Skill 5.1 - Managing Azure Subscriptions and Resource Groups

Logical groupings of resources or single-service instances

To create, assign, and manage policies that enforce governance in Azure environment

Azure RBAC is default deny with explicit allow, while Policy is default allow with explicit deny

<p>Desired behavior for Azure resources at the time of creation or update</p> Signup and view all the answers

<p>Management Groups, Subscriptions, Resource Groups</p> Signup and view all the answers

<p>No, each resource can only exist in one resource group</p> Signup and view all the answers

<p>To define areas where policies should not be applied</p> Signup and view all the answers

<p>By expressing governance rules at a specified scope regardless of RBAC assignments</p> Signup and view all the answers

<p>Define what should happen when a resource is non-compliant</p> Signup and view all the answers

<p>Enforcing rules, applying tags automatically, and ensuring data sovereignty</p> Signup and view all the answers

<p>To prevent accidental deletion or modification of resources.</p> Signup and view all the answers

<p>CanNotDelete locks prevent deletion of a resource, while ReadOnly locks prevent modification of a resource.</p> Signup and view all the answers

<p>Resource Locks can be applied to subscription, resource group, and resource scopes.</p> Signup and view all the answers

<p>To apply custom metadata for logical organization of resources and building custom taxonomies.</p> Signup and view all the answers

<p>Tag names cannot exceed 512 characters, and tag values cannot exceed 256 characters.</p> Signup and view all the answers

<p>Azure Policy can be used to automatically apply tags to resources.</p> Signup and view all the answers

<p>Replace, Merge, Delete.</p> Signup and view all the answers

<p>Microsoft recommends that all resources in a resource group share the same lifecycle.</p> Signup and view all the answers

<p>Both write and delete operations to the Azure resource will be blocked temporarily.</p> Signup and view all the answers

<p>No, a resource group cannot be nested in another resource group.</p> Signup and view all the answers

<p>Another account</p> Signup and view all the answers

<p>800</p> Signup and view all the answers

<p>200</p> Signup and view all the answers

<p>Contributor</p> Signup and view all the answers

<p>Set alerts for spending thresholds</p> Signup and view all the answers

<p>Reduce overhead, Enforcement, Reporting</p> Signup and view all the answers

<p>Track consumption logically, Implement chargebacks</p> Signup and view all the answers

<p>Users with Contributor rights or higher</p> Signup and view all the answers

<p>Budgets are for monitoring spend, Resource Limits can stop resource creation</p> Signup and view all the answers

<p>Management group level</p> Signup and view all the answers

<p>Performing cost analysis, setting per-subscription budgets and alerts, setting recommendations for optimization, exporting cost management data</p> Signup and view all the answers

<p>By scopes and a user must have at least read access</p> Signup and view all the answers

<p>To generate a new template from existing resources which is a snapshot of the current state of the resource group</p> Signup and view all the answers

<p>It retrieves an exact copy of a template used for deployment, specifying the deployment from the deployment history</p> Signup and view all the answers

<p>At least read access</p> Signup and view all the answers

<p>By exporting a template from a resource group or resource, or saving from history</p> Signup and view all the answers

<p>A 'snapshot' of the current state of the resource group</p> Signup and view all the answers

<p>Export from resource group or resource, Save from history</p> Signup and view all the answers

<p>By using the features provided in Cost Management</p> Signup and view all the answers

<p>To help manage costs effectively and receive notifications when thresholds are reached</p> Signup and view all the answers