Now that AZ-302 has officially been retired, there is only one route to earn your Microsoft Certified: Azure Solutions Architect Expert certification. That route is to sit and pass both the AZ-300 and the AZ-301 exams. Currently this is arguably the most difficult exam certification path as it is one of only two Expert level certifications for Azure. This post will cover AZ-301, here is what Microsoft have to say about it:

This exam measures your ability to accomplish the following technical tasks: determine workload requirements; design for identity and security; design a data platform solution; design a business continuity strategy; design for deployment, migration, and integration; and design an infrastructure strategy.

Below I’ve put together a collection of links relevant to the sections highlighted as being part of the skills measured for this exam. As always, these are only guide links, sometimes you need to explore a topic much more deeply if you are not familiar with it. Hopefully these study materials will help guide you to successfully passing AZ-301!

If you spot something, or have a better link for a topic, get in touch! I will update this post as regularly as possible and always appreciate any feedback.

A good place to start is Microsoft Learn. there are several interactive learning paths that are free that you can work through at your own pace. I find this a great way to study and gain greater understanding of the services by actually using them.

Determine workload requirements

Gather Information and Requirements

This section requires broad knowledge of the platform and general IT architecture experience. My recommendation would be to familiarise yourself with the Azure Architecture Center.

Optimize Consumption Strategy

• https://devblogs.microsoft.com/premier-developer/optimize-your-azure-spend/
• https://docs.microsoft.com/en-us/azure/advisor/advisor-overview
• https://azure.microsoft.com/pl-pl/blog/optimize-your-apps-for-your-business-with-azure-application-insights/
• https://docs.microsoft.com/en-us/azure/app-service/app-service-best-practices
• https://docs.microsoft.com/en-gb/azure/virtual-machines/windows/prepay-reserved-vm-instances
• https://azure.microsoft.com/is-is/blog/azure-storage-performance-checklist/

Design an Auditing and Monitoring Strategy

• https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags
• https://docs.microsoft.com/en-us/azure/security/azure-log-audit
• https://docs.microsoft.com/en-us/azure/azure-monitor/azure-management
• https://docs.microsoft.com/en-us/azure/event-grid/custom-event-to-eventhub
• https://docs.microsoft.com/en-us/azure/security/azure-log-audit

Design for identity and security

Design Identity Management

• https://docs.microsoft.com/en-us/azure/active-directory/develop/delegated-and-app-perms
• https://docs.microsoft.com/en-us/azure/active-directory/develop/about-microsoft-identity-platform
• https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/user-provisioning
• https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-access-management

Design Authentication

• https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios
• https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/isv-sso-content

Design Authorization

• https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
• https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent
• https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
• https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-call-api

Design for Risk Prevention for Identity

• https://docs.microsoft.com/en-us/azure/role-based-access-control/role-definitions
• https://docs.microsoft.com/en-us/azure/role-based-access-control/pim-azure-resource
• https://docs.microsoft.com/en-us/azure/role-based-access-control/conditional-access-azure-management
• https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-user-access-with-access-reviews

Design a Monitoring Strategy for Identity and Security

• https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-configure-security-alerts
• https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor

Design a data platform solution

Design a Data Management Strategy

• https://docs.microsoft.com/en-us/azure/virtual-machines/windows/managed-disks-overview
• https://docs.microsoft.com/en-us/azure/architecture/data-guide/big-data/non-relational-data
• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-auditing
• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-service-tiers-dtu
• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-long-term-backup-retention-configure
• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-high-availability
• https://docs.microsoft.com/en-us/azure/sql-data-warehouse/sql-data-warehouse-best-practices

Design a Data Protection Strategy

• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-active-geo-replication
• https://docs.microsoft.com/en-us/azure/security/azure-security-encryption-atrest
• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-scalability-index (All sections)
• https://docs.microsoft.com/en-us/azure/sql-database/sql-database-control-access

Design and Document Data Flows

• https://docs.microsoft.com/en-us/azure/data-factory/data-flow-create
• https://docs.microsoft.com/en-us/azure/data-factory/concepts-data-flow-overview
• https://docs.microsoft.com/en-us/azure/data-factory/concepts-pipelines-activities

Design a Monitoring Strategy for the Data Platform

• https://docs.microsoft.com/en-us/Azure/sql-database/sql-database-insights-alerts-portal
• https://docs.microsoft.com/en-us/Azure/sql-database/sql-database-metrics-diag-logging

Design a business continuity strategy

Design a Site Recovery Strategy

• https://docs.microsoft.com/en-in/azure/site-recovery/site-recovery-faq
• https://docs.microsoft.com/en-in/azure/site-recovery/site-recovery-plan-capacity-vmware
• https://docs.microsoft.com/en-in/azure/site-recovery/recovery-plan-overview
• https://docs.microsoft.com/en-in/azure/site-recovery/concepts-traffic-manager-with-site-recovery (All sections)
• https://docs.microsoft.com/en-in/azure/site-recovery/vmware-physical-azure-support-matrix (HyperV too)

Design for High Availability

• https://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets
• https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy

Design a Data Archiving Strategy

• https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

Design for deployment, migration, and integration

Design Deployments

• https://docs.microsoft.com/en-us/azure/architecture/patterns/

Design Migrations

• https://azure.microsoft.com/en-us/migration/get-started/ (Very broad, All sections)

Design an API Integration Strategy

• https://docs.microsoft.com/en-us/azure/api-management/api-management-key-concepts
• https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-policies

Design an infrastructure strategy

Design a Storage Strategy

• https://docs.microsoft.com/en-us/azure/storage/common/storage-decide-blobs-files-disks
• https://docs.microsoft.com/en-us/azure/architecture/guide/technology-choices/data-store-overview

Design a Compute Strategy

• https://docs.microsoft.com/en-us/azure/architecture/guide/technology-choices/compute-decision-tree

Design a Networking Strategy

• https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/

Design a Monitoring Strategy for Infrastructure

• https://docs.microsoft.com/en-us/azure/architecture/best-practices/monitoring