AZ 900 Terms
Geo-distribution
Applications and data can be deployed to regional datacenters around the globe, so your customers always have the best performance in their region.
Azure Blob storage
Storage service for very large objects, such as video files or bitmaps.
Azure Table storage
Table storage is a service that stores non-relational structured data (also known as structured NoSQL data) in the cloud, providing a key/attribute store with a schemaless design..
Capital Expenditure (CapEx
is the up-front spending of money on physical infrastructure, and then deducting that up-front expense over time. The up-front cost from CapEx has a value that reduces over time.
Azure Blueprints
orchestrates the deployment of various resource templates and other artifacts, such as: Role assignments Policy assignments Azure Resource Manager templates Resource groups
Azure bot service
platforms for creating virtual agents that understand and reply to questions just like a human. Azure Bot Service is a bit different from Azure Machine Learning and Azure Cognitive Services in that it has a specific use case. Namely, it creates a virtual agent that can intelligently communicate with humans. Behind the scenes, the bot you build uses other Azure services, such as Azure Cognitive Services, to understand what their human counterparts are asking for.
Azure Service Health
provides a personalized view of the health of the Azure services, regions, and resources you rely on. The status.azure.com website, which displays only major issues that broadly affect Azure customers, doesn't provide the full picture. But Azure Service Health displays both major and smaller, localized issues that affect you. Service issues are rare, but it's important to be prepared for the unexpected. You can set up alerts that help you triage outages and planned maintenance. After an outage, Service Health provides official incident reports, called root cause analyses (RCAs), which you can share with stakeholders.
Azure mobile app
provides iOS and Android access to your Azure resources when you're away from your computer. With it, you can: Monitor the health and status of your Azure resources. Check for alerts, quickly diagnose and fix issues, and restart a web app or virtual machine (VM). Run the Azure CLI or Azure PowerShell commands to manage your Azure resources.
Azure Active Directory
provides identity services that enable your users to sign in and access both Microsoft cloud applications and cloud applications that you develop.
Cloud Adoption Framework for Azure
provides you with proven guidance to help with your cloud adoption journey. The Cloud Adoption Framework helps you create and implement the business and technology strategies needed to succeed in the cloud.
Azure Virtual Machines
software emulations of physical computers. They include a virtual processor, memory, storage, and networking resources. VMs host an operating system, and you can install and run software just like a physical computer. When using a remote desktop client, you can use and control the VM as if you were sitting in front of it.
Cloud Computing
the delivery of computing services over the internet, which is otherwise known as the cloud. These services include servers, storage, databases, networking, software, analytics, and intelligence. Cloud computing offers faster innovation, flexible resources, and economies of scale.
Azure Resource Manager
the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features like access control, locks, and tags to secure and organize your resources after deployment.
authentication
the process of establishing the identity of a person or service that wants to access a resource. It involves the act of challenging a party for legitimate credentials and provides the basis for creating a security principal for identity and access control. It establishes whether the user is who they say they are.
defense in depth
to protect information and prevent it from being stolen by those who aren't authorized to access it. uses a series of mechanisms to slow the advance of an attack that aims at acquiring unauthorized access to data.
Azure Functions
you can host a single method or function by using a popular programming language in the cloud that runs in response to an event. An example of an event might be an HTTP request, a new message on a queue, or a message on a timer.
resource lock
prevents resources from being accidentally deleted or changed.
Tags
provide extra information, or metadata, about your resources
Azure Dedicated Host
provides dedicated physical servers to host your Azure VMs for Windows and Linux.
Azure HDInsight
Process massive amounts of data with managed clusters of Hadoop clusters in the cloud.
Azure DDoS Protection
Protects Azure-hosted applications from distributed denial of service (DDOS) attacks.
Azure Database Migration Service
Service that migrates databases to the cloud with no application code changes.
Azure Functions
An event-driven, serverless compute service.
Azure DDoS Protection
(Standard) helps protect your Azure resources from DDoS attacks.
Azure Queue Storage
A data store for queuing and reliably delivering messages between applications
Subscriptions
A subscription groups together user accounts and the resources that have been created by those user accounts. For each subscription, there are limits or quotas on the amount of resources that you can create and use. Organizations can use subscriptions to manage costs and the resources that are created by users, teams, or projects.
Azure VPN Gateway
Accesses Azure Virtual Networks through high-performance VPN gateways.
Scalability
Applications in the cloud can be scaled in two ways, while taking advantage of autoscaling: Vertically: Computing capacity can be increased by adding RAM or CPUs to a virtual machine. Horizontally: Computing capacity can be increased by adding instances of a resource, such as adding more virtual machines to your configuration.
