Microsoft Azure Solutions Architect Full Course 2026 | Microsoft Azure AZ-305 Training | Simplilearn

Infrastructure solution course by simply learn. If you want to build a career in a cloud architecture, solution design or enterprise infrastructure, then Microsoft Azure is one of the most important platforms you need to master. But don't worry, in this course, we are going to simplify Azure concepts step by step so you can clearly understand how cloud infrastructure is designed, secured, and managed in real world organizations. We'll begin by understanding the fundamentals of Azure architecture including regions, availability zones, resource groups, and subscriptions. These are the core building blocks that can help you design scalable and reliable cloud solutions. From there, we will explore the core Azure services such as compute, storage, networking, and identity. You'll also understand how the different Azure services work together to build enterprise applications and how to share responsibility model defines what Azure manages versus what the customer manages. As we move forward, we'll dive into the compute services like virtual machines, app services, and container instances. You will learn how to choose the right VM size, manage performance tiers, and optimize cost based on business needs. We'll also cover identity and access management using Microsoft Azure Active Directory, where you'll understand authentication, authorization, and role assignments critical for securing enterprise environments. Next, we'll explore Azure storage services including blob storage, file storage, Q storage, and table storage. along with redundancy options like LRS, Z RS, GRS and REGGS to design highly available storage architectures. You'll also get introduced to containerized deployments using Azure Kubernetes services and understand how Azure supports modern application deployment with container orchestration. As we progress, we'll also focus on networking concepts such as virtual networks, subnets, network security groups, load balances, and application gateway, helping you design secure and resilient network architectures. Finally, we'll cover Garnet, security back, disaster recovery, and monitoring using tools like Azure policy management groups, resource locks, Azure monitoring, and cost optimization tools, which are essential for enterprisegrade cloud solution. So, by the end of this course, Azure architecture will no longer feel complex. You'll have a strong foundation in designing scalable, secure, and highly available infrastructure solutions, preparing you for the AZ 305 certification and real world Azure solution architecture role. Before starting this video, if you're ready to make your career in cloud computing, DevOps and AI powered infrastructure to the next level, check out Simply Learn's AI powered cloud computing and DevOps certification program in collaboration with AWS and Microsoft. This program is perfect for anyone who wants to become a job ready in cloud engineering, DevOps, and AIdriven cloud automation while building strong hands-on experience with real enterprise tools and platforms. You'll learn how to work with key technologies like AWS, Azure, Google Cloud, Docker, Kubernetes, Jenkins, Terraform, and Anible along with modern practices such as CI/CD pipelines, microservices, deployment, infrastructure as core, and AI powered cloud operations. You'll also explore advanced concepts like DevSec Ops, cloud monitoring, and geni integration in cloud systems which are essential for today's cloudnative industry. Plus, you'll get hands-on experience through 30 plus real world projects including CI/CD automation, multicloud deployments, Kubernetes, Australation, and realtime data processing along with final capstone project that helps you build a complete cloudnative solution. Upon completing the course, you'll earn a program completion certificate from IITM Parvatak along with Microsoft Azure certification and AWS aligned learning outcomes which can significantly boost your career and help you stand out in the competitive cloud job market. You'll also get access to AI powered job assistance, mock interviews, and a 2-day campus immersion at IIT Madras Research Park. Check out the description box below to find the link and start your journey into AI powered cloud computing and DevOps today. Before we get started, here's a small question for you to answer. Which Azure services is primarily used for container orchestration? Is it Azure Bob storage, Azure virtual machines or is it Azure Kubernetes services or is it Azure load balancer? Drop your answers in the comment section below and let's get started. All right. So, let's start with the basics of cloud computing. Now before I start explaining the cloud computing I want to understand from you. Are you do you guys know what cloud computing is? Any general uh definition that you know or any do you know what cloud computing is and are you right now using cloud? Uh I just want to correct few people who have said we are not using cloud computing right now. Everyone of us are using cloud computing. Okay. how it started started with basic services like email services. So if you say you're not using cloud do you have email accounts or are you using the email services like Hotmail, Gmail, U back in the days I don't know how old are you guys we used to have Yahoo right? So what are these services? These are nothing but the SAS services. These are the services using which you send your email. Are you saving those email in your laptop? How do you access Gmail? How do you access Hotmail or how do you access Google Drive, One Drive, Dropbox? So, we are using cloud in our day-to-day life. Even you're not using the cloud for your own infrastructure, but you're using cloud in a sense like uh email services, storage services, right? Movie on demand services. Are you using Netflix? Are you using Prime, Hot Star? So these are the movie on demand services, right? This is also pay as you go. So depends on different plans you subscribe to. You you'll have to pay. If you don't want to pay for one month, just cancel that subscription. You won't be paying for that particular month. Right? So all these services are accessible over internet. So what do you need? You just need an internet connection. Whether to use from laptop or to use from your phone, you just need an internet connection. And if you have an internet connection you can use cloud right on demand movies on demand food panda or swiggy right so these are nothing but cloud services right so what is cloud computing in simple terms cloud computing is is a delivery of services uh over internet. Now what services are being delivered? When we specifically discuss cloud computing, it's nothing but delivery of services over the internet. Now which services is being delivered? Services like compute, storage, databases, network. So if you are accessing those services via the internet that means you are using cloud. So cloud computing is nothing but delivery of services. Now the first question that most of my student ask is why do we need these services? Compute storage. Do you guys know why do we need these services? Let's say there's no cloud. If there's no cloud and you want to host your website or an application, where do you host it? You want to host a website or a web application, where do you host it? So if there's no cloud, we need to create a data center. Okay, we need to first have a data center before I or Windows server. We need to have our data center. Now, what do you think? How much charge or how much cost will I have to bear as a company or as an organization if I want to have my own data center? First of all, I have to pay for the infra. I need to find a place and imagine a uh imagine having a big big space in a city like Mumbai or Bangalore. How much you have to pay right before even starting your business? You'll have to pay for that infra. You need to buy that that place first. You need to put your racks, your servers there. Then you need to think about the the power power supply. you need to think about the redundant power supply since I don't want to rely on single power supply right so this is the is the uh cost that you have to bear if you do not go for cloud but as har is mentioned that we har is mention mentioning that we can go for colo yes you can go for collocation as well but for that as well someone has to have a data center you can go for colo but someone has to has a data centers, right? Someone should build a data center for you. Yeah. So that colo is like you're just renting spaces. So you're just renting the data uh you're just renting one or two uh servers or you're just renting entire rack in that particular data center and you're putting your own servers there. So that's that is the meaning of collocation. Right? So that was also possible before cloud. But after that not everyone can afford of creating a or or developing or uh building a data center. So what happens the big companies like Amazon, Google and Microsoft and there are a lot of others oracles and all right so these big companies what they did they created data centers and they started providing the computation services like compute storage database networking on rent all right so Today when someone says that we need to move to cloud or we need to migrate to cloud or we want to use cloud computing they're mostly mentioning that we want to use the AWS infra GCP infra Google infra or Microsoft Azure's infra or Oracle's infra depending on uh which part of world you are we need to use their infra and deploy our computation resources all right so what is why do we need this computation resources compute resources like for example let's say you have an idea and you need to use information technology to bring that idea to life. That means you have a business. A simple example I can take is let's say Swiggy. So what is the idea behind this business? Deliver deliver food delivery service. So when you use Swiggy, are you making the food? Obviously no. Someone else is making for you. So you're ordering it from their place, right? So