SlideShare ist ein Scribd-Unternehmen logo

Global Azure Bootcamp 2018 - Oh no my organization went Azure

Karim Vaes
Karim Vaes

Talk about topics like ; - contract & cost management - subscription management - identity & access management - networking foundation

Technologie
1 von 34
Downloaden Sie, um offline zu lesen
“My organization just went Azure!” Karim Vaes @kvaes #GlobalAzure Bootcamp 2018 “What to do now?!?” “Oh no…”
© Microsoft Corporation Meet “Max”… He’ll make sure no nasty cloud would dare to touch your systems!
© Microsoft Corporation The end!
© Microsoft Corporation Just Kidding
© Microsoft Corporation Agenda ## Contract & Cost Management ## Subscription Management ## Identity & Access Management ## Networking Foundation ## Questions & Answers
© Microsoft Corporation Contract & Cost Management
© Microsoft Corporation Typically three purchasing methods Web Direct • Credit Card • Direct Enterprise Agreement • Contract (3Y) • Direct Cloud Service Provider • Contract • Indirect
© Microsoft Corporation Why does this matter? Web Direct • AdminPortal • Billing Info • Single Sub. Enterprise Agreement • EA Portal (Customer) • Billing link w. Acc. Owner • Hierarchy possible • No reselling allowed Cloud Service Provider • Partner Central (Partner) • Billing link w. AAD Tenant • Focused towards value added services
© Microsoft Corporation Enterprise Agreement Hierarchy EA Contract Enrollment Department Account Owner Subscription Resource Group • Resource • Resource Resource Group • Resource • Resource
© Microsoft Corporation Cost Management Portal • High Level • Very Detailed • No Tags PowerBi • Customizable • EA Only • Tags (DIY) Azure Cost Mgmt • Drag & Drop (f.e. Tags) • Multiple Contracts/Clouds • Alerting https://powerbi.com/groups/me/getdata/services/azureconsumption & https://docs.microsoft.com/en-us/azure/cost-management/
© Microsoft Corporation 0 10 20 30 40 50 60 70 80 90 100 12:00 AM 1:00 AM 2:00 AM 3:00 AM 4:00 AM 5:00 AM 6:00 AM 7:00 AM 8:00 AM 9:00 AM 10:00 AM 11:00 AM 12:00 PM 1:00 PM 2:00 PM 3:00 PM 4:00 PM 5:00 PM 6:00 PM 7:00 PM 8:00 PM 9:00 PM 10:00 PM 11:00 PM P95 CPU utilization CPU Utilization Resize savings $970 Snoozing Resizing Snooze savings $162 D14 v2 SKU, $1,400/mo + D12 v2 SKU, $430/mo + D12 v2 SKU, $268/mo Cost Optimizations
© Microsoft Corporation Cost Optimizations Pay-as-you-Go • Per per minute • No reservation • D2v3 ~73.88€ Reserved Instance (1Y) • VM Size reserved for 1Y • Exchange or Refundable* • D2v3 ~47.09€ (~36%) Reserved Instance (3Y) • VM Size reserved for 3Y • Exchange or Refundable* • D2v3 ~32.40€ (~56%) Azure Hybrid Use Benefit
© Microsoft Corporation Snoozing & Bursting Non-Prod VM • 10h per workday 20d per month = 200h • 24/7 = ~730h • Snoozing = ~72% Scale-on-Demand • CosmosDB scales within seconds • B-series • Functions Consumption Plan • …
© Microsoft Corporation Subscription Management
© Microsoft Corporation So… Subscription Resource Group • Resource • Resource Resource Group • Resource • Resource
© Microsoft Corporation When do I need another subscription? Trust Issues Esthetical Billing
© Microsoft Corporation So how can we help “Max”? Management Groups
© Microsoft Corporation Azure Management Group https://docs.microsoft.com/en-us/azure/azure-resource-manager/management-groups-overview
© Microsoft Corporation Azure Role Based Access Control https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-what-is Built-in role Description Owner Can manage everything, including access Contributor Can manage everything except access Reader Can view everything, but can't make changes API Management Service Contributor Can manage API Management services API Management Service Operator Role Can manage API Management services API Management Service Reader Role Can manage API Management services Application Insights Component Contributor Can manage Application Insights components Application Insights Snapshot Debugger Gives user permission to use Application Insights Snapshot Debugger features Automation Job Operator Create and Manage Jobs using Automation Runbooks. Automation Operator Able to start, stop, suspend, and resume jobs Automation Runbook Operator Read Runbook properties - to be able to create Jobs of the runbook. Azure Stack Registration Owner Lets you manage Azure Stack registrations. Backup Contributor Can manage all backup management actions, except creating Recovery Services vault and giving access to others Backup Operator Can manage all backup management actions except creating vaults, removing backup and giving access to others Backup Reader Can monitor backup management in Recovery Services vault Billing Reader Can view all Billing information BizTalk Contributor Can manage BizTalk services CDN Endpoint Contributor Can manage CDN endpoints, but can’t grant access to other users. CDN Endpoint Reader Can view CDN endpoints, but can’t make changes. CDN Profile Contributor Can manage CDN profiles and their endpoints, but can’t grant access to other users. CDN Profile Reader Can view CDN profiles and their endpoints, but can’t make changes. Classic Network Contributor Can manage classic virtual networks and reserved IPs Classic Storage Account Contributor Can manage classic storage accounts Classic Storage Account Key Operator Service Role Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts Classic Virtual Machine Contributor Can manage classic virtual machines but not the virtual network or storage account to which they are connected ClearDB MySQL DB Contributor Can manage ClearDB MySQL databases Cosmos DB Account Reader Role Can read Azure Cosmos DB account data. See DocumentDB Account Contributor for managing Azure Cosmos DB accounts. Data Factory Contributor Create and manage data factories, and child resources within them. Data Lake Analytics