Archive access tier
Appropriate for data that is rarely accessed and stored for at least 180 days, with flexible latency requirements (for example, long-term backups).
Azure AD Services
Authentication This includes verifying identity to access applications and resources. It also includes providing functionality such as self-service password reset, multifactor authentication, a custom list of banned passwords, and smart lockout services. Single sign-on SSO enables you to remember only one username and one password to access multiple applications. A single identity is tied to a user, which simplifies the security model. As users change roles or leave an organization, access modifications are tied to that identity, which greatly reduces the effort needed to change or disable accounts. Application management You can manage your cloud and on-premises apps by using Azure AD. Features like Application Proxy, SaaS apps, the My Apps portal (also called the access panel), and single-sign on provide a better user experience. Device management Along with accounts for individual people, Azure AD supports the registration of devices. Registration enables devices to be managed through tools like Microsoft Intune. It also allows for device-based conditional access policies to restrict access attempts to only those coming from known devices, regardless of the requesting user account.
What is Azure?
Azure is a continually expanding set of cloud services that help your organization meet your current and future business challenges. Azure gives you the freedom to build, manage, and deploy applications on a massive global network using your favorite tools and frameworks.
Role-Based Access Control (RBAC)
Azure provides built-in roles that describe common access rules for cloud resources. You can also define your own roles. Each role has an associated set of access permissions that relate to that role. When you assign individuals or groups to one or more roles, they receive all of the associated access permissions.
Disaster recovery
By taking advantage of cloud-based backup services, data replication, and geo-distribution, you can deploy your applications with the confidence that comes from knowing that your data is safe in the event that disaster should occur.
Elasticity
Cloud-based applications can be configured to always have the resources they need.
Azure Machine Learning Service
Cloud-based environment you can use to develop, train, test, deploy, manage, and track machine learning models. It can auto-generate a model and auto-tune it for you. It will let you start training on your local machine, and then scale out to the cloud.
Agility
Cloud-based resources can be deployed and configured quickly as your application requirements change.
Azure Kubernetes Service
Cluster management for VMs that run containerized services.
Private Cloud
Computing resources are used exclusively by users from one business or organization. A private cloud can be physically located at your organization's on-site datacenter. It also can be hosted by a third-party service provider.
Azure Virtual Network
Connects VMs to incoming virtual private network (VPN) connections.
Azure ExpressRoute
Connects to Azure over high-bandwidth dedicated secure connections.
Azure Container Instances
Containerized apps run on Azure without provisioning servers or VMs.
Reliability
Depending on the service-level agreement that you choose, your cloud-based applications can provide a continuous user experience with no apparent downtime even when things go wrong.
region pair
Each Azure region is always paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away. This approach allows for the replication of resources (such as VM storage) across a geography that helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect both regions at once. If a region in a pair was affected by a natural disaster, for instance, services would automatically failover to the other region in its region pair.
Azure File storage
File shares that can be accessed and managed like a file server
Azure Database for MySQL
Fully managed and scalable MySQL relational database with high availability and security.
Azure Database for PostgreSQL
Fully managed and scalable PostgreSQL relational database with high availability and security.
Azure Synapse Analytics
Fully managed data warehouse with integral security at every level of scale at no extra cost.
IoT Central
Fully managed global IoT software as a service (SaaS) solution that makes it easy to connect, monitor, and manage IoT assets at scale.
Azure SQL Database
Fully managed relational database with auto-scale, integral intelligence, and robust security.
IoT Edge
Fully managed service that allows data analysis models to be pushed directly onto IoT devices, which allows them to react quickly to state changes without needing to consult cloud-based AI models.
Azure Cosmos DB
Globally distributed database that supports NoSQL options.
Azure Firewall
Implements high-security, high-availability firewall with unlimited scalability.
Software-as-a-Service
In this cloud service model, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. The cloud tenant only needs to provide their data to the application managed by the cloud provider. For example, Microsoft Office 365 provides a fully working version of Microsoft Office that runs in the cloud. All you need to do is create your content, and Office 365 takes care of everything else.
SaaS (Software as a Service)
In this cloud service model, the cloud provider manages all aspects of the application environment, such as virtual machines, networking resources, data storage, and applications. The cloud tenant only needs to provide their data to the application managed by the cloud provider. For example, Office 365 provides a fully working version of Office that runs in the cloud. All that you need to do is create your content, and Office 365 takes care of everything else.
Azure Databricks
Integrate this collaborative Apache Spark-based analytics service with other big data services in Azure.