what is this? This is like a food as a service. So it's again a uh cloud service, right? So you can say that it's it's a cloud kitchen from where you're ordering. So let's say you have an idea and you want to build something like this or whatever your idea is and you want to use uh internet to deliver services. So in order to use internet in order to develop or in order to bring my idea to life first of all what I need I need to hire a developer. Why do we need a developer? developer will will write the application for me. So what is an application? Application is nothing but some files. So if you have ever developed a very simple HTML uh uh page or HTML website, static website, if you have developed that you know that an application is nothing but list of files there there will be a lot of files. If you're writing application inn net or Java or whatever you're just coding if you're a developer you might know better but you're just coding. So that code is saved in nothing but a file with some extension. Right? So in order to make sure that my website is is is reachable to to my customers or to my users who wants to deliver food or anything whatever your idea is I need to keep this file somewhere and that somewhere is nothing but a server. So you need that server. Now where will you place that server? You need to place that server in a data center. So as as Har mentioned, you can colllo col uh you can get a collocation place in one of the data center. You'll be paying some rent or you can simply launch the server on a cloud company. Now tell me what what what do you think what will be the cost of buying a server from IBM or from HP? What will be the cost of buying one server? Around $1,000, right? Around one lakh or two lakh or three lakh rupees. Depends on which company you go for and what configuration you want. Right? If you have never heard of server, what server is? Server is nothing but a computer. So if you go today to buy a new laptop, what do you what do you see or uh which laptop you buy? So what do you see in that laptop? You'll see the config, right? You'll see the storage. What is the SSD given? You'll see the processor. What processor is being used or being uh installed in this laptop, right? You'll see memory, the RAM. So these are the three most important thing that we see. Similarly, server is like you can say a powerful computer which provides services. So you know the laptop is like for commercial use. That means for us just to uh do a meeting or do or or for entertainment purposes like I want to watch a movie I can watch it on a on my laptop. I can do some of my business business things but you cannot host your website on laptop. Technically you can but your laptop is not as powerful as server to provide the services. Okay. So similarly similar to laptop you'll have a server and then on top of that server you'll be having some operating system in laptop you have an operating system right you have windows right so you you you go for Windows 11 nowadays or if you're uh fond of Mac you'll go for Mac so Mac has their own Macintosh Apple has their own Macintosh operating system like or there's another uh variant in market which is Linux Right? So on top of that server, you'll be having an operating system. What is an operating system? Operating system is the mediator between human beings and the uh hardware. If I give you a hard disk, can you just see that hard disk and try to figure out what do we have in that hard disk? Just like physically seeing that hard disk like this. Can you do that? So right, we need to connect that hard disk to the laptop. how the the laptop reads hard disk. Laptop has the operating system installed and that operating system can detect and read the hard disk and then we can identify what kind of files we have in that hard disk. Right? So similarly here we deploy OS on top of our server and then we keep our files. Okay. So if I'm if I am having an idea like Swiggy and I also want to come up with a food delivery service first of all I need to hire a developer or if you are a developer you can write your own code but in order to host that application you need to have the server. So using that server only you can host right now. So, in order to buy that server, you have to spend a certain amount. Let's say $1,000. And that amount is upfront cost. That is an upfront cost. When you say upfront cost, that means I have to pay it now. Even before starting my business, I have to invest like $1,000 for one server. Now, tell me, you're buying one server and if that server goes down, what happens? See, you're buying one server and you're hosting your application on top of that server. If that server goes down, will you be able to reach your application or will your user will be able to reach the application? Obviously not. Right? If Swiggy is down, you won't be able to you won't be able to order anything from Swiggy. So I cannot rely on one server. So I need to buy another server as well. Why do I need to buy another server? Just to make sure that if one server goes down, my application is reachable from the second server. So instead of $1,000, I need to spend $2,000 for two servers. So that's an upfront cost. And this upfront cost is nothing but capital expenditure for your business capex. Okay. Now for for an individual user who or for an startup for a startup investing this amount could be huge. So what they can do they can simply launch portal.azio.com cloud create a server deploy their website and that's all their their website is live. What is cloud computing? If you have a laptop and if you have an internet connection you can get the server the storage the networking through that internet through the internet. That's all that's cloud computing. Cloud computing refers to the delivery of inter delivery of compute services over the internet. What is compute services? Compute services are nothing but you want in order to host a website you would need uh storage, you would need RAM, you would need CPU. So all these services are given to you over the internet. You don't spend spend this much of amount up front. So you're saving already you're saving $2,000 right now. Here you deploy two servers, five servers, doesn't matter. On cloud you deploy two servers, five servers, 10 server. You're not paying $2,000 upfront. That means right now I'm not paying $2,000. So when I'll be paying, I'll be paying as per my use. Pay as you go. So this month, if I'm using five servers, I'll have to pay for the five servers. Next month, if I don't require five servers, I'll remove two servers and I'll pay for three servers only. Pay as you go model. What is pay as you go? It's like your electricity, right? So, every month do you get the similar bill for your electricity? Depends on your usage, right? In summer, we use air condition, uh coolers and all those stuff. So, we pay more in summer, but in winter, do we pay more? Totally depends on your consumption, right? So, that's nothing but the pay as you go approach. Pay as you go. As much as you use, you pay for that. If you use 10 servers, 20 servers, for that much, you'll pay more. If you use only one server, you'll pay for only one server. Okay. I hope you have understood what cloud computing is and why do why you will be using cloud computing. Okay. All right. What are the benefits of using cloud computing? Cost optimization. As I mentioned that uh if you want to use two servers, three servers, you use that. So depends totally depends on your requirement. You'll be using two servers, three servers, right? So it helps you to achieve the cloud uh uh achieve the cost optimization, right? Optimize the cost. I'm not paying up front everything. I'll be paying according to my use. performance efficiency very quickly you can uh get the performance increase the performance of your app right I want two servers I want more CPU I can I can do that I want more RAMs I can change my change u the amount of RAM assigned to my compute service right so all those thing you can do very quickly apart from that accessibility if there was there's no cloud and you want to come up with your with your IT business or business using it where you'll be creating or deploying your server. You will be creating or deploying your server depends on wherever you you are. You let's say I stay in Mumbai and I want to I I have an idea and I want to come up with a service. So I'll be searching a place in Mumbai itself and if my user base in is is in US I need to go to US and there I have to deploy my server in one of the data center right. So with cloud it has become very easy I can deploy wherever I want depending on uh let's say I want to deploy a server. So in cloud it's it's quite is known as virtual machine. So I'll click on create create virtual machine. And here you see if you want to deploy it in US, you can select US, east, US, west. If you want to deploy it in Australia, you can select Australia. So accessibility is very easy. What do you need? You just need an internet connection and you can deploy wherever you want. Wherever Azure has his presence, right? I want to deploy in Europe. I can go for Europe. I want to deploy in uh UK, I can go for UK. Right? So these are the different these are the benefits of using cloud computing. These benefits you cannot get when you are deploying everything on prem. Okay. Reliability uh flexibility. So cloud is reliable. Why it's reliable? Because they by default monitor it. Okay. Uh by default monitoring as in it's not like that they will take actions on your behalf. only if you configure they can take actions on your behalf but if you don't configure uh they'll not they'll not take that action right so cloud is reliable flexible you can deploy where similar to accessibility you can deploy wherever you want whatever size of uh server you want you want more CPU more RAM depends totally on your requirement and security whatever data you you are keeping on cloud uh by default is it is secured you don't need to worry about security. Why? Because what I'm putting in my uh storage account in my storage Microsoft is automatically