Podcast Beta
Questions and Answers
What type of authentication should be configured for the API Management service instance?
Is configuring Basic gateway credentials considered a suitable solution based on the scenario provided?
Where should the Client cert gateway credentials be configured?
If the API back end is hosted in an Azure App Service instance, can HTTP(s) endpoints serve as the gateway credentials according to the information provided?
Signup and view all the answers
Which of the following is not a recommended authentication method for securing access to the back-end service of an API?
Signup and view all the answers
What strategy should be followed to ensure secure access to the back-end API service?
Signup and view all the answers
What deployment slots are mentioned in the scenario?
Signup and view all the answers
What action is suggested to be taken before a swap operation?
Signup and view all the answers
What configuration element should be updated for custom warm-up actions before a swap?
Signup and view all the answers
Which slot should auto swap be enabled for according to the scenario?
Signup and view all the answers
What does the web.config file need to include for custom warm-up before a swap?
Signup and view all the answers
Which element allows specifying custom warm-up actions in the scenario?
Signup and view all the answers
What feature can be used in an Azure Function app to enable developers to write functions in any language?
Signup and view all the answers
Which feature in an Azure Function app allows for a declarative connection to Azure Blob Storage?
Signup and view all the answers
How many triggers can a function have in an Azure Function app?
Signup and view all the answers
Which binding type connects data to code declaratively in an Azure Function app?
Signup and view all the answers
In Azure Function apps, what can you use to define how data is connected to your function's code?
Signup and view all the answers
Which feature in an Azure Function app allows functions to consume messages from a storage queue?
Signup and view all the answers
What are common Blob storage event scenarios?
Signup and view all the answers
Which kind of storage accounts support event integration?
Signup and view all the answers
Where can an ASP.NET application access the client certificate during client certificate authentication?
Signup and view all the answers
How is the client certificate encoded in the request header for applications other than ASP.NET when using TLS mutual authentication?
Signup and view all the answers
What can an application do with the base64 encoded client certificate value in the 'X-ARR-ClientCert' header?
Signup and view all the answers
Why does Storage (general purpose v1) not support integration with Event Grid?
Signup and view all the answers
What type of managed identity do Key Vault references support?
Signup and view all the answers
When creating an access policy in Key Vault for the application identity, which permission should you enable?
Signup and view all the answers
Why should you not configure the 'authorized application' or applicationId settings in the access policy for Key Vault?
Signup and view all the answers
What is the recommended approach to host a website in Azure that expects high traffic volumes while minimizing costs?
Signup and view all the answers
What should you configure to ensure the website remains available and responsive during peak traffic on Azure App Service?
Signup and view all the answers
Why is deploying the website to a virtual machine not the ideal choice to ensure availability and minimize costs for a high-traffic website?
Signup and view all the answers
Study Notes
Log Alert Rule
- The object is passed to the command that creates Log Alert Rule.
- Reference: https://docs.microsoft.com/en-us/powershell/module/az.monitor/new-azscheduledqueryrule
Azure Function App
- Custom handlers can be used to create functions in any language or runtime by running an HTTP server process, for example Go or Rust.
- Triggers are used to invoke functions and can have exactly one trigger.
- Bindings provide a declarative way to connect data to your code.
- Azure Storage events allow applications to react to events.
- Storage (general purpose v1) does not support integration with Event Grid.
Azure Web App
- TLS mutual authentication can be configured for the web app.
- Client certificate can be accessed through the HttpRequest.ClientCertificate property in ASP.NET.
- Client cert can be available through a base64 encoded value in the "X-ARR-ClientCert" request header.
- Create a system-assigned managed identity for the application.
- Create an access policy in Key Vault for the application identity.
Website Deployment
- Deploy the website to an App Service that uses the Standard service tier.
- Configure the App Service plan to automatically scale when the CPU load is high.
API Management
- Basic gateway credentials can be used to secure access to the back-end service of an API.
- Client cert gateway credentials cannot be used for Azure resource.
- API back end is hosted in an Azure App Service instance, which is an Azure resource and not an HTTP(s) endpoint.
Deployment Slots
- Auto swap can be enabled on the Production deployment slot.
- Update the web.config file to include the applicationInitialization configuration element to specify custom initialization actions.
- The swap operation waits for this custom warm-up to finish before swapping with the target slot.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on configuring back-end authentication for API Management service instances. Determine if the solution of configuring Basic gateway credentials for an Azure resource meets the goal. Reference materials included.
