Azure Developer Guide Ebook en-GB

eBook Series
The Developer’s
Guide to Azure
Published May 2019
May The Developer’s 2
2019 Guide to Azure
03 / 40 / 82 /
Introduction Chapter 3: Securing Chapter 6: Where
your application and how to deploy
We’re here to help
your Azure services
How can Azure help secure
05 / your app?
Encryption
How can Azure deploy your
services?
Chapter 1: Getting Azure Security Center Infrastructure as Code
started with Azure Logging and monitoring Azure Blueprints
Containers in Azure
51 /
What can Azure do for you? Azure Stack
Where to host your Where to deploy,
application and when?
Chapter 4: Adding
Azure App Service Features
intelligence to
Azure Functions
Azure Logic Apps your application 89 /
Azure Batch
Containers How can Azure integrate AI
Chapter 7: Share your
What to use, and when? into your app? code, track work and ship
Making your application Azure Search software
more performant Cognitive Services
Azure Front Door Azure Bot Service How can Azure help you plan
Azure Content Delivery Azure Machine Learning smarter, collaborate better and ship
Network Studio your apps faster?
Azure Redis Cache Developer tooling for AI Azure Boards
AI and mixed reality Azure Repos
22 /
Using events and messages in Azure Pipelines
your application Azure Test Plans
Azure Artifacts
Chapter 2: Connecting
your app with data 72 /
What can Azure do for Chapter 5: Connect your
98 /
your data? business with IoT Chapter 8: Azure in Action
Where to store your data
Azure Cosmos DB How can Azure connect, secure, Walk-through: Azure portal
Azure SQL Database manage, monitor and control your Walk-through: Developing a web
Azure databases for MySQL, devices in the cloud? app and database
PostgreSQL and MariaDB Azure IoT Hub Walk-through: Extending apps
Azure Storage Azure IoT Central Walk-through: Ready for production
Azure data analytics Azure IoT solution accelerators
Azure IoT Edge
119 /
solutions
Walk-through: Publish an on- Azure Digital Twins
premises website to Azure with a Azure Sphere
SQL database Learn more about Azure IoT Chapter 9: Summary
What to use, and when? and resources
Keep Learning with Azure

About the authors
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 3
2018 adipiscing
2019 elit Guide to Azure
The
This guide is designed for developers and
architects who are starting their journey into
Microsoft Azure. In this guide, we’ll take you
through the ins and outs of Microsoft Azure.
Developer’s
You’ll learn how to get started and which
services you can use for the scenarios you
might have.
Guide to From creating websites, databases and desktop

and mobile applications to integrating the
latest technologies into your app, Azure does
Azure
the heavy lifting for you. Azure services are
designed to work together so you can build
complete solutions that last the lifetime of
your app.
2019 Guide to Azure
We’re here to help

You can also get help through other channels,
such as:
Documentation and guides that give you an

We can assist you in a variety of ways overview of everything in Azure and provide
deep insights through the documentation of
to suit your needs.
each feature.
With our support plans, you’ll get access to Azure Service Licence Agreements (SLAs), which can
technical support teams, guidance for cloud design inform you about our uptime guarantees and
and assistance with migration planning. You can downtime credit policies.
even acquire a support plan that guarantees a
@AzureSupport on Twitter, which is operated by
response from the technical support teams
skilful Azure engineers who respond quickly to
within 15 minutes.
issues that you tweet to them.
Stack Overflow, which provides answers to Azure

questions and includes many active posts by
members of the Azure engineering teams.
Azure Community Support, which provides a

place for discussion with the Azure community
and contains answers to community questions.
Azure Advisor, which automatically makes

personalised recommendations for your Azure
resources, including what you need to do to be
more secure, have higher availability, increase
performance and reduce costs.
Azure Service Health, which gives you

a personalised view of the health of your
Azure services.
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 5
2018 adipiscing
01 /
Mus ma dolor Duntiaspel is vel estotatem qui qui sitatio
nsedit, ea sere volor molupta dolut officto
duciuscit, odit blaut omnimenem fugitas et omnihil

lestibea veliquia conem estiae quidi aut
volupis as volo facearchilit quidelia peri conserrum, qui

utaquiasit utaquiae reperum re et fugitibus
eos et libusci re porepedit faciminciae lant et dolorpos

et volum se doloreh endigenis pratibus
duntem commo quis in natem.
es nit etur sit Sedicil labores citatem natem sedit autet

volorit, quos ut lameniatur? Um enimagnis
Getting
You’ve made the decision to build applications
dolum earum minctur simillab is arum quatinverro
on Azure, and now you want to get started. You
te destibus, tem adis eum rehenia si
don’t need to do much – just sign up for an Azure
omnimusam
free account. veni nossita.
This includes credits to explore paid
started
Azure services and over 25 services you can use for
free forever.
with
Simply choose which tools, applications and
frameworks you want to use, and then start
running your apps on Azure.
Azure
2019 Guide to Azure
What can Azure

do for you?
Whether you’re a professional developer or write
code for fun, developing with Azure puts the latest
cloud technology and best-in-class developer tools
at your fingertips and makes it easy to build for the
cloud in your preferred language.
With Azure, you can get your work done faster, take
your skills to the next level and imagine and build
tomorrow’s applications.
Multiply your impact with:
• A cloud platform
• Developer tools
• Management services
Integrated tightly together, these form a true

ecosystem that enables you to create amazing
applications and seamless digital experiences
that run on any device.
Take advantage of the incredible and always

growing capabilities of Azure. Let’s dive in
and see what you can do.
2019 Guide to Azure
Where to host Azure App Service comprises the

following:
your application Web Apps: As one of the most widely used Azure
services, Web Apps can host your web applications
or APIs. A web app is basically an abstraction of a
web server, like Internet Information Services (IIS)
Azure offers services designed to provide what you or Tomcat, used to host HTTP-driven applications.
need to deliver and scale every application. When Web Apps can host applications written in .NET,
you use Azure services to run your application, you Node.js, Python, Java or GO, and you can use
get scalability, high availability, a fully managed available extensions to run even more languages.
platform and database services. Azure also offers
the following options for running your application.
// T
ry it out: Create an ASP.NET
Core web app in Azure
Azure App Service
You can host your applications in a fully managed Mobile Apps: Provide a back end for your mobile
application platform loved by enterprise applications with Mobile Apps. When you host
developers: Azure App Service. Azure App Service an API in Mobile Apps, your mobile applications
is a collection of hosting and orchestrating services connect with it through the cross-platform client
that share features and capabilities. All services in SDK. This is available for iOS, Android and Windows.
App Service have the capability, for example, to Mobile Apps provides features like offline sync and
secure an application using Azure Active Directory push notifications to help you create a modern,
and can use custom domains. performant and secure mobile experience.
2019 Guide to Azure
Azure App
You can even use Azure’s Testing in Production
feature to route a percentage of traffic from your
Service features
production app to a deployment slot. For example,
if you shunt 10% of your users to the new version
of your app in the deployment slot, you can see
whether the new features are functioning as
expected and whether users are using them.
Azure App Service is one of the key services in
Azure that you can use to host your applications. When you’re satisfied with how the new version of
Each of these services brings unique capabilities to your app is performing in the deployment slot, you
the table, but they all share some common features: can carry out a ‘swap’, which exchanges the app in
the deployment slot with that in your production
Scaling slot. You can also swap from a development slot to a
staging slot, and then to the production slot. Before
Azure App Service runs on App Service plans, doing this, the swap operation verifies that the new
which are abstractions from virtual machines (VMs). version of your website is warmed up and ready
One or more VMs run your Azure App Service, but to go. When this has been confirmed, the swap
since Azure takes care of them, it’s not necessary for operation switches the slots, and your users now see
you to know which ones. You can, however, scale the new version of the app – with no downtime. You
the resources that run your Azure App Service. can also swap back and revert the deployment of
the new version.
You can either choose a higher pricing tier (ranging
from free to premium) or increase the number of You use deployment slots within environments, such
application instances that are running. It’s even as development, test or production. You don’t use
possible to have even have Azure App Service deployment slots as environments, because they all
automatically scale the number of instances for you, reside in the same App Service plan.
based on a schedule or metrics like CPU, memory or
HTTP queue length. Those should be separated for security, scaling,
billing and performance. You can swap deployment
Deployment slots slots manually through the Azure command-line
interface (CLI) and through the Azure Management
After deploying a new version of your application to API. This allows tools like Azure DevOps to perform
a deployment slot, you can test whether it works as swap operations during a release.
expected and then move it into your production slot.
2019 Guide to Azure
Continuous Deployment Custom domains and Azure

App Service certificates
To publish your application to App Service, you
can use services such as Jenkins, Octopus Deploy When you spin up an app in Azure App
and more. You also can use the Continuous Service, it exposes a URL – for example, https://
Deployment (CD) feature from Azure DevOps in myazurewebsite.azurewebsites.net. Most likely,
App Service. This makes it possible for you to create you will want to use your own custom domain,
a build-test-release pipeline right in App Service. which you do by mapping that domain name
to App Services. Here’s how to do that.
The process does the following:
Additionally, you can ensure that your application is
1. Retrieves the latest source code from the served over HTTPS by using a Secure Sockets Layer
repository that you indicate (SSL) certificate. Just bring your own certificate
or buy one directly from the Azure portal. When
2. Builds the code according to a template that
you buy an SSL certificate from the Azure portal,
you pick (ASP.NET, Node.js and so on)
you buy an Azure App Service certificate. You can
3. Deploys the app in a staging environment and configure this to be used by your custom domain
load-tests it bindings.
4. Deploys the app to production after approval

// T
ry it out: Purchase and
(you can indicate whether you want to use a
configure an SSL certificate
deployment slot) in this walk-through
Connect to on-premises resources App Service Environment
You can connect external resources like data stores In a multi-tier web application, you often have a
to your App Services. These resources don’t need database or services used by your app in Web Apps.
to be located in Azure; they can be anywhere, Ideally, you want these services to be exposed only
such as on-premises or in your own datacentre. to the app and not to the internet. Given that it
Depending on your requirements, you can connect provides the entry point for your users, however,
to services on-premises through many mechanisms, the app itself is often internet-facing.
such as Azure Hybrid Connections, Azure Virtual
To isolate these support services from the internet,
Networks and Azure ExpressRoute.
you can use Azure Virtual Network.
2019 Guide to Azure
This service wraps your support services and The debugger lets you see exactly what went wrong
connects them to your app in Web Apps so that the without impacting the traffic of your production
support services are exposed only to the app, not to application. The Snapshot Debugger can help you
the internet. dramatically reduce the time it takes to resolve
issues that occur in production environments.
This article describes this service in more detail and
Additionally, you can use Visual Studio to set snap
shows you how to use it.
points to debug step by step.
Sometimes, you want even more control. Maybe
you want your app to be wrapped in a Virtual Automatic OS and .NET Framework
Network in order to control access to it. patching
Perhaps you want it to be called by another app in Because you’re using a fully managed platform, you
Web Apps and be a part of your back end. don’t manage your own infrastructure at all and
benefit from automatic operating system (OS) and
For this scenario, you can use an Azure App Service
framework patching.
Environment. This affords you a very high scale and
gives you control over isolation and network access. Virtual machines
Snapshot Debugger for .NET Hosting your application in a VM in Azure Virtual

Machines provides you with a lot of control over
Debugging apps can be difficult, especially if the how you host your application. However, you’re
app is running on production. With Snapshot responsible for maintaining the environment,
Debugger you can take a snapshot of your in- including patching the OS and keeping antivirus
production apps when code that you’re interested programs up to date.
in executes.
You can use a VM to test the latest preview version
of Visual Studio without getting your development
machine ‘dirty’.
2019 Guide to Azure
Azure
An application that uses Functions activates a
function every time a new image file is uploaded
Functions
to Azure Blob storage. The function then resizes
the image and writes it to another Blob storage
account.
Data from the Blob that triggered the function is

With Azure Functions, you can write the code you passed into the function as the myBlob parameter,
need for a solution without worrying about building which includes the Blob URL. Use the outputBlob
a full application or the infrastructure to run it. A output binding parameter to specify to which Blob
function is a unit of code logic that’s triggered by an to write the result. There’s no need to write the
HTTP request, an event in another Azure service or plumbing for connecting to Blob storage; you just
based on a schedule. configure it.
Input and output bindings connect your function

// T
ry it out: Create your
code to other services, like Azure Storage, Azure first Azure function using
Cosmos DB, Azure Service Bus and even third-party the Azure portal
services like Twilio and SendGrid. Using Functions,
you can build small pieces of functionality quickly
and host them in an elastic environment that
automatically manages scaling.
With Azure Functions, it’s possible to pay only

for functions that run, rather than having to keep
compute instances running all month. This is also
called serverless because it only requires you to
create your application – you don’t have to deal
with any servers or even scaling of servers.
You can write Azure Functions in .NET, JavaScript,

Java and a growing list of languages.
2019 Guide to Azure
Azure
The following is an example of a workflow
in Logic Apps:
Logic Apps 1. The Logic App is activated when an email

containing a shipping order arrives in Office 365.
2. Using the data in the email, the Logic App checks

You can orchestrate business logic with Logic Apps on the availability of the ordered item in SQL
by automating a business process or integrating Server.
with software as a service (SaaS) applications. Just
like in Azure Functions, Logic Apps can be activated 3. Using Twilio, the Logic App sends a text message
by an outside source, for instance, a new message. to the customer’s phone indicating that the
Weaving together API calls to connectors, you order was received and the item has been
can create a (possibly complex) workflow that shipped.
can involve resources both in the cloud and on-
premises.
// T
ry it out: Get started with
Logic Apps has many available connectors to APIs
Azure Logic Apps
that can connect to Azure SQL Database, Salesforce,
SAP and so on.
You can also expose your own APIs or Azure

Functions as connectors to use in a Logic App,
making it possible for you to easily perform actions
against external systems in your workflow or have
your Logic App be activated by one of them.
Just like Azure Functions, Logic Apps are serverless

and scaled automatically, and you pay for them only
when they’re running.
2019 Guide to Azure
Azure Batch
If you need to run large-scale batch or high-
performance computing (HPC) applications on
VMs, you can use Azure Batch. Batch creates and
manages a collection of thousands of VMs, installs
the applications you want to run and schedules jobs
on the VMs. You don’t need to deploy and manage
individual VMs or server clusters; Batch schedules,
manages and auto-scales your jobs so you use only
the VMs you need.
Batch is a free service, so you only pay for the

underlying resources consumed, like VMs, storage
and networking.
Batch is well suited to run parallel workloads

at scale, such as financial risk models, media
transcoding, VFX and 3D image rendering,
engineering simulations and many other compute-
intensive applications. Use Batch to scale out
an application or script that you already run on
workstations or an on-premises cluster, or develop
SaaS solutions that use Batch as a compute
platform.
// T
ry it out: Get started on
Azure Batch with these
step-by-step tutorials
2019 Guide to Azure
Containers
masters. As a managed Kubernetes service, AKS
provides automated Kubernetes version upgrades
and patching, easy cluster scaling, a self-healing
hosted control plane (masters) and cost savings,
since you only pay for running agent pool nodes.
While much more lightweight, containers are
similar to VMs, and you can start and stop them in
With Azure handling the management of the nodes
a few seconds. Containers also offer tremendous
in your AKS cluster, there are many tasks that you
portability, which makes them ideal for developing
don’t have to perform manually, such as cluster
an app locally, on your machine and then hosting
upgrades. Because Azure handles these critical
it in the cloud, in test and later in production.
maintenance tasks for you, AKS does not provide
direct access (such as with SSH) to the cluster.
You can even run containers on-premises or in other
clouds – the environment that you use on your
development machine travels with your container,
so your app always runs in the same ecosystem. // M
ore information: Learn how
to use Azure Kubernetes Service
Scale and orchestrate containers with

Azure Kubernetes Service Host containers with Azure
Container Instances
Azure Kubernetes Service (AKS) makes it simple to
create, configure and manage a cluster of VMs that You can host your container using Azure Container
are preconfigured to run containers. This means you Instances (ACI). ACI provides fast, isolated compute
can use your existing skills to manage and deploy to meet traffic that comes in spikes, without the
applications that run in containers on Azure. need to manage servers. For example, Azure
Container Service (ACS) can use the Virtual Kubelet
AKS reduces the complexity and operational to provision pods inside ACI that start in seconds.
overhead of managing a Kubernetes cluster This enables ACS to run with just enough capacity
by offloading much of that responsibility to for an average workload. As you run out of capacity
Azure. As a hosted Kubernetes service, Azure in your ACS cluster, you can scale out additional
handles critical tasks like health monitoring and pods in ACI without any additional servers to
maintenance. In addition, you pay only for the manage. The ACI service is billed per second, per
agent nodes within your clusters, not for the virtual CPU, per gigabyte or by memory.
// More
information: Learn more
about Azure Container Instances
2019 Guide to Azure
Host containers in Azure App Azure Service Fabric

Service Web App for Containers
Another way to run applications in Azure is with
Web App for Containers helps you easily deploy Azure Service Fabric. This is actually the service that
and run containerised web apps at scale. Just runs many of the Azure services inside Microsoft,
pull container images from Docker Hub or a like Azure SQL Database and Azure App Service.
private Azure Container Registry, and Web App Run your applications in Azure Service Fabric to
for Containers will deploy the containerised app achieve high availability, run at massive scale and
with your preferred dependencies to production perform rolling upgrades.
in seconds. The platform automatically takes
care of OS patching, capacity provisioning and You can use Azure Service Fabric to run .NET
load balancing. You can run Docker containers microservice-based applications – solutions that
(Linux) and Windows containers on Web App consist of many small services that talk to each other
for Containers. and are employed by user interfaces and other
components. Service Fabric is ideal for solutions
Azure Container Registry like these because it orchestrates application
components together and runs them in a highly
Once you’ve created a container image to run your available and performant manner.
application in, you can store that container in Azure
Container Registry (ACR). This is a highly available Azure Service Fabric is unique in that you can run
and secure storage service, specifically built to store it anywhere. Install Service Fabric on your local
container images. This is great for storing your development computer, on-premises or in any
private Docker images. cloud – including Azure. You can also use Azure
Service Fabric Mesh to run containers on a Service
You can also use ACR for your existing container Fabric cluster that Microsoft manages for you
development and deployment pipelines. Use ACR as a service. This opens up a lot of possibilities.
Build to build container images in Azure.
You can either build on demand or fully automate It’s easy to deploy applications to Azure Service
builds with source code commit and base image Fabric and manage them with your favourite tools,
update build triggers. like Visual Studio and Azure DevOps Services.
In addition, Service Fabric recently became open
source.
2019 Guide to Azure
What to use,
Some of the services that run your application in
Azure can work together in a solution, while others
and when?
are more suited to different purposes.
While this can make it difficult to pick the right

services, Table 1-1 will help identify which services
in Azure are right for your situation.
Table 1-1
Web Apps*
Containers*
Web App for
Mobile Apps*
Functions*
Logic Apps*
Machines*
Virtual
Service*
Kubernetes
Fabric*
Service
Instances*
Container
Batch*
Monolithic and
N-Tier applications ● ●** ● ●
Mobile app
back end ● ●**
Microservice
architecture ● ● ●
applications
Business process
orchestration ● ●
and workflows
Compute
intensive jobs ●
Run your app

anywhere
(including ● ● ● ●
on-premises)
* Services with an asterisk have a free tier that you can use to get started at no cost.
** For lifting and shifting existing applications to Azure.

