How to crack the Azure AZ-900 exam in 7 days – Part 2 [Understand core Azure services (30-35%)]

Published by arvindshrivastava on

Hits: 735


Click here for Syllabus

Understand the core Azure architectural components

  • Describe Regions
  • Describe Availability Zones
  • Describe Resource Groups
  • Describe Azure Resource Manager
  • Describe the benefits and usage of core Azure architectural component


Region:-A geographical area which contains at least one(multiple) datacentres that are nearby and networked together with low-latency network. Some specific services and virtual machines are only available in certain regions.

Special Azure regions :-
1)US DoD Central, US Gov Virginia, US Gov Iowa and more
2)China East, China North and more

Geographies :- Geographies in Azure is the country boundaries or geopolitical boundaries. Geographies are classified into four areas:-
1) Americas
2) Europe
3) Asia Pacific
4) Middle East and Africa

NOTE :- Each region belongs to a single geography and has specific service availability, compliance, and data residency/sovereignty rules applied to it.

Availability Zone :- It is a physically separated datacentres within an Azure region.
Each availability zone is made up of one or more datacentres equipped with independent power, cooling, and networking. All the availability zones of a region are interconnected.

Availability Zones are primarily for
1) Virtual Machines,
2) Managed disks,
3) Load balancers, and
4) SQL databases.

Region Pair :-
Each Azure region is always paired with another region within the same geography at least 300 miles away.

Additional advantages of Region Pairs include:
1) Service availability during outage in any one region.
2) Minimize downtime.

Resource Groups:– It is fundamental (basic) element of the Azure. A resource group is the logical box for resources deployed on Azure.

Important Points for Resource Groups:-
** All resources must be in a resource group and a resource can only be a member of a single resource group.
** Many resources can be moved between resource groups with some services having specific limitations or requirements to move.
** Resource groups can’t be nested.
**Before any resource can be provisioned, you need a resource group for it to be placed in.
** If a resource group is deleted , then all resources contained within are also deleted. It is more useful in maintaining non-production environment
** Role base access control (RBAC) permissions can apply to resource group.

Resource Group can be created by following methods:-
1) Azure Portal
2) Azure Powershell
3) Azure CLI
4) Azure SDKs(.Net, Java )
5) Templates

Tags :- It is a name/value pairs of test data that can be apply to resource and resource group.

Important Points for Tags
** A resource can have up to 50 tags. Name is limited to 512 character for all resource expect storage (128 character).
** A tag value is limited to 256 character.
** Tags aren’t inherited from parent resources.
** Not all resource types support tags, and tag’s can’t be applied to classic resources.

Tags can be added/ manipulated through :-
1) Azure Portal
2) Azure CLI,
3) Azure PowerShell,
4) Resource Manager templates
5) API.

Azure Policy :- It is a service that can be use to create, assign and manage policies. These policies apply and enforce rules that the resource need to follow.

Important Points for Azure Policy
** Policies can enforce things such as only allowing specific types of resources to be created, or only allowing resources in specific Azure regions.
** Use policies to enforce standards.

Role-based access control(RBAC):- It provides fine-grained access management for Azure resources, enabling you to grant users the specific rights they need to perform their jobs. RBAC is considered a core service and is included with all subscription levels at no cost.

Resource Locks:- Resource locks are a setting that can be applied to any resource to block modification or deletion.

Important Points for Azure Policy
** Resource locks can set to either Delete or Read-only.
** Delete will allow all operations against the resource but block the ability to delete it.
** Read-only will only allow read activities to be performed against it, blocking any modification or deletion of the resource.
** Resource locks can be applied to subscriptions, resource groups, and to individual resources, and are inherited when applied at higher levels.

Azure Resource Manager :- Azure Resource Manager is the deployment and management service for Azure.

Important Points for Azure Resource Manager :-
** It provides a management layer that enables you to create, update, and delete resources in your Azure account.
** You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.

1 Comment

arvindshrivastava · April 29, 2020 at 8:55 pm

Thanks a lot for your kind words. Happy to spread the light of knowledge.

Leave a Reply

Your email address will not be published. Required fields are marked *