Azure Tools

1. Azure App Service: (🖐️) A fully managed Platform as a Service (PaaS) for hosting web apps, REST APIs, and mobile backends. It handles infrastructure maintenance, patching, and scaling, allowing developers to focus solely on their application code.  

2. Azure Container Instances (ACI)A simple, serverless solution to run individual Docker containers on-demand without managing an entire container orchestration platform (like Kubernetes). It's great for simple tasks, development/testing, or short-lived jobs. 

3. Azure Functions: (🖐️) Azure's primary serverless compute offering, allowing you to run small, event-driven pieces of code ("functions") without managing infrastructure. This is ideal for automating tasks, processing data in real-time, or implementing microservices efficiently and cost-effectively. 

4. Azure Kubernetes Service (AKS, K8s) / Docker: (🖐️) A managed Kubernetes service for deploying, managing, and scaling containerized applications (ex: USAF Target App across the Intelligence Community: CIA, NSA, NASIC, Navy, Army, NATO) . 

5. Azure VM: (🖐️🖐️) Provides Infrastructure as a Service (IaaS), letting you provision Windows or Linux VMs in seconds. VMs are essential for workloads requiring OS-level control, like legacy applications or lift-and-shift migrations from on-premises servers. 

1. Azure AI Foundry: To create custom, deploy and mange Generative AI apps and agents using Azure OpenAI's LLM (GPT-3.5 or GPT-4) or other 3rd Party LLM. -- Analogy: It is like a fully equipped, governed kitchen with all the tools and processes needed to invent, test, and mass-produce a complex new meal.

2. Azure AI Search: (🖐️) A "search-as-a-service" that indexes content from various sources, making it immediately searchable and retrievable. It is crucial for grounding LLMs (Azure OpenAI) with internal company data to generate accurate answers (RAG: Retrieval-Augmented Generation). 

3. Azure AI Services: (🖐️🖐️) To create Pre-built, ready-to-use cognitive APIs to create AI models (standard LLM from Azure OpenAI or others). (e.g., Azure AI Bots (Job Site), AI Assistants, AI Chat) A suite of cloud-based APIs and services that integrate cognitive intelligence like speech, language, and decision-making into applications. This is the platform used to implement AI-powered chatbots and virtual assistants. -- Analogy: Like pre-made ingredients (e.g., a jar of pre-sliced pickles) you quickly add to a sandwich.

4. Azure ML: To manage the entire lifecycle of ML projects. It helps users to build, train, deploy, and manage predictive AI models at scale, for "Demand Forecasting" and resource optimization.

5. Azure OpenAI Service: Provides direct, managed access to OpenAI's powerful LLMs (like ChatGPT-4 and ChatGPT) with Azure security and enterprise-grade capabilities. It allows organizations to build applications using state-of-the-art generative AI. -- See "Azure AI Services"

6. Microsoft Purview / Azure AI Content Safety: (🖐️) A dedicated API service (Azure AI Content Safety) and a broader governance tool (Microsoft Purview) that detects harmful content in text and images (AI- or user-generated content). It ensures compliance and ethical deployment of AI. 

https://marketingassets.microsoft.com/gdc/gdcLSn5HE/original?ocid=eml_pg496765_gdc_comm_az&mkt_tok=MTU3LUdRRS0zODIAAAGdbaDkENp0ve3GibbUoLEbvTbqKX4_ygJ5NrslDvOiAmOf5mp_-HM5J3Q7_YwxdhHPbs96WyrWxgKjpW0518j9xbxl26AjNCz6osxQ_v9Q3AV1c5P0G61doNc 

1. Azure API Center A service used for the unified inventory, governance, and cataloging of all APIs across an organization. It helps promote developer adoption by making APIs easily discoverable.

2. Azure API Management (APIM): A platform for publishing, managing, securing, and analyzing APIs, acting as a secure gateway to backend services. It is used to centralize API governance, security, and enforce policies like rate limiting and caching.

3. Azure App Service: (🖐️) Managed hosting for web apps and APIs.

4. Microsoft Defender for APIs: (🖐️) A security tool focused on threat protection for APIs, used to implement enterprise-grade security controls and protect data from threats.

1. Power Automate: (🖐️🖐️) To create automated workflows between various apps and services cloud and on-premises. It's used to synchronize files, collect data, and automate repetitive business process tasks.