Azure Logic Apps
Logic apps are similar to functions. Both enable you to trigger logic based on an event. Where functions execute code, logic apps execute workflows that are designed to automate business scenarios and are built from predefined logic blocks.
Azure IoT Hub
Messaging hub that provides secure communications between and monitoring of millions of IoT devices.
Azure Sentinel
Microsoft's cloud-based SIEM system. It uses intelligent security analytics and threat analysis.
consumption-based model
No upfront costs. No need to purchase and manage costly infrastructure that users might not use to its fullest. The ability to pay for additional resources when they are needed. The ability to stop paying for resources that are no longer needed.
Cool access tier
Optimized for data that is infrequently accessed and stored for at least 30 days (for example, invoices for your customers).
Hot access tier
Optimized for storing data that is accessed frequently (for example, images for your website).
Azure DevTest Labs
Quickly create on-demand Windows and Linux environments to test or demo applications directly from deployment pipelines.
Resource groups
Resources are combined into resource groups, which act as a logical container into which Azure resources like web apps, databases, and storage accounts are deployed and managed.
Resources
Resources are instances of services that you create, like virtual machines, storage, or SQL databases.
Public Cloud
Services are offered over the public internet and available to anyone who wants to purchase them. Cloud resources like servers and storage are owned and operated by a third-party cloud service provider and delivered over the internet.
Azure Synapse Analytics
Run analytics at a massive scale by using a cloud-based enterprise data warehouse that takes advantage of massively parallel processing to run complex queries quickly across petabytes of data.
SQL Server on Azure Virtual Machines
Service that hosts enterprise SQL Server apps in the cloud.
Management groups
These groups help you manage access, policy, and compliance for multiple subscriptions. All subscriptions in a management group automatically inherit the conditions applied to the management group.
PaaS (Platform as a Service)
This cloud service model is a managed hosting environment. The cloud provider manages the virtual machines and networking resources, and the cloud tenant deploys their applications into the managed hosting environment. For example, Azure App Services provides a managed hosting environment where developers can upload their web applications without having to deal with the physical hardware and software requirements.
Platform-as-a-Service
This cloud service model is a managed hosting environment. The cloud provider manages the virtual machines and networking resources, and the cloud tenant deploys their applications into the managed hosting environment. For example, Azure App Services provides a managed hosting environment where developers can upload their web applications, without having to worry about the physical hardware and software requirements.
IaaS (Infrastructure as a Service)
This cloud service model is the closest to managing physical servers. A cloud provider keeps the hardware up to date, but operating system maintenance and network configuration is left to the cloud tenant. For example, Azure virtual machines are fully operational virtual compute devices running in Microsoft's datacenters. An advantage of this cloud service model is rapid deployment of new compute devices. Setting up a new virtual machine is considerably faster than procuring, installing, and configuring a physical server.
Infrastructure-as-a-Service
This cloud service model is the closest to managing physical servers; a cloud provider will keep the hardware up-to-date, but operating system maintenance and network configuration is up to you as the cloud tenant. For example, Azure virtual machines are fully operational virtual compute devices running in Microsoft datacenters. An advantage of this cloud service model is rapid deployment of new compute devices. Setting up a new virtual machine is considerably faster than procuring, installing, and configuring a physical server.
Hybrid Cloud
This computing environment combines a public cloud and a private cloud by allowing data and applications to be shared between them.
Azure DevOps
Use development collaboration tools such as high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and cloud-based load testing. Formerly known as Visual Studio Team Services.
Windows Virtual Desktop
a desktop and application virtualization service that runs on the cloud. It enables your users to use a cloud-hosted version of Windows from any location. Windows Virtual Desktop works across devices like Windows, Mac, iOS, Android, and Linux. It works with apps that you can use to access remote desktops and apps. You can also use most modern browsers to access Windows Virtual Desktop-hosted experiences.
Azure regions
a geographical area on the planet that contains at least one but potentially multiple datacenters that are nearby and networked together with a low-latency network. Azure intelligently assigns and controls the resources within each region to ensure workloads are appropriately balanced.
Azure Sphere
a secured, high-level application platform with built-in communication and security features for internet-connected devices. It comprises a secured, connected, crossover microcontroller unit (MCU), a custom high-level Linux-based operating system (OS), and a cloud-based security service that provides continuous, renewable security.
Azure Portal
a web-based, unified console that provides an alternative to command-line tools.
Azure CLI
an executable program with which a developer, DevOps professional, or IT professional can execute commands in Bash. The commands call the Azure Rest API to perform every possible management task in Azure. You can run the commands independently or combined into a script and executed together for the routine setup, teardown, and maintenance of a single resource or an entire environment.
