Azure AI Fundamentals AI-900 Exam Preparation

Hi everyone, I'm currently working on an Azure Data Factory pipeline and I'm facing an issue with building dynamic SQL queries within a foreach activity. Here's the scenario: I have a lookup activity that retrieves information from an Excel sheet containing "table", "columns", and "conditions" data. Following this, I utilize a forEach activity to query the columns from the specified tables based on the provided conditions. Now, I'm looking to enhance this pipeline by introducing two parameters: An array named "full_load" containing the names of tables that require a full load (no problem with this one). A dictionary-like structure named "incremental_load", with the keys tableName and dateColumn, for tables that require incremental loads. Within the copy activity inside the forEach, I aim to construct an expression that: Checks if the current "item().table" exists in any of the "tableName"s of "incremental_load". If the table exists, I want to incorporate the "dateColumn" from the dictionary into the SQL query. If not, return an empty string. Here's the expression Chat GPT gave me: @if( exists( pipeline().parameters.incremental_load, item().table == '@item().tableName' ), concat( 'SELECT ', item().columns, ' FROM ', item().table, ' WHERE ', item().conditions, ' AND ', first( pipeline().parameters.incremental_load, item().table == '@item().tableName' ).dateColumn, ' = ', '''2024-05-12''' ), '' ) But it didn't work (mostly syntax errors). Is it possible to accomplish this? Or is there a better way to approach the task in hand? Any help or insights would be greatly appreciated. Thanks in advance! submitted by /u/RockLeeBaiano3000 [link] [comments]

long story short i am trying to use a simple ent app to authenticate users to wifi. Currently Cisco Meraki will not allow us to authenticate against Entra ID. so i was thinking I could make the Wi-Fi go to a splash screen showing the ent app, then the user will need to "sign in" once authenticated they will be pushed through to Wi-Fi. I believe i was able to get the app up and i was able to get it show on the splash screen however even if i exclude the app in my CAP i still get prompted for MFA. this is not an issue for computers but if a users uses it via mobile it opens an embedded webpage and when you try to authenticate via Authenticator it leave the embedded page and you loose your spot. I got the idea from a ms community post so i know it works: For now I created a splash age application using the web app from azure AD. This app is protected and accessible only to my authenticated users (basic feature you can activate in the app options). When a user connects to the Wi-Fi, he is redirected to this portal hosted on the azure web app, Azure asks the users to authenticate. When authenticated, the splash page is just a pass through button the user need to click on. https://techcommunity.microsoft.com/t5/microsoft-entra/cloud-based-radius-solution/m-p/91223 I hope it makes sense what I am trying to accomplish. submitted by /u/Kooftness [link] [comments]

submitted by /u/crpietschmann [link] [comments]

Hi, hoping I am explaining this clearly enough. I want to know if it is possible to restrict any API calls (client ID + Secret to generate token) to my App Registrations via Conditional Access or other methods to only accept requests from allow listed IP addresses. submitted by /u/slightly_entertained [link] [comments]

Hello, I have a few azure certs, and just recently I was asked to obtain the AZ500 exam. I have studied on Cloud Academy modules for maybe 3 hours and it was quite boring so I decided to take a few practice exams on ExamTopics. I've used this previously with other exams and it's worked great. However, I just basically got every question right on ExamTopics other than the few that I believe were outdated/worded improperly. Anyone who has taken the AZ500 was it as easy as it seems to be?? I feel like half of this stuff is directly related to AZ104 and the AZ305.I've usually been HORRIBLE with AZ exams too. Like I failed the AZ104 twice.... But somehow this AZ500 seems overly simple. I'm not asking this to be snarky, I simply want to know if this is the general consensus for the AZ500 from other Azure engineers with experience under their belt. submitted by /u/Medical-Visual-1017 [link] [comments]

With standard PITR backups we can configure GRS backups to replicate backup data to paired region. In the documentation it is said even in case of region failure we can initiate geo-restore to the paired region. So far so good. Support for LTR backups for Azure PostgreSQL Flexible Server via Backup vault is in preview. With Backup vault, we can similarly configure backups to be either LRS/ZRS or GRS. Backup vault needs to be in the same region where PostgreSQL server is. Do you know what happens when the region is down in this case? I couldn't find clear description of such scenario. As triggering restore is an management plane operation I would expect it to be available even if the region in which Backup vault is deployed is unavailable but not sure. Most likely this is not frequent scenario as if we have PITR why don't restore from PITR in such scenario but this just came to my mind so I started thinking 😀 submitted by /u/0x4ddd [link] [comments]

