AZ-303 Self-Study Guide for Becoming an Azure Solution Architect

Microsoft updated it’s role based exam for AZ-300. It’s now called AZ-303 and launched last year. This certification is a great proof for why organizations should hire you. Some say it’s the most difficult exam certification path as it is one of only two Expert level certifications for Azure. This post will provide you with tons of links that you should go through so you will master the exam for AZ-303.

Candidates for this exam are Azure Solutions Architects who advise stakeholders and translate business requirements into secure, scalable, and reliable solutions. Candidates should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. This role requires managing how decisions in each area affects an overall solution. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.

A good place to start is Microsoft Learn. There are many interactive learning paths that you can work through, all free. It’s a good way to study and gain a good understanding of the services by actually using them.

I’ve listed a collection of links that are important to study and that are part of the skills measured for this exam. These are guide links and you should put some effort into all these topics. I really hope these guides will help you to pass the exam for AZ-303 and become an Azure Solution Architect.

Implement and Monitor an Azure Infrastructure (50-55%)

Implement cloud infrastructure monitoring

Monitor Security

• Azure security management and monitoring overview
• Strengthen your security posture with Azure Security Center

Monitor Performance

• Create diagnostic settings to send platform logs and metrics to different destinations
• Metric Baseline - Get
• Tutorial: Optimize costs from recommendations
• Azure Monitor overview
• Visualizing data from Azure Monitor

Monitor Health and Availability

• Network monitoring solutions
• What is Azure Service Health?

Monitor Cost

• Use cost alerts to monitor usage and spending
• Tutorial: Create and manage exported data

Configure Advanced Logging

• What is monitored by Azure Monitor?
• Create a Log Analytics workspace in the Azure portal

Configure logging for workloads

• Azure Monitor Logs overview

Action Groups

• Create and manage action groups in the Azure portal

Advanced Alerts

• Manage alert instances with unified alerts
• Create, view, and manage log alerts using Azure Monitor

Implement storage accounts

• Introduction to the core Azure Storage services
• Planning for an Azure Files deployment
• Storage account overview
• Configure Azure Storage firewalls and virtual networks
• Grant limited access to Azure Storage resources using shared access signatures (SAS)
• Authorize access to blobs and queues using Azure Active Directory
• Manage storage account access keys
• Azure Storage redundancy
• Disaster recovery and storage account failover

Implement VMs for Windows and Linux

• Tutorial: Create and deploy highly available virtual machines with Azure PowerShell
• Introduction to Azure managed disks
• Sizes for virtual machines in Azure
• Azure Dedicated Hosts
• What are virtual machine scale sets?
• Azure Disk Encryption for virtual machines and virtual machine scale sets

Automate deployment and configuration of resources

• Single and multi-resource export to a template in Azure portal
• Understand the structure and syntax of ARM templates
• Tutorial: Create and deploy your first ARM template
• Using disks in Azure Resource Manager Templates
• Tutorial: Deploy a local ARM template
• Create an Azure Automation runbook

Implement virtual networking

• Tutorial: Connect virtual networks with virtual network peering using the Azure portal
• Configure a VNet-to-VNet VPN gateway connection using PowerShell
• Create, change, or delete a virtual network peering

Implement Azure Active Directory

• Add your custom domain name using the Azure Active Directory portal
• What is Identity Protection?
• How it works: Azure AD self-service password reset
• Building a Conditional Access policy
• Enable per-user Azure AD Multi-Factor Authentication to secure sign-in events
• Configure Azure AD Multi-Factor Authentication settings
• What is guest user access in Azure Active Directory B2B?
• Understand how multiple Azure Active Directory organizations interact

Implement and manage hybrid identities

• What is Azure AD Connect?
• Identity synchronization and duplicate attribute resiliency
• Implement password hash synchronization with Azure AD Connect sync
• Azure AD Connect sync: Understanding the architecture
• Azure Active Directory Seamless Single Sign-On: Quickstart
• Azure Active Directory Connect Health operations

Implement Management and Security Solutions (25-30%)

Manage workloads in Azure

• Create an Azure VM assessment
• Deploy workloads and assets (infrastructure, apps, and data)
• Prepare on-premises machines for migration to Azure
• An overview of Azure VM backup
• Quickstart: Set up disaster recovery to a secondary Azure region for an Azure VM

Implement load balancing and network security

• Azure Load Balancer algorithm
• How an application gateway works
• What is Azure Web Application Firewall?
• Tutorial: Deploy and configure Azure Firewall using the Azure portal
• What is Azure Front Door?
• What is Traffic Manager?
• Network security groups
• Application security groups
• What is Azure Bastion?

Implement and manage Azure governance solutions

• Organize your Azure resources effectively
• What is Azure role-based access control (Azure RBAC)?
• Azure custom roles
• Tutorial: Grant a user access to Azure resources using the Azure portal
• Manage access to Azure management with Conditional Access
• Best practices for Azure RBAC
• List Azure role assignments using the Azure portal
• Review access to Azure AD roles in Privileged Identity Management
• What is Azure Policy?
• Quickstart: Define and assign a blueprint in the portal

Manage security for applications

• Azure Key Vault basic concepts
• What are managed identities for Azure resources?
• Quickstart: Register an application with the Microsoft identity platform

Implement Solutions for Apps (10-15%)

Implement an application infrastructure

• App Service overview
• Run a custom container in Azure
• Azure App Service plan overview
• Configure an App Service app in the Azure portal
• Integrate your app with an Azure virtual network
• Set up staging environments in Azure App Service
• Quickstart: Create your first Logic Apps workflow - Azure portal
• Introduction to Azure Functions

Implement container-based applications

• Tutorial: Build and deploy container images in the cloud with Azure Container Registry Tasks
• Tutorial: Prepare an application for Azure Kubernetes Service (AKS)
• Push your first image to a private Docker container registry using the Docker CLI
• Tutorial: Create a container image for deployment to Azure Container Instances

Implement and Manage Data Platforms (10-15%)

Implement NoSQL databases

• What is Azure Table storage?
• Welcome to Azure Cosmos DB
• Introduction to the Azure Cosmos DB Cassandra API
• Distribute your data globally with Azure Cosmos DB

Implement Azure SQL databases

• Getting started with single databases in Azure SQL Database
• Getting started with Azure SQL Managed Instance
• Creating and using active geo-replication - Azure SQL Database
• Quickstart: Create a server-level firewall rule using the Azure portal

Conclusion

I really hope that you find the time to dive into all these topics and pass the AZ-303 exam for becoming an Azure Solution Architect. It really can boost your career and makes it a lot easier to get the job you want.