Skip to main content

Build a Company in Azure (in ONE day!)

What do we want? The Azure Fundamentals Cert by February!
When do we want it? By Feb! Just said it, pay attention!

A very helpful guide by Daniel Baker (AzureDan).

You need a subscription (or trial) to make a resource group. But you can make a Markdown without it!

Markdown: The fancy image on the Dashboard.

Let's go!

Here is my Resource Group;

I poked around in the Policy section for a time.

Other things we're going to fill out here include:

  • Networking & Gateways
  • VMs
  • Containers
  • Authentication and Identity
  • Storage
  • DevTest Labs
  • Backup Solutions
Some things may need more than a free trial + 200$ credit can give, but that's what's happening in the video, or need mounted storage I don't have available right now. Situation may vary.

Virtual Network(ing and Gateways) in Azure

Enter your resource group, hit 'Add', search what you want (Here, a Virtual Network), fill  out the information, and there you go. Also helps to go back into the resource to the deployment, and pin it to the dashboard.

Let's make some Subnets!

The Gateway Subnet routes things through the Azure Cloud.

 You'll need to go into the Marketplace and get 'Virtual Machine Gateway' app. Remember to check the region you're working in!

There are certificates made an installed. I wonder if that process could be automated somehow. Would it be safe?

Domain Controller

In making a template, there is a script given, that outlines the template rules, parameters (names, network), variables (with values), and resources (objects to deploy).

When the template is made, it can be deployed.

Visual Studio

As I can't seem to find a Visual Studio Community 2017 Version, let's hit a random thing and roll with it.

See, it's in our Development subnet in our 31vNet Virtual Network.

Here it is, and all the stats:

And here's the Networking page, that shows our public and private IPv4 addresses.

You can also click the Update Management in the left hand panel to keep your VM up to date. It's our responsibility!

It takes some time to be enabled. When it's ready, you can see where we're failing at security wise. Meanwhile, I had to troubleshoot the actual Update Agent.

It's like when Task Manager is not responding.

I can at least walk through scheduling an update deployment. We can schedule a time, and what updates are to be included (None here).

There is the Inventory tab on this VM. It basically is tracking registry, file changes, and services to monitor baselines.

The Metrics options tracks the performance of a VM and lists the results in a very GUI, chart-happy kind of way.

The Adviser tab offers us a (probably AI) guide to offer suggestions to improve performance on our resources and be reasonable with our spending.

Resource health watches your resource and tells you if it's running as expected. 

A very cool option iunder Support + troubleshooting is Boot diagnostics, to see if there are any potential issues with booting up the VM, and the option to reset the password to the built-in admin account. Snazzy! You can also redploy your VM to a new Azure host.

Next, let's deploy a CentOS system through the command Line 


I'm tossing in this video as well: While it has no affiliation with the one at the top of the page...I was prepared to make another post about this until I remembered "Oh yes, already did some AzAD stuff!"

 Directory Services & Domain Controllers. 

Select Azure Active Directory from the Services group.

A new user is made; If we had a group, we could put her there, but let's not let that stop us!

Paola Zallegortio is not a real person. To my knowledge.

We can go to the groups section  and make an Accounting group for Ms. Zallegortio to join.

I can create or invite a user to join, and stick them in the made group;

 See the box? The group itself doesn't show, but he's in the Accounting group with Paola. You could probably put a user in more than one group, but then you get caught up in thorny stuff, like permissions creep.

 We can establish single sign-on for a user. Let's try with Twitter - 

Default Directory > Enterprise applications - all applications > Categories > add an application > Twitter. When Twitter is installed (click 'add'), this is what you get;

 Select single sign-on, hit password based (or whatever makes sense for you,) and hit save at the resulting screen. When you go to Users and Groups, you can now add a user to the Twitter, SSO group.

DevTest Labs

Visit a resource in the Resource Groups tab, 'new', and install DevTest Labs from the Marketplace after searching.

You can add VMs to your testing labs - There's a lot of options.

 Also includes Ubuntu in Kubernetes Containers.

I've also allowed the sizes for VMs that our developers can work with under Configurations and Policies > Allowed Virtual Machine Sizes.

I set the sizes, now time for the actual amount of VMs that are allowed to be spun up; I'll go with 2.

Under Configurations and Policies - Virtual Network, our test enviroment has already been set up in our dtlbacaid-devtestlab network, though we could go back to the Virtual Network pane and make a new one for it to inhabit if we wish. In fact, I think I will.

I don't know why the name doesn't show up in the 'Your deployment is complete' panel.

Marketplace images are "Hey, what .isos should your devs be allowed to download?" I selected Cent OS and Server 2012 R2. When you go to 'Formulas (reuseable base), those are the only options):

 A while back, I made a comment that Azure had a lot less silly names than AWS, so one didn't have to Google (or Bing, as the case may be) to find out what they were working with.

I take that back; In order to have programs pre-installed on a base you spin up, you have to add them on...and they're called Artifacts.

