The case study before you answer the questions

This preview shows page 11 - 12 out of 20 pages.

the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the casestudy has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, clickthe Question button to return to the question. Background - You are a developer for Litware Inc., a SaaS company that provides a solution for managing employee expenses. Thesolution consists of an ASP.NET Core Web API project that is deployed as an Azure Web App. Overall architecture - Employees upload receipts for the system to process. Whenprocessing is complete, the employee receives a summary report email that details the processing results. Employees then use a web application to manage their receipts and performany additional tasks needed for reimbursement. Receipt processing - Employees may upload receipts in two ways: Uploading using an Azure Files mounted folder Uploading using theweb application Data Storage - Receipt and employee information is stored in an Azure SQL database. Documentation - Employees are provided with a getting started document whenthey first use the solution. The documentation includes details on supported operating systems for Azure File upload, and instructions on how to configure the mounted folder. Solutiondetails - Users table -Web Application - You enable MSI for the Web App and configure the Web App to use the security principal name WebAppIdentity. Processing - Processing is performed by anAzure Function that uses version 2 of the Azure Function runtime. Once processing is completed, results are stored in Azure Blob Storage and an Azure SQL database. Then, an emailsummary is sent to the user with a link to the processing report. The link to the report must remain valid if the email is forwarded to another user. Logging - Azure Application Insightsis used for telemetry and logging in both the processor and the web application. The processor also has TraceWriter logging enabled. Application Insights must always contain all logmessages. Requirements - Receipt processing - Concurrent processing of a receipt must be prevented. Disaster recovery - Regional outage must not impact application availability. AllDR operations must not be dependent on application running and must ensure that data in the DR region is up to date. Security - Users' SecurityPin must be stored in such a way thataccess to the database does not allow the viewing of SecurityPins. The web application is the only system that should have access to SecurityPins. All certificates and secrets used tosecure data must be stored in Azure Key Vault. You must adhere to the Least Privilege Principal and provide privileges which are essential to perform the intended function. Allaccess to Azure Storage and Azure SQL database must use the application's Managed Service Identity (MSI) Receipt data must always be encrypted at rest. All data must be protected

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 20 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
Mohammad Alizadeh
Tags
Azure Key Vault, Azure Event Grid

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture