I have cleared AZ-305 exam a couple of weeks ago and finally got time to write my learnings. Hope it can help you to achieve this certificate if this is your goal.
I started to use Azure a few years ago but in a very light mode. For my current role, as we have a client whose platform is built on Azure, I started to immerse myself in it. I have learned quite a lot from the project but for clearing the exam, it is definitely not enough.
I am a DevOps/SRE engineer and have almost 5-year experience on Cloud and System Architecture. So for the well-architected framework, I have not spent too much time so I mainly focus on functions/features of each Azure services and how it can provide users with well-architected solutions. If you have not done any Cloud Architecture project, I would suggest you to read and learn it. The resource can be used as below:
- Azure Training — Build great solutions with the Microsoft Azure Well-Architected Framework
- AWS Well-Architected Framework
Regarding the materials I used, I would highly recommend the official Microsoft online training material for this exam. You don’t have to go through every section if you already have experience on them but the material could definitely help you fill the gaps of your knowledge base.
I would not copy-paste the exam instruction to waste your time on this article. Below I listed the key knowledge I think the most important, which I spent lots of time to learn and do hands-on. I would like to emphasise there is no better way to learn Azure other than hands-on exercise.
Azure AD
It covers quite a lot of knowledge. You need to apply the 30-day free trial on the premium license to learn the advanced features such as PIM(Privileged Identity Management), access review…
Also, you need to understand the difference between AD conditional access policy and Azure Policy. These names can make people very confused.
Another key point for AD is to understand how the domain service works, especially for integration with on-premise environment.
For IAM, you need to know RBAC, managed identities (system-assigned and user-assigned), AD application… If you have some experience on AWS like me, you may need to spend more time to understand the difference…
Governance and Monitoring
For governance, the key thing is to understand the Azure management hierarchy. See below diagram, you need to understand what these levels mean and what use cases they fit into differently.
Other than this, as a solution architect, you need to know how to design Blueprints and Landing zones. The goal of Blueprints is to maintain consistency and compliance for your organisation during deploying cloud resources. It includes not only resources but also policies, roles…(Different from ARM template). For Blueprints and Landing zones, do some exercise if you have enough time.
For monitoring, the keywords are logs and metrics. You need to know where these two things are generated and stored and presented. Make sure you know application insights, diagnostic settings, log analytics, Azure monitor and log agent. There are quite a lot of details for each.
Multi-Tier Application
This is not a key word in AZ-305 but you do need to make sure you fully understand this concept. Understanding how to design a multi-tier application is the foundation for a solution architect. It requires you to have comprehensive knowledge such as compute, network, database, storage, system resiliency, scalability, disaster recovery, security… Any of these include exam knowledge.
For Compute, you need to know how to create a proper VM solution, or use Function App(Serverless) or Batch service for automation. Also, if containerised system would give you more flexibility or performance, etc…
For network, you need to know what are virtual network, subnet, peering, how to connect on-premise network with Cloud (VPN, express route), how to securely provision your resources within the private network, how to make the connection resilient…
For Database and Storage, you need to know different types of database such as relation database(SQL, Elastic Pool), NoSQL(DynamoDB, Table Storage), Blob(Object) and File Storage, Data Lake. Always think about the availability, scalability and COST (I did not take this as a section but it is very important in the exam)… Also, there are some data integration services you need to know: Data Factory, , DataBricks, Import/Export…
For Security, this is a very big topic. What I suggest for quickly checking what you know is to go through these parts:
- Identity: AD…AD…AD…Very Important.
- Encryption: think about data in rest and in transit
- Network: NSG, ASG, WAF, NAT, Private subnet…
Some other key services I would to emphasise here which include Load balancer, Front Door, API management… If you still don’t know what these services are and what their features are, you might not be ready for the exam.
Migration
Migration solution is also very important for a solution architect as more and more on-premise applications are migrated to Cloud these days. I would suggest you can go through this.
Learning Materials
Other than the official training and Microsoft Azure documents, I would like to recommend some other materials from my own perspective.
For the practice exam, most of the answers are correct but please don’t always trust the answers. Think about them and try find answers from Microsoft and you can ask questions to the course owner as well and they are always fast responded.
Conclusion
Honestly, compared with AWS DevOps Professional, I don’t think this exam is too difficult. However, hands-on exercise is very important if you don’t have experience on all or some of the services.
Hope this could point you to the right direction for your exam preparation. If you think it helpful, please follow me and you will see my next following tech blogs.
Also, my new Youtube Channel — StartQuick Tech is in preparation. This channel is used to share all my experience on tech and I may start from Cloud Knowledge. I would appreciate it if you can subscribe. I believe you can get lots of value from it.
Thanks.
Harry in NZ
Top comments (0)