Podcast
Questions and Answers
What type of authentication should be configured for the API Management service instance?
What type of authentication should be configured for the API Management service instance?
- API key validation
- OAuth authorization
- Client certificate gateway credentials (correct)
- Basic gateway credentials
Is configuring Basic gateway credentials considered a suitable solution based on the scenario provided?
Is configuring Basic gateway credentials considered a suitable solution based on the scenario provided?
- Yes
- No (correct)
- JWT authentication
- OAuth token
Where should the Client cert gateway credentials be configured?
Where should the Client cert gateway credentials be configured?
- Azure Resource Manager
- API Management service instance (correct)
- Azure App Service instance
- Azure Key Vault
If the API back end is hosted in an Azure App Service instance, can HTTP(s) endpoints serve as the gateway credentials according to the information provided?
If the API back end is hosted in an Azure App Service instance, can HTTP(s) endpoints serve as the gateway credentials according to the information provided?
Which of the following is not a recommended authentication method for securing access to the back-end service of an API?
Which of the following is not a recommended authentication method for securing access to the back-end service of an API?
What strategy should be followed to ensure secure access to the back-end API service?
What strategy should be followed to ensure secure access to the back-end API service?
What deployment slots are mentioned in the scenario?
What deployment slots are mentioned in the scenario?
What action is suggested to be taken before a swap operation?
What action is suggested to be taken before a swap operation?
What configuration element should be updated for custom warm-up actions before a swap?
What configuration element should be updated for custom warm-up actions before a swap?
Which slot should auto swap be enabled for according to the scenario?
Which slot should auto swap be enabled for according to the scenario?
What does the web.config file need to include for custom warm-up before a swap?
What does the web.config file need to include for custom warm-up before a swap?
Which element allows specifying custom warm-up actions in the scenario?
Which element allows specifying custom warm-up actions in the scenario?
What feature can be used in an Azure Function app to enable developers to write functions in any language?
What feature can be used in an Azure Function app to enable developers to write functions in any language?
Which feature in an Azure Function app allows for a declarative connection to Azure Blob Storage?
Which feature in an Azure Function app allows for a declarative connection to Azure Blob Storage?
How many triggers can a function have in an Azure Function app?
How many triggers can a function have in an Azure Function app?
Which binding type connects data to code declaratively in an Azure Function app?
Which binding type connects data to code declaratively in an Azure Function app?
In Azure Function apps, what can you use to define how data is connected to your function's code?
In Azure Function apps, what can you use to define how data is connected to your function's code?
Which feature in an Azure Function app allows functions to consume messages from a storage queue?
Which feature in an Azure Function app allows functions to consume messages from a storage queue?
What are common Blob storage event scenarios?
What are common Blob storage event scenarios?
Which kind of storage accounts support event integration?
Which kind of storage accounts support event integration?
Where can an ASP.NET application access the client certificate during client certificate authentication?
Where can an ASP.NET application access the client certificate during client certificate authentication?
How is the client certificate encoded in the request header for applications other than ASP.NET when using TLS mutual authentication?
How is the client certificate encoded in the request header for applications other than ASP.NET when using TLS mutual authentication?
What can an application do with the base64 encoded client certificate value in the 'X-ARR-ClientCert' header?
What can an application do with the base64 encoded client certificate value in the 'X-ARR-ClientCert' header?
Why does Storage (general purpose v1) not support integration with Event Grid?
Why does Storage (general purpose v1) not support integration with Event Grid?
What type of managed identity do Key Vault references support?
What type of managed identity do Key Vault references support?
When creating an access policy in Key Vault for the application identity, which permission should you enable?
When creating an access policy in Key Vault for the application identity, which permission should you enable?
Why should you not configure the 'authorized application' or applicationId settings in the access policy for Key Vault?
Why should you not configure the 'authorized application' or applicationId settings in the access policy for Key Vault?
What is the recommended approach to host a website in Azure that expects high traffic volumes while minimizing costs?
What is the recommended approach to host a website in Azure that expects high traffic volumes while minimizing costs?
What should you configure to ensure the website remains available and responsive during peak traffic on Azure App Service?
What should you configure to ensure the website remains available and responsive during peak traffic on Azure App Service?
Why is deploying the website to a virtual machine not the ideal choice to ensure availability and minimize costs for a high-traffic website?
Why is deploying the website to a virtual machine not the ideal choice to ensure availability and minimize costs for a high-traffic website?
Study Notes
Log Alert Rule
- The object is passed to the command that creates Log Alert Rule.
- Reference: https://docs.microsoft.com/en-us/powershell/module/az.monitor/new-azscheduledqueryrule
Azure Function App
- Custom handlers can be used to create functions in any language or runtime by running an HTTP server process, for example Go or Rust.
- Triggers are used to invoke functions and can have exactly one trigger.
- Bindings provide a declarative way to connect data to your code.
- Azure Storage events allow applications to react to events.
- Storage (general purpose v1) does not support integration with Event Grid.
Azure Web App
- TLS mutual authentication can be configured for the web app.
- Client certificate can be accessed through the HttpRequest.ClientCertificate property in ASP.NET.
- Client cert can be available through a base64 encoded value in the "X-ARR-ClientCert" request header.
- Create a system-assigned managed identity for the application.
- Create an access policy in Key Vault for the application identity.
Website Deployment
- Deploy the website to an App Service that uses the Standard service tier.
- Configure the App Service plan to automatically scale when the CPU load is high.
API Management
- Basic gateway credentials can be used to secure access to the back-end service of an API.
- Client cert gateway credentials cannot be used for Azure resource.
- API back end is hosted in an Azure App Service instance, which is an Azure resource and not an HTTP(s) endpoint.
Deployment Slots
- Auto swap can be enabled on the Production deployment slot.
- Update the web.config file to include the applicationInitialization configuration element to specify custom initialization actions.
- The swap operation waits for this custom warm-up to finish before swapping with the target slot.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on configuring back-end authentication for API Management service instances. Determine if the solution of configuring Basic gateway credentials for an Azure resource meets the goal. Reference materials included.
