This course is designed to familiarize and instruct students in the content that is covered by Microsoft Exam 70-533, Implementing Microsoft Azure Solutions. It focuses on all the November 2016 objective domain topics, including:
Welcome to the course! Meet your instructor, Doug Vanderweide; learn the topics we will cover; get an understanding of what you'll need to make the most of this course.
This course refers to labs and demos, which are features of the CloudAssessments.com/LinuxAcademy.com environments. You can, however, use your own Azure subscriptions to follow along in these labs and demos, and this video explains how to get free Azure services that can help you do so.
In this lesson, we review the fundamentals of the Azure App Service, including App Service Plans, App Service Environment, service tiers and SKUs, and the four primary App Service app types: Web, API, Mobile and Logic.
This lesson focuses on the features of Web Apps, including deployment slots and swapping, source control integration, authentication and authorization, alerts and metrics.
In this demonstration, we create a Web App, and its App Service, via the portal.
In this demo, we create a resource group, App Service Plan and Web App via the Azure command-line interface version 1.
In this demo, we create a resource group, App Service Plan and Web App using PowerShell. We also create a deployment slot, bind it to a GitHub repo, and swap slots.
Overview of the general configuration options for a Web App, including runtime settings, slot and app settings, connection strings, environment settings, default documents, handler mappings and virtual directories/applications.
In this demo, we review the general settings for an App Service app, including runtime versions, Always On, web sockets, managed pipeline mode, default documents, handler mappings and virtual directories.
In this demonstration, we apply a custom certificate to a Web App, and also assign an A record and a CNAME record to a Web App.
In this demonstration, we review KUDU, the environment and application management tool behind every App Service app.
In this lesson, we review deployment slots; slot settings; swapping code between slots; and managing the sources for code deployments to our web apps.
In this demo, we cover Web App deployment slots and slot settings.
In this demonstration, we review using Dropbox and GitHub as deployment sources/options for a Web App.
In this demo, we perform the three kinds of Azure App Service slot swaps, and "roll back" a slot swap.
In this demo, we create a PowerShell script that will be run at the end of a successful deployment and enqueue it.
In this demo, we show how to use Web Deploy in Visual Studio to publish a Web App. We also review the publish profile XML file, to understand its parts and how it can be used to automate deployments.
In this lesson, we learn about Free and Shared App Service Plan quotas; application and App Service plan metrics, including what metrics are available to monitor; and retention policies on metrics data.
In this demo, we use the Azure Portal to monitor the performance of an App Service Plan and a Web App in that plan.
In this demo, we create an App Service alert based on metrics; review the JSON object that is sent when sending an alert via a Webhook; create an event based alert for an App Service; and create an App Service Plan alert based on metrics.
In this lesson, we learn about App Service autoscaling by metric or schedule; scaling "up" an App Service Plan; moving a Web App to a different App Service Plan; and using Traffic Manager to help provide for high availability.
In this demo, we enable an App Service Plan scale-out autoscale; create a default rule based on CPU use; create a schedule rule; and review the metrics and other settings available in autoscale.
In this lesson,we learn about WebJobs: Scripts we can run within Web, API and Mobile apps, which share context with the host environment.
In this demo, we use the Azure Migration Assistant to move an ASP.NET MVC application from IIS running on a virtual machine to a Web App instance .
In this demo, we configure a Web App to allow remote debugging and attach a debugger to an ASP.NET MVC application.
In this lesson, we get a quick introduction to the command-line console available through the portal. We also learn about diagnostics logging options, see the live streams of those logs in the Portal, and learn about the process explorer.
In this lab we be covering Azure Web App Service and focus in on the specific type of features the services has. We will cover Environment Variables, Default Documents, Work With the File Console and Create FTP Accounts for deployment use.
This lab allows you to use social media logins with Web Apps, via the built-in App Service authentication/authorization provider. You will create a Facebook application for authentication, configure the Web App to use that application, and see the information provided to your Web App via Facebook once a user logs in.
This quiz covers the material contained in the Design and Implement Azure App Service Apps section of this course.
In this lesson, we learn about the types of Virtual Machines available in Azure; the Windows and Linux operating systems they support; and common workloads deployed to VMs.
You will need to know the virtual machine sizes and capabilities during the exam.
In this lesson, we review how the VM Agent allows us to install virtual machine extensions, such as Desired State Configuration and the Chef client; and how DSC, Puppet and Chef can be used to orchestrate server deployments.
In this lesson, we review the options for VM disk storage, including managed disks, premium storage, OS dick redundancy and geo-reproduction.
In this lesson, we review Azure File Service, Microsoft's cloud-based implementation of SMB / Samba.
In this lesson, we learn how to disk encryption works for both OS and data disks for Linux and Windows VMs. We also learn about the limitations on what and when we can encrypt.
In this demonstration, we learn how to monitor VM performance and availability; to set alerts; and to configure diagnostics and monitoring storage.
This lesson describes Availability Sets, Azure's logical association of two or more virtual machines to prevent simultaneous outages.
This lesson describes virtual machine scale sets, Azure's turnkey solution to elastically provisioning identical workloads across multiple VMs.
In this demonstration, we use PowerShell to scale up a DS1 v2 VM to a DS2 v2 VM.
This demonstration shows the creation and configuration of a VM scale set via the portal, including scaling rules.
In this lab, you will use Windows PowerShell cmdlets to create an Azure virtual network, a public IP address, a network security rule and network security group, a network interface and finally, an Ubuntu VM. Then, you'll use PuTTY to connect to that VM, validating its correct configuration.
You will learn how to create an Azure File share, where connectivity endpoints lie, any caveeats with using this service, and lastly use File Store to Create, update, delete, and read files.
This lesson reviews the offerings in Azure Storage, as well as the central concepts behind Storage accounts.
In this demonstration, we create a Storage account in the portal, reviewing all of its setup parameters and discussing what each does.
This lesson reviews block blob Storage, including setting public access levels; the limits on blob Storage; copying blobs async; designing blob heirarchy; and scaling blob Storage.
In this demo, we learn how to use Azure Storage Explorer, Microsoft's Storage management GUI, to upload and download blobs, copy blobs, set container visibility, create a file hierarchy and set metadata on a blob.
In this demo, we use the Windows version of AzCopy to upload and download blobs, and copy blobs asynchronously.
In this lesson, we use PowerShell to upload, download, copy and delete blob files and create a blob snapshot.
In this lesson, we review securing your blob Storage via Shared Access Signatures, Stored Access Policies, the security risks inherent in your Storage keys, and how to regenerate them.
In this demo, we create an account SAS with blob service and container access through the portal; use PowerShell to create a similar account SAS; create a service SAS with read access to a specific blob; create a stored access policy with PowerShell; then use PowerShell to create a service SAS using that stored access policy.
In this lesson, we learn about Azure table Storage, a NoSQL data storage option.
In this lesson, we learn about Azure queue Storage, a messaging queue service.
In this lesson, we will learn how configure diagnostics data collection and set a retention policies on that data in the portal; and view the monitoring data we collect in the portal.
In this lesson, we learn about Key Vault, client-side encryption, Storage Service Encryption, CORS rules and best practices for protecting our Storage objects.
In this lesson, you will learn about Content Delivery Networks. We will review Azure's CDN offerings; using CDNs to balance Storage and Web Apps; and managing CDN content.
In this demo, we create a Premium Verizon CDN, add an endpoint backed on blob Storage, see how it does not include private containers, and review geographic rules and the rules engine.
In this lesson, we review Azure SQL Database, its service tiers and levels, and the features of each of those levels.
In this demonstration, we create an Azure SQL Database and its server; add a firewall rule to the server; add an active geo-replica database; add Dynamic Data Masking; review Transparent Data Encryption; and review several server and database settings.
In this lesson, we review how active geo-replica databases work in Azure, as well as Data Sync. We also look at your disaster recovery options, including point in time restore and geo-restore.
In this demonstration, we export an Azure SQL Database to a BACPAC file; copy a local database to Azure SQL Database using SQL Server Management Studio; export a local database to a BACPAC file using SQL Server Management Studio; and import that database to Azure using the SqlPackage command line tool.
In this lesson, we review the security features of Azure SQL Database, including its built-in firewall and data encryption options.
In this lesson, we review horizontal and vertical partioning of Azure SQL Database data, describing when each strategy is appropriate.
This lab will help ensure you learn and understand the various options and services that are included with Database as a Service and how they can be used to assist in our daily environments. We will cover rudimentary topics such as database creation and move into advanced topics such as geo-replication.
In this lesson, we learn about Recovery Services; specifically, using a backup vault to protect both an Azure-based and on-premises VM, and backing up and restoring data.
In this lesson, we review the concepts of authentication and authorization, learn how Azure Active Directory provides identity management, understand how we can use it to expand access to identity, and some of Azure AD's core features.
In this lesson, we learn how to syncronize an on-premises Active Directory using Azure AD Connect.
In this demonstration, we install and configure Azure AD Connect to synchronize users and groups between an Azure AD tenant and a VM-based Active Directory Domain Services (AD DS) forest, using the password sync method.
In this demonstration, we learn how to add a custom domain to an Azure Active Directory tenant.
In this lesson, we describe how to use OAuth and OpenID Connect to provide authorization and authentication, respectively, with Azure Active Directory.
In this lesson, we learn about SAML and WS-Federation, two XML-based options for federating identity across different ID stores, such as Azure Active Directory and an LDAP server.
In this demonstration, we review the steps necessary to add and configure an Azure Active Directory enterprise application with Google Apps, aka G Suite, to enable SAML-based single sign on. We also review the similar settings needed to prepare Azure AD SSO for Workplace by Facebook.
In this lesson, we learn how to use Azure AD's application support to authenticate and authorize users in Web and desktop applications.
