M-AZ301 – Azure Architect Design
Enquire/Book this course
Trained over 60000 delegates
Course delivered by industry expert instructors
Highly competitive pricing
Course Description
Learn how to manage security and identity within the context of Azure. Also, you’ll be introduced to multiple SaaS services available in Azure that for integration into existing Azure solutions.
Learn to Compare and contrast various database options on Azure, identify data streaming options for large-scale data ingest, and identify longer-term data storage options.
Learn how to deploy an ARM template to a resource group, author a complex deployment using the Azure Building Blocks tools, and integrate an API or Logic App with the API Management service.
Learn how to Describe DNS and IP strategies for VNETs in Azure, compare connectivity options for ad-hoc and hybrid connectivity, distribute network traffic across multiple loads using load balancers, and design a hybrid connectivity scenario between cloud and on-premise.
Target Student
Successful Cloud Solutions Architects begin this role with practical experience with operating systems, virtualization, cloud infrastructure, storage structures, billing, and networking.
Pre-requisites
Performance-Based Objectives
- Integrate their existing solutions with external identity providers using Azure AD B2B or B2C.
- Design a hybrid identity solution.
- Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management.
- Secure application secrets using Key Vault.
- Secure application data using SQL Database and Azure Storage features.
- Detail the various APIs available in Cognitive Services.
- Identify when to use the Face API, Speech API or Language Understanding (LUIS) service.
- Describe the relationship to Bot Framework and Azure Bot Services.
- Determine the ideal pricing option for Azure Storage based on a solution’s requirements.
- Identify performance thresholds for the Azure Storage service.
- Determine the type of Storage blobs to use for specific solution components.
- Use the Azure Files service for SMB operations.
- Identify solutions that could benefit from the use of StorSimple physical or virtual devices.
- Compare and contrast monitoring services for applications, the Azure platform, and networking.
- Design an alert scheme for a solution hosted in Azure.
- Select the appropriate backup option for infrastructure and data hosted in Azure.
- Automate the deployment of future resources for backup recovery or scaling purposes.
- Create a resource group.
- Add resources to a resource group.
- Deploy an ARM template to a resource group Integrate an API or Logic App with the API Management service.
- Design an App Service Plan or multi-region deployment for high performance and scale.
- Integrate an API or Logic App with the API Management service.
- Design an App Service Plan or multi-region deployment for high performance and scale.
- Describe various patterns pulled from the Cloud Design Patterns.
- Distribute network traffic across multiple loads using load balancers.
- Design a hybrid connectivity scenario between cloud and on-premise.
- Design an availability set for one or more virtual machines.
- Describe the differences between fault and update domains.
- Author a VM Scale Set ARM template.
Course Content
AZ-301T01: Designing for Identity and Security
Module 1 - Managing Security & Identity for Azure Solutions
This module discusses both security and identity within the context of Azure. For security, this module reviews the various options for monitoring security, the options available for securing data and the options for securing application secrets. For identity, this module focuses specifically on Azure Active Directory (Azure AD) and the various features available such as Multi-Factor Authentication (MFA), Managed Service Identity, Azure AD Connect, ADFS and Azure AD B2B/B2C.
Module 2 - Integrating SaaS Services Available on the Azure Platform
This module introduces multiple SaaS services available in Azure that are available for integration into existing Azure solutions. These services include Cognitive Services, Bot Service, Machine Learning and Media Services.
AZ-301T02: Designing a Data Platform Solution
Module 1 - Backing Azure Solutions with Azure Storage
This module describes how many Azure services use the Azure Storage service as a backing store for other application solution in Azure. The module dives into critical considerations when using Azure Storage as a supplemental
service for an all-up Azure solution.
After completing module 1, students will be able to:
- Determine the ideal pricing option for Azure Storage based on a solution’s requirements.
- Identify performance thresholds for the Azure Storage service.
- Determine the type of Storage blobs to use for specific solution components.
- Use the Azure Files service for SMB operations.
- Identify solutions that could benefit from the use of StorSimple physical or virtual devices.
Module 2 - Comparing Database Options in Azure
This module compares the various relational and non-relational data storage options available in Azure. Options are explored as groups such as relational databases (Azure SQL Database, MySQL, and PostgreSQL on Azure), non-relational (Azure Cosmos DB, Storage Tables), streaming (Stream Analytics) and storage (Data Factory, Data Warehouse, Data Lake).
Module 3 - Monitoring & Automating Azure Solutions
This module covers the monitoring and automation solutions available after an Azure solution has been architected, designed and possibly deployed. The module reviews services that are used to monitor individual applications, the Azure platform, and networked components. This module also covers automation and backup options to enable business-continuity scenarios for solutions hosted in Azure.
