Azure AZ-900 Fundamentals Exam

Start here! Get your feet wet with the Microsoft cloud and begin your journey to earning your Microsoft Certified: Azure Fundamentals certification!

Practice Test

$2.95
List Price: $19.95
Microsoft Certified Azure AI Fundamentals

Describe subscriptions

Subscription Lifecycle and Limits

Azure Subscriptions are essential for organizing and managing access to Azure resources. They help control how resource usage is reported, billed, and paid for. Each subscription is linked to a Microsoft Entra directory, and you can manage these subscriptions through the Azure portal. Subscriptions can have different billing and payment setups, making it easier to manage costs across various departments or projects. The lifecycle of an Azure subscription includes several stages: creation, management, and cancellation. When a subscription is created, it is associated with an Azure account, which includes a user identity and one or more subscriptions. The person who creates the account becomes the Account Administrator and the default Service Administrator for the subscription. Subscriptions can be canceled, but Azure preserves resources by deactivating them instead of immediately deleting them, allowing for a waiting period before permanent deletion. Limits and quotas are important aspects of managing Azure subscriptions. Each subscription has specific limits on the number of resources that can be created, such as the number of virtual machines or storage accounts. If you reach these limits, you can request an increase through the Azure portal. Proper management of these limits ensures that resources are used efficiently and helps avoid unexpected costs. Management groups provide a way to organize multiple subscriptions into a hierarchy for unified policy and access management. This structure allows for the application of policies and role assignments that cascade down to all associated subscriptions and resources. For example, a policy applied at the management group level can restrict virtual machine creation to specific regions, and this policy will be inherited by all subscriptions within that management group. Role-based access control (RBAC) is used to manage access to resources within a subscription. Azure RBAC includes built-in roles like Owner, Contributor, and Reader, which can be assigned at different scopes, such as management groups, subscriptions, or resource groups. Custom roles can also be created to meet specific needs. This system ensures that users have the appropriate level of access to perform their tasks without compromising security.

Understanding the subscription lifecycle and limits is crucial for effectively managing Azure resources. By organizing subscriptions, applying policies, and managing access through RBAC, organizations can ensure efficient and secure use of Azure services.

Purpose and Benefits of Azure Subscriptions

The primary purpose of Azure subscriptions is to facilitate resource organization, billing, and access management. Subscriptions help in structuring resources in a way that aligns with the needs of different departments, projects, or environments. This organization makes it easier to manage and monitor resources, ensuring that they are used efficiently. Billing and payment setups can vary across subscriptions, allowing for detailed tracking and management of costs. For example, a company can have separate subscriptions for different departments, each with its own billing account. This setup helps in allocating costs accurately and managing budgets effectively. Access management is another critical benefit of using Azure subscriptions. By assigning different roles and permissions to users, groups, and applications, organizations can control who has access to specific resources. This control helps in maintaining security and ensuring that only authorized personnel can perform certain actions. Using subscriptions for different environments and projects provides flexibility and control. For instance, a development team can have a separate subscription for testing new features without affecting the production environment. This separation helps in managing resources more effectively and reduces the risk of unintended changes impacting critical systems.

In summary, Azure subscriptions play a vital role in organizing resources, managing costs, and controlling access. They provide a structured approach to managing Azure environments, ensuring that resources are used efficiently and securely.

Subscription Management and Governance

Azure subscriptions are essential for organizing and managing access to Azure resources. They help control how resource usage is reported, billed, and paid for. Each subscription can have different billing and payment setups, making it easier to manage resources by office, department, or project. Subscriptions are associated with a Microsoft Entra directory, and you can manage them through the Azure portal. Management groups provide a governance scope above subscriptions, allowing you to efficiently manage access, policies, and compliance for multiple subscriptions. By organizing subscriptions into management groups, you can apply governance conditions that cascade by inheritance to all associated subscriptions. This setup ensures enterprise-grade management at scale, regardless of the subscription type. Role-based access control (RBAC) is a crucial tool for managing Azure subscriptions. It allows you to assign roles to users, groups, and applications, controlling their access to resources. Azure RBAC includes many built-in roles, such as Owner, Contributor, and Reader, which can be assigned at different scopes, including management groups, subscriptions, resource groups, and resources. Custom roles can also be created to meet specific needs. Governance practices in Azure include the use of policies and cost management. Azure policies help ensure that resources comply with your organization's standards and requirements. For example, you can create policies that limit the regions where virtual machines can be created. Cost management tools help you monitor and control spending across your subscriptions, ensuring that you stay within budget. Azure Resource Manager (ARM) provides a consistent management layer for deploying and managing resources in your Azure account. It allows you to use declarative templates to manage your infrastructure, ensuring consistent and repeatable deployments. ARM also integrates with Azure RBAC, enabling you to apply access control to all services and resources within your subscription.

