Reading Time: 4 minutes

Below you will find a list of what is going to be tested in the new AZ-301 Microsoft Azure Architect Design exam and a link to a resource that I think will help you learn and pass the exam. It is a work in progress at the moment and I will keep updating it. If you do find a link that is not working, or I have linked to the wrong resource. Please let me know. Also if you would like to help fill in the blanks please leave a comment below.

At Microsoft Ignite, they had a session on this Exam. It is worth the watch.

Skills measured from AZ-301: Microsoft Azure Architect Design exam

Determine Workload Requirements (10-15%)

Gather Information and Requirements

Identify compliance requirements, identity and access management infrastructure, and service-oriented architectures (e.g., integration patterns, service design, service discoverability)

Identify accessibility (e.g. Web Content Accessibility Guidelines), availability (e.g. Service Level Agreement), capacity planning and scalability, deploy-ability (e.g., repositories, failback, slot-based deployment), configurability, governance, maintainability (e.g. logging, debugging, troubleshooting, recovery, training), security (e.g. authentication, authorization, attacks), and sizing (e.g. support costs, optimization) requirements

Recommend changes during project execution (ongoing)

Evaluate products and services to align with solution

Create testing scenarios

https://www.pluralsight.com/courses/microsoft-azure-enterprise-architecture-information-gathering

Optimize Consumption Strategy

Optimize app service, compute, identity, network, and storage costs

http://bit.ly/2FvYsKH

Design an Auditing and Monitoring Strategy

Define logical groupings (tags) for resources to be monitored	http://bit.ly/2PhpJSV
Determine levels and storage locations for logs	http://bit.ly/2Pk0IXc
Plan for integration with monitoring tools	http://bit.ly/2Pe3Nbo
Recommend appropriate monitoring tool(s) for a solution
Specify mechanism for event routing and escalation
Design auditing for compliance requirements	http://bit.ly/2PhpZ4l
Design auditing policies and traceability requirements

http://bit.ly/2FvdgsL

Design for Identity and Security (20-25%)

Design Identity Management

Choose an identity management approach

Design an identity delegation strategy, identity repository (including directory, application, systems, etc.)

Design self-service identity management and user and persona provisioning

Define personas and roles

Recommend appropriate access control strategy (e.g., attribute-based, discretionary access, history-based, identity-based, mandatory, organization-based, role-based, rule-based, responsibility-based)

http://bit.ly/2FtS0Uk

Design Authentication

Choose an authentication approach

Design a single-sign on approach

Design for IPSec, logon, multi-factor, network access, and remote authentication

http://bit.ly/2FvvFpy

Design Authorization

Choose an authorization approach

Define access permissions and privileges

Design secure delegated access (e.g., oAuth, OpenID, etc.)

Recommend when and how to use API Keys

http://bit.ly/2Fsim9k

Design for Risk Prevention for Identity

Design a risk assessment strategy (e.g., access reviews, RBAC policies, physical access)

Evaluate agreements involving services or products from vendors and contractors

Update solution design to address and mitigate changes to existing security policies, standards, guidelines and procedures

http://bit.ly/2Fu7zLL

Design a Monitoring Strategy for Identity and Security

Design for alert notifications

Design an alert and metrics strategy

Recommend authentication monitors

http://bit.ly/2FyZ0PE

Design a Data Platform Solution (15-20%)

Design a Data Management Strategy

Choose between managed and unmanaged data store

Choose between relational and non-relational databases

Design data auditing and caching strategies

Identify data attributes (e.g., relevancy, structure, frequency, size, durability, etc.)

Recommend Database Transaction Unit (DTU) sizing

Design a data retention policy

Design for data availability, consistency, and durability

Design a data warehouse strategy

http://bit.ly/2FveB2L

Design a Data Protection Strategy

Recommend geographic data storage

Design an encryption strategy for data at rest, for data in transmission, and for data in use

Design a scalability strategy for data

Design secure access to data

Design a data loss prevention (DLP) policy

http://bit.ly/2Fsq7Mi

Design and Document Data Flows

Identify data flow requirements

Create a data flow diagram

Design a data flow to meet business requirements

Design a data import and export strategy

http://bit.ly/2Fvouh5

Design a Monitoring Strategy for the Data Platform

Design for alert notifications

Design an alert and metrics strategy

http://bit.ly/2FzD8nF

Design a Business Continuity Strategy (15-20%)

Design a Site Recovery Strategy

Design a recovery solution

Design a site recovery replication policy

Design for site recovery capacity and for storage replication

Design site failover and failback (planned/unplanned)

Design the site recovery network

Recommend recovery objectives (e.g., Azure, on-prem, hybrid, Recovery Time Objective (RTO), Recovery Level Objective (RLO), Recovery Point Objective (RPO))

Identify resources that require site recovery

Identify supported and unsupported workloads

Recommend a geographical distribution strategy

http://bit.ly/2FwxItl

Design for High Availability

Design for application redundancy, autoscaling, data center and fault domain redundancy, and network redundancy

Identify resources that require high availability

Identify storage types for high availability

http://bit.ly/2Fvv1Za

Design a disaster recovery strategy for individual workloads

Design failover/failback scenario(s)

Document recovery requirements

Identify resources that require backup

ecommend a geographic availability strategy

http://bit.ly/2FsQgL7

Design a Data Archiving Strategy

Recommend storage types and methodology for data archiving

Identify requirements for data archiving and business compliance requirements for data archiving

Identify SLA(s) for data archiving

http://bit.ly/2FszQ5w

Design for Deployment, Migration, and Integration (10-15%)

Design Deployments

Design a compute, container, data platform, messaging solution, storage, and web app and service deployment strategy

http://bit.ly/2FukCga

Design Migrations

Recommend a migration strategy

Design data import/export strategies during migration

Determine the appropriate application migration, data transfer, and network connectivity method

Determine migration scope, including redundant, related, trivial, and outdated data

Determine application and data compatibility

http://bit.ly/2FukGMW

Design an API Integration Strategy

Design an API gateway strategy

Determine policies for internal and external consumption of APIs

Recommend a hosting structure for API management

http://bit.ly/2FvG3xs

Design an Infrastructure Strategy (15-20%)

Design a Storage Strategy

Design a storage provisioning strategy

Design storage access strategy

Identify storage requirements

Recommend a storage solution and storage management tools

http://bit.ly/2FvwE9e

Design a Compute Strategy

Design compute provisioning and secure compute strategies

Determine appropriate compute technologies (e.g., virtual machines, functions, service fabric, container instances, etc.)

Design an Azure HPC environment

Identify compute requirements

ecommend management tools for compute

http://bit.ly/2FvfOXR

Design a Networking Strategy

Design network provisioning and network security strategies

Determine appropriate network connectivity technologies

Identify networking requirements

Recommend network management tools

http://bit.ly/2FsewwZ

Design a Monitoring Strategy for Infrastructure

Design for alert notifications

Design an alert and metrics strategy

http://bit.ly/2Fsr3Ai

I hope you found this helpful and Good Luck in your exams!