aka msIdentity aka msMark Grimes aka msAllergic To

  • Slides: 49
Download presentation

aka. ms/Identity aka. ms/Mark. Grimes aka. ms/Allergic. To. Code

aka. ms/Identity aka. ms/Mark. Grimes aka. ms/Allergic. To. Code

At the end of this session, you should be better able to… • Learn

At the end of this session, you should be better able to… • Learn some tips and tricks to prepare for the exam • Learn some real world stuff too!

aka. ms/Azure. Stack/Shortcuts aka. ms/Azure. Stack/Operator

aka. ms/Azure. Stack/Shortcuts aka. ms/Azure. Stack/Operator

Pay-as-you-use model • Extension of Azure business model • Fee for consumption: only pay

Pay-as-you-use model • Extension of Azure business model • Fee for consumption: only pay for services running on Azure Stack • No upfront licensing fees: don’t pay until you use the service • Simple bill management • • • One invoice with public Azure EA deployments consume same monetary commit as public Azure Available in EA and CSP channels Azure Stack Hosted and On-premises

 • For disconnected scenarios: no usage metering or connection to Azure commerce •

• For disconnected scenarios: no usage metering or connection to Azure commerce • Fixed fee, annual subscription: based on number of physical cores • License all physical cores on a stamp, with unlimited Iaa. S rights • Separate transaction from Azure: cannot use monetary commit, different billing • EA channel only Azure Stack Hosted and On-premises

Free trial account Hands-On Workshops/Labs Microsoft Virtual Academy azure. microsoft. com wrong START

Free trial account Hands-On Workshops/Labs Microsoft Virtual Academy azure. microsoft. com wrong START

Prepare Environment asdk-installer. ps 1 https: //aka. ms/ASDK/Deploy cd C: Cloud. DeploymentSetup. Install. Azure.

Prepare Environment asdk-installer. ps 1 https: //aka. ms/ASDK/Deploy cd C: Cloud. DeploymentSetup. Install. Azure. Stack. POC. ps 1 –Rerun

asdk-installer. ps 1

asdk-installer. ps 1

ASDK and Integrated System aka. ms/Azure. Stack/Registration

ASDK and Integrated System aka. ms/Azure. Stack/Registration

$Azure. Context = Get-Azure. Rm. Context $Cloud. Admin. Cred = Get-Credential -User. Name AZURESTACKCloud.

$Azure. Context = Get-Azure. Rm. Context $Cloud. Admin. Cred = Get-Credential -User. Name AZURESTACKCloud. Admin -Message "Enter the cloud domain credentials to access the privileged endpoint" Set-Azs. Registration ` -Cloud. Admin. Credential $Cloud. Admin. Cred ` -Privileged. Endpoint Az. S-ERCS 01 ` -Billing. Model Development

Connect Options Azure. StackAzure. Stack. Admin https: //portal. local. azurestack. external/ https: //adminportal. local.

Connect Options Azure. StackAzure. Stack. Admin https: //portal. local. azurestack. external/ https: //adminportal. local. azurestack. external/

# Configure Windows Remote Management (Win. RM), if it's not already configured. winrm quickconfig

# Configure Windows Remote Management (Win. RM), if it's not already configured. winrm quickconfig Set-Execution. Policy Remote. Signed # Import the Connect module. Import-Module. ConnectAzure. Stack. Connect. psm 1 # Add the development kit computer’s host IP address and certificate authority (CA) to the list of trusted hosts. Make sure you update the IP address and password values for your environment.

$host. IP = "<Azure Stack host IP address>" $Password = Convert. To-Secure. String `

$host. IP = "<Azure Stack host IP address>" $Password = Convert. To-Secure. String ` "<operator's password provided when deploying Azure Stack>" ` -As. Plain. Text ` -Force Set-Item wsman: localhostClientTrusted. Hosts ` -Value $host. IP ` -Concatenate # Create a VPN connection entry for the local user. Add-Azs. Vpn. Connection ` -Server. Address $host. IP ` -Password $Password

Azure Stack Integrated System east . azurestack. local. Allergic. To. Code. com User Portal

Azure Stack Integrated System east . azurestack. local. Allergic. To. Code. com User Portal = http: //portal. Operator Portal = http: //adminportal. aka. ms/Azure. Stack/DNS

Azure Stack Integrated System aka. ms/Azure. Stack/i. DNS

Azure Stack Integrated System aka. ms/Azure. Stack/i. DNS

ASDK & Integrated System Azure. Stack. Stamp. Deployment. Info aka. ms/Azure. Stack/Priv. End. Point

ASDK & Integrated System Azure. Stack. Stamp. Deployment. Info aka. ms/Azure. Stack/Priv. End. Point

# add the PEP as a trusted host on your hardware lifecycle host or

# add the PEP as a trusted host on your hardware lifecycle host or Privileged Access Workstation. winrm s winrm/config/client '@{Trusted. Hosts="<IP Address of Privileged Endpoint>"}’ # establish a remote session on the virtual machine that hosts the PEP: ## On an integrated system $cred = Get-Credential Enter-PSSession -Computer. Name <IP_address_of_ERCS>` -Configuration. Name Privileged. Endpoint -Credential $cred