Hey All, looking for some quick guidance. In the process of spinning up a test environment to vet out App Proxy for RDWeb. Initially tried building out in a CDX environment, but ran into enforced MFA conditional access policy not allowing exclusions for ADConnect, impeding ADSync from working. In that environment I had no issue with the creation of the Enterprise Applications tied to App Proxy. I spun up a proper Azure environment with a 30 day trail Azure Premium P1 license. I attached domains, configured ADSync, configured App Proxy connectors, but I am unable to make an Enterprise Application tied to my app proxy. I'm Using the global admin account, have full privileges on the subscription and as an Application Administrator, kind of stumped with the issue. As a test I added a random Enterprise Application to verify its not a general inability to add apps, its only App Proxy tied applications that are failing. submitted by /u/brekkfu [link] [comments]

Hello All, I'm studying AZ140, does anyone have tips for remember the Sizes for VMs in Azure? e.g D = Balanced CPU-to-memory ratio E = High CPU-to-memory ratio submitted by /u/Joe_Blogs1 [link] [comments]

I'm helping one of my clients start their journey to the cloud. He needs a solution that monitors and balances DNS for his on-premises application. He already has the DNS zone hosted in Azure, but he needs to create a record that points to 3 of his external IPs and when one of the links is inactive, the DNS servers should not aswer with it until the problem is fixed. Based on my search I can set up a Traffic Manager with two external endpoints, but since i'm new to azure, i would like to know if there is another way to achieve this. submitted by /u/uonlydieonce [link] [comments]

Hi All We are part way through an Azure implementation and we are looking at the best way to get a granular method of deploying Bicep via Azure DevOps. We have an Enterprise scale hub/spoke landing zone and currently have a .bicep file and .bicepparam file for each subscription. The issue we have is that some of these .bicepparam files are going to end up in the 1000's of lines, so we would like to split them up. (The .bicep files themselves use recursive statements so aren't too long) For our large subscriptions we would like to break these up into a per-resource group approach, or perhaps something more granular if needed. The issue: Some of information we need is "global", "subscription level" or "rg level". Ideally these would all be in different .bicepparam files that we would call as and when we need them. Unfortunately calling multiple bicepparam files doesn't seem to be possible. (I have tried using "import" to pall params from on .bicepparam to another to no avail, any pointers there are welcome) Potential solution? -Granular bicep files for each resource group (or split another way) where needed -A JSON file with the global/subscription level variables (JSON params seem to be able to be called ontop of .bicepparams) -Our pipelines call the relevant bicep files depending on the type of deployment, the associated .bicepparams and global JSON file are called in the process. (First to build/WhatIf, then to deploy once happy) -Perhaps more of these JSON files (one for each sub + a global) is better than just the one global file? Rough directory layout: -modules -Policy/Governance/RBAC -Subscriptions --Subscription 1 ---rg-vpngw ----rg-test.bicep ----rg-test.bicepparams ---rg-firewall ----rg-firewall.bicep ----rg-firewall.bicepparams --Subscription 1 ---rg-storage ----.... -shared-params.json Any advice is much appreciated, we're excited for the move to IaC but have a lot to learn 🙂 submitted by /u/Icy_Combination3594 [link] [comments]

Is there a solution to pass the output of multiple grids into 1 combined grid so I can see “flow” of each log event in 1 place? Can this be done by the name of the grids? Or can i output the data from the grids and have my “unifying” grid simply read from that output? submitted by /u/ItalianDon [link] [comments]

I would like to become an Azure Cybersecurity Architect. I know that you need a pass a prereq and the SC-100. What other certs will help me get the job and gain knowledge. Will the Network+ or CCNA? Will the CISSP and CCSP? Will some risk certs like CRISC? I feel like the following learning path and certs be help: AZ-104 AZ-500 SC-200 SC-300 SC-400 SC-100 CCNA CISSP Know scripting bash, powershell Know python Know linux Know AWS What do you guys think? Any other suggestions? submitted by /u/freddy91761 [link] [comments]

New to Azure Stack HCI - Just following their setup guide for a 2 node cluster. On this page; https://learn.microsoft.com/en-gb/azure-stack/hci/deploy/deployment-arc-register-server-permissions?tabs=powershell It says I need to specify "Cloud Application Administrator" privileges for my Azure user. However it's not in the list of roles. Azure Stack HCI Administrator and Reader is, but Cloud Application Administrator is missing. I've search for similar sounding roles, but nothing comes up. All other roles that are listed show fine. Any ideas, as next step is the cluster creation, but I don't want to proceed only to find it fail or cause future issues. Thanks! submitted by /u/Efficient-Junket6969 [link] [comments]

Essentially what I am trying to do is create a Dynamic DL that checks if the user account is enabled or disabled first off, which the Exchange Online GUI does not support as it is not an Exchange property. Creating an EntraID M365 Group allows for dynamic users, but this will put everyone in a Microsoft Team/Group and I am not sure if we really want to do that for the entire company. Even if you create it using Exchange Online PowerShell, the supported attributes are also limited and most of them are recipient properties. See New-DynamicDistributionGroup Checking the filter for "Users with exchange mailbox" does not work in our case as we still license some disabled users for litigation purposes. I'd like to have 3 DDL's: All Users that are enabled All Users of Company A and account enabled All Users of Company B and account enabled How can I achieve this? ​ submitted by /u/zekeRL [link] [comments]

