Newanga's Blog

Azure DP-900 Short Notes: Explore provisioning and deploying relational database services in Azure

Azure DP-900 Short Notes: Explore provisioning and deploying relational database services in Azure

Newanga Wickramasinghe's photo
Newanga Wickramasinghe
·

3 min read

https://docs.microsoft.com/en-us/learn/modules/explore-provision-deploy-relational-database-offerings-azure/

👉Provisioning is the act of running series of tasks that a service provider, such as Azure SQL Database, performs to create and configure a service.

👉A user is only able to define parameters that determine the size of the resources required.

👉The inner tasks done to provision a service are hidden from the end user.

👉several tools you can use to provision services.

  1. The Azure portal
  2. The Azure command-line interface (CLI)
  3. Azure PowerShell
  4. Azure Resource Manager templates

👉Pricing tiers of three relation DB services

  1. Basic - workloads that require light compute and I/O performance.
  2. General Purpose - business workloads that require balanced compute and memory with scalable I/O throughput.
  3. Memory Optimized - high-performance database workloads that require in-memory performance for faster transaction processing and higher concurrency.

Describe configuring relational data services

  • Configure connectivity to virtual networks and on-premises computers

    👉To connect to provisioned DB

    1. configure Firewalls and virtual networks page.
    2. Select networks.

    3. Three further sections will appear, labeled Virtual network, Firewall, and Exceptions.

      👉Azure SQL Database communicates over port 1433.

      👉A firewall rule of 0.0.0.0 enables all Azure services to pass through the server-level firewall rule.

  • Configure connectivity from private endpoints.

    👉Private endpoint is a Network interface that connects you privately and securely to a service powered by Azure Private Link.

  • Configure authentication

    👉Azure Active Directory(AD) to manage database user identities.

    👉Who can access the database?

  • Configure access control

    👉Azure role-based access control (Azure RBAC) helps you manage who has access to Azure resources, and what they can do with access.

    👉RBAC through role assignment consisting of three elements

    1. A security principal
    2. A role definition
    3. A scope

  • Configure advanced data security

    👉Apart from Authentication and Authorization, implements threat protection and assessment.

🌟⭐ Do not forget to use a free sandbox environment and try out all the above database provisioning services.🙂

AzureCloudlearn coding