Loading...

AZ-301 – Azure Solutions Architect Design

Home / AZ-301 – Azure Solutions Architect Design

Course Outline:

AZ-301T01:  Designing for Identity and Security

Module 1: Managing Security & Identity for Azure Solutions

This module discusses both security and identity within the context of Azure. For security, this module reviews the various options for monitoring security, the options available for securing data and the options for securing application secrets. For identity, this module focuses specifically on Azure Active Directory (Azure AD) and the various features available such as Multi-Factor Authentication (MFA), Managed Service Identity, Azure AD Connect, ADFS and Azure AD B2B/B2C.

Module 2: Integrating SaaS Services Available on the Azure Platform

This module introduces multiple SaaS services available in Azure that are available for integration into existing Azure solutions. These services include Cognitive Services, Bot Service, Machine Learning and Media Services.

 

AZ-301T02:  Designing a Data Platform Solution

Module 1: Backing Azure Solutions with Azure Storage

This module describes how many Azure services use the Azure Storage service as a backing store for other application solution in Azure. The module dives into critical considerations when using Azure Storage as a supplemental service for an all-up Azure solution.

After completing this module, students will be able to:

  • Determine the ideal pricing option for Azure Storage based on a solution’s requirements.
  • Identify performance thresholds for the Azure Storage service.
  • Determine the type of Storage blobs to use for specific solution components.
  • Use the Azure Files service for SMB operations.
  • Identify solutions that could benefit from the use of StorSimple physical or virtual devices.

Module 2: Comparing Database Options in Azure

This module compares the various relational and non-relational data storage options available in Azure. Options are explored as groups such as relational databases (Azure SQL Database, MySQL, and PostgreSQL on Azure), non-relational (Azure Cosmos DB, Storage Tables), streaming (Stream Analytics) and storage (Data Factory, Data Warehouse, Data Lake).

Module 3: Monitoring & Automating Azure Solutions

This module covers the monitoring and automation solutions available after an Azure solution has been architected, designed and possibly deployed. The module reviews services that are used to monitor individual applications, the Azure platform, and networked components. This module also covers automation and backup options to enable business-continuity scenarios for solutions hosted in Azure.

 

AZ-301T03:  Designing for Deployment, Migration, and Integration

Module 1: Deploying Resources with Azure Resource Manager

This module establishes a basic understanding of Azure Resource Manager and the core concepts of deployments, resources, templates, resource groups, and tags. The module will dive deeply into the automated deployment of resources using ARM templates.

Module 2: Creating Managed Server Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

Module 3: Authoring Serverless Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

 

AZ-301T04:  Designing an Infrastructure Strategy

Module 1: Application Architecture Patterns in Azure

This module introduces, and reviews common Azure patterns and architectures as prescribed by the Microsoft Patterns & Practices team. Each pattern is grouped into performance, resiliency, and scalability categories and described in the context of similar patterns within the category.

After completing this module, students will be able to:

  • Locate and reference the Cloud Design Patterns documentation.
  • Locate and reference the Azure Architecture Center.
  • Describe various patterns pulled from the Cloud Design Patterns.

Module 2: Building Azure IaaS-Based Server Applications (ADSK)

This module identifies workloads that are ideally deployed using Infrastructure-as-a-Service services in Azure. The module focuses on the VM Scale Sets and Virtual Machine services in Azure and how to best deploy workloads to these services using best practices and features such as Availability Sets.

Module 3: Networking Azure Application Components

This module describes the various networking and connectivity options available for solutions deployed on Azure. The module explores connectivity options ranging from ad-hoc connections to long-term hybrid connectivity scenarios. The module also discusses some of the performance and security concerns related to balancing workloads across multiple compute instances, connecting on-premise infrastructure to the cloud and creating gateways for on-premise data.

Module 4: Integrating Azure Solution Components Using Messaging Services

This module describes and compares the integration and messaging services available for solutions hosted on the Azure platform. Messaging services described include Azure Storage Queues, Service Bus Queues, Service Bus Relay, IoT Hubs, Event Hubs, and Notification Hubs. Integration services include Azure Functions and Logic Apps.

Labs:

AZ-301T01:  Designing for Identity and Security

Lab : Securing Secrets in Azure

After completing this module, students will be able to:

  • Integrate their existing solutions with external identity providers using Azure AD B2B or B2C.
  • Design a hybrid identity solution.
  • Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management.
  • Secure application secrets using Key Vault.
  • Secure application data using SQL Database and Azure Storage features.

