Glossary
Search Azure terms
Open a clear definition, then continue into exam context, architecture, commands, operational examples, common mistakes, and related concepts.
Search all
Commands
Learning guides
Concept graph
Compare
Search-first Azure knowledge base
Term results
Search for a term or click a category. Results render only after you ask for them, so the glossary does not dump every available term on first load. Each result includes Quick peek and Open full term page actions.
Start with a search or a category.
Try managed identity , resource group , az group , private endpoint , or click Databases to load all database-related terms.
Showing 50 of 958 matching terms. Narrow the search to reduce the list.
Networking
premium
Application Gateway
Application Gateway is an Azure web traffic load balancer for HTTP and HTTPS applications. It routes requests by host name, path, listener, rule, backend pool, and health status, and can add TLS termination and Web Application Firewall controls when those features are configured.
Application delivery
fundamentals
4 commands
Aliases: Azure Application Gateway, App Gateway, regional layer 7 load balancer, HTTP application load balancer
Quick peek
Open full term page
Networking
premium
Application Gateway backend pool
the group of backend targets that an Application Gateway can forward matched requests to after a listener and routing rule select them.
Application delivery and API edge
intermediate
4 commands
Aliases: Application Gateway backend pool, application gateway backend pool
Quick peek
Open full term page
Networking
premium
Application Gateway HTTP setting
the Application Gateway backend configuration that controls how the gateway connects to backend servers for HTTP or HTTPS requests.
Application delivery and API edge
intermediate
4 commands
Aliases: Application Gateway HTTP setting, application gateway http setting
Quick peek
Open full term page
Networking
premium
Application Gateway listener
the Application Gateway component that waits for client requests on a frontend IP address, port, protocol, and optional hostname or certificate.
Application delivery and API edge
intermediate
4 commands
Aliases: Application Gateway listener, application gateway listener
Quick peek
Open full term page
Networking
premium
Application Gateway routing rule
the Application Gateway component that connects a listener to a backend pool, backend settings, redirect, or path-based routing decision.
Application delivery and API edge
intermediate
4 commands
Aliases: Application Gateway routing rule, application gateway routing rule
Quick peek
Open full term page
Security
premium
Application Gateway WAF policy
An Application Gateway WAF policy stores Web Application Firewall configuration for Application Gateway v2. It includes managed rules, custom rules, exclusions, and policy settings, and can be associated globally, with a listener, or with a path-based rule for targeted web request inspection.
Web application firewall
intermediate
4 commands
Aliases: Application Gateway WAF policy, WAF policy for Application Gateway, Azure WAF policy, regional WAF policy
Quick peek
Open full term page
Virtual Desktop Infrastructure
premium
Application group
An Azure Virtual Desktop application group controls access to a full desktop or a logical grouping of RemoteApp applications from a host pool.
Virtual desktops
fundamentals
2 commands
Aliases: application group
Quick peek
Open full term page
Networking
premium
Front Door
Azure Front Door is Microsoft’s global edge service for modern web applications. Microsoft Learn describes it as a cloud CDN that provides fast, reliable, and secure access to static and dynamic content through Microsoft’s global edge network worldwide.
Application delivery and API edge
intermediate
5 commands
Aliases: Azure Front Door, AFD, Azure Front Door Standard, Azure Front Door Premium, global edge
Quick peek
Open full term page
Networking
premium
Front Door origin group
A Front Door origin group is a logical grouping of origins that receives similar traffic and controls health probing and load balancing behavior.
Application delivery and API edge
intermediate
5 commands
Aliases: Azure Front Door origin group, AFD origin group, backend pool in Front Door, origin pool
Quick peek
Open full term page
Networking
premium
Front Door profile
Front Door profile is the top-level Azure Front Door Standard or Premium resource that groups edge endpoints, routes, origins, domains, rule sets, security associations, and delivery settings. Teams use it to manage a global application entry point without treating each endpoint, route, or origin as a separate product. In daily Azure work, it shows up when engineers review edge architecture, add a new website, tune routing, attach custom domains, configure WAF, or troubleshoot global traffic. It is not the same thing as a single endpoint, DNS name, backend app, CDN cache rule, or web application firewall policy.