2019 Guide to Azure
Making your
Azure Traffic Manager scales across regions,
helping to reduce latency and provide users a
application more
performant experience, regardless of where they
are. Traffic Manager is an intelligent routing
mechanism that you put in front of your Web Apps
performant applications. Web Apps acts as endpoints, which

Azure Traffic Manager monitors for health and
performance.
After your application is up and running in Azure, When users access your application, Traffic Manager
you want it to be as performant as possible. Azure routes them to the Web Apps application that is
provides a range of services that can help you most performant in their proximity.
with that.
Including Traffic Manager in your architecture is
Azure Traffic Manager a great way to improve the performance of your
application.
Many modern applications have users all over
the world. Providing a performant experience for
everyone is challenging, to say the least. The most
obvious problem you need to deal with is latency,
the time it takes for a signal or a request to travel
to a user. The farther away users are from your
application, the more latency they experience.
2019 Guide to Azure
Azure
Azure Front Door can help. This service can
route traffic from users to the most performant
Front Door
application endpoint for them to improve
performance. Azure Front Door can route to
endpoints that are available while avoiding
endpoints that are down.
Your users might be spread out over the world Azure Traffic Manager does this as well, but in a
and at times might be travelling. This can make different manner than Azure Front Door. Azure
it difficult to make sure they have a performant Front Door works at OSI layer 7 or the HTTP/
experience and that your application is available HTTPS layer, while Azure Traffic Manager works
and secure, regardless of location. with DNS. In other words, Azure Front Door works
on the application level and Azure Traffic Manager
works on the network level. This is a fundamental
difference that determines the capabilities of the
services.
Because of this difference, Azure Front Door

does a lot more than route users to available and
performant endpoints.
Azure Front Door allows you to author custom

web application firewall (WAF) rules for access
control to protect your HTTP/HTTPS workload from
exploitation based on client IP addresses, country
code and HTTP parameters.
Additionally, Front Door enables you to create rate

limiting rules to battle malicious bot traffic. These
are just some of the unique capabilities of Azure
Front Door.
2019 Guide to Azure
Other capabilities of Front Door include:
• URL-based routing • SSL termination

This allows you to route requests for different With this, you can secure your traffic end to
URLs to different back end pools (applications end, from the browser to the application in the
that receive traffic, like Web Apps). For instance, back end pool.
http://www.contoso.com/users/* goes to one
• Session affinity
pool, and http://www.contoso.com/products/*
When you want users to be sent to the same
goes to another.
endpoint every time, session affinity is useful.
• URL rewrite This is important in cases where session state is
This enables you to customise the URL that you saved locally on the back end for a user session.
pass on to the back end pool.
If you need help choosing between

Azure Front Door and Traffic Manager,
consider this guidance:
Azure Traffic Manager Azure Front Door
You only need routing (performance- or geography-based)

and high availability
●
You need SSL termination (also called SSL offloading) ●
You need application layer features like URL rewriting and WAF ●
2019 Guide to Azure
Azure Content
Not only is this easy to do, it also improves
the performance of your application in the
Delivery Network
following ways:
• Offloads serving content from your application.

Since it is now served by Content Delivery
Network, it frees up processing cycles for your
One of the Azure services that can help you make application.
your application faster is Azure Content Delivery
Network. You upload your static files – videos, • Brings static content physically closer to your
images, JavaScript, CSS and even static HTML users by distributing it to PoPs all over the world.
files – to a data store, such as Azure Blob storage,
and then couple Azure Content Delivery Network You can benefit from Content Delivery Network in
to that. web applications as well as in mobile and desktop
applications. One way to use Content Delivery
Content Delivery Network will then take those static
Network is to serve videos for a mobile app. Since
files and replicate them to hundreds of points of
videos can be large, you don’t want to store them
presence (PoP) all over the world. All you need to
on the mobile device – and neither do your users.
do in your app is change the reference to the static
Using Content Delivery Network, the videos are
files to a different URL.
served from the PoP. Since it is close to the user,
For example, the reference previously might have this also improves performance.
been ~/images/image.png, and it would now be
https://example.azureedge.com/image.png.
// T
Azure Content Delivery Network
2019 Guide to Azure
Azure Redis Cache

Azure provides Cache-as-a-Service with Redis
Cache. This is based on the open-source Redis
project and is now backed by industry-leading SLAs.
It is highly performant and has advanced options
like clustering and geo-replication.
Every modern application works with data. When
you retrieve data from a data store like a database,
this typically involves scanning multiple tables or // T
Azure Redis Cache
documents in some distant server, weaving the
results together and then sending the result to the
requesting device. This, of course, takes time and Further reading
can frustrate and annoy your users.
If you want to learn more about using Azure
To eliminate some of these ‘roundtrips’, you can Kubernetes Service, Azure Container Instances
cache data that doesn’t change often. This way, and other Azure services to create distributed
instead of querying the database every time, you applications, download and read the following free
could retrieve some of the data from a cache, like eBooks:
Azure Redis Cache. The benefit of the cache is that
it stores data in a simple format, such as key-value.
// C
ontainerise Your Apps
You don’t need to run a complex query to get this
with Docker and Kubernetes
data – you just need to know the key to retrieve
the value.
// Designing Distributed Systems

This can improve the performance of your
application dramatically.
Here’s how this workflow operates:
1. The app needs some data and attempts to

retrieve it from the cache.
2. If the data is not there, get it from the database

and store the data in the cache.
3. The next time the app is looks for that piece of

data, it will find it in the cache, saving a trip to
the database.
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 22
2018 adipiscing
02 /




Connecting
omnimusam veni nossita.
your app
with data
2019 Guide to Azure
What can Azure do

for your data?
Wherever your data is, Azure will help you unlock its
potential. Support rapid growth and save more time
for innovation with a portfolio of secure, enterprise-
grade database services that support open-source
database engines.
Azure database services are fully managed, freeing

up valuable time so you can focus on new ways to
delight your users and unlock opportunities rather
than spending that time managing your database.
Enterprise-grade performance with built-in high
availability means you can scale quickly and reach
global distribution without worrying about costly
downtime.
Developers can take advantage of industry-leading

innovations, such as built-in security with automatic
monitoring and threat detection, automatic tuning
for improved performance and turnkey global
distribution. On top of all of this, your investment is
protected by financially backed SLAs.
Whatever you build, we’ll help you get it to market

quickly, distribute it widely and manage it easily and
confidently.
Let’s dive in.

2019 Guide to Azure
Where to store
your data
Azure provides many types of data stores that can All services have a free tier that you can use
help you maintain and retrieve data in any scenario. to get started.
Table 2-1 presents the storage options available
in Azure.
// N
ote: You can use almost all
storage options mentioned in
this section as activators and
bindings for Azure Functions.
Let’s take a closer look at each storage option.
Table 2-1
SQL Database*
MySQL*
PostgreSQL*
MariaDB*
DB*
A zure Cosmos
Blob*
Table*
Queue*
File*
Disk*
Data Lake Store*
Warehouse*
SQL Data
Relational data ● ● ● ● ● ●
Unstructured data ● ● ●
Semi-structured data ● ●
Queue messages ●
Files on disk ●
High-performance files on disk ●
Store large data ● ● ● ● ● ●
Store small data ● ● ● ● ● ● ● ● ● ●
Geographic data replication ● ● ● ● ● ● ● ● ● ●
Tunable data consistency ●
2019 Guide to Azure
Azure Cosmos DB
In addition to all these features, Azure Cosmos DB
offers different APIs with which you can store and
retrieve data, including SQL, JavaScript, Gremlin,
MongoDB, Azure Table Storage and Apache
Cassandra. Different APIs handle data in different
Azure Cosmos DB is a new kind ways. You can use documents as data as well as
of database made for the cloud. unstructured tables, graphs and blobs. You use the
Its key features include: API that fits your needs and Azure Cosmos DB takes
care of the rest.
• A 99.99% SLA (99.999% for read operations) that
includes low latencies (less than 10 ms on reads
You benefit from cloud-grade performance,
and less than 15 ms on writes)
scalability and reliability while using the
programming model you’re already accustomed to.
• Geo-replication, which replicates data to other
geographical regions in real time.
// T
Azure Cosmos DB
• Tunable data consistency levels so you can
enable a truly globally distributed data system.
You can choose from a spectrum of data
consistency models, including strong consistency,
session consistency and eventual consistency.
• Traffic Manager, which sends users to the service

endpoint to which they are closest.
• Limitless global scale, so you pay only for the

throughput and storage that you need.
• Automatic indexing of data, which removes the

need to maintain or tune the database.
2019 Guide to Azure
Azure SQL
• Auditing, which provides a complete audit trail
of all the actions that happen to the data
Database • Automatic database tuning, which monitors

the performance of your database and tunes
it automatically
If you want to use tables with columns and rows to SQL Database offers several service tiers
store data, Azure SQL Database is a great choice. that are geared toward specific scenarios.
A relational database system similar to on-premises
Microsoft SQL Server, SQL Database runs in the • General purpose/standard: This tier offers
cloud – so it’s fully managed, performant, scalable, budget-oriented, balanced and scalable
automatically backed up and includes many compute and storage options. Fully managed,
advanced features. with performance comparable to Azure SQL
VMs, this tier is the best option for most
With SQL Database, you can do almost everything business workloads.
that you can do with on-premises SQL Server. In
• Business Critical/Premium: This tier offers
fact, new SQL Server features are incorporated first
the highest resilience to failures using several
in Azure SQL Database and later in on-premises SQL
isolated replicas. With consistently high IO, it
Server.
includes a built-in availability group for high
availability. This is the best option for critical
You can use SQL Database with your favourite tools,
Online Transactional Processing (OLTP) (normal
including SQL Server Management Studio and the
CRUD operations) business applications with
Entity Framework. Databases in SQL Database are
consistently high IO requirements.
extremely reliable and robust and offer an SLA that
guarantees 99.99% uptime. • Hyperscale: This tier offers very large database
(VLDB) support without the headaches. With
Here are some of the more advanced features in a built-for-the-cloud architecture of highly
SQL Database: scalable storage and a multilayer cache
optimised for very large and demanding
• Geo-replication, which replicates data to other workloads, it provides low latency and high
geographical regions in real time throughput regardless of the size of data
operations. This is the best tier for very large
• Dynamic data masking, which masks sensitive
and demanding workloads with highly scalable
data for certain users at runtime
storage and read-scale requirements.
2019 Guide to Azure
Azure databases
Azure provides MySQL, PostgreSQL and MariaDB
databases as managed databases, which means
for MySQL,
that you just spin them up and don’t have to worry
about any of the underlying infrastructure. Just like
Azure SQL Database and Azure Cosmos DB, these
PostgreSQL databases are universally available, scalable, highly

secure and fully managed.
and MariaDB Each of these databases is suited for slightly

different use cases, but in general their functionality
overlaps a lot. You would use Azure databases for
MySQL, PostgreSQL and MariaDB when you’ve
already been using one of their on-premises
versions and want the advantage of having it run
fully managed in the cloud.
2019 Guide to Azure
Azure Storage Host static websites on Azure Storage
Another exciting feature of Azure Storage is static

website hosting. This static websites feature only
uses Blob storage as its datastore and you can use
Azure Storage is one of the oldest, most it to host a static website on Azure Storage. All you
reliable and most performant services in have to do for your website to run is upload the files
Azure. Azure Storage offers five types of of your static website to Blob storage and indicate
storage that all benefit from the following which file is the default document (like index.html)
shared features: and which one is the error document (like 404.html).
Your website will run quickly for very little cost – in
• Geo-redundancy, which replicates data to fact, you only pay for the storage you use and the
different datacentres so you can recover it if a static website feature doesn’t cost anything extra.
disaster causes an individual datacentre to fail Additionally, when you use geo-redundancy (which
• Encryption of data at runtime is enabled by default), your website will be up and

running even if your primary datacentre fails.
• Custom domains
Blob storage
The five Azure Storage types are Blob, Table, Queue,
File and Disk (Figure 2-1). Azure Blob storage stores large, unstructured
data – literally, blobs of data. This data can be
video, image, audio, text or even virtual hard
drive (VHD) files for VMs.
There are three types of blobs: Page, Append
Queue
and Block Blobs. Page Blobs are optimised for
Blob Table
Unstructured Semi-structured Queue random read and write operations, and are perfect
Large Flexible scheme Reliable
MSMQ
for storing a VHD. Block Blobs are optimised for
Page/Block Small messages
efficiently uploading large amounts of data.
File Disk
File share Premium High I/O
SMB VM Disks
Figure 2-1
2019 Guide to Azure
These are perfect for storing large video files that File storage
don’t change often. Append Blobs are optimised for
append operations, such as storing operation logs You can use Azure File storage as a drive to share
that can’t be updated or deleted. files from. It uses the Server Message Block (SMB)
protocol, meaning you can use it with Windows and
// T
ry it out: Get started with Linux and access it from either the cloud or on-
Azure Blob storage premises systems. Like the other services in Azure
Storage, File storage is scalable and inexpensive.
Table storage
// T
Azure Table storage is an inexpensive, extremely Azure File storage
fast NoSQL key-value store you can use to store
data in flexible tables. A table can contain one row Disk storage
describing an order and another row describing
customer information. You don’t need to define Azure Disk storage is similar to File storage, but
a data schema, making Table storage very flexible. is specifically meant for high I/O performance.
It’s perfect for use as a drive in a VM that needs
// T
ry it out: Get started with high performance to run SQL Server, for instance.
Azure Table storage
Disk storage is available only in the premium
pricing tier of Azure Storage.
Queue storage
Azure Data Lake Store
Azure Queue storage is an unusual type of storage.
While it’s used to store small messages of data,
The previous data stores were meant for
its main purpose is to serve as a queue. You put
regular application use or for use with VMs.
messages on the queue and other processes pick
The Azure Data Lake Store, on the other hand,
them up. This pattern decouples the message
is storage for big data applications. You can use it
sender from the message processor, resulting in
to store large amounts of data in its native format –
performance and reliability benefits. Azure Queue
structured, unstructured or anything in between.
storage is found in previous versions of Windows.
The point of the Data Lake Store is to hold your raw
data so you can analyse it or transform and move it.
// T
Azure Queue storage
2019 Guide to Azure
The following are the main characteristics of in predefined schemas and query it by using the
Azure Data Lake Store: familiar SQL Server dialect.
• Unlimited storage capacity. A single file can be Because SQL Data Warehouse runs in Azure, there
larger than one petabyte in size – 200 times larger are many advanced features available to you. One of
than other cloud providers offer. these features is automatic threat detection, which
uses machine learning to understand the patterns of
• Scalable performance to accommodate massively your workload and serve as an alarm system to alert
parallel analytics. you of a potential breach.
• Data can be stored in any format, without a An effective time to use SQL Data Warehouse is
schema. when you know which reports you want to show
to users and what the data schema for these
This is a very different approach from the traditional reports is. You can then create schemas in SQL Data
data warehouse, in which you define data schemas Warehouse and populate it with data so users can
upfront. navigate through the data.
You can store all of the data that you get from // T
ry it out: Create an Azure SQL
Internet of Things (IoT) devices collecting Data Warehouse
temperature data, for example, in Data Lake
Storage. You can leave the data in the store and
then filter through it to create a view of the data
per hour or per week. Storing the data in Data Lake
Storage is inexpensive, so you can keep years of
data there at a very low cost.
// T
Azure Data Lake Store using the
Azure portal
Azure SQL Data Warehouse
When you need a traditional data warehousing

solution that is completely managed, scalable in
size and performant and secure, Azure SQL Data
Warehouse can provide the solution. Store data
2019 Guide to Azure
Azure data
When you move data, you can also filter it before
you send it to an end destination, clean it up or
analytics
transform it with an activity in the pipeline like
the Apache Spark activity. In addition, Azure
Data Factory allows you to schedule and monitor
solutions pipelines as well as lift and shift your SQL Server

