Identity and Networking
PaaS + Web and Mobile
This course provides an overview of the 70-532: Developing Microsoft Azure Solutions exam and the major topics covered within. Use it as a guide to identify gaps in your knowledge and areas to focus as you prep to sit the exam. The course also provides some tips and tricks to maximize your chances of a passing score.
Major topics include:
- An overview of the 70-532 exam and related Microsoft certification paths
- A review of Azure virtual machines and related topics like VM storage and networking
- A review of major Azure data storage options like queues, blobs, tables, SQL Database, Cosmos DB, and others
- A review of Azure Active Directory topic areas and hybrid networking as covered in the exam
- A review of platform-as-a-service options in Azure and their coverage in the exam
Let's take a closer look at Azure Virtual Machines and related topics from the exam.
Virtual machines and their related topics will represent about 30 to 35 percent of the overall exam coverage. This includes not only the basics of creating VMs in Azure, and running applications on them, but additional topics like storage options for VMs, and how to connect VMs to an Azure-based virtual network.
As part of your exam prep, you should review the various options for Azure VM type and size, and familiarize yourself with the major categories. You don't need to memorize prices or exact configuration names, but you should have some understanding of why the different broad categories exist, and why you might choose one over the other. Not all cloud workloads are the same, and therefore Azure offers a variety of compute options to best accommodate them. You should also spend time creating virtual machines, both in the Azure Portal, but also from the PowerShell command line, as well as using ARM, or Azure Resource Manager, templates. The exam is likely to cover VM creation in a few different ways, so be prepared. See the links in the course notes for more information on this.
Another area to familiarize yourself with is the Azure VM Marketplace. Here, you'll find a variety of VM images, pre-configured to support various types of workloads. Application and database servers, network and security appliances, analytics applications, and more. Included here are both Windows-based and Linux-based virtual machines. Again, no need to memorize anything here, but be aware that working with VMs in Azure doesn't require that you start from scratch with an empty OS image. Marketplace VMs give you a big head start, and do much of the initial heavy lifting on your behalf.
If you haven't already, definitely plan to familiarize yourself with, and be comfortable authoring, Azure ARM templates. ARM templates are JSON files that describe the deployment and configuration of one or more resources within Azure. You apply templates against an Azure subscription to create the resources described within. This can be done over and over again in a DevOps-style pipeline, and is very useful for continuous integration and continuous deployment scenarios. The exam will definitely some of that material. Know how to deploy ARM templates using PowerShell, the REST APIs, and the Portal itself. Learn how you can export templates from exiting resources already deployed in Azure, both from your prior deployment history, as well as from an existing resource group. Spend time playing around with the template library in the Azure Portal, and learn how you can manage templates there. And finally, understand how to parameterize templates, and use parameter files to supply values at template execution time. Again, see the course notes for links to additional information that will help you learn this material.
As a developer, you should be familiar with virtual machine set up using desired state configuration, or DSC. DSC allows you to execute post-creation logic on a VM to install additional software, configure OS settings, and more. This is a big topic, and the details are more important for IT pros than developers, but you should understand some of the major use cases for DSC, and also know that it works in Azure through use of a VM extension.
You should also know about the Sysprep tool for capturing images from a running Windows machine instance, so that additional instances of that configured Windows machine can be created. Here again, you don't need to know precise details of how the tool works, just understand what it is and that it's used to create images for an exiting custom windows installation.
Virtual Machine Scale Sets are an important topic, and one of the more interesting VM-related capabilities in Azure. They provide automated scale out and scale in of virtual machine instances, and so combine the power and flexibility of infrastructure as a service, with the automated behavior of higher-level platform as a service, offerings. You should understand the concept of availability sets in Azure, as well as the related concepts of fault domains and upgrade domains. Learn how VM scale sets are configured in availability sets to minimize downtime in the case of failures, or during scheduled infrastructure maintenance windows. Finally, as you study the Service Fabric service for the exam, know that Service Fabric uses virtual machine scale sets under the covers to implement fault tolerant, secure, compute clusters. More on Service Fabric later in this course.
There are several storage-related concepts specific to VMs, several of which are likely to appear in the exam.
First, understand the difference between standard and premium storage tiers in Azure. They have different prices, implementations, and use cases. Don't focus on precise details of, for example, cost, but do spend time understanding why you might choose one over the other. Again, this comes down to the type of work you intend to perform, and the exam tends to frame these kinds of questions in terms of, "suppose you were building this type of application, which storage tier would be best suited for...?"
Understand the different storage replication options that exist in Azure, and again, while you might choose one over the other. The details of how these work are important to understand. You can learn the basics in fairly short order.
Definitely familiarize yourself with the Azure files service and how it exposes file shares using the SMB protocol within Azure. This is often used to facilitate lift and shift migration of legacy applications that rely on network shares into Azure virtual machines. Know how to create file shares using the Portal and PowerShell.
Finally, explore some of the options for optimizing VM performance with disk caching, and understand which application types might benefit from this. Know how to programmatically configure disk caching in a VM.
Networking is clearly an IT pro versus a developer-related topic, so, of course, it's covered more extensively in the 70-533 exam than it is in the 70-532 exam. However, there is some coverage in 532, so you do need basic familiarity with the major moving parts.
First, you should understand the application gateway service and the major capabilities it provides, like Round Robin load balancing, web application firewall support, and SSL termination. Also, understand the basic similarities and differences between he application gateway and other Azure services, like Traffic Manager and network Load Balancer. Have a broad understanding of virtual networks in Azure, how to create them in the Portal, and with ARM and PowerShell, how to associate VMs to a network, how to create one or more subnets, and so on. Again, you don't need exhaustive knowledge here, but understand reasons why you would create a network, and use cases that benefit from them.
Related to virtual networks, or VNets, are network security groups and user-defined routes. NSGs are declarative policy for allowing or denying network traffic, scoped at the subnet, or network interface card level. UDRs are declarative policy for routing network traffic intended for specific subnets through an intermediary. This can be useful for intrusion detection and various kinds of packet sniffing scenarios. Have a basic understanding of what NSGs and UDRs are for, and how they relate to both subnets, VNets, and attached virtual machines.
Josh Lane is a Microsoft Azure MVP and Azure Trainer and Researcher at Cloud Academy. He’s spent almost twenty years architecting and building enterprise software for companies around the world, in industries as diverse as financial services, insurance, energy, education, and telecom. He loves the challenges that come with designing, building, and running software at scale. Away from the keyboard you'll find him crashing his mountain bike, drumming quasi-rythmically, spending time outdoors with his wife and daughters, or drinking good beer with good friends.