitor with Application Insights.
Create a time trigger function app and resource group, set the schedule to every minute, and review cron expressions and monitor logs.
Connect a locally developed Azure function to a remote storage queue by configuring output bindings, publishing to Azure, and assigning storage data reader and storage data contributor roles.
Publish a Visual Studio Azure Functions project to Azure and connect a local function app to Azure SQL through binding and connection strings.
Create an output binding from a local Visual Studio function app to Azure Cosmos DB, configure the container and connection string, set a partition key, and deploy.
Connect functions to other Azure services by using triggers, input bindings, or output bindings. Explore integrating with storage, Azure SQL, and Cosmos DB, and access services via the resources page.
Learn to secure host connections for a function app with managed identities and Azure Key Vault secrets. Replace plain credentials with Azure Key Vault references and update storage settings accordingly.
Use a system-assigned managed identity to secure a function app's service bus queue trigger and bindings, replacing sensitive connection details with identity-based access and a service bus data receiver role.
Secure Azure SQL access from an Azure function app using a managed identity. Eliminate credentials in config by relying on Active Directory authentication and identity-based access.
Learn to implement robust error handling and retry strategies in Azure function apps, using application insights, structured exception handling, idempotency, dead-letter queues, and exponential backoff for Service Bus triggers.
Discover how to manually trigger a non-http function using postman by constructing the function URL, supplying the function key, and testing a service bus queue trigger without sending real messages.
Enable continuous deployment for a function app by tying dev, qa, and prod branches to separate function apps, using Azure DevOps and Deployment Center.
Build and deploy a dotnet core function app with azure pipelines, unifying code build, test, and deploy across environments in a single pipeline.
Deployment slots create separate environments within a function app, each with its own endpoint for staging and production. Swapping slots enables updates and easy rollback without impacting live traffic.
Manage your Azure function app by configuring app settings, referencing Azure Key Vault for secrets, and using advanced tools to access files and manage hosting plans.
Configure the function app runtime by selecting a major version (4, 3, 2, 1); default is 4, minor versions auto-update, and you can downgrade via the function extension version.
Learn how to disable a function in an Azure function app, manage deployment slots, and access a disabled function via the master key, with insights on app settings.
Learn to configure authentication provider for a function app using Azure Active Directory, create app registration, obtain tokens via Postman, and implement app roles to restrict access.
Restrict IPs to reduce the attack surface of your function app by whitelisting access. Use access restriction policies to allow specific IPs or service tags and deny all unmatched traffic.
Understand Azure function app managed identities, comparing system assigned versus user assigned, and how to grant roles to access resources across subscriptions and resource groups.
Configure a function app to securely reference key vault secrets via app settings using a managed identity, with versioned secrets and best-practice security.
The consumption plan provides a fully serverless hosting for Azure Functions with autoscaling and billing based on executions, execution time, and memory, as the default Y1 dynamic plan.
Explore premium function plan on elastic premium app service (EP1–EP3), reduce cold starts with always ready and pre-warmed instances, and learn core-second memory billing with no execution charge.
Host your function app on a dedicated app service plan by creating a dedicated resource group, selecting the basic tier for development and always-on hosting for production workloads.
Learn about Azure function app runtime versions, why version four is recommended, how to view or switch runtimes, and the role of binding extensions and minor version pinning.
Explore deployment options for Azure functions, including tools based, app service managed, and external pipeline methods, and learn how hosting plan and operating system constrain availability.
Connect your Azure function to other Azure services using triggers and bindings, including Service Bus, Cosmos DB, SQL Database, and Storage Accounts, which operate stateless by default.
Explore event driven scaling in Azure functions, where the scale controller adds or removes instances based on workload, influenced by consumption and premium plans and cold start considerations.
Explore target based scaling for Azure function apps, replacing incremental scaling, and learn how desired instances depend on event source length and target executions per instance.
Explore reliable event processing with Azure Functions and Azure Service Bus, including retry, dead-letter handling, idempotency, and circuit breaker patterns to prevent message loss and ensure throughput.
