Exam AZ-204: Developing Solutions for Microsoft Azure — Study Tips
Madeleine von Hausswolff
The Cloud is getting closer to us as the datacenters increase in numbers and the demand for skilled people to use the technology also increases. Since I am a developer I wanted to learn and get the skills needed. I decided to make the effort to get the certificate Azure Developer Associate and now I have passed the exam! I want to share my experience and what I believe is the essential knowledge to be able to pass the test for the Exam AZ-204: Developing Solutions for Microsoft Azure.
To pass the test you must both have experience working with Azure and study the parts you have not yet worked with. At first my trouble was that it is hard to get the experience you need if you do not work with it professionally and it is hard to get those assignments without experience.
However, the opportunity to work with Azure in my daily work showed up and I seized it. The project was to migrate an existing website to the cloud. To do that I needed to change parts of the system. For example, I implement the use of blob storage for images and files instead of storing a huge amount of data in the SQL database.
I learned by doing during my office hours and on top of that I spent a lot of spare time learning from online resources with the Exam as my goal. I must say, it was more demanding than I expected and the first time I tried I failed.
The exam covers a vast area of knowledge, so it is easy to get overwhelmed. Keep in mind, you are not just learning to pass a test, you are learning new skills for the future. This takes time and you must let it do so. My study tips are based on how you can make the most value of the time you spend studying for the exam.
It is not possible to pass it if you have not worked some with Azure. The questions demand you to analyze different solution alternatives both from a broader perspective and a detailed level. Therefore you must both know about design decisions to make when choosing what to implement and have worked with code that implements azure solutions.
I will give tips on each part according to the Skills Measured-parts found in the document on the link above. My headlines below are like those you find in the document, but the body text is different. This is just to make it easier for you to follow. In general, I believe it is wise to focus on the best practices Microsoft communicates. They want you to use Azure as they teach it, and this will shine throw in their questions.
Develop Azure comput solutions
- Learn commands in Azure CLI and Azure PowerShell. They focus more on Azure CLI as they want people to use it, but still it cannot replace PowerShell completely, so they want you to be able to use both. Look at the commands to create the following:
- Create a VM and configure it for remote access (port number)
- Create and deploy a web app for different environment and sources such as: Windows, Linux, with python, in a container, in a container running on ACI, in a container with an image from ACR
- Deploy code from a GitHub-source.
- Be familiar with ARM Templates and their syntax in the JSON-file.
- Know how to configure auto-scaling for a web app. What are the rules and what are they based on?
- Know which app service plan to use based on what is included in the different pricing-tiers. If you get a question on how to configure auto-scaling for a web app, you need to know which SKU to use. They often ask you to minimize cost when meeting the demands. You find more info about auto-scaling on the following link: https://docs.microsoft.com/sv-se/azure/architecture/best-practices/auto-scaling Länk till annan webbplats.
- Know how to enable logging for an app and how to view the log from an app running in a container.
- Know how to configure Function apps and the difference between consumption plan and app plan.
- Be familiar with the input and output-bindings and how a function is triggered.
- Know what a durable function is and when to use it.
Develop for Azure storage
You need to know…
…the difference between storage v1 and v2
…difference between access tiers hot, cool and archive.
…how long it takes to retrieve data from an archive access tier.
…what the change feed for blob storage is and what it is used for.
…what a Cosmos DB is and when to use it.
…how to connect to or create a storage account or Cosmos DB in C# code and initialize a client.
…how to create, update and copy blobs (including metadata) in C# code and Azure CLI.
…how to create and update a table in Cosmos DB and storage account in C# code.
…how to determine with partition key to use for Cosmos DB
…what consistency level for operations in Cosmos DB is and in which scenarios to use each one of them.
… the different levels of redundancy for Cosmos DB and how to configure it.
Implement Azure security
Learn about Azure Active Directory
- What steps to take to create an app registration through the portal.
- Know that to use Azure AD is free, but there are features, like the ability to use multi-factor authentication, that you need to upgrade to a paid premium version to get.
- Learn about authentication with OAuth 2.0 Implicit Grant.
The recommended way to secure an azure application is through RBAC. Learn what it is and how to configure it. Learn…
…how to implement managed identities.
…what system assigned identity and user-assigned identity is and how to configure them.
…how to configure the manifest to restrict user access for an application
…what OpenId, JWT token and JWT authentication are.
The recommended way to secure containers or files in Azure storage is through SAS. You can for example give time-limited access. Learn what it is and how to configure it.
The recommended way to store keys and secrets is to use Key Vault. Learn how to use it. Learn…
…commands in Azure CLI for interaction with Key Vault.
…Learn the steps to import an HSM-encryption key from on-prem to store in Key Vault.
https://docs.microsoft.com/sv-se/azure/active-directory/develop/v2-oauth2-implicit-grant-flow Länk till annan webbplats.
https://jan-v.nl/post/using-an-azure-managed-identity-to-authenticate-on-a-different-app-service/ Länk till annan webbplats.
https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals Länk till annan webbplats.
https://www.codemag.com/Article/1903021/Managed-Identity-in-Azure Länk till annan webbplats.
https://docs.microsoft.com/sv-se/azure/active-directory/managed-identities-azure-resources/overview Länk till annan webbplats.
https://endjin.com/blog/2019/01/managing-applications-using-azure-ad-service-principals-and-managed-identities Länk till annan webbplats.
https://docs.microsoft.com/sv-se/previous-versions/azure/key-vault/vs-secure-secret-appsettings Länk till annan webbplats.
Monitor, troubleshoot, and optimize Azure solutions
- What a CDN Is and why to use it
- Difference between the three CDN edge nodes providers: Microsoft, Akamai and Verizone
- What a front door is and when to use it.
