Professional Documents
Culture Documents
70-532: Developing
Azure
Brian Swiger
Solutions
Brian Swiger
App Dev Manager for Microsoft
20+ years of development and
architecture experience
Microsoft Certified Trainer (MCT) &
Solutions Developer
Azure Certified Developer/Architect
@CodeBeing
http://www.mightybs.c Microsoft Learning Experiences (LeX)
om contributor
http://aka.ms/brianswi
ger
Agenda
1 Exam Concepts
3 Study Strategy
Exam concepts
Basics
Scoring
Question Structure
Exam Scoring
Each exam has a cut score
Determined during exam creation process
Questions are evaluated for difficulty and a score applied
Goal Statement
You need to
Question statement
What should you do
Exam Topics & Details
http://aka.ms/70-532
Exam Outline (Skills measured)
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Exam Outline (Skills measured)
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Exam Outline (Skills measured)
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Virtual Machines
Deploying VM
Workloads
Scaling Storage Manageme
nt
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Overview
Management
options
Portal Virtual
PowerShell Network
REST API
Cloud
vne vm
Service
t Virtual
Data Machine
Disk(s)
OS Disk
Storage storage
Account
Image
VM Best Practices
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Deployment
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
RM Template Walkthrough
Desired State Configuration DSC Template Overview
Node $MachineName
{
#Install the WebServer
WindowsFeature IIS
{
Ensure = "Present"
Name = "Web-Server"
}
Generalize a Windows VM
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Availability sets
Planned vs unplanned maintenance
Configure multiple virtual machines in an availability set for redundancy
Configure each application tier into separate availability sets
Combine a Load Balancer with availability sets
Use multiple storage accounts for each availability set
Upgrade domains
Five (non-user configurable) domains by default
Groups of VMs and hardware that can be rebooted at the same time
Fault domains
Three domains by default
group of virtual machines that share a common power source and network switch
Separate hardware & network Manage the availability of VMs
How to create an availability set
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Storage replication options
Locally redundant
Default
Up to three nodes in the same data center
Geo-redundant storage
Data center in a different region
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
ARM VM Storage
Configure disk caching
Input/output operations per second (IOPS)
Throughput (Mbps)
Read/write vs Read and striping
Storage capacity
Scalability and Performance Targets
Premium Storage
Premium: high-performance, low-latency disk support for I/O intensive workloads
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
VM Networking
Network Security Group (NSG)
ACL rules allow/deny network traffic
Can only be applied to resources within the region it was created
Diagnostic logging capability
Associating (NSG to Network Interface Card (NIC), NSG to subnet)
ONE NSG to a NIC or subnet
Application Gateway
Load balancing
Websocket traffic
Sticky session apps
SSL offload Network security groups
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
User Defined Routes (UDR) aka route
table
System Routes
3 Default Rules: Local vNet, On-premises, Internet
Any subnet to another w/in a VNet.
From VMs to the Internet.
From VNet to another VNet via VPN gateway.
From a VNet to another VNet through VNet Peering
From a VNet to on-premises network via VPN gateway.
UDR
See aka.ms/Azure/UDR
And aka.ms/Azure/DMZ
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Virtual Machine Scale Sets
Identical set of VMs
PaaS-like autoscale
Focus is load and elastic in and out
Scaling
PaaS-like autoscale using autoScaleSettings in ARM template
Rules using metricTriggers
Can combine Desired State Configuration (DSC) extension
Initial scale setting using ARM template:
"sku": {
"name": "Standard_A0",
"tier": "Standard",
"capacity": 3
},
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Storage
Access
Control Monitoring SQL DB Search
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Blobs / Files
devstor devshar
e demo e demo
PAGE BLOB
APPEND
BLOB
Understanding Block Blobs, Append Blobs and Page B
lobs
BLOBS M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
FILES
Storage
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Tables
ODAT
A
devtabl
e demo
SAS TableClient
TOKEN
entities table account
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Queues
devqueu QueueClient
e demo
SAS
TOKEN
entities table account
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Storage access
Blobs
//[account].blob.core.windows.net/[container]/[blob]
Files
//[account].file.core.windows.net/[file]
Tables
//[account].table.core.windows.net/[table]([parititionkey],[rowkey])
Queues
//[account].queue.core.windows.net/[queue]
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Access control with Shared Access Signature (SAS)
1.
Re
qu
es
t SA
Application ST
ok
en
2. G
en
er
3. ith
at
w ed
St SA
SA
or S
ST SAS Token
ag To
4.
ok
e ke
en
Re
Service
re n.
sp
qu
on
es
se
Storage
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
SQL Database SQL Database Service Tiers
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Storage Service Encryption (SSE)
Features
256 BIT AES Encryption
Block, Page and Append Blobs
General purpose and Blob Storage Accounts
All redundancy levels and all Regions
ARM, no ASM
Limitations
Classic storage and Classic migrated
Existing Data before turned on
Tables, Queues, and Files data
https://docs.microsoft.com/en-us/azure/storage/storage-service-encryption
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Search
IndexCreate an index
Persistent store of documents
Handle Results
Search pagination and layout
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Redis Cache
Tiers Caching tiers
Basic, Standard & Premium
Concurrency
Optimistic vs pessimistic
Caching guidance
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Exam Outline (Skills measured)
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Web & Mobile
App Service
Web apps
Auto-patching and auto-scale
MobilePHP,
.NET, Java, Node.js, apps
Python
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Hosting
Resourc AppSites
e Group
ProdSites
App
Service
Plan
StageSites
Web
Apps
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Application Insights
Monitor
WebApps, ASP.NET, Java Apps
Windows Services
Docker apps, JavaScript
SharePoint Sites
Node.js, Objective-C,
PHP, Python, Ruby
DevOps Cycle
Detect, Triage, Diagnose
Monitor Perf, Failures, Usage
aka.ms/azure/AppInsights
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Scaling a web app
Scalable and global web app
and database
Scale quickly with a slider bar, from a
schedule, or based on CPU load
Route users globally to copies of Web Apps
On-
Demand Scheduled
web app
AZURE
Creating WebJobs
Uploaded in a zip file
Types
Python
Batch
PowerShell
Java
.NET
Scheduling
settings.job file at root of zip file
{ "schedule": "second minute hour day month dayofweek" }
Or, just use the Azure UI
Configuring WebJobs
CODE AZURE FUNCTIONS
EVENTS + DATA
+
Azure functions
Asynchronous, event-driven,
AZURE FUNCTIONS
serverless experience
Respond to events occurring
in
other Azure services, SaaS
products (e.g., Office365,
Salesforce),
on-premises systems
Only pay while function is
executing
Modernization
with microservices WEB
HTTP Listener Page content Authenticator
OS Patching
The original PaaS offering from 2010.
