This Learn On Demand Pro Series is part of a Career Path: Become a System Administrator
This Configure a Virtual Network Service Endpoint learn on-demand lab will help students to learn how to secure assets by securing endpoints. Learners are introduced to a vital concept such as key vault, how to configure a service endpoint, how to configure an application's virtual network, and back-end subnet.
What are Virtual Network service endpoints?
Virtual Network (VNet) service endpoints are responsible for extending the virtual network private address scope. The endpoints also stretch the connections of the VNet to the Azure and enable security architects to protect important Azure resources.
This easy to understand lab is important for people who want to dive into the world of security architect and Azure administration.
What Does the Configure a Virtual Network Service Endpoint Lab Cover?
The lab covers the real-world challenge of an Azure administrator. For example,you are working as an Azure administrator and you have been assigned to configure an access to the Azure Key Vault service endpoint from an application's back-end tier. In this lab, you will accomplish following key topics:
How to create a secret in Azure Key Vault?
In this step, you will have to sign in to the Azure portal as an administrator. After that, in the key vault, you will create a new secret. The key vault in Azure secures the cryptographic keys and secrets. By using Key Vault, you can encrypt secrets, such as:
- Authentication keys
- Data encryption keys
- pfx files
- Storage account keys
How to configure the subnet?
In this step, you will add a rule in the network security group and set a source for the virtual network. You will also learn how to set the address to the service tag and set the target port range.
How to configure the VNet service endpoint?
In this step, you will configure the key vault to allow access from only your virtual network and backend subnet. You will also learn how to restart Cloud Shell, and again try to utilize the Azure to access secrets.
The virtual network service endpoints allow administrators to attach specific platforms into the virtual networks. This concept is important because with the help of this, virtual machines can communicate with Azure SQL and Azure Storage accounts.
Once you authorize service endpoints in your virtual network, you can attach a virtual network rule to defend the Azure service resources. The rule extension gives enhanced security by eliminating public internet access to devices and passing traffic only from the virtual network.
This learn on demand lab will help students to learn one of the most important concepts of Microsoft Azure. The topics covered in this lab are required in many vital job roles like:
- Enterprise Architect
- Network Administrator
- System Administrator
- Azure Administrator
- Security Analyst.
After completing this lab, you will learn what it takes to become a Virtual Network Endpoint Specialist.Take a "Configure a Virtual Network Service Endpoint" lab to get an understanding of how endpoints work with MS Azure in as little as 45 minutes. Follow step-by-step instructions to learn, and practice a use case.