Fix resources for Feb 2022 delivery

az-305-cert-study-blueprint.md

@@ -0,0 +1,83 @@
+# Tim's AZ-305 Certification Study Resources
+
+## About the exam
+
+* [Azure Solutions Architect Expert certification](https://docs.microsoft.com/en-us/learn/certifications/azure-solutions-architect/)
+* [Exam AZ-305 exam page](https://docs.microsoft.com/en-us/learn/certifications/exams/az-305)
+* [Microsoft Learn blog](https://techcommunity.microsoft.com/t5/microsoft-learn-blog/bg-p/MicrosoftLearnBlog)
+* [Microsoft cert renewal announcement](https://techcommunity.microsoft.com/t5/microsoft-learn-blog/is-your-certification-expiring-soon-renew-it-for-free-today/ba-p/2150405)
+* [Microsoft Learn exam validity announcement](https://techcommunity.microsoft.com/t5/microsoft-learn-blog/reminder-role-based-and-specialty-certifications-to-be-valid-for/ba-p/2150406)
+* [MS Learning Exam Policies and FAQ](https://www.microsoft.com/en-us/learning/certification-exam-policies.aspx)
+* [Microsoft online testing with Pearson Vue](https://docs.microsoft.com/en-us/learn/certifications/online-exams)
+* [Microsoft Certification Dashboard](https://aka.ms/certdashboard)
+* [Tim's online testing help video](https://www.youtube.com/watch?v=myf6r5nulj0&feature=youtu.be)
+* [Exam scoring and score reports](https://docs.microsoft.com/en-us/learn/certifications/exam-scoring-reports)
+* [Pearson VUE Grievance](https://home.pearsonvue.com/microsoft/contact)
+* [Microsoft Policies and FAQs](https://docs.microsoft.com/en-us/learn/certifications/certification-exam-policies)
+
+## Conceptual learning
+
+* [AZ-305 Class Topology](https://lucid.app/lucidchart/5b4214cf-b00b-400d-80ff-c15572f57904/view?page=0_0#)
+* [Tim's ARM templates tutorial](https://timwinfo-my.sharepoint.com/:x:/g/personal/tim_timw_info/EQRooL1BhnRMjaIx6WEovRYBDXbzHOI1CrtpNls3zesDHw?rtime=rMc-0Xbz2Eg)
+* [Adam Marczak's ARM templates tutorial](https://www.youtube.com/watch?v=Ge_Sp-1lWZ4&t=876s)
+* [Sam Cogan's ARM templates tutorial](https://www.youtube.com/watch?v=9EpBiud48Ao)
+* [Azure Documentation](https://docs.microsoft.com/en-us/azure/)
+* [Azure Architecture Center](https://docs.microsoft.com/bs-cyrl-ba/azure/architecture/)
+* [Well-Architected Framework](https://docs.microsoft.com/en-us/azure/architecture/framework/)
+* [Cloud Adoption Framework](https://docs.microsoft.com/en-us/azure/architecture/cloud-adoption/)
+* [Azure Application Architecture Guide](https://docs.microsoft.com/en-us/azure/architecture/guide/)
+* [Azure Solutions Architectures](https://azure.microsoft.com/en-us/solutions/architecture/)
+* [Azure SLAs](https://azure.microsoft.com/en-us/support/legal/sla/)
+* [Azure preview feature terms of use](https://azure.microsoft.com/en-us/support/legal/preview-supplemental-terms/)
+* [ARM template test toolkit](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/test-toolkit)
+* [Azure Quickstart Templates](https://azure.microsoft.com/en-us/resources/templates/)
+* [Secure DevOps Kit for Azure](https://azsk.azurewebsites.net/)
+* [Azure for AWS Professionals](https://docs.microsoft.com/en-us/azure/architecture/aws-professional/)