encrypting that. What is the meaning of encryption? Encryption is like uh a security algorithm which is making your data unreadable. Okay. Sorry. So sec uh encrypt encrypting is a way is a security algorithm which is making your data whatever data you're putting on cloud unreadable that means when I'm putting a data in in your own laptop where do you add your data where do you put or save your data where do you store your data we have hard disk right solid state drive or hard disk in that hard disk we keep our data so if you remove that hard disk from your laptop and attach it to another laptop. Can you read the hard disk or no? If I remove the hard disk that I have over here, remove it from laptop number one and connect it to laptop number two, will I be able to read my data? Yes. Right? I'll be able to read my data. So, similarly, when I'm putting data in cloud, what cloud is doing? Cloud is nothing new. Cloud is also using hardware drive or solid state drive to keep your data. So, what happens when you keep your data in cloud? It goes to the cloud data center. Within that data center, they'll be having servers or sand storage. And in that storage, your data is stored. So if someone goes there who has the physical access to the data center, if someone goes to that hard disk, take out the hard disk, connect it to our laptop, where's the security then? He or she will be able to read the data. Right? Similar to this scenario, if someone goes to the cloud, take out the hard disk where your data is stored. connect that hard drive to its to his own laptop. He'll also be be able to read that data. Right? So to avoid this situation, what every cloud provider is doing is encrypting your data. What is the meaning of encryption? Whatever you're writing, you're writing ABC. So that is stored in an encryption format. Okay. So if someone is removing that hard disk and connecting that hard disk to its own laptop, he or she won't be able to read the data unless and until that data is decrypt. Okay. So for this encrypting and decryption, we require the encryption and decryption keys. So Microsoft stores that keys the uh you have the option to use your own keys as well. Right? So this is one of the benefit that we have in the cloud. Even if the data is even if the device where your data is stored is stolen, the data is secure. No one will be able to read it unless and until they decrypt it. Okay. So by default your data will be encrypted. Doesn't matter what cloud provider you're using. Okay. Now what is Microsoft Azio? Microsoft Azio as you know is the leading cloud provider from Microsoft. So Microsoft is the owner and Microsoft has created lot of data centers and those services are given to you as uh as a service. Whenever we talk about cloud you will be hearing something a term known as as a service. So Microsoft Azure is a cloud provider. It's a leading cloud provider which offers 200 products and cloud services to you to the users so that they can bring their own idea to life. Okay. All right. Sorry guys, I'm not feeling well. So you you might uh see me going uh mute a lot of time. Okay. So just bear with me. Maybe tomorrow I I'll I'll feel better. All right. So what is Microsoft Azio? Microsoft Azure is a leading cloud provider available in the market which offers around 200 products. So this is the second I mean if you go 5 years back Microsoft Azure was the second leading cloud provider but now if you see we have like 55 45 uh ratio in the market. The competitor to Microsoft Azure is AWS. Depends on which area or which part of world you are. you would see that AWS is used more or Microsoft Azure is used more depend on which part of land I I stay in Malaysia so in Malaysia I see a lot of opportunities for Microsoft Azure whereas if you stay in Bangalore side in India in Bangalore side you would see AWS requirement more so totally depends on which part of area you are if if you are staying in Middle East Saudi or Dubai you would see Oracle being used for okay so totally depends on which part of area you are but it doesn't matter that uh which cloud you are learning if you learn one cloud you'll automatically understand the second cloud cuz services are are are same the only difference is Microsoft might be having few different services AWS might be having few different services the names for those services are changed like in Microsoft Azure we say virtual machine whereas in AWS they say uh elastic cloud compute In Google they say compute engine. So totally depends uh which cloud you're using. Services are same the names are different. Okay. All right. So whatever benefits we have we have discussed for cloud computing same benefits applies here. As you can see, security, cost effective, scalability, data recovery, flexibility. So all the benefits you'll get on every cloud. Doesn't matter what cloud you're using. You're using Microsoft Azure same benefits you have. Security, cost effective, data recovery, scalability, flexibility. But then the question arise if all clouds have the same benefits uh why should I use Azure over AWS or why should I use AWS over Azure or why should I use GCP or why should I learn Azure or why should I learn uh AWS so that question only I have only one answer to that question that if you are already familiar with Microsoft product or let's say as a company if I'm already using Microsoft products which most company are. If I'm already using Microsoft product, I can crack a good deal with Microsoft. If I want to use Azure, if you're using Microsoft products, it's possible that your company is already Microsoft partner. So they can crack a good deal and they can get get a good discount uh with Microsoft uh they if if they want to use Azure AWS benefits you like uh if you are already I mean Microsoft Azure started late as compared to AWS AWS was the first cloud in the market so that's why AWS has had lot of shares if you go 5 years back so if you are already with Amazon and if your sales team can crack a good deal with AWS, your company might be using AWS. If your Microsoft partner in your company can crack a good deal with Microsoft Azure, they will be using Microsoft Azure. Another way is if let's say your company is getting a new project and in that project they will be hiring few people. So they will be hiring people and those people are familiar familiar with Azure. So for that particular project, your company will go with Azure. If your company is launching another project and they're hiring people and they see that yeah we have lot of professionals who who understand AWS. So for that project they'll go for AWS. I've seen this in lot of companies. For my own company we have few services on Azure. We have few services on AWS. When I raised this question to my manager why do we why do I why are we using two different services? So they said that whatever developer we have in this project they are familiar with Azure they're familiar with net so they are familiar or more aligned to white m towards Microsoft project so that totally depends on your on company by company scenario which cloud you'll see more okay but AWS and Azure are the top contender GCP is also coming up right so these are three these three are the top contenders in the market so if you're choosing Azure uh you'll definitely ely land a job and you'll get a good good pay as well. Okay. So the two things that we didn't discuss in the benefit is scalability and data recovery. So what is scalability? Scalability is a way to add or remove the instances from your solution. So let's say I have a website. Let's say I have a website and I want to host this website. How do I decide how many servers I should be uh launching on Azure and on how many servers I should be launching my website or installing my website? How do I decide that? I can't decide when when the website is new. You cannot predict the amount of traffic your product is going to receive. Can you predict that? Obviously no. So what you'll do, you'll start with less number of servers. Let's say I'll start with two two servers and suddenly my marketing team has done a quite fantastic job and promoted my website on on some on some popular show. So as soon as my as my website was promoted, I saw the spike in the traffic. So in that case if the traffic is more can you u can your two servers handle all all all that all that traffic obviously no depends on what what configuration you have right so as soon as the traffic increases I need to add extra servers so that adding or removing of extra servers is known as scalability either adding the services or removing the services is known as scalability. All right. So there are two types of scalability horizontal and vertical. So you can increase the configuration that means you can scale up. Right now let's say you have 2 GB of RAM and uh four virtual CPUs. So you want to increase the config that means I want now 16 GB of RAM and eight virtual CPUs. So this kind of scaling is known as scale up or scale down from 16 to 4 GB and two virtual CPUs. Right? So you are either increasing or decreasing. So that is known as scale up. If you're increasing that is known as scale up. If you're decreasing that is known as scale down. Similarly, if you're adding the number of instances, that means you're adding extra servers. So, you're scaling out. You're decreasing the number of servers. You're scaling in. Okay? When someone says scale up, that means you're increasing the size, the configuration, amount of RAM. If someone says scale in sorry scale down then you are decreasing the amount you're decreasing the configuration. When someone says scale out you are adding number of instances. Someone says scale in that means you're removing the extra instances. Okay? Doesn't matter if you remember scale up scale out nothing. You just need to remember scalability. Scalability means adding extra instances or increasing the configuration or decreasing the configuration. That's all. Okay. Data recovery. Uh by default there's no data recovery. You need to configure it. But when it comes to cloud, it's very easy to configure the data recovery. So