Data Protection
| GDPR | General Data Protection Regulation |
Azure Cloud
| Resource | Word | Description |
|---|---|---|
| API | Application Programming Interface | |
| API Management | Application Programming Interface Management | |
| API Gateway | ||
| Azure Data Factory, Pipeline, Activity | ||
| Azure Databricks | ||
| Storage Account | ||
| Container and Blob Storage | ||
| Event Grid, Event Source, Event Handler | ||
| Service Bus, Topic, Message Queue | ||
| Subscription Resource | RBAC | Role-Based Access Control. For specifiying the permissions and privilages on a user for a group at different levels. – Subscription Level – Resource level. |
| Virtual Network | VNET | Virtual Network |
| Virtual Network | Site-to-Site | |
| Virtual Network | Point-to-Site | |
| Virtual Network | ExpressRoute | |
| Azure Service Bus Relay Connection | It must be installed | |
| – | Serverless Computing | The logics which doesn’t need resources, as long as they are executed. |
| Serverless Computing | Logic App | |
| Serverless Computing | Azure Function | For developing Microservices |
| Azure Service Fabric (ASF) | For developing Microservices | |
| Azure Kubernetes Service (AKS) | For developing Microservices | |
| RDP Connection | ||
| IAM | Identity Access Management | |
| SSL | A Protocol for remote desktop. | |
| RDP | Remote Desktop Protocol | |
| ARM | Azure Resource Manager | |
| Active Directory | SSPR | Self-Service Password Reset |
| Active Directory | Azure Active Directory (AAD) | For centralized identity management purposes. |
| Active Directory | MFA | Multi Factor Authentication |
| Key/Vault | MSI | Managed Service Identity |
Authentications
| OAuth 2.0 | For Token-based API communication. |
| SAML 2.0 | Srcurity Assertion Markup Language. Standard for exchanging authentication and authorization data between security domains for App Authentication (Single Sign in). |
| OpenID Connect | OpenID Connect is a simple identity layer on top of the OAuth2 protocol. It extends OAuth2 |
| SAS | Shared Access Signature -> in this type of security we have the primary and secondary keys and connection strings. |
Kubernetes
| Ingress | Enabling Traffic: Opening the cluster to receive external client traffic. Traffic Routing: Define traffic routes to backend services. Traffic Reliability: Ensuring reliable, secure communication |
| Pod | The smallest deployable unit, which will be comprised of one or more containers. |
| Pause container | Establishes a network namespace which all containers in the pod will share. It’s the first container to be created when the pod is created, the last container to be removed when a pod is removed and simply executes a small program which does nothing until a signal is called instructing it to terminate. Network is Linux base. Plural Sight Training |
| Inter pod communication | |
| Virtual ethernet bridge | Pods communicate to eachother because their virtual network namespace is attached to a virtual ethernet bridge in the host nodes network namespace. The bridge works at layer two of the OSI networking model. |
| Container Networking Interface (CNI) | |
| Service Object | It can be defined in YAML. |
The azure resources with SAS:
- Service Bus
- Storage Account
Multi Cloud Solutions 