Lab : Deploying Service Instances as Components of Overall Azure Solutions

After completing this module, students will be able to:

  • Detail the various APIs available in Cognitive Services.
  • Identify when to use the Face API, Speech API or Language Understanding (LUIS) service.

 

AZ-301T02:  Designing a Data Platform Solution

Lab : Deploying Database Instances in Azure

After completing this module, students will be able to:

  • Compare and contrast monitoring services for applications, the Azure platform, and networking.
  • Identify data streaming options for large-scale data ingest.
  • Identify longer-term data storage options.

Lab : Deploying Configuration Management Solutions to Azure

After completing this module, students will be able to:

  • Compare and contrast monitoring services for applications, the Azure platform, and networking.
  • Design an alert scheme for a solution hosted in Azure.
  • Select the appropriate backup option for infrastructure and data hosted in Azure.
    Automate the deployment of future resources for backup recovery or scaling purposes.

 

AZ-301T03:  Designing for Deployment, Migration, and Integration

Lab : Deploying Resources with Azure Resource Manager

After completing this module, students will be able to:

  • Create a resource group.
  • Add resources to a resource group.
  • Deploy an ARM template to a resource group.
  • Filter resources using tags.
  • Author a complex deployment using the Azure Building Blocks tools.

Lab : Deploying Managed Containerized Workloads to Azure

After completing this module, students will be able to:

  • Select between hosting application code or containers in an App Service instance.
  • Describe the differences between API, Mobile, and Web Apps.
  • Integrate an API or Logic App with the API Management service.
  • Design an App Service Plan or multi-region deployment for high performance and scale.

Lab : Deploying Serverless Workloads to Azure

After completing this module, students will be able to:

  • Select between hosting application code or containers in an App Service instance.
  • Describe the differences between API, Mobile, and Web Apps.
  • Integrate an API or Logic App with the API Management service.
  • Design an App Service Plan or multi-region deployment for high performance and scale.

 

AZ-301T04:  Designing an Infrastructure Strategy

Lab : Building Azure IaaS-Based Server Applications.

After completing this module, students will be able to:

  • Design an availability set for one or more virtual machines.
  • Describe the differences between fault and update domains.
  • Author a VM Scale Set ARM template.
  • Join a virtualized machine to a domain either in Azure or on a hybrid network.

Lab : Deploying Network Infrastructure for Use in Azure Solutions

After completing this module, students will be able to:

  • Describe DNS and IP strategies for VNETs in Azure.
  • Compare connectivity options for ad-hoc and hybrid connectivity.
  • Distribute network traffic across multiple loads using load balancers.
  • Design a hybrid connectivity scenario between cloud and on-premise.

Lab : Integrating Azure Solution Components using Messaging Services

After completing this module, students will be able to:

  • Compare Storage Queues to Service Bus Queues.
  • Identify when to use Azure Functions or Logic Apps for integration components in a solution.
  • Describe the differences between IoT Hubs, Event Hubs and Time Series Insights.

Course Audience & Prerequisites:

Audience:

Successful Cloud Solutions Architects begin this role with practical experience with operating systems, virtualization, cloud infrastructure, storage structures, billing, and networking.

Prerequisites:

Course Offerings:

Instructor Led In Classroom

Newcomp can directly deliver  IBM Business Analytics courses for Business Intelligence, Performance Management, and IBM Advanced Analytics through the use of in-class training facilities.

Currently,  in-class courses are offered in Markham, Ottawa, Vancouver, Halifax, and Edmonton. Please note that classes can be added to new areas based on demand.

Instructor Led Online

Students receive the same quality as an in-class course, with a live instructor and the ability to participate in hands-on labs through real-life examples

ILOs help cut costs by reducing time and travel as they can be taken from home or the office and require only the use of a computer, high-speed wired internet and a headset.

  • Course Outline
  • Course Audience & Prerequisites
  • Course Offerings
  • Related Courses
AZ-301T01:  Designing for Identity and Security

Module 1: Managing Security & Identity for Azure Solutions

This module discusses both security and identity within the context of Azure. For security, this module reviews the various options for monitoring security, the options available for securing data and the options for securing application secrets. For identity, this module focuses specifically on Azure Active Directory (Azure AD) and the various features available such as Multi-Factor Authentication (MFA), Managed Service Identity, Azure AD Connect, ADFS and Azure AD B2B/B2C.

