Study Guide for AZ-305: Part 7 – Design a migration solution

Hi friends!

Welcome to the next blog post (Part 7/12) from the Az-305 series to help you get ready for the AZ-305 exam. This post is special and will finalize one of the biggest sections – “Design Infrastructure Solutions ” for this exam.

Please, check the previous blog posts listed below, if you landed on this page for the first time 🙂

Table of content (blog series)

What is an IT Migration?

An IT Migration is basically a movement of data or software from one system to another. Also, depending on the complexity of the project, an IT migration involves data migration, application migration, operating system (OS) migration, and others.

A typical migration project usually involves the movement of data too, which is called – Data Migration. Here is the definition of data migration from Wikipedia.

Data migration is the process of selecting, preparing, extracting, and transforming data and permanently transferring it from one computer storage system to another. Additionally, the validation of migrated data for completeness and the decommissioning of legacy data storage are considered part of the entire data migration process.[1][2] Data migration is a key consideration for any system implementation, upgrade, or consolidation, and it is typically performed in such a way as to be as automated as possible, freeing up human resources from tedious tasks. Data migration occurs for a variety of reasons, including server or storage equipment replacements, maintenance or upgrades, application migration, website consolidation, disaster recovery, and data center relocation

Data Migration, Wikipedia

In last few years we also have new type of migration – called cloud migration.

WHAT is the migration solution in azure?

There are many different ways you could run your migration projects.
Microsoft Azure provides specialized tools to help you migrate your IT solutions from on-premises and other cloud platforms into Azure. Thus, you could take advantage of  Azure Migrate offers to you..

Azure Migrate provides a centralized hub to assess and migrate on-premises servers, infrastructure, applications, and data to Azure. It provides a range of tools to help you in the migration process. Please, check an official Microsoft documentation on Azure Migrate services here.

Shifting customers to the cloud with Microsoft Azure Migration - MachSol  Blog

Part 7: Design a migration solution

The references below are taken from official Microsoft docs and focused on designing Migration solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.

This collection of links are gathered with a focus toward the exam objectives of AZ-305 certification exam.

Azure migration guide overview
Azure cloud migration best practices checklist
What is Azure Import/Export service?
Overview of Data Migration Assistant
About Azure Migrate
Total Cost of Ownership (TCO) Calculator
Azure Pricing calculator
Use Storage Migration Service to migrate a server
What is the Microsoft Cloud Adoption Framework for Azure?

[Tutorial] Implement a hybrid file server infrastructure
[Tutorial] Accelerate your migration and modernization journey to Azure
[Tutorial] Prepare on-premises workloads for migration to Azure
[Tutorial] Migrate your relational data stored in SQL Server to Azure SQL Database
[Tutorial] Set up Azure Migrate for server migration
[Tutorial] Applications and infrastructure migration and modernization
[Tutorial] Design your migration to Azure

What is Azure Database Migration Service?
Using Service Map solution in Azure
Azure Data Box documentation – Offline transfer
Cloud Adoption Framework migration model


Thank you for visiting the AZ-305 Study Guide and checking the Part 7: Design a Migration solution.

The next blog post will start the “Designing Data Storage Solutions” section with the Part 8: Design a non-relational data storage solution.

Study Guide for AZ-305: Part 6 –Design a network infrastructure solution

Hi Cloud Marathoners!

Welcome to the new blog post (Part 6/12) from the Az-305 series to help you get ready for the AZ-305 exam.

You could also check the previous posts listed below, if you landed on this page for the first time 🙂

Table of content (blog series)

What is a Network Infrastructure?

A Network Infrastructure is the physical equipment (also known as, hardware) as well as the software applications that support your company’s services to run. Types of network infrastructure include foundational hardware, software, services and facilities.

The physical network infrastructure requires cabling, routers, switches, and other pieces of equipment which help support them and make sure they are connected internally and externally. However, most Cloud Solution Providers (CSPs) virtualize this physical infrastructure and provide software defined, virtual networks.

