Azure Developer: AZ 900 → AZ 204

AZ-900: Microsoft Azure Fundamentals 

Module 1: Cloud Concepts

Cloud Models

• Public, Private, and Hybrid Cloud
• Compare Cloud Models

Cloud Benefits and Considerations

• Benefits of Cloud
• Cloud Consideration

Cloud Services

• IaaS, PaaS, SaaS
• Sharing responsibility

Module 2: Core Azure Services

Azure Architectural Components

• Regions and Availability Zones
• Subscriptions and Resource Groups

Core Azure Resources

• Compute
• Networking
• Storage
• Databases

Module 3: Core Solutions

Core Azure Solutions

• IoT to Azure Sphere
• Synapse Analytics to Databricks
• AI/ML

Azure Management Tools

• Portal, Powershell, CLI, and Others
• Advisor, Monitor, and Service Health

Module 4: Security

Azure Security Features

• Security Center and Resource Hygiene
• Key Vault, Sentinel, and Dedicated Hosts

Azure Network Security

• Defense in Depth
• Network Security Groups and Firewalls
• DDoS Protection

Module 5: Identity, Governance, Privacy, and Compliance

 Azure Identity Services

• Authentication Verses Authorization
• Azure AD, MFA, SSO, and Conditional Access

Azure Governance Features

• RBAC
• Resource locks and Tags
• Policy, Blueprints, and CAF

Azure Privacy and Compliance

• Privacy statements and Online Services Terms
• Trust Center and Compliance Documentation
• Azure sovereign Regions

Module 6: Azure Pricing and Lifecycle

Methods of Managing Costs

• Factors Affecting Costs
• Options to Reduce and Control costs
• Azure Cost Management

Service Level Agreements and Lifecycles

• Azure Service Level Agreement (SLA)
• Factors Impacting SLAs
• Azure Product and Feature Lifecycle

AZ-204: Developing Solutions for Microsoft Azure

Module 1: Creating Azure App Service Web Apps

Azure App Service core concepts

• Azure shared responsibility model
• App Service
• Web Apps
• Key features of App Service Web Apps
• App Service plans
• Authentication and authorization
• Azure App Service Hybrid Connections
• Azure App Service Local Cache
• App Service environments (ASEs)

Creating an Azure App Service Web App

• Create and deploy a web app with Azure command-line interface (CLI)
• Creating a Web App with Azure PowerShell
• Creating an App Service plan with Azure PowerShell
• App Service on Linux
• Docker in App Service on Linux
• Web apps for Linux containers

Configuring and Monitoring App Service apps

• App Service settings
• Path mappings
• Updating app runtimes
• CORS
• OS and runtime patching
• Inbound and outbound IP addresses

Inbound and outbound IP addresses

•  Autoscale
• Autoscale metrics
• Autoscale patterns
• Scale based on CPU
• Autoscale setting schema
• Autoscale concepts

Azure App Service staging environments

• Deployment slots
• Modern deployment workflow
• Auto swap
• Route traffic between slots
• Automate slot management - Azure PowerShell
• Automate slot management - Azure CLI

Lab: Building a web application on Azure platform as a service offerings

Module 2: Implement Azure Functions

Azure Functions overview

• Azure Functions
• Function integrations
• Azure Function (Java program – Function.java)
• Azure Function (Python script – __init__.py)
• Scale and hosting
• Azure Functions hosting
• Triggers
• Trigger types
• Input and Output Bindings
• Bindings
• Integrating with Azure Virtual Network

Developing Azure Functions

• Azure Functions in Visual Studio Code
• Function code
• Binding configuration
• Binding-based code
• Function folder structure
• Function App settings

Implement Durable Functions

• Durable Functions
• Durable Functions types
• Durable Function scenario – Chaining
• Durable Function scenario - Fan-out/fan-in
• Durable Function scenario - Async HTTP APIs
• Durable Function scenario – Monitoring
• Durable Function scenario - Human interaction

