🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
AZ-305
AZ-305 Microsoft Azure

Solutions Architect

The AZ-305 certification course teaches how to design and implement enterprise‑grade identity, governance, data storage, business continuity, and infrastructure solutions on Microsoft Azure, ensuring scalable, secure, and compliant architectures.

120
Minutes
50
Questions
700/1000
Passing Score
$165
Exam Cost
9
Languages

Who Should Take This

It is intended for Azure administrators, cloud engineers, or solution architects who have already earned the AZ‑104 Azure Administrator Associate credential and possess several years of hands‑on experience designing Azure workloads. These professionals seek to deepen their expertise in enterprise‑scale design, governance, and hybrid infrastructure to qualify for the Azure Solutions Architect Expert role.

What's Covered

1 Designing authentication and authorization solutions, governance structures, and monitoring strategies using Azure Monitor, Log Analytics, and Microsoft Sentinel.
2 Designing relational and non-relational data stores, data integration solutions, and data protection strategies for Azure workloads.
3 Designing backup and disaster recovery solutions, high availability architectures, and data archival strategies using Azure services.
4 Designing compute, networking, application architecture, and migration solutions including Azure Migrate, VM, AKS, and hybrid connectivity.

Exam Structure

Question Types

  • Multiple Choice
  • Multiple Response
  • Case Studies

Scoring Method

Scaled score 100-1000, passing score 700

Delivery Method

Proctored exam, 40-60 questions, 100 minutes

Prerequisites

AZ-104 required (must hold Azure Administrator Associate certification)

Recertification

Renew annually via free Microsoft Learn renewal assessment

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

78 learning goals
1 Domain 1: Design Identity, Governance, and Monitoring Solutions
4 topics

Design solutions for logging and monitoring

  • Design a centralized monitoring architecture using Azure Monitor metrics, alerts, and dashboards to provide unified visibility into application and infrastructure health across multiple subscriptions and regions.
  • Evaluate Log Analytics workspace topology options across dedicated, centralized, and hybrid workspace strategies to determine the optimal configuration based on data retention policies, access control boundaries, and compliance requirements.
  • Design application performance monitoring using Application Insights with distributed tracing, availability tests, and custom telemetry to diagnose latency bottlenecks and failure patterns in multi-tier applications.
  • Analyze security event correlation requirements to evaluate Microsoft Sentinel deployment with data connectors, analytics rules, and automated response playbooks for enterprise-scale threat detection and incident response.
  • Recommend a comprehensive monitoring and logging strategy that integrates Azure Monitor, Log Analytics, Application Insights, and Microsoft Sentinel to balance observability depth, cost efficiency, and compliance retention requirements.

Design authentication and authorization solutions

  • Design a Microsoft Entra ID tenant architecture with user and group management, administrative units, and hybrid identity synchronization using Entra Connect for enterprise identity consolidation.
  • Design conditional access policies with device compliance, location-based restrictions, risk-based evaluation, and session controls to enforce adaptive authentication across organizational applications and resources.
  • Evaluate multi-factor authentication options including passwordless methods, FIDO2 security keys, and Microsoft Authenticator to assess identity verification strength, user friction, and deployment complexity across enterprise access scenarios.
  • Evaluate Azure AD B2C architecture options with custom user flows, identity providers, and API connectors to assess consumer-facing authentication patterns, branded experience capabilities, and integration complexity tradeoffs.
  • Analyze authentication architecture tradeoffs between Microsoft Entra ID B2B collaboration, B2C identity, and federated identity to determine the optimal approach based on user population, compliance requirements, and integration complexity.
  • Recommend an enterprise authentication and authorization strategy integrating conditional access, MFA, identity governance, and privileged identity management to achieve zero-trust security posture with operational efficiency.

Design governance solutions

  • Design a management group and subscription hierarchy with inherited policies, cost boundaries, and administrative delegation to enforce organizational governance at enterprise scale.
  • Design Azure Policy assignments with built-in and custom policy definitions, initiatives, and remediation tasks to enforce compliance standards across resource deployments and configurations.
  • Design role-based access control assignments using built-in roles, custom role definitions, and scope-level bindings to implement least-privilege access across management groups, subscriptions, and resource groups.
  • Evaluate Azure Blueprints artifact compositions including policy assignments, role assignments, ARM templates, and resource groups to assess repeatable environment deployment patterns and governance guardrail effectiveness.
  • Analyze governance compliance gaps by evaluating Azure Policy compliance reports, regulatory standards mapping, and resource configuration drift to identify remediation priorities across subscriptions.
  • Recommend a governance framework strategy integrating management group hierarchy, Azure Policy, RBAC, and Blueprints to establish enterprise-scale governance that balances control with developer agility.