Integration Services (SSIS) packages to the cloud.
// T
ry it out: Create a data factory
Almost as important as storing data is analysing it to using the Azure portal
get insights. Azure provides many services for data
analytics scenarios, enabling you to get valuable Azure Analysis Services
and actionable insights from your data – no matter
how large or small or complex it is. With Azure Analysis Services, you can create a
semantic model of your data that users can access
Azure Data Factory directly with visualisation tools like Power BI. Built
on the SQL Server Analysis Services tools that run
Moving and transforming data is not a trivial on-premises with SQL Server, the service now runs
task, but Azure Data Factory can help you to managed in the cloud. This means that the service
do just that. Within Data Factory, you can create is scalable and that data is stored redundantly – and
a comprehensive pipeline that performs your when you aren’t using it, you can pause the service
complete extraction, transformation and loading to minimise costs.
(ETL) process.
With Azure Analysis Services, you can provide
Data Factory can reliably move data from on- modelled data directly to users in a very performant
premises to the cloud, within the cloud or to way. Users can query millions of records in seconds
on-premises – it doesn’t matter where your data because the model lives completely in memory and
sources are. Data Factory also provides many is periodically refreshed.
connectors that you can use to easily connect to
your data source, like SQL Server, Azure Cosmos DB, You can get data into the semantic model from
Oracle and many more. anywhere, including from data sources in the cloud
and on-premises. You can use Azure Blob storage,
2019 Guide to Azure
Azure SQL Database, Azure SQL Data Warehouse Azure Stream Analytics
and many other services as data sources for the
model. You can also use data sources like on- You can use the Azure Stream Analytics service
premises Active Directory, Access databases and to analyse, query and filter real-time streaming
Oracle databases. data. For example, when you receive a stream of
temperature data from an IoT device, it tells you
// T
ry it out: Create an Azure how warm it is outside. It might provide the same
Analysis Services server using temperature every second for an hour until the
the Azure portal temperature changes, but you are only interested in
the changes. Azure Stream Analytics can query the
Azure Data Lake Analytics data in real time and store only the differential data
in an Azure SQL Database.
Another Azure service for performing data analytics
tasks is Azure Data Lake Analytics. With this service, Stream Analytics can get its data from many
you can analyse, process and transform potentially services, including Azure Blob storage, Azure Event
massive amounts of data from Azure Storage and Hubs and Azure IoT Hub. You can analyse the data
Azure Data Lake Store. by using a simple SQL-like language or custom
code. After querying and filtering the stream of
Azure Data Lake Analytics allows you to create and data, Stream Analytics can output the result to many
submit jobs that query data, analyse it or transform Azure services, including Azure SQL Database, Azure
it. You can write these jobs in U-SQL, which is a SQL- Storage and Azure Event Hubs.
like language and extend U-SQL with Microsoft R
and Python. // T
ry it out: Create a Stream
Analytics job using the
You pay for the jobs that you submit and run, and Azure portal
the service scales automatically depending on the
power that the jobs need. Azure Data Lake Analytics Azure Time Series Insights
is typically used for long-running analytics jobs
against massive amounts of data. You can use Azure Time Series Insights to get quick
insights on large amounts of typically IoT-type data.
// T
ry it out: Create your first This service gets data from Azure Event Hubs, IoT
U-SQL script through the Hub and your own reference inputs, and it retains
Azure portal that data for a specified amount of time.
2019 Guide to Azure
With Azure Time Series Insights, users can query and Azure Data Lake Store. Databricks also works with
analyse data through a visualisation tool as soon as data from Azure SQL Data Warehouse, Azure SQL
it comes in. Time Series Insights not only analyses Database and Azure Cosmos DB. Additionally, you
data, but also ingests and holds it for a while. This can plug Databricks into Power BI to create and
is like Azure Analysis Services, where data lives show powerful dashboards.
in-memory in a model for users to query. The key
differences are that Time Series Insights is optimised // T
ry it out: Run a Spark job on
for IoT and time-based data, and it contains its own Azure Databricks using the
data visualisation tool. Azure portal
// T
ry it out: Explore a Time Series Azure HDInsight
Insights demo environment from
your browser Azure HDInsight is a platform within Azure that you
can use to run open-source data analytics services.
Azure Databricks You can also use it to run specialised clusters of
your favourite open-source data analytics tools.
Azure Databricks allows you to run a managed and The advantage of running these tools in Azure
scalable Databricks cluster in the cloud. Databricks HDInsight is that they’re managed, which means
provides a unified analytics platform with a host you don’t have to maintain VMs or patch operating
of tools and capabilities. Within Databricks, you systems. Plus, they can scale and easily connect to
can run optimised versions of Apache Spark to do one another, other Azure services and on-premises
advanced data analytics. data sources and services.
In addition to Spark-based analytics, Databricks Most of the specialised open-source data analytics
provides interactive notebooks and integrated cluster types in Azure HDInsight use Azure Blob
workflows and workspaces you can use to storage or Azure Data Lake Store to access or store
collaborate with the entire data team, including data, as these services work with the Hadoop File
data scientists, data engineers and business analysts System.
– all of whom have access to specialised tools for
their specific needs. You can run potentially massive specialised clusters
of different types, such as an Apache Hadoop
Databricks is fully integrated with Azure Active cluster. This enables you to process and analyse
Directory, which gives you the ability to implement data with Hadoop tools like Hive, Pig and Oozie.
granular security. With Databricks, you can perform
Spark-based data analytics on data that comes
from many places, including Azure Storage and
2019 Guide to Azure
You can also spin up an Apache HBase cluster, This allows you to run R-based jobs to analyse data.
which provides a very fast NoSQL database. The Finally, you can create a cluster that runs Apache
data actually lives within Azure Storage or an Azure Kafka, which is a publish-subscribe messaging
Data Lake, but HBase provides an abstraction layer system used to build applications with
on top, which has its own functionality and unique queueing mechanisms.
performance.
There are more cluster types, as well as tools that
You can create an Apache Storm cluster, which you can use within clusters. You can perform
is geared toward analysing data streams, just like almost any data analytics and processing task with
Azure Stream Analytics. In addition, you can have an a combination of these clusters, and they all run
Apache Spark cluster, which provides a framework managed in the cloud. Table 2-2 can help you pick
for processing and analysing massive amounts of the right Azure services for analysing your data.
data. HDInsight can also run a cluster for Microsoft
Machine Learning Server (previously Microsoft R // T
ry it out: Extract, transform
server). and load data using Apache Hive
on Azure HDInsight
Table 2-2
Time Series Insights*
Data Factory*
Analysis Services*
Data Lake Analytics*
Stream Analytics*
Azure Databricks*
Azure HDInsight*
Move data from store to store ●
Transform data ● ● ● ● ● ● ●
Query and filter streaming data ● ● ●
Provide in-memory semantic model for users ● ● ●

Allow users to query data and
create dashboards ●
Analyse data for later use ● ● ●
2019 Guide to Azure
Walk-through: Before you begin, you will need:
Publish an on-
• Microsoft Visual Studio 2017 or later
• An Azure free account in order to follow
premises website •
this demo script
Tailwind Traders Rewards source code
to Azure with
a SQL database
Walk through: Migrating a .NET app to Azure without
code change
When your application has outgrown your local

infrastructure, you need to look at other options of
meeting demands without burdening your teams.
The Azure cloud offers a variety of platforms and

service offerings to host applications. To start,
you’ll use Azure App Service to host the application
without any changes to the existing code.
2019 Guide to Azure
1. Launch Visual Studio 2019. You’ll immediately

notice the simplified ‘open’ experience.
Launch Visual Studio
2. Click the Clone or checkout code option

and enter the Tailwind Traders Rewards
repository URL (https://github.com/Microsoft/
TailwindTraders-Rewards.git) in the Code
repository location.
Click Clone. Under Solutions and folders,

click Tailwind.Traders.Rewards.sln to open
the solution.
Rewards clone
3. Right-click the project Tailwind.Traders.Rewards.

Web and choose Publish. This is the same
Publish dialogue box that you can use to deploy
onto IIS6 in your local infrastructure.
Using this Publish dialogue, you’ll deploy the

application to the Azure cloud platform.
Publish app
2019 Guide to Azure
4. Choose App Service as the Publish target.

Under the Azure App Service window, choose
Create New and click Publish.
Publish options
5. In the next window, enter your Azure

subscription information, choose the App
Service, and either choose existing options for
Resource Group, Hosting Plan and Application
Insights or create new ones.
Click the Create a SQL database option on the

right side and create a new server and database
within the resulting windows.
Finally, click Create to create a publish profile.

Alternatively, you can create the Azure SQL Create profile
database directly on the Azure portal.
Create profile
2019 Guide to Azure
6. Click Configure in the Publish window to check

the database connection strings. The database
connection strings can be populated by selecting
the ellipsis button and entering the SQL
database details. On clicking Publish, the web
config file will be updated with this database
string, which is pointing to a SQL database.
When the application is debugged locally, it’s the

local Internet Information Services (IIS) and the
local SQL server that will act, but when the app is
published this will be swapped with the created
Database connection strings
Azure services.
7. Click Publish to deploy the application to

Azure App Service and the back end to the
SQL database.
Publish app
2019 Guide to Azure
8. Once the app is published, you’ll see the status as

Publish Succeeded and the web app is opened
in the browser. The website will now show data
from the SQL database.
Publish Succeeded
Web app
Further reading
If you want to learn more about data and data

analytics in Azure, you can download and read the
following free eBooks:
// G
uide to NoSQL with Azure
Cosmos DB
// Azure for Architects
// Migrating .NET Apps to Azure

February Lorem
May
May ipsum dolor sit
The
The
amet,
Developer’s
Developer’s
consectetur 40
2018 adipiscing
2019
2019 elit Guide
Guide to
to Azure
Azure
03 /




Securing
your
application
2019 Guide to Azure
How can
Azure help
secure your app?
Have you ever had a security incident with one of
your applications? You might have had one without
even knowing it. With Azure, you can protect
data, apps, and infrastructure with built-in security
services that include security intelligence to help
identify rapidly evolving threats early – so you can
respond quickly.
Azure can also help you implement a layered,

in-depth defence strategy across identity,
data, hosts and networks. With services like the
Azure Security Centre, you can get an overview
of your security status and recommendations
for how to improve security.
Most importantly, you’ll be notified as soon as there

might be a security incident – so you’ll always know
if there’s a threat. This way, you can take immediate
steps to secure your assets. In this chapter, we’ll dive
in to some of them.
Azure Active Directory
An important part of your application’s security is

authenticating users before they can use it – but
authentication is not an easy thing to implement.
You need to store user identities and credentials
somewhere, implement password management,
create a secure authentication handshake and so on.
2019 Guide to Azure
Azure Active Directory (Azure AD) provides all control the secrets and developers never need to
of these things and more out of the box. You deal with them. Key Vault also stores SSL and other
store your user identities in Azure AD and have certificates used to secure the traffic to and from
users authenticate against it, redirecting them to your applications over HTTPS.
your application only after they’re authenticated.
Azure AD takes care of password management,
Azure Sentinel
including resolving common scenarios like
forgotten passwords.
To get a good overview of the security status of
your organisation and all of its users, applications,
Since Azure AD is used by millions of applications
services and data, you can use a security
every day – including the Azure portal, Outlook.
information and event manager (SIEM) platform.
com and Office 365 – it’s able to more readily
Azure now offers an AI-powered SIEM in the form
detect and act on malicious behaviour. For instance,
of Azure Sentinel.
if a user were to sign in to an application from a
location in Europe and then one minute later sign in
Use Azure Sentinel to collect data from your
from Australia, Azure AD would flag this as malicious
organisation, including data about users,
behaviour and ask the user for additional credentials
applications, servers and infrastructure assets like
through multifactor authentication.
firewalls and devices running in the cloud and
on-premises. It’s easy to collect data from your
Azure Key Vault organisation with the built-in connectors. As data
is being collected, Azure Sentinel detects security
As part of your security architecture, you need a
threats and minimises false positives with its smart
secure place to store and manage certificates, keys
machine learning algorithms.
and other secrets. Azure Key Vault provides this
capability. With Key Vault, you can store the secrets
When there’s a threat, you’ll be alerted and
that your applications use in one central location.
can investigate it with AI, utilising decades of
cybersecurity work at Microsoft. You can respond
These secrets can include the credentials in a
to incidents with Azure Sentinel’s built-in workflow
connection string. Your application would get the
orchestration and task automation.
connection string from Key Vault instead of from the
configuration system. This way, administrators can
// G
et started by onboarding
Azure Sentinel
// T
Azure Key Vault
2019 Guide to Azure
Azure API Management Azure AD Application Proxy
APIs should be secure. This is true for APIs you Azure AD Application Proxy provides single
create yourself as well as those from third-party sign-on (SSO) and secure remote access for web
vendors. To assist in making your APIs secure, you applications hosted on-premises. Apps you would
can use Azure API Management. This is basically likely want to publish include SharePoint sites,
a proxy you put in front of APIs that adds features Outlook Web Access or other line-of-business
like caching, throttling and authentication or (LOB) web applications. These on-premises web
authorisation. apps integrate with Azure AD, the same identity
and control platform used by Office 365. End users
With API Management, you secure an API by can access your on-premises applications the same
requiring users to create a subscription to it. This way they access Office 365 and other SaaS apps
way, applications need to authenticate before they integrated with Azure AD.
can use your API. You can use various authentication
methods like access tokens, basic authentication Managed Identities for Azure resources
and certificates. Additionally, you can track who’s
calling your API and block unwanted callers. How do you keep credentials out of your code
completely? You can start by using Azure Key Vault,
Much more than security but where do you store the credentials to connect to
Key Vault? Managed Identities for Azure resources
While security is critical, Azure API Management provides a solution.
offers other capabilities that can help streamline
your development and testing workflow, such as You can use Managed Identities for a lot of services
test data response mocking, publishing multiple in Azure, including Azure App Service. You simply
API versions, introducing non-breaking changes enable Managed Identity with a button to inject
safely with revisions and giving developers access credentials into your application at runtime and
to your API’s auto-generated documentation, then use those credentials to access other services
catalogue and code samples. like Azure Key Vault. All authentication between
services is done on the infrastructure level, meaning
// T
ry it out: Get started with your application doesn’t have to deal with it and can
Azure API Management just use other services.
// T
ry it out: How to use
Managed Identities for Azure
resources in App Service and
Azure Functions
2019 Guide to Azure
Encryption
• SQL Transparent Data Encryption (TDE) encrypts
SQL Server, Azure SQL Database and Azure SQL
Data Warehouse data files. Data and log files are
encrypted using industry-standard encryption
algorithms. Pages in a database are encrypted
Default encryption of data
before they’re written to disk and decrypted when
they’re read.
By default, your data is encrypted in Azure when
stored in Azure SQL Database, Azure SQL Data
• SQL Always Encrypted encrypts data within
Warehouse, Azure Database for MySQL, Azure
client applications prior to storing it in Azure SQL
Database for PostgreSQL, Azure Storage, Azure
Database. It allows delegation of on-premises
Cosmos DB or Azure Data Lake Store. All this
database administration to third parties and
encryption works automatically, and you don’t need
maintains separation between those who own
to configure anything when you use it.
and can view the data and those who manage it,
but should not access it.
To help meet your security and compliance
requirements, you can use the following features
• Azure Cosmos DB requires no action from you –
to encrypt data at rest:
user data stored in Azure Cosmos DB in non-
volatile storage (solid-state drives) is encrypted
• Azure Disk Encryption encrypts Windows and
by default and there are no controls to turn it
Linux infrastructure as a service (IaaS) VM boot
on or off.
and data volumes using customer-managed keys.
• Azure Storage Service Encryption automatically

encrypts data prior to persisting in Azure Storage
and then automatically decrypts the data when
you retrieve it.
• Azure client-side encryption supports encrypting

data within client applications before uploading
to Azure Storage or other endpoints, and then
decrypting data when downloading it to the
client.
2019 Guide to Azure
Azure Security
You don’t have to do anything to enable the Basic
tier – it’s automatically enabled for every customer
Centre
as part of the Azure platform. This service protects
your applications against the most common DDoS
attacks by performing real-time monitoring and
mitigation, and it provides the same defences used
by Microsoft Online Services (MOS).
Azure Security Centre provides unified security
management and advanced threat protection The Standard tier provides additional mitigation
across hybrid cloud workloads. It offers centralised capabilities that are tuned specifically to Azure
policy controls to limit exposure to threats and Virtual Network resources. It’s simple to enable,
rapidly find and fix vulnerabilities. and you don’t have to change your applications –
everything is done at the network level. Plus, with
In addition, Security Centre supports integration the Standard tier you can customise the Basic tier
with third-party solutions and can be customised protection with your own policies that focus on your
with automation and programming capabilities. specific use cases and applications.
You can use Security Centre to analyse the security
state of your compute resources, virtual networks, // M
ore information: Read more about
storage and data services and applications. Azure DDoS protection
Continuous assessment helps you discover potential Azure VPN Gateway

security issues, such as systems with missing
security updates or exposed network ports. A list One of the many options for connecting Azure to
of prioritised findings and recommendations can your on-premises network is Azure VPN Gateway.
trigger alerts or other guided remediation. This lets you set up an encrypted Site-to-Site (S2S)
VPN connection between an Azure virtual network
Azure DDoS protection and your on-premises network.
You’ve heard about it on the news and you certainly Because the traffic is encrypted, it’s secure – even
don’t want it to happen to your enterprise: an when it travels over the public internet. VPN
application is targeted by a Distributed Denial of Gateway can send encrypted traffic between Azure
Service (DDoS) attack. These types of attacks are virtual networks over the Microsoft network.
becoming more common and can overwhelm You can also create encrypted Point-to-Site (P2S)
your application to the point that no one can use it connections from your computer to Azure. This way,
anymore. The Azure DDoS protection service offers you have your own private, secured connection to
protection from DDoS attacks through a free tier Azure even when you’re on the road.
(Basic) and a paid tier (Standard).
2019 Guide to Azure
// G
et started by creating an Azure
Azure Network Watcher
VPN Gateway with PowerShell
Azure Network Watcher is a regional service that
enables you to monitor and diagnose conditions at
Azure Application Gateway the network level in, to and from Azure.
Azure Application Gateway is a dedicated virtual Its many diagnostic and visualisation tools can help
appliance that provides an application delivery you understand and gain deeper insights into your
controller (ADC) as a service. It offers various Layer 7 network in Azure.
load balancing capabilities for your application, and
allows customers to optimise web farm productivity Examples include:
by offloading CPU-intensive SSL termination to the
application gateway. The gateway also provides • Topology: Provides a network-level view showing
other Layer 7 routing capabilities, including round- the various interconnections and associations
robin distribution of incoming traffic, cookie-based between network resources in a resource group.
session affinity, URL path-based routing and the
ability to host multiple websites behind a single • Variable packet capture: Captures packet data in
application gateway. and out of a VM. Advanced filtering options and
fine-tuned controls, such as the ability to set time
Azure Web Application Firewall and size limitations, provide versatility. The packet
data can be stored in a blob store or on the local
You need to secure your application against
disk in .cap format.
many threats, including SQL injection, Cross-site
scripting (XSS) and others defined in the Open Web
• IP flow verify: Checks if a packet is allowed or
Application Security Project (OWASP). A WAF from
denied based on 5-tuple flow information and
Azure can lend a hand with that. A feature of the
packet parameters (destination IP, source IP,
Azure Application Gateway service, a WAF provides
destination port, source port and protocol). If the
real-time protection of your application. It detects
packet is denied by a security group, the rule and
malicious attacks, as defined in the OWASP core
group that denied the packet are returned.
rule set and blocks those attacks from reaching your
application. It also reports on attempted or ongoing
attacks so that you can see active threats to your
application, providing an extra layer of security.
2019 Guide to Azure
Network security groups Cross-premises VPNs
A network security group (NSG) holds a list of Azure supports two types of cross-premises VPN
security rules that allow or deny network traffic to connections: P2S VPN and S2S VPN. A P2S VPN
resources connected to Azure Virtual Networks. connection lets you create a secure connection
NSGs can be associated to subnets, individual VMs to your virtual network from an individual client
(classic-style VMs) or individual network interface computer. This type of connection is established
controllers (NICs) attached to VMs (Resource from the client computer, which is useful for
Manager‑style VMs). When an NSG is associated to telecommuters who want to connect to Azure
a subnet, the rules apply to all resources connected Virtual Networks from a remote location. A P2S VPN
to the subnet. You can restrict traffic even further by is also useful when you have only a few clients that
also associating an NSG to a VM or NIC. need to connect to a virtual network. In contrast,
an S2S VPN connection is used to connect your
Azure DNS Private Zones on-premises network to an Azure virtual network
over an IPsec/IKE (IKEv1 or IKEv2) VPN tunnel. This
The DNS is responsible for translating (or resolving) type of connection requires a VPN device located
a service name to its IP address. Azure DNS is a on-premises that has an externally facing public IP
hosting service for DNS domains, providing name address.
resolution using the Azure infrastructure. In addition
to internet-facing DNS domains, Azure DNS now // M
ore info: Read more about P2S
supports private DNS domains as a preview feature and S2S VPNs
with Azure DNS Private Zones. Security benefits
from private DNS zones include the ability to create
a split DNS infrastructure. This enables you to create
private and public DNS zones with the same names
without exposing internal names. In addition,
the use of DNS Private Zones removes the need
to introduce custom DNS solutions that could
increase the overall attack surface with independent
updating and management requirements.
// M
ore information: Read more
about DNS Private Zones
2019 Guide to Azure
Azure ExpressRoute
Azure ExpressRoute lets you extend your on-

