Freshen repo for Jan 2025 delivery

.github/workflows/check-readme-links.yaml

@@ -0,0 +1,66 @@
+name: 🔍 Check README Links
+
+on:
+  workflow_dispatch:
+    inputs:
+      path:
+        description: 'Path to README file'
+        required: true
+        default: 'README.md'
+
+jobs:
+  linkcheck:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 🛎️ Checkout code
+        uses: actions/checkout@v4
+
+      - name: 🚀 Setup Lychee
+        uses: lycheeverse/lychee-action@v1.8.0
+        with:
+          args: --verbose --no-progress --exclude-mail --exclude-loopback ${{ github.event.inputs.path }}
+          output: ./lychee.md
+          format: markdown
+          fail: true
+
+      - name: 📝 Create Link Check Report
+        if: always()
+        run: |
+          echo "# 🔗 Link Check Report" > report.md
+          echo "## 📊 Summary" >> report.md
+          echo "Check ran on: $(date)" >> report.md
+          echo "" >> report.md
+          if [ -f ./lychee.md ]; then
+            if [ -s ./lychee.md ]; then
+              echo "### ❌ Found Broken Links" >> report.md
+              cat ./lychee.md >> report.md
+            else
+              echo "### ✅ All Links Are Valid!" >> report.md
+              echo "No broken links found in ${{ github.event.inputs.path }}" >> report.md
+            fi
+          else
+            echo "### ⚠️ No Results" >> report.md
+            echo "The link checker did not generate a report." >> report.md
+          fi
+
+      - name: 📨 Upload Report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: link-check-report
+          path: report.md
+          retention-days: 30
+
+      - name: 💬 Comment on PR
+        if: github.event_name == 'pull_request' && always()
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs');
+            const report = fs.readFileSync('report.md', 'utf8');
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: report
+            });

README.md

@@ -1,5 +1,7 @@
 # Tim Warner's AZ-104 Study Resources
 
+<img src="az104-cover-slide.png" alt="AZ-104 Course Cover" width="800"/>
+
 Welcome to the ultimate resource hub for preparing for the **AZ-104 Microsoft Azure Administrator Exam**. Whether you're aiming for certification or deepening your Azure knowledge, this guide is packed with the best tools, links, and tips to set you up for success.
 
 ---
@@ -73,11 +75,11 @@ Learn through hands-on labs and live environments:
 ---
 
 ## 💸 **Exam Discounts and Registration Info**
-- [Microsoft Certification Special Offers](https://www.microsoft.com/en-us/learning/offers.aspx)
-- [AZ-104 Exam Registration](https://docs.microsoft.com/en-us/learn/certifications/exams/az-104)
-- [About Online Exams](https://www.microsoft.com/en-us/learning/online-exams.aspx)
-- [Certification Policies and FAQs](https://www.microsoft.com/en-us/learning/certification-exam-policies.aspx)
-- [Pearson VUE Exam Replay](https://www.mindhub.com/microsoft-exam-replay-mcp-exam-plus-retake/p/Microsoft-Exam-Replay)
+- [Microsoft Certification Special Offers](https://learn.microsoft.com/en-us/certifications/deals)
+- [AZ-104 Exam Registration](https://learn.microsoft.com/en-us/credentials/certifications/exams/az-104)
+- [About Online Exams](https://learn.microsoft.com/en-us/credentials/certifications/online-exams)
+- [Certification Policies and FAQs](https://learn.microsoft.com/en-us/credentials/certifications/certification-exam-policies)
+- [Pearson VUE Exam Replay](https://home.pearsonvue.com/microsoft/replay)
 
 ---
 

az104-sample-landing-zone/README.md

@@ -0,0 +1,107 @@
+# AZ-104 Sample Landing Zone
+
+This landing zone implementation demonstrates a simplified but production-ready Azure environment based on the [Cloud Adoption Framework (CAF)](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/). It's designed to be both exam-relevant and practical for real-world scenarios.
+
+## Architecture Overview
+
+This landing zone implements a simplified version of the CAF enterprise-scale landing zone with:
+
+- Hub-spoke network topology
+- Centralized security and governance
+- Core platform services
+- Workload separation
+
+![Landing Zone Architecture](landing-zone-architecture.png)
+
+## Components
+
+1. **Management Groups Structure**
+   - Root Management Group
+   - Platform Management Group
+   - Landing Zones Management Group
+
+2. **Foundational Components**
+   - Hub Virtual Network (shared services)
+   - Azure Firewall
+   - Azure Bastion
+   - Log Analytics Workspace
+   - Key Vault
+
+3. **Security & Governance**
+   - Built-in and Custom RBAC Roles
+   - Azure Policy Assignments
+   - Network Security Groups
+   - Resource Locks
+
+4. **Landing Zone (Spoke)**
+   - Workload Virtual Network
+   - Network Peering
+   - Application Gateway
+   - Sample Web App deployment
+
+## Implementation Steps
+
+1. **Foundation Setup**
+   ```powershell
+   # Deploy management group hierarchy
+   # Deploy hub network infrastructure
+   # Configure core platform services
+   ```
+
+2. **Security Configuration**
+   ```powershell
+   # Apply RBAC roles
+   # Assign Azure Policies
+   # Configure network security
+   ```
+
+3. **Landing Zone Deployment**
+   ```powershell
+   # Deploy spoke network
+   # Configure network peering
+   # Deploy sample workload
+   ```
+
+## Deployment
+
+The landing zone is implemented using Infrastructure as Code (IaC) with Bicep templates, organized in a modular structure:
+
+```
+landing-zone/
+├── bicep/
+│   ├── main.bicep                 # Main deployment template
+│   ├── modules/
+│   │   ├── hub-network.bicep      # Hub network configuration
+│   │   ├── spoke-network.bicep    # Spoke network configuration
+│   │   ├── security.bicep         # Security configurations
+│   │   └── monitoring.bicep       # Monitoring resources
+├── scripts/
+│   ├── deploy.ps1                 # Deployment script
+│   └── configure-policy.ps1       # Policy configuration
+└── policies/
+    └── custom-policies.json       # Custom Azure policies
+```
+
+## Learning Objectives
+
+This sample landing zone helps you understand:
+
+1. How to implement a secure baseline architecture
+2. Management group and subscription organization
+3. Network topology and security in Azure
+4. Policy-based governance
+5. Infrastructure as Code practices
+
+## Next Steps
+
+1. Review the architecture diagram
+2. Examine the Bicep templates
+3. Deploy the foundation components
+4. Configure security and governance
+5. Deploy a sample workload
+
+## References
+
+- [Microsoft Cloud Adoption Framework](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/)
+- [Azure Landing Zone Reference Architecture](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/)
+

