Subject matter expertise in designing and implementing solutions that run on Microsoft Azure, including aspects like compute, network, storage and security; that is what one can (and should) expect about the level of expertise of every self-respecting Solutions Architect.

The Microsoft Azure Solutions Architect Expert certification is not for candidates who are just starting to work with cloud technologies or are new to Azure, and is considered an expert certification.

Azure Solutions Architect Expert certification covers networking, virtualization, identity, security, business continuity, disaster recovery, data platform, budgeting, and governance. Microsoft states that candidates should be able to manage how decisions in each area affect an overall solution. In addition, candidates should have expert-level skills in Azure administration and have experience with Azure development and DevOps processes.

To earn the “Microsoft Azure Solutions Architect Expert” certification title, you won’t need any Associate-level certification, but you do need to have succesfully taken the Microsoft Azure Fundamentals (AZ-900) exam. In this blog article, I share available learning materials (free and paid) that prepare you for the Azure Solutions Architect exams from Microsoft, but more importantly, these learning materials provide you with the knowledge about designing and implementing Microsoft Azure solutions, technologies and services.

Before we dive into the learning materials

You want an Azure environment to build things yourself. I cannot say and emphasize this enough. Think of it as learning to drive: you can’t do that without being in a car. So, the first thing you’ll do is create your Azure environment. Via this link you can use various Azure services free of charge for 12 months.

Virtual training courses

There are various virtual training courses to follow, based on registration or on-demand. Below is an overview of the recommended virtual training events:

• Azure Solutions Architect AZ-303/AZ-304 Certification Training Course by CloudSkills.io. Within less than 15 hours (!) of video training, Microsoft MVPs Tim Warner and Mike Pfeiffer prepare you for the Azure Solutions Architect Expert (AZ-303 and AZ-304) certification exam.
• AZ-303 Azure Architecture Technologies Exam Prep 2021 by Scott Duffy. This Udemy course (consisting of 12 hours on-demand videos and 14 articles) is intended to help learners pass the Microsoft AZ-303 Azure Architect Technologies certification exam the first time.
• AZ-304 Azure Architecture Design Exam Prep 2021 by Scott Duffy. This Udemy course (consisting of 7.5 hours on-demand videos and 5 articles) is intended to help learners pass the Microsoft AZ-304 Azure Architect Design certification exam the first time.

Microsoft Learn

Microsoft Learn provides you with free online training and learning paths for different Microsoft technologies. Here are the relevant Microsoft Learn modules and learning paths for the AZ-303 and AZ-304 Exams:

• Architect network infrastructure in Azure learning path - Learn | Microsoft Docs
• Architect storage infrastructure in Azure learning path - Learn | Microsoft Docs
• Architect compute infrastructure in Azure learning path - Learn | Microsoft Docs
• Architect infrastructure operations in Azure learning path - Learn | Microsoft Docs
• Architect a data platform in Azure learning path - Learn | Microsoft Docs
• Architect message brokering and serverless applications in Azure learning path - Learn | Microsoft Docs
• Architect modern applications in Azure learning path - Learn | Microsoft Docs
• Architect API integration in Azure learning path - Learn | Microsoft Docs
• Architect migration, business continuity, and disaster recovery in Azure learning path - Learn | Microsoft Docs

Links to Microsoft articles on the specific topics

Below are several links to articles on topics that may come up in the exam. To prepare for the exam, you’d be wise to go through these articles and, where necessary, build the components yourself in your Azure environment.

Exam AZ-303: Microsoft Azure Architect Technologies

Implement and Monitor an Azure Infrastructure

Implement cloud infrastructure monitoring

• monitor security
  • Remediate recommendations in Azure Security Center | Microsoft Docs
  • Azure Security Control - Logging and Monitoring | Microsoft Docs
  • Azure infrastructure monitoring | Microsoft Docs
• monitor performance
  • Create diagnostic settings to send platform logs and metrics to different destinations - Azure Monitor | Microsoft Docs
  • Resource Manager template samples for diagnostic settings - Azure Monitor | Microsoft Docs
  • Azure Monitor overview - Azure Monitor | Microsoft Docs
  • Monitor an Azure resource with Azure Monitor - Azure Monitor | Microsoft Docs
  • Azure Monitor Workbooks Overview - Azure Monitor | Microsoft Docs
  • Azure Monitor Workbooks Visualizations - Azure Monitor | Microsoft Docs
  • Collect data from an Azure virtual machine with Azure Monitor - Azure Monitor | Microsoft Docs
• monitor health and availability
  • Azure Service Health | Microsoft Azure
  • Azure Resource Health overview - Azure Service Health | Microsoft Docs
• monitor cost
  • Checklist - Monitor cost - Azure Architecture Center | Microsoft Docs
  • Monitor usage and spending with cost alerts | Microsoft Docs
  • Download Azure billing invoice and daily usage data | Microsoft Docs
• configure advanced logging
  • What is Azure Application Insights? - Azure Monitor | Microsoft Docs
  • What is monitored by Azure Monitor - Azure Monitor | Microsoft Docs
• configure logging for workloads
  • Azure Monitor Logs - Azure Monitor | Microsoft Docs
• initiate automated responses by using Action Groups
  • Create and manage action groups in the Azure portal - Azure Monitor | Microsoft Docs
• configure and manage advanced alerts
  • Create, view, and manage log alerts Using Azure Monitor - Azure Monitor | Microsoft Docs
  • Manage alert instances in Azure Monitor - Azure Monitor | Microsoft Docs
  • Create diagnostic settings to send platform logs and metrics to different destinations - Azure Monitor | Microsoft Docs
  • Overview of alerting and notification monitoring in Azure - Azure Monitor | Microsoft Docs
  • Create a Log Analytics workspace in the Azure portal - Azure Monitor | Microsoft Docs