premises networks into the Microsoft cloud
over a secure private connection facilitated by
a connectivity provider without traversing the
internet. With ExpressRoute, you can establish
connections to Microsoft cloud services, such
as Azure, Office 365 and Dynamics 365.
Azure Load Balancer
You can use load balancers to increase the

availability of applications. Azure supports both
external and internal load balancers, which can
be used in a public or internal configuration.
In addition, you can configure load balancers

to support high availability (HA) ports where an
HA ports rule is a variant of a load balancing rule
configured on the internal Standard Load Balancer.
You can provide a single rule to load balance all TCP
and UDP flows arriving on all ports of an internal
load balancer.
// M
ore info: Read about Load
Balancer and HA ports rules
2019 Guide to Azure
Logging and Azure NSG flow logs
monitoring
A feature of Network Watcher, Azure NSG flow
logs allow you to view information about ingress
and egress IP traffic through an NSG. Flow logs can
be analysed to gain information and insights into
network traffic and security as well as performance
Azure Log Analytics issues related to traffic.
Azure Log Analytics helps you collect and analyse While flow logs target NSGs, they are not displayed
data generated by resources in your cloud and in the same way as other logs and are stored only
on-premises environments. It provides real-time within a storage account.
insights by using integrated search and custom
dashboards to analyse millions of records across Azure Monitor Application Insights
all your workloads and servers regardless of their
physical location. Azure Monitor Application Insights is an extensible
application performance management (APM)
Azure Monitor service for web developers on multiple platforms.
It includes powerful analytics tools to help you
Azure Monitor enables basic monitoring for Azure diagnose issues and understand what users do
services by collecting metrics, activity logs and with your app. It works for applications on a variety
diagnostic logs. The metrics collected provide of platforms hosted on-premises or in the cloud,
performance statistics for different resources, including .NET, Node.js and J2EE.
including the OS associated with a VM.
The activity log will show you when new resources

are created or modified. You can view this data with
one of the explorers in the Azure portal and send it
to Log Analytics for trending and detailed analysis,
or you can create alert rules that will proactively
notify you of critical issues.
2019 Guide to Azure
Application Insights integrates with your DevOps Azure security technical and architectural
process and has connection points to a variety of documentation
development tools. It can monitor and analyse
telemetry from mobile apps by integrating with Azure maintains a large library of security technical
Visual Studio App Centre. documentation that supplements security
information with individual services. White papers,
Azure Security and Compliance Blueprint best practices documents and checklists are
included on the Azure Security Information page.
The Azure Security and Compliance Blueprint –
HIPAA/HITRUST Health Data and AI provides tools Also covered are core public cloud security topics
and guidance to help deploy a platform as a service in diverse areas, including network security, storage
(PaaS) environment for compliance with the Health security, compute security, identity and access
Insurance Portability and Accountability Act (HIPAA) management, logging and auditing, cloud workload
and Health Information Trust Alliance (HITRUST). protection, PaaS security and more.
This PaaS offering supports ingesting, storing, // M

ore info: Read more about the
analysing and interacting with personal and non- Azure Security Information page
personal medical records in a secure, multi-tier
cloud environment deployed as an end-to-end
Further reading
solution. The blueprint showcases a common
reference architecture that could be applied to use
Learn more about Azure security in the following
cases beyond healthcare and is designed to simplify
free eBooks:
adoption of Azure.
// Enterprise Cloud Strategy
// M
ore information: Read more
about the Azure Security and
Compliance Blueprint
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 51
2018 adipiscing
04 /




Adding
intelligence
to your
application
2019 Guide to Azure
How can Azure

integrate AI into
your app?
AI can give your application an edge over the
competition. Just imagine what you can build –
apps that translate speech in real time as you’re
speaking, or an app that helps you identify parts of
a motor in a mixed-reality training. The possibilities
are endless. But building an AI-powered app seems
difficult. How do you create an algorithm that can
understand speech, for instance?
Fortunately, you don’t have to do everything

yourself. Azure is here to help. It provides many AI
services that you can just plug into your application,
like the Speech Translation service (a service in
Azure Cognitive Services) that translates speech in
real time.
Using a service like this, you’re able to just consume

AI. But you can also build your own machine
learning algorithms with services like Azure
Machine Learning Studio and Azure Machine
Learning service.
2019 Guide to Azure
What to use, and

when?
Before diving into the options for AI in Azure, let’s
look at Table 4-1, which summarises which services
are available and their capabilities.
Table 4-1
Azure Search*
Services*
Azure Cognitive
Azure Bot Service*
Learning Studio*
Azure Machine
Learning*
Azure Machine
Anchors*
Azure Spatial
Rendering*
Azure Remote
Move data from store to store ●
Transform data ● ● ● ● ● ● ●
Query and filter streaming data ● ● ●
Provide in-memory semantic model for users ● ● ●
Users can query data and create dashboards ●
Analyse data for later use ● ● ●
2019 Guide to Azure
Azure Search
• User experience features like sorting and
paging search results, intelligent filtering
and providing search suggestions.
• Cognitive Search, which is an AI-first

Azure Search is a common feature, yet it has approach to understanding. Cognitive Search
traditionally been difficult to implement. Azure is powered by Azure Search with built-in
Search provides a lot of the plumbing to do Cognitive Services. It pulls data from almost
searches. You just spin up an Azure Search instance, any source and applies a set of composable
create an index that helps you search and fill it with cognitive skills that extract knowledge. This
data. This means, for example, that you could easily knowledge is then organised and stored in an
implement Azure Search to help users search your index, enabling new experiences for exploring
product catalogue in an e-commerce application. the data using Azure Search.
There are many options for tweaking Azure Search

Cognitive Search is used by oil and gas companies,
and great features to make searching easier for
whose teams of geologists and other specialists
your users, such as:
need to understand seismic and geologic data.
These teams often have decades of PDFs with
• Geo-search, which lets users explore data based
pictures of samples along with handwritten field
on the proximity of a search result to a physical
notes. The teams need to connect places, domain
location.
experts and events and then navigate all this
• Language analysers from Apache Lucene as information to make key decisions.
well as natural language processing (NLP)
from Microsoft, available in 56 languages, Cognitive Search uses Cognitive Services to analyse
which intelligently handle linguistics, including all this data, extract information and correlate it –
verb tense, gender, irregular plural nouns, all without the need to write complicated image
word decompounding and word breaking recognition or Optical Character Recognition (OCR)
for languages with no spaces. software.
• Monitoring and reporting, which provide

information on what was searched for and // T
ry it out: Create your first
Azure Search index in the portal
how fast and successful the search was.
2019 Guide to Azure
Cognitive
Each category in the table contains multiple
services that you can use by calling an API. Some
Services
categories contain custom services, like Custom
Vision, Language Understanding and Bing
Custom Search. These custom services provide
preconfigured machine learning algorithms,
just like the other services, and they also enable
Cognitive Services provides machine learning you to use your own data to train the model. In
algorithms, created by Microsoft, and data as addition to these services, you can use the services
a service. For most services, Microsoft has also in the Cognitive Services Labs. The labs contain
provided the data to train those algorithms. experimental services that Microsoft is trying out
For some services, you can use your own custom to see if they fit well with customer use cases. One
data to train the algorithms. such experimental service is Project Gesture, which
enables you to detect gestures like the wave of a
Cognitive Services provides an exceptionally easy hand and weave them into your user experience.
way to incorporate machine learning and AI into
your application – by simply calling APIs. Let’s take a closer look at some of the Cognitive
Services.
Table 4-2 shows which APIs are currently available.
Note that the list keeps growing.
// T
ry it out: Explore
Cognitive Services
All services have a free tier that you can use to get
started.
Table 4-2
Vision Speech Language Knowledge Search
Computer Vision Speech to Text Text Analytics Q&A Maker Bing Web Search
Face Text to Speech Translator Text Bing Visual Search
Video Indexer Speech Translation Bing Spell Check Bing Entity Search
Content Moderator Speaker Recognition Content Moderator Bing News Search
Custom Vision Language Bing Custom Search
Understanding Bing Image Search
Bing Autosuggest
Bing Video Search
Bing Local Business
Search
* All services have a free tier that you can use to get started.
2019 Guide to Azure
Language Understanding train the model. In this example, you would tag an
image with ‘cumulus’ or ‘stratus’.
Use the Language Understanding (LUIS) service
to understand what users are saying to you on Once you’ve uploaded enough images, you can
social media, in chatbots or in speech-enabled train your model. The more images you upload
applications. For example, you can book flights or with tags and the more training you do, the more
schedule meetings. accurate your model will be.
To use the Language Understanding service, give Once you have a model that performs well, you can
it examples of what you want it to understand, like start using it by making calls to the Custom Vision
‘Book a flight to Seattle’ or ‘Schedule a meeting API and feeding it new images. When you upload
at 1 pm with Bob’, and tell it which words you’re a new image, the service tells you if it recognises
looking for. In these examples, you might be looking it based on the images already uploaded.
for the destination of the flight (Seattle) and the Figure 4-1 shows an example of what the API
time and person for the meeting (1 pm and Bob). endpoint looks like.
After the Language Understanding service creates

a machine learning model based on the examples
that you put in, it can extract information from
natural language that users put in.
// T
ry it out: Create a new app
in the LUIS portal
Custom Vision
With the Custom Vision service, you can detect

Figure 4-1
information in images based on your own training
data. Custom Vision works similarly to other
Using the Custom Vision service to detect
Cognitive Services in that it comes with a predefined
information based on your own model is impressive
machine learning algorithm. All you have to do is
enough, but Custom Vision can do even more.
feed the service with your data.
The model you create when you train the Custom
Vision service with your data can be deployed to the
Let’s say you want to create a model that can detect
‘intelligent edge’. This means the model and API can
types of rain clouds in the sky, such as cumulus and
run somewhere other than the cloud, like on an on-
stratus. To create this model, you upload images of
premises server in a Docker container or on another
different types of clouds to the Custom Vision portal
device, such as your phone.
and give them tags, which tells the service how to
2019 Guide to Azure
This offers great flexibility because you don’t need • Performs sentiment analysis, which identifies
an active internet connection to use the capabilities when something positive, negative or
of the Custom Vision service; you can also run neutral is said or displayed.
it locally, which provides great performance. In
addition, the model you run on the edge isn’t very As the breadth of these functionalities shows,
large – only approximately tens of megabytes – Video Indexer combines many Cognitive Services,
because you deploy only the model and API, like Speech to Text and Speaker Recognition.
not the training data. Cumulatively, these services provide powerful
capabilities that make content more discoverable,
accessible and valuable.
// T
ry it out: Create your own
Custom Vision project
You can upload media files to Video Indexer using
the Video Indexer portal or the API. Figure 4-2
Video Indexer
shows the results of an Azure Friday video that
was uploaded to the Video Indexer service.
The Video Indexer service analyses the video and
audio files you upload to it. This Cognitive Service
is also a part of the Media Analytics suite of Azure
Media Services. It provides a predefined machine
learning algorithm and you provide the data.
In addition to many others, Video Indexer has the

following capabilities:
Figure 4-2
• Creates a transcript of the text in a video. You As shown in the figure, Video Indexer created a
can refine the transcript manually and train transcript of the audio in the video. The transcript
Video Indexer to recognise industry terms like can be edited and even translated into other
‘DevOps’. languages. You can also see that Video Indexer
recognised text on the slide behind the speakers
• Tracks faces and identifies who is in a video
and marked it as ‘OCR’. You can skip to that text by
and at what points. Video Indexer has the same
clicking it. Video Indexer provides this functionality
capability for audio, for which it recognises who
for individual applications by embedding the
is speaking and when.
Cognitive Insights widget.
• Recognises visual text in a video, like text on a
slide, and makes that part of the transcript. // T
ry it out: Upload your first
video to Video Indexer
2019 Guide to Azure
Q&A Maker Bing Autosuggest
The Q&A Maker Cognitive Service offers an easy Bing Autosuggest provides search suggestions
way to create a conversational layer over existing while you type. This enables you to give your users
data, like the frequently asked questions (FAQ) a search experience similar to using Bing or Google,
pages, support websites and product manuals. in which search results are automated or completed.
QnA Maker helps you analyse and extract the
information and convert it into question-and- Provide the search text character by character to
answer pairings that can be easily managed. Bing Autosuggest, and it quickly returns search
Simply put, QnA Maker allows you to build apps suggestions in JSON format.
that can provide information to your users in a
conversational manner. For instance, when you input the query text
“What should I search for”, the service returns the
With QnA Maker, it’s possible to create and manage following JSON (see page 59 for larger figure):
knowledge bases using the easy-to-use QnA Maker
Portal or using REST APIs. We have simplified the
bot creation process by allowing you to easily create
a bot from your knowledge base – without the
need for any code or settings changes. See more
details here: Create a QnA bot. Of course, you can
also use QnA Maker to create a bot using the Azure
Bot Service and augment your QnA bot by adding
the Language Understanding Service. To add
personality, you can add chit-chat to your bot and
answer commonly asked small talk scenarios out of
the box.
You pay only for the hosting of QnA Maker, not for
how many times the resulting service gets queried This contains all the suggestions. The original search
by users. query is contained in the top of the results.
// T
ry it out: Create your QnA Maker
knowledge-based service // T
ry it out: Get an API key and
try out Bing Autosuggest for free
2019 Guide to Azure
{
“_type”: “Suggestions”,
“instrumentation”: null,
“queryContext”: {
“originalQuery”: “what should I search for”
},
“suggestionGroups”: [
{
“name”: “Web”,
“searchSuggestions”: [
{
“url”: “https://www.bing.com/search?q=what+should+i+search+for&FORM=USBAPI”,
“urlPingSuffix”: null,
“displayText”: “what should i search for”,
“query”: “what should i search for”,
“searchKind”: “WebSearch”
},
{
“url”: “https://www.bing.com/search?q=what+should+i+search+for+on+bing&
FORM=USBAPI”,
“displayText”: “what should i search for on bing”,
“query”: “what should i search for on bing”,
},
{
“url”: “https://www.bing.com/search?q=what+should+i+search+for+on+the+internet&
FORM=USBAPI”,
“displayText”: “what should i search for on the internet”,
“query”: “what should i search for on the internet”,
},
{
“url”: “https://www.bing.com/search?q=what+should+i+search+for+today&
FORM=USBAPI”,
“displayText”: “what should i search for today”,
“query”: “what should i search for today”,
},
{
“url”: “https://www.bing.com/search?q=what+should+i+search+for+in+dna+raw+data&
FORM=USBAPI”,
“displayText”: “what should i search for in dna raw data”,
“query”: “what should i search for in dna raw data”,
}
]
}
]
}
2019 Guide to Azure
Azure
Azure Bot Service makes it easy to create a bot
and provides the following support:
Bot Service • Provides a way to host and manage bots you’ve

built using the Microsoft Bot Framework, with
a comprehensive open-source SDK and tools
for bot development.
Creating a bot – an application that automatically
and autonomously interacts with users – is no trivial • Integrates natively with Cognitive Services.
task. You need to keep track of the context of your
• Helps you connect your bot to where your
interaction with each user and be ready to respond
customers are, with connectors to channels
to a multitude of possible interaction parameters.
like Facebook, Slack, Microsoft Teams, Line,
Telegram and more.
The Azure Bot Service enables you to build
intelligent, enterprise-grade bots and experiences • Offers all the benefits of a managed service in
that can extend your brand and keep you in control Azure, including massive scale and built-in CD,
of your data. Begin with a simple Q&A bot or build and you pay only for what you use.
a sophisticated virtual assistant. Use comprehensive
An example of a bot you can build with Azure Bot
open-source SDK and tools to easily connect your
Service is one that provides users with answers to
bot across popular channels and devices. Give your
their most frequently asked questions.
bot the ability to speak, listen and understand your
users with native integration to Cognitive Services.
You can use this with the QnA Maker Cognitive
Service. The interface of the bot can be a chat box
on your website. You could also build your own
branded virtual assistant using the virtual assistant
solution accelerator.
// T
chatbots using Azure Bot Service
2019 Guide to Azure
Azure Machine Training
Learning Studio
Algorithm Match
Data (Deep learning, Model
Clustering...)
Patterns Finds patterns Recognises patterns Application
Figure 4-3
You can add intelligence to your applications with
services from Azure such as Cognitive Services. The machine learning process works as follows:
These are based on machine learning algorithms
that Microsoft created to use as a service. However, • Data contains patterns. You probably know
there are other ways to use machine learning about some of the patterns, like user ordering
in your applications. First, let’s talk about what habits. It’s also likely that there are many
machine learning is. patterns in data with which you’re unfamiliar.
What is machine learning? • The machine learning algorithm is the

intelligent piece of software that can find
Machine learning is often thought to mean the patterns in data. This algorithm can be one you
same thing as AI, but they aren’t actually the create using techniques like deep learning or
same. AI involves machines that can perform tasks supervised learning.
characteristic of human intelligence. AI can also be
• Finding patterns in data using a machine
implemented by using machine learning, in addition
learning algorithm is called ‘training a machine
to other techniques.
learning model’. The training results in a
machine learning model. This contains the
Machine learning itself is a field of computer science
learnings of the machine learning algorithm.
that gives computers the ability to learn without
being explicitly programmed. Machine learning • Applications use the model by feeding it new
can be achieved by using one or multiple algorithm data and working with the results. New data is
technologies, like neural networks, deep learning analysed according to the patterns found in the
and Bayesian networks. data. For example, when you train a machine
learning model to recognise dogs in images,
So what’s involved in machine learning? it should identify a dog in an image that it has
Figure 4-3 shows the basic workflow for using never seen before.
machine learning.
The crucial part of this process is that it is iterative.
The machine learning model is constantly improved
by training it with new data and adjusting the
algorithm or helping it identify correct results
from wrong ones.
2019 Guide to Azure
Using Azure Machine Learning Studio

to create models
You can use Azure Machine Learning Studio to

create your own custom machine learning models
and expose them through web services so that your
applications can use them.
Machine Learning Studio is a service in Azure with

Figure 4-4
which you can visually create machine learning
projects and experiments, couple datasets, create
notebooks and expose models with web services. Figure 4-4 shows an experiment in Machine
The studio itself is a portal that you can use from Learning Studio, with the workflow to be executed
your web browser and that enables you to create to train a model as well as the categories of
algorithms using a drag-and-drop approach. predefined steps that can be used in the workflow.
In the studio, you can start from scratch or with one When you’ve built your experiments and used
of the many experiments that are in the gallery, them on your data to create a machine learning
including one for predicting length of stays in model, you can publish them as web services. When
hospitals and another for anomaly detection in real- your applications use the web services, they can
time data streams. Use these experiments as the send data to your model and receive your model’s
basis for a machine learning model or to learn how predictions.
these cases can be solved.