At my organisation, we have a business area (team A) wanting their own data warehouse solution. Their requirement is already in our procurement process where an external delivery partner/consultnacy/developers will soon bid for the work and design/build the solution (in Azure). This work will unfortnately come too early to be delivered as part of a (yet to be designed) organisation-wide corporate/enterprise data warehouse platform (also Azure), which will ingest and process data from all business areas, in theory at least. The basic DW ETL pipeline for team A will likely be: CSVs/spreadsheets on SharePoint > blob storage (raw) > blob storage (cleansed) > storage layer SQL databases. Data will be visualised using Power BI, and Power Apps will be used for some basic CRUD operations against the SQL data (is it ok for users to directly edit this layer? assuming data validation controls in place...). The ETL/ELT pipeline will be similar for other business areas in the future, with most of the differences being at the data source layer. The idea being that all data engineering and orchestration is done within a single corporate data warehouse platform. My question here is, how should an enterprise DW be designed and built for a growing organisation when only a single business area needs a DW initially? The scope laid out infront of the external developers will be to primarliy built a solution for team A, but I want to steer their design so that it can be expanded on in the future. For example, we might want to require that Azure Data Factory is given a generic name (instead of 'adf-team-a-produciton' etc) and it should exist as a shared component for out-of scope Team B, C, D etc. pipelines. We might also want to request summary and metadata databases so that data from multiple teams can be joined together in a single location. We'd also want tagging and cost reporting to be easily accessible on a team by team basis (as each team will be responsible for funding their own Azure components where possible). Any more ideas? Specifically relating to how Azure components should be designed (Azure Data Factory, perhaps even Azure Databricks if neccessary). Thanks in advance. Additional info: this post is a follow up to this post. Data is not particularly heavy. Data is usually structured, no images/videos. Some data is sensitive and can only be accessed by certain users, therefore the may be a need to isolate certain DW components from each other. This diagram shows my early idea of an enterprise DW, and I've highligted in red arrows where Team A's ETL process would exist. Enterprise data warehouse design, showing Team A's specific data movement with red arrows submitted by /u/scan-horizon [link] [comments]

submitted by /u/thewhippersnapper4 [link] [comments]

Hello, Quick question : I have some users that need to use Azure Cloud Shell... And it's not possible without giving access to a Subscription. Then, it's not mandatory but they can create a storage account for persistence. If multiples users use the same Storage Account, i think it's not a properly way to do it because they can access files of each others (or am i wrong ?) Then : Do you create a storage account for EACH user that need to use Azure Cloud Shell (with separate RBAC) ? Or do you use only one for all the sessions, and that's it ? PS : Where do you put thoses subscriptions/ressources in your Landing zone ? Thank you ! submitted by /u/Bugibugi [link] [comments]

Today I started testing installing the new AzureMonitorLinuxAgent on our VMs. I did this by running the Azure CLI command: az vm extension set --name AzureMonitorLinuxAgent --publisher Microsoft.Azure.Monitor --ids "<vm resource id>" --enable-auto-upgrade true The install appeared to work fine (we'll see tomorrow if it appeases the Advisor security check). However, I also uninstalled the old OmsAgentForLinux by simply clicking on it and selecting Uninstall. I see in the docs they only outline uninstalling it through the local shell (https://learn.microsoft.com/en-us/azure/azure-monitor/agents/agent-manage?tabs=PowerShellLinux#linux-agent-2). I have been checking the status of the VM on and off for more than an hour and it still lists the OmsAgentForLinux extension as "Transitioning" and I have a running job in my notifications that says "Deleting virtual machine extension". Should have just run the thing through the command line instead of using the Portal? Should the "transition" take this long? I won't feel comfortable in doing anything to my real VMs until this has all settled and I get good scan results from all my security stuff. submitted by /u/ScaleApprehensive926 [link] [comments]

I passed with a score of 947/1000. I have 8+ years in an Azure environment and took a total of 6-8 hours of prepping for the exam. Materials used: Microsoft Learn I'm someone with major test anxiety and used this exam to build some confidence for my next planned exams at the end of the next 3 months: May: MD-102 June: MS-102 July: AZ-104 Hoping everyone well with future certs! submitted by /u/wc129 [link] [comments]

I'm a little confused. Aren't all these things just a collection of ARM templates or is there more to it? When a company deploys a landing zone - what does that mean? Does that mean they've just generated their tenant from code? If they need to make changes in the future do they then make changes to the ARM / BICEP code in their landing zone solution or is that just to start off? How do they properly develop and test these changes? Does that mean most of these orgs would likely have multiple lower level tenants for them to update and test their landing zone changes? submitted by /u/your-lost-elephant [link] [comments]