Developer Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts. DevTest Labs User Can view everything and connect, start, restart, and shutdown virtual machines DNS Zone Contributor Can manage DNS zones and records. DocumentDB Account Contributor Can manage Azure Cosmos DB accounts. Azure Cosmos DB is formerly known as DocumentDB. Intelligent Systems Account Contributor Can manage Intelligent Systems accounts Key Vault Contributor Lets you manage key vaults, but not access to them. Lab Creator Lets you create, manage, delete your managed labs under your Azure Lab Accounts. Log Analytics Contributor Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources. Log Analytics Reader Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources. Logic App Contributor Lets you manage logic app, but not access to them. Logic App Operator Lets you read, enable and disable logic app. Managed Identity Contributor Create, Read, Update, and Delete User Assigned Identity Managed Identity Operator Read and Assign User Assigned Identity Monitoring Contributor Can read all monitoring data and edit monitoring settings. See also Get started with roles, permissions, and security with Azure Monitor. Monitoring Reader Can read all monitoring data (metrics, logs, etc.). See also Get started with roles, permissions, and security with Azure Monitor. Network Contributor Can manage all network resources New Relic APM Account Contributor Lets you manage New Relic Application Performance Management accounts and applications, but not access to them. Redis Cache Contributor Can manage Redis caches Scheduler Job Collections Contributor Can manage Scheduler job collections Search Service Contributor Can manage Search services Security Admin In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations Security Manager Can manage security components, security policies, and virtual machines Security Reader In Security Center only: Can view recommendations and alerts, view security policies, view security states, but cannot make changes Site Recovery Contributor Can manage all Site Recovery management actions, except creating Recovery Services vault and assigning access rights to other users Site Recovery Operator Can Failover and Failback but can not perform other Site Recovery management actions or assign access to other users Site Recovery Reader Can monitor Site Recovery status in Recovery Services vault and raise Support tickets SQL DB Contributor Can manage SQL databases but not their security-related policies SQL Security Manager Can manage the security-related policies of SQL servers and databases SQL Server Contributor Can manage SQL servers and databases but not their security-related policies Storage Account Contributor Can manage storage accounts, but not access to them. Storage Account Key Operator Service Role Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts Support Request Contributor Can create and manage support tickets at the subscription scope Traffic Manager Contributor Lets you manage Traffic Manager profiles, but does not let you control who has access to them. User Access Administrator Can manage user access to Azure resources Virtual Machine Administrator Login - Users with this role have the ability to login to a virtual machine with Windows administrator or Linux root user privileges. Virtual Machine Contributor Can manage virtual machines but not the virtual network or storage account to which they are connected Virtual Machine User Login Users with this role have the ability to login to a virtual machine as a regular user. Web Plan Contributor Can manage web plans Website Contributor Can manage websites but not the web plans to which they are connected and custom…
© Microsoft Corporation Azure Policy https://docs.microsoft.com/en-gb/azure/azure-policy/azure-policy-introduction
© Microsoft Corporation Identity & Access Management
© Microsoft Corporation Subscription trusts one directory Microsoft Azure AD Active Directory User Groups Apps Devices Graph API Roles - Global Admin - User Admin - Etc. Identity management & Authentications App Support Team Virtual Machine Contributor and Website Contributor Development Team Virtual Machine Contributor and Website Contributor Network & Security Team Virtual Network Contributor and Virtual Machine Contributor Database Management Team SQL Server Contributor and SQL Security Manager Dev Subscription Test Subscription Production Subscriptions Platform Team Owner Storage & Backup Team Storage Account Contributor APPLICATION Per application policy , Client type, (Native apps, web apps) OTHER Location (IP Range), Risk Profile (future) DEVICES Is Domain Joined, Is Compliant, Platform type (IOS, Android, Windows) USER / GROUP ATTRIBUTES User identity, Group memberships, Auth Strength ➢ Allow ➢ Enforce MFA ➢ Block Azure IAM – AAD Integrated
© Microsoft Corporation Azure AAD (B2E) – Basic Rules Single Directory Enforce MFA Operate JIT/JEA
© Microsoft Corporation AAD & … https://kvaes.wordpress.com/2018/03/13/azure-subscription-management-beyond-the-101-aka-the-advanced-topics/ The Army of Portals
© Microsoft Corporation Networking Foundation
© Microsoft Corporation Azure Networking Patterns in a growth model https://kvaes.wordpress.com/2017/10/02/azure-networking-blueprint-patterns-for-enterprises/ Island Mode Forced Tunneling NGFW Two Pairs (optional) Hub & Spoke
© Microsoft Corporation Island Mode
© Microsoft Corporation Forced Tunneling
© Microsoft Corporation Next Generation Firewall
© Microsoft Corporation Next Generation Firewall – Two pairs
© Microsoft Corporation Hub & Spoke https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke
© Microsoft Corporation If you are reading this… You made it to the end! (withoutfallingasleep)
© Microsoft Corporation Questions & Answers
© Copyright Microsoft Corporation. All rights reserved.

