Why To Get Azure Fundamentals?
If you are using Azure Cloud, then this question becomes irrelevant. But if you are using Google Cloud or AWS Cloud, it helps to broaden your Cloud perspective by understanding the basics of Azure.
Some of the key benefits outlined as:
- Get the fundamental knowledge of cloud concepts (if new to cloud) and Azure foundational knowledge (Management Groups, Subscriptions, NSG, ASG, etc.)
- Appreciate the competing technology choices offered by Azure and will help in choosing the suitable cloud service from different providers
- Learn Azure best practices, which you can also apply with other cloud service providers up to certain extent
How To Get AZ-900 Certified in 4 Weeks?
Now that we are ready for our first Azure journey, you can use below 4 weeks plan (can fast forward, if you are already a cloud expert):
Week 1 & 2 – Complete Azure Fundamentals
- Week 1 – You don’t need to do any video course or any paid course. Complete Microsoft Free Course (self-explanatory) to cover the basics.
- Week 2 – Create Microsoft Azure Account and experiment with Azure Portal yourself with focus on understanding the overall landscape, user experience and basic features.
Week 3 – Explore Azure Services
Explore documentation & key services primarily – see more details in Appendix (study notes section).
- Compute – Azure VMs, Azure functions, Azure Logic apps
- Storage – Storage account basics, BLOB and File storage
- Network – Azure Virtual Network, NSG, ASG
- Security – Azure AD
Week 4 – Practice Exams
Focus on practice exams and questions, which will strengthen your concepts and understandings. You can refer to following paid practice exams:
As the passing score is 70% and as it only covers foundational elements, you should be now ready to schedule and give the certification exam after 4 weeks. Best of luck!
AWS Practitioners – Mapping AWS with Azure Terminologies
If you have worked in AWS, you can use the below mapping to understand the equivalent Azure technology.
Regions and Availability Zones are the same terminologies in both cloud service providers.
|Azure Virtual Machine (no fancy word in Azure)|
Azure Autoscale & Scale Sets
EKS as Kubernetes
|Azure Container Instance (ACI)|
Azure Kubernetes Service (AKS)
|Compute||Step Functions for Orchestration||Azure Logic Apps for Orchestration|
|Note that overall concept of storage is different in Azure – you have a storage subscription and you can use Blobs, Disk, Files, Tables, Queues as storage types|
Azure Storage (Blob) – S3, EFS – Azure Files, SQS – Azure Queues
|Database||DynamoDB as NOSQL|
RedShift as DWH
RDS for relational
|Cosmos DB as NOSQL|
SQL Database for relational storage (lot of preference for Microsoft SQL server)
|Network||Security Group||Network Security Group & Application Security Group|
(note that you can Deny traffic in Azure security group)
|Network||Route 53 as DNS Service||Azure DNS, Traffic Manager (works at DNS level load balancing)|
|Network||ELB as Load Balancer||Azure Load Balancer|
|Network||VPC, VPC Endpoint||Virtual Network, Virtual Network Endpoint|
|Network||Direct Connect||Express Route|
Appendix – Azure Fundamentals Study Notes
These are key notes, which you can refer as cheat-sheet.
- Azure Support – it offers 4 levels: Basic (Free), Developer, Standard (production workload) and Professional Direct (Business critical)
- Management Groups, Azure Subscriptions & Azure Resource Groups
- Management groups act as a container for multiple subscriptions & also used for providing RBAC-based control
- Security Services
- Sentinel – cloud-native SIEM and intelligent security analytics to work to protect
- Defender – protect hybrid workload
- Key Vault – create and maintain keys that access and encrypt your cloud resources, apps, and solutions. Tutorials, API references, and more
- Azure AD – for on-prem AD and SSO
- Security Center – unified security management & advanced threat protection
- Application gateway
- VPN Gateway – establish cross-premises connectivity
- Azure DDOS – It has support model available as Basic & Standard (prevents volumetric, protocol & resource-layer attacks)
- Management & Governance
- Azure Portal – single unified console
- Advisor – Best practices recommendation
- Cloud Shell
- Cost management, Site Recovery, Log Analytics, Backup, Policy
- Integration Services
- Logic Apps – automate the access and use of data across clouds without code
- Service Bus – connect across private & public cloud
- API management
- Event Grid – get reliable event delivery at massive scale
- Networking Services
- Virtual Network – private network
- VPN Gateway – establish cross-premises connectivity
- ExpressRoute – dedicated private network fiber connection to Azure
- Application gateway, DNS, DDOS, Orbital (Satellite)
- Load Balancer
- Azure Services usually get released in 3 modes:
- Private Preview – have to apply to use a service, and you may or may not be selected
- Public Preview – public Preview is for anyone to use, but it is not supported nor guaranteed to continue to be available
- GA mode – after the public preview is completed, the feature is open for any licensed customer to use and is supported via all Microsoft support channels
- Azure Files Storage type:
- Premium – SSD based – both SMB & NFS – Size of the burst bucket = Baseline IOPS * 2 * 3600.
- Transaction optimized – HDD based
- Hot – HDD based, GPv2
- Cool – for archival
- Availability Set, Fault Domain & Update Domain
- Place each workload in an availability set to avoid having a single point of failure in your VM architecture
- Update domains indicate groups of VMs and underlying physical hardware that can be rebooted at the same time
- A fault domain is essentially a rack of servers. It provides the physical separation of your workload across different power, cooling, and network hardware
- LRS, ZRS, GRS & GZRS
- Locally redundant storage (LRS) – choose to copy data synchronously three times within a single physical location in the primary region providing 11 nines availability
- Zone-redundant storage (ZRS) – choose to copy data synchronously across three Azure availability zones in the primary region providing 12 nines availability
- Geo-redundant storage (GRS) – choose to copy data synchronously three times within a single physical location in the primary region using LRS providing 16 nines availability
- Geo-zone-redundant storage (GZRS) – choose to copy data synchronously across three Azure availability zones in the primary region using ZRS providing 16 nines availability
- Availability gets calculated as product of services availability. For example, if Service A has 99.95% availability & Service B has 99.99% , then effective availability will be 99.94%