Module 2: Integrating SaaS Services Available on the Azure Platform

This module introduces multiple SaaS services available in Azure that are available for integration into existing Azure solutions. These services include Cognitive Services, Bot Service, Machine Learning and Media Services.

 

AZ-301T02:  Designing a Data Platform Solution

Module 1: Backing Azure Solutions with Azure Storage

This module describes how many Azure services use the Azure Storage service as a backing store for other application solution in Azure. The module dives into critical considerations when using Azure Storage as a supplemental service for an all-up Azure solution.

After completing this module, students will be able to:

  • Determine the ideal pricing option for Azure Storage based on a solution’s requirements.
  • Identify performance thresholds for the Azure Storage service.
  • Determine the type of Storage blobs to use for specific solution components.
  • Use the Azure Files service for SMB operations.
  • Identify solutions that could benefit from the use of StorSimple physical or virtual devices.

Module 2: Comparing Database Options in Azure

This module compares the various relational and non-relational data storage options available in Azure. Options are explored as groups such as relational databases (Azure SQL Database, MySQL, and PostgreSQL on Azure), non-relational (Azure Cosmos DB, Storage Tables), streaming (Stream Analytics) and storage (Data Factory, Data Warehouse, Data Lake).

Module 3: Monitoring & Automating Azure Solutions

This module covers the monitoring and automation solutions available after an Azure solution has been architected, designed and possibly deployed. The module reviews services that are used to monitor individual applications, the Azure platform, and networked components. This module also covers automation and backup options to enable business-continuity scenarios for solutions hosted in Azure.

 

AZ-301T03:  Designing for Deployment, Migration, and Integration

Module 1: Deploying Resources with Azure Resource Manager

This module establishes a basic understanding of Azure Resource Manager and the core concepts of deployments, resources, templates, resource groups, and tags. The module will dive deeply into the automated deployment of resources using ARM templates.

Module 2: Creating Managed Server Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

Module 3: Authoring Serverless Applications in Azure

This module describes how solutions can leverage serverless application hosting services in Azure to host web applications, REST APIs, integration workflows and HPC workloads without the requirement to manage specific server resources. The module focuses on App Services-related components such as Web Apps, API Apps, Mobile Apps, Logic Apps, and Functions.

 

AZ-301T04:  Designing an Infrastructure Strategy

Module 1: Application Architecture Patterns in Azure

This module introduces, and reviews common Azure patterns and architectures as prescribed by the Microsoft Patterns & Practices team. Each pattern is grouped into performance, resiliency, and scalability categories and described in the context of similar patterns within the category.

After completing this module, students will be able to:

  • Locate and reference the Cloud Design Patterns documentation.
  • Locate and reference the Azure Architecture Center.
  • Describe various patterns pulled from the Cloud Design Patterns.

Module 2: Building Azure IaaS-Based Server Applications (ADSK)

This module identifies workloads that are ideally deployed using Infrastructure-as-a-Service services in Azure. The module focuses on the VM Scale Sets and Virtual Machine services in Azure and how to best deploy workloads to these services using best practices and features such as Availability Sets.

Module 3: Networking Azure Application Components

This module describes the various networking and connectivity options available for solutions deployed on Azure. The module explores connectivity options ranging from ad-hoc connections to long-term hybrid connectivity scenarios. The module also discusses some of the performance and security concerns related to balancing workloads across multiple compute instances, connecting on-premise infrastructure to the cloud and creating gateways for on-premise data.

Module 4: Integrating Azure Solution Components Using Messaging Services

This module describes and compares the integration and messaging services available for solutions hosted on the Azure platform. Messaging services described include Azure Storage Queues, Service Bus Queues, Service Bus Relay, IoT Hubs, Event Hubs, and Notification Hubs. Integration services include Azure Functions and Logic Apps.

Labs:

AZ-301T01:  Designing for Identity and Security

Lab : Securing Secrets in Azure

After completing this module, students will be able to:

  • Integrate their existing solutions with external identity providers using Azure AD B2B or B2C.
  • Design a hybrid identity solution.
  • Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management.
  • Secure application secrets using Key Vault.
  • Secure application data using SQL Database and Azure Storage features.

