This blog is part of a 3 part series covering the 2024 AZ900 study guide. While there is tremendous value in going through this blog even if you are not writing the exam , please be aware that the content is centered around the exam.
As with any exam , the curriculum and the course content will evolve over time , please pay attention to when this blog was written and take into account that the exam and its content may have changed.
At time of writing , you can find the official study guide here:
Study guide for Exam AZ-900: Microsoft Azure Fundamentals
Describe cost management in Azure
Describe factors that can affect costs in Azure
Compare the pricing calculator and the Total Cost of Ownership (TCO) Calculator
Describe cost management capabilities in Azure
Describe the purpose of tags
Azure offers several tools and features to help manage and optimize cloud spending:
Tags in Azure are key-value pairs attached to resources that allow you to categorize and manage them by assigning metadata. This is particularly useful for cost management for several reasons:
Describe features and tools in Azure for governance and compliance
Describe the purpose of Microsoft Purview in Azure
Describe the purpose of Azure Policy
Describe the purpose of resource locks
Purpose: Microsoft Purview (formerly known as Azure Purview) is a unified data governance service that helps organizations manage and govern their on-premises, multi-cloud, and software-as-a-service (SaaS) data. Its primary purpose is to provide a comprehensive data landscape across the organization, enabling data discovery, classification, and end-to-end data lineage, which helps in understanding data origins, transformations, and movements. Microsoft Purview aids in compliance and risk management by ensuring that data policies are consistently applied and that data is managed in accordance with regulations and business requirements.
Purpose: Azure Policy is a service designed to enforce organizational standards and to assess compliance at scale across resources in Azure. It allows the creation and management of policies that enforce rules over Azure resources, ensuring they comply with corporate standards and service level agreements (SLAs). Azure Policy can automatically remediate non-compliant resources, ensuring continuous compliance and governance. It’s instrumental in scenarios such as enforcing naming conventions, ensuring specific resource types are deployed in certain regions, or that all resources have specific tags applied. Azure Policy can also add restrictions on storage account SKUs, virtual machine instance types, and rules relating to tagging of resources and groups.
The Microsoft Service Trust Portal is a resource for organizations to access detailed information on how Microsoft manages security, compliance, and privacy. It serves as a central repository where users can find documents, reports, and other materials related to Microsoft’s cloud services’ trustworthiness, including compliance certifications and audit reports. This portal is designed to help organizations meet their regulatory and compliance requirements by providing transparency into Microsoft’s cloud services’ security practices.
Purpose: Resource locks provide a way to protect Azure resources from accidental deletion or modification. They can be applied to subscriptions, resource groups, and individual resources, offering an additional layer of protection. There are two types of locks: Read-only and Delete. A Read-only lock prevents any modifications to the resource, whereas a Delete lock ensures the resource cannot be deleted. These locks are particularly useful in production environments or wherever it’s critical to prevent changes that could lead to service interruptions or data loss.
Describe features and tools for managing and deploying Azure resources
Describe the Azure portal
Describe Azure Cloud Shell, including Azure Command-Line Interface (CLI) and Azure PowerShell
Describe the purpose of Azure Arc
Describe infrastructure as code (IaC)
Describe Azure Resource Manager (ARM) and ARM templates
Description: The Azure Portal is a web-based, unified console that provides an intuitive graphical interface to manage Azure resources. It allows users to create, manage, and monitor everything from simple web apps to complex cloud deployments. The portal offers guided experiences for deploying and managing resources, comprehensive management of your billing and account, and a marketplace for third-party services.
Description: Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides a choice of two command-line experiences.
Purpose: Azure Arc extends Azure’s management capabilities to resources located outside of Azure, whether on-premises, in other clouds, or at the edge. It enables users to manage these external resources as if they were native Azure resources, applying consistent policies, governance, and deploying services across their hybrid environment. This makes it easier to implement complex cloud strategies without being limited to resources located in Azure data centers.
Description: Infrastructure as Code (IaC) is a key DevOps practice, involving the management and provisioning of infrastructure through code instead of through manual processes. It enables developers and IT professionals to automatically manage, monitor, and provision resources through scripts. IaC increases efficiency, reduces the potential for human error, and ensures consistent configurations at scale.
Description:
Describe monitoring tools in Azure
Describe the purpose of Azure Advisor
Describe Azure Service Health
Describe Azure Monitor, including Log Analytics, Azure Monitor alerts, and Application Insights
Purpose: Azure Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry to offer recommendations across five categories: high availability, security, performance, cost, and operational excellence. These recommendations help improve the efficiency, security, and performance of your Azure resources.
Purpose: Azure Service Health provides personalized alerts and guidance when Azure service issues affect you. It offers a comprehensive view of the health of Azure services, regions, and resources, helping you understand how service problems might impact your resources. Service Health also provides details on planned maintenance and changes that could affect the availability of your services, allowing for proactive planning and response.
Purpose: Azure Monitor is a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. It helps you understand how your applications are performing and proactively identifies issues affecting them and the resources they depend on. Key components include:
WRITTEN BY
Yashlin Naidoo