Implement storage accounts

• select storage account options based on a use case
  • Storage account overview - Azure Storage | Microsoft Docs
  • Introduction to Azure Storage - Cloud storage on Azure | Microsoft Docs
• configure Azure Files and blob storage
  • Introduction to Blob (object) storage - Azure Storage | Microsoft Docs
  • Create an Azure file share - Azure Files | Microsoft Docs
• configure network access to the storage account
  • Configure Azure Storage firewalls and virtual networks | Microsoft Docs
• implement Shared Access Signatures and access policies
  • Delegate access with a shared access signature - Azure Storage | Microsoft Docs
  • Grant limited access to data with shared access signatures (SAS) - Azure Storage | Microsoft Docs
• implement Azure AD authentication for storage
  • Authorize access to blobs and queues using Active Directory - Azure Storage | Microsoft Docs
• manage access keys
  • Manage account access keys - Azure Storage | Microsoft Docs
• implement Azure storage replication
  • Data redundancy - Azure Storage | Microsoft Docs
  • Disaster recovery and storage account failover - Azure Storage | Microsoft Docs
• implement Azure storage account failover
  • Initiate a storage account failover - Azure Storage | Microsoft Docs

Implement VMs for Windows and Linux

• configure High Availability
  • Availability options for Azure Virtual Machines - Azure Virtual Machines | Microsoft Docs
  • Availability options for Azure Virtual Machines - Azure Virtual Machines | Microsoft Docs
• configure storage for VMs
  • Attach a managed data disk to a Windows VM - Azure - Azure Virtual Machines | Microsoft Docs
  • Attach a data disk to a Windows VM in Azure by using PowerShell - Azure Virtual Machines | Microsoft Docs
  • Select a disk type for Azure IaaS VMs - managed disks - Azure Virtual Machines | Microsoft Docs
• select virtual machine size
  • VM sizes - Azure Virtual Machines | Microsoft Docs
• implement Azure Dedicated Hosts
  • Overview of Azure Dedicated Hosts for virtual machines - Azure Virtual Machines | Microsoft Docs
  • Deploy Azure dedicated hosts using the Azure portal - Azure Virtual Machines | Microsoft Docs
• deploy and configure scale sets
  • Azure virtual machine scale sets overview - Azure Virtual Machine Scale Sets | Microsoft Docs
• configure Azure Disk Encryption
  • Enable Azure Disk Encryption for Windows VMs - Azure Virtual Machines | Microsoft Docs
  • Enable Azure Disk Encryption for Linux VMs - Azure Virtual Machines | Microsoft Docs

Automate deployment and configuration of resources

• save a deployment as an Azure Resource Manager template
  • Download the template for an Azure VM - Azure Virtual Machines | Microsoft Docs
• modify Azure Resource Manager template
  • Templates overview - Azure Resource Manager | Microsoft Docs
  • Tutorial - Create & deploy template - Azure Resource Manager | Microsoft Docs
• evaluate location of new resources
  • Conditional deployment with templates - Azure Resource Manager | Microsoft Docs
  • Template resource location - Azure Resource Manager | Microsoft Docs
• configure a virtual disk template
  • Create a Windows VM from a specialized VHD in the Azure portal - Azure Virtual Machines | Microsoft Docs
• deploy from a template
  • Download the template for an Azure VM - Azure Virtual Machines | Microsoft Docs
• manage a template library
  • Templates overview - Azure Resource Manager | Microsoft Docs
• create and execute an automation runbook
  • Start a runbook in Azure Automation | Microsoft Docs

Implement virtual networking

• implement VNet to VNet connections
  • Configure a VNet-to-VNet VPN gateway connection: Azure portal - Azure VPN Gateway | Microsoft Docs
• implement VNet peering
  • Azure Virtual Network peering | Microsoft Docs
  • Create, change, or delete an Azure virtual network peering | Microsoft Docs

Implement Azure Active Directory

• add custom domains
  • Add your custom domain - Azure Active Directory | Microsoft Docs
• configure Azure AD Identity Protection
  • What is Azure Active Directory Identity Protection? | Microsoft Docs
• implement self-service password reset
  • Deployment considerations for Azure Active Directory self-service password reset | Microsoft Docs
  • Self-service password reset deep dive - Azure Active Directory | Microsoft Docs
  • License self-service password reset - Azure Active Directory | Microsoft Docs
• implement Conditional Access including MFA
  • Conditional Access - Require MFA for all users - Azure Active Directory | Microsoft Docs
  • Sign-in risk-based Conditional Access - Azure Active Directory | Microsoft Docs
• configure user accounts for MFA
  • Enable Azure AD Multi-Factor Authentication | Microsoft Docs
• configure fraud alerts
  • Sign-in event details for Azure AD Multi-Factor Authentication - Azure Active Directory | Microsoft Docs
  • Configure Azure AD Multi-Factor Authentication - Azure Active Directory | Microsoft Docs
• configure bypass options
  • Configure Azure AD Multi-Factor Authentication - Azure Active Directory | Microsoft Docs
• configure Trusted IPs
  • Location condition in Azure Active Directory Conditional Access | Microsoft Docs
• configure verification methods
  • Change your two-factor verification method and settings - Azure Active Directory | Microsoft Docs
  • What is the Additional verification page? - Azure AD | Microsoft Docs
• implement and manage guest accounts
  • What is B2B collaboration in Azure Active Directory? | Microsoft Docs
  • Manage guest access with access reviews - Azure AD | Microsoft Docs
  • Quickstart: Add guest users in the Azure portal - Azure AD | Microsoft Docs
• manage multiple directories
  • Characteristics of multiple tenant interaction - Azure AD | Microsoft Docs