Empfohlen

Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesGlobal Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesKarim Vaes
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Azure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Riyadh User Group
 
Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)Chris Dufour
 
Building microservices on azure
Building microservices on azureBuilding microservices on azure
Building microservices on azureVaibhav Gujral
 
Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101R M Shahidul Islam Shahed
 
Azure deployments and ARM templates
Azure deployments and ARM templatesAzure deployments and ARM templates
Azure deployments and ARM templatesgjuljo
 
Certification in Microsoft Azure
Certification in Microsoft AzureCertification in Microsoft Azure
Certification in Microsoft AzureDaniel Toomey
 

Empfohlen

Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesGlobal Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesKarim Vaes
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Azure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Riyadh User Group
 
Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)Microsoft Azure Platform-as-a-Service (PaaS)
Microsoft Azure Platform-as-a-Service (PaaS)Chris Dufour
 
Building microservices on azure
Building microservices on azureBuilding microservices on azure
Building microservices on azureVaibhav Gujral
 
Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101R M Shahidul Islam Shahed
 
Azure deployments and ARM templates
Azure deployments and ARM templatesAzure deployments and ARM templates
Azure deployments and ARM templatesgjuljo
 
Certification in Microsoft Azure
Certification in Microsoft AzureCertification in Microsoft Azure
Certification in Microsoft AzureDaniel Toomey
 
Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update ManagementUdaiappa Ramachandran
 
Azure integration in dynamic crm
Azure integration in dynamic crmAzure integration in dynamic crm
Azure integration in dynamic crmssuser93127c1
 
Toyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewToyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewTokyo Azure Meetup
 
Microsoft Azure: Applications Migration Paths
Microsoft Azure: Applications Migration PathsMicrosoft Azure: Applications Migration Paths
Microsoft Azure: Applications Migration PathsLorenzo Barbieri
 
Migrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureMigrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureChris Dufour
 
Cloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureCloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureEduardo Castro
 
05 Azure overview Using cloud principles v.2.0
05 Azure overview Using cloud principles v.2.005 Azure overview Using cloud principles v.2.0
05 Azure overview Using cloud principles v.2.0Herman Keijzer
 
Cloud Fundamental
Cloud FundamentalCloud Fundamental
Cloud FundamentalAzure Riyadh User Group
 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkShailesh Dwivedi
 
Azure Services Platform
Azure Services PlatformAzure Services Platform
Azure Services PlatformDavid Chou
 
Intro to Azure Static Web Apps
Intro to Azure Static Web AppsIntro to Azure Static Web Apps
Intro to Azure Static Web AppsMoaid Hathot
 
04 Azure IAAS 101
04 Azure IAAS 10104 Azure IAAS 101
04 Azure IAAS 101Herman Keijzer
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureGuy Barrette
 
Citrix on Azure
Citrix on AzureCitrix on Azure
Citrix on AzureMustafa
 
Cloud computing and the Windows Azure Services Platform (KU Leuven)
Cloud computing and the Windows Azure Services Platform (KU Leuven)Cloud computing and the Windows Azure Services Platform (KU Leuven)
Cloud computing and the Windows Azure Services Platform (KU Leuven)Maarten Balliauw
 
Microsoft Azure cloud services
Microsoft Azure cloud servicesMicrosoft Azure cloud services
Microsoft Azure cloud servicesNajeeb Khan
 
Azure Web Apps Advanced Security
Azure Web Apps Advanced SecurityAzure Web Apps Advanced Security
Azure Web Apps Advanced SecurityUdaiappa Ramachandran
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...MSDEVMTL
 
Scott Guthrie's Windows Azure Overview
Scott Guthrie's Windows Azure Overview Scott Guthrie's Windows Azure Overview
Scott Guthrie's Windows Azure Overview Michael Meagher
 
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101IDERA Software
 
Introduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKIntroduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKPeter Selch Dahl
 

Weitere ähnliche Inhalte

Was ist angesagt?

Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update ManagementUdaiappa Ramachandran
 
Azure integration in dynamic crm
Azure integration in dynamic crmAzure integration in dynamic crm
Azure integration in dynamic crmssuser93127c1
 
Toyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewToyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewTokyo Azure Meetup
 
Microsoft Azure: Applications Migration Paths
Microsoft Azure: Applications Migration PathsMicrosoft Azure: Applications Migration Paths
Microsoft Azure: Applications Migration PathsLorenzo Barbieri
 
Migrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureMigrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureChris Dufour
 
Cloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureCloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureEduardo Castro
 
05 Azure overview Using cloud principles v.2.0
05 Azure overview Using cloud principles v.2.005 Azure overview Using cloud principles v.2.0
05 Azure overview Using cloud principles v.2.0Herman Keijzer
 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkShailesh Dwivedi
 
Azure Services Platform
Azure Services PlatformAzure Services Platform
Azure Services PlatformDavid Chou
 
Intro to Azure Static Web Apps
Intro to Azure Static Web AppsIntro to Azure Static Web Apps
Intro to Azure Static Web AppsMoaid Hathot
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureGuy Barrette
 
Citrix on Azure
Citrix on AzureCitrix on Azure
Citrix on AzureMustafa
 
Cloud computing and the Windows Azure Services Platform (KU Leuven)
Cloud computing and the Windows Azure Services Platform (KU Leuven)Cloud computing and the Windows Azure Services Platform (KU Leuven)
Cloud computing and the Windows Azure Services Platform (KU Leuven)Maarten Balliauw
 
Microsoft Azure cloud services
Microsoft Azure cloud servicesMicrosoft Azure cloud services
Microsoft Azure cloud servicesNajeeb Khan
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...MSDEVMTL
 
Scott Guthrie's Windows Azure Overview
Scott Guthrie's Windows Azure Overview Scott Guthrie's Windows Azure Overview
Scott Guthrie's Windows Azure Overview Michael Meagher
 

Was ist angesagt? (20)

Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update Management
 
Azure integration in dynamic crm
Azure integration in dynamic crmAzure integration in dynamic crm
Azure integration in dynamic crm
 
Toyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewToyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overview
 
Microsoft Azure: Applications Migration Paths
Microsoft Azure: Applications Migration PathsMicrosoft Azure: Applications Migration Paths
Microsoft Azure: Applications Migration Paths
 
Migrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft AzureMigrate an Existing Application to Microsoft Azure
Migrate an Existing Application to Microsoft Azure
 
Cloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureCloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azure
 
05 Azure overview Using cloud principles v.2.0
05 Azure overview Using cloud principles v.2.005 Azure overview Using cloud principles v.2.0
05 Azure overview Using cloud principles v.2.0
 
Cloud Fundamental
Cloud FundamentalCloud Fundamental
Cloud Fundamental
 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalk
 
Azure Services Platform
Azure Services PlatformAzure Services Platform
Azure Services Platform
 
Intro to Azure Static Web Apps
Intro to Azure Static Web AppsIntro to Azure Static Web Apps
Intro to Azure Static Web Apps
 
04 Azure IAAS 101
04 Azure IAAS 10104 Azure IAAS 101
04 Azure IAAS 101
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
 
Citrix on Azure
Citrix on AzureCitrix on Azure
Citrix on Azure
 
Cloud computing and the Windows Azure Services Platform (KU Leuven)
Cloud computing and the Windows Azure Services Platform (KU Leuven)Cloud computing and the Windows Azure Services Platform (KU Leuven)
Cloud computing and the Windows Azure Services Platform (KU Leuven)
 
Microsoft Azure cloud services
Microsoft Azure cloud servicesMicrosoft Azure cloud services
Microsoft Azure cloud services
 
Azure Web Apps Advanced Security
Azure Web Apps Advanced SecurityAzure Web Apps Advanced Security
Azure Web Apps Advanced Security
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
 
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
Stephane Lapointe, Frank Boucher & Alexandre Brisebois: Les micro-services et...
 
Scott Guthrie's Windows Azure Overview
Scott Guthrie's Windows Azure Overview Scott Guthrie's Windows Azure Overview
Scott Guthrie's Windows Azure Overview
 

Ähnlich wie Global Azure Bootcamp 2018 - Oh no my organization went Azure

Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101IDERA Software
 
Introduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKIntroduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKPeter Selch Dahl
 
Azure Day 1.pptx
Azure Day 1.pptxAzure Day 1.pptx
Azure Day 1.pptxmasbulosoke
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiGirish Kalamati
 
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...SpanishPASSVC
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfShivamSharma909
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfinfosec train
 
03_DP_300T00A_Secure_Environment.pptx
03_DP_300T00A_Secure_Environment.pptx03_DP_300T00A_Secure_Environment.pptx
03_DP_300T00A_Secure_Environment.pptxKareemBullard1
 
IDM Resume _ Kiran
IDM Resume _ KiranIDM Resume _ Kiran
IDM Resume _ KiranKiran Kumar
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiGirish Kalamati
 
CloudBrew 2018 - Azure Governance
CloudBrew 2018 - Azure GovernanceCloudBrew 2018 - Azure Governance
CloudBrew 2018 - Azure GovernanceTom Janetscheck
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...NCCOMMS
 
Microsoft azure infrastructure essentials course manual
Microsoft azure infrastructure essentials course manualMicrosoft azure infrastructure essentials course manual
Microsoft azure infrastructure essentials course manualmichaeldejene4
 
The Secret Recipe for Improving Microsoft 365 Efficiency
The Secret Recipe for Improving Microsoft 365 EfficiencyThe Secret Recipe for Improving Microsoft 365 Efficiency
The Secret Recipe for Improving Microsoft 365 EfficiencyAllison Schoner
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsFredBrandonAuthorMCP
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 

Ähnlich wie Global Azure Bootcamp 2018 - Oh no my organization went Azure (20)

Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101
 
Introduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKIntroduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDK
 
Azure Day 1.pptx
Azure Day 1.pptxAzure Day 1.pptx
Azure Day 1.pptx
 
Tableau powerpoint
Tableau powerpointTableau powerpoint
Tableau powerpoint
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish Kalamati
 
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdf
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdf
 