// T
ry it out: Sign up to use
A machine learning experiment in Machine Learning Azure Machine Learning Studio
Studio consists of multiple steps that manipulate

data and execute machine learning algorithms on Azure Machine Learning service
it. Use predefined steps available in the studio to
compose a machine learning algorithm. You can use Azure Machine Learning service to
create data analytics algorithms with open-source
tools like Python and the Azure CLI. Just like with
2019 Guide to Azure
Machine Learning Studio, you can create whatever Azure services that can help create, train and run
algorithm you want, providing flexibility for a your algorithm. You can, for instance, create your
variety of scenarios, like predictive analytics, data algorithm in Jupyter Notebook, train it using Azure
recommendations and data classification. Databricks, and deploy it on a Kubernetes container
cluster in Azure Kubernetes Service.
With Azure Machine Learning service, you create
custom machine learning algorithms from scratch.
This is different from the Machine Learning // G
et started with Azure
Studio, where you visually create an algorithm by Machine Learning service
connecting predefined pieces of a machine learning by using the Azure portal
algorithm. Azure Machine Learning service fully
supports open-source technologies like Google
TensorFlow, PyTorch and scikit-learn.
Azure Machine Learning service is a complete

service that offers start-to-finish capabilities. You
can create your algorithm, prepare your data, train
the algorithm on it, test and deploy the algorithm
and track and manage it when it’s running.
Azure Machine Learning service works with many
2019 Guide to Azure
Developer AI Toolkit for Azure IoT Edge
tooling for AI
Using machine learning models locally on devices
(the intelligent edge) delivers a powerful advantage:
it enables you to use the local processing power
of the device without relying on an internet
connection or incurring the latency of a web service
Visual Studio Tools for AI call to get your results.
Visual Studio Tools for AI is a free Visual Studio Described earlier in the Cognitive Services section,
extension. Use it to access a range of AI services the Custom Vision service already supports running
and frameworks, including the Microsoft Cognitive on the edge. You can expect more services to run on
Toolkit (CNTK), TensorFlow, Keras and Caffe2. the edge in the future.
Visual Studio Tools for AI allows you to create To run machine learning models on the edge, you
machine learning algorithms similarly to Azure need tooling to help you deploy the models and
Machine Learning Studio. You can use languages web services. The AI Toolkit for Azure IoT Edge
like Python, C, C++ and C# or leverage one of the helps with this tooling by enabling you to package
many samples in the machine learning experiments machine learning models in Azure IoT Edge–
gallery. compatible Docker containers and to expose those
models as REST APIs.
With Visual Studio Tools for AI, you can create
machine learning elements from Visual Studio The AI Toolkit for Azure IoT Edge contains examples
and take advantage of the power of Visual Studio for getting started and is fully open source and
to debug machine learning algorithms and train available on GitHub.
machine learning models. From Visual Studio,
you can create training jobs that can scale out
to many VMs in Azure. You can also monitor
training performance and then generate a web
service to use the machine learning model in your
applications. You can do all this without ever leaving
Visual Studio.
// T
ry it out: Download the Visual
Studio Tools for AI extension
2019 Guide to Azure
AI and
For example, people entering a hospital often have
difficulty getting to where they need to go. With
mixed reality
Azure Spatial Anchors, the hospital can create
a mobile app that shows digital information in
the physical hospital to guide people to various
locations. Within the app on their iOS device,
people can use the directional arrows on the
Your applications are no longer limited to a 2D hospital’s physical information boards to get to their
environment. The world is now your app canvas, destinations.
backed by spatial intelligence from things like IoT
sensors, mixed reality and computer vision. With Another way Azure Spatial Anchors is being used
Azure mixed-reality services, you can bring data to is in a training application for nurses. Pearson
life in 3D when and where your users need it. Education has enabled nursing students and
professors to practice diagnosing and treating
Azure Spatial Anchors patients in 3D before the pressure of a real case.
Students and professors may use HoloLens devices
In the world of mixed reality, you can integrate or mobile phones and tablets running iOS or
digital information within the context of your Android.
physical environment, like a hologram of your
favourite game characters on your kitchen counter. Azure Spatial Anchors enables you to share digital
With Azure Spatial Anchors, you can place digital information and holograms that are positioned in
content in a physical location and share that with the physical world. It works with apps built on Unity,
users using your choice of devices and platforms. ARKit, ARCore and Universal Windows Platform
(UWP) and can be used with a HoloLens device,
iOS-based devices supporting ARKit and Android-
based devices supporting ARCore.
2019 Guide to Azure
With Azure Spatial Anchors, you can easily secure But this loss of detail sacrifices information needed
your spatial data and give users access through to make the right decision in many situations. With
Azure Active Directory. You can also integrate Azure Remote Rendering, 3D models are rendered
storage, AI, analytics and IoT services into your in the cloud and streamed to devices in real time –
spatial application. with no compromise on visual quality.
// G
et started by sharing Azure This enables you to keep the original quality of
Spatial Anchors across sessions the model and interact with the content on edge
and devices devices like headsets and mobile phones with every
detail intact.
Azure Remote Rendering
When you use 3D models in scenarios like

design reviews and medical procedure plans,
you need them to be as detailed as possible.
Every detail matters.
Many businesses use complex 3D models containing

hundreds of millions of polygons, and edge devices
with low or medium graphics-processing power
are not capable of rendering them. Traditionally,
developers have tried to address this problem
using a technique called ‘decimation’. This makes
the model simpler by removing polygons so it can
display on those devices.
2019 Guide to Azure
Using events
One way to solve this problem is to use a queue to
decouple the web application from the web service.
and messages in
The web application receives the order and writes
it in a message on a Service Bus queue. Then the
web application informs the user that the order is
your application being processed. The web service takes messages

from the queue, one by one, and processes them.
When the web service has processed an order, it
sends an email notification to the user that the item
Modern, globally distributed applications often has been ordered.
must deal with large amounts of messages coming
in, so they need to be designed with decoupling By decoupling the systems, the web application
and scaling in mind. Azure provides several services can work at a different speed from the web
to help with event ingestion and analysis as well as service and both can be scaled individually to
messaging patterns. These services are also vital for the application’s needs.
creating intelligent applications that leverage AI.
A Service Bus queue is a simple mechanism.
Azure Service Bus Multiple applications can put messages on the
queue, but a queue message can be processed
The core of messaging in Azure is the Azure by only one application at a time. There are some
Service Bus. Service Bus encompasses a collection clever features to work with messages on the queue,
of services that you use for messaging patterns. like duplicate detection and a dead-letter sub-
The most important services are Azure Service Bus queue to which messages are moved when they
queues and topics. fail to be processed correctly.
// G
et started with Azure Service
Bus queues
Azure Service Bus queues
Azure Service Bus queues decouple systems

from one another. For example, a web application
receives orders from users and needs to invoke a
web service to process the orders. The web service
will take too long to process the orders, perhaps up
to five minutes.
2019 Guide to Azure
Azure Service Bus topics Table 4-3
Azure Service Bus Azure Queue storage

Just like Service Bus queues, Azure Service Bus
queues
topics are a form of application decoupling.
Message lifetime Message lifetime
>7 days <7 days
Here’s the difference between them:
Guaranteed (first in– Queue size

• With a queue, multiple applications write first out) ordered >80 GB
messages to the queue, but only one
Duplicate detection Transaction logs
application at a time can process a message.
Message size ≤1 MB Message size ≤64 KB
• With a topic, multiple applications write
messages to the topic and multiple applications
can process a message at the same time.
Azure Event Hubs
Applications can create a subscription on the
Azure Event Hubs can help enterprises capture
topic that indicates what type of messages they’re
massive amounts of data to analyse it or transform
interested in. Just like queues, topics have features
and move it for later use.
like duplicate detection and a dead-letter sub-
queue to which messages are moved when they fail
Event Hubs is designed for massive data ingestion.
to be processed correctly.
It effortlessly handles millions of messages per
second. It retains messages for up to seven days
Comparing Service Bus queues and Azure Queue
or indefinitely by writing messages to a data store
storage
using the Event Hubs Capture feature.
Service Bus queues and Azure Queue storage

You can use Event Hubs to filter data with queries as
basically do the same thing, but there are
it comes in and output it to a data store like Azure
differences, as shown in Table 4-3.
Cosmos DB. You can even replay messages.
// T
ry it out: Get started sending
messages to Azure Event Hubs
2019 Guide to Azure
Azure IoT Hub Azure Event Grid
Just like Event Hubs, Azure IoT Hub is built for Azure Event Grid offers a different type of
massive data ingestion. It’s specifically geared messaging – a fully managed publish and subscribe
toward handling the enormous volume of data service that hooks into almost every service in Azure
messages from devices on the Internet of Things, as well as into custom publishers and subscribers.
like smart thermostats and sensors in cars.
This is different from working with the Service Bus
It has many of the same properties as Event Hubs, queues and topics, for which you’d need to poll
like the ability to retain messages for up to seven the queue or topic for new messages. Event Grid
days and replay them. automatically pushes messages to subscribers,
making it a real-time, reactive event service.
What makes IoT Hub unique is that it can send
messages to devices. It has the ability to manage Services in and outside of Azure publish events
your complete IoT infrastructure – you can use it when a new blob is added, for example, or when
to register devices, report their state, manage them a new user is added to an Azure subscription.
by securing and restarting them and send data Azure Event Grid detects these events and makes
to them. them available to event handlers and services that
subscribe to the events, as shown in Figure 4-5.
// T
ry it out: Connect your device
to your IoT hub Event handlers can be Azure Functions or Azure
Logics Apps, which can then act on the data in the
event.
Event Publishers Topics Event Subscriptions Event Handlers
Blob Storage
Azure Functions
Resource Groups
Logic App
Azure Subscriptions
Azure Automation
Event Hubs
WebHooks
Custom Topics
Figure 4-5
2019 Guide to Azure
Another important aspect of Event Grid is that it is Azure SignalR Service

serverless. This means that, like Azure Logic Apps
and Azure Functions, Event Grid scales automatically You can use Azure SignalR Service to add real-time
and doesn’t need an instance of it to be deployed. web functionality to your applications. The service
You just configure it and use it, and you pay only is based on ASP.NET Core SignalR and is offered
when it’s used. as a standalone, fully managed service in Azure.
You can use Azure Event Grid if you want an email SignalR can update connected applications in
notification every time a user is added to or deleted real time over HTTP, without the need for the
from your mailing list in Mailchimp. Azure Event applications to poll for updates or submit new HTTP
Grid is used to activate an app in Azure Logic requests. This enables you to create seamless web
Apps and configured to listen to changes to the experiences that update information on the fly.
Mailchimp mailing list. Azure Event Grid then signals For example, an auction application might
Logic Apps to send an email containing the name use SignalR to refresh the latest bid as soon as
of a user who has been added or deleted and the it happens, without completely refreshing the
action that was performed. page or constantly polling for information.
// T
ry it out: Monitor virtual Hosting a SignalR server yourself is not a trivial
machine changes with Azure task and it can be difficult to scale and secure
Event Grid and Logic Apps properly. When you use the fully managed
Azure SignalR Service, set-up is easy and security,
availability, performance and scalability are all
managed for you.
// T
ry it out: Create a chat room
with SignalR
2019 Guide to Azure
What to use, and when? Further reading
Azure provides myriad options to perform You can learn more about using Azure AI services
messaging and to decouple applications. Which one in your application in this free eBook:
should you use, and when? Table 4-4 summarises
the differences to help you choose.
// A
Developer’s Guide
to Building AI Apps
Table 4-4
Service*
SignalR
Event Grid*
Event Hubs*
IoT Hub*
Topics*
queues*
Service Bus
storage*
Azure Queue
Event ingestion ● ● ●
Device management ●
Messaging ● ● ● ● ● ● ●
Multiple consumers ● ● ● ● ●
Multiple senders ● ● ● ● ● ● ●
Use for decoupling ● ● ● ● ●
Use for publish/subscribe ● ●
Max. message size 64 KB 64 KB 256 KB 256 KB 1 MB 1 MB 64 KB
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 72
2018 adipiscing
05 /




Connect
your
business
with IoT
2019 Guide to Azure
How can Azure connect,

secure, manage, monitor
and control your devices
in the cloud?
One of the most exciting things that you get to
do as a developer is impact the real world. You
can do that with devices like robots, sensors and
microcontrollers. When you create applications with
these devices, you can do things like predict when
a machine needs maintenance before it actually
requires repairs or even create a self-driving car.
Working with devices to impact the real world

can be difficult if you develop all the software
yourself. Fortunately, Azure provides solutions
that can help make this a lot easier. You can, for
instance, use Azure IoT Hub to securely ingest
messages from sensors and perform device
management, like sending messages to devices
and resetting them. When you’re building anything
with a microcontroller (single-chip computers)
in it, consider using Azure Sphere, which is a
combination of hardware, OS and cloud services
with security built into the silicon.
Let’s go through the services in Azure that can help

you build amazing IoT applications.
2019 Guide to Azure
Azure IoT Hub

IoT Hub is powerful because it allows you to
manage devices in various ways, like sending them a
message to reboot themselves or running a start-up
script. This makes IoT Hub the central service that
enables a robust IoT application in Azure. To help
At the core of Azure IoT is Azure IoT Hub, an open
provision devices at scale, Azure provides the IoT
and flexible cloud PaaS that connects, monitors and
Hub Device Provisioning Service.
manages devices in a secure and scalable manner.
We discussed Azure IoT Hub in an earlier chapter,
This service enables zero-touch, just-in-time
but there’s more to learn about it in the context
provisioning to the appropriate IoT hub without
of IoT.
intervention, allowing you to provision devices
in a secure and scalable manner. The service can
You already know that you can use IoT Hub to ingest
help you with many device provisioning scenarios,
massive amounts of messages that typically come
including connecting devices to an IoT hub and
from IoT devices, like messages that contain data
running their initial set-up scripts, load balancing
from temperature sensors. What’s more, IoT Hub is
devices across multiple hubs and reprovisioning
unique because it not only receives messages, but
based on a change in the device.
also sends commands back to devices. It establishes
two-way communication with devices and even lets
IoT Hub can also connect devices that can run
you execute code on devices.
workloads developed in the cloud, including those
that run the Azure IoT Edge runtime and modules.
Once a device is connected to IoT Hub, the hub has
a record of its identity. This enables IoT Hub to send
messages and monitor the device; it also allows IoT
Hub to secure the device and the communications
between them. Devices are required to authenticate
to IoT Hub using several industry best-practice
security protocols, like X.509 certificates and SAS
token-based authentication. You can manage
the security of each connected device and revoke
privileges if you no longer want a particular device
to be connected.
When devices send messages to Azure IoT Hub,

you can either store the messages or route them to
another service for analysis or action. It’s possible,
2019 Guide to Azure
for instance, to route incoming messages using IoT to interact with IoT Hub. Importantly, the company
Hub message routing that offers simplicity, reliability now has control over the security of its devices and
and scalability without the complexity of building can detect their status and reset them as needed.
custom routing solutions. In addition, the company routes the data from its
GPS dongles through Azure Stream Analytics, so
Another option for integrating IoT events into Azure only the data of GPS changes is kept. This reduces
services or business applications is to use Azure the data burden because the dongles send their
Event Grid, a fully managed event routing solution location every second.
that uses a publish-subscribe model. IoT Hub and
Event Grid work together to integrate IoT Hub Using Azure IoT Hub enabled this company to scale
events into Azure and non-Azure services in near- and mature its business by providing first-class
real time. security and device management. It also opened
new opportunities to do more with devices than the
You can also create bi-directional communication company ever thought possible.
tunnels using device streams. Azure IoT Hub device
streams facilitate the creation of secure bidirectional
TCP tunnels for a variety of cloud-to-device Azure IoT Central
communication scenarios.
Azure IoT Central is a hosted IoT solutions platform
Example: Azure IoT Hub that enables you to create rich IoT applications just
by navigating through wizards.
A company that provides insights into the

movement and usage of trucks is scaling out its There’s no need to perform any coding or in-depth
business. Previously, the company tracked its assets configuration – IoT Central does all that for you,
by using custom code on a native phone app, which provisioning and configuring everything you need,
called a custom web service and by polling GPS including Azure IoT Hub.
dongles attached to the trucks. This solution was

challenging to maintain because it was difficult You get the same capabilities as if you had created
to provision new assets with new devices, and the the solution from scratch, but without the need for
company needed to enrol a new customer that had years of programming experience. If you do want
more than 2,000 assets. more control over certain areas, you can always go
deeper and tweak the solution to your needs.
Now the company uses Azure IoT Hub for device

management and communication. It can use the
IoT Hub Device Provisioning Service to onboard
the 2,000 new devices and hook them up to a
specific IoT hub for that customer. The phone app
now uses Node.js and the Azure IoT Device SDK
2019 Guide to Azure
Azure IoT
solution
accelerators
Azure IoT solution accelerators are a great place to
start building your IoT solution. Figure 5-1
These comprehensive, customisable templates

for common IoT scenarios do everything from Connect and monitor your devices with remote
monitoring and securing devices to providing a user monitoring. Get better visibility into your devices,
interface. They also help connect existing and new assets and sensors, wherever they’re located.
devices. Figure 5-1 shows an example of a solution Collect and analyse real-time device data using
template. a preconfigured remote monitoring solution
accelerator that triggers automatic alerts and
actions on everything from remote diagnostics
to maintenance requests.
There are many more IoT solution accelerators,

like those that improve industrial efficiencies with
a connected factory, increase equipment reliability
with predictive maintenance and develop and test
an IoT solution with device simulation.
2019 Guide to Azure
Azure IoT Edge

These three components work together on devices
and in the cloud to run your workloads at the
intelligent edge.
It’s possible run many Azure services at the edge to

In modern IoT applications, data processing can
help with certain scenarios – and the list of available
occur in the cloud or on the device side. Device-side
services keeps growing. Table 5-1 lists just some of
processing is referred to as ‘edge computing’.
them.
You would use edge computing when you don’t