Explore how Azure Service Bus enables loosely coupled architectures with queues, buffering, and topics, allowing decoupled publishers and receivers, load balancing, transactions, and ordered messaging.
Create an Azure Service Bus queue and send three messages from a .NET 7 console app using AMQP WebSockets, then receive them with a processor in another project.
Learn how to send and receive messages to an Azure Service Bus topic, and understand how topics differ from queues, with subscriptions and filter rules routing messages to multiple consumers.
Create an Azure service bus topic with three subscriptions and use subscription filters to route messages to specific subscriptions; demonstrate filter-driven delivery and code-based configuration from a sample repository.
Explore handling Service Bus events with Logic Apps and Event Grid to publish, trigger, read messages from a topic subscription, and email each message using a serverless Logic Apps workflow.
Learn to handle Azure Service Bus events with a function app via Event Grid, configuring topics and subscriptions and deploying and verifying an event grid triggered function.
Explore auto forwarding in Azure Service Bus to chain messages from a source topic to a target queue, enabling scalable throughput, subscriptions management, and handling quotas and dead-letter scenarios.
Enable duplicate detection in Azure Service Bus to prevent duplicate messages by tracking message IDs within a time window. Keep the window small to limit throughput impact.
Explore message browsing and the peek operation in Azure service bus to enumerate active messages in a queue or subscription for diagnostics, without removing them.
Explore how Azure Service Bus prefetch boosts throughput by filling a prefetch buffer via .NET, Java, and Python SDKs (not available in the portal), and tradeoffs with receive-and-delete and peek-lock.
Implement atomic transactions across multiple Azure Service Bus queues with transaction scope, coordinating flight, hotel, and car bookings using a Saga task manager, travel booking handler, and compensator queue.
Explore the dead-letter queue in Azure service bus as a sub-queue for undeliverable messages, including max delivery count, and learn to access, review, and reprocess them from the main queue.
Discover a durable sender using MSMQ that buffers messages in a local Windows queue and forwards them to Azure Service Bus when connected. Demonstrate handling across outside, within, distributed transactions.
Explore routing configurations and path-based routing with the Azure application gateway for multi-site hosting and redirection. Learn ssl termination, end-to-end encryption, monitoring, and web application firewall.
Explore how Azure application gateway acts as a layer seven load balancer that routes http traffic to backend pools based on request attributes, with options like standard and WAF versions.
Learn how the azure application gateway listens to requests via listeners, routes to backend pools with routing rules, and uses http or https over public or private ip configurations.
Prepare to incur Azure costs while following along, provisioning and deleting application gateway scenarios, with examples like a 100 AUD charge across Asia regions.
Explore AppGW routing configurations, including multi-site hosting, path-based routing, redirections, and URL or header rewriting, plus internal load balancing with auto scaling and zone redundancy.
Create an Azure application gateway in Australia East with a subnet, public IP, and two VMs backend pool; install IIS on the VMs and deploy test page to validate routing.
Configure Azure application gateway to host multiple sites by creating a front-end public IP, two backend pools (Contoso and Fabrikam), multi-site routing rules, and test with IIS on two VMs.
Explore url based routing with Azure application gateway, creating three backend pools (general, images, and video) and path-based routing rules that direct traffic by url path.
Explore how to implement traffic redirection with Azure application gateway, including internal and external routing, multi-site hosting, http to https redirection, and various redirection types.
Learn to implement rewriting sets in the Azure application gateway to secure backends, rewrite URLs and headers, and validate changes using log analytics workspace and diagnostic settings.
Learn to configure an Azure application gateway as an internal load balancer with a private IP and backend pools, routing rules, and http settings across multiple VMs.
Explore autoscaling and zone redundancy for the Azure application gateway, setting a minimum of two instances for production, with a configurable maximum and multi-availability-zone deployment to prevent downtime.
Explore application gateway ssl security, including ssl termination, end-to-end ssl encryption, and mutual authentication, and configure ssl policies for secure application gateway deployments.