Design identities and access for applications

  • Design managed identity assignments using system-assigned and user-assigned managed identities to eliminate credential management for Azure resource authentication across services.
  • Design service principal and application registration architectures with certificate-based authentication, API permissions, and consent frameworks for secure application-to-service communication.
  • Design an Azure Key Vault architecture with access policies, RBAC integration, certificate management, and key rotation schedules to centralize secrets management for applications and infrastructure.
  • Analyze application identity architecture tradeoffs between managed identities, service principals, and workload identity federation to determine the optimal credential strategy based on portability, security, and operational complexity.
  • Recommend an application identity and secrets governance strategy integrating managed identities, Key Vault, and service principal lifecycle management to achieve zero-standing-privilege application authentication.
2 Domain 2: Design Data Storage Solutions
3 topics

Design data storage solutions for relational data

  • Design Azure SQL Database deployments with appropriate service tiers, compute models, and elastic pools to match performance requirements, cost constraints, and workload variability patterns.
  • Design Azure SQL Managed Instance architectures with VNet integration, instance pools, and link features to support lift-and-shift migration of on-premises SQL Server workloads with near-complete compatibility.
  • Design SQL Server on Azure VM deployments with storage configuration, availability groups, and licensing optimization to support workloads requiring full SQL Server feature access and OS-level control.
  • Analyze relational data platform tradeoffs across Azure SQL Database, SQL Managed Instance, and SQL Server on VMs to evaluate compatibility, management overhead, scalability limits, and cost profiles for each workload type.
  • Recommend a relational data platform strategy that assigns workloads to the optimal Azure SQL deployment model based on compatibility assessment, performance requirements, operational maturity, and total cost of ownership.

Design data storage solutions for non-relational data

  • Design Azure Cosmos DB deployments with appropriate API selection, consistency level configuration, partition key strategy, and throughput provisioning to match data model requirements and global distribution needs.
  • Analyze Cosmos DB consistency level tradeoffs across strong, bounded staleness, session, consistent prefix, and eventual consistency to evaluate latency, availability, and data correctness impacts for distributed applications.
  • Evaluate Azure Blob Storage access tier strategies across hot, cool, cold, and archive tiers with lifecycle management policies and replication options to assess cost optimization, durability, and retrieval latency tradeoffs for unstructured data at scale.
  • Analyze Azure Table Storage versus Cosmos DB Table API architecture tradeoffs including throughput limits, global distribution, indexing capabilities, and cost models to determine the optimal key-value data platform.
  • Evaluate data encryption and access control requirements for non-relational data stores using customer-managed keys, private endpoints, and RBAC to assess security posture across Cosmos DB and Blob Storage deployments.
  • Recommend a non-relational data architecture strategy that assigns data stores to the optimal Azure service based on consistency requirements, global distribution needs, throughput patterns, and operational cost targets.

Design data integration solutions

  • Design Azure Data Factory pipelines with linked services, datasets, data flows, and integration runtimes to orchestrate ETL and ELT processes across heterogeneous data sources and sinks.
  • Evaluate Azure Synapse Analytics architecture options across dedicated SQL pools, serverless SQL, Spark pools, and Synapse Pipelines to assess workload isolation, cost allocation, and performance characteristics for unified analytics spanning data warehousing and big data processing.
  • Analyze data migration strategy options including online versus offline migration, Azure Database Migration Service, and data validation approaches to evaluate downtime tolerance, data integrity, and cutover complexity.
  • Analyze data integration architecture tradeoffs between Azure Data Factory, Synapse Pipelines, and event-driven streaming approaches to determine the optimal pattern based on data volume, latency requirements, and transformation complexity.
  • Recommend a data platform integration strategy that aligns data movement, transformation, and analytics services to enable unified data access while meeting governance, security, and performance requirements across the enterprise data estate.
3 Domain 3: Design Business Continuity Solutions
2 topics

Design solutions for backup and disaster recovery

  • Design Azure Backup architectures with Recovery Services vaults, backup policies, retention schedules, and cross-region backup to protect VMs, databases, and file shares against data loss.
  • Design Azure Site Recovery architectures with replication policies, recovery plans, and failover automation to enable cross-region disaster recovery for VMs and physical servers with defined RPO and RTO targets.
  • Design geo-redundant storage and database replication strategies using GRS, GZRS, active geo-replication, and auto-failover groups to protect data assets against regional outages.
  • Analyze disaster recovery architecture tradeoffs across cold, warm, and hot standby patterns to evaluate RPO, RTO, failover complexity, and cost implications for workloads with differing criticality tiers.
  • Recommend a tiered backup and disaster recovery strategy that assigns protection levels to workloads based on business impact analysis, RPO/RTO requirements, regulatory obligations, and cost optimization targets.