Availability zones
are physically separate datacenters within an Azure region. Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking. An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working. Availability zones are connected through high-speed, private fiber-optic networks.
Azure cognitive services
cloud-based services with REST APIs and client library SDKs available to help you build cognitive intelligence into your applications. You can add cognitive features to your applications without having artificial intelligence (AI) or data science skills. Azure Cognitive Services comprise various AI services that enable you to build cognitive solutions that can see, hear, speak, understand, and even make decisions.
Azure Sphere
creates an end-to-end, highly secure IoT solution for customers that encompasses everything from the hardware and operating system on the device to the secure method of sending messages from the device to the message hub. Azure Sphere has built-in communication and security features for internet-connected devices.
Azure PowerShell
developers and DevOps and IT professionals can execute commands called cmdlets (pronounced command-lets). These commands call the Azure Rest API to perform every possible management task in Azure. Cmdlets can be executed independently or combined into a script file and executed together to orchestrate: The routine setup, teardown, and maintenance of a single resource or multiple connected resources. The deployment of an entire infrastructure, which might contain dozens or hundreds of resources, from imperative code.
ingle sign-on
enables a user to sign in one time and use that credential to access multiple resources and applications from different providers.
Serverless Computing
enables developers to build applications faster by eliminating the need for them to manage infrastructure. With serverless applications, the cloud service provider automatically provisions, scales, and manages the infrastructure required to run the code. Serverless architectures are highly scalable and event-driven. They use resources only when a specific function or trigger occurs.
network security groups
enables you to filter network traffic to and from Azure resources within an Azure virtual network. You can think of NSGs like an internal firewall. An NSG can contain multiple inbound and outbound security rules that enable you to filter traffic to and from resources by source and destination IP address, port, and protocol.
Authorization
establishes the user's identity, but authorization is the process of establishing what level of access an authenticated person or service has. It specifies what data they're allowed to access and what they can do with it.
Azure Advisor
evaluates your Azure resources and makes recommendations to help improve reliability, security, and performance, achieve operational excellence, and reduce costs. Advisor is designed to help you save time on cloud optimization. The recommendation service includes suggested actions you can take right away, postpone, or dismiss.
Microsoft Privacy Statement
explains what personal data Microsoft collects, how Microsoft uses it, and for what purposes.
Azure Marketplace
helps connect users with Microsoft partners, independent software vendors, and startups that are offering their solutions and services, which are optimized to run on Azure. Azure Marketplace customers can find, try, purchase, and provision applications and services from hundreds of leading service providers. All solutions and services are certified to run on Azure.
Azure Key Vault
is a centralized cloud service for storing an application's secrets in a single, central location. It provides secure access to sensitive information by providing access control and logging capabilities.
Azure
is a cloud computing platform with an ever-expanding set of services to help you build solutions to meet your business goals. Azure services range from simple web services for hosting your business presence in the cloud to running fully virtualized computers for you to run your custom software solutions. Azure provides a wealth of cloud-based services like remote storage, database hosting, and centralized account management. Azure also offers new capabilities like AI and Internet of Things (IoT).
Azure Logic Apps
is a low-code/no-code development platform hosted as a cloud service. The service helps you automate and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions, whether in the cloud, on-premises, or both. This solution covers app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) integration.
Azure Firewall
is a managed, cloud-based network security service that helps protect resources in your Azure virtual networks. A virtual network is similar to a traditional network that you'd operate in your own datacenter. It's a fundamental building block for your private network that enables virtual machines and other compute resources to securely communicate with each other, the internet, and on-premises networks.
Azure Security Center
is a monitoring service that provides visibility of your security posture across all of your services, both on Azure and on-premises. The term security posture refers to cybersecurity policies and controls, as well as how well you can predict, prevent, and respond to security threats.
Azure Monitor
is a platform for collecting, analyzing, visualizing, and potentially taking action based on the metric and logging data from your entire Azure and on-premises environment.
multifactor authentication
is a process where a user is prompted during the sign-in process for an additional form of identification. Examples include a code on their mobile phone or a fingerprint scan.
Azure Policy
is a service in Azure that enables you to create, assign, and manage policies that control or audit your resources. These policies enforce different rules and effects over your resource configurations so that those configurations stay compliant with corporate standards.
Conditional Access
is a tool that Azure Active Directory uses to allow (or deny) access to resources based on identity signals. These signals include who the user is, where the user is, and what device the user is requesting access from.
Operational Expenditure (OpEx
is spending money on services or products now, and being billed for them now. You can deduct this expense in the same year you spend it. There is no up-front cost, as you pay for a service or product as you use it.