Implement and manage hybrid identities

• install and configure Azure AD Connect
  • Customize an installation of Azure Active Directory Connect | Microsoft Docs
  • Azure AD Connect: Select your installation type | Microsoft Docs
• identity synchronization options
  • Azure AD Connect sync: Understand and customize synchronization | Microsoft Docs
  • Azure Active Directory hybrid identity design considerations - overview | Microsoft Docs
• configure and manage password sync and password writeback
  • Implement password hash synchronization with Azure AD Connect sync | Microsoft Docs
  • Enable Azure Active Directory password writeback | Microsoft Docs
  • Azure AD Connect: Enabling device writeback | Microsoft Docs
  • On-premises password writeback with self-service password reset - Azure Active Directory | Microsoft Docs
• configure single sign-on
  • Azure AD Connect: Seamless Single Sign-On - quickstart | Microsoft Docs
  • Azure AD Connect: Seamless Single Sign-On - Frequently asked questions | Microsoft Docs
• use Azure AD Connect Health
  • Azure Active Directory Connect Health operations | Microsoft Docs
  • What is Azure AD Connect and Connect Health. | Microsoft Docs

Implement Management and Security Solutions

Manage workloads in Azure

• migrate workloads using Azure Migrate
  • About Azure Migrate - Azure Migrate | Microsoft Docs
  • Discover servers running in a VMware environment with Azure Migrate Discovery and assessment - Azure Migrate | Microsoft Docs
  • Assess VMware servers for migration to Azure VMs in Azure Migrate - Azure Migrate | Microsoft Docs
  • Select a VMware migration option with Azure Migrate Server Migration - Azure Migrate | Microsoft Docs
  • Migrate VMware VMs agentless Azure Migrate Server Migration - Azure Migrate | Microsoft Docs
  • Migrate VMware VMs with agent-based Azure Migrate Server Migration - Azure Migrate | Microsoft Docs
• implement Azure Backup for VMs
  • About Azure VM backup - Azure Backup | Microsoft Docs
  • Azure Instant Restore Capability - Azure Backup | Microsoft Docs
• implement disaster recovery
  • Set up Azure VM disaster recovery to a secondary region with Azure Site Recovery - Azure Site Recovery | Microsoft Docs
• implement Azure Update Management
  • Azure Automation Update Management overview | Microsoft Docs
  • Enable Update Management using Azure Resource Manager template | Microsoft Docs
  • Integrate Azure Automation Update Management with Microsoft Endpoint Configuration Manager | Microsoft Docs
  • Manage updates and patches for your VMs in Azure Automation | Microsoft Docs

Implement load balancing and network security

• implement Azure Load Balancer
  • Quickstart: Create an internal load balancer - Azure portal - Azure Load Balancer | Microsoft Docs
  • Quickstart: Create an internal load balancer - Azure PowerShell - Azure Load Balancer | Microsoft Docs
  • Quickstart: Create a public load balancer - Azure portal - Azure Load Balancer | Microsoft Docs
• implement an application gateway
  • Azure Application Gateway configuration overview | Microsoft Docs
• implement a Web Application Firewall
  • What is Azure Web Application Firewall on Azure Application Gateway? - Azure Web Application Firewall | Microsoft Docs
• implement Azure Firewall
  • Deploy & configure Azure Firewall using the Azure portal | Microsoft Docs
• implement Azure Firewall Manager
  • What is Azure Firewall Manager? | Microsoft Docs
  • Azure Firewall Manager deployment overview | Microsoft Docs
• implement the Azure Front Door Service
  • Azure Front Door | Microsoft Docs
  • Quickstart: Set up high availability with Azure Front Door Service - Azure portal | Microsoft Docs
• implement Azure Traffic Manager
  • Azure Traffic Manager | Microsoft Docs
  • Quickstart: Create a profile for HA of applications - Azure portal - Azure Traffic Manager | Microsoft Docs
• implement Network Security Groups and Application Security Groups
  • Azure network security groups overview | Microsoft Docs
  • Create, change, or delete an Azure network security group | Microsoft Docs
• implement Bastion
  • Tutorial: Create an Azure Bastion host: Windows VM: portal | Microsoft Docs

