Professional Documents
Culture Documents
Final 4
Final 4
www.exampro.co/az-204 Aresource such as an Azure VM is designated as the Target Resource and it omits a signal The Alert Rule defines who should we monitor and when should we react The Signal is a data payload emitted from the resource that could be the following types: + Metric + Log + Activity log + Application insights ‘The signal is evaluated against a criteria or logical test to determine if the alert has been triggered eg. Percentage CPU > 70% The current state of your alert . ‘Monitor Condition is set by the system ens € Alert state is set by the user ‘An action could be a: ‘Automation runbook, Azure Function, ITSM, Logic App, Webhooks or Secure Webhooks ‘An action group contains actions to be that will be performed when alert is triggered{4 Azore Dashboards Cheat sheets, Practice Exams and Flash cards qf worw.exampro.co/a7-204 Dashboards are a virtual workspaces to IIe Sa day S56 atoh id MORROFEFGUREES Build custom dashboards based on projects, tasks, or user roles Tie Galery snow Prana6 Azure Workbooks Cheat sheets, Practice Exams and Flash cards f= www.exampro.co/az-208 ‘Workbooks provide a flexible canvas for data analysis and the creation of rich visual reports within the Azure pc al They allow you to tap into multiple data sources from across Azure and combine them into unified interactive experiences. It tells a story about the performance and availability about your applications and services. Workbooks are temporary workspaces to define a document-like format with visualization intertwined to help investigate and discuss performance,Azure Monitor CheatSheet Exam Cheat sheets, Practice Exams and Flash cards a> www.exampro.co/a2-204 Azure Monitor comprehensive solution FSRIGERRGISSN SFA SERRATE from your cloud and on-premises em ont nts + Create Visual Dashboards + Smart Alerts + Automated Actions + Log Monitoring Toot itt you need to use HS, ana TER fou haa 1 use Dm together, using tein wolate doesnot gain you observabilty ber that is measured over period of time where each ne contains event data about what happened ata certain time. ory of request thats travels through multiple Apps/services so we can pinpoint performance or flue. ‘Azure Monitor collects two fundamental types of data fom sources: Logs and Metres ‘Altra Monitor Lops collects nT RTS: lg ard perforranes data from moritored resources + data logs are consolidated from diferent sources into workspaces platform logs frm Azure services + og and performance data fom virtual machines agents, + usage and performance data from applications canbe consolidated + Ina workspace so they can be analyzed together using a sophisticated query language capable of analyzing milion of records. '* Work with log queries and their results interactively using Log Analytics ‘Azure Monitor Metres collects numeric data from monitored resources into 2 SESE. + Metrics are numerical values collected at regular intervals and describe some aspect of a system ata particular time + lightweight and capable of supporting near realtime scenarios, useful for alerting and fst detection of sues & Youcan analyz them interactively with Metres ExplorerAzure Monitor CheatSheet Exam o Cheat sheets, Practice Exams and Flash cards i www.exampro.co/az-204 Log Analytics sa tol in the Azure portal used HIGHEST RIRISEUGHE with data in Azure Monitor Logs. + Log Analytics uses a query language called KL eter slaps 3k un arernemnent tr earaGritor egies SBS essere ets var te epoatory and tonlewton dane oar ad soko rice ts ta tale ata Hs waripate ‘ture Monitor Logs's based on Azure Dota Explorer and log queries ae writen using the same kisi géeVlagtnge GU) > Ma an ace Lt Analy, og lt ay trl, cura shoud age Ap tyme, ore Mae as AP 3 ae tba ioe cae nae en ek tenon oh ng ain 2 lh * Some query operators include + eakulatd columns, searching and tering on rows, group by-aggregtes, on functions + asto queries execute in the context of some Kst database tha attached to eKusto cluster + lett geerly espa ofthe follow antec: Sy lla ly Coane Re = Chasers re anne ht hal detahaes —E—E—_—=—_ —_—_—_—svvT * Duthaner aes neue entdertec hc tabbecard ed treaon, = ‘Sai Sasi ents oe ht Sr a eT AC + Tables are named entities that hold dat. {CSRs ae raed UR i ae asa de * External tables are entities that reference data stored outside Kusto database. “+ Metrics Explorer isa sub-service of Azure Monitor that allows you to plot charts, visualize correlating trends, and investigate spikes and dips in IBRRIL. To visualize a metric you need to defines + Scope: You can select *resource(s) Ramanan pee gap of mks wan + Metri'The actual value you are interested in vsuaizing apogee hn you sr go thavaluas Yo lastAzure Monitor CheatSheet Exam od Cheat sheets, Practice Exams and Flash cards