How to Become a Microsoft Certified Azure Solutions Architect

Microsoft Azure is the fastest growing cloud provider. Azure’s revenue grew an incredible 76% in the last quarter of 2018. As more and more businesses move their IT infrastructure to Microsoft’s cloud platform, the demand for Azure professionals keeps rising. Since there are relatively few people with extensive Azure experience, many employers rely on certifications as evidence that a candidate has the required knowledge and skills.

Up until the end of 2018, Microsoft had 3 primary exams to test Azure knowledge: 70-532, 70-533, and 70-535. All of those exams have now been retired. Why? Microsoft received a lot of feedback that those exams were too broad, covering a range of skills that few IT professionals would have. So, Microsoft researched how people in different roles use Azure, and then they completely overhauled their certifications.

The result is that Microsoft now has a larger number of role-based Azure certifications. The roles include Administrator, Developer, Architect, DevOps Engineer, and Security Engineer, with more to come.

Cloud Architect is a key role that’s in high demand. So what do cloud architects do? Here’s a quick summary from Cloud Roster, the job roles matrix from Cloud Academy:

“A Cloud Architect is responsible for converting the technical requirements of a project into the architecture and design that will guide the final product.”

The Microsoft Azure Solutions Architect certification has more specific requirements:

“Candidates should have advanced experience and knowledge across various aspects of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data management, budgeting, and governance. . . . Candidates must be proficient in Azure administration, Azure development, and DevOps, and have expert-level skills in at least one of those domains.”

Wait a minute. That’s an incredibly wide range of topics. Didn’t Microsoft say that its new certifications would be narrower than the previous ones? Well, that’s true for the Associate-level certifications, such as Administrator and Developer, but not for Expert-level certifications like Solutions Architect.

To obtain the Azure Solutions Architect certification, you need to pass two exams: AZ-300 and AZ-301. You do not need to pass any Associate-level exams before taking these ones. The AZ-300 exam focuses on Azure technologies, and the AZ-301 exam focuses on design.

AZ-300 Exam

Here are the topics covered in the AZ-300 exam and the relative weight of each section:

  • Deploy and Configure Infrastructure (25-30%)
  • Implement Workloads and Security (20-25%)
  • Create and Deploy Apps (5-10%)
  • Implement Authentication and Secure Data (5-10%)
  • Develop for the Cloud and for Azure Storage (20-25%)

The first section is the biggest, and it covers a wide variety of topics, including storage, virtual machines, networking, and Azure Active Directory. You have to know these topics in great depth for the exam. For example, in addition to knowing how to create a virtual machine, you also need to know how to make it highly available and how to automate VM deployment using Azure Resource Manager. In the network area, you need to know how to connect virtual networks together using VNET peering and virtual network gateways. In the Azure Active Directory area, you need to know how to synchronize Azure AD with an on-premises Active Directory server and also enable single sign-on.

The next section is on implementing workloads and security. You need to know how to connect your on-premises network to an Azure virtual network and how to migrate your on-premises servers to Azure using Site Recovery. Once you have applications in Azure, you’ll usually want to implement load balancing, which helps improve both performance and availability, so that’s an important topic, too. In the security area, you have to be able to make it harder for hackers to get in by using multi-factor authentication, and you also need to know how to limit each user’s access level to only as much as they need by using role-based access control.

The third section is one of the shortest. It covers creating and deploying apps using either Azure App Service or Azure Container Service.

The fourth section is also short, and it covers two main topics. The first is how to implement authentication using a variety of different methods. One especially important concept is Managed Identity (which used to be called Managed Service Identity). This makes it easy to authenticate an application so it can access other services. The second major topic in this section is how to encrypt your data. One of the most important concepts in this area is how to use Azure Key Vault, which is where you can store your cryptographic keys.

The final section covers how to develop for the cloud. One of the greatest features of the cloud is autoscaling. Instead of having to provision enough compute power to handle peaks, you can just tell Azure to add and remove compute resources based on the demand. You have to be careful how you configure autoscaling, though, because if you don’t set up the rules correctly, it could have a big impact on your application’s performance and cost.

Another great feature of Azure is how easy it is to set up messaging between your applications. Azure has messaging services for every need, including Event Grid, Service Bus, Relay Service, Event Hub, and Notification Hub. You need to know all of them for the exam.