Lab: Implement task processing logic by using Azure Functions

Module 3: Develop solutions that use blob storage

Azure Blob storage core concepts

• Azure Storage overview
• Azure Blob storage
• Azure Blob storage resource hierarchy
• Blob types
• Block blobs
• Append blobs
• Page blobs
• Blob events
• Storage durability options

Managing the Azure Blob storage lifecycle

• Storage tiers
• Storage tier pricing
• Lifecycle management

Working with Azure Blob storage

• Managing blob properties and metadata
• Blob container properties
• Exclusive access for modifying a blob
• Lease Blob operation

Lab: Retrieving Azure Storage resources and metadata by using the Azure Storage SDK for .NET

Module 4: Develop solutions that use Cosmos DB storage

Azure Cosmos DB overview

• Azure Cosmos DB
• Core functionality
• Global Replication
• Consistency levels
• APIs
• Migrating from NoSQL
• Cosmos DB throughput

Azure Cosmos DB data structure

• Resource hierarchy
• Containers
• Partitioning
• Partitioning implementation

Create and update documents by using code

• Manage collections and documents
• Creating a CosmosClient instance by using .NET
• Accessing a database by using .NET
• Accessing a container by using .NET
• JavaScript and Azure Cosmos DB
• Stored procedures
• Bounded execution
• Transaction continuation
• Optimistic concurrency

Lab: Constructing a polyglot data solution

Module 5: Implement IaaS solutions

Provisioning VMs in Azure

• Azure virtual machine creation checklist
• Naming a VM
• VM pricing models
• VM storage options
• Managed and unmanaged disks
• Azure virtual machine creation and management
• Accessing an Azure VM by using PowerShell
• Capturing performance diagnostics for a VM
• Recovering a failed VM by using a rescue VM
• Sizing a VM
• VM configuration options
• VM categories
• Manage the availability of your Azure VMs
• High availability and disaster recovery
• Availability sets, Fault domains, Update domains
• Image in Azure Marketplace
• Image Uniform Resource Name (URN)
• Azure Shared Image Gallery
• VM Serial Console

Create and deploy Azure Resource Manager templates

• Azure Resource Manager overview
• Terminology
• Resource Manager template deployment
• Three-tier Azure Resource Manager template
• Nested Resource Manager template
• Create Resource Manager templates by using the Azure portal

Create container images for solutions

• Virtualization and containers
• Container Images
• Docker
• Retrieving a new container image from Docker Hub
• Creating a container image specification with a Dockerfile
• Building the container image
• Running the custom container image as a container

Publish a container image to Azure Container Registry

• Azure Container Registry (ACR)
• Docker containers and registries
• Container Registry SKUs
• Azure Container Registry Build (ACR Build)
• Building images in Container Registry
• Trigger ACR Build by using Azure CLI

Create and run container images in Azure Container Instances

• Azure Container Instances (ACI)
• Container groups
• Container Instances features
• Deploy a container to Container Instances

Lab: Deploying compute workloads by using images and containers

Module 6: Implement user authentication and authorization

Microsoft identity platform

• Identity as the control plane
• Azure Active Directory
• Azure AD evolution
• Microsoft identity platform
• Azure AD evolution
• Microsoft identity platform overview
• Objects in Azure AD
• Application registration
• Authentication endpoints
• Authorize access to web applications by using OAuth
• service-to-service calls using client credentials
• Common authentication flows
• Interactive authentication flow
• On-Behalf-Of authentication flow
• Client credentials authentication flow
• Device code authentication flow
• Certificate-based authentication

Microsoft Authentication Library (MSAL)

• Microsoft Authentication Library (MSAL)
• Creating an authentication context by using MSAL
• Acquiring a token interactively using MSAL
• Get user profile using MSAL

Microsoft Graph

• Microsoft 365 platform
• Microsoft Graph data and services
• Graph data
• Graph explorer
• Microsoft Graph SDK
• Microsoft Graph authentication SDK
• Creating an authentication provider
• Microsoft Graph SDK Fluent API
• Using Graph Service client