Design for high availability

  • Design availability zone architectures with zone-redundant deployments for VMs, managed disks, SQL Database, and storage accounts to eliminate single-zone failure impact on application availability.
  • Evaluate availability set configurations with fault domain and update domain tradeoffs to assess VM-level redundancy constraints for workloads in regions that do not support availability zones.
  • Analyze load balancing architecture tradeoffs across Azure Load Balancer, Application Gateway, Azure Front Door, and Traffic Manager to evaluate Layer 4 versus Layer 7 capabilities, global versus regional scope, and cost for each redundancy pattern.
  • Design multi-region active-active and active-passive architectures using Azure Front Door, Cosmos DB multi-region writes, and SQL auto-failover groups to achieve near-zero downtime for globally distributed applications.
  • Assess composite SLA calculations by evaluating individual service SLAs, serial and parallel dependency chains, and uptime composition formulas to determine achievable availability targets for multi-tier application architectures.
  • Recommend a high availability strategy that integrates zone redundancy, multi-region failover, load balancing, and SLA composition to meet composite application uptime targets while optimizing infrastructure cost.
4 Domain 4: Design Infrastructure Solutions
4 topics

Design compute solutions

  • Design Azure Virtual Machine architectures with appropriate VM families, disk types, proximity placement groups, and dedicated hosts to meet performance, isolation, and licensing requirements for IaaS workloads.
  • Design Azure App Service architectures with App Service plans, deployment slots, custom domains, and VNet integration to host web applications and APIs with managed platform scaling and zero-downtime deployments.
  • Design container and orchestration solutions
  • Design serverless and batch compute solutions
  • Analyze compute platform tradeoffs across VMs, App Service, AKS, Azure Functions, Container Instances, and Azure Batch to evaluate startup latency, scaling granularity, operational overhead, and portability for each workload type.
  • Recommend a compute platform strategy that assigns workloads to the optimal Azure compute service based on team maturity, deployment velocity, cost efficiency, scaling requirements, and long-term operational sustainability.

Design application architecture solutions

  • Design message-based architectures using Azure Service Bus queues and topics with sessions, dead-letter queues, and duplicate detection to enable reliable asynchronous communication between distributed services.
  • Design event-driven architectures using Azure Event Grid with custom topics, event domains, and Azure Event Hubs with capture and partitioned consumers for high-throughput event processing workloads.
  • Design API Management architectures with API gateways, developer portals, rate limiting policies, and backend routing to expose, secure, and version APIs for internal and external consumers.
  • Evaluate caching architecture patterns using Azure Cache for Redis with clustering, data persistence, and geo-replication to assess cache invalidation strategies, backend load reduction, and response latency improvements for frequently accessed data.
  • Analyze messaging architecture tradeoffs between Azure Service Bus, Event Grid, Event Hubs, and Storage Queues to determine the optimal messaging service based on delivery guarantees, ordering requirements, throughput, and cost.
  • Evaluate microservices decomposition patterns including queue-based load leveling, competing consumers, and saga orchestration to assess service boundary design and inter-service communication resilience.
  • Recommend an application architecture strategy integrating messaging, event processing, API management, caching, and microservices patterns to achieve loose coupling, independent scalability, and operational resilience.

Design network solutions

  • Design virtual network architectures with address space planning, subnet segmentation, network security groups, and service endpoints to provide network isolation and traffic control for multi-tier applications.
  • Evaluate hub-spoke network topology patterns using VNet peering, Azure Firewall, and user-defined routes to assess centralized security, inspection throughput, and shared services scalability across multiple spoke virtual networks.
  • Design hybrid connectivity architectures using Azure VPN Gateway with site-to-site tunnels and Azure ExpressRoute with private peering to establish secure, reliable connections between on-premises networks and Azure.
  • Design private endpoint architectures using Azure Private Link to provide private connectivity to Azure PaaS services, eliminating public internet exposure and enabling secure access from within virtual networks.
  • Design DNS resolution architectures using Azure DNS zones, private DNS zones, and DNS forwarding to provide name resolution across hybrid environments with on-premises and Azure-hosted workloads.
  • Evaluate content delivery architecture options across Azure CDN profiles and Azure Front Door with caching rules, origin groups, and WAF policies to assess global distribution performance, edge security capabilities, and cost tradeoffs.
  • Analyze hybrid connectivity tradeoffs between VPN Gateway and ExpressRoute to evaluate bandwidth capacity, latency characteristics, encryption requirements, cost profiles, and redundancy options for enterprise connectivity.
  • Analyze network security posture by evaluating NSG flow logs, Azure Firewall threat intelligence, and Network Watcher diagnostics to identify misconfigurations, excessive permissions, and traffic anomalies.
  • Recommend a network architecture strategy integrating hub-spoke topology, hybrid connectivity, private endpoints, DNS resolution, and content delivery to achieve secure, performant, and cost-effective network design at enterprise scale.