+* [Azure for Google Cloud Professionals](https://docs.microsoft.com/en-us/azure/architecture/gcp-professional/)
+
+## Practice exams
+
+* [MS Learning offers](https://www.microsoft.com/en-us/learning/offers.aspx)
+* [MeasureUp AZ-304](https://www.measureup.com/official-practice-test-az-304-microsoft-azure-architect-design.html)
+* [Whizlabs AZ-304](https://www.whizlabs.com/microsoft-azure-certification-az-304/)
+* [Tim's Practice Exam Comparison video](https://www.youtube.com/watch?v=_aH4DbpcJWA&t=2s)
+
+## Building Your toolset
+
+* [Visual Studio Code](https://code.visualstudio.com/)
+* Extensions
+  * [PowerShell](https://marketplace.visualstudio.com/items?itemName=ms-vscode.PowerShell)
+  * [Azure Account](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azure-account)
+  * [ARM Tools](https://marketplace.visualstudio.com/items?itemName=msazurermtools.azurerm-vscode-tools)
+  * [Azure CLI Tools](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azurecli)
+  * [Bicep](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-bicep)
+* [PowerShell 7](https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell)
+* [Azure PowerShell](https://docs.microsoft.com/en-us/powershell/azure/install-az-ps)
+* [Azure Bicep](https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/install)
+* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
+* [Azure Storage Explorer](https://azure.microsoft.com/en-us/features/storage-explorer/)
+* A[zure Data Studio](https://docs.microsoft.com/en-us/sql/azure-data-studio/download-azure-data-studio)
+* [AzCopy](https://docs.microsoft.com/en-us/azure/storage/common/storage-use-azcopy-v10)
+* [Tim's Recommended Visual Studio Code Tutorial](https://vscode.pro/)
+* [Lucidchart](https://www.lucidchart.com/pages/)
+* [Sandro's Azure Visio Stencils and Icons](https://blog.sandro-pereira.com/2021/06/21/microsoft-integration-and-azure-stencils-pack-for-visio-new-version-available-v7-2-0/)
+
+## Azure Bicep
+
+* [Bicep Playground](https://bicepdemo.z22.web.core.windows.net/)
+* [im's Frankenstein project](https://github.com/timothywarner/frankenstein)
+* [Azure Bicep tutorial](https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/learn-bicep)
+* [Tim's Frankenstein project](https://github.com/timothywarner/frankenstein)
+
+## Hands-on skill development
+
+* [Microsoft Learn](https://docs.microsoft.com/en-us/learn/browse/?roles=solution-architect)
+* [Azure Citadel](https://azurecitadel.com/)
+* [A Cloud Guru](https://acloudguru.com/course/az-304-microsoft-azure-architect-design)
+* [Cloud Academy](https://cloudacademy.com/learning-paths/az-304-exam-preparation-designing-a-microsoft-azure-architecture-1724/)
+* [Pluralsight](https://www.pluralsight.com/role-iq/microsoft-azure-solution-architect)
+* [Pluralsight Cloud Labs](https://www.pluralsight.com/product/cloud-labs)
+* [Azure user group search](https://www.meetup.com/)
+* [Azure Free Trial](https://azure.microsoft.com/en-us/free/)
+* [Azure Pass offer](https://www.microsoftazurepass.com/)
+* [Azure Log Analytics Query Playground](https://portal.loganalytics.io/demo)