wwrm.exampro.co/az-208 Alerts notify you when issues are found with your infrastructure or application ‘+ They allow you to identify and address issues before the users of your system notice them. + Azure has 3 kinds of Alerts 1. Metric Alerts 2. Log Alerts 3. Activity Log Alerts ‘Azure Dashboards are a virtual workspaces to ‘Azure Workbooks provide a fexible canvas for data analysis and the creation of rich visual reports within the Azure portal, + Ittellsa story about the performance and availability about your applications and services. ‘Application insights is an service It is a sub-service of Azure Monitor. ‘+ automatically detect performance anomalies + includes powerful analytics tools to help you diagnose issues and to understand what users do with your app ‘+ designed to help you continuously improve performance and usability + works for apps on a for .NET, Node,js, Java, and Python hosted on-premises, hybrid, or any public cloud, + Integrates with your DevOps process ‘+ can monitor and analyze telemetry from mobile apps by integrating with Visual Studio App Center ‘To use Application insights you need to instrument your application. ‘+ To instrument you need to install the instrument package (SDX) + Orenable Application Insights using the Application Insights Agents when supported ‘+ Apps can be instrumented from anywhere ‘+ When you set up Application Insights monitoring for your web app, you create an Application Insights resource in Microsoft Azure. ‘+ You open this resource in the Azure portal in order to see and analyze the telemetry collected from your app. ‘+The resource is identified by an instrumentation key (key)Azure API Management Cheat sheets, Practice Exams and Flash cards a www.exampro.co/az-204 integrates existing back-end services into modern API gateways. S It follows the API-first approach, decoupling —_ front-end and back-end teams with the help = of API mocking. a a— Ge b>. Azure API Management handles the full management of your APIs. ‘Ar Management uncon Apps Azure Cosmos 08 ‘Serwoee It centralizes the securing, versioning, documentation, and compliance from your back-end services in a single point. xj Visual StudioAzure API Management — Key Concepts Cheat sheets, Practice Exams and Flash cards a www.exampro.co/a2-204 API represents a set of operations. + API Operation connects an API endpoint to its backend. Product: A logical grouping of APIs A single or a group of APIs make up a product, which is how your APIs are presented to developers. It can be either public or private. HBB represents back-end services in your API. Group, used to manage the visibility of products to developers: + Administrators have full access to the AP! Management. + Developers, users with access to the developer's portal with permissions to build applications. + Guests, users without access to the developer's portal but with reading permissions in some services. Developer, belongs to one or more Product groups, and each developer has a primary and secondary key to call the product's APIs. Policies, configurations and validations that are applied in progress to incoming requests and outcome responses. Named Values, key-value pairs used with policies. Values can be a result of an expression. Gateway, is where your API calls are received, and policies are applied to incoming requests Developer Portal, where developers can access all APIs and products listed by your APIM alongside its API's operations and documentations. Developers can also request access to your APIs from the developer's portal.APIM — Echo API Service Cheat sheets, Practice Exams and Flash cards i> www.exampro.co/az-204 When you create an APIM Gateway by default it will create an API called Echo API Echo API is a non-production azure service = mee Hs that is used to test Azure API ManagementAPIM — Feature Comparison Cheat sheets, Practice Exams and Flash cards a www.exampro.co/a2-204 Feature Consumption, Developer, Basic Standard. Premium _— ‘Azure AD integration Yer Yer Yer Virtual Network (VNet) support BG ‘Mult-region deployment ‘vallability ones ‘Multiple custorn domain names Developer Portal Builtin cache Builtin analytes Self-hosted gateway TUS setings| ‘External cache Client certificate authentication Policies Yes Yes Yes Yer ‘Backup and restore [eZ | €| F) F) F| #) f) f] F] FF] F #| | f) f| #Feature APIM — Feature Comparison Cheat sheets, Practice Exams and Flash cards a www.exampro.co/a2-208 Consumption Developer Premium ‘Management over Git 7 i" Direct management APL ‘Azure Monitor logs and metrics Static IP ‘WebSocket APIs fl) ele) a) 8) eg #| ff) f) #) #/ 8 f\ f/f) F/ Ff (GraphOlL APIs €| €| #) f| | #APIM — API Authentication Cheat sheets, Practice Exams and Flash cards > www.exampro.co/az-204 In order to authenticate with our APIS, we configure