AZ-301 Exam

Here are the topics covered in the AZ-301 exam:

  • Determine Workload Requirements (10-15%)
  • Design for Identity and Security (20-25%)
  • Design a Data Platform Solution (15-20%)
  • Design a Business Continuity Strategy (15-20%)
  • Design for Deployment, Migration, and Integration (10-15%)
  • Design an Infrastructure Strategy (15-20%)

In my opinion, AZ-301 is more difficult than AZ-300 because you need to apply a deep knowledge of IT architecture to Azure solution designs. This is especially true of the first section of the exam, which expects you to have some general knowledge of a wide variety of subjects about designing IT environments, such as capacity planning, governance, and maintainability. The more Azure-specific topics in this section are optimizing Azure costs and designing a monitoring strategy.

The second section is on designing for identity and security. Not surprisingly, the focus is on how to use Azure Active Directory. In a large organization, there are many identities to manage. This includes not only users but also applications. To manage them effectively and securely, you need to design a proper identity management system. You also need to set up authentication for all of these identities, usually including single sign-on for your users. After a user or application is authenticated, it needs to be granted the right level of authorization to access Azure resources.

The third section is on designing data solutions. Azure includes many different data services, including relational databases, non-relational databases, data warehouses, data lakes, and many other related services. You’ll need to know when to choose each of the data services, how to size them, and how to design for data protection, availability, consistency, and durability. You’ll also need to know how to design and document how data flows between the various services.

The fourth section is on designing a business continuity strategy. The two most important concepts are high availability and disaster recovery. You can design for high availability using various levels of redundancy. For disaster recovery, the two most important services to know are Azure Site Recovery and Azure Backup.

The fifth section is one of the smallest. The subject is how to design for deployment, migration, and integration. It’s about migrating from an on-premises environment to an Azure environment, designing a repeatable way to deploy Azure resources, and integrating your applications using services such as Azure API Management.

The final section is on designing an infrastructure strategy. You have to know how to design strategies for storage, compute, and networking. In each of these areas, you need to choose the right solution, design secure access to the solution, and recommend appropriate management tools.

Preparing for the Exams

Considering the breadth of topics covered in the exams, you will almost certainly be unfamiliar with some of the parts of Azure that you need to know to pass the exams. For example, most people have not had to configure Azure Active Directory Connect, virtual network peering, NoSQL databases, and Azure Event Grid all in the same job.

To fill in the gaps and to review all of the other topics, I recommend taking self-paced courses, getting hands-on experience in a few key areas of Azure, and taking practice exams. The easiest way to do that is to go through Cloud Academy’s AZ-300 and AZ-301 Exam Preparation learning paths. Both of them include video-based courses and a practice exam. The AZ-300 learning path also includes hands-on labs in compute, storage, networking, and security.

Watch this short video for an overview of the AZ-300 Exam Preparation:

The AZ-301 learning path, which focuses on concepts rather than configuration, includes additional mini-exams for the compute, data, and networking areas.

Watch this short video for an overview of the AZ-301 Exam Preparation:

Good luck with the exams!

Avatar

Written by

Guy Hummel

Guy is a certified cloud architect on all three of the major public cloud platforms: AWS, Azure, and Google Cloud Platform. He launched his first training website in 1995 and he's been helping people learn IT technologies ever since. Guy’s passion is making complex technology easy to understand.


Related Posts

Avatar
Logan Rakai
— April 7, 2020

How to Effectively Use Azure DevOps

Azure DevOps is a suite of services that collaborate on software development following DevOps principles. The services in Azure DevOps are: Azure Repos for hosting Git repositories for source control of your code Azure Boards for planning and tracking your work using proven agil...

Read more
  • Azure
  • DevOps
Alisha Reyes
Alisha Reyes
— March 17, 2020

Cloud Academy’s Blog Digest: How Do AWS Certifications Increase Your Employability, How to Become a Microsoft Certified Azure Data Engineer, and more

With everything going on right now, it's likely that the only thing you've been reading lately is related to the coronavirus pandemic. It's important to stay informed during these times, but it's also good to jump into something that can take your mind off of the current situation for j...

