Microsoft Azure Solutions

Developing Microsoft Azure Solutions

  • Deploy workloads on Azure Resource Manager (ARM) Virtual Machines (VMs)
    • Identify workloads that can and cannot be deployed; run workloads, including Microsoft and Linux; create VMs
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration and VM Agent (custom script extensions)
    • Configure VMs using a configuration management tool, such as Puppet or Chef
    • Enable remote debugging
  • Configure ARM VM networking
    • Configure static IP addresses, Network Security Groups (NSG), DNS, User Defined Routes (UDRs), external and internal load balancing with HTTP and TCP health probes, public IPs, firewall rules and direct server return; design and implement Application Gateway
  • Scale ARM VMs
    • Scale up and scale down VM sizes, deploy ARM VM Scale Sets (VMSS), configure ARM VMSS auto-scale
  • Design and implement ARM VM storage
    • Configure disk caching, plan for storage capacity, configure shared storage using Azure File service, configure geo-replication, implement ARM VMs with Standard and Premium Storage
  • Monitor ARM VMs
    • Configure ARM VM monitoring, configure alerts, configure diagnostic and monitoring storage location
  • Manage ARM VM availability
    • Configure multiple ARM VMs in an availability set for redundancy, configure each application tier into separate availability sets, combine the Load Balancer with availability sets
  • Implement Azure Storage blobs and Azure files
    • Read data, change data, set metadata on a container, store data using block and page blobs, stream data using blobs, access blobs securely, implement async blob copy, configure Content Delivery Network (CDN), design blob hierarchies, configure custom domains, scale blob storage
  • Implement Azure storage tables and queues
    • Implement CRUD with and without transactions
    • Design and manage partitions
    • Query using OData, scale tables and partitions, add and process messages, retrieve a batch of messages, scale queues
  • Manage access and monitor storage
    • Generate shared access signatures, including client renewal and data validation
    • Create stored access policies
    • Regenerate storage account keys
    • Configure and use Cross-Origin Resource Sharing (CORS)
    • Set retention policies and logging levels
    • Analyse logs
  • Implement Azure SQL Databases
    • Choose the appropriate database tier and performance level, configure and perform point-in-time recovery, enable geo-replication, import and export data and schema, scale Azure SQL databases
  • Implement Azure DocumentDB
    • Create databases and collections, query documents, run DocumentDB queries
  • Implement Redis caching
    • Choose a cache tier, implement data persistence, implement security and network isolation, tune cluster performance
  • Implement Azure Search
    • Create a service index, add data, search an index, handle search results
  • Integrate an app with Azure Active Directory (Azure AD)
    • Develop apps that use WS-federation, OAuth, and SAML-P endpoints; query the directory using Graph API
  • Design and implement a communication strategy
    • Implement hybrid connections to access data sources on-premises, leverage site-to-site (S2S) VPN and ExpressRoute to connect to an on-premises infrastructure
  • Design and implement a messaging strategy
    • Develop and scale messaging solutions using service bus queues, topics, relays and notification hubs
    • Monitor service bus queues, topics, relays, event hubs and notification hubs
  • Develop apps that use Azure AD B2C and Azure AD B2B
    • Design and implement .NET MVC, Web API and Windows desktop apps that leverage social identity provider authentication, including Microsoft account, Facebook, Google+, Amazon and LinkedIn; leverage Azure AD B2B to design and implement applications that support partner-managed identities
  • Design Azure App Service Web Apps
    • Define and manage App Service plans
    • Configure Web Apps settings, certificates and custom domains; manage Web Apps by using the API, Azure PowerShell and Xplat-CLI
    • Implement diagnostics, monitoring and analytics
    • Implement web jobs
    • Design and configure Web Apps for scale and resilience
  • Implement Azure Functions
    • Create Azure Functions, implement a webhook function, create an event processing function, implement an Azure-connected function
  • Implement API management
    • Create managed APIs, configure API management policies, protect APIs with rate limits, add caching to improve performance, monitor APIs, customise the Developer Portal
  • Design Azure App Service API Apps
    • Create and deploy API Apps, automate API discovery by using Swashbuckle, use Swagger API metadata to generate client code for an API app, monitor API Apps
  • Develop Azure App Service Logic Apps
    • Create a Logic App connecting SaaS services, create a Logic App with B2B capabilities, create a Logic App with XML capabilities, trigger a Logic App from another app, create custom and long-running actions, monitor Logic Apps
  • Develop Azure App Service Mobile Apps
    • Create a Mobile App, add offline sync to a Mobile App, add authentication to a Mobile App, add push notifications to a Mobile App
  • Design and implement Azure Service Fabric apps
    • Create a Service Fabric application; build an Actors-based service
    • Add a web front end to a Service Fabric application
    • Monitor and diagnose services
    • Migrate apps from cloud services
    • Create, secure, upgrade and scale Service Fabric Cluster in Azure
    • Scale a Service Fabric app

