AZ-204: Developing Solutions for Microsoft Azure – Preparation Notes

During my preparation to AZ-204 exam I generated/gathered bunch of notes, summarizing some specific topics and emphasizing important things. They are in completely random order.

P.S. I did pass AZ-204 on August 2022. Here is the link to my Credly account.

Used Resources

My Preparation Notes

Deployment slots are live apps with their own host names. App content and configurations elements can be swapped between two deployment slots, including the production slot.

You can’t mix Windows and Linux apps in the same App Service plan.

You can potentially save money by putting multiple apps into one App Service plan, since apps in the same App Service plan all share the same compute resources.

In a default, or custom, Linux container any nested JSON key structure in the app setting any : should be replaced by __ (double underscore).

By default, Always On is not enabled and the app is unloaded after 20 minutes without any incoming requests.

Public certificates are not used to secure custom domains, but you can load them into your code if you need them to access remote resources.

Azure App Configuration is designed to be a centralized repository for feature flags.

Autoscaling could be triggered if CPU utilization grows, memory occupancy increases, the number of incoming requests to a service appears to be surging, or some combination of factors.

Autoscaling doesn’t have any effect on the CPU power, memory, or storage capacity of the web servers powering the app, it only changes the number of web servers.

Scale out action will be performed if any of the scale-out rules are met.

Scaling in action will run only if all of the scale-in rules are met.

A request that’s routed to the “staging” slot has the cookie x-ms-routing-name=staging. A request that’s routed to the production slot has the cookie x-ms-routing-name=self.

Azure Functions is a serverless compute service, whereas Azure Logic Apps provides serverless workflows.

When you delete the main storage account of the function app, the function code files are deleted and cannot be recovered.

Consumption plan functions scale out to as many as 200 instances, and Premium plan functions will scale out to as many as 100 instances.

App service plans support setting autoscaling rules based on predictive usage.

Identity-based connections are not supported with Durable Functions.

Orchestrator function code must be deterministic: it will be replayed multiple times, and it must produce the same result each time.

A storage account can include an unlimited number of containers, and a container can store an unlimited number of blobs.

Data in an Azure Storage account is always replicated three times in the primary region.

Page blobs store random access files up to 8 TB in size, and are used to store virtual hard drive (VHD) files and serve as disks for Azure virtual machines.

Data lifecycle management policy must be read or written in full. Partial updates are not supported.

Copying an archived blob to an online destination tier is supported within the same storage account only.

By default, all items that you add to an Azure Cosmos container are automatically indexed without requiring explicit index or schema management.

All Azure Cosmos DB operations must complete within a limited amount of time. Stored procedures have a limited amount of time to run on the server.

The post-trigger runs as part of the same transaction for the underlying item itself. An exception during the post-trigger execution will fail the whole transaction.

If the template specifies creating a resource but that resource already exists, Azure Resource Manager performs an update instead of creating a new asset. Azure Resource Manager updates the existing asset to the same state as it would be as new.

If you don’t specify certain properties, Resource Manager interprets the update as overwriting those values.

Containers within a group can reach each other via localhost on the ports that they have exposed, even if those ports aren’t exposed externally on the group’s IP address.

An Azure Active Directory application is defined by its one and only application object, which resides in the Azure Active Directory tenant where the application was registered (known as the application’s “home” tenant). An application object is used as a template or blueprint to create one or more service principal objects.

The security principal defines the access policy and permissions for the user/application in the Azure Active Directory tenant.

The application object is the global representation of your application for use across all tenants, and the service principal is the local representation for use in a specific tenant.

An application object has:
A 1:1 relationship with the software application, and
A 1:many relationship with its corresponding service principal object(s).

There are three consent types: static user consent, incremental and dynamic user consent, and admin consent.

You can use a stored access policy to change the start time, expiry time, or permissions for a signature, or to revoke it after it has been issued.

When the managed identity is deleted, the corresponding service principal is automatically removed.

App Configuration complements Azure Key Vault, which is used to store application secrets.

Keys stored in App Configuration are case-sensitive, unicode-based strings.

Azure App Configuration is designed to be a centralized repository for feature flags.

An API gateway sits between clients and services. It acts as a reverse proxy, routing requests from clients to services.

Event Grid efficiently and reliably routes events from Azure and non-Azure resources, and distributes the events to registered subscriber endpoints.

CloudEvents  simplifies interoperability by providing a common event schema for publishing, and consuming cloud based events.

By default, Event Grid delivers one event at a time to the subscriber, and the payload is an array with a single event.

Event Grid doesn’t guarantee order for event delivery, so subscribers may receive them out of order.

Service Bus can decouple applications and services. Data is transferred between different applications and services using messages.

Decouple applications. Improve reliability and scalability of applications and services. Client and service don’t have to be online at the same time.

Using queues to intermediate between message producers and consumers provides an inherent loose coupling between the components.

Application Map helps you spot performance bottlenecks or failure hotspots across all components of your distributed application.

You can also preload assets into an endpoint. This is useful for scenarios where your application creates a large number of assets, and you want to improve the user experience by prepopulating the cache before any actual requests occur:

Change feed support in Azure Blob Storage
The purpose of the change feed is to provide transaction logs of all the changes that occur to the blobs and the blob metadata in your storage account. The change feed provides ordered, guaranteed, durable, immutable, read-only log of these changes.

Cosmos DB NoSQL
Strong consistency offers a linearizability guarantee. The reads are guaranteed to return the most recent committed version of an item.
Bounded staleness: The reads are guaranteed to honor the consistent-prefix guarantee.
Eventual: There’s no ordering guarantee for reads. In the absence of any further writes, the replicas eventually converge.

Custom handlers can be used to create functions in any language or runtime by running an HTTP server process, for example Go or Rust.

Azure Function Bindings provide a declarative way to connect data to your code.

If WEBSITES_ENABLE_APP_SERVICE_STORAGE setting is unspecified or set to true, the /home/ directory will be shared across scale instances, and files written will persist across restarts.

A queue allows processing of a message by a single consumer. Need a CloudQueueClient to access the Azure VM.

Azure Cosmos DB
You can order by multiple properties. A query that orders by multiple properties requires a composite index.

Cosmos DB Operator role lets you provision Azure Cosmos accounts, databases, and containers, but can’t access the keys that are required to access the data.

Key Vault references currently only support system-assigned managed identities. User-assigned identities cannot be used.

Azure Function Triggers serve as Bindings. Bindings provide a declarative way to connect data to your code.

Thanks a lot for reading.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.