Architecture: Global transit network architecture - Azure Virtual WAN |  Microsoft Docs
Click and check the Azure Virtual WAN

WHAT are the network infrastructure solution in azure?

Azure network infrastructure connects and delivers your hybrid and cloud-native applications with low-latency, with Zero Trust based networking services.

The networking services in Azure provide a variety of networking capabilities that can be used together or separately. Those key capabilities are grouped into four services and described on Azure networking services overview :

Front Door Service overview
Click to check the Azure Front Door Service

Part 6: Design a network infrastructure solution

The references below are taken from official Microsoft docs and focused on designing Network Infrastructure solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.

This collection of links are gathered with a focus toward the exam objectives of AZ-305 certification exam.

Azure Virtual Network frequently asked questions (FAQ)
Azure subscription and service limits, quotas, and constraints
Virtual network peering
Create, change, or delete a virtual network peering
Load-balancing with Azure’s application delivery suite
What is Traffic Manager?
Traffic Manager Frequently Asked Questions (FAQ)
How Traffic Manager Works

Traffic Manager routing methods
Network security groups
Create a Network Security Group
Microsoft.Network networkSecurityGroups
Azure network security overview
What is Azure Bastion?
[Tutorial]: Introduction to Azure Bastion
[Tutorial]: Configure Bastion and connect to a Windows VM
Azure Bastion FAQ
Using S2S VPN as a backup for ExpressRoute private peering


Thank you for visiting the AZ-305 Study Guide and checking the Part 6 – Design a network infrastructure solution.

The next blog post will cover the Part 7: Design a migration solution.

Study Guide for AZ-305: Part 5 – Design an application architecture solution

Hello friends!

Welcome to the new blog post (Part 5/12) from the Az-305 series to help you get ready for the AZ-305 exam.

Please, check the previous post(s) listed below, if you landed on this page for the first time 🙂

Table of content (blog series)

What is an Application Architecture ?

An application architecture is a structural map of how an organization’s software applications are assembled and how those applications interact with each other to meet business or user requirements. An application architecture helps ensure that applications are scalable and reliable, and assists enterprises identify gaps in functionality.

The Techtarget

Generally speaking, application architecture defines how applications interact with components such as middleware, databases and other applications. There are many different application architectures like; N-Tier, Web-Queue-Worker, Service-Oriented (SOA), Event-Driven, and others.

Cloud Application Architecture Guide

WHAT are the characteristics of APPlication Architecture in azure?

The Azure Application architecture requires a structured approach while designing applications that are capable to operate with the following characteristics; scalable, resilient and highly available.

The cloud is changing how applications are designed and secured. Instead of monoliths, applications are decomposed into smaller, decentralized services. These services communicate through APIs or by using asynchronous messaging or eventing. Applications scale horizontally, adding new instances as demand requires.

Microsoft Docs
Diagram that shows the structure of this guide, with the sections of this article represented in a flow diagram.
Azure application architecture fundamentals

Microsoft has provided a very valuable resource on Azure architecture that you could check on Azure Architecture Center. Check this resource for best practices and patterns for your current or upcoming application that you plan to design and run on Azure.

Part 5: Design an application architecture solution

The references below are taken from official Microsoft docs and focused on designing Application solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 😉.

This collection of links are gathered with a focus toward the exam objectives of AZ-305 certification exam.

Choose between Azure messaging services – Event Grid, Event Hubs, and Service Bus
What is Azure Queue Storage?
Service Bus queues, topics, and subscriptions
Storage queues and Service Bus queues – compared and contrasted
Azure Event Hubs — A big data streaming platform and event ingestion service
Features and terminology in Azure Event Hubs
Use Azure Event Hubs from Apache Kafka applications
Capture events through Azure Event Hubs in Azure Blob Storage or Azure Data Lake Storage