Application delivery and API edge
intermediate
5 commands
Aliases: Azure Front Door profile, AFD profile, Front Door Standard/Premium profile
Quick peek
Open full term page
Integration
premium
API Management operation
An API Management operation is one callable action inside an API, such as GET /orders or POST /claims. It tells Azure API Management which HTTP method, URL template, parameters, and display name should be exposed to consumers. The operation can map to a backend route, return a mock response, accept.
Application delivery and API edge
intermediate
4 commands
Aliases: APIM operation, API operation in API Management
Quick peek
Open full term page
Integration
premium
API Management revision
An API Management revision is a safe working copy of an API for changes that should not break consumers. You create a revision, adjust operations, descriptions, policies, or backend settings, test the changes, and then make that revision current when it is ready. Existing consumers keep using the.
Application delivery and API edge
intermediate
4 commands
Aliases: APIM revision, API revision
Quick peek
Open full term page
Integration
premium
API Management self-hosted gateway
An API Management self-hosted gateway is a containerized copy of the API Management gateway that runs where your APIs live, such as on-premises, another cloud, or an Azure Kubernetes environment. Azure API Management remains the place where teams define APIs, products, policies, and observability..
Application delivery and API edge
intermediate
4 commands
Aliases: APIM self-hosted gateway, self-hosted API gateway
Quick peek
Open full term page
Integration
premium
API Management version
An API Management version is a separate version of an API that helps teams handle breaking changes. Clients can keep using an older version while newer clients adopt the new version when ready. Versions can be identified through a path, header, or query parameter, depending on the versioning.
Application delivery and API edge
intermediate
4 commands
Aliases: APIM version, API version in API Management
Quick peek
Open full term page
Integration
premium
Developer portal
The developer portal is the Azure API Management portal where API consumers discover APIs, read documentation, sign in, subscribe to products, retrieve subscription details, and test API operations when allowed.
Application delivery and API edge
intermediate
4 commands
Aliases: API Management developer portal, APIM developer portal, developer portal in API Management, API consumer portal
Quick peek
Open full term page
Networking
premium
Front Door cache purge
A Front Door cache purge removes selected cached content from Azure Front Door edge locations so future requests retrieve fresh content from the origin.
Application delivery and API edge
intermediate
4 commands
Aliases: Azure Front Door cache purge, AFD cache purge, Front Door purge content
Quick peek
Open full term page
Networking
premium
Front Door endpoint
A Front Door endpoint is a logical grouping of one or more routes associated with domain names in an Azure Front Door profile.
Application delivery and API edge
intermediate
4 commands
Aliases: Azure Front Door endpoint, AFD endpoint, azurefd.net endpoint
Quick peek
Open full term page
Networking
premium
Front Door origin
A Front Door origin is a backend application or service endpoint that Azure Front Door can route client requests to through an origin group.
Application delivery and API edge
intermediate
4 commands
Aliases: Azure Front Door origin, AFD origin, origin server, backend origin
Quick peek
Open full term page
Networking
premium
Front Door route
Front Door route is the Azure Front Door configuration that decides which domain and path patterns send user requests to which origin group. Teams use it to connect edge endpoints and custom domains to backend applications while controlling accepted protocols, forwarding behavior, caching, and rule-set association. In daily Azure work, it shows up when engineers add APIs, split static and dynamic paths, migrate origins, route traffic between regions, or investigate why a request reached the wrong backend.
Application delivery and API edge
intermediate
4 commands
Aliases: AFD route, Azure Front Door route, edge route
Quick peek
Open full term page
Networking
premium
Front Door rules engine
Front Door rules engine is the Azure Front Door capability that applies edge rules to matching requests before they are sent to an origin. Teams use it to move selected routing, redirect, rewrite, header, and cache behavior to the edge instead of baking every rule into application code. In daily Azure work, it shows up when engineers tune SEO redirects, add security headers, rewrite paths, vary caching, preserve legacy URLs, or explain unexpected behavior before the origin ever receives traffic.
Application delivery and API edge
advanced
4 commands
Aliases: Front Door rule set, AFD rule set, rules engine
Quick peek
Open full term page
Networking
premium
Load balancer frontend IP
Microsoft Learn describes a Load Balancer frontend IP configuration as the address-facing entry point that receives client traffic for a load balancer. It can use a public or private IP address and is connected to rules, probes, and backend pools.