In this lesson, we review the Microsoft Graph API, which allows us to manipulate our Azure AD tenant programmatically.
In this lesson, we create an Azure Active Directory that has permission to leverage the Azure AD Graph API. We also obtain the client ID and client secret of this app, in order to negotiate for an OAuth token, which is covered in a subsequent demo.
In this demonstration, we use REST to request an OAuth token from the application we previously created. We will use this token in a subsequent demo, to manage a user through the Graph API.
In this demonstration, we use the Graph API to list users in an Azure AD, select a single user, and update the metadata on that record.
In this lesson, we learn about Azure Active Directory B2C, a special kind of AD tenant that alloes us to store user information through SSO providers such as Facebook, Twitter and the like. We also learn about AAD B2B, an alternative approach to using federated identity to enable Azure Active Directory application access.
In this demonstration, we create an Azure AD B2C tenant, configure it, and implement single sign on with Amazon and LinkedIn.
In this lesson, we are introduced to the basics of Azure virtual networking concepts, using the example of an n-tier web application to understand subnets, load balancers, application gateways, and other networking tools.
In this lesson, you will learn how Load Balancer and Application Gateway can be used to route network traffic.
In this demonstration, we configure an external load balancer to balance traffic from a public IP address across two Azure VMs, and also configure port forwarding for RDP connections to those VMs.
In this demo, you will learn how to configure an Application Gateway to route traffic within a VM-based Web server farm. You will also learn how to configure the Web Application Firewall option.
In this lesson, you will learn how to user defined routes (UDRs) can change the routing between devices within a subnet and across subnets, such as tunneling traffic through a firewall appliance.
In this lesson, you will learn about controlling inbound and outbound traffic within a virtual network subnet or network interface via network security groups.
In this demonstration, we see how inbound and outbound network security group rules affect routing, including the statefullness of a rule and its priority.
In this lesson, we review the different types of IP addresses in Azure: public and private IP addresses, and how they are assigned either statically or dynamically.
In this lesson, we introduce ExpressRoute, site to site VPNs and point to site VPNs, for managing hybrid connectivity.
In this demo, we create and configure a Point to Site (P2S) VPN connection to Azure.
This lesson reviews the configuration options and requirements for Point to Site and Site to Site VPN gateways.
This lesson reviews the configuration of ExpressRoute, Azure's private, high-speed connectivity solution for hybrid connections.
This lesson describes using peering and VNet to VNet VPNs to connect Azure virtual networks together.
In this demonstration, we peer two ARM virtual networks together and demonstrate that by doing so, virtual machines in both networks are able to communicate with each other.
This lab will cover various topics regarding Azure virtual networks and how to use them. We will cover proper CIDR selection, region selection, and deploy new virtual networks.
This lab will show you how a load balancer manages web traffic between two Linux virtual machines running Ubuntu and Apache. Specifically, you'll review the settings for the load balancer, see how traffic is routed between the machines, see what happens when each VM is stopped, and see how port forwarding through the load balancer allows you to SSH into each VM on the same public IP address.
In this lab, you will apply Network Security Group (NSG) rules to a subnet containing a virtual machine running nginx. You will see how a predefined rule that blocks inbound traffic prevents Internet connections to that VM; how adding a rule with a smaller priority number allows public connections; how the statefulness of NSG-controlled connections affects the processing of inbound and outbound rules; and how reordering inbound rule priorities affects connectivity.
We will cover proper networking scoping, any caveats, and cover the creation/deletion of virtual network peers.
This lesson describes what ARM templates are, their benefits, and some of their main features.
This lesson reviews the basic syntax of an ARM template: What sections it contains and the required elements of common objects in an ARM template.
This demo reviews the structure of an ARM template and its parameters file, going through each section by section to explain what the JSON in those files instructs Azure to do.
In this demo, we use PowerShell to validate and deploy an ARM template and its parameters file.
In this lesson, we review role-based access control: How it allows us to restrict users to certain permission sets within Azure, scoped to resource type, action and/or resource hierarchy.
In this lesson, we will learn about service principals: What they are, why we need them and how to create them..
In this lesson, we will learn about using resource policies to restrict the kinds of resources that our users can create and manage; and using resource locks to prevent the accidental deletion of resources.
This lab will guide you through the process of understanding, linting, validating and executing an ARM template and its affiliated parameters file, using the Azure CLI 2.0. You will first inspect the template and its parameter file to understand what it will deploy; then fix technical problems with both the ARM template and the parameters file; execute the ARM template; then see the template's results in the portal.
There are multiple requirements for this lab.
To complete this lab, you will need the following:
This test assesses your overall understanding of the material presented in this course and should serve as a reliable measure of your preparedness to take Exam 70-533.
Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. We strive to change lives by teaching Linux and cloud technology. Students can learn new skills, get certified, and advance in their career.
Our full-time, expert instructors create content on AWS, Linux, OpenStack, DevOps, Azure, and Big Data.