Table 5-1
want to or can’t rely on your connection to the
cloud, when you want to improve your application
Use this on Azure
performance by eliminating roundtrips to the cloud, If you want to
IoT Edge
or when you can’t communicate with the cloud
Build and deploy AI
from the device because of security, privacy or models
Machine learning
regulatory reasons.
Customise computer
vision models for your Custom Vision Service
For scenarios such as these, use Azure IoT Edge. use case
Azure IoT Edge is managed from IoT Hub, enabling
you to move parts of your workload to the edge. Process real-time
Stream Analytics
streaming data
This reduces time spent by devices sending
messages to the cloud and allows offline scenarios Process events using
Functions
serverless code
as well as faster reactions to status changes.
Deploy a SQL Server
SQL Server databases
Azure IoT Edge is composed of the following database to the edge
components:
Comply with Industry
OPC Unified
4.0 interoperability
Architecture
• IoT Edge modules are containers that run standards
Azure services, third-party services or your
own code. They’re deployed to IoT Edge devices Build custom logic Custom module
and execute locally on those devices.
• The IoT Edge runtime runs on each IoT Edge Once you start using Azure IoT Edge, you’ll be able
device and manages the modules deployed to to create fast applications that run machine learning
each device. algorithms locally and provide instant feedback on

their findings.
• IoT Hub exposes specific interfaces to remotely
monitor and manage IoT Edge devices available
through the Azure portal, the Azure CLI or
the SDKs.
2019 Guide to Azure
Azure they’re moving, you get a much better picture of

what the temperature data means. You can model
Digital Twins
the physical environment in which your IoT devices
reside with Azure Digital Twins. This service enables
you to create a graph of data that includes places,
people and things – for instance, an office building
that contains a room with people and sensors.
In the world of IoT, you might work with many IoT
devices and sensors that function in connection to With Azure Digital Twins, you can provide context to
people and objects. To really understand the data data from various sources and relate them to each
that IoT devices capture, you need to understand other – for instance, the temperature and humidity
the physical environment in which the devices data from sensors in the same room. This allows you
operate. to query data in the context of a space rather than
from individual sensors.
For instance, if you have a temperature sensor, the
temperature data by itself doesn’t tell you that Azure Digital Twins also lets you to manage
much. However, when you know which room the permissions to data and devices in the context of
sensor is in, how large the room is, which other the physical world. You can use Azure AD to specify
devices are in the room and what data they capture that certain users are able to access data only from
and how many people are in the room and how a certain physical location.
// G
et started by finding
available rooms using
Azure Digital Twins.
2019 Guide to Azure
Azure Sphere
However, it’s complex and challenging to secure
devices with embedded microcontrollers, as
evidenced by the many security incidents with
connected devices over the last years.
More and more devices contain microcontrollers

Azure Sphere provides a solution for securing
(single-chip computers) to make them smarter.
microcontroller-based devices. The Azure Sphere
This enables scenarios such as a washing machine
platform consists of a secure microcontroller
sending a routine maintenance notification to
chip, OS and set of cloud services that connect to
the owner.
the microcontroller and update it as it runs. This
combination provides the basis for a connected,
secure world.
You can use the Visual Studio development tools to

develop applications that run on Azure Sphere. This
opens up the world of microcontroller development
to a much larger group of developers.
// Read more about Azure Sphere

2019 Guide to Azure
Learn more
Azure IoT solutions are easy to use and there are
many related resources, including:
about Azure IoT • Azure IoT School: This free online academy
provides comprehensive training for Azure IoT,
with a variety of courses ranging from beginner
to advanced.
• Building IoT Solutions with Azure:

This guided online learning experience takes
you through all the major Azure IoT concepts
at your own pace.
• Azure IoT application page: This resource

provides an overview of Azure IoT and
examples of how it can be used.
• Azure IoT solution accelerators: Use these

templates to get started with Azure IoT.
• Azure IoT Hub: This resource provides an

overview of Azure IoT Hub and examples of
how it can be used.
• Azure IoT Edge: This resource provides an

overview of Azure IoT Edge and an example of
how it can be used.
• Azure IoT technical videos: Learn more about

IoT on Channel 9.
2019 Guide to Azure
What to use, Further reading
and when?
Learn more about using Azure for your IoT solution
in the following free eBooks:
// Developer’s Guide to IoT
Now that you’ve read about the available Azure IoT

services, how do you know which service to use for // Designed to Disrupt
your scenario? Table 5-2 shows when you should
use each IoT option in Azure.
Table 5-2
Azure IoT
Azure IoT Azure IoT
Azure IoT Hub Solution
Central Edge
accelerators
Create an IoT solution with a lot of

control and by doing custom coding ●
Create an IoT solution without worrying about code

and management of Azure services ●
Create an IoT solution for a common scenario with

minimal configuration and coding ●
Run AI workloads locally on IoT devices ●* ●
All services have a free tier you can use to get started.
*Azure IoT Hub is required to manage Azure IoT Edge deployments and devices.
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 82
2018 adipiscing
06 /




Where
and how
to deploy
your Azure
services
2019 Guide to Azure
How can Azure

deploy your
services?
Azure has an option for every type of organisation,
including those who need Azure to be in their
own datacentre. You can deploy your applications
either in the public Azure cloud or on-premises in
Azure Stack choose how portable your applications
should be.
It’s also possible to develop apps in containers

to deploy them in containers to deploy them
on-premises or in another cloud, or by using
Azure Resource Manager templates to script
your complete infrastructure as code.
Let’s explore these options in more detail.

2019 Guide to Azure
Infrastructure
It’s easy to create Azure Resource Manager
templates in Visual Studio and Visual Studio Code
as Code
using Azure Resource Group project templates.
You can also generate Azure Resource Manager
templates from the Azure portal by clicking the
Automation Script button, which is available on
the menu bar of every resource in the Azure portal.
Infrastructure as Code (IaC) captures environment This creates the Azure Resource Manager template
definitions as declarative code, such as JSON for the given resource and even generates code
documents, for automated provisioning and for building the resource using the Azure CLI,
configuration. All Azure services introduced in this PowerShell, .NET and others.
guide are based on Azure Resource Manager, which
you can use to document your environment as IaC After you have an Azure Resource Manager
thanks to Azure Resource Manager templates. template, you can deploy it to Azure by using
These templates are JSON files that describe what PowerShell, the Azure CLI or Visual Studio. Or
you want to deploy and what the parameters are. you can automate its deployment in a continuous
deployment (CD) pipeline using Azure DevOps.
A great example of deploying resources to the

cloud using Azure Resource Manager is the
Deploy to Azure button found in many GitHub
repositories,
In addition to using Resource Manager for IaC,

you can bring your existing skills and tools such
as Ansible, Chef and Terraform to provision and
manage Azure infrastructure directly.
2019 Guide to Azure
Azure Blueprints
It’s easy to use Azure Resource Manager templates,
resource groups, user identities and access rights
and policies to design and create a complete
infrastructure. But how do you keep all of these
things together? And how do you keep track of
which environments each piece of infrastructure has
been deployed to and which version of the artefact
is deployed now?
Organise all your infrastructure artefacts with

Azure Blueprints. Azure Blueprints provides a
mechanism that allows you to create and update
artefacts, assign them to environments and define
versions. You can store and manage these artefacts
as well as manage their versions and relate them to
environments.
This will help you organise your infrastructure

and create a context for Azure Resource Manager
templates, user identities, resource groups and
policies.
// G
et started by defining and
assigning an Azure Blueprint
in the Azure portal.
2019 Guide to Azure
Containers in Azure
‘Containerisation’ is one of those technology exact same container configuration, so you know
buzzwords flying around in the news. But containers that the infrastructure is the same for everybody
are more than just buzz – they’re actually very as it is in production. With containers, the age-
useful for running your applications. A container old developer’s fallback statement – ‘works on
is basically a lightweight VM that starts and stops my machine’ – now means that it will also work
much faster than a traditional VM and is therefore in production.
more useful for development, testing and running
applications in production. There are many technologies for running
containers, including Docker. Azure can run and
The major benefit of containers is that an individual manage containers with Azure Container Instances
container is always the same. You run a container and Azure Kubernetes Service. You can also run
locally when you develop your app, and then use containers in Web App for Containers and in
the same container configuration in the cloud Azure Batch. Table 6-1 shows which service you
and everywhere else. Your entire team uses the might choose for various scenarios when using
containers.
Table 6-1
Azure Kubernetes Azure Container Web App for Containers on

Service Instances Containers Azure Batch
For production deployments of complex

systems (with a container orchestrator) ●
For running simple configurations

(possibly without orchestrator) ● ●
For long-running workloads on
containers ● ●
For short-running workloads on
containers ● ●
For orchestrating a system based on
containers ●
Orchestrating with open-source

orchestrators Kubernetes ●
Orchestrating with built-in orchestrator
Using App Service features like

deployment slots ●
2019 Guide to Azure
Azure Stack
You can run things like Azure App Service and
Virtual Machines on Azure Stack. Everything is
exactly the same as in the public cloud, except
that you’re running it on-premises. If you decide
to move to the public cloud, you can simply push
If you need your applications and data to remain
services from Azure Stack to Azure.
on-premises, but still want to benefit from the
power that Azure has to offer, Azure Stack is the
Example: Azure Stack
product for you. Unique in the industry, Azure Stack
is an extension of Azure that you host in your own
To help with cruise tasks, a company that offers
environment. Essentially, it’s Azure in a box.
luxury cruise ship holidays has built various
software, including a cabin management
You use Azure Stack in the same way you use Azure,
application and a passenger management
with the same Azure portal experience and the
application. The entire cruise ship relies on these
same APIs which you can use with the Azure CLI,
applications. In the past, the applications were
PowerShell or your favourite IDE.
running on servers carried aboard the cruise ships.
The company was forced to do it this way because
the cruise ships didn't have a connection to the
internet for the whole journey.
The company found that running its applications

on-premises was cumbersome, as it had to
maintain VMs and operating systems and deal with
significant availability problems.
The company now runs its applications on Azure

Stack, which runs aboard the cruise ships. Azure
Stack provides the same services as Azure, so
application deployment and management
became much easier. The company also uses
Azure App Service to run its applications, which
allows it to focus on the applications rather than
on maintaining VMs and operating systems. Even
better, users enjoy the higher availability that’s part
of Azure, and therefore, part of Azure Stack.
2019 Guide to Azure
Where to deploy,
and when?
If you want to deploy IaaS-based services If you want to deploy PaaS-based services (where
(in which you control the OS), consider these you have less control, but the platform does the
options: heavy lifting), consider these options:
• On-premises or anywhere else (like your local • On-premises or anywhere else (like your local
PC or another cloud), you can use: PC or another cloud), you can use:
• Azure Stack (where you deploy services • Azure Stack (as you can deploy PaaS
like VMs) services like App Service in Azure Stack)
• Any of the Azure container services (as • In the public Azure cloud, you can use:
containers can run anywhere)
• Any Azure PaaS service that
• In the public Azure cloud, you can use: you script as a Resource
Manager template
• Containers (as containers also run in any of
the Azure container services)
Further reading
Learn more about deploying your applications to

Azure and reducing costs in these free eBooks:
// Cloud Migration Essentials
// M
aking the Most of the
Cloud Everywhere
// Effective DevOps

February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 89
2018 adipiscing
07 /




Share your
code, track
work and
ship software
2019 Guide to Azure
How can
• Azure Pipelines
Use Azure Pipelines to create build and
Azure help you
release pipelines that automate builds and
deployments.
plan smarter, • Azure Test Plans

Use Azure Test Plans to improve your overall
collaborate better
code quality with manual and exploratory
testing services for your apps.
and ship your • Azure Artifacts

Use Azure Artifacts to share code packages
apps faster?
(like npm, NuGet and Maven packages) across
your organisation.
Let’s explore the Azure DevOps

services in more detail.
You’ve spent weekends or nights deploying new
versions of your applications. If so, you’ve probably
also spent a lot of time trying to fix the bugs that
keep users away from that new version. There’s a
better way.
Azure DevOps is a set of solutions that can help

automate your builds and deployments and
automatically test your code and apps before
launch.
To help you build, deploy, test and track your code

and applications, Azure DevOps includes:
• Azure Boards
Use Azure Boards to plan, track and discuss
work across teams.
• Azure Repos
Use Azure Repos to collaborate on code
development with free Git public and private
repositories, pull requests and code review.
2019 Guide to Azure
Azure Boards
The whole planning system is optimised for working
in an agile way. It even includes Kanban boards for
managing your work (Figure 7-1).
Everything can be customised to work best for your

Planning your work and tracking your progress are
teams, whether using scrum, another agile method
important tasks – and Azure Boards can help you
or the Capability Maturity Model Integration
complete them.
(CMMI) process. You can create and manage tasks,
features, user stories, bugs, requirements, issues,
change requests and more.
Try customising your boards and creating charts

(like burndown charts or task lists) that show the
information you need. You can query work items
and progress, and then use these to customise your
boards, charts and lists. From there, share them
Figure 7-1 or pin them on your Azure DevOps dashboard for
everyone to see.
In Azure Boards, you can create a complete backlog

of work items (like user stories) and plan them in // T
ry it out: Start using Azure
sprints so your team can work iteratively to finish Boards to track issues, tasks,
and epics
the tasks.
2019 Guide to Azure
Azure Repos Azure Repos uses standard Git. This means that you
can use it with any Git tool and IDE, including Visual
Studio and Visual Studio Code as well as Git for
Windows, Mac, Eclipse and IntelliJ.
Version control is essential for working together

When you follow the Git workflow, you usually
and ensuring that your most important asset –
begin by creating your own branch of the code to,
your code – is safely stored. Azure Repos is a set
for instance, add a feature. Once you finish this, you
of version control tools for storing your code and
commit your code to create a pull request for that
sharing it with your team. This is useful both for
branch and submit it to the server. Users can see,
teams and individual developers. Version control
review, test and discuss this pull request. Once it’s
keeps a history of your development so you can
good enough to be pulled into the main branch, the
review or even roll back to any version of your code.
request is accepted, and your development branch
can be deleted.
Choose from the following two systems of version
control when using Azure Repos:
With Azure Repos, you have a rich toolset to
support the Git workflow. You can link work items
Git
like user stories or bugs to pull requests so you
know what each change is about. You can have
This is a widely used version control system among
discussions about committed code and even
developers and is also the basis for GitHub. Git
comment on changes within the code. Azure Repos
is a distributed version control system, meaning
also enables voting on changes in the code, so a
the complete source code (all versions of all files)
change only gets accepted once everyone on the
is on your machine – which makes it easy to work
team agrees to it.
offline. With Git, the source of truth is essentially
on everyone’s machine and is synchronised when
Azure Repos offers free and unlimited private
developers push their code to the Git server (in this
Git repositories.
case, Azure Repos).
// G
et started by learning
how to code with Git
2019 Guide to Azure
Team Foundation Version Control With TFVC on Azure Repos, everyone can download
the versions of code branches you create on the
Team Foundation Version Control (TFVC) is a server. Azure Repos also provides a rich toolset that
centralised version control system that ensures allows you to attach work items to code changes.
one source of truth is always kept on the server. It’s also possible to request and perform code
Developers usually have only one version of each reviews, so your team can discuss changes and
file on their machine, which makes it more difficult recommend updates before they’re merged into
to work offline. the main branch.
With TFVC, you can choose to work with the // T

ry it out: Start developing
following workspaces: and sharing your code in TFVC
using Visual Studio
Server workspaces: Developers publicly check

out files from the server so that only they can
make changes to that file. Once they are done,
they can check the changes back in and other
developers can check out the file to make changes.
This eliminates the need to merge changes
and removes the possibility of code conflicts.
Local workspaces: Using these, developers

each have the latest version of the files on
their machine and can change each of them.
Once they are done making changes, they
check in the changes to the server and resolve
conflicts as necessary.
2019 Guide to Azure
Azure Pipelines
integration tools like Jenkins or Spinnaker, you can
easily bring your existing builds and pipelines to
Azure and take advantage of dynamic agent plug-
ins to reduce infrastructure requirements and costs.
Once your code is in a repository like Azure Repos,

you can start to automate your build and release
processes with Azure Pipelines.
Azure Pipelines provides a lot of value in a small

amount of time. It enables continuous integration
(CI) for compiling and testing code when changes
come in, as well as continuous deployment (CD)
for deploying apps after changes are compiled Figure 7-2: Azure Pipelines: build pipeline
and tested successfully. We encourage every

organisation to explore CI and CD, as these There are two ways of working with Azure Pipelines.
processes improve code quality and reduce You can create pipelines using the visual designer in
deployment efforts. the Azure DevOps portal, or you can use the more
advanced YAML-based approach. In this approach,
Azure Pipelines can help with CI and CD by offering you create a YAML code file, which contains all the
build and deployment pipelines. Each contains steps of the pipeline, and commit that to source
steps to compile and test your code and deploy it control.
to one or more environments. The beauty of Azure
Pipelines is that it works with any type of code, no The easiest way to get started is to use the visual
matter where you store it – from C# on Azure Repos designer. Let’s take a look at an example of a build
to Java on BitBucket and anything else. and release pipeline:
Azure Pipelines works very well with Azure services Build pipeline: The build pipeline (or CI pipeline) in
to deploy your application in an Azure web app, Figure 7-2 shows a list of tasks that will be executed
for instance. It also works with any service that when this pipeline runs. The pipeline is configured
runs in any other environment, such as Google to run as soon as new changes are committed to
Cloud, Amazon or even on-premises in your own Azure Repos. It will take the code in Azure Repos
datacentre. If you’re already using continuous (which is a Node.js app), build a Docker container
2019 Guide to Azure
image from it and push that to Azure Container

Registry. From there, Helm can use it to compile
the image into a package that can be deployed
on Azure Kubernetes Service.
Note that you can configure which hosts run your

pipelines for you. On the right side of the image,
Figure 7-3
you can see that this particular pipeline will run on
a hosted pool of Ubuntu machines. There are also
Linux and Windows hosts available, and even a as the production environment). This means you
hosted MacOS that you can use to build your iOS can automate everything and leave the decision
apps. This is just one example of a build pipeline. to release into production up to a manager based
It’s possible to create one for every imaginable on test results for previous steps in the pipeline.
application. You can also integrate tests, including
unit tests and static code tests, into the build Make your pipelines as simple or complex as you
pipeline. want. Ideally, you want to automate as much as
you can, from the creation and destruction of your
Release pipeline: The release pipeline (or CD infrastructure to the deployment and testing of
pipeline) executes as soon as the build pipeline your application. Pipeline tasks are available for
runs successfully, though you can also configure it almost everything, and you can access more tasks
to be triggered manually. The release pipeline in as extensions to Azure DevOps in the Visual Studio
Figure 7-3 contains nine tasks that first create an marketplace.
Azure Kubernetes Service cluster and then deploy
the Helm package that was produced in the build // G
et started with Azure Pipelines
pipeline to the cluster. by creating your first pipeline
Figure 7-3 shows the steps in the development

stage. Stages are like environments. You can
configure a stage for your development, test and
production environments and so on. You can also
configure things like pre-deployment approvals,
which require someone to approve the release of
an application into a specific environment (such
2019 Guide to Azure
Azure Test Plans

To improve the quality of your applications, use
Azure Test Plans to define test plans and then
create and execute manual and exploratory tests. Figure 7-4
Azure Test Plans provide the tooling to author tests,

execute them, record feedback and track the test
From the context of the test, the tester can also
results.
create a bug that needs to be solved.
In Azure Test Plans, start by creating a test plan.