2. Azure Bicep / Terraform: Infrastructure as Code (IaC) tools used to automate the deployment of Azure resources. Bicep is a declarative language for Azure, and Terraform is a multi-cloud tool for managing infrastructure. 

3. Azure DevOps / Azure Pipelines A suite of services for continuous integration and continuous delivery (CI/CD) that automates the software build, test, and deployment process. Azure Pipelines is the specific orchestration engine for running automated checks and deployments.

4. Azure Functions: A serverless compute service that runs event-triggered code snippets. It is often used for automation by reacting to events (e.g., a file upload) to process data or trigger a workflow. 

5. GitHub Actions A feature that automates software development workflows, including CI/CD, directly within a GitHub repository. It allows you to build, test, and deploy code, often with integrated security checks, ensuring continuous security integration.

1. Azure Well-Architected Framework (WAF): Set of guiding tenets for architectural excellence to evaluate the quality of specific workload or app after it has been adopted. -- 5 key pillars: (1) Reliability (2) Security (3) Cost Optimization (4) Operational Excellence, and (5) Performance Efficiency. -- See "MS CAF."

2. CMMC Level 2 (Advanced): Cybersecurity Maturity Model Certification (CMMC). To design, implement, and secure the Azure and M365 GCC High environment to meet the NIST SP 800-171 controls. Architecting for Controlled Unclassified Information (CUI) isolation. -- Tools: Azure Policy & Azure Blueprints, to ensure IAM.

   • Level 1 Foundation -- Federal Contract Information (FCI). This is information provided by or generated for the Government under a contract. 15 security practices drawn from the FAR 52.204-21 (Basic Safeguarding of Covered Contractor Information Systems). Annual Self-Assessment. 

   • Level 2 (Advanced) -- Controlled Unclassified Information (CUI). 110 security controls from NIST SP 800-171. Self-Assessment or Third-Party Assessment (C3PAO) every 3 years. 

   • Level 3 (Expert) -- Highly Sensitive CUI (Protection against Advanced Persistent Threats). 110 controls from Level 2 + 24 controls from NIST SP 800-172. Government-Led Assessment every 3 years. 

3. DFARS: Defense Federal Acquisition Regulation Supplement (DFARS). A set of regulations that apply to all contracts and subcontracts with the DoD. -- VALUE: To ensure that the DoD receives quality supplies and services at fair prices while protecting national security and sensitive defense information. 

4. MS Cloud Adoption Framework (CAF): [Cloud Adoption w/ Azure WAF] A collection of documentation, guidance, best practices, and tools designed to help businesses create and implement the business and technology strategies for cloud adoption. -- Lifecycle (4): (1) Strategy/Guidance Plan. (2) Foundation Readiness: Prep Azure Landing Zones (pre-configured environment). (3) Adoption & Innovation: Deploy workloads, Migrate & Modernize. (4) Ongoing Governance & Management: Est. policies; Implement Security, Define and manage the operating model (cloud or hybrid).  

5. NIST SP 800-171: To protect CUI (Controlled Unclassified Information) in Non-federal Systems and Organizations.  

6. USE CASE:

   • CMMC -to- CSSP/MSP Team's NOC/SOC -- (1) Have the proper documents in place, System Security Plan (SSP), SOP for monitoring and incident response, and a Configuration Management Plan. (2) Ensure Azure monitoring tools are in place, Azure Sentinel (for SOC) and Azure Monitor (for NOC/Engineering), fully configured and alerting policies are tuned before final sign-off. 

   • Design a Cloud Solution (ex: for DIB client to CMMC) -- Align with Azure WAF. The architecture must be flexible, use modular services (small, indie-components: microservices. API, SOA, K8s) and configuration-as-code (CaC), to adapt to CMMC updates. -- To get CaC, use Azure App Configuration (app settings), Azure Policy (enforce PaC rules), and Azure Blueprints (template package w/ IaC, PaC, & CaC inside a package)    

1. Azure Container Apps A serverless microservices hosting platform designed to host and deploy containerized applications and microservices. It is suitable for applications that require dynamic scaling, often utilizing KEDA-supported autoscaling.

2. Azure Container Registry (ACR) A private, managed registry service for storing and managing your Docker container images and related artifacts securely. It is essential for an MLOps or DevOps pipeline to ensure a secure container image supply chain.