Implementing Microsoft Azure Infrastructure Solutions

    • Deploy Web Apps
    • Define deployment slots
    • Roll back deployments
    • Implement pre- and post-deployment actions
    • Create, configure and deploy packages
    • Create App Service plans
    • Migrate Web Apps between App Service plans
    • Create a Web App within an App Service plan
  • Configure Web Apps
    • Define and use app settings, connection strings, handlers and virtual directories; configure certificates and custom domains
    • Configure SSL bindings and runtime configurations
    • Manage Web Apps by using Azure PowerShell and Xplat-CLI
  • Configure diagnostics, monitoring and analytics
    • Retrieve diagnostics data
    • View streaming logs
    • Configure endpoint monitoring, configure alerts
    • Configure diagnostics
    • Use remote debugging
    • Monitor Web App resources
  • Configure Web Apps for scale and resilience
    • Configure auto-scale using built-in and custom schedules, configure by metric, change the size of an instance, configure Traffic Manager
  • Deploy workloads on Azure Resource Manager (ARM) virtual machines (VMs)
    • Identify workloads that can and cannot be deployed, run workloads including Microsoft and Linux, create VMs, connect to a Windows/Linux VM
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration (DSC) and VM Agent (custom script extensions), configure VMs using a configuration management tool such as Puppet or Chef, enable remote debugging
  • Design and implement VM storage
    • Configure disk caching, plan storage capacity, configure operating system disk redundancy, configure shared storage using Azure File service, configure geo-replication, encrypt disks, implement ARM VMs with Standard and Premium Storage
  • Monitor ARM VMs
    • Configure ARM VM monitoring, configure alerts, configure diagnostic and monitoring storage location
  • Scale ARM VMs
    • Scale up and scale down VM sizes, deploy ARM VM Scale Sets (VMSS), configure ARM VMSS auto-scale
  • Implement Azure storage blobs and Azure files
    • Read data, change data, set metadata on a container, store data using block and page blobs, stream data using blobs, access blobs securely, implement async blob copy, configure a Content Delivery Network (CDN), design blob hierarchies, configure custom domains, scale blob storage
  • Manage access
    • Create and manage shared access signatures, use stored access policies, regenerate keys
  • Configure diagnostics, monitoring and analytics
    • Set retention policies and logging levels, analyse logs
  • Implement Azure SQL Databases
    • Choose the appropriate database tier and performance level
    • Configure point-in-time recovery, geo-replication and data sync
    • Import and export data and schema
    • Design a scaling strategy
  • Implement recovery services
    • Create a backup vault, deploy a backup agent, back up and restore data
  • Integrate an Azure Active Directory (Azure AD) with existing directories
    • Implement Azure AD Connect and single sign-on with on-premises Windows Server 2012 R2, add custom domains, monitor Azure AD
  • Configure Application Access
    • Configure single sign-on with SaaS applications using federation and password-based, add users and groups to applications, revoke access to SaaS applications, configure access, configure federation with Facebook and Google ID
  • Integrate an app with Azure AD
    • Implement Azure AD integration in web and desktop applications, leverage Graph API
  • Implement Azure AD B2C and Azure B2B
    • Create an Azure AD B2C Directory, register an application, implement social identity provider authentication, enable multi-factor authentication, set up self-service password reset, implement B2B collaboration, configure partner users, integrate with applications
  • Configure virtual networks
    • Deploy a VM into a virtual network
    • Configure external and internal load balancing; implement Application Gateway
    • Design subnets
    • Configure static, public, and private IP addresses
    • Set up Network Security Groups (NSGs), DNS at the virtual network level, HTTP and TCP health probes, public IPs, User Defined Routes (UDRs), firewall rules and direct server return
  • Modify network configuration
    • Modify subnets, NSGs, and UDRs
  • Design and implement a multi-site or hybrid network
    • Choose the appropriate solution between ExpressRoute, site-to-site and point-to-site
    • Choose the appropriate gateway
    • Identify supported devices and software VPN solutions
    • Identify networking prerequisites
    • Configure virtual networks and multi-site virtual networks
  • Implement ARM templates
    • Author ARM templates; create ARM templates to deploy ARM Resource Providers resources
    • Deploy templates with PowerShell, CLI and REST API
  • Control access
    • Leverage service principles with ARM authentication, use Azure Active Directory Authentication with ARM, set management policies, lock resources
  • Design role-based access control (RBAC)
    • Secure resource scopes, such as the ability to create VMs and Azure Web Apps
    • Implement Azure role-based access control (RBAC) standard roles
    • Design Azure RBAC custom roles

