Azure Portal

- Public web-based interface for management of Azure platform

- Designed for self service
- Customizable
- Simple tasks

Azure Powershell- work with Azure through a common terminal

- Powershell and module
- Designed for automation
- Multiplatform
- Simple to use
- Connect-AzAccount to connect Azure account
- New-AzVM to create new Azure virtual machine
Azure CLI- another way of managing Azure through terminal
- Multi platform
- Based on Python
- Simple
- Az login to login to Azure
- Az vm create to create an Azure virtual machine
Azure Cloud Shell
- Cloud-based scripting environment
- Free
- Supports Powershell and CLI

Azure Advisor
- Personalized consultant service
- Designed to provide recommendations and best practices for
- Cost
- Security
- Reliability
- Performance
- Operational excellence
- Actionable recommendations
- Free

Network Security Groups- designed to filter traffic (inbound and outbound) to Azure resources
located in Azure virtual network
- Filtering controlled by rules

Applications Security Groups- Feature that allows grouping of virtual machines located in Azure
virtual network
- Designed to reduce the maintenance effort (Assign ASG instead of explicit IP address)
Role Based Access Control
1. What can be done?
2. Who can do it?
3. Where can it be done?
Role definition- list of permissions like create VM
Security principal- user, group, service principle and managed identity
Scope- resource, resource groups, subscription, management group
- Scopes are hierarchical
- Built-in and custom roles are supported

Resource locks- designed to prevent accidental deletion or modification

Two types of locks
- Read only locks- only read actions are allowed
- Delete- all actions except delete are allowed