MS-AZ305T00: Designing Microsoft Azure Infrastructure Solutions

This module explains the basic infrastructure components of Microsoft Azure. You'll learn about the physical infrastructure, how resources are managed, and have a chance to create an Azure resource.

Lessons

- Introduction

- What is Microsoft Azure

- Get started with Azure accounts

- Exercise - Explore the Learn sandbox

- Describe Azure physical infrastructure

- Describe Azure management infrastructure

- Exercise - Create an Azure resource

- Knowledge check

- Summary

After completing this module, students will be able to:

- Describe Azure regions, region pairs, and sovereign regions

- Describe Availability Zones

- Describe Azure datacenters

- Describe Azure resources and Resource Groups

- Describe subscriptions

- Describe management groups

- Describe the hierarchy of resource groups, subscriptions, and management groups

This module focuses on some of the computer services and networking services available within Azure.

Lessons

- Introduction

- Describe Azure virtual machines

- Exercise - Create an Azure virtual machine

- Describe Azure virtual desktop

- Describe Azure containers

- Describe Azure functions

- Describe application hosting options

- Describe Azure virtual networking

- Exercise - Configure network access

- Describe Azure virtual private networks

- Describe Azure ExpressRoute

- Describe Azure DNS

- Knowledge check

- Summary

After completing this module, students will be able to:

- Compare compute types, including container instances, virtual machines, and functions

- Describe virtual machine (VM) options, including VMs, Virtual Machine Scale Sets, availability sets, Azure Virtual Desktop

- Describe resources required for virtual machines

- Describe application hosting options, including Azure Web Apps, containers, and virtual machines

- Describe virtual networking, including the purpose of Azure Virtual Networks, Azure virtual subnets, peering, Azure DNS, VPN Gateway, and ExpressRoute

- Define public and private endpoints

This module introduces you to storage in Azure, including things such as different types of storage and how a distributed infrastructure can make your data more resilient.

Lessons

- Introduction

- Describe Azure storage accounts

- Describe Azure storage redundancy

- Describe Azure storage services

- Exercise - Create a storage blob

- Identify Azure data migration options

- Identify Azure file movement options

- Knowledge check

- Summary

After completing this module, students will be able to:

- Compare Azure storage services

- Describe storage tiers

- Describe redundancy options

- Describe storage account options and storage types

- Identify options for moving files, including AzCopy, Azure Storage Explorer, and Azure File Sync

- Describe migration options, including Azure Migrate and Azure Data Box

This module covers some of the authorization and authentication methods available with Azure.

Lessons

- Introduction

- Describe Azure directory services

- Describe Azure authentication methods

- Describe Azure external identities

- Describe Azure conditional access

- Describe Azure role-based access control

- Describe Zero Trust model

- Describe defense-in-depth

- Describe Microsoft Defender for Cloud

- Knowledge check

- Summary

After completing this module, students will be able to:

- Describe directory services in Azure, including Microsoft Entra ID and Microsoft Entra Domain Services

- Describe authentication methods in Azure, including single sign-on (SSO), multifactor authentication (MFA), and passwordless

- Describe external identities and guest access in Azure

- Describe Microsoft Entra Conditional Access

- Describe Azure Role Based Access Control (RBAC)

- Describe the concept of Zero Trust

- Describe the purpose of the defense in depth model

- Describe the purpose of Microsoft Defender for Cloud

Azure Architects design and recommend data integration solutions.

Lessons

- Introduction

- Overview

- Define strategy

- Plan

- Ready

- Adopt

- Govern and manage

- Knowledge check

- Summary and resources

After completing this module, students will be able to:

- Learn how to leverage the Cloud Adoption Framework to identify where your organization is in the digital transformation journey.

- Identify triggers and opportunities for cloud adoption.

- Recognize the components needed to develop a digital transformation strategy around your business, people, and technology.

You want to build great things on Azure, but you're not sure exactly what that means. Using key principles throughout your architecture, regardless of technology choice, can help you design, build, and continuously improve your architecture.

Lessons

- Introduction

- Azure Well-Architected Framework pillars

- Cost optimization

- Operational excellence

- Performance efficiency

- Reliability

- Security

- Summary

After completing this module, students will be able to:

- Describe the pillars of the Azure Well-Architected Framework

- Identify key principles for creating a solid architectural foundation

Azure Architects design and recommend governance solutions.

