AZ-900: Microsoft Azure Fundamentals
Module 1: Cloud Concepts
Cloud Models
- Public, Private, and Hybrid Cloud
- Compare Cloud Models
Cloud Benefits and Considerations
- Benefits of Cloud
- Cloud Consideration
Cloud Services
- IaaS, PaaS, SaaS
- Sharing responsibility
Module 2: Core Azure Services
Azure Architectural Components
- Regions and Availability Zones
- Subscriptions and Resource Groups
Core Azure Resources
- Compute
- Networking
- Storage
- Databases
Module 3: Core Solutions
Core Azure Solutions
- IoT to Azure Sphere
- Synapse Analytics to Databricks
- AI/ML
Azure Management Tools
- Portal, Powershell, CLI, and Others
- Advisor, Monitor, and Service Health
Module 4: Security
Azure Security Features
- Security Center and Resource Hygiene
- Key Vault, Sentinel, and Dedicated Hosts
Azure Network Security
- Defense in Depth
- Network Security Groups and Firewalls
- DDoS Protection
Module 5: Identity, Governance, Privacy, and Compliance
Azure Identity Services
- Authentication Verses Authorization
- Azure AD, MFA, SSO, and Conditional Access
Azure Governance Features
- RBAC
- Resource locks and Tags
- Policy, Blueprints, and CAF
Azure Privacy and Compliance
- Privacy statements and Online Services Terms
- Trust Center and Compliance Documentation
- Azure sovereign Regions
Module 6: Azure Pricing and Lifecycle
Methods of Managing Costs
- Factors Affecting Costs
- Options to Reduce and Control costs
- Azure Cost Management
Service Level Agreements and Lifecycles
- Azure Service Level Agreement (SLA)
- Factors Impacting SLAs
- Azure Product and Feature Lifecycle
AZ-204: Developing Solutions for Microsoft Azure
Module 1: Creating Azure App Service Web Apps
Azure App Service core concepts
- Azure shared responsibility model
- App Service
- Web Apps
- Key features of App Service Web Apps
- App Service plans
- Authentication and authorization
- Azure App Service Hybrid Connections
- Azure App Service Local Cache
- App Service environments (ASEs)
Creating an Azure App Service Web App
- Create and deploy a web app with Azure command-line interface (CLI)
- Creating a Web App with Azure PowerShell
- Creating an App Service plan with Azure PowerShell
- App Service on Linux
- Docker in App Service on Linux
- Web apps for Linux containers
Configuring and Monitoring App Service apps
- App Service settings
- Path mappings
- Updating app runtimes
- CORS
- OS and runtime patching
- Inbound and outbound IP addresses
Inbound and outbound IP addresses
- Autoscale
- Autoscale metrics
- Autoscale patterns
- Scale based on CPU
- Autoscale setting schema
- Autoscale concepts
Azure App Service staging environments
- Deployment slots
- Modern deployment workflow
- Auto swap
- Route traffic between slots
- Automate slot management - Azure PowerShell
- Automate slot management - Azure CLI
Lab: Building a web application on Azure platform as a service offerings
Module 2: Implement Azure Functions
Azure Functions overview
- Azure Functions
- Function integrations
- Azure Function (Java program – Function.java)
- Azure Function (Python script – __init__.py)
- Scale and hosting
- Azure Functions hosting
- Triggers
- Trigger types
- Input and Output Bindings
- Bindings
- Integrating with Azure Virtual Network
Developing Azure Functions
- Azure Functions in Visual Studio Code
- Function code
- Binding configuration
- Binding-based code
- Function folder structure
- Function App settings
Implement Durable Functions
- Durable Functions
- Durable Functions types
- Durable Function scenario – Chaining
- Durable Function scenario - Fan-out/fan-in
- Durable Function scenario - Async HTTP APIs
- Durable Function scenario – Monitoring
- Durable Function scenario - Human interaction
Lab: Implement task processing logic by using Azure Functions
Module 3: Develop solutions that use blob storage
Azure Blob storage core concepts
- Azure Storage overview
- Azure Blob storage
- Azure Blob storage resource hierarchy
- Blob types
- Block blobs
- Append blobs
- Page blobs
- Blob events
- Storage durability options
