Az-304: Microsoft Azure Architect Design
Overview
In this course you will learn how to translate business requirements into secure, scalable, and reliable solutions. Lessons include design considerations related to logging, cost analysis, authentication and authorization, governance, security, storage, high availability, and migration. This course will help you to prepare to pass the Microsoft certification exam AZ-304: Microsoft Azure Architect Design.
Who This course is designed for
Solutions Architects
Prerequisites
- Understanding of on-premises virtualization technologies, including: VMs, virtual networking, and virtual hard disks.
- Understanding of network configuration, including TCP/IP, Domain Name System (DNS), virtual private networks (VPNs), firewalls, and encryption technologies.
- Understanding of Active Directory concepts, including domains, forests, domain controllers, replication, Kerberos protocol, and Lightweight Directory Access Protocol (LDAP).
- Understanding of resilience and disaster recovery, including backup and restore operations.
Your Instructor
Course Objectives
- Recommend solutions to minimize costs
- Recommend a solution for Conditional Access, including multi-factor authentication
- Recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect
- Recommend a solution for using Azure Policy
- Recommend a solution that includes KeyVault
- Recommend a solution that includes Azure AD Managed Identities
- Recommend a storage access solution
- Design and Azure Site Recovery solution
- Recommend a solution for autoscaling
- Recommend a solution for containers
- Recommend a solution for network security
- Recommend a solution for migrating applications and VMs
- Recommend a solution for migration of databases
Course Modules
Course Outline
Module 01 - Design for Cost Optimization
In this module you will learn how to recommend a solution for cost management and cost reporting and recommend solutions to minimize costs.
Module 02 - Design a Solution for Logging and Monitoring
In this module you will learn how to determine levels and storage locations for logs, plan for integration with monitoring tools including Azure Monitor and Azure Sentinel, recommend appropriate monitoring tool(s) for a solution, choose a mechanism for event routing and escalation and recommend a logging solution for compliance requirements.
Module 03 - Design Authentication
In this module you will learn how to recommend a solution for single-sign on, authentication, Conditional Access, including multi-factor authentication and network access authentication. This module will also cover how to recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect Health, user self-service as well as recommend and implement a solution for B2B integration.
Module 04 - Design Authorization
In this module you will learn how to choose an authorization approach, recommend a hierarchical structure that includes management groups, subscriptions and resource groups and recommend an access management solution including RBAC policies, access reviews, role assignments, physical access, Privileged Identity Management (PIM), Azure AD Identity Protection, Just In Time (JIT) access.
Module 05 - Design Governance
In this module you will learn how to recommend a strategy for tagging, a solution for using Azure Policy and a solution for using Azure Blueprint.
Module 06 - Design Security for Applications
In this module you will learn how to recommend a solution that includes KeyVault, a solution that includes Azure AD Managed Identities and a solution for integrating applications into Azure AD.
Module 07 - Design a Solution for Databases
In this module you will learn how to select an appropriate data platform based on requirements, recommend database service tier sizing, recommend a solution for database scalability and recommend a solution for encrypting data at rest, data in transmission, and data in use.
Module 08 - Design Data Integration
This module will cover how to recommend a data flow to meet business requirements and recommend a solution for data integration, including Azure Data Factory, Azure Data Bricks, Azure Data Lake, Azure Synapse Analytics.
Module 09 - Select an Appropriate Storage Account
In this module you will learn how to choose between storage tiers, recommend a storage access solution and recommend storage management tools.
Module 10 - Design a Solution for Backup and Recovery
In this module you will learn how to recommend a recovery solution for Azure hybrid and on-premises workloads that meets recovery objectives (RTO, RLO, RPO), design and Azure Site Recovery solution, recommend a solution for recovery in different regions, recommend a solution for Azure Backup management and design a solution for data archiving and retention.
Module 11 - Design for High Availability
In this module you will learn how to recommend a solution for application and workload redundancy, including compute, database, and storage, recommend a solution for autoscaling, identify resources that require high availability, identify storage types for high availability and recommend a solution for geo-redundancy of workloads.
Module 12 - Design a Compute Solution
In this module you will learn how to recommend a solution for compute provisioning, determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, and containers, recommend a solution for containers and recommend a solution for automating compute management.
Module 13 - Design a Network Solution
This module will cover how to recommend a solution for network addressing and name resolution, network provisioning, network security. You will also learn how to recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks, recommend a solution for automating network management and recommend a solution for load balancing and traffic routing.
Module 14 - Design an Application Architecture
In this module you will learn how to recommend a microservices architecture including Event Grid, Event Hubs, Service Bus, Storage Queues, Logic Apps, Azure Functions, and webhooks, recommend an orchestration solution for deployment of applications including ARM templates, Logic Apps, or Azure Functions and recommend a solution for API integration.
Module 15 - Design Migrations
This module will cover how to assess and interpret on-premises servers, data, and applications for migration, recommend a solution for migrating applications and VMs and recommend a solution for migration of databases.