Lessons

- Introduction

- Design for governance

- Design for management groups

- Design for subscriptions

- Design for resource groups

- Design for resource tags

- Design for Azure Policy

- Design for role-based access control (RBAC)

- Design for Azure landing zones

- Knowledge check

- Summary and resources

After completing this module, students will be able to:

- Design for governance.

- Design for management groups.

- Design for Azure subscriptions.

- Design for resource groups.

- Design for resource tagging.

- Design for Azure Policy.

- Design for Azure role-based access control.

- Design for Azure landing zones.

Azure Architects design and recommend authentication and authorization solutions.

Lessons

- Introduction

- Design for identity and access management (IAM)

- Design for Microsoft Entra ID

- Design for Microsoft Entra business-to-business (B2B)

- Design for Azure Active Directory B2C (business-to-customer)

- Design for conditional access

- Design for identity protection

- Design for access reviews

- Design service principals for applications

- Design managed identities

- Design for Azure Key Vault

- Knowledge check

- Summary and resources

After completing this module, students will be able to:

- Design for identity and access management.

- Design for Microsoft Entra ID.

- Design for Microsoft Entra business-to-business (B2B).

- Design for Azure Active Directory B2C (business-to-customer).

- Design for conditional access.

- Design for identity protection.

- Design for access reviews.

- Design for managed identities.

- Design for service principals for applications.

- Design for Azure Key Vault.

Azure Architects design and recommend logging and monitoring solutions.

Lessons

- Introduction

- Design for Azure Monitor data sources

- Design for Azure Monitor Logs (Log Analytics) workspaces

- Design for Azure Workbooks and Azure insights

- Design for Azure Data Explorer

- Knowledge check

- Summary and resources

After completing this module, students will be able to:

- Design for Azure Monitor data sources

- Design for Azure Monitor Logs (Log Analytics) workspaces

- Design for Azure Workbooks and Azure insights

- Design for Azure Data Explorer

Plan an appropriate high availability and disaster recovery strategy based on recovery time objective and recovery point objective. Choose the best solution for IaaS or PaaS deployments or hybrid workloads.

Lessons

- Introduction

- Describe recovery time objective and recovery point objective

- Explore high availability and disaster recovery options

- Describe Azure high availability and disaster recovery features for Azure Virtual Machines

- Describe high availability and disaster recovery options for PaaS deployments

- Explore an laaS high availability and disaster recovery solution

- Describe hybrid solutions

- Knowledge check

- Summary

After completing this module, students will be able to:

- Define recovery time objective and recovery point objective

- Explore the available high availability and disaster recovery options for both IaaS and PaaS

- Devise an appropriate high availability and disaster recovery strategy

Learn how to select appropriate backup solutions and disaster recovery solutions for Azure workloads.

Lessons

- Introduction

- Design for backup and recovery

- Design for Azure Backup

- Design for Azure blob backup and recovery

- Design for Azure files backup and recovery

- Design for Azure virtual machine backup and recovery

- Design for Azure SQL backup and recovery

- Design for Azure Site Recovery

- Knowledge check

- Summary and resources

After completing this module, students will be able to:

- Design for backup and recovery.

- Design for Azure Backup.

- Design for Azure blob backup and recovery.

- Design for Azure Files backup and recovery.

- Design for Azure virtual machine backup and recovery.

- Design for Azure SQL backup and recovery.

- Design for Azure Site Recovery.

Azure Architect's design and recommend nonrelational data storage solutions.

Lessons

- Introduction

- Design for data storage

- Design for Azure storage accounts

- Design for data redundancy

- Design for Azure Blob Storage

- Design for Azure Files

- Design for Azure managed disks

- Design for storage security

- Knowledge check

- Summary and resources

After completing this module, students will be able to:

- Design for data storage.

- Design for Azure storage accounts.

- Design for Azure blob storage.

- Design for data redundancy.

- Design for Azure files.

- Design an Azure disk solution.

- Design for storage security.

Azure Architect's design and recommend relational data storage solutions.

Lessons

- Introduction

- Design for Azure SQL Database

- Design for Azure SQL Managed Instance

- Design for SQL Server on Azure Virtual Machines

- Recommend a solution for database scalability

- Recommend a solution for database availability

- Design security for data at rest, data in motion, and data in use

- Design for Azure SQL Edge

- Design for Azure Cosmos DB and Table Storage

- Knowledge check

- Summary and resources

By the end of this module, you're able to:

- Design for Azure SQL Database.

