You have 500 Azure web apps in the same Azure region. The apps use a premium Azure key vault for authentication.
A developer reports that some authentication requests are being throttled.
You need to recommend a solution to increase the available throughput of the key vault. The solution must minimize costs.
What should you recommend?
Click on the arrows to vote for the correct answer
A. B. C. D.D
To maximize your Key Vault through put rates, here are some recommended guidelines/best practices for maximizing your throughput:
1. Ensure you have throttling in place. Client must honor exponential back-off policies for 429's and ensure you are doing retries as per the guidance below.
2. Divide your Key Vault traffic amongst multiple vaults and different regions. Use a separate vault for each security/availability domain. If you have five apps, each in two regions, then we recommend 10 vaults each containing the secrets unique to app and region.
https://docs.microsoft.com/en-us/azure/key-vault/general/overview-throttlingThe correct answer is A. Change the pricing tier.
Explanation:
The issue being reported is that some authentication requests are being throttled, which suggests that the current pricing tier of the key vault is not sufficient to handle the required throughput. To increase the available throughput of the key vault, the pricing tier needs to be changed.
The Azure Key Vault service offers different pricing tiers with different performance characteristics, such as the number of requests per second, the maximum number of objects that can be stored, and the level of hardware security module (HSM) redundancy. The premium tier is designed for high-scale scenarios that require higher throughput and HSM redundancy, which makes it suitable for this scenario.
The other options listed are not suitable for this scenario:
B. Configure geo-replication: Geo-replication is used to replicate data between different Azure regions for disaster recovery purposes. It does not improve the available throughput of the key vault in the same region.
C. Configure load balancing for the apps: Load balancing is used to distribute traffic across multiple instances of an application for better performance and availability. It does not directly improve the available throughput of the key vault.
D. Increase the number of key vaults in the subscription: This option may increase the available throughput, but it will also increase costs and management complexity. It is not the most cost-effective solution for this scenario.