3. Azure Kubernetes Service (AKS) A fully managed Kubernetes service that simplifies the deployment, scaling, and management of containerized applications using the open-source Kubernetes system. It is the ideal orchestrator for modern, scalable microservices architectures.

1. Azure Cosmos DB A globally distributed, multi-model NoSQL database service that provides high availability and guaranteed low-latency access to data anywhere. It is essential for highly scalable applications like personalized recommendation engines.

2. Azure Databricks: (🖐️) A fast, Apache Spark-based analytics platform optimized for the cloud, providing a collaborative environment for large-scale data engineering. It performs heavy-duty work like cleansing, transforming, and structuring raw data.

3. Azure Data Factory The cloud-native service for building and orchestrating complex data integration pipelines (ETL/ELT). It is used to reliably move and transform data between various sources and destinations for analysis.

4. Azure SQL Database: A fully managed, relational database service in Azure. It is used to host structured data and provides built-in capabilities for high availability, patching, and backups. 

5. Azure Stream Analytics: A real-time, serverless analytics engine that processes high volumes of fast-moving data. It is key for analyzing and acting on incoming data streams for immediate decision-making. 

6. Azure Synapse Analytics An integrated analytics service that brings together data warehousing and big data processing. It is used to analyze vast amounts of data quickly to drive data-driven insights.

7. MS Purview (Microsoft Purview) A unified data governance solution that helps you manage and govern your data across on-premises, multi-cloud, and SaaS. It provides data cataloging, lineage, and audit trails to ensure compliance and security.

1. Azure Bicep / Terraform: Infrastructure as Code (IaC) tools used to automate the deployment of Azure resources. Bicep is a declarative language for Azure, and Terraform is a multi-cloud tool.

2. Azure DevOps / Azure Pipelines A suite of services for continuous integration and continuous delivery (CI/CD) that automates the software build, test, and deployment process. Azure Pipelines is the orchestration engine for running automated checks and deployments.

3. Azure Key Vault A service for centralized secrets management. It allows applications to retrieve secrets at runtime, preventing hard-coding of sensitive data into the source code.

4. Azure Resource Manager (ARM) templates: The native deployment and management service for Azure. It allows you to create, update, and delete Azure resources in a single, coordinated operation using declarative templates. 

5. Azure Virtual Machine Scale Sets: Used to deploy and manage a set of identical Virtual Machines (VMs) that can automatically increase or decrease based on load. This is used for traditional scaled-out Applications on an IaaS platform. 

6. GitHub Advanced Security Provides native Static Application Security Testing (SAST), secret scanning, and dependency scanning for code repositories, integrating security early into the development process ("shift-left").

7. MS Defender for DevOps A centralized dashboard for tracking security findings and posture across CI/CD pipelines.

1. Azure Key Vault A cloud service for securely storing and managing access to secrets, such as cryptographic keys, certificates, and API keys. It prevents sensitive information from being hardcoded in applications and enforces security controls.

2. Azure Role-Based Access Control (RBAC) A system that manages access "specific" to Azure resources by assigning roles to users, groups, and applications. It enforces the principle of "least privilege," ensuring entities only have the permissions necessary for their specific tasks.

3. MS Entra ID: (formerly Azure AD) Microsoft's cloud-based Identity and Access Management (IAM) service. It manages access to resources for users and applications, enabling security features like Multi-Factor Authentication (MFA) and Single Sign-On (SSO).

4. MS Entra Conditional Access: A policy engine that evaluates user attributes and security risks before granting access to resources. It helps enforce strong security controls by requiring extra authentication steps under specific conditions. 

5. MS Entra ID PIM (Privileged Identity Management) A service that manages and controls access to privileged roles. It implements a least-privilege access model by providing just-in-time (JIT) access that expires after a defined time. 

1. Azure Data Factory For building and orchestrating data integration pipelines (ETL/ELT: Extract, Transform, Load). It reliably moves and transforms data between various sources and destinations for analysis.

2. Azure App Service A fully managed Platform as a Service (PaaS) offering for quickly building, deploying, and scaling web applications, REST APIs, and mobile backends. It handles infrastructure management, letting developers focus on their code.

3. Azure Cosmos DB A globally distributed, multi-model NoSQL database service that provides high availability and guaranteed low-latency access to data anywhere. It is used for highly scalable applications like personalized recommendation engines and real-time data ingestion.