Explore SSL termination on the application gateway, decrypting https at the gateway and forwarding unencrypted http to backend targets to gain performance, visibility, and easier certificate management.
Learn how to implement end-to-end ssl encryption through the Azure application gateway by configuring https settings and back-end certificates, enabling secure traffic from users to backend targets.
Explore Azure Kubernetes Service (AKS) integration with the application gateway, covering greenfield deployments with an ingress controller and AKS cluster, and brownfield reconfigurations to route traffic.
Execute a greenfield deployment of a new AKS cluster and an application gateway, then configure the ingress add-on to route traffic from the gateway to AKS and test the setup.
Enable the Azure application gateway ingress controller for an AKS cluster in a brownfield deployment, linking the app gateway and AKS via VNet peering and resolving address space overlap.
Configure a web application firewall for an application gateway using WAF v2 in detection mode, add an OWASP 3.1 policy with a geo-block rule, and associate with gateway and listener.
Configure diagnostic settings to monitor the application gateway, track key metrics with alert rules, and use the log analytics workspace to inspect routings and health probes for backend health.
Configure diagnostic settings for the application gateway by selecting access, performance, and firewall logs, and route all logs and metrics to a log analytics workspace.
Navigate the Azure application gateway metrics suite in the monitoring section, compare views in metrics and insights, and interpret capacity units, latency, traffic, and backend health to diagnose performance.
Configure alerts for the Azure Application Gateway by tracking failed requests and 500 errors. Set static or dynamic thresholds, and attach action groups for automated remediation.
Learn how to set up and use log analytics for the Azure Application Gateway, including diagnostic settings, access, performance and firewall logs, metrics, and cost-aware data retention.
The application gateway continuously monitors backend health with a default health probe every 30 seconds and switches traffic away from unhealthy backends; a custom health probe tailors interval and timeout.
Explore advanced topics of the application gateway, including configuring for high traffic, cookie affinity, and connection draining, and review pricing model and tier options.
Learn to enable auto scaling for Azure Application Gateway, set min and max instances, and monitor compute units, capacity utilization, and alerts for unhealthy targets, response codes, and latency.
The lecture explains Azure Application Gateway pricing as fixed costs plus variable capacity unit costs, billed hourly, with tier differences and outbound data transfer charges.
Configure cookie affinity in the application gateway's http settings to achieve session stickiness by routing subsequent requests to the same backend server, or use external caches like Redis.
Learn how connection draining in the Azure Application Gateway removes future requests from backend pool targets while preserving existing connections, and cookie-based affinity forwards traffic to de-registered instances.
Configure Azure application gateway custom error pages to brand and tailor 502 and 403 responses, globally via PowerShell or per listener, improving user experience during maintenance or unauthorized access.
Learn how Azure application gateway supports web sockets over http or https, using a standard http handshake and tcp upgrade, provided the backend target supports web socket communications.
Compare application gateway version one and version two to understand autoscaling, zone redundancy, static IP address limitations, ingress controller for AKs, Key Vault integration, and http rewriting.
Plan the VNet and subnet configurations ahead of creating the application gateway, then configure gateway settings such as IP addresses, routing rules, HTTP settings, and back-end pools.
Learn how to size subnets and manage IP addressing for Azure Application Gateway, including Azure reserved IPs, v1 vs v2 scaling, subnet dedication, and required inbound/outbound rules.
Choose frontend ip options for the application gateway: public or private; public handles internet traffic, private supports internal load balancing; version one supports private only, version two supports both.
Configure application gateway listeners to route http or https traffic to backend pools. Understand basic versus multi-site listeners and their processing order in version 2, including http2 support.
Define and explain application gateway routing rules, including basic forward rules and path-based routing based on url. Explain rule order, first-match processing, and redirection options, including header and url rewrites.
Explore the http settings of the Azure application gateway, configuring connections to backend targets with options for unencrypted or end-to-end https, and learn about cookie affinity.
Explore backend pool targets for the application gateway, including virtual machines, VM scale sets, network interfaces, public or private IPs, FQDNs, app service, and on-premises connections via VPN or ExpressRoute.
