Microsoft Azure Exam AZ-302 Study Notes

This exam is a transition for those who already passed AZ-535. AZ-302: Microsoft Azure Solutions Architect certification transition is is based on both AZ-300: Microsoft Azure Architect Technologies & AZ-301: Microsoft Azure Architecture Design. The exam is very in-depth and covers the topics:

• Determine Workload Requirements (15-20%)
• Design and Identity Security (5-10%)
• Design a Business Continuity Strategy (15-20%)
• Implement Workloads and Security (5-10%)
• Implement Authentication and Secure Data (5-10%)

Knowing the topics is one thing, knowing how to apply them in specific scenarios is another! Unfamiliar with a specific topic or area? I recommend deploying each resource into Azure, view the settings and look at why they may be deployed over a similar resource. Read my blog on Microsoft Azure:- Exam Preparation Tips

Study Notes

Determine Workload Requirements (15-20%)

Determine Feasibility and Refine Requirements

May include but not limited to: Recommend changes during project execution (ongoing); create proof of concept (PoC); determine whether a pilot is needed; evaluate products and services to align with solution; create testing scenarios; refine user stories

Azure Hybrid Benefit for Windows Server
Azure Virtual Machine Reserved Instances
Azure Virtual Machine Cost Saving by Resizing
Azure Virtual Machine Burstable InstancesAzure Cost Optimising
Removing unused ExpressRoute Circuits
Using Azure Cloudyn for monitoring spend
Using Azure Advisor for Cost Recommendations
Azure SQL Server BYOL
Azure Pricing Calculator
Azure Migrate Pricing
Azure App Service Plans – Overview
Have also included a couple of videos
Optimising Azure Spend
Design For Efficiency And Operations

Optimize Consumption Strategy

May include but not limited to: Optimize app service, compute, identity, network, and storage costs

Azure App Services Best Practices
Azure App Service MatrixAzure App Service – Compare Hosting Plans
Azure Compute – Virtualization And Scalability
Azure Virtualization Comparison
Azure Datastore Comparison
Azure Compute Service Decision Tree
Azure Managed Identities
Securing Your Secrets Using Azure Key Vault And Virtual Machine Identity
Which Azure Data Store To Use

Design For Identity And Security (5-10%)

Design Authorization

May include but not limited to: Choose an authorization approach; define access permissions and privileges; design secure delegated access (e.g., oAuth, OpenID, etc.); recommend when and how to use API Keys.

Always Encrypted & Azure Key Vault
Azure AD Authentication
OAuth2 Flow
Azure API Keys
OpenID Connect
Azure AD Signing Key Rollover
Azure AD Permissions And Consent

Design A Business Continuity Strategy (15-20%)

Design a Site Recovery Strategy

May include but not limited to: Design a recovery solution; design a site recovery replication policy; design for site recovery capacity and for storage replication; design site failover and failback (planned/unplanned); design the site recovery network; recommend recovery objectives (e.g., Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO)); identify resources that require site recovery; identify supported and unsupported workloads; recommend a geographical distribution strategy

Azure To Azure – Enabling Site Recovery Replication
Azure To Azure – Network Mapping
Azure To Azure – Replicate After Migration
Azure To Azure – Support Matrix
VMWare To Azure – Enabling Site Recovery Replication
VMWare Deployment Planner Report
VMWare Deployment Planner Cost Estimation
VMWare To Azure – Support Matrix
Hyper-V Site Recovery
Hyper-V Capacity Planning
Azure Site Recovery Capacity Planning
Azure Site Recovery Failover & Failback
Azure Site Recovery – Network Interfaces On Premises To Azure
Azure Site Recovery – Network Concepts On Premise To Azure
Azure Site Recovery SLAs (RPO/RTO)
Azure Site Recovery Monitoring & Troubleshooting
Azure Site Recovery Linux Support

Design for High Availability

 May include but not limited to: Design for application redundancy, autoscaling, data center and fault domain redundancy, and network redundancy; identify resources that require high availability; identify storage types for high availability

Azure Redundancy Design Principles
Windows Application Server with SQL Server POC On Azure
SQL High Availability In Azure – Availability Groups
Which Data Store To Use?
Azure Availability Checklist
Azure Resiliency Checklist

Implement Workloads And Security (5-10%)

Configure Serverless Computing

May include but not limited to: Create and manage objects; manage a Logic App resource; manage Azure Function app settings; manage Event Grid; manage Service Bus

Serverless Computing Overview
Manage Event Grid
Event Grid Schema
Event Grid Security Authentication
Service Bus Overview
Service Bus PowerShell
How To Use Azure Function
Logic Apps Overview

Implement Authentication And Secure Data (5-10%)

Implement The Secure Data Solutions

May include but not limited to: Encrypt and decrypt data at rest; encrypt data with Always Encrypted; implement Azure Confidential Compute and SSL/TLS communications; create, read, update, and delete keys, secrets, and certificates by using the KeyVault API

Storage Service Encryption
SQL Always Encrypted 
SQL Always Encrypted Key Vault
SQL – TDE Or Always Encrypted?
Azure Confidential Compute
Key Vault API
CosmosDB – Secure Access To Data
CosmosDB – DB Permissions
CosmosDB – DB Security

Develop For The Cloud (25-30%)

Configure A Message-Based Integration Architecture

May include but not limited to: Configure an app or service to send emails, Event Grid, and the Azure Relay Service; create and configure a Notification Hub, an Event Hub, and a Service Bus; configure queries across multiple products

Run Background Tasks With Webjobs
Send Emails Using SendGrid
Service Fabric Deployment
Choosing Right Azure Messaging Service For Your Data
Choosing A Messaging Model In Azure

Develop For Autoscaling

May include but not limited to: Implement autoscaling rules and patterns (schedule, operational/system metrics, code that addresses singleton application instances, and code that addresses transient state

Overview Of Autoscaling
Autoscaling Best Practices
App Service Plans
Scale An App Service
Web App Best Practices
Durable Functions
Cloud Apps Fault Handling
Autoscale Virtual Machines

Thank you for reading this blog, its thorough and hopefully will help you with passing AZ-302, give me a shout on Twitter on how you get on along if this blog has helped you!