These are just plans, blueprints, so you don't waste time finangling around a GUI trying to get things set up. Nice idea. Odd name.

Azure Backups

Under your virtual machine, look to the left. Operations > Disaster Recovery. Make sure it's in the correct region.

You see a cache storage account setting, it's used before a source VM is replicated to the target. It will be made when this is deployed.

You can only set protections in one region;

The virtual machine 'kearosan' couldn't be protected to the region 'West US' as it is already protected to the region 'East US 2'.

 If you click the 'Failed' Hyperlink, that's the error that pops up, along with possible causes, recommendations, and Error ID.

Something did get backed up:

"Success - Task Failed."

As a reminder, here is our Dashboard now;

I made a new resource group and pulled up the Web App service in the Marketplace to install.

Of interesting note is the Application Monitoring selection of my apps, network, and infrastructure. It's not available with my plan. 

 It took some time to deploy it because it simply did not like the settings in the region I was trying to put it in. It worked in West Europe but not West US. Interesting. 

I think I took a different turn somewhere. But I can at least show you something in this App Service:

Here are some application settings: Set rule for when data can be moved. With this set up, data will be stored and moved while encrypted.

Security and Monitoring Your Azure Cloud

 "Is the cloud safe?"

Let's be honest, attacks are growing more sophisticated, and end users just want things to work, and aren't concerned about security. Nothing personal - You have other things to do. Leave it to a cloud service to have multiple security options in place to protect your data they have stored. After all, it's Microsoft. They've been at this for quite a while. I think they know how to store data.

Onto the final lesson. 

It's a little scant looking.

Clicking Recommendations give a page with suggestions about how to have more secure resources. There's even an option to include your own custom policies. With AI, it probably knows what your policies intend to do, and know how to warn against things that may break them. Very neat.

Let's look at the suggestion for Compute:

'Web application should only be accessible from over HTTPS!'

You're right.

'Quick Fix' takes us to another screen, where you essentially scroll down and hit it again.

Another window pops up, explaining why this is beneficial. I appreciate the lesson, but let's actually implement it.

With the final click, the remediation is successful, and it will take a few minutes to update to a Healthy Resource in our Security Center.

There's far more to do with Azure (And in Security Center that I did not outline), and this is a little beyond the scope of AZ-900, but it was great to get a comprehensive, hands-on look at the service.

If you have any AZ-900 resources, feel free to comment.

FOR EMPLOYERS: It's learning.


Popular posts from this blog

The Updated "What I'm Looking For In A Role" Post (2020)

Thank you for wanting to help with my job search! Here are some parameters.

Part time remote, text based support [Example Description]. It's a little far fetched, but the positions do exist. I enjoy having the flexibility to take on temporary projects from time to time!
Also; If anything sounds weird, out there, or unusual - Feel free to e-mail me. Doesn't have to be tech related. I just have to find it interesting and flexible.

Looking For This Type of Work:
Simplified writing about tech. [Example Job Description] You want to pay me to write more of *waves hand* this blog? I am game.
IT SupportUX Auditing [See Here]eCommerce merchandising [See Here]Email Marketing Specialist [Example Job Description]  ProofreadingThe following is what I was trained in. Roles will be considered, and I am looking to pivot to the above. Still part-time, contract, and/or temporary
Cisco routing and switching technician

Find me on Jumpstart and CareerVillage.

Remote is…

Azure Networking Options - Core Cloud Services

I have done a lot of AWS things on here. Time to give Azure some attention. After all, since employers don't think Cisco or COMPTIA certifications are important, maybe Microsoft ones are?

First, let's really think about why these are the two biggest cloud services providers in the world:

They've been doing internet things for a long time.Amazon launched in 1995, a virtual bookstore.
Microsoft, well, you know. 

They've lived, breathed, and frankly, created, infrastructure that we use today, that they're selling to us today. Of course the Store of Everything and the Company of Everything would encourage us to put everything in their hands.

Also: Azure has a lot less silly names for modules. Important. I appreciate straightforwardness.

I said 'a lot less', not '100% sensible names'

Microsoft has a clear set of Azure Fundamentals that anyone can interact with. Let's talk about networking basics, basically to say, again, "Hi, employers, I have an …

Grace Hopper Celebration 2019 (GHC19)

From Aicha Evans' speech at the Keynote.
September 6th - I receive an email from Anita B Organization, saying "We read your application, we like your website, and here's a free ticket to GHC 2019 in Orlando, Florida!"

After a few more questions, it seemed everything was on the up and up, and so I accepted - and that's what this post is about!

For those who don't know, Grace Hopper Celebration is the largest gathering of Women in Technology in the world.

On a personal note, This is the first trip I've taken without my parents. Sure, they've left me behind to go on vacations, but I've never left them. I was totally worried! But you know what happened?

I met a lot of cool people in Orlando, learned a lot of neat things, and had a blast just walking around airports for upwards of 8 hours.

New Delta Sky Club on Wikimedia I really, really love airports! And I survived.

I know in the past, I've wormed my way out of jobs despite being interested simpl…