Azure DP-900 Short Notes: Explore provisioning and deploying relational database services in Azure
👉Provisioning is the act of running series of tasks that a service provider, such as Azure SQL Database, performs to create and configure a service.
👉A user is only able to define parameters that determine the size of the resources required.
👉The inner tasks done to provision a service are hidden from the end user.
👉several tools you can use to provision services.
- The Azure portal
- The Azure command-line interface (CLI)
- Azure PowerShell
- Azure Resource Manager templates
👉Pricing tiers of three relation DB services
- Basic - workloads that require light compute and I/O performance.
- General Purpose - business workloads that require balanced compute and memory with scalable I/O throughput.
- Memory Optimized - high-performance database workloads that require in-memory performance for faster transaction processing and higher concurrency.
Describe configuring relational data services
Configure connectivity to virtual networks and on-premises computers
👉To connect to provisioned DB
- configure Firewalls and virtual networks page.
- Select networks.
Three further sections will appear, labeled Virtual network, Firewall, and Exceptions.
👉Azure SQL Database communicates over port 1433.
👉A firewall rule of 0.0.0.0 enables all Azure services to pass through the server-level firewall rule.
Configure connectivity from private endpoints.
👉Private endpoint is a Network interface that connects you privately and securely to a service powered by Azure Private Link.
Configure authentication
👉Azure Active Directory(AD) to manage database user identities.
👉Who can access the database?
Configure access control
👉Azure role-based access control (Azure RBAC) helps you manage who has access to Azure resources, and what they can do with access.
👉RBAC through role assignment consisting of three elements
- A security principal
- A role definition
- A scope
Configure advanced data security
👉Apart from Authentication and Authorization, implements threat protection and assessment.
🌟⭐ Do not forget to use a free sandbox environment and try out all the above database provisioning services.🙂