Design migrations

  • Design Azure Migrate assessments with dependency analysis, performance-based sizing, and readiness evaluation to inventory and classify on-premises workloads for migration planning.
  • Evaluate migration strategy patterns including rehost, refactor, rearchitect, rebuild, and replace to determine the optimal approach for each workload based on complexity, timeline, cost, and modernization objectives.
  • Design migration execution architectures using Azure Migrate server migration, Database Migration Service, and Azure Data Box to move VMs, databases, and large data volumes with validation and cutover procedures.
  • Analyze Cloud Adoption Framework phases to evaluate organizational readiness, landing zone design, and governance controls that support systematic migration execution and post-migration optimization.
  • Recommend a migration governance strategy integrating Azure Migrate assessment, wave-based execution sequencing, Cloud Adoption Framework alignment, and post-migration validation to minimize risk and maximize business value delivery.

Hands-On Labs

25 labs ~526 min total Console Simulator

Practice in a simulated cloud console or Python code sandbox — no account needed. Each lab runs entirely in your browser.

Certification Benefits

Salary Impact

$162,000
Average Salary

Related Job Roles

Cloud Solutions Architect Azure Architect Enterprise Architect Technical Architect

Industry Recognition

Microsoft Azure certifications are among the most valued in enterprise IT, with Microsoft holding the second-largest cloud market share globally and serving as the dominant platform in enterprise and hybrid cloud environments.

Scope

Included Topics

  • All domains and task statements in the Microsoft Azure Solutions Architect Expert (AZ-305) exam guide: Domain 1 Design identity, governance, and monitoring solutions (25-30%), Domain 2 Design data storage solutions (20-25%), Domain 3 Design business continuity solutions (15-20%), and Domain 4 Design infrastructure solutions (25-30%).
  • Expert-level architecture decisions for identity governance, data platform selection, business continuity planning, and infrastructure design across Azure managed services, hybrid environments, and multi-cloud scenarios.
  • Scenario-driven architectural tradeoff analysis integrating security, reliability, performance efficiency, cost optimization, and operational excellence across Azure services and deployment patterns.
  • Key Azure services for expert-level architecture: Microsoft Entra ID, Conditional Access, Managed Identities, Azure Key Vault, Azure Monitor, Log Analytics, Application Insights, Microsoft Sentinel, Azure Policy, Azure Blueprints, Management Groups, RBAC, Azure SQL Database, SQL Managed Instance, Cosmos DB, Azure Table Storage, Blob Storage, Azure Data Factory, Azure Synapse Analytics, Azure Backup, Azure Site Recovery, Availability Zones, Availability Sets, Azure Load Balancer, Application Gateway, Azure Front Door, Azure Traffic Manager, Virtual Machines, Azure App Service, Azure Kubernetes Service, Azure Functions, Azure Batch, Azure Container Instances, API Management, Azure Service Bus, Azure Event Grid, Azure Event Hubs, Azure Cache for Redis, Virtual Networks, VNet Peering, Azure VPN Gateway, Azure ExpressRoute, Azure DNS, Azure CDN, Azure Private Link, Azure Firewall, Azure Migrate, Cloud Adoption Framework.

Not Covered

  • Low-level implementation coding details, CLI command syntax, and PowerShell scripting depth not required for architecture decision-making in the AZ-305 exam.
  • Azure DevOps pipeline configuration, CI/CD workflow implementation, and application lifecycle management details that fall under AZ-400 DevOps Engineer Expert certification.
  • Transient Azure service pricing details and short-lived promotional values that are not stable for enduring architecture specifications.
  • Foundational Azure administration tasks such as creating individual resources, configuring basic settings, and routine operational procedures covered by AZ-104.
  • Deeply specialized data engineering pipeline tuning, machine learning model training, and AI workload optimization that fall under DP-203, AI-102, or DP-100 certifications.

Official Exam Page

Learn more at Microsoft Azure

Visit

Ready to master AZ-305?

Adaptive learning that maps your knowledge and closes your gaps.

Subscribe to Access

Trademark Notice

Microsoft and Azure are registered trademarks of Microsoft Corporation. Microsoft does not endorse this product.

AccelaStudy® and Renkara® are registered trademarks of Renkara Media Group, Inc. All third-party marks are the property of their respective owners and are used for nominative identification only.