az-305-toc.md

@@ -0,0 +1,49 @@
+# AZ-305 Table of Contents
+
+## DAY 1
+
+### Design identity, governance, and monitoring solutions (25-30%)
+
+* Logging and monitoring
+* Authentication and authorization
+  * Identity options
+  * RBAC
+
+### Design data storage solutions (25-30%)
+
+* Relational data
+  * Scalability
+  * Encryption
+* Non-relational data
+  * Cost optimization
+  * Data protection and durability
+
+## DAY 2
+
+### Design business continuity solutions (10-15%)
+
+* Backup and recovery
+  * Compute
+  * Storage
+  * Databases
+* High availability
+  * Compute
+  * Storage
+  * Databases
+
+### Design infrastructure solutions (25-30%)
+
+* Compute solutions
+  * VMs
+  * Containers
+  * Serverless
+* Application solutions
+  * Messages and events
+  * APIs
+* Migration solutions
+  * VMs
+  * Databases
+  * Unstructured data
+* Network solutions
+  * Internet connectivity
+  * On-premises connectivity

resources/blueprint/blueprint.json

@@ -0,0 +1,55 @@
+{
+    "properties": {
+        "description": "This blueprint sets tag policy and role assignment on the subscription, creates a ResourceGroup, and deploys a resource template and role assignment to that ResourceGroup.",
+        "targetScope": "subscription",
+        "parameters": {
+            "storageAccountType": {
+                "type": "string",
+                "defaultValue": "Standard_LRS",
+                "allowedValues": [
+                    "Standard_LRS",
+                    "Standard_GRS",
+                    "Standard_ZRS",
+                    "Premium_LRS"
+                ],
+                "metadata": {
+                    "displayName": "storage account type.",
+                    "description": null
+                }
+            },
+            "tagName": {
+                "type": "string",
+                "metadata": {
+                    "displayName": "The name of the tag to provide the policy assignment.",
+                    "description": null
+                }
+            },
+            "tagValue": {
+                "type": "string",
+                "metadata": {
+                    "displayName": "The value of the tag to provide the policy assignment.",
+                    "description": null
+                }
+            },
+            "contributors": {
+                "type": "array",
+                "metadata": {
+                    "description": "List of AAD object IDs that is assigned Contributor role at the subscription",
+                    "strongType": "PrincipalId"
+                }
+            },
+            "owners": {
+                "type": "array",
+                "metadata": {
+                    "description": "List of AAD object IDs that is assigned Owner role at the resource group",
+                    "strongType": "PrincipalId"
+                }
+            }
+        },
+        "resourceGroups": {
+            "storageRG": {
+                "description": "Contains the resource template deployment and a role assignment."
+            }
+        }
+    }
+}

resources/blueprint/blueprint.ps1

@@ -0,0 +1,32 @@
+# Manage Azure Blueprints with PowerShell
+
+# Ref: https://timw.info/3xu
+
+# Login first with Connect-AzAccount if not using Cloud Shell
+
+# Get a reference to the new blueprint object, we'll use it in subsequent steps
+$blueprint = New-AzBlueprint -Name 'MyBlueprint' -BlueprintFile .\blueprint.json
+
+# Use the reference to the new blueprint object from the previous steps
+New-AzBlueprintArtifact -Blueprint $blueprint -Name 'roleContributor' -ArtifactFile .\artifacts\roleContributor.json
+
+# Use the reference to the new blueprint object from the previous steps
+New-AzBlueprintArtifact -Blueprint $blueprint -Name 'policyTags' -ArtifactFile .\artifacts\policyTags.json
+
+# Use the reference to the new blueprint object from the previous steps
+New-AzBlueprintArtifact -Blueprint $blueprint -Name 'policyStorageTags' -ArtifactFile .\artifacts\policyStorageTags.json
+
+# Use the reference to the new blueprint object from the previous steps
+New-AzBlueprintArtifact -Blueprint $blueprint -Type TemplateArtifact -Name 'templateStorage' -TemplateFile .\artifacts\templateStorage.json -TemplateParameterFile .\artifacts\templateStorageParams.json -ResourceGroupName storageRG
+
+# Use the reference to the new blueprint object from the previous steps
+New-AzBlueprintArtifact -Blueprint $blueprint -Name 'roleOwner' -ArtifactFile .\artifacts\roleOwner.json
+
+# Use the reference to the new blueprint object from the previous steps
+Publish-AzBlueprint -Blueprint $blueprint -Version '{BlueprintVersion}'
+
+# Use the reference to the new blueprint object from the previous steps
+New-AzBlueprintAssignment -Blueprint $blueprint -Name 'assignMyBlueprint' -AssignmentFile .\blueprintAssignment.json
+
+Remove-AzBlueprintAssignment -Name 'assignMyBlueprint'
+

