Service Principal(SP)

A service account is a privileged user account used to authenticate using a username and password.
Azure service principal is a user identity not a user(an identity for an application- can be set up to use a username and password or a certificate for authentication)

Create SP using cloud shell

login

az login
az account list –output table
az account set –subscription

create service principal

az ad sp create-for-rbac –role=”Contributor”
–scopes=”/subscriptions/SUBSCRIPTION_ID”

az ad sp create-for-rbac –role=”Contributor”
–scopes=”/subscriptions/SUBSCRIPTION_ID” –name=”Azure-DevOps”

Azure Queue Storage

Azure Queue Storage is a service for storing large numbers of messages.
Azure Queue Storage provides cloud messaging between application components and can access messages from anywhere in the world via authenticated calls using HTTP or HTTPS.
A queue message can be up to 64 KB in size. A queue may contain millions of messages, up to the total capacity limit of a storage account. Queues are commonly used to create a backlog of work to process asynchronously.

URL format: Queues are addressable using the following URL format: http://.queue.core.windows.net/

How to create Queue storage account

azure-queue-storageDownload

Create custom Ubuntu Azure template

Creating a Linux-based virtual machine in Azure requited to create/existing resource group
Generate key pair to connect the system using SSH

Create SSH Key Pair
Using putty keygen, create pub key and upload to Azure template
For creating ,generate tab and move mouse and it generate public keypair.
save private key pair locally to connect the new systems using this key pair

Once created the template, use the template for new systems and use the private key pair to connect the systems newly created from the template.

Using PS
New-AzResourceGroupDeployment -ResourceGroupName -TemplateUri

Using azure cli

az group deployment create –resource-group –template-uri

Using ARM template
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/create-ssh-secured-vm-from-template
Quickstart templates
https://azure.microsoft.com/en-in/resources/templates/

Service Tags

A service tag represents a group of IP address prefixes from a given Azure service. Microsoft manages the address prefixes encompassed by the service tag and automatically updates the service tag as addresses change, minimizing the complexity of frequent updates to network security rules.
You can use service tags to define network access controls on network security groups or Azure Firewall. Use service tags in place of specific IP addresses when you create security rules. By specifying the service tag name, such as ApiManagement, in the appropriate source or destination field of a rule, you can allow or deny the traffic for the corresponding service.

You can use service tags to achieve network isolation and protect your Azure resources from the general Internet while accessing Azure services that have public endpoints. Create inbound/outbound network security group rules to deny traffic to/from Internet and allow traffic to/from AzureCloud or other available service tags of specific Azure services.

It is suitable for rules that cover inbound or outbound traffic regional scope and Azure Firewall rules.

Eg.Storage,Virtualnetwork,servicefabric,datalake,LB etc

Add or Remove a Microsoft account payment method

To pay invoices in the Azure portal, you must have the correct MCA permissions or be the Billing Account admin. The Billing Account admin is the user who originally signed up for the MCA account.If you have a payment method for your Microsoft account that you’re no longer using, or that has expired, you can remove it.

add-or-delete Azure payment methods

Install .net and Publish to Azure repo

Here will describe how to install .net on Ubuntu and Publish to Azure repository to use to build projects.

dotnetproj-ubuntu

Azure File Sync Service

Azure File Sync to centralize your organization’s file shares in Azure Files, while keeping the
flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms
Windows Server into a quick cache of your Azure file share. You can use any protocol that’s available
on Windows Server to access your data locally, including SMB, NFS, and FTPS. You can have as many
caches as you need across the world.

Azure File Sync

Azure File service

Azure Files fully managed file shares in the Azure cloud that are accessible via the industry standard Server Message Block (SMB 3.0) protocol or Network File System (NFS) protocol.
It can concurrently mounted by cloud VM or on-premises Systems.
Azure Files SMB file shares are accessible from Windows, Linux, and macOS clients and NFS file shares are accessible from Linux or macOS clients.

azurefileshare

Set up Azure DNS

Azure DNS is a hosting service for DNS domains (Can’t use Azure DNS to buy a domain name. You need to buy a domain name from a third-party domain name registrar) that provides name resolution by using Microsoft Azure infrastructure (Your domains hosted in Azure DNS for record management).
Below the document shows how to set up.

Azure DNS

Configuring route53 hosted domain

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It
is a reliable and cost effective way to route end users to Internet applications by translating names
like http://www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect
to each other.This can connects user requests to infrastructure running in AWS – such as Amazon
EC2 instances, Elastic Load Balancing load balancer, or Amazon S3 buckets – and can also be used to
route users to infrastructure outside of AWS.

Below document shows how to configure use

route53-hosteddomain