Explore how to configure Azure front door, from load balancers and custom domains and HTTPS to apex domains, routing, and protocol redirects, and manage back-end pools, caching, and edge locations.
Discover Azure Front Door as a global, layer 7 entry point deployed across the Microsoft Edge network, routing http and https traffic to the closest region and enabling regional failover.
participate in a hands-on exploration of Azure Front Door using the Azure portal, following along to build resources while noting potential costs, or watch the demonstration instead.
Explore Azure front door core features, including creating front door, configuring a custom domain, securing it with http to https redirections, and managing backend pools and edge caching.
Create an Azure front door by provisioning a resource group in Australia East, deploying two app services as backend targets, and configuring the front end domain and routing rules.
Add a custom domain to Azure Front Door by creating a DNS zone and a CNAME pointing to Front Door endpoint, then configure a host name in Front Door designer.
Secure a custom domain on Azure Front Door with https by enabling tls 1.2 and selecting between Azure managed certificates or Key Vault certificates for apex domains.
Explain apex domain names for Azure Front Door and configure them with an alias record in DNS, since CNAMEs can’t map apex domains; use a certificate stored in Key Vault.
Learn how to redirect http traffic to https with Azure Front Door by configuring routing rules, testing in incognito, and ensuring secure end-to-end traffic to the backend pool.
Explore configuring Azure Front Door URL redirection in the designer, switching route type to a permanent redirect to another host (Google) with a query string, then revert to backend routing.
Explore configuring Azure Front Door backend pools and targets, including App Service, custom hosts, and health probes, with priority and weighted routing for active-active or active-passive load balancing.
Configure a rules engine on Azure Front Door to add a content security policy header, attach to routing rules, test in console, and clean up by deleting the rule engine.
Learn to create and attach an Azure Front Door Web Application Firewall policy, enable managed rules, and add a geolocation based custom rule to deny non-Australia traffic.
Configure Azure Front Door caching across global edge locations, set cache behavior and durations, and purge specific or all content to keep delivery fresh.
Explore the rules engine configuration, architecture, and timing for requests at Azure Front Door, and learn the conditions and actions you can configure and trigger.
Explore how the Azure Front Door rules engine modifies requests with conditions and actions to enforce https, apply security headers, rewrite URLs, route mobile or desktop variants, and adjust caching.
Configure Azure Front Door rules engine with conditions on device type, post arguments, query strings, and headers, then apply actions like forward, redirect, and header edits.
Explore how routing works in Azure Front Door, including how requests match routing rules and how latency based, weighted based, priority based, and session affinity based routing direct traffic.
Explore the Azure Front Door routing architecture from global edge locations and TLS handshakes to WAF rules, routing rules, caching, and back-end pool selection.
Azure Front Door routing rule matching shows how incoming protocol, front-end host, and path map to routes, using exact and wildcard matches to route traffic or return 400 bad request.
Explore how Azure Front Door routes traffic using latency-based, priority, and weighted routing across healthy backend pool instances, with session affinity preserving user sessions.
Explore Azure Front Door standard and premium tiers in public preview and learn to create an Azure Front Door, compare features, and review pricing across classic, standard, and premium versions.
Learn about Azure Front Door standard and premium, their differences from classic, and features like origin groups, private link service, WAF policies, and real-time reports.
Compare Azure Front Door standard and premium features, showing private origin support only in premium, plus WAF policy rules, bot protection, and security reports to select the right tier.
Compare Azure Front Door pricing across classic, standard, and premium tiers, detailing data transfer, routing rules, and requests, plus base fees and origin transfer considerations.
Explore how the web application firewall (WAF) protects requests through Azure Front Door, and configure policies with managed and custom rules, including detection and prevention modes and key settings.
Discover how azure front door waf protects web apps at the edge with managed and custom rules, switchable detection and prevention modes, and bot protection rule sets.
Create a web application firewall policy for Azure Front Door, enable diagnostic logging, and send all Front Door and WAF logs and metrics to a Log Analytics workspace.