resources/blueprint/blueprintAssignment.json

@@ -0,0 +1,38 @@
+{
+    "properties": {
+        "blueprintId": "/providers/Microsoft.Management/managementGroups/{YourMG}/providers/Microsoft.Blueprint/blueprints/MyBlueprint",
+        "resourceGroups": {
+            "storageRG": {
+                "name": "StorageAccount",
+                "location": "eastus2"
+            }
+        },
+        "parameters": {
+            "storageAccountType": {
+                "value": "Standard_GRS"
+            },
+            "tagName": {
+                "value": "CostCenter"
+            },
+            "tagValue": {
+                "value": "ContosoIT"
+            },
+            "contributors": {
+                "value": [
+                    "7be2f100-3af5-4c15-bcb7-27ee43784a1f",
+                    "38833b56-194d-420b-90ce-cff578296714"
+                ]
+            },
+            "owners": {
+                "value": [
+                    "44254d2b-a0c7-405f-959c-f829ee31c2e7",
+                    "316deb5f-7187-4512-9dd4-21e7798b0ef9"
+                ]
+            }
+        }
+    },
+    "identity": {
+        "type": "systemAssigned"
+    },
+    "location": "westus"
+}

resources/powershell/Dockerfile.txt

@@ -0,0 +1,68 @@
+# Dockerfile needs that name with no extension in root of build folder.
+
+# Sample Dockerfile
+
+# Indicates that the windowsservercore image will be used as the base image.
+FROM mcr.microsoft.com/windows/servercore:ltsc2019
+
+# Metadata indicating an image maintainer.
+LABEL maintainer="[email protected]"
+
+# Uses dism.exe to install the IIS role.
+RUN dism.exe /online /enable-feature /all /featurename:iis-webserver /NoRestart
+
+# Creates an HTML file and adds content to this file.
+RUN echo "Hello World - Dockerfile" > c:\inetpub\wwwroot\index.html
+
+# Sets a command or process that will run each time a container is run from the new image.
+CMD [ "cmd" ]
+
+# Build process
+docker build -t iis-image-name .
+
+# Run process
+
+# Another Dockerfile
+
+#Step 1: Start from base image mcr.microsoft.com/windows/servercore
+FROM mcr.microsoft.com/windows/servercore
+
+#Step 2: Create temporary directory to hold SQL Server 2016 installation files
+RUN powershell -Command (mkdir C:\SQL2016Dev_SP2)
+
+#Step 3: Copy SQL Server 2016 installation files from the host to the container image
+COPY \SQL2016Dev_SP2 C:/SQL2016Dev_SP2
+
+#Step 4: Install SQL Server 2016 via command line
+RUN C:/SQL2016Dev_SP2/SETUP.exe /Q /ACTION=INSTALL /FEATURES=SQLENGINE /INSTANCENAME=MSSQLSERVER 
+/SECURITYMODE=SQL /SAPWD="y0urSecUr3PAssw0rd" /SQLSVCACCOUNT="NT AUTHORITY\System" 
+/AGTSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\Administrators" 
+/IACCEPTSQLSERVERLICENSETERMS=1 /TCPENABLED=1 /UPDATEENABLED=False
+
+#Step 5: Set SQL Server service to automatic
+RUN powershell -Command (Set-Service MSSQLSERVER -StartupType Automatic)
+
+#Step 6: Remove SQL Server installation media folder
+RUN powershell -Command (Remove-Item -Path C:/SQL2016Dev_SP2 -Recurse -Force) 
+
+#Step 7: Switch shell to PowerShell in preparation for running script Start.ps1
+SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+
+#Step 8: Copy Start.ps1 to image on root directory
+COPY \start.ps1 /
+
+#Step 9: Set current working directory for script execution
+WORKDIR /
+
+#Step 10: Run PowerShell script Start.ps1, passing the -ACCEPT_EULA parameter with a value of Y
+CMD .\start.ps1 -ACCEPT_EULA "Y" -Verbose
+
+
+
+
+
+
+
+
+
+