- Design for Azure SQL Managed Instance.

- Design for SQL Server on Azure Virtual Machines.

- Recommend a solution for database scalability.

- Recommend a solution for database availability.

- Design protection for data at rest, data in transmission, and data in use.

- Design for Azure SQL Edge.

- Design for Azure Cosmos DB.

- Design for Azure Table Storage.

Azure Architects design and recommend data integration solutions.

Lessons

- Introduction

- Design a data integration solution with Azure Data Factory

- Design a data integration solution with Azure Data Lake

- Design a data integration and analytic solution with Azure Databricks

- Design a data integration and analytic solution with Azure Synapse Analytics

- Design strategies for hot, warm, and cold data paths

- Design an Azure Stream Analytics solution for data analysis

- Knowledge check

- Summary and resources

By the end of this module, you'll understand the five principles of the Cost Optimization pillar and some key approaches to:

- Design a data integration solution with Azure Data Factory.

- Design a data integration solution with Azure Data Lake.

- Design a data integration and analytics solution with Azure Databricks.

- Design a data integration and analytics solution with Azure Synapse Analytics.

- Design strategies for hot, warm, and cold data paths.

- Design an Azure Stream Analytics solution for data analysis.

Azure Architects design and recommend Azure compute solutions.

Lessons

- Introduction

- Choose an Azure compute service

- Design for Azure Virtual Machines solutions

- Design for Azure Batch solutions

- Design for Azure App Service solutions

- Design for Azure Container Instances solutions

- Design for Azure Kubernetes Service solutions

- Design for Azure Functions solutions

- Design for Azure Logic Apps solutions

- Knowledge check

- Summary and resources

By the end of this module, you're able to:

- Choose an Azure compute service.

- Design for Azure Virtual Machines solutions.

- Design for Azure Batch solutions.

- Design for Azure App Service solutions.

- Design for Azure Container Instances solutions.

- Design for Azure Kubernetes Service solutions.

- Design for Azure Functions solutions.

- Design for Azure Logic Apps solutions.

Azure Architects are responsible to design and recommend application architectures.

Lessons

- Introduction

- Describe message and event scenarios

- Design a messaging solution

- Design an Azure Event Hubs messaging solution

- Design an event-driven solution

- Design a caching solution

- Design API integration

- Design an automated app deployment solution

- Design an app configuration management solution

- Knowledge check

- Summary and resources

By the end of this module, you're able to:

- Describe message and event scenarios.

- Design a messaging solution.

- Design an Azure Event Hubs messaging solution.

- Design an event-driven solution.

- Design an automated app deployment solution.

- Design API integration.

- Design an application configuration management solution.

- Design a caching solution.

Azure Architects need to design and recommend network solutions.

Lessons

- Introduction

- Recommend a network architecture solution based on workload requirements

- Design patterns for Azure network connectivity services

- Design outbound connectivity and routing

- Design for on-premises connectivity to Azure Virtual Network

- Choose an application delivery service

- Design for application delivery services

- Design for application protection services

- Knowledge check

- Summary and resources

By the end of this module, you're able to:

- Recommend a network architecture solution based on workload requirements

- Design for on-premises connectivity to Azure Virtual Network

- Design for Azure network connectivity services

- Design for application delivery services

- Design for application protection services

Azure Architect's design and recommend migration solutions.

Lessons

- Introduction

- Evaluate migration with the Cloud Adoption Framework

- Describe the Azure migration framework

- Assess your on-premises workloads

- Select a migration tool

- Migrate your structured data in databases

- Select an online storage migration tool for unstructured data

- Migrate offline data

- Knowledge check

- Summary and resources

By the end of this module, you'll be able to:

- Evaluate migration with the Microsoft Cloud Adoption Framework for Azure

- Describe the Azure Migration and Modernization Program (Azure Migration Framework)

- Assess your on-premises workloads

- Select a migration tool

- Migrate your databases

- Select an online storage migration tool

- Migrate offline data

Apply cost optimization guidance in your architecture to sustain and improve your return on investment (ROI).