4. Azure Event Hubs: A highly scalable data streaming platform and event ingestion service. It can capture millions of events per second from various sources, making it essential for processing real-time data from IoT devices and applications. 

5. Azure Functions A serverless compute service that runs small, event-triggered code snippets (microservices) without provisioning or managing infrastructure. It's ideal for automating tasks and integrating systems by only running code when needed.

6. Azure Front Door A global, scalable entry-point that uses the Microsoft edge network to create fast, secure, and widely scalable web applications. It provides traffic routing, caching to improve performance, and Web Application Firewall (WAF) capabilities.

7. Azure Migrate A centralized hub for assessing, planning, and executing the migration of on-premises workloads (servers, databases, web apps) to Azure. It provides tools to help recommend a strategic approach (Rehost, Refactor, Rearchitect).

8. Azure OpenAI: Use in streamlining AI development and native Azure integration. 

9. Azure Redis Cache: A secure, dedicated cache service based on the popular open-source Redis. It is used to store frequently accessed data in memory, significantly improving the performance and reducing the load on databases. 

10. Azure Service Bus: A reliable cloud messaging service that enables asynchronous communication between decoupled applications and microservices. It is used to handle transactional messaging and ensure order delivery for reliability. 

11. Azure Synapse Analytics An integrated analytics service that brings together data warehousing, big data processing, and unified insights. It is used to analyze vast amounts of data quickly to drive data-driven insights and innovation.

1. Azure Application Gateway: This is a Layer 7 (Application Layer) load balancer. It provides application delivery control services like Web Application Firewall (WAF) capabilities, SSL termination, and cookie-based session affinity for web traffic.

2. Azure Front Door: A global, scalable entry-point that uses the Microsoft edge network. It provides global HTTP/HTTPS load balancing and site acceleration to distribute web traffic across multiple regions for optimal performance and high availability. 

3. Azure Load Balancer: This is a Layer 4 (Transport Layer) load balancing service. It distributes incoming traffic across resources within the same Azure region and within a single virtual network. It is used for high-performance and low-latency scenarios at the network level.

1. Azure Container Apps A serverless platform designed to host containerized applications and microservices. It is ideal for applications that require dynamic scaling, often utilizing KEDA-supported autoscaling.

2. Azure Functions A serverless compute service for running small, event-triggered code snippets (microservices) without provisioning or managing the underlying infrastructure. It's used for real-time data processing and automating tasks, only running code when needed.

3. Azure Kubernetes Service (AKS) A fully managed Kubernetes service that simplifies the deployment, scaling, and management of containerized applications using the open-source Kubernetes system. It is used as the orchestrator for modern, scalable microservices architectures.

1. Azure Database Migration Service (DMS)A specialized tool for simplifying and automating the process of migrating various database sources to Azure data platforms (like Azure SQL Database) with minimal downtime. 

2. Azure Migrate: (🖐️)  A centralized hub for assessing, planning, and executing the migration of on-premises workloads (servers, databases, web apps) to Azure. It helps with the strategic evaluation and Rationalization of the application portfolio. 

3. Azure Site Recovery: A service that manages and orchestrates disaster recovery for your apps and workloads. Used for SRE, it is often part of a Migration strategy to "Lift-and-Shift" with built-in resiliency.

4. USE CASE:

   • CMMC -to- CSSP/MSP Team's NOC/SOC -- (1) Have the proper documents in place, System Security Plan (SSP), SOP for monitoring and incident response, and a Configuration Management Plan. (2) Ensure Azure monitoring tools are in place, Azure Sentinel (for SOC) and Azure Monitor (for NOC/Engineering), fully configured and alerting policies are tuned before final sign-off. 

   • FCI -to- CUI -- Use of a segregated cloud enclave within Azure Government (GCC High) for CUI storage and processing. Use Azure VNets, Azure Network Security Groups (NSGs), and leverage MS Information Protection (MIP) to classify and protect CUI wherever it resides, and ensure DFARS compliance. 

   • Migrate to the Cloud (GCC High) -- 

   • M365 Commercial Tenant -to- M365 GCC (High) -- Ensure a design where all data and services processing CUI are within the boundary of the GCC environment, adjust licenses, app integration, and Azure services selection.

