The Microsoft Azure Developer Associate (AZ-204) is the essential certification for cloud developers. While the AZ-104 is about managing infrastructure, the AZ-204 is about coding against it.
If you're preparing for the 2026 exam, this deep-dive covers the critical SDK patterns, consistency models, and configuration "gotchas."
1. Develop Azure Compute Solutions (25-30%)
As a developer, you need to know how to host code without managing the underlying VM.
App Service (PaaS)
-
Deployment Slots: (Standard tier+) Used for zero-downtime deployments.
- Sticky Settings: Mark as "Deployment slot setting" to prevent a setting (like a Dev DB string) from moving to Prod during a swap.
- CORS: Must be configured in the App Service portal to allow cross-origin JavaScript calls from your frontend.
Azure Functions (Serverless)
- Consumption Plan: Automatic scaling, pay-per-execution. 1.5GB RAM limit.
- Premium Plan: Eliminates cold starts, VNET integration, longer timeouts.
-
Durable Functions: State management for serverless.
-
Orchestrator: Defines the workflow. Must be deterministic (No
DateTime.NoworGuid.NewGuid). - Activity: The function that performs the actual task.
-
Orchestrator: Defines the workflow. Must be deterministic (No
2. Develop for Azure Storage (15-20%)
Focus on how to interact with data via SDKs.
Azure Cosmos DB (SQL API)
-
Consistency Levels: (The "Must-Know" for the exam)
- Strong: Highest consistency, highest latency.
- Bounded Staleness: Reads lag behind writes by a defined interval.
- Session: (Default) Consistent prefix within a single user session.
- Consistent Prefix: Updates appear in the correct order.
- Eventual: Fastest performance; no guarantee of order.
- Partition Key: Choose a property with high cardinality to avoid "Hot Partitions."
Blob Storage SDK
- Access Tiers: Hot (Frequent), Cool (>30 days), Archive (>180 days, requires rehydration).
- Lifecycle Management: Automate moves between tiers using JSON policies.
- SAS Tokens: Use User Delegation SAS for best security (backed by Entra ID).
3. Implement Azure Security (15-20%)
The exam heavily tests Zero Trust and secret-less communication.
-
Managed Identities:
- System-Assigned: Tied to the lifecycle of the resource.
- User-Assigned: Standalone resource; can be shared across multiple resources.
- Azure Key Vault: Store Secrets (strings), Keys (encryption), and Certificates. Use RBAC for modern access control.
-
Microsoft Graph: The API for interacting with Entra ID (Users, Groups). Requires
GraphServiceClient.
4. Connect to & Consume Azure Services (20-25%)
How to make microservices talk to each other.
| Service | Type | Use Case |
|---|---|---|
| Service Bus | Message | High reliability, transactions, FIFO. |
| Event Grid | Event | Reactive programming (e.g., "File uploaded -> Run Function"). |
| Event Hubs | Event | Big data streaming, telemetry (millions of events/sec). |
| Queue Storage | Message | Simple, massive scale, local to a storage account. |
API Management (APIM)
-
Policies: XML snippets to change API behavior.
-
<inbound>: Rate limits, JWT validation. -
<outbound>: Format conversion (XML to JSON).
-
5. Monitor, Troubleshoot, & Optimize (5-10%)
- Application Insights: Use the SDK to track custom events, exceptions, and dependencies.
- Log Analytics: Search logs using KQL (Kusto Query Language).
- Availability Tests: Use "Ping" tests to ensure your endpoint is reachable globally.
Developer "Gotchas"
- Tags don't inherit: Tagging a Resource Group does NOT tag the resources inside.
- App Configuration: Used for centralized Feature Flags.
- Redis Cache: Implement the Cache-Aside Pattern.
- Instrumentation Key: Required to link your code to Application Insights.
Good luck with your AZ-204!
Top comments (0)