By understanding and utilizing these tools and practices, you can effectively manage and govern your Azure subscriptions, ensuring that resources are organized, secure, and compliant with your organization's policies.

Billing and Cost Management

Azure Subscriptions are essential for organizing and managing access to Azure resources. Each subscription is linked to a billing account and can have different billing and payment setups, making it easier to manage costs across various departments, projects, or offices. The person who creates the Azure account becomes the Account Administrator, responsible for managing billing and creating new subscriptions. Roles and Responsibilities within Azure subscriptions are crucial for effective management. The Account Administrator can manage billing for all subscriptions, create new ones, and change billing details. The Service Administrator, who often is the same person as the Account Administrator, manages services and can cancel subscriptions. Co-Administrators have similar access to the Service Administrator but cannot change the subscription's directory association. Cost Management Tools in Azure help monitor and optimize expenses. Azure Cost Management and Billing provide features to set budgets, monitor costs, and review forecasted expenses. These tools are essential for identifying spending trends and areas where cost-saving measures can be implemented. For instance, automatic shutdown settings can help reduce costs by shutting down idle virtual machines. Billing Models and Charges in Azure are based on the resources used. For example, Azure App Service charges are based on the pricing tier and the number of instances used. Additional costs may accrue from related services like storage accounts for backups or diagnostic logs. Understanding these billing models helps in planning and managing expenses effectively. Management Groups provide a higher level of organization for subscriptions, allowing for unified policy and access management. By grouping subscriptions under management groups, policies and access controls can be applied consistently across all associated subscriptions, enhancing governance and cost management.

In conclusion, understanding Azure subscriptions, roles, and cost management tools is vital for effectively managing and optimizing expenses in the Azure ecosystem. These elements help ensure that resources are used efficiently and costs are kept under control.

Subscription Structure and Hierarchy

Azure subscriptions are essential for organizing and managing access to Azure resources. Each subscription is linked to a Microsoft Entra directory and helps control how resources are billed and managed. Subscriptions can be organized into management groups, which provide a governance scope above subscriptions. This hierarchical structure allows for efficient management of access, policies, and compliance across multiple subscriptions. Management groups are used to create a flexible structure for organizing resources. They enable the application of policies and access controls that cascade down to all associated subscriptions and resources. For example, a policy applied to a management group can restrict virtual machine creation to specific regions, and this policy will automatically apply to all nested management groups, subscriptions, and resources. At the top of the hierarchy is the root management group, which is automatically created for each directory. This root group allows for the application of global policies and role assignments at the directory level. All subscriptions and management groups within a directory fold up into this root management group, ensuring a unified governance structure. Azure role-based access control (RBAC) is supported at all levels of the hierarchy, allowing for fine-grained access management. Roles can be assigned at the management group level and will inherit down to all resources within that group. This inheritance simplifies the management of user access across multiple subscriptions and resources.

In summary, the hierarchical structure of Azure subscriptions, management groups, and resource groups provides a robust framework for organizing and managing resources. This structure aids in applying consistent policies and access controls, ensuring efficient and secure management of Azure environments.

Study Topics
Purpose and Benefits of Azure Subscriptions

Purpose and Benefits of Azure Subscriptions

Billing and Cost Management

Billing and Cost Management

Subscription Structure and Hierarchy

Subscription Structure and Hierarchy

Subscription Management and Governance

Subscription Management and Governance

Subscription Lifecycle and Limits

Subscription Lifecycle and Limits