as we progress in our Azure journey, we will have one chapter where you'll understand how you can recover your data in case uh there's a failure or in the in case there's a loss of data, how can you recover it? Okay. So data recovery is very simple when it comes to cloud. Cost effective and security we have already discussed right. Salman is asking difference between scalability and flexibility. You are flexible to deploy in any region. So any cloud gives you option to deploy your ser services in different regions like I can deploy in India, I can deploy in US, I can deploy in Australia. So depends on my requirement I can deploy it anywhere wherever Azure has its presence. So that is flexibility. You're flexible enough to deploy in any region plus you are flexible enough to deploy in any size of of the server any configuration which is provided. Right? Scalability is something where you're adding or removing the extra instances. Now a very good example of scalability is Amazon. Do you guys use Amazon for uh the Amazon e-commerce website for uh shopping? So every year three times or two times in a year Amazon comes up with a sale, right? What what that sale is known as? Great Indian something right or wrong. We have the sale or no? No, we have the sale, right? Great Indian festival or something, right? So during that sale, what do you think? The traffic will be more towards Amazon or the traffic will be less. If there's a sale in an e-commerce platform, do you think the internet traffic will be high or will be low during the sale period? It will be high, right? So when the sale when when sale is announced, you know that for 4 days we need extra servers. Since that four days we have sales, so we might have lot of traffic. So we know we can predict. So if we have lot of traffic we can add the extra instances instances and then when sale is done after 4 days obviously the traffic will reduce to normal we'll have normal traffic so we can reduce the number of servers now I don't know uh how old are you but the first sale that flipkart announced big billion something the first sale was a flop why because flipkart didn't scaled its servers and it was it it failed for the first day. So they had to increase or add one more day there. So they will be adding the scaling uh they they have to add the servers when when they are receiving lot of traffic. Okay, sorry. All right. So let me just clean my my screen. Okay. So these are the Microsoft Azure benefits to the business when they are opting out for the Microsoft Azure. Sisha is asking horizontal vertical scaling bins. I just explained scale up scale out right. So when you're scaling like this what is this horizontal or vertical? This is horizontal right or sorry this is vertical right? So you're adding or you're increasing the configuration of your your server. So earlier you were using let's say 2GB now you're using 4 GB that means you you have added 2GB RAM extra so that is known as vertical scaling whereas horizontal scaling is you're adding extra instances you had one instance you added two instance so now you have total three instance this is known as uh horizontal scaling here. So, what skills are we going to cover in A305? Now, a 305 has a study guide. So, let me just launch. If I go to a305 here, not GitHub. So whatever if you're preparing for the exam I would ask you or I would encourage you to please uh go to this website. Okay. This is the official page from Microsoft. So whenever you are sitting before sitting for the exam just go to this. Okay just go to this page. So what this page is having this page if you go to this page you will see the learn path. Okay what is this learning path? The learning path is the modules the flow or the topics that Microsoft expects you to know before sitting for the exam. So what skills are we going to cover? Now I'm not covering the skills from from the PPT. What skills I'm going to cover? I will be following this Microsoft learn path since this is up to date as per the current exam. Okay. So what are we going to cover? We are going to cover all this uh topics whatever is mentioned. Like if I go for the first module which is design, identity, governance and monitor solution. If I click on it, uh this is what we are going to cover. So everything is mentioned here topic by topic what you should be knowing before sitting for the exam. Okay. Now if I go one page back and if you see here somewhere you should see the study guide. So what is the study guide? The study guide is uh skills will be measured compute network storage monitoring security. If I scroll down, every skills is given certain percentage like every module is given a certain percentage. So from identity governance and monitoring solutions you can expect around 30% of questions from storage you can expect around 20 25 from business continuity you can expect expect around 15 to 20 right similarly from infrastructure solution you can expect around 35%. So what you should be knowing you should be knowing some logging solution like routing logs where you can keep the logs where you what monitoring solutions Azure has to offer what is an authentication solution right so all this topic by topic is is is provided in this study guide. Now same thing is for any certificate that Microsoft has to offer. So if you see every certificate is mentioned over here. So whatever certificate you are preparing for before sitting for an exam make sure you uh glance here to see if you know this if you know this if you know this right if you do not know this please try to see what this topic is where you can see you can see it in the learn path right all right so that's what this these are the skills that we are going to cover okay Everything whatever mention is here we we are going to cover. Now why I I ask you to visit here because if you see Microsoft keeps on adding or removing something from their exam every 6 month or 1 year right so if you read this this note if you read this note says the exam will be updated on April 17 2026. When was the April 17th? Yesterday. though something is changed. What is changed? Uh in order to see what is changed, you should review this study guide. Okay? So if let's say next time, next year or after 6 month, if they don't want this particular topic uh in a 305, so they will remove it from from the study guide. So you don't need to need that uh need to know that. So whatever Microsoft is making changes they will put that in the study guide. Okay. So I went through the old study guide and the new study guide but I don't see lot of things have been changed. The only thing that Microsoft changed was audience profile. Okay. So it's a minor change from the syllabus wise. Nothing changed. Only audience profile change. So if you see the audience profile here, you should have all the audience profile somewhere. Yeah, if you see the audience profile here. So this part is only changed. Now what Microsoft added as as far as I know Microsoft only added this. This wasn't part of the old study guide. Okay. But that's that thing which is added. Course wise nothing has changed. the topic wise I have went through the old and new study guide nothing is changed everything is same from the course point of view okay uh there the link is shared if you see the chat box okay I already shared the link okay so that's what I'm going to cover now if you see the simply learn syllabus we have like uh we have divided this into 15 different topics but I'm not going to cover it topic by topic as defined here 15 everything I'll be covering or summarizing in 10 or 11 topics okay whatever is mentioned over here everything is summarized in 11 topics since we have 10 days so I' I've summarized everything whatever we have here from identity until uh infra everything I have summarized ized into 11 topics. Okay, since we have to do the the the uh projects as well. So we need to complete everything in 10 days. Whatever Microsoft is asking me to cover, we will be covering everything which is defined in the study guide. Clear? All right. So what does this course brings to you? the course uh is bringing you the u some projects, some co-ign projects, some assisted practices. So what these assisted practices are? Assisted practices is is the word documents that I'll be adding to the LMS. So you will be having access to that. You can download it. It's like a stepbystep guide on how to do the demonstration on how to do the hands-on. So those assisted practice I'll be adding. We will be having case studies. We will be having course and projects, ebooks. Microsoft has stopped providing ebooks. So your ebook is the learn path. So this is your ebook. Okay, the first link that I shared, please follow that link uh or simply search for easy 305 in your search engine and you'll be landed to that page. Okay, so here you can find your learn path. Now why I'm stressing on this learn path? Because in exam you have access to the learn path. So when you sit for the exam uh you can access the learn path learn path from there. So if you are stuck or if you don't know the answer to any question you can go to the learn path and you can try to read it there within the exam itself can try to find out the answer. So access is there. That's why I want you to go through the learn path. So you know in which page what service can get me the answer. All right. So that's what we are you you will be getting with this course. Now when it comes to the exam a305 uh first of all the exam code is a 305. The name is design Microsoft as your infrastructure solution. You will be having around 60 to 70 multiple choice question. Totally depends on your set of paper that you're getting. So when I set for the exam I had like for 53 questions multiple choice question and rest of the questions were under case studies. Okay. The total 60 to 70 questions you'll be having including case studies. Then the uh the time that you'll be getting is 2 hours. So you'll be getting 120 minutes to complete the exam. And then in order to pass the exam uh you'll have to get 700 that means 70% of passing mark out of 100 you'll have to have you'll