[CASE STUDY] Migrate to a microservices architecture / Microsoft Azure and Microsoft Azure Cosmos DB
What is Azure Event Grid?
IoT Concepts and Azure IoT Hub
Connecting IoT Devices to Azure: IoT Hub and Event Hubs
About Azure Cache for Redis
[Tutorial] Introduction to Azure IoT Hub
[Tutorial] Introduction to Azure Cache for Redis

About API Management
Feature-based comparison of the Azure API Management tiers
What are ARM templates?
What is Bicep?
[GitHub] AWESOME Azure Bicep 💪
Comparing JSON and Bicep for templates
Frequently asked questions for Bicep
Use infrastructure automation tools with virtual machines in Azure
What is Azure App Configuration?
[Tutorial] Fundamentals of Bicep


Thank you for visiting the AZ-305 Study Guide and checking the Part 5 – Design an application architecture solution.

The next blog post will cover the Part 6: Design a network infrastructure solution.

I am now a Microsoft Azure MVP. Thank you for a nomination & award!

Hello Cloud Marathoners!

March 2022 has been an exciting and special month in my life. I have received an email saying that I had been awarded with the Microsoft Most Valuable Professional 🚀 (MVP) award. WOW !!!

Microsoft MVP Award
Click on a image to learn more about Microsoft MVP Award 🙂

Who are MVPs?

Microsoft Most Valuable Professionals, or MVPs, are technology experts who passionately share their knowledge with the community. They are always on the “bleeding edge” and have an unstoppable urge to get their hands on new, exciting technologies. They have very deep knowledge of Microsoft products and services, while also being able to bring together diverse platforms, products and solutions, to solve real world problems. MVPs make up a global community of over 4,000 technical experts and community leaders across 90 countries/regions and are driven by their passion, community spirit, and quest for knowledge. Above all and in addition to their amazing technical abilities, MVPs are always willing to help others – that’s what sets them apart.

Microsoft MVP Program

As you might know, the Microsoft MVP program rewards  the “technology experts who passionately share their knowledge with the community”.  

There are many categories of MVP awards, and I am proud to become a Microsoft Azure MVP this year. You could check the rest of the award categories here:

  • Artificial Intelligence
  • Business Applications
  • Cloud & Datacenter Management
  • Developer Technologies
  • Data Platform
  • Enterprise Mobility
  • Microsoft Azure
  • Office Development
  • Office Apps & Services
  • Windows Development
  • Windows & Devices for IT

Wondering what it takes to become an MVP?

Interested in becoming an MVP ❓🤔
What does it take to become an MVP ❓🤔

Then => check an Official Microsoft page to get started on your journey 🗺 .

What is next?

I am still in a pleasant shock, and simply to say that “I am proud and humbled to receive this award” is an understatement.

Now, I am looking toward to take part in this awesome event – “Microsoft MVP Global Summit 2022” and meet legend #MVPs 🚀 🚀🚀

Click on a image to learn more about Microsoft MVP Global Summit 2022 🙂

I am really excited about this new journey and invite you – the Cloud Marathoners ⛅🏃‍♂️🏃‍♀️ to be an important part of this journey !!!

Study Guide for AZ-305: Part 3 –Design a solution to log and monitor Azure resources

Hello friends!

This is the continuation (Part 3/12) of blog post series to help you get ready for the latest AZ-305 exam.

Feel free to check the previous posts listed below, if you did not look into them yet 🙂

Table of content (blog series)

What is the Monitoring ?

The monitoring is a skill and not a full-time job. In today’s world of cloud-based architectures that are implemented through DevOps projects, developers, SREs, and operations staff must collectively define an effective cloud monitoring and logging strategy. This strategy should focus on identifying when service-level objectives (SLOs) and service-level agreements (SLAs) are not being met, likely negatively affecting the user experience.

Cloud monitoring is a method of reviewing, observing, and managing the operational workflow in a cloud-based IT infrastructure. Manual or automated management techniques confirm the availability and performance of websites, servers, applications, and other cloud infrastructure.

Azure Monitor overview
Azure Monitor Overview

WHAT YOU CAN DO WITH logging and monitoring?