Application delivery and API edge
intermediate
4 commands
Aliases: No aliases yet
Quick peek
Open full term page
Networking
premium
Load balancer health probe
Microsoft Learn describes an Azure Load Balancer health probe as the check that determines whether backend pool instances are healthy enough to receive new traffic. Probe configuration includes protocol, port, interval, and threshold choices that influence traffic distribution. Operators should review it with the connected Azure resource settings.
Application delivery and API edge
intermediate
4 commands
Aliases: No aliases yet
Quick peek
Open full term page
Networking
premium
Load balancer rule
Microsoft Learn describes a load-balancing rule as the configuration that maps a frontend IP address and port to backend pool addresses and ports. The rule defines how incoming traffic is distributed and which health probe validates backend availability. Operators should review it with the connected Azure resource settings.
Application delivery and API edge
intermediate
4 commands
Aliases: No aliases yet
Quick peek
Open full term page
Networking
premium
Outbound rule
An outbound rule is a Standard Azure Load Balancer configuration that controls outbound SNAT for backend pool instances. It defines which frontend IP configurations are used, which backend pool receives outbound access, protocol behavior, allocated SNAT ports, idle timeout, and optional TCP reset handling.
Application delivery and API edge
intermediate
4 commands
Aliases: Load Balancer outbound rule, outbound NAT rule, SNAT rule, Standard Load Balancer egress rule
Quick peek
Open full term page
DevOps
premium
Blue-green deployment
Blue-green deployment is a release strategy that runs two production-capable environments, routes users to the current version, validates the new version, then shifts traffic with minimal downtime.
Deployment workflows
intermediate
3 commands
Aliases: No aliases yet
Quick peek
Open full term page
Networking
template-specs-upgraded
Rewrite rule
Application Gateway rule logic for modifying request or response headers and URLs before backend handling.
Application delivery and API edge
intermediate
6 commands
Aliases: Application Gateway rewrite rule, URL rewrite rule, HTTP header rewrite rule, rewrite rule set, App Gateway rewrite
Quick peek
Open full term page
Networking
field-manual-complete
URL path map
A URL path map is an Azure Application Gateway configuration that routes requests to different backend pools based on path patterns in the URL. It connects path rules, backend targets, and HTTP settings so one gateway can serve multiple application paths.
Application Gateway
intermediate
5 commands
Aliases: path-based routing map, Application Gateway path map, URL route map, path rule map
Quick peek
Open full term page
Networking
top-250-pre130-priority-upgraded
Inbound NAT rule
Inbound NAT rule is an Azure Load Balancer rule that maps a frontend IP address and port to a backend virtual machine or scale-set instance port for inbound connectivity in Azure.
Application delivery and API edge
intermediate
5 commands
Aliases: Inbound NAT rule, inbound nat rule, inbound-nat-rule
Quick peek
Open full term page
Networking
field-manual-complete
Load balancer backend pool
Microsoft Learn describes a backend pool as the collection of resources that receive traffic from an Azure Load Balancer. Backend pools can include instances added through network interfaces or IP addresses, and multiple pools can serve different traffic groups.
Application delivery and API edge
intermediate
4 commands
Aliases: No aliases yet
Quick peek
Open full term page
Integration
complete
API Management policy
An API Management policy is a rule the gateway runs while handling an API call. Policies can validate tokens, add or remove headers, rewrite URLs, limit rates, cache responses, transform payloads, choose a backend, or return a custom response. They are written as ordered XML statements and can.
Application delivery and API edge
intermediate
4 commands
Aliases: APIM policy, API policy in API Management
Quick peek
Open full term page
Integration
premium
Event Grid delivery retry
Event Grid delivery retry is the Event Grid behavior that retries event delivery when a subscriber endpoint temporarily fails or returns retryable responses. In Azure, it shows up when handlers may be unavailable, slow, throttled, or temporarily blocked, but events still need controlled redelivery before dead-lettering or expiration. Teams use it to review maximum delivery attempts, event time-to-live, endpoint response behavior, dead-letter destination, subscription filters, monitoring, and handler readiness before changing production behavior. It is not application-level retry code, Service Bus lock renewal, Event Hubs checkpointing, or a guaranteed infinite replay mechanism.