az104-sample-landing-zone/docs/01-design-decisions.md

@@ -0,0 +1,130 @@
+# Administrator's Landing Zone Implementation Guide
+
+## Overview
+This document outlines the implementation decisions for our Azure Landing Zone, focusing specifically on Azure Administrator (AZ-104) responsibilities and skills. This is a practical guide for implementing and managing enterprise-scale infrastructure.
+
+## Core Administrative Areas
+
+### 1. Identity and Governance (20-25%)
+- **Management Group Structure**:
+  ```
+  Root
+  ├── Platform
+  │   ├── Identity
+  │   └── Management
+  └── Workloads
+      ├── Production
+      └── Development
+  ```
+
+- **Access Management**:
+  - Built-in RBAC roles implementation
+  - Scope-based role assignments
+  - Access review procedures
+
+- **Resource Governance**:
+  - Resource locks configuration
+  - Tag implementation strategy
+  - Cost management alerts and budgets
+  - Azure Policy assignments
+
+### 2. Storage Implementation (15-20%)
+- **Storage Account Configuration**:
+  - Redundancy levels
+  - Access tiers
+  - Network security settings
+  - Shared Access Signatures (SAS)
+
+- **Data Protection**:
+  - Storage firewall rules
+  - Private endpoints
+  - Encryption settings
+  - Access key management
+
+- **File Services**:
+  - Azure Files configuration
+  - Blob container setup
+  - Lifecycle management
+  - Backup policies
+
+### 3. Compute Resource Management (20-25%)
+- **Infrastructure Deployment**:
+  - ARM/Bicep template implementation
+  - Parameter file management
+  - Deployment validation
+  - Resource dependencies
+
+- **Virtual Machine Management**:
+  - VM size selection
+  - Availability sets configuration
+  - Disk management
+  - Backup strategy
+
+- **App Service Configuration**:
+  - App Service Plan scaling
+  - Deployment slots
+  - Custom domains and SSL
+  - Network integration
+
+### 4. Network Configuration (15-20%)
+- **Virtual Network Setup**:
+  - Address space planning
+  - Subnet configuration
+  - VNet peering setup
+  - DNS configuration
+
+- **Security Implementation**:
+  - NSG rule management
+  - Application Security Groups
+  - Bastion host deployment
+  - Service endpoints
+
+- **Load Balancing**:
+  - Load balancer configuration
+  - Health probe setup
+  - Backend pool management
+  - Traffic distribution rules
+
+### 5. Monitoring and Maintenance (10-15%)
+- **Azure Monitor Setup**:
+  - Metrics configuration
+  - Log Analytics workspace
+  - Alert rules
+  - Action groups
+
+- **Backup Strategy**:
+  - Recovery Services vault
+  - Backup policies
+  - Retention settings
+  - Restore procedures
+
+## Implementation Checklist
+1. [ ] Configure management groups and RBAC
+2. [ ] Set up resource governance (policies, tags)
+3. [ ] Deploy storage infrastructure
+4. [ ] Implement compute resources
+5. [ ] Configure networking and security
+6. [ ] Enable monitoring and backup
+
+## Administrative Tasks
+1. **Daily Operations**:
+   - Monitor resource health
+   - Review security alerts
+   - Check backup status
+   - Verify policy compliance
+
+2. **Weekly Tasks**:
+   - Review access assignments
+   - Check cost reports
+   - Analyze performance metrics
+   - Update documentation
+
+3. **Monthly Activities**:
+   - Conduct security reviews
+   - Validate backup restores
+   - Review and optimize costs
+   - Update resource tags
+
+## Next Steps
+→ [Deployment Guide](02-deployment-guide.md)
+→ [Sample Scripts](03-sample-scripts.md)