• GOVERNANCE:

  1. Microsoft Purview: (🖐️) A unified data governance solution that helps you manage and govern your on-premises, multi-cloud, and SaaS data. It enables data mapping, document discovery, and document classification to ensure data governance and security controls are in place for these items.

• MONITORING:

1. Azure Monitor: (🖐️🖐️) A core service for operational excellence, used to monitor, collect, analyze, and act on telemetry data (metrics and logs) from all your environments. It provides a comprehensive solution for application performance management (APM) and alerting on site reliability issues.

• OBSERVABILITY:

  1. USE CASE:

     • Ensure Observability & Security -- (1) Use Azure Monitor (for logging and monitoring) (2) Azure Sentinel (to centralize all security logs). -- VALUE: This provides the SOC team with threat detection and the NOC/Engineering team with operational metrics, ensuring all logs meet the retention and protection requirements of CMMC. 

1. Azure Firewall: A cloud-native, intelligent network firewall security service that provides threat intelligence and filtering for all your cloud workloads. It is used to centrally create, enforce, and log application and network connectivity policies. 

2. Azure Information Protection: A cloud-based solution that helps organizations classify, label, and protect their documents and emails. It allows for persistent protection that stays with the data, regardless of where it is stored or shared. 

3. Azure Landing Zone (ALZ): A cloud environment that has been pre-configured with a specific foundation for scale, security, governance, networking, and IAM (Defense in Depth). 

4. Azure Policy: A service that allows you to create, assign, and manage policies to enforce organizational standards and compliance. It prevents the creation of resources that do not meet your required security or regulatory baselines.

5. Azure Private Link: A service that allows you to access Azure PaaS services (like Storage or Key Vault) and Azure-hosted services over a private endpoint in your virtual network. This keeps traffic off the public internet for enhanced security. 

6. Azure Site Recovery A service that manages and orchestrates disaster recovery for your applications and workloads. It ensures business continuity by replicating VMs and keeping business apps running during major outages.

7. Azure Virtual Network (VNet) The foundational building block for your private network in Azure, providing an isolated network boundary. It enables Azure resources to securely communicate with each other, the internet, and on-premises networks.

8. GCC (High): Government Community Cloud (High) is a highly specialized, isolated, and tightly controlled cloud environment provided by Microsoft. -- For highly sensitive data, like Controlled Unclassified Information (CUI) -- Ex: Used in the creating of the USAF Target App. 

   • -- Tools (Foundation): MS Entra ID (MFA, Conditional Access, Role Based Access Control=RBAC), Azure VMs, Azure Storage (Blobs, Files, Queues, Tables), Azure VNet, VPN Gateway, ExpressRoute (for compliant network connectivity) 

   • -- Tools (Standard/M365 G5/E5 for GCC High): MS Entra ID P2: Advanced identity protection, Privileged Identity Management (PIM), Identity Protection. Azure Information Protection (AIP) Used for classifying and protecting (encrypting) sensitive data like CUI using sensitivity labels. MS Defender for Endpoint: Endpoint Detection and Response (EDR) for devices in the GCC High boundary. MS Defender for O365 P2: Advanced threat protection for email (phishing, safe links/attachments). MS Defender for Cloud Apps (MCAS): Cloud Access Security Broker (CASB) to manage and monitor access and activities in cloud apps. MS Purview Compliance Suite: Tools like Data Loss Prevention (DLP), Advanced eDiscovery, and Insider Risk Management, all configured to meet the stringent CMMC and DFARS requirements.    

9. Microsoft Defender for APIs: A focused security tool for threat protection and enterprise-grade security controls for your application programming interfaces (APIs). It monitors traffic and detects anomalous behavior to protect data and backend services. 

10. Microsoft Defender for Cloud (formerly Azure Security Center) A unified security posture management and threat protection service for workloads running in Azure, on-premises, and other clouds. It helps strengthen your security posture by providing a secure score and actionable recommendations.

11. Microsoft Purview: (🖐️) A unified data governance solution that helps you manage and govern your on-premises, multi-cloud, and SaaS data. It enables data mapping, document discovery, and document classification to ensure data governance and security controls are in place for these items.

12. Microsoft Sentinel: (🖐️🖐️) (formerly Azure Sentinel) A cloud-native Security Information and Event Management (SIEM) and SOAR (Security Orchestration, Automation, and Response) solution. It uses AI to detect and investigate threats across your enterprise and automate security responses.