03_DP_300T00A_Secure_Environment.pptx
03_DP_300T00A_Secure_Environment.pptx03_DP_300T00A_Secure_Environment.pptx
03_DP_300T00A_Secure_Environment.pptx
 
Mysql
MysqlMysql
Mysql
 
IDM Resume _ Kiran
IDM Resume _ KiranIDM Resume _ Kiran
IDM Resume _ Kiran
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
CloudBrew 2018 - Azure Governance
CloudBrew 2018 - Azure GovernanceCloudBrew 2018 - Azure Governance
CloudBrew 2018 - Azure Governance
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
 
Microsoft azure infrastructure essentials course manual
Microsoft azure infrastructure essentials course manualMicrosoft azure infrastructure essentials course manual
Microsoft azure infrastructure essentials course manual
 
IDM Introduction
IDM IntroductionIDM Introduction
IDM Introduction
 
Tableau powerpoint
Tableau powerpointTableau powerpoint
Tableau powerpoint
 
The Secret Recipe for Improving Microsoft 365 Efficiency
The Secret Recipe for Improving Microsoft 365 EfficiencyThe Secret Recipe for Improving Microsoft 365 Efficiency
The Secret Recipe for Improving Microsoft 365 Efficiency
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 

Mehr von Karim Vaes

A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
Resiliency Patterns on Azure
Resiliency Patterns on AzureResiliency Patterns on Azure
Resiliency Patterns on AzureKarim Vaes
 
ExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure NetworkingExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure NetworkingKarim Vaes
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureKarim Vaes
 
Experts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationExperts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationKarim Vaes
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
Azure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherAzure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherKarim Vaes
 
The IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documentsThe IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documentsKarim Vaes
 
Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)Karim Vaes
 

Mehr von Karim Vaes (9)

A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure Networking
 
Resiliency Patterns on Azure
Resiliency Patterns on AzureResiliency Patterns on Azure
Resiliency Patterns on Azure
 
ExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure NetworkingExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure Networking
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
 
Experts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationExperts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automation
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Azure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherAzure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
 
The IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documentsThe IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documents
 
Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)
 

Kürzlich hochgeladen

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Global Azure Bootcamp 2018 - Oh no my organization went Azure