Authorizing data operations in Azure Storage

• Container permissions
• CORS support for the Azure Storage services
• Authorization
• Shared Access Signatures
• Establishing a stored access policy
• Shared Access Signatures (SASs)
• Valet key pattern by using Shared Access Signatures
• Stored access policies
• SAS token generation from a stored access policy

Lab: Authenticating to and querying Microsoft Graph by using MSAL and .NET SDKs

Module 7: Implement secure cloud solutions

Manage keys, secrets, and certificates by using the KeyVault API

• Azure Key Vault
• Key Vault concepts
• Key Vault authentication
• Key Vault secret types
• Create Key Vault secret by using Azure CLI

Implement Managed Identities for Azure resources

• Azure AD–managed identity
• Managed identities implementation
• System-assigned managed identity
• User-assigned managed identity
• Types of managed identities
• Managed identities use cases
• Configure managed identities for Web Apps by using Azure CLI

Secure app configuration data by using Azure App Configuration

• Azure App Configuration
• Keys and values
• Azure App Configuration
• Labels
• Feature Management

Lab: Access resource secrets more securely across services

Module 8: Implement API Management

API Management overview

• API Management (APIM)
• Terminology, Products
• Products and APIs
• APIs and operations
• Back-end and front-end APIs

Working with APIs in APIM

• API Management instance overview
• Manage using Git
• Service hierarchy
• Policies, Policy scopes
• Advanced policy scenarios

Configure authentication for APIs

• Subscriptions
• Client certificates

Lab: Creating a multi-tier solution by using services in Azure

Module 9: Develop event-based solutions

Azure Event Grid

• Event-driven architecture
• Azure Event Grid
• Sources and handlers
• Event Grid concepts
• Schema, Security, Filtering
• Authoring custom events
• Event domains

Azure Event Hubs

• Publishing events
• Partitions, Consumer groups, Capture
• Integration with Kafka
• Event Hubs and Apache Kafka mapping
• Security model
• Creating a namespace manager by using the root key
• Creating a SAS key

Lab: Publishing and subscribing to Event Grid events

Module 10: Develop message-based solutions

Azure Service Bus

• Comparing cloud messaging options
• Azure Service Bus
• Events vs. messaging services
• Queues
• Queue-based load leveling
• Topics and subscriptions
• Messages, payloads, and serialization

Azure Queue Storage

• Components
• Code examples

Lab: Asynchronously processing messages by using Azure Queue Storage

Module 11: Instrument solutions to support monitoring and logging

Overview of monitoring in Azure

• Azure Monitor
• Monitoring data platform
• Alerts
• Alerts workflow
• Alert state
• Application Insights
• Application Insights architecture

Configure instrumentation in an app or service

• Application Insights for webpages
• Application Insights for console applications
• Application Insights for desktop apps
• Application Insights platforms
• Other monitoring tools

Analyzing and troubleshooting apps

• What data does Azure Monitor collect?
• Data source
• Azure Monitor sources
• Application Insights overview
• Monitored metrics, Application Map
• Components
• View activity logs to audit actions on resources
• Auditing in Azure PowerShell
• Monitor the availability and responsiveness of a website

Implement code that handles transient faults

• Transient errors
• Handling transient errors
• Retrying after a transient error
• Detecting if an error is transient

Lab: Monitoring services that are deployed to Azure

Module 12: Integrate caching and content delivery within solutions

Azure Cache for Redis

• Redis
• Redis data types
• Redis operations
• Azure Cache for Redis
• Azure Cache for Redis usage
• Configuration
• Accessing a Redis cache from a client

Develop for storage on CDNs

• Content delivery networks (CDNs)
• Improving the client experience by using a CDN
• CDN uses
• Azure CDN, Azure CDN platform, and usage
• Manage Azure CDN profiles by using Azure CLI
• Cache expiration in Azure CDN
• Purging and preloading assets by using Azure CLI

Lab: Enhancing a web application by using the Azure Content Delivery Network