Implement and manage Azure governance solutions

• create and manage hierarchical structure that contains management groups, subscriptions and resource groups
  • Azure Resource Manager overview - Azure Resource Manager | Microsoft Docs
  • Organize your resources with management groups - Azure Governance - Azure governance | Microsoft Docs
  • Quickstart: Create a management group with portal - Azure governance | Microsoft Docs
  • Manage resource groups - Azure portal - Azure Resource Manager | Microsoft Docs
  • Azure subscription limits and quotas - Azure Resource Manager | Microsoft Docs
• assign RBAC roles
  • Assign Azure roles using the Azure portal - Azure RBAC | Microsoft Docs
• create a custom RBAC role
  • Azure custom roles - Azure RBAC | Microsoft Docs
  • Tutorial: Create an Azure custom role with Azure PowerShell - Azure RBAC | Microsoft Docs
• configure access to Azure resources by assigning roles
  • Tutorial: Grant a user access to Azure resources using the Azure portal - Azure RBAC | Microsoft Docs
• configure management access to Azure
  • Manage access to Azure management with Conditional Access in Azure AD | Microsoft Docs
  • Best practices for Azure RBAC | Microsoft Docs
  • Assign Azure roles using the Azure portal - Azure RBAC | Microsoft Docs
• interpret effective permissions
  • What is Azure role-based access control (Azure RBAC)? | Microsoft Docs
  • Quickstart - Check access for a user to Azure resources - Azure RBAC | Microsoft Docs
• set up and perform an access review
  • What are access reviews? - Azure Active Directory | Microsoft Docs
• implement and configure an Azure Policy
  • Overview of Azure Policy - Azure Policy | Microsoft Docs
  • Quickstart: New policy assignment with portal - Azure Policy | Microsoft Docs
  • Tutorial: Build policies to enforce compliance - Azure Policy | Microsoft Docs
• implement and configure an Azure Blueprint
  • Overview of Azure Blueprints - Azure Blueprints | Microsoft Docs
  • Quickstart: Create a blueprint in the portal - Azure Blueprints | Microsoft Docs

Manage security for applications

• implement and configure KeyVault
  • Azure Key Vault Overview - Azure Key Vault | Microsoft Docs
  • Azure Key Vault Keys, Secrets, and Certificates Overview | Microsoft Docs
  • Tutorial - Use Azure Key Vault with an Azure web app in .NET | Microsoft Docs
• implement and configure Managed Identities
  • Managed identities for Azure resources | Microsoft Docs
  • Tutorial: Use managed identity to access Azure Resource Manager - Windows - Azure AD | Microsoft Docs
• register and manage applications in Azure AD
  • Tutorial: Register an application - Azure AD B2C | Microsoft Docs

Implement Solutions for Apps

Implement an application infrastructure

• create and configure Azure App Service
  • Overview - Azure App Service | Microsoft Docs
  • Introduction - Azure App Service Environment | Microsoft Docs
  • Custom configuration and application settings in Azure Web Sites - with Stefan Schackow
  • Configure apps in the portal - Azure App Service | Microsoft Docs
  • Buy a custom domain name - Azure App Service | Microsoft Docs
  • Quickstart: Deploy an ASP.NET web app - Azure App Service | Microsoft Docs
• create an App Service Web App for Containers
  • Quickstart: Run a custom container on App Service - Azure App Service | Microsoft Docs
• create and configure an App Service plan
  • App Service plans - Azure App Service | Microsoft Docs
  • Manage App Service plan - Azure App Service | Microsoft Docs
• configure an App Service
  • Custom configuration and application settings in Azure Web Sites - with Stefan Schackow
  • Configure apps in the portal - Azure App Service | Microsoft Docs
  • Buy a custom domain name - Azure App Service | Microsoft Docs
• configure networking for an App Service
  • Networking considerations - Azure App Service Environment | Microsoft Docs
  • Networking features - Azure App Service | Microsoft Docs
  • Integrate app with Azure Virtual Network - Azure App Service | Microsoft Docs
• create and manage deployment slots
  • Set up staging environments - Azure App Service | Microsoft Docs
• implement Logic Apps
  • Overview for Azure Logic Apps - Azure Logic Apps | Microsoft Docs
  • Quickstart - Create integration workflows with Azure Logic Apps in the Azure portal - Azure Logic Apps | Microsoft Docs
  • Quickstart - Create integration workflows with multi-tenant Azure Logic Apps in Visual Studio - Azure Logic Apps | Microsoft Docs
  • Quickstart - Create integration workflows with Azure Logic Apps in Visual Studio Code - Azure Logic Apps | Microsoft Docs
• implement Azure Functions
  • Azure Functions Overview | Microsoft Docs
  • Triggers and bindings in Azure Functions | Microsoft Docs
  • Azure Functions trigger and binding example | Microsoft Docs
  • Triggers and bindings in Azure Functions | Microsoft Docs
  • Azure Functions HTTP triggers and bindings | Microsoft Docs
  • Durable Functions Overview - Azure | Microsoft Docs

Implement container-based applications

• create a container image
  • Tutorial - Quick container image build - Azure Container Registry | Microsoft Docs
  • Create container images on Service Fabric in Azure - Azure Service Fabric | Microsoft Docs
  • Tutorial - Prepare container image for deployment - Azure Container Instances | Microsoft Docs
• configure Azure Kubernetes Service
  • Introduction to Azure Kubernetes Service - Azure Kubernetes Service | Microsoft Docs
  • Quickstart: Deploy an AKS cluster by using the Azure portal - Azure Kubernetes Service | Microsoft Docs
• publish and automate image deployment to the Azure Container Registry
  • Push & pull container image - Azure Container Registry | Microsoft Docs
  • Tutorial - Quick container image build - Azure Container Registry | Microsoft Docs
• publish a solution on an Azure Container Instance
  • Serverless containers in Azure - Azure Container Instances | Microsoft Docs
  • Quickstart - Deploy Docker container to container instance - Portal - Azure Container Instances | Microsoft Docs
  • Quickstart - Deploy Docker container to container instance - Azure CLI - Azure Container Instances | Microsoft Docs