Lab : Deploying Service Instances as Components of Overall Azure Solutions

After completing this module, students will be able to:

  • Detail the various APIs available in Cognitive Services.
  • Identify when to use the Face API, Speech API or Language Understanding (LUIS) service.

 

AZ-301T02:  Designing a Data Platform Solution

Lab : Deploying Database Instances in Azure

After completing this module, students will be able to:

  • Compare and contrast monitoring services for applications, the Azure platform, and networking.
  • Identify data streaming options for large-scale data ingest.
  • Identify longer-term data storage options.

Lab : Deploying Configuration Management Solutions to Azure

After completing this module, students will be able to:

  • Compare and contrast monitoring services for applications, the Azure platform, and networking.
  • Design an alert scheme for a solution hosted in Azure.
  • Select the appropriate backup option for infrastructure and data hosted in Azure.
    Automate the deployment of future resources for backup recovery or scaling purposes.

 

AZ-301T03:  Designing for Deployment, Migration, and Integration

Lab : Deploying Resources with Azure Resource Manager

After completing this module, students will be able to:

  • Create a resource group.
  • Add resources to a resource group.
  • Deploy an ARM template to a resource group.
  • Filter resources using tags.
  • Author a complex deployment using the Azure Building Blocks tools.

Lab : Deploying Managed Containerized Workloads to Azure

After completing this module, students will be able to:

  • Select between hosting application code or containers in an App Service instance.
  • Describe the differences between API, Mobile, and Web Apps.
  • Integrate an API or Logic App with the API Management service.
  • Design an App Service Plan or multi-region deployment for high performance and scale.

Lab : Deploying Serverless Workloads to Azure

After completing this module, students will be able to:

  • Select between hosting application code or containers in an App Service instance.
  • Describe the differences between API, Mobile, and Web Apps.
  • Integrate an API or Logic App with the API Management service.
  • Design an App Service Plan or multi-region deployment for high performance and scale.

 

AZ-301T04:  Designing an Infrastructure Strategy

Lab : Building Azure IaaS-Based Server Applications.

After completing this module, students will be able to:

  • Design an availability set for one or more virtual machines.
  • Describe the differences between fault and update domains.
  • Author a VM Scale Set ARM template.
  • Join a virtualized machine to a domain either in Azure or on a hybrid network.

Lab : Deploying Network Infrastructure for Use in Azure Solutions

After completing this module, students will be able to:

  • Describe DNS and IP strategies for VNETs in Azure.
  • Compare connectivity options for ad-hoc and hybrid connectivity.
  • Distribute network traffic across multiple loads using load balancers.
  • Design a hybrid connectivity scenario between cloud and on-premise.

Lab : Integrating Azure Solution Components using Messaging Services

After completing this module, students will be able to:

  • Compare Storage Queues to Service Bus Queues.
  • Identify when to use Azure Functions or Logic Apps for integration components in a solution.
  • Describe the differences between IoT Hubs, Event Hubs and Time Series Insights.

Audience:

Successful Cloud Solutions Architects begin this role with practical experience with operating systems, virtualization, cloud infrastructure, storage structures, billing, and networking.

Prerequisites:

Instructor Led In Classroom

Newcomp can directly deliver  IBM Business Analytics courses for Business Intelligence, Performance Management, and IBM Advanced Analytics through the use of in-class training facilities.

Currently,  in-class courses are offered in Markham, Ottawa, Vancouver, Halifax, and Edmonton. Please note that classes can be added to new areas based on demand.

Instructor Led Online

Students receive the same quality as an in-class course, with a live instructor and the ability to participate in hands-on labs through real-life examples

ILOs help cut costs by reducing time and travel as they can be taken from home or the office and require only the use of a computer, high-speed wired internet and a headset.

