Monday's stream focuses on the AZ900 path for gaining proficiency in Azure Fundamentals. We'll talk a bit about how we secure our environments using Network Security Groups (NSGs). You'll watch me launch a Virtual Machine from the Azure Cloud Shell using a simple bash script from Linux VM docs. This includes creating a network security group and generating ssh keys so that you're server is prepared for you to securely begin installing software and running your applications.
We'll show how to lock down SSH access and talk about other services you can expose to the world via the network security group.
I'll take questions, look for some participation and continue to get you skilled up. This Thursday be sure you check out my conversation with Brian Ketlesen on Azure Linux VMs. We'll be live on Twitch, YouTube and Periscope at 2pm EDT.
https://twitch.tv/azurefunbytes
https://twitter.com/azurefunbytes
Join me, ask questions and learn about Azure!
Microsoft Learn: Azure Fundamentals
Microsoft Azure: $200 Free Credit
Exam AZ-900: Microsoft Azure Fundamentals
Docs: Create a fully configured virtual machine
Quick steps: Create and use an SSH public-private key pair for Linux VMs in Azure
Docs: Network security groups
Top comments (1)
Hi,
I need your advise to configure an environments in Azure. Well, I'm not not from networking background and I'm confused how to deploy our application securely in Azure.
My requirement is, with in a vnet there'll be 3 subnets such as front-end subnet, aks subnet and db subnet along with both firewall and gateway subnets
Front-End subnet has => storage, static website, CDN (Internet exposed)
Aks subnet => aks for micro services (few apis should be Internet exposed and some are internal)
Back-End subnet => azure service bus, event hub (allow in/out only from front end or aks subnets)
Database subnet => CosmosDb, SQL Server and Azure Search (allow in/out only from aks subnet)
How to configure inbound and outbound rules to control traffic between subnets
Is network route table is essential for this requirement?
Am I missing any essential resources?
Is there any best way to accomplish the above requirement?
Thank you in advance