Discover how Azure Front Door's WAF uses OWASP managed rule sets to defend against protocol attacks, SQL injection, XSS, and more, with configurable enable, disable options, and exclusions.
Configure and prioritize Azure Front Door's WAF custom rules to block traffic by geolocation, IP ranges, query string size, headers, and rate limits, executed before managed rules.
Manage Azure Front Door WAF settings by enabling or disabling, switching between detection and prevention modes, configuring redirects and custom response codes, and reviewing firewall logs in Log Analytics.
Monitor Azure Front Door and the Web Application Firewall, using metrics, alerts, and health probes. Use log analytics queries to analyze behavior and back-end health.
Explore Azure Front Door metrics like back end health percentage, back end request count, latency, web request counts, and billable data such as request and response sizes, over 30-day window.
Set up Azure Front Door alerts using metric-based rules, such as backend health percentage below 90%, to trigger notifications via an action group and monitor health status and request activity.
Explore log analytics in Azure Front Door by viewing diagnostic settings and predefined queries; filter for the Front Door web application firewall log to see blocked requests and access logs.
Azure front door uses health probes to monitor back-end health status, with default enablement and configurable http verb and interval to route traffic to healthy back-end instances.
Clean up by deleting the Australia-east resource group to remove all app services, Azure Front Door, policy, and the log analytics workspace used in this course.
Welcome to the Azure Serverless Integration Services Course
Are you ready to master modern, scalable integration solutions using Microsoft Azure’s serverless offerings? This comprehensive, hands-on course will equip you with the practical knowledge and skills needed to design, implement, and manage cloud-native integration solutions, focusing on core Azure services:
Azure API Management (APIM)
Azure Service Bus
Azure Function Apps
What You’ll Learn
Throughout this course, you will:
Gain a deep understanding of the serverless paradigm and why it is transforming application integration in the cloud.
Discover how Azure API Management acts as a powerful gateway for securing, publishing, and analyzing APIs.
Learn to implement best practices in API Management, including versioning, policy application, securing endpoints, and handling transformations.
Build robust solutions using Azure Service Bus for reliable, enterprise-grade message brokering and integration between distributed systems.
Hands-on experience with Azure Function Apps to create event-driven microservices, automate workflows, and extend your integration platforms.
Dive into real-world scenarios demonstrating how these services work in harmony to solve common business integration challenges.
Explore monitoring, diagnostics, and essential metrics to ensure the health, performance, and scalability of your integrations.
Apply different API Management policies to address authentication, throttling, caching, and transformation requirements. You’ll gain an in-depth, practical understanding of how policies can empower and safeguard your APIs.
Review infrastructure best practices to deploy, scale, and manage your integration solutions efficiently within Azure.
Learn how to monitor your services, set up alerting, and interpret key performance indicators to continuously improve your API landscape and integration flows.
Course Approach and Format
This course has been meticulously designed with a practical, hands-on approach at its core. Instead of relying on slide presentations, we’ll work directly with the Azure portal and developer tools, ensuring you gain real-world experience. You’ll complete guided exercises and projects that mirror real business requirements, preparing you to confidently apply your knowledge in professional settings.
Instructor’s Perspective
Having implemented Azure API Management and serverless integration solutions for a variety of organizations, I’ve encountered the benefits and the challenges firsthand. My intention is to distill those hard-earned insights and lessons into clear, actionable tutorials, helping you avoid common pitfalls and accelerate your learning curve. Each module draws from practical experience, ensuring you’re not just learning theory but building expertise you can use immediately.
Who Should Take This Course?
Cloud and integration engineers seeking to develop robust, maintainable, and cost-effective integration solutions.
Developers and architects who want to leverage the power of serverless computing on Azure.
IT professionals aiming to enhance their understanding of API Management, service integration, and cloud-based automation.
Additional Resources
Along with the video tutorials and labs, you’ll have access to downloadable resources, suggested reference materials, and code snippets to support your continued learning.