AZ-300 – Azure Solutions Architect Technologies

This course teaches students:
  • How to manage their Azure resources, including deployment and configuration of virtual machines, virtual networks, storage accounts, and Azure AD that includes implementing and managing hybrid identities.
  • Learn how cloud resources are managed in Azure through user and group accounts, and how to grant access to Azure AD users, groups, and services using Role-based access control (RBAC).
  • Learn about the different storage accounts and services as well as basic data replication concepts and available replication schemes.
  • Introduced to Storage Explorer as a convenient way to work with Azure storage data.
  • Learn the types of storage and how to work with managed and custom disks.
  • Azure blob storage is how Azure stores unstructured data in the cloud, and students will work with blobs and blob containers. In addition to blob storage, the course covers Table and Queue storage as storage options for structured data.
  • Learn how to create and deploy virtual machines in Azure, using the Azure portal, PowerShell, and ARM templates. The course includes instruction on deploying custom images and Linux virtual machines. Students will see how to configure the networking and storage components of virtual machines. Deploying highly available virtual machines is critical for planned and unplanned events, and students will learn how to use availability sets to ensure that virtual machine resources are available during downtime.
  • Learn the monitoring tools and capabilities provided by Azure, including Azure Alerts and Activity Log. In addition to alerts and logs, students will be introduced to Log Analytics as an effective data analytics solution for understanding your system status and health. And perhaps the most exciting thing students will learn is how to use the Azure Resource Manager deployment model to work with resources, resource groups, and ARM templates.
  • Discover, assess, plan and implement a migration of on-premises resources and infrastructure to Azure.
  • Learn how to use Azure Migrate to perform the discovery and assessment phase that is critical to a successful migration. Students will also learn how to use Azure Site Recovery for performing the actual migration of workloads to Azure. The course focuses primarily on using ASR on a Hyper-V infrastructure to prepare and complete the migration process.
  • Learn how to deploy serverless computing features like Azure Functions, Event Grid, and Service Bus. Students will learn how Azure Multi-Factor Authentication helps safeguard access to data and applications, helping to meet customer demand for a simple sign-in process. Also, how to use Azure Active Directory Privileged Identity Management to manage, control, and monitor access to Azure resources within your organization.
  • Manage and maintain the infrastructure for the core web apps and services that developers build and deploy.
  • Learn how Azure App Service is used as a Platform as a Service (PaaS) offering for deploying cloud apps for web and mobile environments.
  • Get a glimpse of how to implement advanced networking features like Application Gateway and how to configure load balancing. Learn to integrate on-premises networks with Azure virtual networks and to use Network Watcher to monitor and troubleshoot issues.
  • Operations are done in parallel and asynchronously. And, how whole enterprise system must be resilient when failures occur, and just as importantly, how deployments can be automated and predictable. By using the Azure Application Architecture Guide and Azure reference architectures as a basis, students will understand how monitoring and telemetry are critical for gaining insight into the system.
  • Students will dive into the cloud design patterns that are important, such as partitioning workloads where a modular application is divided into functional units that can be integrated into a larger application. In such cases, each module handles a portion of the application's overall functionality and represents a set of related concerns.
  • Load balancing where the application traffic, or load, is distributed among various endpoints by using algorithms. Load balancers allow multiple instances of their website to be created so they can behave in a predictable manner. In Azure, it is possible to use virtual load balancers, which are hosted in virtual machines, if a company requires a very specific load balancer configuration.
  • Transient fault handling which helps define the primary differences between developing applications on-premises and in the to handle transient errors. Transient errors are errors that occur due to temporary interruptions in the service or to excess latency.
  • Discussion of hybrid networking that provides an overview of site-to-site connectivity, point-to-site connectivity, and the combination of the two.
  • To build Logic App solutions that integrate apps, data, systems, and services across enterprises or organizations by automating tasks and business processes as workflows. Logic Apps is cloud service in Azure that simplifies how you design and create scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both.
  • How Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. Service Fabric also addresses the significant challenges in developing and managing cloud native applications. Developers and administrators can avoid complex infrastructure problems and focus on implementing mission-critical, demanding workloads that are scalable, reliable, and manageable. Service Fabric represents the next-generation platform for building and managing these enterprise-class, tier-1, cloud-scale applications running in containers.
  • See how Azure Kubernetes Service (AKS) makes it simple to deploy a managed Kubernetes cluster in Azure. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you.
  • Learn how to Implement authentication in applications (certificates, Azure AD, Azure AD Connect, token-based), implement secure data (SSL and TLS), and manage cryptographic keys in Azure Key Vault.
  • Learn how to configure a message-based integration architecture, develop for asynchronous processing, create apps for autoscaling, and better understand Azure Cognitive Services solutions.
Related Certifications: Microsoft Certification for Azure Solutions Architects