# add the PEP as a trusted host on your hardware lifecycle host or

# add the PEP as a trusted host on your hardware lifecycle host or Privileged Access Workstation. winrm s winrm/config/client '@{Trusted. Hosts="<IP Address of Privileged Endpoint>"}' # establish a remote session on the virtual machine that hosts the PEP: # From an ASDK $cred = Get-Credential Enter-PSSession -Computer. Name azs-ercs 01` -Configuration. Name Privileged. Endpoint -Credential $cred

ASDK and Integrated System Marketplace Power. Shell

ASDK and Integrated System Marketplace Power. Shell

ASDK & Integrated System Microsoft. Web Offline aka. ms/Azure. Stack/App. Services

ASDK & Integrated System Microsoft. Web Offline aka. ms/Azure. Stack/App. Services

ASDK & Integrated System aka. ms/Azure. Stack/App. Services

ASDK & Integrated System aka. ms/Azure. Stack/App. Services

ASDK & Integrated System aka. ms/Azure. Stack/App. Services

ASDK & Integrated System aka. ms/Azure. Stack/App. Services

Resource Providers aka. ms/Azure. Stack/SQL aka. ms/Azure. Stack/My. SQL

Resource Providers aka. ms/Azure. Stack/SQL aka. ms/Azure. Stack/My. SQL

ASDK & Integrated Systems

ASDK & Integrated Systems

ASDK & Integrated Systems aka. ms/Azure. Stack/Plans

ASDK & Integrated Systems aka. ms/Azure. Stack/Plans

ASDK & Integrated System Changes not immediately available to users! aka. ms/Azure. Stack/Offer

ASDK & Integrated System Changes not immediately available to users! aka. ms/Azure. Stack/Offer

Admin Portal Admin ARM igaad 1. onmicrosoft. com Azure Stack aka. ms/Azure. Stack/Multitenancy Azure

Admin Portal Admin ARM igaad 1. onmicrosoft. com Azure Stack aka. ms/Azure. Stack/Multitenancy Azure Active Directory

Admin Portal Admin ARM fabrikam. onmicrosoft. com contoso. onmicrosoft. com Azure Stack aka. ms/Azure.

Admin Portal Admin ARM fabrikam. onmicrosoft. com contoso. onmicrosoft. com Azure Stack aka. ms/Azure. Stack/Multitenancy Fabrikam. com

ASDKS & Integrated Systems azpkg aka. ms/Azure. Stack/Marketplace

ASDKS & Integrated Systems azpkg aka. ms/Azure. Stack/Marketplace

aka. ms/Azure. Stack/Publish

aka. ms/Azure. Stack/Publish

Two key concepts Role definitions • • Describes the set of permissions (e. g.

Two key concepts Role definitions • • Describes the set of permissions (e. g. read actions) Can be used in multiple assignments Role assignments • • Associate role definitions with an identity (e. g. user/group) at a scope (e. g. resource group) Always inherited – subscription assignments apply to all resources

Goal Best practices

Goal Best practices

View Health of Components aka. ms/Azure. Stack/Monitor

View Health of Components aka. ms/Azure. Stack/Monitor

ASDK & Integrated Systems Paa. S Iaa. S Tenant space Azure Infrastructure Admin space

ASDK & Integrated Systems Paa. S Iaa. S Tenant space Azure Infrastructure Admin space This first flavor of backup just grabs the infrastructure services’ data… Start-Azs. Backup External File Share aka. ms/Azure. Stack/Backup

Azure Stack Integrated Systems

Azure Stack Integrated Systems

Azure Stack Integrated Systems Latest update Prerequisite 1711 1712 1801 1710 1711 1712 1803

Azure Stack Integrated Systems Latest update Prerequisite 1711 1712 1801 1710 1711 1712 1803 1804 1801 1803

Manage Storage Capacity Block Blob Subscription Resource Storage CRITICAL Group Container Append Blob Page

Manage Storage Capacity Block Blob Subscription Resource Storage CRITICAL Group Container Append Blob Page Blob Account Table Reclaim Space Migrate a container aka. ms/Azure. Stack/Storage Queue aka. ms/Azure. Stack/Capacity

 • Applies to Iaa. S model in both Azure and Azure Stack •

• Applies to Iaa. S model in both Azure and Azure Stack • Gallery items, ARM templates, Sysprep’d disk copies, snapshots…

ASDK & Integrated System Get-Azure. Stack. Log ASDK versus Integrated System aka. ms/Azure. Stack/Diagnostics

ASDK & Integrated System Get-Azure. Stack. Log ASDK versus Integrated System aka. ms/Azure. Stack/Diagnostics

aka. ms/70 -537 aka. ms/Azure/Learn aka. ms/Azure. Stack/Shortcuts

aka. ms/70 -537 aka. ms/Azure/Learn aka. ms/Azure. Stack/Shortcuts