To ensure stakeholders’ expectations are in line
This contains multiple test suites and test cases.
with your plan, Azure Test Plans also enable you to
A test case can be an exploratory test, in which the
request feedback for work items like user stories.
application is explored to see if it works as expected;
This enables stakeholders to take a look at what you
a guided manual test, in which test steps and
propose and provide feedback in the form of text,
expected outcomes are described in detail; or an
attachments, video or voice.
automated test. You can even record test steps by
recording clicks in an application and letting Azure
Perhaps most importantly, Azure Test Plans provide
Test Plans automate those clicks into a test. You can
dashboards and charts on the progress and status
also incorporate stress and load tests into your build
of the tests in your project. You can use these to
and release pipelines. Test cases are work items,
see what the quality of your application is and how
just like user stories and tasks, and can therefore be
it progresses over time. This can help you identify
scheduled within an iteration.
features that aren’t ready to be deployed.
Once you’ve created a test (Figure 7-4), a tester

// G
et started with Azure Test
can run it. In a manual test, for example, the tester
Plans by creating manual
uses the test tool to run through the test steps and test cases
record findings, including the screen, the tester’s
voice, screenshots and attachments. The tester
passes or fails each step of the test.
2019 Guide to Azure
Azure Artifacts
Follow these simple steps to use Azure Artifacts:
1. Create an Azure Artifacts feed.
2. Publish your package to the feed.

Because packages offer functionality that you don’t
3. Consume the feed in your favourite IDE, such as
have to build yourself, you probably use a lot of
Visual Studio.
them in your applications. And you likely access
them from just as many sources: NuGet, npm,
Maven and more. But what if your team creates // T
ry it now: Get started
packages that you want to only use internally? with Python packages
in Azure Artifacts
Where do you host them securely and how do you
share them? Azure Artifacts provides this capability.
Azure Artifacts is a package feed that allows you to
Further reading
host packages that you create and secure them for
your organisation.
If you want to improve the quality of your
software and learn more about automating your
You can host all sorts of packages on Azure
build and release processes, download and read
Artifacts, including NuGet, npm, Maven, Python
these free eBooks:
and Universal Packages. You can even use the Azure
Artifacts feed to store packages from public sources,
// Effective DevOps
like nuget.org and npmjs.com. When you store
packages from public sources on your feed, you’ll
// Continuous Delivery in Java
be able to keep using them even if they’re no longer
available on the public feed. This is especially useful
for mission-critical packages.
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 98
2018 adipiscing
08 /




Azure
in action
2019 Guide to Azure
Walk-through #1:
The Application Insights service tiles show
information like active alerts, live data coming in,
The Azure portal

active users in the past 24 hours and availability.
You can customise a tile’s size and information
as well as the appearance of charts by adjusting
experience timelines and displaying data in different formats,

such as lines or bars. You can also pin tiles directly to
your dashboards so that they’re the first thing you
see when you enter the portal (Figure 8-2). You can,
One of the most important Azure tools is the central for instance, pin tiles from the service metrics you
hub – the Azure portal. Most things you can do use to create a monitoring dashboard to share with
in the Azure portal can also be done through the your team or display on a physical monitor.
Azure API, the Azure CLI and Azure PowerShell.
The Azure portal is a dashboard with tiles. It’s easy

to create and customise dashboards, and then share
them with team members.
Figure 8-2
Tiles in the Azure portal
Tiles, shown in Figure 8-1, display information for Adding services

a service or act as a shortcut to a service. They
appear throughout the portal in the pages of all You can find and add services in the Azure portal in
the services. They’re a useful way to get a quick several ways.
overview of how a service is doing.
To create new services, select the plus sign in the
upper-left corner of the portal window. This opens
the search box for the marketplace, where you’ll
find everything from web apps to Linux servers,
Figure 8-1 as shown in Figure 8-3.
2019 Guide to Azure
Figure 8-3 Figure 8-5
When you find the service you want from the search down. You can also select which ones you want to
results, as shown in Figure 8-4, a wizard takes you see by expanding the favourites menu and selecting
through configuring and deploying it. the star symbol next to those categories.
Understanding blades
Pages in Azure are also called blades and you can

pin them to your dashboards. When you open a
web app, you first see the Overview blade, as shown
in Figure 8-6.
This blade provides tools to stop, start and restart

Figure 8-4
the web app and display tiles showing its metrics,
such as number of requests and errors. When you
You can use the search box at the top of the portal choose another menu item, a new blade opens.
to search through all your resources and go directly Blades always open in context. For example, if you
to them (Figure 8-5). The favourites menu is in the open the Deployment Slots blade and select Create
pane on the left side of the portal. New Deployment Slot, a new blade appears to the
right of the Deployment Slots blade, preserving the
This menu displays the resource categories, such as context you’re in.
Azure App Service, represented by their icons. You
can rearrange the icons by dragging them up and
2019 Guide to Azure
as see what the resources in the group cost. It’s

common practice to bundle related services in a
resource group so that they’re easier to secure.
1. In the Azure portal, in the upper-left corner,

select Create A New Service.
2. In the search box, type Windows Server virtual

machine.
Figure 8-6
3. Click Windows Server 2016 Datacentre.
4. Click Create. The Create Virtual Machine Wizard

Creating a new VM
opens.
Let’s use the Azure portal to create a new VM. Once 5. Choose a name for the VM.
we’ve done so, we’ll shut it down and remove it so
that you don’t continue to pay for it. 6. Choose the disk type. SSD provides a faster VM
but is more expensive. For this walk-through,
A word about resource groups choose SSD.
7. Type a username.
The VM will be deployed in a resource group, a
logical container that holds resources. All Azure 8. Select Password for the authentication type.
resources reside inside resource groups. You can
9. Type a password and confirm.
manage the security of a resource group as well
10. In the Resource Group box, type a new name.
2019 Guide to Azure
11. Choose the location of the VM, and then 14. Review the summary, agree to the terms and
click OK. then click Create.
12. Choose the VM size. There are many sizing It usually takes just a few minutes for the VM to
options for VMs. VM performance determines be deployed. When you navigate to the VM in the
the cost. Use the wizard to select how many Azure portal, you can configure it further and log in
cores and how much memory you want, and using Remote Desktop Protocol (RDP).
choose options based on that. In addition, there
are other features that come with size options,
such as:
• Type of hard drive (SSD or normal HDD).
• The amount of max input/output Figure 8-7

operations per second (IOPS). This
determines the performance of the VM To log in to the VM using RDP, click Connect in
in a significant way, especially if your the VM’s Overview blade in the Azure portal
applications read and write extensively (Figure 8-7). This triggers a download of the
from and to the hard drive. RDP file you can use to connect to the VM.
• The amount of data drives that can be

Cleaning up the walk-through resources
installed in the VM.
• The ability to perform load balancing. When you’re finished with the VM, shut it down
and remove it by deleting the resource group
• The graphics card installed in the VM.
that we created when we generated the VM. This
This is useful if you need to execute
contains the VM and all other resources that are
substantial graphics rendering or a heavy
automatically created. Once the resource group is
computational workload.
deleted, you no longer pay for any of the resources
13. After you select the size, you can configure that you’ve used in this walk-through.
additional settings like the virtual network,
IP address and extensions on the machine.
For now, leave everything as is and select OK.
2019 Guide to Azure
Walk-through #2: Creating a web app and database using

the Azure portal
Developing a web To host the .NET Core application, we’ll create a new
web app in the Azure portal.
app and database 1. In the Azure portal, select Create A New
on Azure Service.
2. Search for Web App. The Web App blade

opens. Select Create. The Web App Create
blade opens.
In this walk-through, we’ll deploy a simple .NET
Core application that connects with SQL database. 3. Type a name for the web app.
Then, we’ll host it in Web Apps.
4. Create a new resource group by giving it a
name.
To follow along, you’ll need Git v2 or higher, .NET
Core and Visual Studio Code installed on your 5. Leave the OS selection as Windows.
device. We’ll also use a sample ASP.NET Core MVC
6. Select or create an App Service Plan, and then
application to manage a to-do list.
select Create.
Services like Web Apps run on Azure App Service

Plans. App Service Plans are an abstraction of
resources and features, like CPU and memory,
and are represented in pricing tiers.
App Service Plans are also bound to a specific

geographic region that you choose. You can, for
instance, run your Web Apps application in an App
Service Plan of pricing tier S1, which has 1 core and
1.75 GB RAM, as shown in Figure 8-8.
Pricing Tier: S1 Region: Central US
Figure 8-8
2019 Guide to Azure
You can run as many App Services on an App 7. Select a pricing tier. For development and test
Service Plan as you want, but note that you need to purposes, the Basic tier is sufficient.
share resources among all the App Services.
8. Click Create. The database will now be created.
To host the database, we’ll create a SQL database. 9. Navigate to the SQL database and click Show
This works the same as a local SQL Server database Database Connection String.
and now runs fully managed in Azure.
10. Make note of the connection string because
1. In the Azure portal, click Create A New Service. you’ll need it later in this tutorial.
2. Search for SQL Database and click it to Running the .NET Core app locally
open the SQL Database blade. Click Create.
The Create SQL Database blade opens. Let’s run the app locally before we run it in Azure.
The app can run locally because by default, it uses
3. Type a database name.
a SQLite database, which is a self-contained SQL
4. Select the resource group that you created for database engine.
the web app.
1. Open a command prompt and navigate to a
5. Leave the source as Blank database.
directory you want to use as your source code
6. Click Server to create a new SQL database directory for this project.
server.
2. Run the following commands to get the source
a. Type a name for the server. code and navigate to the project folder:
b. Type the server admin login. This is the

git clone https://github.com/azure-samples/
username for the server. dotnetcore-sqldb-tutorial
c. Type the password that you’ll use to log on cd dotnetcore-sqldb-tutorial
to the server.
d. Confirm the password. 3. The project uses Entity Framework Core to

populate its database. To ensure the database
e. Choose a location. Choose the same is up to date and to run the application locally,
location that you selected for the App execute the following commands:
Service Plan.
f. Click Select to submit the new server dotnet restore
configuration. dotnet ef database update
dotnet run
2019 Guide to Azure
4. The app should now be running, and the URL to Connecting the local web app to the
the app (such as http://localhost:5000) should database running in Azure
be in the output in the command window
You now have a working application running
5. Navigate to that URL in a browser. This will load
locally. Before we deploy it to Azure, we’ll change
the application, which will look like that shown
the source code so that it can connect to the SQL
in Figure 8-9. Now you can create new to-do
database.
items by selecting the Create New link.
6. Close the application by closing the command 1. In your local source code repository, find the
window or pressing Ctrl+C. Startup.cs file and locate the following code:
servicesAddDbContext<MyDatabaseContext>
(options => options.UseSqlite
(“Data Source=localdatabase.db”));
2. Replace the code with the following code,

which will connect to the Azure SQL database:
// Use SQL Database if in Azure, otherwise,

use SQLite
if(Environment.
GetEnvironmentVariable(“ASPNETCORE_
ENVIRONMENT”) == “Production”)
services.
AddDbContext<MyDatabaseContext>(options =>
Figure 8-9
options.UseSqlServer(Configuration.
GetConnectionString(“MyDbConnection”)));
else
services.
AddDbContext<MyDatabaseContext>(options =>
options.UseSqlite(“Data
Source=localdatabase.db”));
// Automatically perform database migration

services.BuildServiceProvider().
GetService<MyDatabaseContext>().Database.
Migrate();
2019 Guide to Azure
This code looks at the environment in which it’s 6. Create a new connection string named
running and changes its database connection MyDbConnection. The value should be
based on that information. When running in the the connection string to the SQL database
production environment (Azure, in this case), (including username and password) you saved
the code will get the connection string for the earlier when you created the database.
database from the MyDbConnection variable,
7. Click Save. The application settings in the
which we’ll configure in Azure.
Azure portal should look like those shown
in Figure 8-10.
The code also runs the Database.Migrate()
method, which executes the Entity Framework
Core migrations that we previously ran
manually.
3. Save your changes and run the following

commands to commit the changes to your local Figure 8-10
Git repository:
Deploying the web app to Azure
git add .
We’ll use Git to push the application to Azure. To
git commit -m “connect to SQLDB in Azure”
connect the local Git repository to Azure, you must
have a deployment user configured on the server
Now we’ll configure the connection string (Azure Web App) to authenticate your deployment.
variable in Azure. The deployment user is account level and is
4. In the Azure portal, navigate to the web app different from your Azure subscription account. You
that we created earlier. need to configure this deployment user only once.
5. Navigate to Application settings. 1. In the Azure portal, navigate to the Azure

Cloud Shell by selecting the button in the
top bar that looks like this:
2019 Guide to Azure
2. The Azure Cloud Shell enables you to use 6. Once the remote target is added to the Git
the Azure CLI in the cloud and manages repository, you can push your code to it by
authentication. When the Cloud Shell is fully running the following command. You’ll need
loaded, run the following command to create to enter credentials to be able to push code to
the deployment user. Replace the <username> Azure. Use the username and password you
and <password> values with ones you create. used to create the deployment user.
Make note of the username and password
because you’ll need them later. git push azure master
az webapp deployment user set --user-name Pushing the source code to Azure might take
<username> --password <password>
a few minutes the first time. Once complete,
navigate to the URL of your Azure web app,
3. The command results in a JSON output. If you which will look like this: http://<app_ name>.
receive a ‘Conflict’. Details: 409 error message, azurewebsites.net
change the username. If you receive a ‘Bad
7. Add some to-do items in the application to test
Request’. Details: 400 error message, create a
its connection to the database.
stronger password.
Now you have a working application running in
Now we’ll push the source code from the local
Azure.
Git repository to the Azure web app.
4. Open the command prompt on your local

machine.
5. Add an Azure remote to your local Git

repository by using the remote Git URL:
a. Replace <username> with the username

you used to create the deployment user.
b. Replace <app_name> with the name of the

Azure web app.
c. Use the URL to run the following command:
git remote add azure <deploymentLocalGitUrl>

2019 Guide to Azure
Walk-through #3:
We’ll set this up using the Logic Apps feature of
Microsoft Azure App Service and the Language
Extending
Understanding Intelligent Service (LUIS), as
follows:
applications with • The .NET Core app writes the to-do item in the
SQL database.
Logic Apps and • The logic app is triggered by every new row
created in the database.
Cognitive Services • The logic app takes the to-do item text and
passes it to the Language Understanding
service.
A powerful feature of our application is its ability
• The Language Understanding service analyses
to analyse the content of to-do items and then
the text and creates a calendar item in your
automatically create calendar appointments for
Office 365 calendar if the text contains a date
tasks that include a specific date.
and time.
For example, if a user creates a to-do item with We don’t have to change our application to add
the text “family dinner next Friday at 7:00 PM”, this functionality. Logic Apps and Cognitive Services
the application will create a calendar item for are additional services that simply analyse the data
that specific Friday at 7:00 PM with the subject that’s already there.
“family dinner”.
Let’s get started.
2019 Guide to Azure
Creating the Language 10. Click Create new app.

Understanding service
11. Type a name.
We’ll first create the Language Understanding 12. Click Done.

service so that we can use it later in our logic app.
We’ll keep our model for this example simple – we We’re now in the Language Understanding portal
won’t build it out, so it’ll be ready for every variation and can build a language model. We want the
users might need for a date in a to-do item. You can Language Understanding service to understand the
add to the model yourself instead of using the one phrase “family dinner next Friday at 7 PM”. To do
we create. that, we’ll first add some entities, which are items in
the text the service will recognise.
1. In the Azure portal, select Create A New
1. Click Entities.
Service.
2. Click Manage Prebuilt Entities.
2. Search for Language Understanding and select
it in the search results to open the Language 3. Select Datetimev2 and keyPhrase.
Understanding blade. Select Create. The
Create Language Understanding blade opens. 4. Click Done. We now have two entities that will
recognise text for us.
3. Type a name.
5. Click Intents.
4. Select a pricing tier (any will do for this walk-
through). 6. Click Create new Intent.
5. Create a new resource group called 7. Type a name like ‘Add to-do calendar item’,
datedetection. which is the intent we want to detect in the text.
6. Click Create. 8. Click Done.
7. Navigate to the Language Understanding

service once it’s created.
8. By default, the service opens to the Quick-

Start blade. From here, select Language
Understanding Portal.
9. If needed, sign in using Sign In at the top-right

corner.
2019 Guide to Azure
Now you can enter utterances. These are sample 15. The model is now published to production.
texts that represent the intent we want to detect. Scroll down to Resources and Keys and make
note of the key string you’ll find there because
9. Enter “family dinner next Friday at 7 PM” to
we’ll need it for our logic app.
represent the intent of adding a to-do item to
the calendar.
Creating the logic app
10. Because we’ve already added two entities,
The logic app we create will be triggered by the
the text in the utterance is analysed and
new rows of to-do items written in SQL Database.
recognised as these entities, as shown in Figure
It will then take the value of each to-do item and
8-11. The text “family dinner” is recognised as
send it to the Language Understanding service to
a keyPhrase. The text “next Friday at 7 PM” is
be analysed. If the Language Understanding service
recognised as datetimev2.
finds a date in the item, it will create a new calendar
11. Let’s use this model to train the service and event in your Office 365 account.
publish it. Select Train in the upper-right corner
Let’s create the logic app:
of the screen.
1. In the Azure portal, click Create A New Service.
keyPhrase datetimev2
2. Search for Logic App and click it in the search
Figure 8-11 results to open the Logic App blade. Click
Create. The Create Logic App blade opens.
• This performs machine learning training
and builds a machine learning model based 3. Type a name.
on what we’ve just entered.
4. Select the resource group that you created for
• To test if the service works as expected, the Language Understanding service.
type “family dinner next Friday at 7 PM” in
5. Choose a location.
the Test window next to the Train button.
6. Click Create.
12. Now that we have a working service, we need
to publish this model to production. Click 7. When the logic app is created, you’ll see a
Publish in the menu (next to the Train button) quick-start page that asks if you want to start
to bring up the Publish page. the logic app from a template (Figure 8-12).
Choose Blank Logic App.
13. Leave the slot as Production.
14. Click Publish.