Implement and Manage Data Platforms

Implement NoSQL databases

• configure storage account tables
  • Introduction to Table storage - Object storage in Azure | Microsoft Docs
  • Understanding the Table service data model (REST API) - Azure Storage | Microsoft Docs
• select appropriate CosmosDB APIs
  • Choose the appropriate API for Azure Cosmos DB - Learn | Microsoft Docs
  • Introduction to Azure Cosmos DB | Microsoft Docs
• set up replicas in CosmosDB
  • Consistency levels in Azure Cosmos DB | Microsoft Docs
  • High availability in Azure Cosmos DB | Microsoft Docs

Implement Azure SQL databases

• configure Azure SQL database settings
  • What is the Azure SQL Database service? - Azure SQL Database | Microsoft Docs
  • Create a single database - Azure SQL Database | Microsoft Docs
  • What is Azure SQL? - Azure SQL | Microsoft Docs
• implement Azure SQL Database managed instances
  • What is Azure SQL Managed Instance? - Azure SQL Managed Instance | Microsoft Docs
  • Quickstart: Create an Azure SQL Managed Instance (portal) - Azure SQL Managed Instance | Microsoft Docs
• configure HA for an Azure SQL database
  • High availability - Azure SQL Database and SQL Managed Instance | Microsoft Docs
• publish an Azure SQL database
  • Deploy to Azure SQL Database - Azure Pipelines | Microsoft Docs
  • Tutorial: Deploy your ASP.NET app and Azure SQL Database code by using Azure DevOps Starter | Microsoft Docs

Exam AZ-304: Microsoft Azure Architect Design

Design Monitoring

Design for cost optimization

• recommend a solution for cost management and cost reporting
  • Azure Cost Management + Billing | Microsoft Docs
  • Overview of Azure Cost Management + Billing | Microsoft Docs
  • Quickstart - Explore Azure costs with cost analysis | Microsoft Docs
• recommend solutions to minimize costs
  • Reduce service costs using Azure Advisor - Azure Advisor | Microsoft Docs
  • Azure Reserved Virtual Machine Instances | Microsoft Azure
  • What are Azure Reservations? | Microsoft Docs

Design a solution for logging and monitoring

• determine levels and storage locations for logs
  • Azure Monitor Logs - Azure Monitor | Microsoft Docs
  • Diagnostic logs - Azure Content Delivery Network | Microsoft Docs
  • Enable diagnostics logging - Azure App Service | Microsoft Docs
  • Create diagnostic settings to send platform logs and metrics to different destinations - Azure Monitor | Microsoft Docs
• plan for integration with monitoring tools including Azure Monitor and Azure Sentinel
  • Azure Monitor overview - Azure Monitor | Microsoft Docs
  • Collect resource logs from an Azure Resource and analyze with Azure Monitor - Azure Monitor | Microsoft Docs
  • What is Azure Sentinel? | Microsoft Docs
  • Quickstart: Onboard in Azure Sentinel | Microsoft Docs
• recommend appropriate monitoring tool(s) for a solution
  • Azure Monitor overview - Azure Monitor | Microsoft Docs
  • Monitoring and diagnostics guidance - Best practices for cloud applications | Microsoft Docs
• choose a mechanism for event routing and escalation
  • What is Azure Event Grid? - Azure Event Grid | Microsoft Docs
  • Stream Azure monitoring data to event hub and external partners - Azure Monitor | Microsoft Docs
  • Create and manage action groups in the Azure portal - Azure Monitor | Microsoft Docs
• recommend a logging solution for compliance requirements
  • Azure security logging and auditing | Microsoft Docs
  • Management and monitoring security features - Microsoft Azure | Microsoft Docs
  • What is Azure Security Center? | Microsoft Docs

Design Identity and Security

Design authentication

• recommend a solution for single-sign on
  • Azure AD Connect: Seamless Single Sign-On | Microsoft Docs
  • What is Azure single sign-on (SSO)? | Microsoft Docs
  • Configure SaaS apps for B2B collaboration - Azure AD | Microsoft Docs
  • Azure AD Connect: Seamless Single Sign-On - quickstart | Microsoft Docs
  • Azure AD Connect: Seamless Single Sign-On - Frequently asked questions | Microsoft Docs
• recommend a solution for authentication
  • Authentication vs. authorization - Microsoft identity platform | Microsoft Docs
  • Microsoft identity platform authentication flows & app scenarios | Microsoft Docs
• recommend a solution for Conditional Access, including multi-factor authentication
  • Conditional Access - Require MFA for all users - Azure Active Directory | Microsoft Docs
  • Sign-in risk-based Conditional Access - Azure Active Directory | Microsoft Docs
  • Enable Azure AD Multi-Factor Authentication | Microsoft Docs
• recommend a solution for network access authentication
  • Location condition in Azure Active Directory Conditional Access | Microsoft Docs
• recommend a solution for a hybrid identity including Azure AD Connect and Azure AD Connect Health
  • What is Azure AD Connect and Connect Health. | Microsoft Docs
  • Azure AD Connect: Select your installation type | Microsoft Docs
  • Customize an installation of Azure Active Directory Connect | Microsoft Docs
  • Azure Active Directory Connect Health operations | Microsoft Docs
• recommend a solution for user self-service
  • Deployment considerations for Azure Active Directory self-service password reset | Microsoft Docs
• recommend and implement a solution for B2B integration
  • What is B2B collaboration in Azure Active Directory? | Microsoft Docs
  • Compare External Identities - Azure Active Directory | Microsoft Docs

