AZ-104: Microsoft Azure Administrator

Chapter 2 - Azure Management Tools and

Processes

Copyright © CareerAcademy.com, Inc.

Slide 1

◆ Management Tools
◆ Azure Resource Manager
◆ Using Templates

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 2

◆ Management Tools

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 3

◆ Multiple management tools exist so

you can utilize whatever works best
◆ Majority of tasks performed easily in
web interface
◆ Shell options
o Azure PowerShell or Bash
o Azure CLI
◆ All tools work in conjunction with
ARM

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 4

◆ The Azure Management Portal – a

web-based administrative tool
◆ Features
o Customizable dashboards
o Search and manage resources and
services
o Quick access to documentation
o Access to the cloud shell
o Receive notifications
o Conduct monitoring and analysis

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 5

◆ Cloud shell is an interactive CLI available at https://portal.azure.com

◆ Features
o Improves flexibility by supporting Bash and PowerShell
o Provides administrative capabilities regardless of local workstation
o Requires Azure storage account and a file share
o Provides persistent storage
o Offers a graphical text editor

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 6

◆ Azure PowerShell ◆ Azure CLI

o Installed locally on any system by using o A separate command line management
Install-Module cmdlets tool specific to Azure
o Connect local PS client to Azure o Uses different syntax completely
subscriptions o Requires installation but then can be
o Requires at least PowerShell 5.1 launched from within standard CLI or PS
• Automatically available on Windows 10 rev
1607 or higher
• Requires .NET Framework 4.7.2
• Requires the NuGet provider
• Install-Module –Name PowerShellGet

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 7

◆ Regardless of module, certain fundamental rules apply when working with PS

o Individual commands contained in modules and called cmdlets
o Cmdlet syntax
• Verb-Noun GetAzResourceGroup Set-AzureADUser Get-MSOLUser New-AzVirtualNetwork
• Verbs
• Get
• Set
• New
• Remove
o Retrieving help uses the Get-Help cmdlet or Help <name of cmdlet>
o Install-Module cmdlet used to install modules in local PS to connect to Azure and other cloud
resources

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 8

◆ Azure Mobile App

o Track health and status of resources
o Diagnose and fix issues quickly
o Run commands in CLI
o Available for iOS and Android
◆ Azure REST API
o Primarily for developers to access Azure
resources
o Service endpoints that support sets of HTTP
operations

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 9

◆ Azure Resource Manager

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 10

◆ Resource Manager provides the ability to group and manage resources throughout
your organization’s tenants and subscriptions
o All administrative tools utilize ARM, and RBAC roles are consistently applied

◆ Benefits over classic administrative model

o Deploy and manage resources as a group
o Manage infrastructure through declarative templates
o Easily define resource dependencies
o Consistent access control
o Apply additional metadata to enhance organization and cost control

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 11

◆ Resource
◆ Resource group
◆ Resource provider
◆ ARM template

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 12

◆ Resource groups are a collection of manageable resources sharing many attributes

and managed as a unit
◆ Resource group rules
o Resource groups cannot be renamed
o Resources can only exist in a single group
o Resources are not confined to a single region within the group
o Resources can be moved from one group to another at any time, but restrictions apply
o Individual resources can be removed, or the entire resource group removed

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 13

◆ Using Templates

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 14

◆ ARM templates make deployments faster and more repeatable by defining all the
ARM resources in a deployment and providing deployment in a single operation
◆ Benefits
o Improves consistency in deployments
o Assists in expressing complex deployments
o Reduces errors
o Promotes reuse

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 15

Schema Parameters
◆ JSON files define templates and are a ◆ Defines the values you can input when
collection of key-value pairs deploying resources
◆ Values
o String
o Number
o Boolean expression
o List of values
o Objects

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 16

◆ Management Tools
◆ Azure Resource Manager
◆ Using Templates

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Review Questions:

1. You have created an Azure subscription that includes multiple resources. VM1 is
an Azure virtual machine. VNet1 is an Azure virtual network. You have also
created a storage account called storage1 and a managed disk for VM1 called
VM1Managed. You create a new Azure subscription and want to identify the
resources that can be moved to the new subscription. Which of the following
resources should you identify?
A. None of the resources
B. All of the resources
C. All resources except storage1 and VM1Managed
D. Only VM1

2. You have created an Azure subscription that includes two resource groups, RG1
and RG2. RG1 contains a virtual network named VNet1. You place a resource
lock of read-only on RG1. What is the effect on VNet1?
A. There is no effect, VNet1 contains its own resource lock settings
B. You are unable to edit the properties of VNet1 because it inherits the
settings
C. You are able to edit the properties of VNet1 because it does not inherit the
settings
D. You cannot set resource locks at the group level

3. You have an Azure Active Directory (Azure AD) tenant named

myorg.onmicrosoft.com that contains 50 user accounts. You purchase 10 Azure
AD Premium P2 licenses for the tenant. You need to ensure that 10 users can
use all the Azure AD Premium features. What should you do?
A. From the Licenses blade of Azure AD, assign a license
B. From the Groups blade of each user, invite the users to a group
C. From the Azure AD domain, add an enterprise application
D. From the Directory role blade of each user, modify the directory role

4. You have an Azure subscription with 10 virtual machines. You need to quickly
identify underutilized virtual machines that can have their service tier changed to
a cheaper option. Which of the following should you use?
A. Monitor
B. Advisor
C. Metrics
D. Customer insights
5. You have an Azure subscription that contains a user named User1. You need to
ensure that User1 can deploy virtual machines and manage virtual networks. The
solution must use the principle of least privilege. Which role-based access control
(RBAC) role should you assign to User1?
A. Owner
B. Virtual Machine Contributor
C. Contributor
D. Virtual Machine Administrator login

6. You have installed the Azure AD PowerShell module from the public repositories.
Which of the following cmdlets should you run first to connect to your tenant and
subscriptions?
A. Enable Connect-MsolService
B. Import-Module AzureAD
C. Connect-AzureAD
D. Connect-ExchangeOnline

7. Which of the following is not an advantage of using the Cloud Shell component in
the Azure management portal?
A. Access to all cmdlets without modification
B. Required to install components on desktops
C. Not required to install components on desktops
D. Access to both Bash and PowerShell as well as Azure CLI

8. Which of the following are used to define single or multiple virtual machine
deployment using JSON files?
A. Resource locks
B. ARM templates
C. User templates
D. RBAC role definitions

9. You need to create a new virtual machine running Windows Server 2019 in
Azure. Which of the following cmdlets will you use in the Azure Cloud Shell?
A. Enable-VM
B. New-AzureADUser
C. New-AzVM
D. Get-AzVM
10. You are identifying different management options for Azure. Which of the
following is not true in regard to the Azure portal?
A. Provides simple graphical administrative access
B. Ignores RBAC permissions
C. Provides access to automation capabilities using scripting
D. Provides access from non-Windows devices
Answer Key:

1. B
You can move a virtual machine and its associated resources to a different
subscription using the Azure portal.

2. B
The child objects within a resource group will inherit the parent settings by
default.

3. A
You should use the Licenses blade in the Azure AD admin center to assign
licenses to users.

4. B
You should use the advisor component of the Azure management portal in order
to identify underutilized resources.

5. B
The Virtual Machine Contributor lets you manage virtual machines but not access
to them and not the Vnet or storage accounts they are connected to. Owner
would give too many rights and Contributor would give rights to more than just
virtual machines.

6. C
You would need to run the connect-azuread cmdlet in order to connect to the
proper subscription and tenant in Azure.

7. B
This is what is required to run Azure cmdlets locally on the workstation, but the
Cloud Shell requires nothing on the local desktop.

8. B
ARM templates are used to declaratively describe an environment and utilize
JSON files to store that deployment configuration.

9. C
Pay attention to the verb in this instance you are creating, which is always the
term “New”, and the object that you are creating is an Azure VM “AzVM”.
10. B
RBAC permissions are adhered to by all the administrative tools in Azure.