Managing the Azure Blob storage lifecycle
- Storage tiers
- Storage tier pricing
- Lifecycle management
Working with Azure Blob storage
- Managing blob properties and metadata
- Blob container properties
- Exclusive access for modifying a blob
- Lease Blob operation
Lab: Retrieving Azure Storage resources and metadata by using the Azure Storage SDK for .NET
Module 4: Develop solutions that use Cosmos DB storage
Azure Cosmos DB overview
- Azure Cosmos DB
- Core functionality
- Global Replication
- Consistency levels
- APIs
- Migrating from NoSQL
- Cosmos DB throughput
Azure Cosmos DB data structure
- Resource hierarchy
- Containers
- Partitioning
- Partitioning implementation
Create and update documents by using code
- Manage collections and documents
- Creating a CosmosClient instance by using .NET
- Accessing a database by using .NET
- Accessing a container by using .NET
- JavaScript and Azure Cosmos DB
- Stored procedures
- Bounded execution
- Transaction continuation
- Optimistic concurrency
Lab: Constructing a polyglot data solution
Module 5: Implement IaaS solutions
Provisioning VMs in Azure
- Azure virtual machine creation checklist
- Naming a VM
- VM pricing models
- VM storage options
- Managed and unmanaged disks
- Azure virtual machine creation and management
- Accessing an Azure VM by using PowerShell
- Capturing performance diagnostics for a VM
- Recovering a failed VM by using a rescue VM
- Sizing a VM
- VM configuration options
- VM categories
- Manage the availability of your Azure VMs
- High availability and disaster recovery
- Availability sets, Fault domains, Update domains
- Image in Azure Marketplace
- Image Uniform Resource Name (URN)
- Azure Shared Image Gallery
- VM Serial Console
Create and deploy Azure Resource Manager templates
- Azure Resource Manager overview
- Terminology
- Resource Manager template deployment
- Three-tier Azure Resource Manager template
- Nested Resource Manager template
- Create Resource Manager templates by using the Azure portal
Create container images for solutions
- Virtualization and containers
- Container Images
- Docker
- Retrieving a new container image from Docker Hub
- Creating a container image specification with a Dockerfile
- Building the container image
- Running the custom container image as a container
Publish a container image to Azure Container Registry
- Azure Container Registry (ACR)
- Docker containers and registries
- Container Registry SKUs
- Azure Container Registry Build (ACR Build)
- Building images in Container Registry
- Trigger ACR Build by using Azure CLI
Create and run container images in Azure Container Instances
- Azure Container Instances (ACI)
- Container groups
- Container Instances features
- Deploy a container to Container Instances
Lab: Deploying compute workloads by using images and containers
Module 6: Implement user authentication and authorization
Microsoft identity platform
- Identity as the control plane
- Azure Active Directory
- Azure AD evolution
- Microsoft identity platform
- Azure AD evolution
- Microsoft identity platform overview
- Objects in Azure AD
- Application registration
- Authentication endpoints
- Authorize access to web applications by using OAuth
- service-to-service calls using client credentials
- Common authentication flows
- Interactive authentication flow
- On-Behalf-Of authentication flow
- Client credentials authentication flow
- Device code authentication flow
- Certificate-based authentication
Microsoft Authentication Library (MSAL)
- Microsoft Authentication Library (MSAL)
- Creating an authentication context by using MSAL
- Acquiring a token interactively using MSAL
- Get user profile using MSAL
Microsoft Graph
- Microsoft 365 platform
- Microsoft Graph data and services
- Graph data
- Graph explorer
- Microsoft Graph SDK
- Microsoft Graph authentication SDK
- Creating an authentication provider
- Microsoft Graph SDK Fluent API
- Using Graph Service client
Authorizing data operations in Azure Storage
- Container permissions