  • 1. “My organization just went Azure!” Karim Vaes @kvaes #GlobalAzure Bootcamp 2018 “What to do now?!?” “Oh no…”
  • 2. © Microsoft Corporation Meet “Max”… He’ll make sure no nasty cloud would dare to touch your systems!
  • 5. © Microsoft Corporation Agenda ## Contract & Cost Management ## Subscription Management ## Identity & Access Management ## Networking Foundation ## Questions & Answers
  • 7. © Microsoft Corporation Typically three purchasing methods Web Direct • Credit Card • Direct Enterprise Agreement • Contract (3Y) • Direct Cloud Service Provider • Contract • Indirect
  • 8. © Microsoft Corporation Why does this matter? Web Direct • AdminPortal • Billing Info • Single Sub. Enterprise Agreement • EA Portal (Customer) • Billing link w. Acc. Owner • Hierarchy possible • No reselling allowed Cloud Service Provider • Partner Central (Partner) • Billing link w. AAD Tenant • Focused towards value added services
  • 9. © Microsoft Corporation Enterprise Agreement Hierarchy EA Contract Enrollment Department Account Owner Subscription Resource Group • Resource • Resource Resource Group • Resource • Resource
  • 10. © Microsoft Corporation Cost Management Portal • High Level • Very Detailed • No Tags PowerBi • Customizable • EA Only • Tags (DIY) Azure Cost Mgmt • Drag & Drop (f.e. Tags) • Multiple Contracts/Clouds • Alerting https://powerbi.com/groups/me/getdata/services/azureconsumption & https://docs.microsoft.com/en-us/azure/cost-management/
  • 11. © Microsoft Corporation 0 10 20 30 40 50 60 70 80 90 100 12:00 AM 1:00 AM 2:00 AM 3:00 AM 4:00 AM 5:00 AM 6:00 AM 7:00 AM 8:00 AM 9:00 AM 10:00 AM 11:00 AM 12:00 PM 1:00 PM 2:00 PM 3:00 PM 4:00 PM 5:00 PM 6:00 PM 7:00 PM 8:00 PM 9:00 PM 10:00 PM 11:00 PM P95 CPU utilization CPU Utilization Resize savings $970 Snoozing Resizing Snooze savings $162 D14 v2 SKU, $1,400/mo + D12 v2 SKU, $430/mo + D12 v2 SKU, $268/mo Cost Optimizations
  • 12. © Microsoft Corporation Cost Optimizations Pay-as-you-Go • Per per minute • No reservation • D2v3 ~73.88€ Reserved Instance (1Y) • VM Size reserved for 1Y • Exchange or Refundable* • D2v3 ~47.09€ (~36%) Reserved Instance (3Y) • VM Size reserved for 3Y • Exchange or Refundable* • D2v3 ~32.40€ (~56%) Azure Hybrid Use Benefit
  • 13. © Microsoft Corporation Snoozing & Bursting Non-Prod VM • 10h per workday 20d per month = 200h • 24/7 = ~730h • Snoozing = ~72% Scale-on-Demand • CosmosDB scales within seconds • B-series • Functions Consumption Plan • …
  • 15. © Microsoft Corporation So… Subscription Resource Group • Resource • Resource Resource Group • Resource • Resource
  • 16. © Microsoft Corporation When do I need another subscription? Trust Issues Esthetical Billing
  • 17. © Microsoft Corporation So how can we help “Max”? Management Groups
  • 18. © Microsoft Corporation Azure Management Group https://docs.microsoft.com/en-us/azure/azure-resource-manager/management-groups-overview
  • 19. © Microsoft Corporation Azure Role Based Access Control https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-what-is Built-in role Description Owner Can manage everything, including access Contributor Can manage everything except access Reader Can view everything, but can't make changes API Management Service Contributor Can manage API Management services API Management Service Operator Role Can manage API Management services API Management Service Reader Role Can manage API Management services Application Insights Component Contributor Can manage Application Insights components Application Insights Snapshot Debugger Gives user permission to use Application Insights Snapshot Debugger features Automation Job Operator Create and Manage Jobs using Automation Runbooks. Automation Operator Able to start, stop, suspend, and resume jobs Automation Runbook Operator Read Runbook properties - to be able to create Jobs of the runbook. Azure Stack Registration Owner Lets you manage Azure Stack registrations. Backup Contributor Can manage all backup management actions, except creating Recovery Services vault and giving access to others Backup Operator Can manage all backup management actions except creating vaults, removing backup and giving access to others Backup Reader Can monitor backup management in Recovery Services vault Billing Reader Can view all Billing information BizTalk Contributor Can manage BizTalk services CDN Endpoint Contributor Can manage CDN endpoints, but can’t grant access to other users. CDN Endpoint Reader Can view CDN endpoints, but can’t make changes. CDN Profile Contributor Can manage CDN profiles and their endpoints, but can’t grant access to other users. CDN Profile Reader Can view CDN profiles and their endpoints, but can’t make changes. Classic Network Contributor Can manage classic virtual networks and reserved IPs Classic Storage Account Contributor Can manage classic storage accounts Classic Storage Account Key Operator Service Role Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts Classic Virtual Machine Contributor Can manage classic virtual machines but not the virtual network or storage account to which they are connected ClearDB MySQL DB Contributor Can manage ClearDB MySQL databases Cosmos DB Account Reader Role Can read Azure Cosmos DB account data. See DocumentDB Account Contributor for managing Azure Cosmos DB accounts. Data Factory Contributor Create and manage data factories, and child resources within them. Data Lake Analytics Developer Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts. DevTest Labs User Can view everything and connect, start, restart, and shutdown virtual machines DNS Zone