Event routing
intermediate
5 commands
Aliases: Event Grid retry policy, Event Grid event retry
Quick peek
Open full term page
Integration
premium
Event Grid pull delivery
Event Grid pull delivery is an HTTP consumption model where applications connect to Event Grid namespace topics and read CloudEvents at their own pace using queue-like semantics. Teams use it to let applications read events when they are ready instead of receiving every event through immediate push delivery. It is not a Basic tier push subscription, Service Bus queue, or Event Hubs consumer group. In production, confirm the source, subscription, destination, filters, schema, identity, retry behavior, failure handling, monitoring, and owner before treating the route as safe.
Event Grid
intermediate
5 commands
Aliases: HTTP pull delivery, pull delivery in Event Grid
Quick peek
Open full term page
Networking
premium
Web Application Firewall
Azure Web Application Firewall is a centralized protection service for HTTP applications. It can run with Application Gateway, Front Door, Application Gateway for Containers, or Azure CDN, using managed and custom rules to detect and block common exploits such as SQL injection and cross-site scripting.
Application security
fundamentals
6 commands
Aliases: WAF, Azure WAF, Application Gateway WAF, Front Door WAF
Quick peek
Open full term page
Integration
premium
Event Grid delivery schema
Event Grid delivery schema is the event format Azure Event Grid uses when sending an event to a subscriber endpoint. In Azure, it shows up when publishers and handlers must agree on whether delivered events use Event Grid schema, CloudEvents v1.0, or a custom input schema shape. Teams use it to review event subscription delivery schema, publisher input schema, handler parser, API contract, sample payloads, validation tests, filters, and compatibility monitoring before changing production behavior. It is not the handler destination type, the event source, a JSON schema registry, or the business data model itself.
Event routing
intermediate
5 commands
Aliases: Event Grid event delivery schema, event delivery schema
Quick peek
Open full term page
Integration
premium
Event Grid managed identity delivery
Event Grid managed identity delivery is the pattern where Event Grid uses a managed identity on a topic, domain, or system topic to authenticate event delivery to supported destinations. In Azure, it shows up when teams want to deliver events to Azure destinations without storing destination keys or embedding secrets in event subscription configuration. Teams use it to review system-assigned or user-assigned identity, Event Grid topic or domain identity settings, destination RBAC role assignments, delivery identity settings, dead-letter identity settings, and monitoring before changing production behavior.
Event routing
advanced
5 commands
Aliases: Event Grid managed identity event delivery, managed identity delivery for Event Grid
Quick peek
Open full term page
Monitoring
premium
Application Insights
Application Insights is the application performance monitoring capability in Azure Monitor. It collects OpenTelemetry or SDK telemetry such as requests, dependencies, exceptions, traces, metrics, and availability results so teams can continuously understand live application health, performance, failures, and user-impacting behavior.
Application observability
fundamentals
4 commands
Aliases: Azure Application Insights, App Insights, Azure Monitor Application Insights, application performance monitoring, APM
Quick peek
Open full term page
Management and Governance
premium
Application landing zone
An application landing zone is one or more governed Azure subscriptions for a workload environment, placed under management groups so it inherits platform policies and shared services.
Landing zones
fundamentals
4 commands
Aliases: application landing zone
Quick peek
Open full term page
Identity
premium
Application permission
An application permission is an app-only permission, also exposed as an app role, that lets a client application access a resource without a signed-in user after consent is granted.
Identity operations
fundamentals
4 commands
Aliases: application permission
Quick peek
Open full term page
Management and Governance
premium
Application tag
An application tag is a resource tag key-value pair that identifies the application, product, workload, or service associated with an Azure resource.
Tags and naming
fundamentals
4 commands
Aliases: application tag
Quick peek
Open full term page
Identity
premium
Enterprise application
Enterprise application properties in Microsoft Entra ID configure the organization-specific service principal settings for an application, including user assignment, single sign-on, provisioning, and ownership.
Microsoft Entra applications
intermediate
4 commands
Aliases: Entra enterprise application, service principal application, enterprise app
Quick peek
Open full term page
Monitoring and Observability
premium
Application Insights connection string
An Application Insights connection string specifies the Application Insights resource and endpoints that an instrumented application uses to send telemetry.
Application Insights
fundamentals
3 commands
Aliases: APPLICATIONINSIGHTS_CONNECTION_STRING, application insights connection string
Quick peek
Open full term page
Monitoring and Observability
premium
Application map
Application Map is an Application Insights view that visualizes application components and dependencies using telemetry, helping teams identify bottlenecks and failure hotspots.
