Configure Azure Disk Encryption The disks of an Azure virtual machine are always encrypted. However, you have the option to configure how the disks are encrypted. By default, disks use platform-managed encryption, meaning that Microsoft manages the encryption key and key rotation for the disk. If you have a business or technical requirement to manage…
Creating a zone in practice – Google Cloud Engineer Exam Guide
Suppose you received a request to create a new zone called my-zone.com so that the vm-a (10.0.1.2) and vm-b (10.0.0.3) Compute Engine VMs that are deployed in my-vpc-network can communicate with each other using the vm-a.my-zone.com and vm-b.my-zone.com FQDNs. Follow these steps: Figure 9.29 – Creating a private zone my-zone.com Figure 9.30 – Zone details…
Cloud DNS – Google Exams Guide
Compute Engine VM instances use their metadata servers as internal DNSs to resolve the IP addresses of other VMs in the same network. A metadata server communicates with Google’s public DNS for queries outside a local network. For example, the following figure shows an SSH session to a Compute Engine VM, vm-a, during which it…
Securing cloud networks with firewall rules-2
Firewall rules can be added to a VPC at any time. The predefined Compute Security Admin role allows you to create, edit, and delete rules. Compute Network Viewer can be used to view rule details. When a new firewall rule is added, you need to give it a name and priority from 0 to 65535….
Management – MS AZ-104 Exam Guide
Management The Management tab provides various options for administrative management of the VM in Azure. These are configuration items that either help you administer the VM or help you achieve other business goals your organization might have. The options on the Management tab include Figure 3-14 displays the Management tab with some of the available…
Securing cloud networks with firewall rules-1
As mentioned earlier in this chapter, even though subnets that belong to the same VPC are connected, it is the firewall’s role to control communication between Compute Engine VM workloads. The same applies to networks connected via Interconnect/VPN or VPC peering. When routing information is exchanged, and connectivity is established, the next step is configuring…
Disks – MS AZ-104 Exam Guide
Disks On the Disks tab of the Create A Virtual Machine blade, configure the size and performance of the operating system disk, as well as any data disks you might need to add to the VM. The options for VM disks include Figure 3-12 displays the Disks tab of the Create A Virtual Machine blade….
Interconnect – Google Exams Guide
While VPN is considered the fastest way to connect to Google Cloud, Cloud Interconnect is the fastest connection to Google Cloud. Like VPN, Cloud Interconnect enables communication based on internal IP addresses between workloads that are on-premises (or in another cloud) and created via a VPC. The difference between VPN and Interconnect is that Interconnect…
High availability VPN – Google Exams Guide
VPN is often considered the fastest way to connect to Google Cloud. It uses a public network and doesn’t require additional physical connection setup. Two types of Cloud VPN gateways at Google Cloud are high availability (HA) VPN and Classic VPN. Classic VPN doesn’t offer high availability and BGP support. It only supports static routing….
Create and configure virtual machines
Skill 3.2: Create and configure virtual machines There are multiple ways to create and configure virtual machines, depending on your intended use. The easiest way to create an individual virtual machine is to use the Azure portal. If you have a need for automated provisioning (or you just enjoy the command line), the Azure PowerShell…