have to get 700 and uh there and once you click on submit there only you'll come to know the result you don't have to wait for the result okay everything is proctored everything is computer basis so once you submit uh it will calculate the software will calculate your percentage and you'll have your result there. So in order to pass you need to have 700 you need to get 700 clear. The exam is available in different different languages English, Japanese, Chinese. So whichever language you prefer you can uh book exam in that language. Now where to book the exam from? So if you go to the 305 page from there itself you have the option to book the exam. Okay. So if you are in India you select your region wherever you are. Then click on uh then click on schedule exam and from there it will take you to the Pearson VOE page and from there you can schedule you can select the date when you want to sit for the exam. All those stuff you can do in a Pearson VE site. From the Microsoft page itself, you can book the exam. So that's all about the introduction about cloud computing, about simply learn and about easy 305. Any questions on the basics yet? How many of you know the difference between infrastructure as service, platform as service, and software as a service? Now this is uh important to understand. Uh it's a it's a basic cloud computing service model. Okay. Um when you are dealing with different compute services you'll have to understand the different between is PA and SAS. All right. So what is before going on break let me answer this quickly uh and then uh if I'm not able to complete this in in in the next 7 minutes we'll continue this since this is important to understand is pass and SAS now how do I see this is pass and SAS from for me or for you to understand is p and s from a305 point of view okay I'm not going at the A900 level since this is something which we cover in a 900 uh and a 104 as well. I'm not going into that level. So I'm I'm explaining it to you from a 305 point of view. Okay. The full form is quite simple. Infrastructure as a service, platform as a service and software as a service. All right. Now what is infrastructure as a service? So in infrastructure as a service your responsibility is more your as in you are the customer of Azure or any cloud provider. So your responsibility here is more in p your responsibility is less as compared to infrastructure as a service. Uh we are not saying that there's no responsibility there is responsibility. Okay. So how does this is pas and SAS are are defined is defined in a shared responsibility model. People think that since we are using cloud everything is cloud provider's responsibility. That's not correct. We are sharing responsibility with the cloud provider. Okay. So what is our responsibility? What is cloud provider's responsibility? that will be defined depending on the model depending on the service model you are selecting infrastructure service p platform as service software service now just to explain this in a simple term I just gave you an example of of suiki let's say you have an you have a similar idea and you want to use uh internet for your business so what you need to do you need to come up with an application first what is an application in simple term application is nothing but collection of files where your developer or if you are a developer you will be developing the application. So how do you write how do you code an app code an application? You simply open a file if you are using visual studio code or whatever you are using. You simply start writing your code and that code is written in a in a file. So you'll be having multiple files or you having single file depending on how big your application is. Now in order to store this or save these files, I need a server. Okay. So when I'm when I'm selecting cloud within the cloud, I have two options to select from. Infrastructure as a service or platform as a service. In infrastructure as a service, the hardware server is cloud provider's responsibility. Okay. Uh if you remember the data center model where you have to spend $1,000 or whatever the server cost is you have to spend that upfront. We are not using on-prem model right? So we are not going to spend this up front. So what we are doing we are using cloud. See even in cloud there is a hardware server. Someone has bought the hardware server. Who has bought? In our case it will be Azure. So if I'm using infrastructure as a service, this hardware server is cloud provider's responsibility. Now within that hardware server, the cloud provider will be deploying their own operating system. So in case of Microsoft Azure, they they are deploying HyperV. HyperV is nothing but an operating system. It's a hypervisor which allows them to create multiple uh machines on or multiple virtual machines on top of this hardware server. Okay. So this hyperV is also their responsibility. All right. Now on top of this HyperV I will be creating my virtual server. This is a physical server which is cloud provider responsibility. The operating system which is again cloud provider's responsibility. on top of this hyperV I will be creating my server my virtual server let's call it virtual machine 01 so this virtual machine 01 is my responsibility now within this virtual machine 01 I will be deciding whether to go for Windows operating system or Linux operating system that's I'll have to decide as as a customer I have to decide this okay so here what uh what Microsoft what we we will do we will select let's say we select Windows operating system and on top of that Windows operating system you have to use the runtime or the framework. So when you are writing an application your developer will write that application ill in certain code in some code right he might be using Java he might be using python might be using net whatever he's using you need to ask your developer or if you're a developer you should know that that there is framework I need to I need to use that language so in order to host the application I need to have this runtime installed on the server where I want to host my application where I want to add my files. So on top of Windows operating system, you will be deploying the .NET framework. And on top of that .NET framework, you will then host your application. That means you will add your files. So what is my responsibility as a user here? My responsibility is the operating system that I'm choosing, Windows operating system. My responsibility is the framework that I'm choosing,NET. My responsibilities is to take care of my application. That means I have to either hire a developer or if I'm a developer I'll have to develop the code. Now tell me every month Microsoft launches the update right? you know the update patching if you're using your mobile phone you receive the update for the applications that you have installed right every month or every week whatever so since this is hosted on cloud the Windows operating system on my virtual machine who will be responsible to patch that who will be responsible to patch that so if you're using virtual machine it's your responsibility you as a user Azure will not patch it for you okay yes there are way to ask Azure to patch uh but Azure by default will not patch you to patch your operating system so you have to patch it then if there is a new version available for net who will be installing that new version again you so whatever above hyperv is our responsibility So infrastructure as a service model requires more responsibility uh from from the user. Whereas Paz model is same there will be physical hardware server on top of it there will be any hypervisor like HyperV or ESXi whatever cloud providers is using there will be virtual machine there will be a framework like net java whatever when I'm using p all this stuff becomes the cloud provider's responsibility what is my responsibility when when I'm using p the The application code is my responsibility. So if I'm a developer, paz is something that I'll be choosing. Why? Because I'll get more time to focus on the development the virtual machine whether it's Linux or operate or Windows. It's Microsoft responsibility to patch. So your responsibility uh reduces when you use the p model, the pass service model. Clear what is says that software as a service entire software is given to you as a service like M365 Microsoft 365 you're using Google Drive so Google Drive is a software as a storage service given to you what are your responsibility when you are using Google Drive what is your responsibility when you're using Google Drive just adding data and sharing that data with whoever you want that's all that's your responsibility. So you're using that software entirely. Do you know where Google is hosting, where Google is saving, whether it's saving in India, Australia, US, wherever? How Google is storing that? Is is that something we need to bother about as a user? Obviously not. So software as a service, what is your responsibility? Reduced entirely zero. Yeah, you have limitation like if you're using free version, you can store up to 15 GB. If you need more, you just subscribe for a plan. That's all. Software as a service. Netflix software as a service. Are we paying for each movie separately? No. We are buying a plan. Do we need to keep a CD of all the movies? No. We just subscribe to a plan. We watch our our content, right? Software as a service. What is the infrastructure as a and a platform part of Netflix? Do you know CDVD? for CD DVD what what what what was required we need the CD player or the DVD player right so we need to buy it so I am responsible for the hardware I am responsible for bringing the CD or DVD I'm responsible for placing that CD DVD within the DVD driver uh DVD reader and then I can enjoy my movie if I don't have a CD of one particular movie I won't be able to enjoy that because I don't have the CD right the CD DVD player becomes the infrastructure as a service part in case of movies and all. What could be the platform as a service part? Uh I cannot think of any here. Okay. Yeah. The responsibility increases when you go