AZ-301T03: Designing for Deployment, Migration, and Integration
Module 1 - Deploying Resources with Azure Resource Manager
This module establishes a basic understanding of Azure Resource Manager and the core concepts of deployments, resources, templates, resource groups, and tags. The module will dive deeply into the automated deployment of resources using ARM templates.
Module 2 - Creating Managed Server Applications in Azure
This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.
Module 3 - Authoring Serverless Applications in Azure
This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.
AZ-301T04: Designing an Infrastructure Strategy
Module 1 - Application Architecture Patterns in Azure
This module introduces, and reviews common Azure patterns and architectures as prescribed by the Microsoft Patterns & Practices team. Each pattern is grouped into performance, resiliency, and scalability categories and described in the context of similar patterns within the category.
After completing module 1, students will be able to:
- Locate and reference the Cloud Design Patterns documentation.
- Locate and reference the Azure Architecture Center.
- Describe various patterns pulled from the Cloud Design Patterns.
Module 2 - Building Azure IaaS-Based Server Applications (ADSK)
This module identifies workloads that are ideally deployed using Infrastructure-as-a-Service services in Azure. The module focuses on the VM Scale Sets and Virtual Machine services in Azure and how to best deploy workloads to these services using best practices and features such as Availability Sets.
Module 3 - Networking Azure Application Components
This module describes the various networking and connectivity options available for solutions deployed on Azure. The module explores connectivity options ranging from ad-hoc connections to long-term hybrid connectivity scenarios. The module also discusses some of the performance and security concerns related to balancing workloads across multiple compute instances, connecting on-premise infrastructure to the cloud and creating gateways for on-premise data.
Module 4 - Integrating Azure Solution Components Using Messaging Services
This module describes and compares the integration and messaging services available for solutions hosted on the Azure platform. Messaging services described include Azure Storage Queues, Service Bus Queues, Service Bus Relay, IoT Hubs, Event Hubs, and Notification Hubs. Integration services include Azure Functions and Logic Apps.
AZ-301T01: Designing for Identity and Security
Lab : Securing Secrets in Azure
- Integrate their existing solutions with external identity providers using Azure AD B2B or B2C.
- Design a hybrid identity solution.
- Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management.
- Secure application secrets using Key Vault.
- Secure application data using SQL Database and Azure Storage features.
Lab : Deploying Service Instances as Components of Overall Azure Solutions
- Detail the various APIs available in Cognitive Services.
- Identify when to use the Face API, Speech API or Language Understanding (LUIS) service.
AZ-301T02: Designing a Data Platform Solution
Lab : Deploying Database Instances in Azure
- Compare and contrast monitoring services for applications, the Azure platform, and networking.
- Identify data streaming options for large-scale data ingest.
- Identify longer-term data storage options.
Lab : Deploying Configuration Management Solutions to Azure
- Compare and contrast monitoring services for applications, the Azure platform, and networking.
- Design an alert scheme for a solution hosted in Azure.
- Select the appropriate backup option for infrastructure and data hosted in Azure.
- Automate the deployment of future resources for backup recovery or scaling purposes.
AZ-301T03: Designing for Deployment, Migration, and Integration
Lab : Deploying Resources with Azure Resource Manager
- Create a resource group.
- Add resources to a resource group.
- Deploy an ARM template to a resource group.
- Filter resources using tags.
- Author a complex deployment using the Azure Building Blocks tools.
Lab : Deploying Managed Containerized Workloads to Azure
- Select between hosting application code or containers in an App Service instance.
- Describe the differences between API, Mobile, and Web Apps.
- Integrate an API or Logic App with the API Management service.
- Design an App Service Plan or multi-region deployment for high performance and scale.
Lab : Deploying Serverless Workloads to Azure
- Select between hosting application code or containers in an App Service instance.
- Describe the differences between API, Mobile, and Web Apps.
- Integrate an API or Logic App with the API Management service.
- Design an App Service Plan or multi-region deployment for high performance and scale.
AZ-301T04: Designing an Infrastructure Strategy
Lab : Building Azure IaaS-Based Server Applications.
- Design an availability set for one or more virtual machines.
- Describe the differences between fault and update domains.
- Author a VM Scale Set ARM template.
- Join a virtualized machine to a domain either in Azure or on a hybrid network.
Lab : Deploying Network Infrastructure for Use in Azure Solutions
- Describe DNS and IP strategies for VNETs in Azure.
- Compare connectivity options for ad-hoc and hybrid connectivity.
- Distribute network traffic across multiple loads using load balancers.
- Design a hybrid connectivity scenario between cloud and on-premise.
Lab : Integrating Azure Solution Components using Messaging Services
- Compare Storage Queues to Service Bus Queues.
- Identify when to use Azure Functions or Logic Apps for integration components in a solution.
- Describe the differences between IoT Hubs, Event Hubs and Time Series Insights.