Azure Administrator
ARM templates are made up of the following JSON structure..
$schema, contentVersion, apiProfile, parameters, variables, functions, resources, outputs
Hybrid Azure AD Joined is for?
- Devices owned by the organization - Signed in with Active Directory Domain Service account owned by the organization - Devices that exist in the cloud or on-premise - Windows 7, 8.1, 10 windows Server 2008 or newer
Azure AD Joined is for?
- Devices owned by the organization - Signed in with Organizational account - Access to devices that exist in only the cloud(Cloud Native) - Windows 10, Windows server 2019
Azure Registered is for?
- Personally owned devices or mobile devices. - Sign in with local or personal account - Windows 10, iOS, Android and MacOS
A Role Assignment is composed of ?
A Security Principle, Role Definition, and Scope.
What is Azure Resource Manager (ARM) ?
A Service that allows you to manage Azure resources. Its a service layer that spans multiple feature and services.
A policy initiative is know as
A group of policy definitions, formally know as a policy set.
What are resources tags?
A key and value pair that you can assign to azure resources.
What are Resource Providers?
A list of possible services with in Azure, some services are registered by default and other needs to explicitly registered.(They will not be accessible if they are not registered)
What are Resource Groups?
A logical grouping of multiple resources.
What is a Management Group?
A logical grouping of multiple subscriptions.
CustomRole
A role created by you with your own custom logic
What is External Authority Assignment?
Access comes from an external source, such as an on-premises directory or a SaaS app.
Classic Administrators have access to what 3 roles?
Account Administrator, Service Administrator, and Co - Administrator
What is Device Management?
Allows organizations to manage Laptops, Desktops, and phones the need access to cloud resources.
What does IAM (Identity Access Management) do?
Allows you to create and assign Azure (RBAC system) roles to users
What are resources?
An Azure service like a Azure VM.
What are ARM templates?
Are JSON files that define azure resources you want to provision and azure services you want to configure. Also, they are declarative.
ReadOnly
Authorized users can read a resource, but they can't delete or update the resource
CanNotDelete
Authorized users can still read an modify a resource but they can't delete the resource.
You can create custom Azure AD roles but you need to purchase either..
Azure AD Premium P1 or P2
What is Azure Active Directory (Azure AD) roles?
Azure AD roles are used to manage Azure AD resources in a directory
Where is Device management found under?(What Tab In Azure)
Azure Active Directory (AD)
What are the 3 ways to bring devices into Device Management?
Azure Registered, Azure AD Joined, and Hybrid Azure AD Joined
What does ARM stand for?
Azure Resource manager
2 main Resource Locks are?
CanNotDelete, and ReadOnly
The 3 Kind of Azure Roles are?
Classic Subscription Administrator Roles, Azure Roles, and Azure Active Directory (Azure AD) Roles.
What is included in the Office 365 Apps edition of Azure AD?
Company Branding, SLA, Two-Sync between on-premise and cloud
What is Mobile Device Management (MDM)?
Control the entire device, can wipe data form it, and also reset it to factory settings.
Infrastructure As Code (IaC) comes in 2 types.
Declarative, and Imperative
What is "$schema" in the ARM template JSON Structure?
Describes the properties that are available within a template.
What are the 4 ways to assign resource access rights to your users?
Direct Assignment, Group Assignment, Rule-based Assignment, and External authority assignment
What are blueprints?
Enables quick creation of governed subscriptions.
What does a Azure Policy do?
Enforce organizational standards and to assess compliance at scale
The 4 editions of Azure AD are?
Free, Office 365 Apps, Premium 1 (P1), Premium 2 (P2)
User Administrator..
Full access to create and manage users
Global Administrator..
Full access to everything.
Important Azure AD Roles
Global Administrator, User Administrator, and Billing Administrator
What is Subscriptions?
Grants you access to azure services based on a billing an support agreement.
What is included in the Premium 1 (P1) edition of Azure AD?
Hybrid Architecture, Advanced Group access, Conditional Access
What is included in the Premium 2 (P2) edition of Azure AD?
Identity Protection, Identity Governance
What is Classic Subscription Administrator Roles?
Is the original role system.
Rules of a policy are described in a
JSON file, known as a policy definition.
What is the Azure roles
Know as a Role based Access Controls (RBAC), built on top of Azure Resource Manager
What is included in the Free edition of Azure AD?
MFA, SSO, Basic Security and Usage Reports, User Management.
What is Active Directory (AD)?
MS Identity And Access management Service used on-premise. Helps employees sign in and access resources.
Azure Active Directory(Azure AD) is
MS cloud-based version of AD also referred to as Identity as a Service.
Billing Administrator..
Make Purchases, manage subscription and support tickets
What is a BuiltInRole?
Managed Microsoft roles are read only pre-created roles for you to use
The logical Grouping of Azure "Groups" are?
Management Groups, Subscriptions, Resource Groups, and Resources
"location" with in the resources in the ARM Template JSON structure is..
Most resources have a location property, the region where the resource will be deployed.
"name" with in the resources in the ARM Template JSON structure is..
Name of the resource.
Policies only.
Observe for compliance, they do not restrict access.
What is Mobile Application Management (MAM)?
Publish, push, configure, secure, monitor, and update mobile apps for your users.
Service Administrator
Same access of a user assigned the owner role at subscription scope. Full access to the Azure portal
Co-Administrator
Same access of a user who is assigned the owner role at the subscription scope
Account Administrator
The billing owner of the subscription, has no access to the Azure Portal
What is Infrastructure As Code (IaC)?
The process of managing and provisioning computer data centers through machine readable definition files(eg. JSON Files) rather than physical hardware configuration or interactive configuration tools.
What is Group Assignment?
The resource owner assigns an Azure AD group to the resource, which automatically gives all of the group members access to the resource.
What is Rule-Based Assignment?
The resource owner creates a group and uses a rule to define which users are assigned to a specific resource.
What is Direct Assignment?
The resource owner directly assigns the user to the resource.
What is "contentVersion" in the ARM template JSON Structure
The version of the template. You can provide any value for this element.
What are Resource Locks?
They prevent user from accidently modifying or deleting resources at the Subscriptions, Resource Groups, or Resource scope.
"type" with in the resources in the ARM Template JSON structure is..
Type of resource
What is "$apiProfile" in the ARM template JSON Structure
Use this value to avoid having to specify API versions for each resource in the template.
What is "functions" in the ARM template JSON Structure
User-defined functions available within the template.
What is "parameters" in the ARM template JSON Structure
Values you can pass along to your template.
"apiVersion" with in the resources in the ARM Template JSON structure is..
Version of the REST API to use for the resource, Each resource provider published its own API versions.
A Role Assignment is?
When you apply a role to a user.
Imperative IaC is?
You define what you generally want, and the service will guess what you want.
Declarative IaC is?
You defined exactly what you want, and you get exactly that.
What is "variables" in the ARM template JSON Structure
You transform parameters or resource properties using function expressions.
What is a Scope?
is a boundary of control for azure resources.
What is "resources" in the ARM template JSON Structure
the azure resource you'll want to deploy or update.
"resources" in the ARM template JSON Structure contain the following.
type, apiVersion, name, location, other Properties
What is "outputs" in the ARM template JSON Structure
values that are returned after deployment. You can use the programmatically.