Describe core Azure architectural components

Ace your homework & exams now with Quizwiz!

You might also need additional subscriptions because of

Subscription limits

two types of subscription boundaries

1. Billing boundary 2. Access control boundary

create additional subscriptions to separate:

1. Environments 2. Organizational structures 3. Billing

the organizing structure for resources in Azure, which has four levels

1. management groups, 2. subscriptions, 3. resource groups 4. resources.

Azure applies access-management policies at the subscription level, and you can create separate subscriptions to reflect different organizational structures. An example is that within a business, you have different departments to which you apply distinct Azure subscription policies. This billing model allows you to manage and control access to the resources that users provision with specific subscriptions.

Access control boundary

if your organization has many subscriptions, you might need a way to efficiently manage access, policies, and compliance for those subscriptions. ___ ___ ___ provide a level of scope above subscriptions. You organize subscriptions into containers called ___ ___ and apply your governance conditions to the management groups.

Azure management groups management groups

is a manageable item that's available through Azure. Virtual machines (VMs), storage accounts, web apps, databases, and virtual networks are all examples of resources.

Azure resource

Azure requires an ___ ___ .It provides you with authenticated and authorized access to Azure products and services. It also allows you to provision resources. An Azure subscription is a logical unit of Azure services that links to an Azure account, which is an identity in Azure Active Directory (Azure AD) or in a directory that Azure AD trusts.

Azure subscription

An account can have one subscription or multiple subscriptions that have different billing models and to which you apply different access-management policies. You can use ____ ____ to define boundaries around Azure products, services, and resources.

Azure subscriptions

This subscription type determines how an Azure account is billed for using Azure. You can create multiple subscriptions for different types of billing requirements. Azure generates separate billing reports and invoices for each subscription so that you can organize and manage costs.

Billing boundary

You can create a hierarchy that applies a policy. For example, you could limit VM locations to the US West Region in a group called Production. This policy will inherit onto all the ___ ___ ___that are descendants of that management group and will apply to all VMs under those subscriptions. This security policy can't be altered by the resource or subscription owner, which allows for improved governance.

Enterprise Agreement subscriptions

first step to started with Azure will be to create at least one Azure _____. You'll use it to create your cloud-based resources in Azure.

subscription

These groups help you manage access, policy, and compliance for multiple subscriptions. All subscriptions in a management group automatically inherit the conditions applied to the management group.

Management groups

A subscription groups together user accounts and the resources that have been created by those user accounts. For each subscription, there are limits or quotas on the amount of resources that you can create and use. _______ can use subscriptions to manage costs and the resources that are created by users, teams, or projects

Organizations

Resources are combined into resource groups, which act as a logical container into which Azure resources like web apps, databases, and storage accounts are deployed and managed.

Resource groups

______ are instances of services that you create, like virtual machines, storage, or SQL databases.

Resources

you can apply policies to a management group that limits the regions available for ___ ___ . This policy would be applied to all management groups, subscriptions, and resources under that management group by only allowing VMs to be created in that region.

VM creation

you can set up multiple invoices within the same billing account. To do this, create additional ___ ___ . Each billing profile has its own monthly invoice and payment method.

billing profiles

Subscription limits are

bound to some hard limitations. For example, the maximum number of Azure ExpressRoute circuits per subscription is 10. limits should be considered as you create subscriptions If there's a need to go over those limits you might need additional subscriptions.

Each management group and subscription can support only one parent. Each management group can have many _____. All subscriptions and management groups are within a single hierarchy in each directory.

children

You can build a flexible structure of management groups and subscriptions to organize your resources into a ___for unified policy and access management.

hierarchy

All subscriptions within a management group automatically ___ ___ ___ applied to the management group give you enterprise-grade management at a large scale no matter what type of subscriptions you might have. All subscriptions within a single management group must trust the same.

inherit the conditions Azure AD tenant

you can organize them into invoice sections. Each invoice section is a line item on the invoice that shows the charges incurred that month. For example, you might need a single invoice for your organization but want to organize charges by department, team, or project.

multiple subscriptions

where you would use management groups is to provide user access to multiple subscriptions. By moving multiple subscriptions under that management group, you can create one___ ___ on the management group, which will inherit that access to all the subscriptions. One assignment on the management group can enable users to have access to everything they need instead of scripting RBAC over different subscriptions

role-based access control (RBAC) assignment

10,000 management groups can be supported in a ______. A management group tree can support up to six levels of depth. This limit doesn't include the root level or the subscription level.

single directory


Related study sets

Physics Conceptual Questions Exam 3

View Set

Networking Essentials - Chapter 2 Exam

View Set

Supply Chain Quiz Questions- Exam 2

View Set

Section 7: Executives - quiz questions

View Set

Chapter 18: Control of Gene Expression in Bacteria

View Set

Pedi Success - Cumulative Questions

View Set

Bio Tech Exam 2 (copy; not official)

View Set