Design authorization

• choose an authorization approach
  • Authentication vs. authorization - Microsoft identity platform | Microsoft Docs
• recommend a hierarchical structure that includes management groups, subscriptions and resource groups
  • Azure Resource Manager overview - Azure Resource Manager | Microsoft Docs
  • Manage resource groups - Azure portal - Azure Resource Manager | Microsoft Docs
  • Azure Management Overview - Azure Governance | Microsoft Docs
  • Organize your resources with management groups - Azure Governance - Azure governance | Microsoft Docs
  • Quickstart: Create a management group with portal - Azure governance | Microsoft Docs
  • Azure subscription limits and quotas - Azure Resource Manager | Microsoft Docs
• recommend an access management solution including RBAC policies, access reviews, role assignments, Privileged Identity Management (PIM), Azure AD Identity Protection, Just In Time (JIT) access
  • What is Azure role-based access control (Azure RBAC)? | Microsoft Docs
  • Assign Azure roles using the Azure portal - Azure RBAC | Microsoft Docs
  • Quickstart - Check access for a user to Azure resources - Azure RBAC | Microsoft Docs
  • What is Azure Active Directory Identity Protection? | Microsoft Docs
  • What is Privileged Identity Management? - Azure AD | Microsoft Docs
  • Just-in-time virtual machine access in Azure Security Center | Microsoft Docs
  • What are access reviews? - Azure Active Directory | Microsoft Docs

Design governance

• recommend a strategy for tagging
  • Tag resources, resource groups, and subscriptions for logical organization - Azure Resource Manager | Microsoft Docs
• recommend a solution for using Azure Policy
  • Overview of Azure Policy - Azure Policy | Microsoft Docs
  • Tutorial: Build policies to enforce compliance - Azure Policy | Microsoft Docs
• recommend a solution for using Azure Blueprint
  • Overview of Azure Blueprints - Azure Blueprints | Microsoft Docs
  • Quickstart: Create a blueprint in the portal - Azure Blueprints | Microsoft Docs
• recommend a solution that leverages Azure Resource Graph
  • Overview of Azure Resource Graph - Azure Resource Graph | Microsoft Docs
  • Tutorial: Manage queries in the Azure portal - Azure Resource Graph | Microsoft Docs

Design security for applications

• recommend a solution that includes KeyVault
  • Azure Key Vault Overview - Azure Key Vault | Microsoft Docs
  • Azure Key Vault Keys, Secrets, and Certificates Overview | Microsoft Docs
• recommend a solution that includes Managed Identities
  • Managed identities for Azure resources | Microsoft Docs
  • Tutorial: Use managed identity to access Azure Resource Manager - Windows - Azure AD | Microsoft Docs
• recommend a solution for integrating applications into Azure AD
  • Tutorial: Register an application - Azure AD B2C | Microsoft Docs

Design Data Storage

Design a solution for databases

• select an appropriate data platform based on requirements
  • Understand data store models - Azure Application Architecture Guide | Microsoft Docs
  • What is the Azure SQL Database service? - Azure SQL Database | Microsoft Docs
  • What is Azure SQL? - Azure SQL | Microsoft Docs
• recommend database service tier sizing
  • General purpose and business critical service tiers - Azure SQL Database & SQL Managed Instance | Microsoft Docs
  • General Purpose service tier - Azure SQL Database & Azure SQL Managed Instance | Microsoft Docs
• recommend a solution for database scalability
  • Scale resources - Azure SQL Database | Microsoft Docs
• recommend a solution for encrypting data at rest, data in transmission, and data in use
  • Azure encryption overview | Microsoft Docs
  • Azure Data Encryption-at-Rest - Azure Security | Microsoft Docs
  • Transparent data encryption - Azure SQL Database & SQL Managed Instance & Azure Synapse Analytics | Microsoft Docs

Design data integration

• recommend a data flow to meet business requirements
  • Create a mapping data flow - Azure Data Factory | Microsoft Docs
  • Source transformation in mapping data flow - Azure Data Factory | Microsoft Docs
• recommend a solution for data integration, including Azure Data Factory, Azure Data Bricks, Azure Data Lake, Azure Synapse Analytics
  • Introduction to Azure Data Factory - Azure Data Factory | Microsoft Docs
  • What is Azure Databricks? | Microsoft Docs
  • What is Azure Data Lake Storage Gen1? | Microsoft Docs
  • Azure Data Lake Storage Gen2 Introduction | Microsoft Docs
  • What is dedicated SQL pool (formerly SQL DW)? - Azure Synapse Analytics | Microsoft Docs

Select an appropriate storage account

• choose between storage tiers
  • Access tiers for Azure Blob Storage - hot, cool, and archive | Microsoft Docs
• recommend a storage access solution
  • Introduction to Azure Storage - Cloud storage on Azure | Microsoft Docs
  • Authorize access to blobs and queues using Active Directory - Azure Storage | Microsoft Docs
  • Manage account access keys - Azure Storage | Microsoft Docs
• recommend storage management tools
  • Microsoft client tools for working with Azure Storage | Microsoft Docs
  • Copy or move data to Azure Storage by using AzCopy v10 | Microsoft Docs

