AZ-900 – Module 2 – Core Azure services

Core Azure architectural components

Regions and Region Pairs

  • Description: Azure Regions are geographically dispersed data center locations where Azure services and resources are hosted. Region Pairs consist of two Azure Regions within the same geography used for data replication and disaster recovery.
  • Benefits: Regions ensure high availability, data residency compliance, and low-latency access. Region Pairs provide fault tolerance, disaster recovery, and business continuity.


  • A region represents a collection of datacenters.
  • Provide flexibility and scale.
  • Preserve data residency.
  • Select regions close to your users.
  • Be aware of region deployment availability.
  • There are global services that are region independent.

Region Pairs

  • Each Azure region is paired with another region.
  • Azure prefers at least 300 miles of separation between datacenters in a regional pair.
  • Some services provide automatic replication to the paired region.
  • In an outage, recovery of one region is prioritized out of every pair.
  • Azure system updates are rolled out to paired regions sequentially (not at the same time).

Availability Zones

  • Description: Availability Zones are physically separate data centers within an Azure Region, each with its own power, cooling, and networking.
  • Benefits: Availability Zones enhance application availability, resilience, and fault tolerance by distributing resources across isolated data centers.
  • Physically separate locations within an Azure region.
  • Takes availability sets to the next level
  • Includes one or more datacenters, equipped with independent power, cooling, and networking.
  • Acts as an isolation boundary.
  • If one availability zone goes down, the other continues working.

Learn and SkillPipe content:

Azure Resources

  • Description: Azure Resources refer to individual services or components offered by Azure, used to build and operate cloud-based solutions.
  • Benefits: Azure Resources provide flexibility, scalability, and customization options for building and managing various cloud services and infrastructure.

Resource Groups

  • Description: Resource Groups are logical containers that help organize and manage Azure Resources as a single unit.
  • Benefits: Resource Groups simplify resource management, enhance billing transparency, enable access control, and facilitate tagging and policy enforcement.

Azure Resource Manager

  • Description: Azure Resource Manager is the management layer that streamlines the deployment & management.
  • Benefits: ARM enables infrastructure as code (IaC), centralizes access control, and provides governance capabilities for resource provisioning and management.


  • Description: Azure Subscriptions are billing containers used to manage and control costs associated with Azure services.
  • Benefits: Subscriptions facilitate cost tracking, access control through Azure Active Directory, and the creation of separate environments within an Azure tenant.

Azure Management Groups

  • Description: Azure Management Groups allow organizations to group multiple Azure Subscriptions into a hierarchical structure for streamlined governance.
  • Benefits: Management Groups provide consistent governance policies, centralized role assignments, and efficient enforcement of organization-wide policies across multiple subscriptions.

Management Groups

Management groups provide a governance scope above subscriptions. You organize subscriptions into management groups; the governance conditions you apply cascade by inheritance to all associated subscriptions.

  • Management groups can include multiple Azure subscriptions.
  • Subscriptions inherit conditions applied to the management group.
  • 10,000 management groups can be supported in a single directory.
  • A management group tree can support up to six levels of depth.

Learn and SkillPipe content:

Core Azure workload products

Azure compute services

Azure compute is an on-demand computing service that provides computing resources such as disks, processors, memory, networking, and operating systems.

Learn and SkillPipe content:

Azure virtual machine

Azure Virtual Machines (VM) are software emulations of physical computers. Includes virtual processor, memory, storage, and networking. IaaS offering that provides total control and customization.

  • Development and test – Azure VMs offer a quick and easy way to create a computer with specific configurations required to code and test an application.
  • Applications in the cloud – Because demand for your application can fluctuate, it might make economic sense to run it on a VM in Azure. You pay for extra VMs when you need them and shut them down when you don’t.
  • Extended datacenter – Virtual machines in an Azure virtual network can easily be connected to your organization’s network.

Learn and SkillPipe content:

Azure App Services

Azure App Services is a fully managed platform to build, deploy, and scale web apps and APIs quickly.

  • Works with .NET, .NET Core, Node.js, Java, Python, or php.
  • PaaS offering with enterprise-grade performance, security, and compliance requirements.

Learn and SkillPipe content:

Azure Container Services

Containers are a virtualization environment. However, unlike virtual machines, you do not manage an operating system. Containers are meant to be lightweight, and are designed to be created, scaled out, and stopped dynamically.

Azure Container Instances: a PaaS offering that runs a container in Azure without the need to manage a virtual machine or additional services.

Azure Kubernetes Service: an orchestration service for containers with distributed architectures and large volumes of containers.

Learn and SkillPipe content:

Azure Virtual Desktop

Azure Virtual Desktop is a desktop and app virtualization that runs in the cloud.

  • Create a full desktop virtualization environment without having to run additional gateway servers.
  • Publish unlimited host pools to accommodate diverse workloads.
  • Reduce costs with pooled, multi-session resources.

Learn and SkillPipe content:

Azure networking services

Azure Virtual Network (VNet) enables Azure resources to communicate with each other, the internet, and on-premises networks.

Virtual Private Network Gateway (VPN) is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public internet.

Azure Express Route extends on-premises networks into Azure over a private connection that is facilitated by a connectivity provider.

Learn and SkillPipe content:

Azure storage services

Container storage (blob) is optimized for storing massive amounts of unstructured data, such as text or binary data.

Disk storage provides disks for virtual machines, applications, and other services to access and use.

Azure Files sets up a highly available network file shares that can be accessed by using the standard Server Message Block (SMB) protocol.

Learn and SkillPipe content:

Azure storage access tiers

Hot – Optimized for storing data that is accessed frequently.

Cool – Optimized for storing data that is infrequently accessed and stored for at least 30 days.

Archive – Optimized for storing data that is rarely accessed and stored for at least 180 days with flexible latency requirements.

Note: You can switch between these access tiers at any time.

Learn and SkillPipe content:

Azure database services

Azure Cosmos Database is a globally-distributed database service that elastically and independently scales throughput and storage. 

Azure SQL Database is a relational database as a service (DaaS) based on the latest stable version of the Microsoft SQL Server database engine.

Azure Database for MySQL is a fully-managed MySQL database service for app developers.

Azure Database for PostgreSQL is a relational database service based on the open-source Postgres database engine. 

Note: These are just a few of database service offerings. 

Learn and SkillPipe content:

Azure SQL Managed Instance

Azure SQL Managed Instance is the intelligent, scalable cloud database service that combines the broadest SQL Server database engine compatibility with all the benefits of a fully managed and evergreen platform as a service. SQL Managed Instance has near 100% compatibility with the latest SQL Server (Enterprise Edition) database engine, providing a native virtual network (VNet) implementation that addresses common security concerns, and a business model favorable for existing SQL Server customers. SQL Managed Instance allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes. At the same time, SQL Managed Instance preserves all PaaS capabilities (automatic patching and version updates, automated backups, high availability) that drastically reduce management overhead and TCO.

  • Fully managed and evergreen platform as a service.
  • Preserves all PaaS capabilities (automatic patching and version updates, automated backups, and high availability)
  • Exchange existing licenses for discounted rates on SQL Managed Instance using the Azure Hybrid Benefit

Learn and SkillPipe content:

Explore Azure Marketplace

Azure Marketplace allows customers to find, try, purchase, and provision applications and services from hundreds of leading service providers, which are all certified to run on Azure.

  • Open source container platforms.
  • Virtual machine and database images.
  • Application build and deployment software.
  • Developer tools.
  • And much more, with 10,000+ listings!

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post