those settings under the subscription section. Subscription ‘Subscription a If the subscription is required, only developers with a ‘eopted valid access key can use it. Header name Ocp-Apim-Subseription-Key (query poameter[subsciplonkey is not checked, anonymous requests are allowed ame Here we can configure where the API will receive the Security access keys, which can be sent as a header or query string. User authorization @ None ©) OAuth 2.0. © OpentD comectAPIM — Groups Cheat sheets, Practice Exams and Flash cards a www.exampro.co/a2-208 Groups are used to manage the visibility of products to developers. Administrators Manage AP! Management service instances and create the APIs, operations, and products that are used by developers Developers Authenticated developer portal users that build applications using your APIs. Developers are granted access to the developer portal and build applications that call the operations of an API. Guests Unauthenticated developer portal users, such as prospective customers visiting the developer portal. ‘They can be granted certain read-only access, such as the ability to view APIs but not call them. Administrators can also create custom groups or use external groups in an associated, Azure Active Directory tenant to give developers visibility and access to API products. ‘Auser can belong to more than one group.APIM — Frontends Cheat sheets, Practice Exams and Flash cards > www.exampro.co/az-208 Frontends defines the route/endpoint and the documentation and configuration around that endpoint. API does not host APIs, it creates facades for your APIs.APIM — Backends Cheat sheets, Practice Exams and Flash cards a> www.exampro.co/az-204 For Backends you can set the following types: + Custom URL — point to server where your service is running + Azure Resource — Integrate directly to an Azure resource eg. + Azure Functions + App Service * Container App + Logic Ap_ + Aaure Service Fabric Authorization credentials present authorize requests’ credentials to the backend service. ‘+ Headers — HTTP headers + You can fetch from Named values + Query — query string + You can fetch from Named Values + Client certificates — x.509 certificates * Certificates stored in Azure Key Vault Type * (CERI etre resource sevice Fabric) Service Fabric) Runtime URL* © For example, https/contoso.com/apl Validate certificate chain a Validate cerifcate name Wenders Quary, let cetfiates = ey Sect aed valeAPIM — Policies Cheat sheets, Practice Exams and Flash cards f+ wornsexampro.co/az-208 API Management Policies allow you to change the behaviour at multiple stages of an endpoint’s request lifecycle You can update any part of the request and response messages eg. headers, body, URLs, ete. ‘There are four areas where polices can be applied —3> + Inbound —for incoming requests. + Backend before requests reach your backend. + Outbound _=before sending response back to client. + Error —when @ request encounters an error Frontend Inbound Processing Policies Outbound Processing Policies if other policies were in effect prior to the error, they will not be removed. ‘Advanced Policies + Authentication Policies + Caching Policies ‘Azure has a collection of policy groups + Cross-Domain Policies which contain many policies you can apply * Transformation Policies + Dapr integration Policies —> + Validation Policies Product-level Poll ly to all API a roduct-level Policies apply to all API operations within a product © Srp alien Poles Saas + Access esvion PolesAPIM Authentication Policies Example Cheat sheets, Practice Exams and Flash cards a> www.exampro.co/az-204 > ExamProAPIM | APIs Using an BEBBRREIBBTIY to cache the response in a Gl operation inside the EBRBIABI.ExamProAPIM | APs APIM Authentication Policies Example ds i> wrvwexampro.co/az-208APIM — - Access Restriction Policies xams and Flash cards af wormexampro.co/az-204 ‘Check HTTP header + Enforces existence and/or value of an HTTP Header. Limit call rate by subse + Prevents API usage spikes by limiting call rate, on a per subscription basis. Limit call rate by key + Prevents API usage spikes by limiting call rate, on a per key basis. Restrict caller IPs ‘+ Filters (allows/denies) calls from specific IP addresses and/or address ranges. Set usage quota by subscription + Allows you to enforce a renewable or lifetime call volume and/or bandwidth quota, on a per subscription basis. Set usage quota by key + Allows you to enforce a renewable or lifetime call volume and/or bandwidth quota, on a per key basis Validate JWT + Enforces existence and validity of a JWT extracted from either a specified HTTP Header or a specified query parameter. Validate client certificate + Enforces that a certificate presented by a client to an AP! Management instance matches specified validation rules and claims.