- CORS support for the Azure Storage services
- Authorization
- Shared Access Signatures
- Establishing a stored access policy
- Shared Access Signatures (SASs)
- Valet key pattern by using Shared Access Signatures
- Stored access policies
- SAS token generation from a stored access policy
Lab: Authenticating to and querying Microsoft Graph by using MSAL and .NET SDKs
Module 7: Implement secure cloud solutions
Manage keys, secrets, and certificates by using the KeyVault API
- Azure Key Vault
- Key Vault concepts
- Key Vault authentication
- Key Vault secret types
- Create Key Vault secret by using Azure CLI
Implement Managed Identities for Azure resources
- Azure AD–managed identity
- Managed identities implementation
- System-assigned managed identity
- User-assigned managed identity
- Types of managed identities
- Managed identities use cases
- Configure managed identities for Web Apps by using Azure CLI
Secure app configuration data by using Azure App Configuration
- Azure App Configuration
- Keys and values
- Azure App Configuration
- Labels
- Feature Management
Lab: Access resource secrets more securely across services
Module 8: Implement API Management
API Management overview
- API Management (APIM)
- Terminology, Products
- Products and APIs
- APIs and operations
- Back-end and front-end APIs
Working with APIs in APIM
- API Management instance overview
- Manage using Git
- Service hierarchy
- Policies, Policy scopes
- Advanced policy scenarios
Configure authentication for APIs
- Subscriptions
- Client certificates
Lab: Creating a multi-tier solution by using services in Azure
Module 9: Develop event-based solutions
Azure Event Grid
- Event-driven architecture
- Azure Event Grid
- Sources and handlers
- Event Grid concepts
- Schema, Security, Filtering
- Authoring custom events
- Event domains
Azure Event Hubs
- Publishing events
- Partitions, Consumer groups, Capture
- Integration with Kafka
- Event Hubs and Apache Kafka mapping
- Security model
- Creating a namespace manager by using the root key
- Creating a SAS key
Lab: Publishing and subscribing to Event Grid events
Module 10: Develop message-based solutions
Azure Service Bus
- Comparing cloud messaging options
- Azure Service Bus
- Events vs. messaging services
- Queues
- Queue-based load leveling
- Topics and subscriptions
- Messages, payloads, and serialization
Azure Queue Storage
- Components
- Code examples
Lab: Asynchronously processing messages by using Azure Queue Storage
Module 11: Instrument solutions to support monitoring and logging
Overview of monitoring in Azure
- Azure Monitor
- Monitoring data platform
- Alerts
- Alerts workflow
- Alert state
- Application Insights
- Application Insights architecture
Configure instrumentation in an app or service
- Application Insights for webpages
- Application Insights for console applications
- Application Insights for desktop apps
- Application Insights platforms
- Other monitoring tools
Analyzing and troubleshooting apps
- What data does Azure Monitor collect?
- Data source
- Azure Monitor sources
- Application Insights overview
- Monitored metrics, Application Map
- Components
- View activity logs to audit actions on resources
- Auditing in Azure PowerShell
- Monitor the availability and responsiveness of a website
Implement code that handles transient faults
- Transient errors
- Handling transient errors
- Retrying after a transient error
- Detecting if an error is transient
Lab: Monitoring services that are deployed to Azure
Module 12: Integrate caching and content delivery within solutions
Azure Cache for Redis
- Redis
- Redis data types
- Redis operations
- Azure Cache for Redis
- Azure Cache for Redis usage
- Configuration
- Accessing a Redis cache from a client
Develop for storage on CDNs
- Content delivery networks (CDNs)
- Improving the client experience by using a CDN
- CDN uses
- Azure CDN, Azure CDN platform, and usage
- Manage Azure CDN profiles by using Azure CLI
- Cache expiration in Azure CDN
- Purging and preloading assets by using Azure CLI