Architecting Microsoft Azure Solutions

  • Design Azure virtual networks
    • Extend on-premises
    • Leverage Azure networking services
    • Implement load balancing using Azure Load Balancer and Azure Traffic Manager
    • Define DNS, DHCP and IP addressing configuration
    • Define static IP reservations
    • Apply Network Security Groups (NSGs) and User Defined Routes (UDRs)
    • Deploy Azure Application Gateway
  • Describe Azure VPN and ExpressRoute architecture and design
    • Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN, leverage Azure VPN and ExpressRoute in network architecture
  • Secure resources by using managed identities
    • Describe the differences between Active Directory on-premises and Azure Active Directory (Azure AD), programmatically access Azure AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect
  • Secure resources by using hybrid identities
    • Use SAML claims to authenticate to on-premises resources, describe AD Connect synchronisation, implement federated identities using Active Directory Federation Services (ADFS)
  • Secure resources by using identity providers
    • Provide access to resources using identity providers, such as Microsoft account, Facebook, Google and Yahoo!
    • Manage identity and access by using Azure AD B2C
    • Implement Azure AD B2B
  • Identify an appropriate data security solution
    • Identify security requirements for data in transit and data at rest
    • Identify security requirements using Azure services, including Azure Storage Encryption, Azure Disk Encryption and Azure SQL Database TDE
  • Design a role-based access control (RBAC) strategy
    • Secure resource scopes, such as the ability to create VMs and Azure Web Apps
    • Implement Azure RBAC standard roles
    • Design Azure RBAC custom roles
  • Manage security risks by using an appropriate security solution
    • Identify, assess and mitigate security risks by using Azure Security Center, Operations Management Suite and other services
  • Design data storage
    • Design storage options for data, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB and MySQL
    • Design security options for SQL Database or Azure Storage
  • Select the appropriate storage option
    • Select the appropriate storage for performance, identify storage options for cloud services and hybrid scenarios with compute on-premises and storage on Azure
  • Create compute-intensive applications
    • Design high-performance computing (HPC) and other compute-intensive applications using Azure Services
  • Create long-running applications
    • Implement Azure Batch for scalable processing, design stateless components to accommodate scale, use Azure Schedule
  • Integrate Azure services in a solution
    • Design Azure architecture using Azure services, such as Azure AD, Azure App Service, API Management, Azure Cache, Azure Search, Service Bus, Event Hubs, Stream Analytics and IoT Hub; identify the appropriate use of Azure Machine Learning, big data, Azure Media Services and Azure Search services
  • Implement messaging applications
    • Use a queue-centric pattern for development
    • Select appropriate technology, such as Azure Storage Queues, Azure Service Bus queues, topics, subscriptions and Azure Event Hubs
  • Implement applications for background processing
    • Implement Azure Batch for compute-intensive tasks, use Azure WebJobs to implement background tasks, use Azure Functions to implement event-driven actions, leverage Azure Scheduler to run processes at preset/recurring timeslots
  • Design connectivity for hybrid applications
    • Connect to on-premises data from Azure applications using Service Bus Relay, Hybrid Connections or the Azure Web App virtual private network (VPN) capability
    • Identify constraints for connectivity with VPN
    • Ientify options for joining VMs to domains or cloud services
  • Design Web Applications
    • Design Azure App Service Web Apps, design custom web API, offload long-running applications using WebJobs, secure Web API using Azure AD, design Web Apps for scalability and performance, deploy Azure Web Apps to multiple regions for high availability, deploy Web Apps, create App Service plans, design Web Apps for business continuity, configure data replication patterns, update Azure Web Apps with minimal downtime, back up and restore data, design for disaster recovery
  • Design Mobile Applications
    • Design Azure Mobile Services
    • Consume Mobile Apps from cross-platform clients; integrate offline sync capabilities into an application
    • Extend Mobile Apps using custom code
    • Implement Mobile Apps using Microsoft .NET or Node.js
    • Secure Mobile Apps using Azure AD
    • Implement push notification services in Mobile Apps
    • Send push notifications to all subscribers, specific subscribers or a segment of subscribers
  • Design a monitoring strategy
    • Identify the Microsoft products and services for monitoring Azure solutions
    • Leverage the capabilities of Azure Operations Management Suite and Azure Application Insights for monitoring Azure solutions
    • Leverage built-in Azure capabilities
    • Identify third-party monitoring tools, including open source
    • Describe Azure architecture constructs, such as availability sets and update domains, and how they impact a patching strategy
    • Analyse logs by using the Azure Operations Management Suite
  • Describe Azure business continuity/disaster recovery (BC/DR) capabilities
    • Leverage the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR), describe use cases for Hyper-V Replica and ASR
  • Design a disaster recovery strategy
    • Design and deploy Azure Backup and other Microsoft backup solutions for Azure, leverage use cases when StorSimple and System Center Data Protection Manager would be appropriate, design and deploy Azure Site recovery
  • Design Azure Automation and PowerShell workflows
    • Create a PowerShell script specific to Azure, automate tasks by using the Azure Operations Management Suite
  • Describe the use cases for Azure Automation configuration
    • Evaluate when to use Azure Automation, Chef, Puppet, PowerShell or Desired State Configuration (DSC)
  • Design ARM Virtual Machines (VMs)
    • Design VM deployments leveraging availability sets, fault domains and update domains in Azure
    • Select appropriate VM SKUs
  • Design ARM template deployment
    • Author ARM templates
    • Deploy ARM templates via the portal, PowerShell and CL
  • Design for availability
    • Implement regional availability and high availability for Azure deployments