AZ-900 Summary

💡 AZ-900 Cheat Sheet – Microsoft Azure Fundamentals

☁️ Cloud Concepts

IaaS: Virtual Machines, Load Balancers
PaaS: Azure App Service, Azure SQL Database
SaaS: Office 365, Dropbox, Outlook.com
Cloud Benefits:
- High Availability
- Scalability (Vertical/Horizontal)
- Elasticity (Auto-scale with demand)
- Agility & Speed
- Disaster Recovery & Fault Tolerance
- Shift from CapEx (hardware) → OpEx (subscription)

🌐 Network Models

Peer-to-Peer (P2P):
- No central server
- Each device acts as both client and server
- Good for small or temporary networks (e.g., file sharing apps)
- Not ideal for business environments
Client-Server:
- Central server manages requests from clients
- Easier to manage, secure, scalable
- Standard model for most business networks
Hybrid Network:
- Combo of P2P and client-server
- Offers flexibility but can be complex
In Azure Networking:
- VNet Peering: Connects two Azure virtual networks
- Point-to-Site VPN: Secure connection for individual users
- Site-to-Site VPN: Connect on-premises to Azure
- ExpressRoute: Private, high-speed connection bypassing the internet

🧰 Core Azure Services

Category	Examples
Compute	VMs, App Services, AKS
Storage	Blob, File, Disk
Networking	VNet, Load Balancer, NSG
Databases	SQL DB, Cosmos DB, PostgreSQL
Identity	Azure Active Directory (AAD)

🔐 Security & Identity

Azure AD: Central identity and access management
RBAC (Role-Based Access Control): Granular permissions
NSG (Network Security Group): Inbound/outbound rules
Azure Firewall: Layer 3–7 filtering
Azure Key Vault: Stores secrets, keys, and certificates
Security Center: Monitor and improve security posture
Azure Policy & Blueprints: Enforce standards across resources

💰 Pricing, SLA & Support

Pricing Tools:
- Azure Pricing Calculator
- TCO Calculator
Support Plans:
- Basic: Free
- Developer: Email only
- Standard: 24/7 phone support
- Pro Direct: Fastest + extra features
SLAs:
- Single VM: 99.9%
- VM in availability set: 99.95%
- VM in availability zones: 99.99%

📈 Monitoring & Management

Azure Monitor: Metrics and logs
Log Analytics: Advanced queries (KQL)
Alerts: Auto-notifications
Azure Advisor: Personalized recommendations
Azure Service Health: Track issues in your region

🏗️ Azure Structure

Regions: Geographic areas (e.g., West Europe)
Availability Zones: Physically separate datacenters
Resource Groups: Logical containers for resources
Subscriptions: Billing/account boundary
Management Groups: Organize multiple subscriptions

📋 Governance

Tags: Metadata for resources
Locks: Prevent accidental changes
Azure Policy: Enforce rules (e.g., only specific VM sizes)
Blueprints: Pre-defined templates for compliance

⚡ Quick Tips to Remember

ARM Templates = Infrastructure as Code
NSGs filter traffic; Firewalls inspect deeply
Azure AD handles identity; Key Vault handles secrets
Public Preview ≠ SLA
Availability Set = High availability inside 1 datacenter
Availability Zone = High availability across datacenters
Azure Arc = Manage multi-cloud/on-prem from Azure
Azure Stack = Run Azure in your datacenter