Lessons

- Introduction

- Develop cost-management discipline

- Design with a cost-efficiency mindset

- Design for usage optimization

- Design for rate optimization

- Monitor and optimize over time

- Summary

By the end of this module, you're able to:

- Build a team culture that has awareness of budget, expenses, reporting, and cost tracking

- Spend only on what you need to achieve the highest return on your investments

- Maximize the use of resources and operations

- Increase efficiency without redesigning, renegotiating, or sacrificing requirements

- Continuously right-size investment as your workload evolves

Learn how to design an Azure architecture that uses modern practices and gives you full visibility into what's happening in your environment.

Lessons

- Introduction

- Embrace DevOps culture

- Establish development standards

- Evolve operations with observability

- Deploy with confidence

- Automate for efficiency

- Adopt safe deployment practices

- Summary

By the end of this module, you're able to:

- Apply modern practices to design, build, and orchestrate resources on Azure

- Gain operational insights by using monitoring and analytics

- Reduce effort and error by using automation

- Identify issues and improve quality in your application by using tests

Scaling your system to handle load, identifying network bottlenecks, and optimizing your storage performance are important to ensure your users have the best experience. Learn how to make your application perform at its best.

Lessons

- Introduction

- Negotiate realistic performance targets

- Design to meet capacity requirements

- Achieve and sustain performance

- Improve efficiency through optimization

- Summary

By the end of this module, you're able to:

- Scale your capacity based on workload.

- Optimize network performance.

- Optimize storage and database performance.

- Improve application performance by identifying bottlenecks.

Apply reliability guidance in your architecture to improve your workload's availability and resilience.

Lessons

- Introduction

- Design for business requirements

- Design for resilience

- Design for recovery

- Design for operations

- Keep it simple

- Summary

By the end of this module, you're able to:

- Determine the reliability requirements from the business and apply those requirements to your workload design.

- Design your workload to be fault-tolerant and able to degrade gracefully.

- Design your workload to recover from malfunctions ranging from component-level faults to disasters.

- Build observability and testing into your workload design and operations practices.

- Design your workload with a focus on simplicity to minimize risks.

Learn how to incorporate security into your architecture design, and discover the tools that Azure provides to help you create a secure environment through all the layers of your architecture.

Lessons

- Introduction

- Plan your security readiness

- Design to protect confidentiality

- Design to protect integrity

- Design to protect availability

- Sustain and evolve your security posture

- Summary

By the end of this module, you're able to:

- Create a security readiness plan that's aligned with business priorities.

- Properly handle confidentiality requirements.

- Strengthen the integrity of your workload against security risks.

- Strengthen the availability of your workload against security incidents.

- Continuously maintain and improve your workload's security posture.

The Microsoft Cloud Adoption Framework for Azure is a guide to the full lifecycle of cloud adoption. Along your organization's journey to the cloud, you encounter roadblocks that can be easily removed through common approaches that thousands of customers share.

Lessons

- Create a security readiness plan that's aligned with business priorities.

- Properly handle confidentiality requirements.

- Strengthen the integrity of your workload against security risks.

- Strengthen the availability of your workload against security incidents.

- Continuously maintain and improve your workload's security posture

By the end of this module, you're able to:

- Create a security readiness plan that's aligned with business priorities.

- Properly handle confidentiality requirements.

- Strengthen the integrity of your workload against security risks.

- Strengthen the availability of your workload against security incidents.

- Continuously maintain and improve your workload's security posture

Success in cloud adoption depends on having a clear strategy that helps a team understand executive direction and regularly measure progress. This module helps you capture the cloud adoption strategy you need to drive your success.

Lessons

- Introduction

- Customer narrative

- Capture strategic motivation

- Define objectives and key results

- Evaluate financial considerations

- Understand technical considerations

- Create a business case

- Knowledge check

- Summary

By the end of this module, you're able to:

- Create clarity for a corporate strategy to ensure that all team members are working toward common goals.

- Establish metrics to create clarity, help the team learn, and systematically work toward your organizational objectives.

- Evaluate financial considerations to understand the value of cloud adoption.

- Assess your strategy using the Cloud Adoption Strategy.

- Evaluate technical considerations to help the team prepare for successful cloud adoption projects.

Adopting the cloud might depend on many moving parts. Starting with a sound plan built by experts creates clarity. Integrating data about your current environment and long-term objectives refines the plan to reflect realistic expectations and assignments.