13. USE CASE:

    • CMMC -to- CSSP/MSP Team's NOC/SOC -- (1) Have the proper documents in place, System Security Plan (SSP), SOP for monitoring and incident response, and a Configuration Management Plan. (2) Ensure Azure monitoring tools are in place, Azure Sentinel (for SOC) and Azure Monitor (for NOC/Engineering), fully configured and alerting policies are tuned before final sign-off. 

    • FCI -to- CUI -- Use of a segregated cloud enclave within Azure Government (GCC High) for CUI storage and processing. Use Azure VNets, Azure Network Security Groups (NSGs), and leverage MS Information Protection (MIP) to classify and protect CUI wherever it resides, and ensure DFARS compliance. -- FCI (Federal Contract Info); CUI (Controlled Unclass Info).

    • Secure a Web App --  Use a pre-configured Azure Landing Zone (ALZ) with a Hub-Spoke VNet topology in GCC High. The web app would be secured behind an Azure Application Gateway (WAF) and Azure Firewall (Hub). Azure Key Vault would manage secrets, and Azure Security Center (Azure Defender for Cloud) would provide continuous monitoring... and align with NIST controls. 

1. Azure Container Apps Although a container service, it operates on a serverless model. It automatically scales based on HTTP traffic or events (KEDA-supported autoscaling).

2. Azure Event Grid A fully managed pub/sub messaging service used to implement asynchronous, event-driven communication patterns. It decouples services to enhance resilience and allows components to react in near real-time.

3. Azure Functions A serverless compute service that runs small, event-triggered code snippets, perfect for automating small, repetitive tasks. It provides automatic, real-time scaling.

4. Azure Logic Apps A low-code/no-code service to create automated, serverless workflows integrating applications, data, and services across cloud and on-premises systems.

5. Azure Stream Analytics: A real-time, serverless analytics engine that processes high volumes of fast-moving data from sources like IoT devices and event hubs. It's used for real-time dashboarding and alerting in operational scenarios. 

1. Azure Availability Zones (AZ) Physically separate data centers within an Azure region that provide high availability and fault tolerance for applications and data.

2. Azure Monitor: (🖐️🖐️) The main tool for Site Reliability Engineering (SRE), providing a comprehensive solution for collecting, analyzing, and acting on telemetry data (metrics and logs). It is used to set up alerts and visualize system health (SLOs: Service Level Objectives).

   • Azure Log Analytics / Azure Workbooks / Azure Dashboards: Components of Azure Monitor used for specific SRE tasks: Log Analytics for querying logs, Workbooks for flexible data analysis & reporting, and Dashboards for visualizing key metrics (SLOs/SLIs: Service Level Indicators).

   • Azure Monitor for Application Insights A feature of Azure Monitor that provides application performance management (APM) for web applications, offering a comprehensive view of the user experience.

3. Azure Site Recovery: A service to manage and orchestrate disaster recovery for your applications and workloads. It ensures business continuity by replicating VMs and keeping business apps running during major outages.

1. Azure Backup A service to store the archived data in Geo-Redundant Storage (GRS) for long-term, tamper-proof retention. It ensures the data is safe and secure to meet legal and compliance requirements.

2. Azure Blob Storage A general-purpose, scalable object storage solution for unstructured data like text or binary files. It offers different Tiers (Hot, Cool, Archive) that can be used to optimize storage costs based on data access frequency. ~ BLOB (Binary Large Objects)

3. Azure Data Box: A service that provides purpose-built appliances to securely transfer large amounts of data to Azure without using the internet. It is ideal for large-scale, one-time data ingestion or initial backup transfers. 

4. Azure Data Lake Storage (ADLS) Gen2: A unified, highly scalable storage repository optimized for big data analytics workloads.

5. Azure Files Provides simple, secure, and fully managed file shares in the cloud that are accessible via the standard Server Message Block (SMB) protocol.

6. Azure File Sync: A solution that centralizes your organization's file shares in Azure Files while keeping the flexibility, performance, and compatibility of an on-premises file server. It enables hybrid-cloud caching and disaster recovery. 

7. Azure NetApp Files An enterprise-grade, high-performance file storage service, used for demanding workloads like SAP and high-performance computing.

8. Azure Storage Actions: A feature used to automate lifecycle management for data in Azure Storage Accounts. It is used to automatically move older data to cooler or archive tiers to optimize cost.