Application Insights
fundamentals
2 commands
Aliases: application map
Quick peek
Open full term page
Networking
premium
Application security group
An application security group lets you group virtual machine network interfaces so network security group rules can target application roles instead of explicit IP addresses.
Network security
fundamentals
2 commands
Aliases: ASG, application security group
Quick peek
Open full term page
Web
verified
Requests in application queue
Requests In Application Queue is an Azure Monitor metric for Microsoft.Web/sites that reports how many Web App or Function App requests are waiting in the application request queue. It helps diagnose saturation, slow handlers, cold starts, thread exhaustion, or delayed scale-out.
Web App metric
intermediate
6 commands
Aliases: RequestsInApplicationQueue, App Service application queue, HTTP requests in application queue, Web App request queue metric, Function App request queue metric
Quick peek
Open full term page
Integration
premium field-manual
Max delivery count
The max delivery count setting is the Service Bus setting that controls how many delivery attempts a message can have before it moves to the dead-letter queue. Teams use it when messages may fail repeatedly and the system needs a safe limit before isolating poisoned work. In plain English, it gives operators a named control for controlled retry behavior, poison-message isolation, and clearer recovery workflow for consumers instead of leaving the decision hidden in a portal setting, script, or deployment file. Treat it as production-ready only when the owner, dependencies, permission boundary, monitoring signal, and rollback evidence are clear.
Azure Service Bus
intermediate
4 commands
Aliases: Max delivery count, maximum delivery count, Service Bus maxDeliveryCount, MaxDeliveryCount, Service Bus delivery limit, Service Bus delivery attempts, Azure Service Bus
Quick peek
Open full term page
Storage
learning-path-anchor
Data Lake storage account
A storage feature or access model in Data Lake Storage Gen2 that helps teams store, protect, move, and govern application or analytics data with clearer ownership, safety, and operational context.
Data Lake Storage Gen2
advanced
19 commands
Aliases: No aliases yet
Quick peek
Open full term page
Databases
premium
Cosmos DB spatial index
Cosmos DB spatial index is an indexing-policy entry that helps Cosmos DB for NoSQL query valid GeoJSON points, lines, polygons, and multipolygons efficiently. It makes location-aware queries practical without scanning every item in a container. You see it when applications store coordinates, service areas, delivery zones, device positions, or map features in JSON items. The production check is whether GeoJSON shape, indexed path, query function, and partition strategy all line up. Document the decision in code, templates, metrics, and runbooks.
Azure Cosmos DB
intermediate
7 commands
Aliases: No aliases yet
Quick peek
Open full term page
Containers
premium
Azure Kubernetes Service
Azure Kubernetes Service is Azure’s managed Kubernetes service for deploying, scaling, and operating containerized applications while Azure manages much of the cluster control plane.
Managed Kubernetes
advanced
6 commands
Aliases: AKS, managed Kubernetes
Quick peek
Open full term page
Integration
premium
Event subscription
An Event subscription is an Event Grid configuration that selects events from a source and delivers matching events to a destination endpoint. Teams use it to route storage, resource, custom, or partner events to the correct webhook, function, queue, topic, or event handler. It is not the event source itself, an Azure subscription, an Event Hubs consumer group, or proof that the destination successfully processed every event. In production, confirm source scope, event types, filters, endpoint URL or resource ID, authentication method, dead-letter destination, retry settings, diagnostic logs, and receiving application owner before treating the design as healthy or ready.
Event Grid
intermediate
6 commands
Aliases: Event Grid subscription, event routing subscription, event delivery subscription
Quick peek
Open full term page
Integration
premium
Service Bus topic
Service Bus topic is a publish-subscribe entity inside a Service Bus namespace. Publishers send one message to the topic, and matching subscriptions receive their own copies. Topics are used when several downstream systems need the same business event without coupling the publisher to every receiver.
Messaging
fundamentals
6 commands
Aliases: Azure Service Bus topic, Service Bus pub-sub topic, topic entity, broker topic
Quick peek
Open full term page
No glossary terms matched that search.
Try a service name, acronym, command group, or category such as RBAC , az group , App Service , Application Insights , Databases , or Azure AI Search .
Clear filters and show matches
Reset search