Plain-English definitions of the core Azure terms for AZ-104 study. Simplified for learning; Microsoft documentation is authoritative.
| Term | Definition |
|---|---|
| Microsoft Entra ID | Azure’s identity service (formerly Azure AD). |
| Tenant | A dedicated instance of Entra ID for an organisation. |
| Subscription | A billing and management container for resources. |
| Management group | A container to organise subscriptions and apply governance. |
| Resource group | A logical container for related resources. |
| RBAC | Role-Based Access Control assigning permissions at a scope. |
| Azure Policy | Rules that enforce configuration and compliance. |
| Storage account | The container for blobs, files, queues and tables. |
| Access tier | Hot, Cool or Archive storage for cost vs access speed. |
| LRS / ZRS / GRS | Storage redundancy: local, zone, or geo. |
| SAS | Shared Access Signature granting limited storage access. |
| Virtual Machine | A cloud-hosted server you fully control. |
| Scale Set | A group of identical, auto-scaling VMs. |
| App Service | Managed hosting for web apps and APIs. |
| VNet | Virtual Network — your private network in Azure. |
| Subnet | A segment of a VNet. |
| NSG | Network Security Group — stateful firewall rules. |
| Peering | Connecting two VNets privately. |
| ExpressRoute | A private, dedicated connection to Azure. |
| Azure Monitor | Metrics, logs and alerts for resources. |
| Log Analytics | Queries and analyses collected log data. |