8.4 Azure Management

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

7 hours 31 minutes
Video Transcription
all right, all you cloud heads. It's time to put on your suit. Tie your trench coat and your fedora because his cloud managers and administrators, we have to head into the office and deal with those pesky and users who have locked themselves out again of their cloud because they pounded in the wrong password too many times and accounting because
all are really great. Cloud service is, well, it's getting a little spending
secure up. Don't forget your subway pass and let's manage this thing before it gets out of hand.
So as a cloud administrator, we have two primary responsibilities. Configure the Cloud Management Service and monitor and manage those service is It was a member of our organization's Cloud Administrator group because we were made at Mons in our azure active directory. Yea, we have a lot of things that we need to do from preparing. Our cloud service is toe watching them and helping improve them.
We have to prepare our cloud service is preparation includes a lot of steps from running discovery on our resources and using cloud migration tools
to reviewing approve sizing and configuration templates of our proposed cloud platform pricing tagging and filtering rules. And what is our proposed customized and user experience? Going to look like this will depend on the provisioning rules we select and the policies we set up in our user interface.
We have two provisions are service. Stand up are instances validate or CPU memory and storage.
Make sure we're reachable and working and that we've set up all our logging, management and reporting functions we need to develop if we don't have one or utilize it already. A change request process changes. Door cloud have to be proposed, approved, scheduled, tested, documented. And we might even need a project manager
to coordinate everything for us from scheduling maintenance windows, defending and approving our testing plans.
Once we have everything provisioned and working out or KP eyes look, are we running to lean or too hot? What is our end user adoption looking like? And how are we servicing our customers? And is the cloud service performing as expected? And hopefully it's under budget.
We have to make sure we're backing up. Our service is and our data and we have all our site Recovery service is in place and tested,
and we need to make sure we have the proper recovery points enabled. Losing a few hours of data might be okay. But losing a week's worth of data? Well, that could just put us out of business. And we must be ever vigilant and ever watchful over security posture. Do we have the right technical controls in place from firewalls and encryption, toe identity and access management?
A secure cloud is the only cloud we can afford
to maintain the list of duties, roles and responsibilities of a cloud admin or a lot longer than this. And if you're performing at well, well, it could be a highly rewarding professional career path. If your performance is less than stellar, the job can be stressful and and there just might be a job opening over and parking or over in the warehouse.
So please keep checking the company's internal job postings.
So as a certified as your administrator, part of your job is to use the Azure Cloud Administration portal to view charts and reports on metrics, resource optimization, chargebacks and requests for virtual assets. Now chargebacks air worth noting and you see chargebacks a lot and Cloud service is so let's see your organization as a cloud bill for this great platform you're using
to service your customers.
Well, when the bill shows up, does the company just pay the bill? No questions asked. Or do we want to build a company's team who uses it to service your customers? Like cross charging the accounting team for their portion of the cloud bill while also cross building the sales team for their portion of the bill?
Chargebacks help organizations hold their departments accountable and responsible for their cloud usage,
and also helps keep them in check to make sure they're not asking for resource is that they're not going to use. And more importantly, instead of just getting a cloud bill, the use of chargebacks will provide you the cloud administrator, your manager, the head of I T and then the senior management team. Visibility and the reasons behind your I T costs.
This helps frame budgets for more cloud service is more cloud supporting personnel and happier customers and end users, because the organization knows now
what cloud resource is air really being used and how much of those resource is a required.
So another responsibility you're gonna have a za cloud, administrators to activate and monitor service level agreements with your cloud provider. When you activate a cloud service like a news, your virtual machine or in is your backup service Ukraine Service Level Agreements and S. L. A's and operational level agreements, or ol ays to a cloud provider like Microsoft
and S. L. A is a financial commitment to achieve
and maintain the service levels for each service. If the provider doesn't maintain the service levels for each service has described in the S L. A, then you might be eligible for a credit towards a portion of your monthly service fees. The slide shows an actual capture from a current Microsoft Online service level agreement. As you could see, this portion of the S. L. A
is referencing service down time and service disruption
as a measurement that could hold Microsoft accountable. A No. L. A. Or an operational level agreement is what the provider as a whole is promising. Your team, like the provider, promises to patch their software, maintain their networking infrastructure and provide redundant and diverse power generation to minimize power disruption.
So in Ole is an operational assurance that the provider is going to do what they say they're going to do
so if you like being in control and being in charge while you are as an azure cloud administrator, an active directory, for example, you can give rolls and privileges to some of your users so that they can provision as your service is, and create new roles and responsibilities in the azure cloud platform. But this is the fun one
when they want to effect change. You were first notified, and you must approve the new service or their new change before the azure portal allows. Their new service is and they're changes to actually go into effect
controls the rows of responsibilities are managed and maintained through as your identity and access management service. And you, well, you're the boss. You get to be in charge. So another really cool service that you get to manage and maintain as an azure administrator are these things called templates or images. And so let me give you an example.
We're gonna go over here to service is
and and down under here, under compute, we're gonna click on images. So when images, a template and so what a template is is as long as I want to ah, sign, say, a new image for, ah, Windows machine or a Linux machine or I want to create a new storage instance. Whatever that is, I can create it
so that when I apply that template and I use that template to stand up that new service, it configures that new platform that new instance with the exact same configuration exact same service is with the exact same CPU and memory and storage, or whatever the resiliency and availability options are,
it does it that same way every time because I've created
template. So what I'm gonna do here is I'm gonna create a nem image template for a new Windows machine, or I'm going to go over here and create an image template for a new Lenox machine. So I'm gonna give it a name.
I'm gonna choose the subscription service, and I'm gonna give it a resource group. So what resources do I want to assign this virtual machine to on? Then I want to give it a a regional location, and then maybe I want some resiliency. So I want to create that instance and I wanted to be resilience resilient across a couple of different availability zones.
I want to give it some storage. And then what kind of hard drives do I want to give it premium, solid state flash drives or
or spinning disc host cashing and then maybe some additional data for resiliency? Or maybe I need more storage than what I get with just a single drive. And then when I create my image now what happens is I have an image that I have approved. And so when my user behind me
that's authorized via group
policy to stand up and provisioned a new virtual machine, well, that's great when they when they add when they access the azure global catalogue and they see that, Hey, they can stand up a new Windows instance. But they're only going to see in that catalogue my template that I've approved. So,
yeah, they're gonna be able to stand up a new Windows machine, but they're only going to be able to stand it up with my approved V CPU, my memory, my storage and my availability zones and my regional settings.
So what set up the exactly the way I want tohave it done and approved and I'm willing to pay for and no surprises when my clown bill shows up because they didn't stand up this great, big, huge giant Windows server when all they need is this little one
really cool stuff and the power of being a cloud admin.
So thank you for the privilege to be your cloud architecture foundations. Instructor. I hope you found the experience helpful and that you're even more excited to be in the I t field and that your head is literally in the clouds. It's been an honor. Look for me on the social networks. I will always try to make myself available to help you succeed in this amazing industry. I hope to see you soon. And so, for now
I'm gonna wish you and all of the users on your network
best to success. Take care,
be good to those end users. And remember
happy packets
Up Next