- How to customize the Caching and Optimization in the CDN according to specified demands. For example, what to cache and for how long.
- How to configure an SSL certificate.
- Why use Redis cache.
- Learn about Azure Monitor:
- What the different parts in Azure Monitor is used for.
- How to add Application Insights and what it is used for.
- How to add configure Application Insights in C# code for an application.
- How to set up Alerts.
- How to set up a Web Test.
- Learn some syntax and built-in functions for querying log data.
Connect to and consume Azure services and third-party services
A recommended way to transfer an on prem-solution to the cloud is to set up workflows in a Logic App (Lift and shift). You can trigger a Logic app from different sources and connect to both on-prem and Azure resources.
- For a Logic app learn…
…to be familiar with what types of actions you can create as steps in the workflow.
…which the built-in trigger for starting a logic app is and some custom connectors that can be used.
…the process of using an Azure Resource Manager template, make changes in it and deploy.
- Be familiar with an APIM instance. Learn…
…how to configure authentication and route traffic from a public frontend to a private backend.
… the categories of policies: outbound, inbound and backend and what can be configured for each category
Learn the following event-based and message-based solutions and the difference between them. They are listed here with some significant info following each.
- Azure Event Grid.
- Has built-in support from events coming from Azure services like blobs and resource groups.
- Is used to react to status changes. (e.g. A blob is created)
- More info: https://docs.microsoft.com/sv-se/azure/event-grid/overview Länk till annan webbplats.
- Azure Notification Hubs
- Is a push engine to send notifications to any platform from any back end (cloud or on-premises) solution.
- More info: https://docs.microsoft.com/sv-se/azure/notification-hubs/notification-hubs-push-notification-overview Länk till annan webbplats.
- Azure Event Hub
- It must be created and configured.
- You can configure partitions when created.
- It can store a lot of data.
- Is used for telemetry and distributed data streaming.
- It has these features: low latency, capable of receiving and processing millions of events per second, at least once delivery.
- More info: https://docs.microsoft.com/sv-se/azure/event-hubs/event-hubs-about Länk till annan webbplats.
- Azure Service Bus
- Is an asynchronous enterprise messaging service.
- A namespace for it must first be created.
- You can create Queues, Topics, and subscriptions.
- Is used for order processing and financial transactions.
- Has these features: at least once delivery, transactions, dead-lettering, and filtering capabilities.
- More info: https://docs.microsoft.com/sv-se/azure/service-bus-messaging/service-bus-messaging-overview Länk till annan webbplats.
- Learn about queues, subscriptions, topics and topic filters.
https://docs.microsoft.com/sv-se/azure/service-bus-messaging/service-bus-queues-topics-subscriptions Länk till annan webbplats.
https://docs.microsoft.com/sv-se/azure/service-bus-messaging/topic-filters Länk till annan webbplats.
- Azure Queue Storage
- Is created In a Storage account.
- Is less advanced than the Service bus but has a higher capacity to store (over 80 GB).
- More info: https://docs.microsoft.com/sv-se/azure/storage/queues/storage-queues-introduction Länk till annan webbplats.
Comparison of the different products
https://docs.microsoft.com/sv-se/azure/event-grid/compare-messaging-services Länk till annan webbplats.
https://docs.microsoft.com/sv-se/azure/architecture/guide/technology-choices/messaging Länk till annan webbplats.
https://docs.microsoft.com/sv-se/azure/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted Länk till annan webbplats.
Sources for studying
There is a lot to learn about Azure for sure! We have all different knowledge to start with. I did not know so much when I started my learning journey. Here follow the resources I have used to learn.
I found the Udemy course AZ-204 Developing for Microsoft Azure Exam Prep, https://www.udemy.com/course/70532-azure/ Länk till annan webbplats. useful as an overview of the exam content. It did not always explain so deeply and it left me with questions about how and why. I continued my learning process by listening to courses at Pluralsight. I found them very explanatory and I gain a lot of understanding. In the course platform Pluralsight there is a lot of material. The problem is to know what is relevant to spend your time on. They have the path Developing Solutions for Microsoft Azure (AZ-204) https://app.pluralsight.com/paths/certificate/developing-solutions-for-microsoft-azure-az-204 Länk till annan webbplats. which contains 34h. So it contains more info than the Udemy course, but I haven’t listened to it all. I found the following courses on Pluralsight useful for my own understanding:
https://app.pluralsight.com/library/courses/microsoft-azure-application-insights-web-application-instrument/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/microsoft-azure-authentication-scenarios-developers/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/microsoft-azure-resources-managed-identities-implementing/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/microsoft-azure-enterprise-messaging-eventing/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/microsoft-azure-app-service-plan-managing/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/developing-web-applications-apis-protected-azure-active-directory/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/azure-cosmos-db/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/microsoft-azure-app-services-managing/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/building-authorization-azure-active-directory-developers/table-of-contents Länk till annan webbplats.
https://app.pluralsight.com/library/courses/microsoft-azure-serverless-computing-configuring/table-of-contents Länk till annan webbplats.
Practice with questions
There are questions in both the Udemy course and in Pluralsight. These are good to check your learning from the courses. Keep in mind, they are not like the questions in the actual exam.
There are offerings online to buy access to actual exam questions. I have not tried any of those. I have used an online resource that is free. I found the questions that're most relevant. Some of them may come as is at the exam and similar questions are most likely to come. There are linked references to each question. My last and final tip is to study those references. Do not settle with learning the answer to each question. Instead understand why the right answer is the right one.
I wish you the best of luck with your learning. Feedback on this article is welcome!