for infrastructure and service model. Who will do the service of CDVD? Obviously I have to do as a as a as as a owner of that. Right. In Netflix, however they are hosting it, I don't care. I just pay them. I enjoy their service. That's all. Clear? Any questions on this? We will revisit this when we are on the compute section. Okay. So let's move on to our first topic which is uh authentication and authorization. So from the study guide we will we are covering uh this topic. This module design identity and governance and monitoring solutions and there we are covering authentication and authorization. This is the uh these are the topics that we are going to cover. And from the learn path 900 again. So from the learn path we are covering this one design identity governance and monitor solution. So first three topic will be identity and governance. Monitoring we'll cover once we have done uh covering all the services. So at the end of the uh I mean at the last day we will be covering monitor solutions. Right now we are starting with identity and governance. Okay. Now before I start I need an answer from you. How many of you have worked with uh adds active directory domain services or if you're from the Linux back background uh how many of you know what LDAP server is? What are these two services? And those who uh who are freshers please uh wait I'll explain what I'm uh what this topic is about. Okay. Okay. So what is adds those who have worked with active directory what is this? So what are these services? Adds an LDAP. Okay, never mind. Those who don't know, please pay attention. Okay, those who haven't worked with any of these services, you might have uh account right in OTD platforms like Netflix or Amazon Prime. Do you hold the account? How many of you have account in Netflix? Okay, you have right. So, in order to access or watch any any web series or a movie, what do you do? First, you go to dubdubdubnet.com, right? If you're using uh laptop, you go to this website. What happens? First thing, what it ask? Does it allow directly to watch the movie or there is something which we need to do? Log, right? So we need to provide our credentials login. We need to provide our username and password. So what happens when we provide username and password? Netflix service checks your username and password. It checks whether you are providing correct username and password. If you're providing correct username and password, you are allowed. If you provide wrong username and password, it may deny deny you the entry and you won't be able to access those services. Right? So this process of providing username and password and identifying that username and password is known as authentication. That means I am not I am Netflix is authenticating me checking me whether the credential that I have provided is correct or not. Okay. So what is authentication? Authentication is a way to to check someone with a certain credential. Apart from credential, how you can check someone? You can check them with with their card. Smart card. If let's say you work, you go to your office. When you go to your office, there is a door. In that door, you have to there's a reader where you have to place your your smart card. Those who are working might know, right? You have to place your smart card. Without smart card, there's no entry. You cannot go in, right? Unless your company has no security. Most of the company do have security and they do provide the smart card to their uh employees and in order to enter the building you need to place that smart card. So when you place that smart card the identity service that is deployed within that building checks whether your smart card is valid or not. If it's valid you can go in. If it's not valid you cannot go in. Okay. So what runs behind uh behind that authentication is this kind of services adds or LDAC. They runs behind the services and they checks whether your username or password is correct or not. You use your laptop, you use your company laptop or your personal laptop. You need to provide your username and password correct or not. We need to provide. Nowadays Microsoft has made this made made it compulsory to enter your Hotmail account right your email address. So once you provide your email address and password then only you can enter your laptop and do whatever changes you want. So this part of verifying the user the application or whatever you have whoever needs access Authentication is a is a is a process of verifying a person person is nothing but a user or application to see whether the credentials provided are correct or not. Okay. So that authentication is done by this services. Then once you're in once you're inside the building which flow you can access which flow you cannot access that path that part is known as authorization. So if I explain this in Netflix terms when you log into Netflix you have different plans right? You subscribe for different different plans. We have mobile plans, we have standard plan and then we have HD plan, right? I don't know the current plans but this was the plans we we had right. So you have uh mobile plan where when you log into Netflix you can only watch Netflix within I mean within your mobile app. Then you have standard plan where you can uh watch in two different screens uh at at the same time. And then you have some plan where you can watch in four different screen. So once you log in once Netflix authenticates you once you're inside the application that means you have got the access now it totally depends on the plan that you have subscribed to depends on that you're authorized to watch either on mobile or on two screens at a time or on four screens at a time. So that part of entering into something, entering into application and then checking what you are authorized to do, right? So like in cloud world, cloud world you are logging into Azure portal. So that login thing is nothing but authentication and then once you are logged into that application, what you can do? Can you create another user? Are you authorized to create another user? Can you delete the existing users? Are you authorized to do that? So to check what you can do, what can what you cannot do is known as the process of checking what you can do, what you cannot do is authorization. Clear? What is authentication? What is authorization? Is that clear? Now this is basic of any identity uh any identity and access management system. All right. So, authentication and authorization. If you want to implement in your organization, you need some kind of identity and access management system. If I want to implement authentication and authorization in my organization, I need some kind of AM service. IM stands for identity and access management. Okay. So if I want to uh implement that let's say I I'm not using cloud I'm using on-prem network. So in my on-prem data center I can either use active directory domain services or if I'm good with Linux I'll be using LDAP services. How do you use these services? You need to have a server first hardware server or or a virtual server whatever if you're using on-prem obviously you'll be having a hardware server on top of that hardware server depends on whether you are using virtualization or directly physical server you'll have to have Windows OS if you want to use adds or Linux OS if you if you want to use LDAP okay on top of that on top of Windows operating system you'll be deploying the active directory domain services role and there on top of it you will be promoting this server to domain controller where you'll be creating your domain and once it's promoted and your domain is ready then you can go ahead and create your users users groups whatever you want you can add computers and all right so this is al all all all the stuff you need to do when you're doing onrem that means your own data enter everything you need to do. You need to bring a server. You need to install the or uh install the operating system. Then you need to install the adds role on top of that operating system. And then you need to promote it to domain controller. Once everything is done, then only you'll be able to create users and uh groups and uh add computers. Okay. Now if you want to use Azure for IM, Azure has Microsoft Entra ID which is nothing but a cloud-based AM service. When we say cloud-based I uh AM service, we don't need to bother about all this stuff. We don't need our own server. We don't need to install Windows operating system. We don't need to install ADS on top of it and then promote it to domain. Everything will be handled by Microsoft. What we can do if you're using Microsoft Enra ID, as I mentioned, Microsoft Enra ID is a cloudbased AM tool. You sign up and start using it. You just sign up for Azure service for Azure portal and start creating your users. Don't need to bother about all this stuff. Only if you want to do on-prem from scratch, then you you are responsible for everything from scratch. If you want to go for cloud, we have we can sign up and we have access to Microsoft enter ID. We can start creating users uh directly. Okay, is IM clear? It was just basically just giving you an overview of IM. So what is ZTM? ZTM stands for zero trust model. Yeah. Now zero trust model is not a service. It's not a policy. is just a framework uh based on the principle of never trust always verified. Now if you go back few years like before cloud if you go back 10 years how do we used to consider the security? If you go back 10 years, if you go 10 years back, uh at that point in time, we had the parimeter network where you used to keep the firewall, uh IDS, IPS, all these devices we used to keep in our parimeter network. Before anyone can get into our network, uh the traffic was verified by these devices. And once the traffic considered as safe, then it can go inside our network. then it can access our servers whatever servers we had right so this is how we used to keep our network I'm not saying that we are not using firewall now we still using firewall but back in the days the security related decisions were were were kept in the demilitarized zone in the parimeter