Contributor Can manage DNS zones and records. DocumentDB Account Contributor Can manage Azure Cosmos DB accounts. Azure Cosmos DB is formerly known as DocumentDB. Intelligent Systems Account Contributor Can manage Intelligent Systems accounts Key Vault Contributor Lets you manage key vaults, but not access to them. Lab Creator Lets you create, manage, delete your managed labs under your Azure Lab Accounts. Log Analytics Contributor Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources. Log Analytics Reader Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources. Logic App Contributor Lets you manage logic app, but not access to them. Logic App Operator Lets you read, enable and disable logic app. Managed Identity Contributor Create, Read, Update, and Delete User Assigned Identity Managed Identity Operator Read and Assign User Assigned Identity Monitoring Contributor Can read all monitoring data and edit monitoring settings. See also Get started with roles, permissions, and security with Azure Monitor. Monitoring Reader Can read all monitoring data (metrics, logs, etc.). See also Get started with roles, permissions, and security with Azure Monitor. Network Contributor Can manage all network resources New Relic APM Account Contributor Lets you manage New Relic Application Performance Management accounts and applications, but not access to them. Redis Cache Contributor Can manage Redis caches Scheduler Job Collections Contributor Can manage Scheduler job collections Search Service Contributor Can manage Search services Security Admin In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations Security Manager Can manage security components, security policies, and virtual machines Security Reader In Security Center only: Can view recommendations and alerts, view security policies, view security states, but cannot make changes Site Recovery Contributor Can manage all Site Recovery management actions, except creating Recovery Services vault and assigning access rights to other users Site Recovery Operator Can Failover and Failback but can not perform other Site Recovery management actions or assign access to other users Site Recovery Reader Can monitor Site Recovery status in Recovery Services vault and raise Support tickets SQL DB Contributor Can manage SQL databases but not their security-related policies SQL Security Manager Can manage the security-related policies of SQL servers and databases SQL Server Contributor Can manage SQL servers and databases but not their security-related policies Storage Account Contributor Can manage storage accounts, but not access to them. Storage Account Key Operator Service Role Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts Support Request Contributor Can create and manage support tickets at the subscription scope Traffic Manager Contributor Lets you manage Traffic Manager profiles, but does not let you control who has access to them. User Access Administrator Can manage user access to Azure resources Virtual Machine Administrator Login - Users with this role have the ability to login to a virtual machine with Windows administrator or Linux root user privileges. Virtual Machine Contributor Can manage virtual machines but not the virtual network or storage account to which they are connected Virtual Machine User Login Users with this role have the ability to login to a virtual machine as a regular user. Web Plan Contributor Can manage web plans Website Contributor Can manage websites but not the web plans to which they are connected and custom…
  • 20. © Microsoft Corporation Azure Policy https://docs.microsoft.com/en-gb/azure/azure-policy/azure-policy-introduction
  • 21. © Microsoft Corporation Identity & Access Management
  • 22. © Microsoft Corporation Subscription trusts one directory Microsoft Azure AD Active Directory User Groups Apps Devices Graph API Roles - Global Admin - User Admin - Etc. Identity management & Authentications App Support Team Virtual Machine Contributor and Website Contributor Development Team Virtual Machine Contributor and Website Contributor Network & Security Team Virtual Network Contributor and Virtual Machine Contributor Database Management Team SQL Server Contributor and SQL Security Manager Dev Subscription Test Subscription Production Subscriptions Platform Team Owner Storage & Backup Team Storage Account Contributor APPLICATION Per application policy , Client type, (Native apps, web apps) OTHER Location (IP Range), Risk Profile (future) DEVICES Is Domain Joined, Is Compliant, Platform type (IOS, Android, Windows) USER / GROUP ATTRIBUTES User identity, Group memberships, Auth Strength ➢ Allow ➢ Enforce MFA ➢ Block Azure IAM – AAD Integrated
  • 23. © Microsoft Corporation Azure AAD (B2E) – Basic Rules Single Directory Enforce MFA Operate JIT/JEA
  • 24. © Microsoft Corporation AAD & … https://kvaes.wordpress.com/2018/03/13/azure-subscription-management-beyond-the-101-aka-the-advanced-topics/ The Army of Portals
  • 26. © Microsoft Corporation Azure Networking Patterns in a growth model https://kvaes.wordpress.com/2017/10/02/azure-networking-blueprint-patterns-for-enterprises/ Island Mode Forced Tunneling NGFW Two Pairs (optional) Hub & Spoke
  • 29. © Microsoft Corporation Next Generation Firewall
  • 30. © Microsoft Corporation Next Generation Firewall – Two pairs
  • 31. © Microsoft Corporation Hub & Spoke https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke
  • 32. © Microsoft Corporation If you are reading this… You made it to the end! (withoutfallingasleep)
  • 34. © Copyright Microsoft Corporation. All rights reserved.