Azure Monitor helps you maximize the availability and performance of your applications and services. It delivers a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. This information helps you understand how your applications are performing and proactively identify issues affecting them and the resources they depend on.

Microsoft docs

The Azure Monitor collects the following sets of data:

  • ✔️ Application Monitoring data
  • ✔️ Guest OS monitoring data
  • ✔️ Azure resource monitoring data
  • ✔️ Azure subscription monitoring data
  • ✔️ Azure tenant monitoring data
Measuring Metrics: Log Analytics vs Azure Metrics - Part 1 Introduction -
Azure Monitoring and Log Analytics Overview

Part 3: Design a solution to log and monitor Azure resources

The references below are taken from official Microsoft docs and focused on designing logging and monitoring Azure solutions.

This collection of links are gathered with a focus toward the exam objectives of AZ-305 certification exam.

Analyze your Azure infrastructure by using Azure Monitor logs
Best practices for monitoring cloud applications
Cost Management tools in Azure
What are Azure Active Directory reports?

Overview of Log Analytics in Azure Monitor
Tutorial: Log Analytics
Monitor performance of virtual machines by using Azure Monitor VM Insights
Designing your Azure Monitor Logs deployment
Overview of Azure Monitor agents

Azure Monitor Frequently Asked Questions
Azure Monitor Workbooks
Application Insights overview
Azure Data Explorer


Thank you for visiting the AZ-305 Study Guide and checking the Part 3 – Design a solution to log and monitor Azure resources.

The next blog post will cover the Part 4: Design a compute solution.

Study Guide for AZ-305: Part 1 – Design a Governance Solution

Hello friends,

As you might already know, a new AZ-305 exam for Azure Architects has been officially released a few days ago!!!

I would like to take this opportunity and help all my students and followers with preparation for this important exam.

My plan is to create a blog post series that cover official and community learning materials in addition to the Microsoft Learn, self-paced learning modules.

Table of content (blog series)

This exam is focused on designing cloud and hybrid solutions on Microsoft #Azure, and was made with #architects in mind 😏

A list of helpful reference materials that will complement your four Microsoft Learn AZ-305: XXX learning paths on the official learning site are screenshotted below for your references 🙂

What is the Cloud Governance ?

The Cloud Governance is a framework that guides how end users make use of cloud services by defining and creating policies to control costs, minimize security risks, improve efficiency and accelerate deployment. It’s imperative to have good cloud governance because it’s a foundational element to your cloud practice that provides the ability to scale and be successful.

In short, the governance in Azure is one aspect of Azure Management. This includes the tasks and processes required to maintain your business applications and the resources that support them. Azure has many services and tools that work together to provide complete management. 

What you can do with Azure Governance?

  • Enforce and audit your policies for any Azure service
  • Create compliant environments using Azure Blueprints, including resources, policies, and role-access controls
  • Ensure that you’re compliant with external regulations by using built-in compliance controls
  • Monitor spend and encourage accountability across your entire organization

The references below are taken from official Microsoft docs and focused on designing Azure governance solutions.

Build Enterprise Agile Azure Governance Foundation

Part 1: Design a governance solution

The references below are taken from official Microsoft docs and focused on designing Governance solutions in Azure. You could also find it helpful to check the Microsoft docs and learning paths with [Tutorials] below 🙂

This collection of links is gathered with a focus on the exam objectives of the AZ-305 certification exam.

How to protect your resource hierarchy
Cloud governance guides
What are Azure management groups
Azure subscription and service limits, quotas, and constraints
What is Azure Resource Manager
Lock resources to prevent unexpected changes
Use tags to organize your Azure resources and management hierarchy

Azure Policy
What is Azure Policy?
Azure Policy built-in policy definitions
Azure Policy built-in initiative definitions
What is Azure role-based access control (Azure RBAC)?
Organize and manage multiple Azure subscriptions
Recommended policies for Azure services
What are Azure management groups?
[Tutorial] Describe core Azure architectural components
[Tutorial] Microsoft Cloud Adoption Framework for Azure
Governance in the Microsoft Cloud Adoption Framework for Azure
Define your tagging strategy


Thank you for visiting the AZ-305 Study Guide and checking the Part 1 – Design a Governance solution.