Web roles Worker roles
Best used when low-level OS access is
required, but consider the newer PaaS
models first.
Azure Storage
API Management
Create Managed APIs
Key Concepts
Policies
Add Caching
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Identity and Networks
Azure AD AD
B2B/B2C
Communica Messaging
te
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Active Directory Exchang SharePoi Cloud
Graph Apps
e nt API
Online Online
Azure
Active
CLOUD Directory
ON PREMISE
Active
Directory
Exchang SharePoi LDAP LOB Apps
e nt
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Secure Resources using Managed
Identities
AD On-premises vs Azure A
D
Graph API
Programmatic Access to Azure AD | RESTful
CRUD | Application must be registered and
configured
Requests use standard HTTP Methods
OAuth
AuthZ web apps and web APIs in Azure AD
Tenant
Access authorization, role-based assignment
for app and user authorization
OpenID Connect M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Business to Consumer (B2C)
Protocol Azure AD
support Graph API
aka.ms/Azure/B2C (OIDC, OAuth2)
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure B2B viral tenant created
rvind@b2btest074.com added to msonline-setup.com tenancy
1. Arvind can choose not to
create account. If not, the
invitation remains
unredeemed.
2. b2btest074.onmicrosoft.co
m is the tenant domain and
contoso.com is an email
verified domain.
3. Admin can DNS verify the
Arvind_btbtest074. com#EXT#@... arvind@b2btest074.com b2btest074.com domain
msonline-setup.com and take over this dynamic
Guest Mail User tenancy.
4. When the tenant is taken
B2btest074.onmicrosoft.co over -the domain changes
msonline-setup.com to DNS verified.
(host tenant) m
(dynamic tenant) 5. Tenant can choose to keep
aka.ms/Azure/B2CB existing cloud passwords
for the users or configure
On Prem federation if
B2C or B2B?
Azure AD B2B Collaboration Azure AD B2C
What is it for?
IT Pros providing access to their organizations Developers working on Consumer- & citizen-
data and applications to partner organizations facing mobile & web apps that reach out to the
and collaborators. customer, and citizens directly.
Who is it for?
Partner users that are acting *on behalf of*, i.e. as Consumers and citizens that are acting as
representatives or employees of their organization. themselves.
Manageability
Access reviews, email verification, Self-Serve. Users manage their own profiles.
allowlist/denylist, etc govern access to host
application and resources.
Discoverability
Partner users are discoverable and can see other Consumers and citizens are invisible to other
users from their own organization (subject to policy). consumers and citizens. Privacy and consent are
paramount.
Comparison of Azure AD capabilities
Consider this Azure AD Azure AD B2B Azure AD B2C
Product Multi-tenant
SaaS app
If I need to provide A service to Partner access A service to
businesses to my apps consumers
And I am similar to Pharm Imaging company Sports Franchise
Distribution
Deploying an App Practice Supplier extranet Soccer Fans
for Management
Targeting Doctors offices Approved Anyone with
Business email
Partners
Accessible when Customer admin My admin The consumer
consents
M I C R O S O F T C O N F I D E N Tinvites
I A L I N T E R N A L O N LY signs up
Service Bus
Targeting Push
FIFO Queues Expose
Messages notification
Simple Client OnPrem
Work with infrastructure
service to
Queues public Support for
Leverage WCF non-MSFT
targets
NOTIFICATIO
QUEUES TOPICS RELAY
N HUBS
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Service Bus Queue vs Storage
Queue
Service bus queues
FIFO guaranteed
Storage queues
Order not guaranteed
Delivery once and only once Delivery at least once, maybe multiple
60 second default locks can be renewed times
Messages are finalized once consumed 30 second default locks, extendable to 7
Native integration with WCF and WF days
In-place updates of content
Can integrate with WF through custom
activity
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
This provides programmatic access to
Azure AD
1. Remote PowerShell
2. LDIFDE
3. Graph API
4. OpenID Connect
5. OAuth
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Study Strategy
Microsoft
Virtual
Mastering Microsoft Certification Exam Prep
Academy
https://mva.microsoft.com/en-US/training-
courses/mastering-microsoft-certification-exam-prep-
16601
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Study Groups
https://borntolearn.mslearn.
net/
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Docs
https://docs.microsoft.com/e
n-us/azure/index
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
MeasureUp
http://www.measureup.com/7
0-532-Developing-Microsoft
-Azure-Solutions-P5566.asp
x
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
edX
Course/Labs
https://www.edx.org/course/
developing-microsoft-azure-
solutions-microsoft-dev233
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Course 20532C:
Developing Microsoft Azure Solutions
https://www.microsoft.com/en-us/learning/course.aspx
?cid=20532
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Case Study Strategy
Scan Look for
case theme(s)