AZ-304 Self-Study Guide for Becoming an Azure Solution Architect Expert

Microsoft updated it’s role based exam for AZ-301. It’s now called AZ-304 and launched last year. This certification is a great proof for why organizations should hire you. Some say it’s the most difficult exam certification path as it is one of only two Expert level certifications for Azure. This post will provide you with tons of links that you should go through so you will master the exam for AZ-304.

Candidates for this exam are Azure Solutions Architects who advise stakeholders and translate business requirements into secure, scalable, and reliable solutions. Candidates should have advanced experience and knowledge of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. This role requires managing how decisions in each area affects an overall solution. Candidates must have expert-level skills in Azure administration and have experience with Azure development processes and DevOps processes.

A good place to start is Microsoft Learn. There are many interactive learning paths that you can work through, all free. It’s a good way to study and gain a good understanding of the services by actually using them.

I’ve listed a collection of links that are important to study and that are part of the skills measured for this exam. These are guide links and you should put some effort into all these topics. I really hope these guides will help you to pass the exam for AZ-304 and become an Azure Solution Architect.

Design Monitoring (10-15%)

Design for cost optimization

• Quickstart: Explore and analyze costs with cost analysis
• Tutorial: Optimize costs from recommendations

Design a solution for logging and monitoring

• Azure Monitor Logs overview
• Azure security logging and auditing
• Overview of Azure platform logs
• What is Azure Event Grid?
• Security Control: Logging and Monitoring

Design Identity and Security (25-30%)

Design authentication

• What is single sign-on (SSO)?
• What is Azure Active Directory authentication?
• What is Conditional Access?
• Using the location condition in a Conditional Access policy
• What is Azure AD Connect?
• Plan an Azure Active Directory self-service password reset deployment
• What is guest user access in Azure Active Directory B2B?

Design authorization

• Authentication vs. authorization
• Identity and access management
• Management group and subscription organization

Design governance

• Develop your naming and tagging strategy for Azure resources
• Conduct a cloud policy review
• Deploy a CAF Foundation blueprint in Azure

Design security for applications

• Azure Key Vault keys, secrets and certificates overview
• Best practices to use Key Vault
• What are managed identities for Azure resources?
• Integrating Azure Active Directory with applications getting started guide

Design Data Storage (15-20%)

Design a solution for databases

• Azure data platform end-to-end
• Azure Data Architecture Guide
• Azure encryption overview

Design data integration

• Mapping data flows in Azure Data Factory
• What is Azure Data Factory?
• What is Azure Databricks?
• What is dedicated SQL pool (formerly SQL DW) in Azure Synapse Analytics?

Select an appropriate storage account

• Access tiers for Azure Blob Storage - hot, cool, and archive
• Authorizing access to data in Azure Storage
• Optimize costs by automating Azure Blob Storage access tiers

Design Business Continuity (10-15%)

Design a solution for backup and recovery

• About Site Recovery
• General questions about Azure Site Recovery
• Moving Azure VMs to another Azure region
• What is the Azure Backup service? vManage Azure VM backups with Azure Backup service
• Rehydrate blob data from the archive tier
• Disaster recovery and storage account failover
• Azure Storage compliance offerings

Design for High Availability

• Building solutions for high availability using Availability Zones
• Autoscaling
• High availability and disaster recovery scenarios for IaaS apps
• Use geo-redundancy to design highly available applications

Design Infrastructure (25-30%)

Design a compute solution

• Choose an Azure compute service for your application
• Choosing Azure compute platforms for container-based applications
• An introduction to Azure Automation

Design a network solution

• Azure networking services overview
• The virtual datacenter: A network perspective
• Plan virtual networks
• What is Azure Load Balancer?

Design an application architecture

• Building microservices on Azure
• Azure Container Instances and container orchestrators
• About API Management

Design migrations

• Build migration plan with Azure Migrate
• Add migration tools
• What is Azure Database Migration Service?

Conclusion

Having achieved both AZ-303 and this AZ-304 is amazing and I really hope you will pass both and become an Azure Solution Architect Expert! Let me know how it went. Maybe you would even like to tell your story. Send me a message.

-Sven