resources/powershell/application-security-groups.ps1

@@ -0,0 +1,11 @@
+# create the ASGs
+$webAsg = New-AzApplicationSecurityGroup -ResourceGroupName 'Load-Balancer' -Name webASG -Location 'eastus2'
+
+# Assign vNICs to ASG
+$webNic = Get-AzNetworkInterface -Name 'myNIC0' -ResourceGroupName 'Load-Balancer'
+$webNic.IpConfigurations[0].ApplicationSecurityGroups = $webAsg
+Set-AzNetworkInterface -NetworkInterface $webNic
+
+$webNic = Get-AzNetworkInterface -Name 'myNIC1' -ResourceGroupName 'Load-Balancer'
+$webNic.IpConfigurations[0].ApplicationSecurityGroups = $webAsg
+Set-AzNetworkInterface -NetworkInterface $webNic

resources/powershell/azcopy.txt

@@ -0,0 +1,20 @@
+# Use AzCopy
+
+# Ref: https://timw.info/d0a73
+
+# Sign in (you can also use SAS tokens and managed identities)
+azcopy login --tenant-id=<tenant-id>
+
+# Create a container
+azcopy make 'https://mystorageaccount.blob.core.windows.net/mycontainer'
+
+# Upload a file
+azcopy copy 'C:\myDirectory\myTextFile.txt' 'https://mystorageaccount.blob.core.windows.net/mycontainer/myTextFile.txt'
+
+# Upload files
+azcopy copy 'C:\myDirectory' 'https://mystorageaccount.blob.core.windows.net/mycontainer' --include-path 'photos;documents\myFile.txt' --recursive
+
+# Copy a blob to another storage account
+azcopy copy 'https://mysourceaccount.blob.core.windows.net/mycontainer/myTextFile.txt?sv=2018-03-28&ss=bfqt&srt=sco&sp=rwdlacup&se=2019-07-04T05:30:08Z&st=2019-07-03T21:30:08Z&spr=https&sig=CAfhgnc9gdGktvB=ska7bAiqIddM845yiyFwdMH481QA8%3D' 'https://mydestinationaccount.blob.core.windows.net/mycontainer/myTextFile.txt'
+
+# Copy all containers and blobs to another storage account	azcopy copy 'https://mysourceaccount.blob.core.windows.net/?sv=2018-03-28&ss=bfqt&srt=sco&sp=rwdlacup&se=2019-07-04T05:30:08Z&st=2019-07-03T21:30:08Z&spr=https&sig=CAfhgnc9gdGktvB=ska7bAiqIddM845yiyFwdMH481QA8%3D' 'https://mydestinationaccount.blob.core.windows.net' --recursive

resources/powershell/azure-key-vault-powershell.ps1

@@ -0,0 +1,23 @@
+<# Work with Azure Key Vault and PowerShell
+
+   Ref: https://docs.microsoft.com/en-us/azure/key-vault/quick-create-powershell
+#>
+
+# Set up environment
+Login-AzAccount
+
+New-AzResourceGroup -Name ContosoResourceGroup -Location EastUS
+
+New-AzKeyVault -Name 'Contoso-Vault2' -ResourceGroupName 'ContosoResourceGroup' -Location 'East US'
+
+# Convert a plaintext secret to a secure string
+$secretvalue = ConvertTo-SecureString 'hVFkk965BuUv' -AsPlainText -Force
+
+# Store the secret in key vault
+$secret = Set-AzKeyVaultSecret -VaultName 'ContosoKeyVault' -Name 'ExamplePassword' -SecretValue $secretvalue
+
+# Retrieve the key value
+(Get-AzKeyVaultSecret -vaultName "Contosokeyvault" -name "ExamplePassword").SecretValueText
+
+# Clean up the environment
+Remove-AzResourceGroup -Name ContosoResourceGroup