The next one will be Part 2: Design Authentication and Authorization Solutions.

Welcoming the Microsoft Exam Simulator ✔️

Hi Cloud Marathoners!

It is pretty common for every new student to be worried about exam software ⚙️ and its user expereince, in addition to being prepared for the exam. However, this is not an issue anymore.

Microsoft Learn has introduced a demo exam simulator that looks, works and feels like you are having a real Microsoft exam. This news was just announced by Microsoft Learn Blog.

I believe this is an important help for all the #cloudmarathoners and friends who are just starting their Microsoft Azure journey.

Why is it helpful?

Well, using this new exam sandbox should better prepare you for the exam experience. This should also increase your familiarity with the user interface, how to navigate between exam sections, pages and Q&A.

This simulator also shows you what actions are required to answer each of the different question types, where information about the exam is located, how to mark questions for review and how to provide comments at the end of the exam.


Keep in mind that a secure browser that will be launched during a real exam will block all third-party applications running on your computer. Thus, I would strongly advise you to install and run the exam provider’s (like, Pearson VUE or any other) simulator on your local computer a day or two before the actual exam date. This will be an additional peace of mind to have in your checklist for a pleasant exam experience.


I sincerely wish you Good Luck ❤️ in your upcoming exam(s) !

Are you ready to give it a try ?
Then check it out for #free >>

References: New to Microsoft certification exams?

Study guide DA-100: Analyzing Data with Microsoft Power BI

Hello Cloud Marathoners!

I am very happy to announce my next Microsoft certification badge!.
This time, I was able to pass the DA-100: Analyzing Data with Microsoft Power 🚀 BI.

Microsoft Certified: Data Analyst Associate

If you are looking forward to get prepared for this exam, then check out the following resources:

📌 Microsoft Learn modules:
➟ Get started with Microsoft data analytics

➟ Prepare data for analysis

➟ Model data in Power BI

➟ Visualize data in Power BI

➟ Data analysis in Power BI

➟ Manage workspaces and datasets in Power BI

📌 YouTube courses:
➟ Analyzing Data with Microsoft Power BI | DA-100 Certification Exam Prep

➟ DA-100: Analyzing Data with Microsoft Power BI – FULL COURSE in 2 hours

📌 Udemy Course:
➟ DA-100 certification: Analyzing Data with Microsoft Power BI by Phillip Burton at

Microsoft Learn Updates Jan 14, 2022

If you’ve already earned the Data Analyst Associate certification, you will see the new name in your Certification Dashboard on February 28, 2022.

If you’ve been studying for Exam DA-100, no worries. You have until March 31, 2022, to take it. 

If you’ve just started preparing for Exam DA-100, consider reviewing the skills requirements for new Exam PL-300 and switching your focus to the new exam because the exams are very similar.  However, between February 28 and March 31, 2022, learners can pass either exam to earn their Power BI Data Analyst Associate certification.

Microsoft Lean blog
thumbnail image 1 of blog post titled 
							Announcing a new name for the Data Analyst Associate certification


Thank you for reading this post and checking the preparation resources.

Please, feel free to share your experience, as i am planning to keep this post up to date with your valuable contributions going forward. #keeplearning

Azure Bicep First Look course is released!

Happy Friday friends,

Are you looking for a simpler, more efficient way to author infrastructure resources in Azure?

Azure Bicep First Look course

If so, you’re in luck. Azure Bicep is here to help. Bicep is a new domain-specific language (DSL) for deploying resources in Azure. It’s also a much cleaner, more concise language than ARM JSON—cloud admins and DevOps professionals, rejoice!

Please, let me know if you need any help with my new Azure Bicep First Look course.

I am here to help you in your Cloud journey!
Stay tuned for more Azure content!

What are the good options to manage sensitive info in Azure Bicep?