Design Business Continuity

Design a solution for backup and recovery

• recommend a recovery solution for Azure hybrid and on-premises workloads that meets recovery objectives (RTO, RLO, RPO)
  • What is Azure Backup? - Azure Backup | Microsoft Docs
  • Architecture Overview - Azure Backup | Microsoft Docs
  • MABS (Azure Backup Server) V3 UR1 protection matrix - Azure Backup | Microsoft Docs
  • About Azure Site Recovery - Azure Site Recovery | Microsoft Docs
  • General questions about the Azure Site Recovery service | Microsoft Docs
  • Common questions about VMware disaster recovery with Azure Site Recovery - Azure Site Recovery | Microsoft Docs
  • Common questions for Hyper-V disaster recovery with Azure Site Recovery - Azure Site Recovery | Microsoft Docs
• design and Azure Site Recovery solution
  • About Azure Site Recovery - Azure Site Recovery | Microsoft Docs
  • General questions about the Azure Site Recovery service | Microsoft Docs
• recommend a solution for recovery in different regions
  • Set up Azure VM disaster recovery to a secondary region with Azure Site Recovery - Azure Site Recovery | Microsoft Docs
  • Data redundancy - Azure Storage | Microsoft Docs
  • Disaster recovery and storage account failover - Azure Storage | Microsoft Docs
• recommend a solution for geo-redundancy of workloads
  • Use geo-redundancy to design highly available applications - Azure Storage | Microsoft Docs
  • Data redundancy - Azure Storage | Microsoft Docs
  • Azure Traffic Manager | Microsoft Docs
• recommend a solution for Azure Backup management
  • Architecture Overview - Azure Backup | Microsoft Docs
  • Manage Azure Recovery Services vaults and servers - Azure Backup | Microsoft Docs
• design a solution for data archiving and retention
  • Access tiers for Azure Blob Storage - hot, cool, and archive | Microsoft Docs
  • Optimize costs by automating Azure Blob Storage access tiers | Microsoft Docs

Design for high availability

• recommend a solution for application and workload redundancy, including compute, database, and storage
  • Regions and Availability Zones in Azure | Microsoft Docs
  • Deploy VMs in an availability set using Azure PowerShell - Azure Virtual Machines | Microsoft Docs
  • Data redundancy - Azure Storage | Microsoft Docs
  • High availability - Azure SQL Database and SQL Managed Instance | Microsoft Docs
  • Cloud business continuity - database recovery - Azure SQL Database & SQL Managed Instance | Microsoft Docs
• recommend a solution for autoscaling
  • Autoscale in Microsoft Azure - Azure Monitor | Microsoft Docs
  • Autoscaling guidance - Best practices for cloud applications | Microsoft Docs
  • Azure virtual machine scale sets overview - Azure Virtual Machine Scale Sets | Microsoft Docs
  • Scale resources - Azure SQL Database | Microsoft Docs
  • Scaling out - Azure SQL Database | Microsoft Docs
• identify resources that require high availability
  • Enabling Data Residency and Data Protection in Microsoft Azure Regions
  • Review your data options - Cloud Adoption Framework | Microsoft Docs
• identify storage types for high availability
  • Disaster recovery and storage account failover - Azure Storage | Microsoft Docs

Design Infrastructure

Design a compute solution

• recommend a solution for compute provisioning
  • Choosing an Azure compute service - Azure Architecture Center | Microsoft Docs
• determine appropriate compute technologies, including virtual machines, App Services, Service Fabric, Azure Functions, Windows Virtual Desktop, Batch, HPC and containers
  • Choosing an Azure compute service - Azure Architecture Center | Microsoft Docs
  • Overview - Azure App Service | Microsoft Docs
  • Introduction to Azure Kubernetes Service - Azure Kubernetes Service | Microsoft Docs
  • Azure Batch runs large parallel jobs in the cloud - Azure Batch | Microsoft Docs
  • Serverless containers in Azure - Azure Container Instances | Microsoft Docs
  • Overview of Azure Service Fabric - Azure Service Fabric | Microsoft Docs
  • Overview of Windows VMs in Azure - Azure Virtual Machines | Microsoft Docs
  • Overview of Linux VMs in Azure - Azure Virtual Machines | Microsoft Docs
  • What is Windows Virtual Desktop? - Azure | Microsoft Docs
• recommend a solution for containers
  • Introduction to Azure Kubernetes Service - Azure Kubernetes Service | Microsoft Docs
  • Serverless containers in Azure - Azure Container Instances | Microsoft Docs
  • Managed container registries - Azure Container Registry | Microsoft Docs
• recommend a solution for automating compute management
  • An introduction to Azure Automation | Microsoft Docs
  • Overview for Azure Logic Apps - Azure Logic Apps | Microsoft Docs