zone here but now we need to protect our identities Since if everything is cloud now uh 90% of the workload is in cloud only the banking the airport the airline those mostly are still using on-prem but 85 to 90% traffic is already uh in the cloud. Now if someone logs in and if he is authorized to do something and if let's say the login credentials are compromised then we are gone right. with the changing pattern a new model came in which is known as zero trust model. So what zero trust model does it's just a framework which based on this principle never trust always verify. You have to always verify whatever request is coming in. Okay. So what are the key principles we need to implement this zero trust model. And in order to implement this zerorust model, you need to have certain IM service in place in your organization. So zero trust model based on this principles like verify the request first. So every access request whatever request is coming in. So if someone is entering your building, you need to verify that you need to verify uh him or her. How do we verify? We use smart card, we use biometrics, whatever. Right? We need to verify that. Then second principle we have is least privilege. What what is least privilege? Now in in an organization or in an office building, we have different different areas like we have common areas like cafeterias, like gaming zone, right? And then we have some sensitive areas. So in IT we have data center, right? In airport, if you go to airport, we have immigration. Then before immigration, we have the check-in area. So check-in area is not sensitive area. Anyone can go there and and and do the check-in. So it's like a common area. So we need to provide the least privilege to the users like common areas everyone can go but sensitive areas only authorized person should go. So when we are using smart card based authentication we will divide the smart card into different types like everyone will have in uh whoever has the smart card they will have access to the common areas whereas only authorized people will have access to the sensitive areas like data center building itself right like knock room what is knock room is network operation center where from where you can monitor your your client's network, your own network. So those areas are sensitive. Why? Why? Because knock rooms have access to the servers, remote access to the servers. So I cannot allow everyone to go to the knock room. So we need to uh give the lease privilege. That means only people belonging to the knock team, they can enter the knock rooms. Lease privilege, right? Micro segmentation. Micro segmentation is like dividing the uh area or the network into smaller smaller uh VLANs or smaller smaller segments so that we can keep our monitoring uh continuous. We need to divide our area into smaller segment. Like here we can have certain CCTVs. Here we can have certain CCTVs. Here we can have certain CCTV. So this is my one area. This is another area. This is another area sensitive area where I can have multiple CCTVs. Uh this is knock room. So within that room we can have uh three or four different uh CCTVs from different different angles. Right? So I need to divide my uh let's say network or areas into micro segments. All right. So that I can have a continuous monitoring. So these are few principles that we have uh in zero trust model. Now again I'm saying zero trust model is not a security uh policy or is not a a tool it's just a framework which defines some principles and you need to make sure when you're implementing IM or you're designing IM you need to keep these things in mind. All right. Verific verify. Make sure you're providing lease privilege. Uh divide your areas into different segments. Have a team who can continuously monitor and always assume breach. What do you mean by assume breach? We have to do continuous monitoring and we have to assume assume breach and continuous monitoring works hand in hand. Assume breach as in let's say we have applied all the zero trust models. That doesn't means you are secure. Why it doesn't means we are secure? It's possible that someone who has the access has lost the credential has uh the credentials he was he or she was having uh was compromised and some person who should not be having his or her credential has got the credential and now roaming freely everywhere. Right? So every time we need to assume breach. Now how do we assume breach? What what is the meaning of this assume assume breach? How many of you uses uh Gmail? Gmail is a mailing service. How many of you uses? I'm sure 90% of people are using Gmail, right? So, have you ever tried logging into Gmail from a different device, from a from a totally new device? Back in the days, we used to have cyber cafe, but I don't know if we we still have the cyber cafes. But let's say you change your mobile and you log in from from from a new mobile. So what happens when you log into your Gmail account from a new mobile, you get a message, right? You tried uh from a different mobile, please uh please uh approve your notification in already existing mobile or your YouTube application or or wherever. Right? So we get that kind of message. So what is that? Gmail is assuming it's not you who's trying to login. So that's why Gmail is uh sending you that popup please notify uh please uh approve please approve. So that's that is the meaning of assume breach. Okay. So even though you have applied all the principles of zero trust model, you need to make sure or you need to assume breach so that wrong person or a hacker cannot get into your account. It's possible that my username is compromised since Gmail we have used or we have given our email ID to lot of people. So email ID is already compromised. Now what hackers can do they can launch different kind of different kind of attack against the username since username is already uh public right everyone knows my email id obviously not everyone knows but who I have shared my email ID with banks with e-commerce applications with Netflix with with different different service providers who knows who's selling my data right so if someone is has sold my data my uh uh email id is already in click. So hackers can get that get my email id and try to launch different different kind of attack. So that's why we have to assume reach. If you log into your Gmail from a new location from a new device, you would see that popup. All right. So in order to make sure that your data is secured, your access is secured, you need to follow the zero trust model framework. So what does zero trust model says in short? Never trust always verify right even though when you're logging into logging in from new mobile you're providing correct username you're providing correct password still Gmail is popping uh popping up to you to approve that that login right even though you have provided correct username password Gmail is thinking that it's might be a breach clear so That's what zero trust model is. Now how to implement zero trust model? You need to have some kind of IM service. So in Azure we have Microsoft Entra ID. So what is identity and access management? Identity and access management is just a service which helps you to implement authentication and authorization. It also gives you a way to manage accounts. Uh some IM also gives you the way to do the reporting. Right? Right? I want to fetch a report of my users who log in when from where. So all those stuff identity and access management gives you. In simple what is identity and access management? You have an identity that identity is is some object which requires the access to your resources. Okay. and simple term. Identity is a is an object which requires access to the resources. In basics of cloud computing, we understand we understood what cloud computing is. What is cloud computing? I'm again going back to the basics. Cloud computing is a way to deliver cloud uh to deliver the compute services over internet. Why you will be using cloud? To deploy the resources. What those resources are? You need to deploy server. You need to deploy database. You need to deploy storage. So these are your resources. Now how are you going to deploy these resources? You are deploying these resources. So you are the object who is deploying these resources. So you are the identity. whether or whether you can deploy or cannot deploy we need to first identify this guy who wants to deploy so he needs to go to portal.azio.com azure.com and our AM service will identify that user will identify that identity will identify that object who's trying to coming into our uh system right after identifying we will authenticate I mean not we the identity and access management service will authenticate that user whether the username and password provides provided are correct or not okay Then the authorization kicks in. Once you are inside the cloud, what you can do? Can you deploy server? Can you deploy database? Can you deploy storage? Can you do that? Authorization account management. You want to create few new users. You can do that using any IM service. Whatever AMC services you have developed access control what a user can do cannot do you can define that using access control. Okay. And then auditing and reporting any IM service uh most of the IM service gives you the auditing and reporting them. So what is IM? Is that clear? Now in Azure we have Microsoft Enra ID. So, Microsoft Entra ID is the service uh which is a cloud-based identity service. So, as I mentioned earlier, you don't need to deploy a server or anything. You just sign up for uh Azure and you have your Microsoft Entra ID. We don't need to do anything. We just need to sign up for Azure. That means you need to create your account on Azure. And once you have created your account, you already have Microsoft Entra. So it's a cloud sorry it's a cloud-based identity and access management solution. So it gives you centralized centralized identity management. If you have a single Microsoft enter tenant you can simply use that tenant and start creating your users. Right? If someone is already using active directory