Hello Cloud Marathoners,

Every seasoned IT professional knows that sensitive information should not be exposed as a clear text on any code. This is especially true for infrastructure-as-code (aka, IaC) scenarios where passwords and keys are part of the deployment.

One way to stay compliant in accomplishing this goal is the integration of an Azure Key Vault service into your deployment code. This Azure security service is primarily intended to store sensitive information like password, keys, certificates, connections, etc.

In this post, we will look into two different ways how we could integrate Azure Key Vault services in our Azure Bicep code.

Option – 1: Using getSecret() function

Our first option is to delegate this important work to a getSecret() function. This option could be used with an existing Azure Key Vault resource that is declared in your Azure Bicep code.

Let’s look into an example where an existing Azure Key Vault service is referenced to provide administrative password for SQL server deployment.

Deploying Azure SQL instance with Azure Key Vault

This sample Bicep code is using sqldb.bicep file as a module, where parameters; such as sqlServerName and adminLogin are passed through with a secret name of ExamplePassword.

The ExamplePassword secret name should be already set and ready in the referenced Key Vault service above. Here is the view of this secret on Azure portal.

Azure Key Vault with secretes in portal

Let’s have a quick view into the sqldb.bicep file, as it is referenced in the main Bicep file.

sqldb.bicep file

Now, let’s deploy these resources with a secret value from Key Vault resource that has a secret name ExamplePassword.

What happened? I am getting an error on my first deployment execution 🙁

Error on deploying Bicep code with SQL server provisioning

Upon carefully analyzing error, I see the following reason for this error:

At least one resource deployment operation failed. Please list deployment operations for details. Please see for usage details.”,”details”:[{“code”:”RegionDoesNotAllowProvisioning”,”message”:”Location ‘East US 2’ is not accepting creation of new Windows Azure SQL Database servers at this time.

Azure deployment error

Based on the error message, we change the location to eastus and re-run the script. Now, we got the following positive result in console and portal:

Deployment results in Azure Portal RG

Next, we will attempt to login into a SQL Server instance.
A successful login will look like the following screen:

Successful login into the SQL instance

Important Note:

If you are getting an error during the login then try to check the following steps:

  • adminLogin name is entered correctly
  • your IP address is added to the SQL server firewall rules
  • grab a cup of coffee and check back in 5 minutes

Description of a typical login error into a SQL server instance is provided below. I checked the firewall rules and made a cup of coffee => before getting a successful log-in 🙂

Requires your location IP activation

Option -2: Referencing as a secretName in parameter

The second option is pretty straightforward, if you have already used it on ARM template deployments.

Note: Please check out the following post – Four parameterization options for your Azure Bicep deployments for detailed information on available options.

We just need to reference Azure Key Vault secret like in the following example:

Using a parameter file and referencing the Key Vault secretName will do the trick in extracting the value and provisioning your resource.

Let’s run the bicep file that deploys multiple RGs and an Azure VM that uses VMPassword secret.

Running deployment with Bicep parameter file

A successful deployment provisions following RG with the VM resources:

Next, we should smoke test our deployment by locating the resource group “rg-demo-vm-1116” and using deployment parameters to RDP into Windows server:

Finally, we are able to see that secret and admin user name pair worked as expected

Azure VM deployed using Key Vault secret


In this post, we looked into two available options that harden our infrastructure code by removing hard-coded sensitive information and replacing it with Azure Key Vault reference. Thus, avoiding any potential leaks of passwords, secrets, etc.

IMHO, first option is better than the later one, because it does not expose subscription id and other small details.

What will be your choice? Please, share on LinkedIn post comments section.

Thank you for your interest my #cloudmarathoner friends!
Please, check other Azure Bicep posts and let me know your feedback.

What is next?

All code samples and presented Bicep files are placed in “Learn-Bicep” GitHub repo 👉

Please, join me to learn more about Azure Bicep 💪 on an Omaha Azure User Group meetup scheduled to happen on November 17th.