2019 Guide to Azure
5. Click Create. This creates the connection and

saves it in your Azure subscription. You can
reuse this connection in other logic apps.
6. Select the table that we want to monitor –

the To-do table.
7. Select an interval and a frequency. Some logic

app triggers need to poll to be triggered,
whereas others have their information pushed
Figure 8-12
to them.
We now need to create a trigger for the logic app. Now the logic app will be triggered every time
1. Search for SQL. we enter a new to-do item.
2. Select the When an item is created task. Next, we’ll add another action for the logic app.
This will ask for the connection to the
SQL database (Figure 8-13). 1. Click the plus sign under the SQL task, and then
select Add an action to add the next action
(Figure 8-14).
Figure 8-13
3. In this case, the correct SQL Server is already Figure 8-14

selected because there’s only one. You might
have to select the appropriate server. 2. Search for LUIS, which will bring up the
Language Understanding service. Select the
4. Enter a name for the connection, and then
LUIS Get prediction action. It will ask for
type the username and password of the
a connection to a Language Understanding
SQL database that we created earlier.
service.
2019 Guide to Azure
3. Type a name for the connection. 16. Select the App ID as we did earlier.
4. Paste in the connection key you saved when we 17. Select builtin.datetimev2 for the desired entity.
published the Language Understanding model.
18. Select the LUIS Prediction object for the
5. Click Create. luisPredictionObject field.
6. Select the App ID that you created in the 19. Below this action, add another one for
Language Understanding portal. Get entity by type.
7. Select the description from the SQL task as the 20. Select the App ID.
input for the Utterance field.
21. Select builtin.keyPhrase for the desired entity.
8. Select the Add to-do calendar item for the
22. Select the LUIS Prediction object for the
desired intent. This will output whether the
luisPredictionObject field.
task contains a date.
23. Create a new action while still in the if true
9. Click the plus sign, and then click Add a
box. Search for Office 365 and then select the
condition. We’ll test whether the text contains
Create Event V2 action. This can create an
a date by checking if the desired intent was
event in your Office 365 calendar.
true. If the text does contain a date, we’ll create
a calendar event. If it doesn’t, we won’t do 24. Note that this requires a connection to
anything. Office 365. Click add new connection and log
in with your Office 365 credentials. The logic
10. In the condition, select the Is Desired Intent
app will keep your connection in your Azure
value from the Language Understanding task
subscription.
for the value.
25. Select the calendar to create the event.
11. Leave the is equal to statement as is.
26. In the End Time and Start Time fields, select
12. Add true in the value textbox.
the Entity Value from the action where you
13. The condition appears in both the if true and filter the datetimev2 entity.
if false boxes. In the if true box, create a new
27. In the Subject field, select the Entity Value from
action.
the action where you filter the keyPhrase entity.
14. Search for LUIS as we did earlier.
28. Save the logic app flow. The if yes box should
15. Select the Get entity by type action. This is a look similar to that shown in Figure 8-15.
Language Understanding action that extracts
29. Navigate to the to-do app URL, which is the
an entity based on its type from the Language
URL of your web app from the previous walk-
Understanding results.
through.
2019 Guide to Azure
30. Create a new to-do item with the text “family

dinner next Friday at 7 PM”. This should create
an event in your calendar.
In addition to checking your calendar, you can

see how the logic app ran by reviewing the Runs
History. You can access the Runs History when you
open the logic app from the Azure portal. From
the Runs History, you can resubmit the value to run
it again through the logic app.
This example shows you can extend an application

with Azure services just through configuration,
without changing the code.
We’ve kept this example simple so it’s easy to follow

in this walk-through. In a real-world scenario, the
Language Understanding model should be more
Figure 8-15 robust to be able to understand more utterances.
In addition, you could have the logic app trigger
on edits of to-do items, not only on their creation.
2019 Guide to Azure
Walk-through
#4: Ready for
production Figure 8-16
5. Use the URL that appears on the screen to set a

With your application running, you can now use remote destination for the local Git repository.
Azure to make it more robust and easier to update. You can do this in the command window.
6. Use the cd command to change to the directory

Setting up continuous
of the application source code.
delivery with GitHub
7. Run the following command:
So far, we’ve been pushing code from our local Git
repository to Azure. This is fine if you work alone, git remote add github https://github.com/
but if you work on a team, you’ll need another bmaluijb/test.git
type of source control, like Azure DevOps Repos or

GitHub.
8. Run the following command to push the code
We’ll use GitHub to push our code and then link to GitHub:
that to our web app so changes are deployed
automatically in a continuous delivery pipeline.
git push github
Let’s get started.

With that, the code is in GitHub, and you can share
1. Log in from https://github.com/new to create it with your team.
a new repository in GitHub.
2. Type a name for the repository.
3. Leave the other settings as they are (public

repository, don’t create a README).
4. Create the repository, which should look similar

to that shown in Figure 8-16.
2019 Guide to Azure
Let’s now set up continuous delivery using the

Deployment Options feature of Web Apps through
the Azure portal. Note that we can also use the
Continuous feature in Web Apps directly, but that
requires an Azure DevOps Services account. Figure 8-17
1. In the Azure portal, go to the web app that

Setting up staging environments
hosts the .NET Core to-do app.
Using Azure App Service Web Apps, you can set
2. On the menu bar, click Deployment Options.
up a staging slot to test new versions of your
3. It’s possible that this is already configured for application through deployment slots. Deployment
the local Git repository. If this is the case, click slots are App Services with which you can test your
Disconnect. code before you promote it to the next slot.
4. In Choose Source, select GitHub. There are deployment slots for staging, load testing
and production, which is always the original App
5. In the Authorisation section, authorise Azure to
Service – in our example, the .NET Core web app. In
use GitHub by selecting Authorise and granting
fact, you can have as many deployment slots as you
permission.
want without incurring additional costs.
6. In the Choose Project section, choose the
The deployment slots all run in the same App
GitHub repository that you just created.
Service Plan, which is what you pay for. Keep in
7. Leave the branch set to master. mind that having additional deployment slots in an
App Service Plan will consume resources like CPU
8. Click OK.
and memory.
9. Return to the Deployment Options menu.
You create new deployment slots from the
You can now see that GitHub is connected.
Deployment Slots menu item in the web app.
From this point, whenever you push a new
You need to run the web app in the standard or
version of source code to GitHub, it will be built
premium pricing tier because the free plan doesn’t
and deployed to the web app automatically.
come with any deployment slots.
This is shown in Figure 8-17, which illustrates
the Deployment Options blade. You can also
force this process by clicking Sync.
2019 Guide to Azure
In each deployment slot you create, you can 8. Disconnect the CD connection in the
configure the deployment options as we did earlier original .NET Core web app. This way,
to deploy code automatically. You can even work when you push new code, it’s delivered
on different source code branches for different only into the staging slot.
environments and automatically deploy specific
9. In the .NET Core app, change some text in the
branches to specific deployment slots.
Index.cshtml file in the Views/Home folder.
Additionally, you can test your final version in
10. Commit it to Git and push it to GitHub, just like
a deployment slot and then swap it with the
when you deployed the .NET Core app.
version in the production slot. This warms up
the application before it swaps, resulting in a The new version is now in the staging slot and
deployment with no downtime. not in the original web app, which we call the
production slot. You can verify this by navigating to
Let’s see how to create a deployment
the URL of the .NET Core web app and to the URL of
slot and swap to it.
the staging slot, which you can find in the Overview
1. In the Azure portal, go to the web app that blade of the slot.
hosts the .NET Core app.
Now let’s put the new version into production.
2. On the menu bar, click Deployment Slots.
1. In the Azure portal, go to the .NET
The Deployment Slots blade opens.
Core web app.
3. Click the plus sign to create a new
2. On the menu bar, select Deployment Slots to
deployment slot.
open the Deployment Slots blade.
4. Type a name for the slot, for example, “staging”.
3. Click Swap to open the Swap blade. Leave all
5. Choose the .NET Core web app as the settings as they are.
configuration source. This copies the
4. Click OK to initiate the swap.
application settings to the new slot.
Once the swap is complete, the new version of the
6. Click OK to create the slot, which is similar to
.NET Core web app is in production. You can test it
the original web app.
by navigating to the URL of the Node.js web app.
7. Set up CD for the slot, just as you did for the Using deployment slots in this way is beneficial
web app. because you can test the new version before it goes
into production and then deploy it to production
with no downtime.
2019 Guide to Azure
Using diagnostic logs Now you need to configure your application to

send data to Application Insights.
An efficient way to monitor an app is by using
6. In the Visual Studio Code menu, select Project
diagnostic logs to see live diagnostic logging from
> Add Application Insights Telemetry…
the web app. You can even pipe the logs into the
console window. To do this, run the following 7. This opens the Application Insights wizard. Log
command in the Azure Cloud Shell: in with your Azure account.
8. Select an Application Insights pricing plan.

az webapp log tail --name <app_name>
--resource-group <myResourceGroup> 9. Click Register. This automatically adds
everything you need to the .NET Core project
and creates the Application Insights resource
You’ll see logging when you use the application in
in Azure.
the web app to generate some traffic.
10. Build the project and push the changes to
Setting up monitoring and alerts GitHub so they’re deployed to the web app.
When the deployment is complete, the
Azure Monitor Application Insights provides application will send data to Application
another powerful way to track applications. This Insights.
monitoring tool provides information about your
application, such as how many visitors used it, how By default, Application Insights performs smart
many exceptions occurred and where in the code detection. This feature detects when something is
they happened. Unlike diagnostic logs, Application wrong – such as a sudden increase in failed requests
Insights requires a nominal fee. or when the application is unusually slow – and
alerts you. You can also create your own custom
Let’s set up Application Insights.
events for all sorts of metrics and conditions in the
1. Go to the Azure portal and then to the web app Alerts menu of Application Insights, as shown in
that hosts the .NET Core app. Figure 8-18.
2. On the menu bar, click Application Insights.
3. Select Create New Resource.
Figure 8-18
4. Type a name and select a location for the
Application Insights instance.
5. Click OK. Application Insights will be deployed

and start to collect data for the application.
2019 Guide to Azure
11. To check if Application Insights is working Adding Secure Sockets Layer

properly, go to the Azure portal, find the
When an app is ready for production, you need
Application Insights resource and select it.
to confirm that it’s secure. Besides authentication
You’ll see the overview, which shows basic
and authorisation, serving the web application
metrics like server response time, page view
over HTTPS is one of the most important security
load time and number of server requests and
measures you can take. This is because without
failed requests. You should see some data,
HTTPS, intruders could see the traffic among your
indicating that Application Insights is working.
resources and use this information for malicious
purposes like signing in to your application.
Scaling the web app Additionally, HTTPS is a requirement for leading-
edge features like service workers.
When you have many users, you need Web Apps to
scale up to accommodate increased traffic. When Serving traffic to your web app over Secure
it’s not busy, you need it to scale back to save costs. Sockets Layer (SSL) is possible by importing an SSL
You can do this with the Automatic Scaling feature certificate into Web Apps and binding it to one of
of App Service. You need to run Web Apps in the your custom domain names. You can either import
standard or premium pricing tier to use this feature. your own SSL certificate or purchase one through
Azure App Service Certificates. This service
Web Apps has a menu item called Scale Out, as
makes it easy to buy and validate certificates. After
shown in Figure 8-19. You can use this to scale out
importing the certificate, couple it to one of the
manually or automatically. Scaling out means you
domain name bindings of your web app. You can
add more instances of your application to handle
do all this from the SSL Certificates menu in the
the load.
web app.
Notifying users about new versions
Your business will benefit from making users aware

of new production releases. By extending the
continuous integration/continuous delivery (CI/CD)
process in Azure builds, you can use a Logic Apps
workflow to manage social media communication,
Figure 8-19 like sending out tweets or publishing posts with
release notes.
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 119
2018 adipiscing
09 /




Summary
In this guide, we introduced the
power that Azure can bring to your
applications. Using Azure, you can
do incredible things with your apps –
and
employ facial and speech recognition,
manage your IoT devices in the cloud,
scale as much as you want – and pay
resources
only for what you use.
You’ve learned that Azure has services

for almost every scenario, so it can help
you no matter which programming
language you use or what platform
you write applications for. We hope
you continue to consult this eBook to
become better acquainted with the vast
range of Azure services and determine
which ones best fit your needs.
Thanks to the wealth of prebuilt

solutions in Azure, the days of having to
write complicated plumbing are over.
Free yourself up to work on the things
that matter to you by taking advantage
of all that Azure offers.
2019 Guide to Azure
Keep learning
with Azure
With your Azure free account, you get all of this –
and you won’t be charged until you choose to
upgrade:
• 12 months of popular free services.
• $200 USD credit to explore any Azure

service for 30 days.
• 25+ services always free.
• Get started with Azure: Watch these short

tutorials on how to use Azure and start
building projects right away. You can also join
our weekly webinar, which provides demos
of Azure basics and provides ongoing access
to experts.
• Microsoft Learn: Learn new skills and discover

the power of Microsoft products with step-
by-step guidance. Start your journey today
by exploring our learning paths and modules.
• Azure Friday, Take a look at Azure Services and

features with the Microsoft engineering team.
• Azure.Source: Keep current on what’s

happening in Azure, including news and
updates, what’s now in preview and what’s
generally available.
• Azure Tips and Tricks: Browse a collection

of useful ideas to help you become more
productive with Azure.
2019 Guide to Azure
Free resources extravaganza • Developers Guide to IoT: eBook that provides

an overview of Azure IoT services and gets you
In addition to this guide, there are many started.
other free resources about Azure, including:
• Azure for Architects: Comprehensive guide for
• Learn Azure in a Month of Lunches: Practical Azure architects.
way to learn Azure from scratch over a month
of lunches. • Developer’s Guide to Building AI Applications:
Practical guide for creating your first intelligent
• Azure Serverless Computing Cookbook: bot with AI.
eBook about everything serverless in Azure.
• Designed to Disrupt: Inspiration and guidance
• Designing Distributed Systems: eBook on on how transformational changes are possible
building containerised applications, with and how to achieve them.
hands-on labs on Azure Kubernetes Service.
• Practical Microsoft Azure IaaS: Tips and best
• Containerise Your Apps with Docker and practices on how to migrate on-premises
Kubernetes: Practical guide for moving systems to the cloud with Azure.
applications to the cloud with Docker and
Kubernetes. • Enterprise Cloud Strategy: Proven methods for
moving your enterprise to a cloud computing
• Guide to NoSQL with Azure Cosmos DB: strategy.
eBook on building responsive, mission-critical
apps with Azure Cosmos DB. • Cloud Migration Essentials: eBook on how
to simplify your path to the cloud while
• Effective DevOps: Practical guide for improving minimising risk and impact to your business.
collaboration across teams, promoting efficient
use of tools and using the concepts of DevOps. • Making the Most of the Cloud Everywhere:
eBook that focuses on unified development
and modernisation practices in hybrid
environments.
http://www.azure.com/free
2019 Guide to Azure
About the
authors
Michael and Barry are passionate about Azure and Michael Crump works at Barry Luijbregts is an
Microsoft on the Azure independent software
encourage you to reach out to them on Twitter for platform and is a coder, architect and developer with
questions regarding this book. blogger and international a passion for the cloud and
speaker on various cloud authors courses for Pluralsight.
development topics. He’s
passionate about helping You can reach Barry on Twitter
developers understand the @AzureBarry and through
benefits of the cloud in a no- his website at https://www.
nonsense way. azurebarry.com/.
You can reach Michael on

Twitter @mbcrump, follow
his blog at https://www.
michaelcrump.net/ or catch
up on a recent post in the
Azure Tips and Tricks series.
PUBLISHED BY Microsoft Press, a division of Microsoft Corporation

One Microsoft Way, Redmond, Washington 98052-6399
Copyright © 2019 by Microsoft Corporation. All rights reserved. No part of

the contents of this book may be reproduced or transmitted in any form or by any
means without the written permission of the publisher.
Microsoft Press books are available through booksellers and distributors worldwide. If you
need support related to this book, email Microsoft Press Support at mspinput@microsoft.
com. Please tell us what you think of this book by taking this survey.
This book is provided ‘as is’ and expresses the author’s views and opinions. The views,
opinions and information expressed in this book, including URL and other Internet website
references, may change without notice. Some examples depicted herein are provided for
illustration only and are fictitious. No real association or connection is intended or should
be inferred.
Microsoft and the trademarks listed at www.microsoft.com on the ‘Trademarks’ webpage

are trademarks of the Microsoft group of companies. All other marks are property of their
respective owners.
February Lorem
May ipsum dolor sit
Theamet,
Developer’s
consectetur 123
2018 adipiscing

Azure Developer Guide Ebook en-GB

Uploaded by

Copyright:

Available Formats

Azure Developer Guide Ebook en-GB

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Azure Developer Guide Ebook en-GB

Uploaded by

Copyright:

Available Formats

eBook Series

Keep Learning with Azure

Guide to From creating websites, databases and desktop

We’re here to help

Documentation and guides that give you an

Stack Overflow, which provides answers to Azure

Azure Community Support, which provides a

Azure Advisor, which automatically makes

Azure Service Health, which gives you

duciuscit, odit blaut omnimenem fugitas et omnihil

volupis as volo facearchilit quidelia peri conserrum, qui

eos et libusci re porepedit faciminciae lant et dolorpos

duntem commo quis in natem.

es nit etur sit Sedicil labores citatem natem sedit autet

What can Azure

Multiply your impact with:

Integrated tightly together, these form a true

Take advantage of the incredible and always

Where to host Azure App Service comprises the

Continuous Deployment Custom domains and Azure

4. Deploys the app to production after approval

Connect to on-premises resources App Service Environment

Snapshot Debugger for .NET Hosting your application in a VM in Azure Virtual

Data from the Blob that triggered the function is

Input and output bindings connect your function

With Azure Functions, it’s possible to pay only

You can write Azure Functions in .NET, JavaScript,

Logic Apps 1. The Logic App is activated when an email

2. Using the data in the email, the Logic App checks

You can also expose your own APIs or Azure

Just like Azure Functions, Logic Apps are serverless

Batch is a free service, so you only pay for the

Batch is well suited to run parallel workloads

Scale and orchestrate containers with

Host containers in Azure App Azure Service Fabric

While this can make it difficult to pick the right

Run your app

** For lifting and shifting existing applications to Azure.

performant applications. Web Apps acts as endpoints, which

Because of this difference, Azure Front Door

Azure Front Door allows you to author custom

Additionally, Front Door enables you to create rate

Other capabilities of Front Door include:

• URL-based routing • SSL termination

If you need help choosing between

Azure Traffic Manager Azure Front Door

You only need routing (performance- or geography-based)

You need SSL termination (also called SSL offloading) ●

• Offloads serving content from your application.

Azure Redis Cache

// Designing Distributed Systems

1. The app needs some data and attempts to

2. If the data is not there, get it from the database

3. The next time the app is looks for that piece of

duciuscit, odit blaut omnimenem fugitas et omnihil

volupis as volo facearchilit quidelia peri conserrum, qui

eos et libusci re porepedit faciminciae lant et dolorpos

duntem commo quis in natem.

es nit etur sit Sedicil labores citatem natem sedit autet

• Limitless global scale, so you pay only for the

• Automatic indexing of data, which removes the