Design a network solution

• recommend a network architecture (hub and spoke, Virtual WAN)
  • Azure network architecture | Microsoft Docs
  • Azure production network | Microsoft Docs
  • Implement network segmentation patterns on Azure - Azure Architecture Center | Microsoft Docs
• recommend a solution for network addressing and name resolution
  • Name resolution for resources in Azure virtual networks | Microsoft Docs
  • Integrate Azure DNS with your Azure resources - Azure DNS | Microsoft Docs
  • Tutorial: Host your domain and subdomain - Azure DNS | Microsoft Docs
  • Quickstart - Create an Azure private DNS zone using the Azure portal | Microsoft Docs
• recommend a solution for network provisioning
  • Azure Virtual Network | Microsoft Docs
  • Azure virtual network service endpoint policies | Microsoft Docs
  • Azure virtual network service endpoints | Microsoft Docs
• recommend a solution for network security including private Link, firewalls, gateways, network segmentation (perimeter networks/DMZs/NVAs)
  • Azure network security groups overview | Microsoft Docs
  • Azure application security groups overview | Microsoft Docs
  • Azure virtual network service endpoints | Microsoft Docs
  • Azure Virtual Network FAQ | Microsoft Docs
  • What is Azure Firewall? | Microsoft Docs
• recommend a solution for network connectivity to the Internet, on-premises networks, and other Azure virtual networks
  • About Azure VPN Gateway | Microsoft Docs
  • Azure ExpressRoute Overview: Connect over a private connection | Microsoft Docs
• recommend a solution for automating network management
  • Azure Virtual Network | Microsoft Docs
• recommend a solution for load balancing and traffic routing
  • Overview of Azure load-balancing options - Azure Application Architecture Guide | Microsoft Docs
  • Azure Front Door | Microsoft Docs
  • Azure Traffic Manager | Microsoft Docs
  • What is Azure Application Gateway | Microsoft Docs
  • What is Azure Load Balancer? - Azure Load Balancer | Microsoft Docs

Design an application architecture

• recommend a microservices architecture including Event Grid, Event Hubs, Service Bus, Storage Queues, Logic Apps, Azure Functions, Service Fabric, AKS, Azure App Configuration and webhooks
  • Microservices architecture style - Azure Application Architecture Guide | Microsoft Docs
  • What is Azure Event Grid? - Azure Event Grid | Microsoft Docs
  • Overview of features - Azure Event Hubs - Azure Event Hubs | Microsoft Docs
  • Azure Service Bus messaging overview - Azure Service Bus | Microsoft Docs
  • Introduction to Azure Queue Storage - Azure Storage | Microsoft Docs
  • Overview for Azure Logic Apps - Azure Logic Apps | Microsoft Docs
  • Azure Functions Overview | Microsoft Docs
  • Start an Azure Automation runbook from a webhook | Microsoft Docs
• recommend an orchestration solution for deployment and maintenance of applications including ARM templates, Azure Automation, Azure Pipelines, Logic Apps, or Azure Functions
  • Templates overview - Azure Resource Manager | Microsoft Docs
  • Tutorial - Create & deploy template - Azure Resource Manager | Microsoft Docs
  • Overview for Azure Logic Apps - Azure Logic Apps | Microsoft Docs
  • Azure Functions Overview | Microsoft Docs
• recommend a solution for API integration
  • Basic enterprise integration on Azure - Azure Architecture Center | Microsoft Docs
  • API Management – Manage APIs | Microsoft Azure
  • Azure Integration Services | Microsoft Azure

Design migrations

• assess and interpret on-premises servers, data, and applications for migration
  • Azure Migration Center | Microsoft Azure
  • About Azure Migrate - Azure Migrate | Microsoft Docs
  • Discover servers running in a VMware environment with Azure Migrate Discovery and assessment - Azure Migrate | Microsoft Docs
  • Assess VMware servers for migration to Azure VMs in Azure Migrate - Azure Migrate | Microsoft Docs
  • Azure VM assessments in Azure Migrate - Azure Migrate | Microsoft Docs
  • Assess SQL Server readiness to migrate to Azure SQL Database - Data Migration Assistant | Microsoft Docs
• recommend a solution for migrating applications and VMs
  • About Azure Migrate - Azure Migrate | Microsoft Docs
  • Select a VMware migration option with Azure Migrate Server Migration - Azure Migrate | Microsoft Docs
• recommend a solution for migration of databases
  • Assess SQL Server readiness to migrate to Azure SQL Database - Data Migration Assistant | Microsoft Docs
  • SQL Server Migration Assistant - SQL Server | Microsoft Docs
• determine migration scope, including redundant, related, trivial, and outdated data
  • Azure Migrate FAQ - Azure Migrate | Microsoft Docs
• recommend a solution for migrating data (Storage Migration Service, Azure Data Box, Azure File Sync-based migration to hybrid file server)
  • Storage Migration Service overview | Microsoft Docs
  • Microsoft Azure Data Box overview | Microsoft Docs
  • Migrate to Azure file shares | Microsoft Docs

Books and other reading material

Due to the rapid renewal and innovative nature of cloud and Microsoft, there is no book I would advise you. Mainly because these are quickly becoming outdated and the fact that there are much better alternatives. If you still like to use a book for studying, then these books are suitable for learning:

• the Exam Ref AZ-303 Microsoft Architect Technologies by Mike Pfeiffer, Derek Schauland, et al..
• the Exam Ref AZ-304 Microsoft Architect Design by Ashish Agrawal, Avinash Bhavsar et al..

Practice exams

Practice exams are useful for getting a feel for the exam questions and topics. My personal experience with practice exams is that they are often outdated, incomplete, or that the answers marked as correct in practice exams are actually incorrect. I advise everyone not to use practice exams to memorize questions and the corresponding answers, but mainly to use them to get a feel for the real exam. Below are some practice exams for the AZ-303 and AZ-304 exams:

• Microsoft Azure Architect Technologies (AZ-303) by Whizlabs.
• Microsoft Azure Architect Design (AZ-304) by Whizlabs.
• Microsoft AZ-303 Exam by ExamTopics.
• Microsoft AZ-304 Exam by ExamTopics.

Good luck!

Now that we have come to the end of this article, hopefully you have discovered enough learning materials to take the AZ-303 and AZ-304 exams with confidence. All I can do now is wish you the best of luck. Goodluck!