Lessons

- Introduction

- Customer narrative

- Exercise - Deploy your first cloud adoption plan

- Exercise - Customize your cloud adoption plan

- Summary

By the end of this module, you're able to:

- Create an actionable cloud adoption plan.

- Understand your digital estate.

- Assess the digital estate with Azure Migrate and refine your plan.

Azure landing zones can accelerate configuration of your cloud environment. This module will help you choose and get started with the best landing zone option for your needs.

Lessons

- Introduction

- Customer narrative

- Common operating models

- Design areas for Azure landing zones

- Design principles for Azure landing zones

- Journey to the target architecture

- Choose an Azure landing zone option

- Deploy the Azure landing zone accelerator

- Enhance your landing zone

- Summary

By the end of this module, you're able to:

- Compare your management, governance, and security requirements for operations to common operating models.

- Evaluate options for implementing Azure landing zones against your short-term and long-term requirements.

- Choose the best Azure landing zone and Learn modules to support your needs for cloud adoption.

Learn how to use the four stages of the Cloud Adoption Framework Migrate methodology to migrate your workload to the cloud.

Lessons

- Introduction

- Prepare for your migration

- Assess your workload

- Deploy your assets

- Release your workload

- Knowledge check

- Summary

By the end of this module, you're able to:

- Prepare your landing zone for migration.

- Evaluate the readiness of your workload and plan for the migrated state.

- Deploy assets and remediate problems.

- Release your deployed workloads to production.

Without proper governance, it can be difficult and laborious to maintain consistent control across a portfolio of workloads. Fortunately, cloud-native tools like Azure Policy provide convenient means to establish those controls. The Govern methodology helps you evaluate and establish corporate policies and disciplines to mitigate tangible risks.

Lessons

- Introduction

- Customer narrative

- Govern methodology

- Assess cloud governance risks

- Document cloud governance policies

- Enforce cloud governance policies

- Monitor cloud governance

- Knowledge check

- Summary

By the end of this module, you're able to:

- Learn about the Cloud Adoption Framework Govern methodology.

- Build a cloud governance team to oversee cloud governance.

- Assess cloud risks to determine which policies to implement.

- Document cloud governance policies to ensure transparency.

- Enforce cloud governance policies to ensure compliance.

- Monitor cloud governance to maintain compliance and refine policies.

As workloads are deployed to the cloud, operations are critical to success. In this learn module, you learn how to deploy an operations baseline to manage workloads in your environment. The module also covers how to enhance the baseline, both for workloads and for platforms.

Lessons

- Introduction

- Establish business commitments

- Deploy an operations baseline

- Protect and recover

- Enhance an operations baseline

- Manage platform and workload specialization

- Knowledge check

- Summary

By the end of this module, you're able to:

- Evaluate levels of business commitment across your portfolio of workloads

- Deploy an operations baseline

- Customize the baseline to meet operations needs

- Centralize operations for core platforms

- Partner with workload teams for richer decentralized operations

Innovation is a complex subject that encompasses many disciplines. The agility of the public cloud allows to quicker innovation cycles and quicker hypothesis verification. Learn how to use Azure cloud technologies to sustain your organization's innovation requirements.

Lessons

- Introduction

- Follow the innovation lifecycle

- Azure technologies for the build process

- Infuse your applications with Al

- Azure technologies for measuring business impact

- Azure technologies for the learn process

- Knowledge check

- Summary

By the end of this module, you're able to:

- Understand the innovation cycle

- Map Azure services to the phases of the innovation cycle

- Correlate technologies to business outcomes of innovation

Organizations moving to the cloud often find they need to modernize security practices and tooling to keep up with continuous changes in cloud platforms, business requirements, and security threats.

The Microsoft Cloud Adoption Framework for Azure provides guidance for this security modernization journey by providing clarity on processes, best practices, models, and experiences. This guidance is based on Zero Trust principles and the lessons learned and real-world experiences of Microsoft's own security work. It's also based on work with organizations like the National Institute of Standards and Technology, the Open Group, and the Center for Internet Security.

Lessons

- Introduction

- Customer narrative

- Methodology

- Security roles and responsibilities

- Simplify compliance and security

- Simplify security implementation

- Security tools and policies

- Summary

By the end of this module, you're able to:

- Understand cloud security methodology.

- Identify security roles and responsibilities.

- Assess cultural and role and responsibility changes that typically come with cloud adoption.

- Learn how to simplify compliance and security implementation in the cloud.