domain services they have an option to synchronize their users with Microsoft enter ID. So, Microsoft enter ID previously known as Azure Active Directory it was launched in 2013 or 15 I'm not sure on the exact year but during that time it was launched before that Microsoft had this service active directory domain services which uh the short form for that is adds which people were using on prem cloud started gaining pro uh popularity after 2010 or 2011. I think 2006 or 7 AWS got launched and 101 Microsoft came in and by 15 it was all popular 1516. Okay. So before that when cloud was not there people were already using ADDS for their on-prem identity and access management services. So those those organization who are already having ADDS and they want to use Microsoft Enra ID then which identity and access management service will do the authentication will do the authorization will do the verification. So you have adds you have Microsoft enter ID both are IM service which will do the authentication which will uh if you are resetting password which will be considered as as the uh having the highest control. So all those question were arises arised if you use two different identity and access management services. So what Microsoft did Microsoft created Microsoft Entra connect. So it's a tool which you can install on your on-prem server and using that you can synchronize your on-prem users to Microsoft Entra ID. Okay. So if I have hundreds of users on prem and if I use Microsoft Entra connect all hundreds of user will be synchronized to Microsoft Entra ID. Okay. So whatever user you have over here, all users will be synchronized. Instead of recreating user in Microsoft Endra ID, you use this tool and synchronize your users. That's all. All right. So that option Microsoft uh gave to the people who are already using Microsoft uh active directory domain services. Microsoft created a tool. You deploy that tool on a server and you start synchronizing your user. If you create a new user, that new user will also get synchronized. So, Microsoft Enter ID in short is a cloud-based identity and access management solution that you can use once you sign up to the Azure. It's free of cost. Obviously, there are different plans and pricing, but uh when you start, it's free of cost. Okay. So how to see Microsoft enter ID in action. If I go to uh Azure portal. All right. Now in Azure portal before I show you the Microsoft Entra ID let me just explain or give you the tour of Azure portal. Okay. So I'll do it from scratch. Let me sign out. Okay. So I've signed out now. So first thing that you need to do whenever you want to interact with Azure platform, you need to go to portal.azure.com. So this is the uh link where you should be going when you want to log into Azure or when you want to interact with Azure portal. when I click on uh when I press enter first thing that Microsoft Azure portal or Microsoft is doing is what it's asking what is this process I went to portal.azzio.com azio.com and it directed me to this what it is doing right now authentication. Okay, it is asking me to prove my identity. So this step that we are going that we are doing right now is authentication. So authentication is the process of verifying and identifying the identities. This is my username. How do we usually authenticate? We ask for the username. So my username is already selected here. Already mentioned here. If it's not mentioned, I can simply provide my email id. Whatever my email id is, right? This is my email ID. For example, I'm providing that. I click on next. It will ask me for the password. I provide the password. I click on sign in. Okay. Once I click on sign in, I'm inside. If my username and password are correct, I'll be inside. So I'll I'm in my application. All right. Now this is Azure portal. Now those who do not have access to Azure portal, what you can do is either if you want to use your own account uh unrestricted account, you can sign up for free tier. You search for Azure feed free tier and you will see uh the Microsoft Azure page in Google or Bing. You just search for Azure free tier. Go to the first link that Microsoft is providing and there you'll be having a button which says get started with Azure. Click on it. Once you go, once you click on it, you can click on try Azure for free. Once you click on try Azure for free, it will ask your email ID and your password. Right? So, you need to provide your uh Microsoft email ID. If you do not have one, you can create one from here. So, whatever email ID you have, you provide that. Now, in my case, I have already utilized. So, if I enter my email address, uh it will trigger it will say that I'm not eligible. Why? because I've already used it. Okay. So, I've already used it. So, it will say I'm not eligible. So, uh in order to utilize Microsoft Entra ID, sorry, in order to use Azure free tier, you need to have a unique email address that you have not used before, right? Okay. Sorry. You need to have unique email address that you have not used before. Right. So here it says I'm not eligible. Why? Because I've already utilized it. So I can sign up for a pay as you go go pricing. I cannot sign up for a free tier. What I'll do? I'll see if I have any other email address. But I'm not signing up since apart from email address, you also need a unique credit card. Right? So I don't have a credit card. I've already utilized all my credit card. So if I have any other email address, I can use that. So let me see. I don't have any email address. send me okay so I don't have any so I won't be able to demonstrate how you can come up with the but it it's very basic you just provide your email address once you provide the email address you can then uh provide your details like your mobile number that should also be unique. Your email address that should also be the one that you have never used before and the credit card which you have never used before. So Microsoft Azure has this restriction where you cannot use the same email twice to avail the free services. So you need to use new email every time but with new email you need to have a new credit card as well as you need to have a u a different mobile number that you have never used before. All right AWS I think doesn't have that issue with AWS. You just need a new email address. You can use the same credit card again. Okay. So that's how you can sign up for a free tier from here. Once you have the free tier u you can then sign into portal.asio.com. So once you get your free tier you can then sign in by going to portal.azio.com providing your email address that you use to sign up and your password. That's all. All right. Now let me introduce you or give you a tour to Azure portal. So the first thing that you see on left hand side here uh where where you see nine dots. So this nine dots is a cloud menu. Okay. What what what do what what what is the cloud menu? This is a newly uh uh new feature or or a new option that Microsoft has added where you can launch different Microsoft portal directly from here. So let's say I want to work with GitHub. So I click on GitHub, it will take me to the GitHub. I want to work with Intune. I click on Intune, it will take me to the Intune. Right? So different different portals. shortcut to that portal Microsoft has just added here doesn't u it is helpful when you want to switch between different u different portals if you want to uh go to GitHub from here or in tune from here you can simply click on this shortcut and go to that right after the cloud menu the second thing that you that you see with the three lines uh is known as uh portal menu. So if I click on it, you'll see the menu over here from where you can go to you create any resource. Uh some shortcuts are given, right? Go to homepage, go to dashboard page, uh go to Microsoft enter, go to monitor services, right? So shortcuts are given. So you can launch whichever service you want. I want to work with virtual machine. I click on this portal menu. I launch the virtual machine and I go to the virtual machine page. Right? Similarly, any service that that we want to use, we we go there and we can use it. Okay. Next, after that, you have this Microsoft Azure mentioned there. It's it's the brand name. So, if you click on it, you'll be landed to the homepage. Whatever page you have selected, you'll be landed to there. All right? It's just uh a shortcut to go to the to the homepage or to the dashboard whichever you have selected. Then, if you go right hand side, you have the search bar. So if I want to we will be using this search bar every time we want to work with any service. So this search bar will help me to search for different resources. Like if I just type virtual, it will list out all the services which has uh virtual in it. Like I want to work with virtual machine. I search for virtual. Virtual machine is there. I click on virtual machine. It will be landed to the virtual machine page. From here I can create virtual machine. I can stop existing virtual machine if I want. start, restart, whatever. Right? Similarly, if I search for database, so anything related with with this particular keyword will be uh placed over here, right? Database watcher, SAP solution, whatever I search for SQL, all the SQL related services will be provided. Right? So, this is just the search bar, a shortcut you can say to search and go to any service that you want. Then if you go on again on right hand side you have copilot. What is copilot guys? So copilot is a gen AI tool from Microsoft right. So if I click on co c co c co c co c co c co c co c co c co c co c co c co c co-pilot within the browser itself I will get a way to chat with the co-pilot. So if I have any issue like I want uh copilot to answer any of this any of the question like I just uh added hi it it gave me the response right I want copilot to create an ARM template for me and enter. So what it will do it will give me a give me a response depending on my prompt. So the better the prompt is the better the response will be right. So it…

Transcript truncated. Watch the full video for the complete content.