Read more
  • AWS
  • Azure
  • blog digest
  • Certifications
  • Cloud Academy
  • programming
  • Security
Avatar
Cloud Academy Team
— March 13, 2020

Which Certifications Should I Get?

As we mentioned in an earlier post, the old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and compan...

Read more
  • AWS
  • Azure
  • Certifications
  • Cloud Computing
  • Google Cloud Platform
Avatar
Guy Hummel
— March 10, 2020

How to Become a Microsoft Certified Azure Data Engineer

Data engineering is one of the most sought-after skills in the job market. According to a 2019 Dice.com report, there was an 88% year-over-year growth in job postings for data engineers, which was the highest growth rate among all technology jobs. If you want to become a data enginee...

Read more
  • Azure
  • Data Engineer
  • DP-200
  • DP-201
  • Microsoft
Alisha Reyes
Alisha Reyes
— March 7, 2020

New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more

New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...

Read more
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Alisha Reyes
Alisha Reyes
— March 6, 2020

New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more

New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...

Read more
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Avatar
Thomas Mitchell
— February 27, 2020

5 Steps to Vulnerability Management for Containers

Organizations have begun embracing containers due to their simplicity and to the fact that they allow for a faster development and deployment velocity. Although developers are thrilled with containers because they allow them to deliver solutions more quickly, security teams are sometime...

Read more
  • AZ-500
  • AZ-500 Exam
  • Azure
  • vulnerability management
Avatar
Chandan Patra
— February 21, 2020

Elasticsearch vs. CloudSearch: AWS Cloud Search Choices

Elasticsearch vs. CloudSearch: What's the main difference? Let's compare AWS-based cloud tools: Elasticsearch vs. CloudSearch. While both services use proven technologies, Elasticsearch is more popular, open source, and has a flexible API to use for customization; in comparison, CloudS...

Read more
  • AWS
  • Azure
  • cloudsearch
  • elasticsearch
Avatar
Andrew Larkin
— February 13, 2020

Cloud Academy Content Roadmap Updates

Welcome to our Q1 2020 roadmap. This is the content we plan to build over the next three months, between February 1 - and April 30, 2020. Let's look at some of our roadmap highlights. Atlassian Bamboo for CI/CD We had a lot of requests for practical guides on how to apply DevOps tool...

Read more
  • Artificial Intelligence
  • AWS
  • Azure
  • Docker
  • Google Cloud Platform
  • Kubernetes
  • Machine Learning
Alisha Reyes
Alisha Reyes
— February 7, 2020

New on Cloud Academy: Git Labs, CKA and CKAD Lab Challenges, AWS and Azure Learning Paths, AGILE, and Much More

We just kicked off our first Free Weekend of 2020. This means we've unlocked our Training Library for just 72 hours. Until Sunday at 11:59 pm (PST), you can get unlimited access to our industry-leading learning paths, courses, certification prep exams, and our most popular hands-on labs...

Read more
  • agile
  • AWS
  • Azure
  • Google Cloud Platform
  • Linux
  • OWASP
  • programming
  • red hat
  • scrum
Alisha Reyes
Alisha Reyes
— January 31, 2020

How to Unlock Complimentary Access to Cloud Academy

Are you looking to get trained or certified on AWS, Azure, Google Cloud Platform, DevOps, Cybersecurity, Information Security, Python, Java, or another technical skill? Then you'll want to mark your calendars. Starting Friday, February 7 at 12:00 a.m. PST (3:00 a.m. EST), Cloud Acade...

Read more
  • AWS
  • Azure
  • cloud academy content
  • complimentary access
  • GCP
  • on the house
Alisha Reyes
Alisha Reyes
— January 6, 2020

New on Cloud Academy: Red Hat, Agile, OWASP Labs, Amazon SageMaker Lab, Linux Command Line Lab, SQL, Git Labs, Scrum Master, Azure Architects Lab, and Much More

Happy New Year! We hope you're ready to kick your training in overdrive in 2020 because we have a ton of new content for you. Not only do we have a bunch of new courses, hands-on labs, and lab challenges on AWS, Azure, and Google Cloud, but we also have three new courses on Red Hat, th...

Read more
  • agile
  • AWS
  • Azure
  • Google Cloud Platform
  • Linux
  • OWASP
  • programming
  • red hat
  • scrum