Azure Fundamentals: The Complete Cheat Sheet

Introduction

Microsoft Azure is a cloud computing platform offering a wide range of services for building, deploying, and managing applications through Microsoft’s global network of data centers. It provides infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) solutions that help organizations meet business challenges while reducing capital expenditure on hardware and infrastructure management.

Core Azure Concepts

Cloud Computing Models

ModelDescriptionAzure Examples
IaaS (Infrastructure as a Service)Provides virtualized computing resources over the internetVirtual Machines, Virtual Networks, Storage Accounts
PaaS (Platform as a Service)Provides platform allowing customers to develop, run, and manage applicationsApp Service, Azure Functions, Logic Apps
SaaS (Software as a Service)Delivers software applications over the internet, on-demandMicrosoft 365, Dynamics 365, Power BI
ServerlessAbstracts servers, infrastructure, and OSAzure Functions, Logic Apps

Core Azure Architectural Components

Azure Regions and Availability Zones

  • Region: Geographic area containing at least one data center
  • Region Pair: Two regions paired for disaster recovery
  • Availability Zone: Physically separate facilities within a region
  • Availability Set: Logical grouping of VMs that protects from hardware failures

Azure Resources Hierarchy

  1. Management Groups: Container for multiple subscriptions
  2. Subscriptions: Billing unit and security boundary
  3. Resource Groups: Logical container for resources
  4. Resources: Individual services (VMs, databases, etc.)

Azure Core Services

Compute Services

ServiceDescriptionUse Case
Virtual MachinesIaaS offering providing full control over OSLegacy app migration, custom software
VM Scale SetsSet of identical VMs with autoscalingWeb servers, processing nodes
App ServicePaaS for hosting web apps, APIs, mobile backendsWeb applications, API hosting
Azure FunctionsServerless compute serviceEvent-driven processing, microservices
Container InstancesRun containers without managing serversSimple container deployment
Azure Kubernetes Service (AKS)Managed Kubernetes serviceContainer orchestration

Storage Services

ServiceDescriptionUse Case
Blob StorageObject storage for unstructured dataImages, videos, documents, backups
File StorageFully managed file sharesShare files between apps, hybrid scenarios
Queue StorageMessage queuing for reliable messagingApplication decoupling
Table StorageNoSQL key-value storeSemi-structured data storage
Disk StoragePersistent disks for VMsVM storage
Azure Data Lake StorageStorage optimized for big data analyticsBig data solutions

Networking Services

ServiceDescriptionKey Features
Virtual Network (VNet)Isolated network in AzureSubnets, NSGs, Route Tables
Load BalancerDistributes traffic to VMsHigh availability, scalability
Application GatewayWeb traffic load balancer with firewallURL routing, SSL termination, WAF
VPN GatewayConnect on-premises to AzureSite-to-site, point-to-site
ExpressRoutePrivate connection to AzureHigh bandwidth, low latency
Content Delivery Network (CDN)Delivers content from point of presence close to usersCache static content, reduce latency
Azure DNSDomain name system hostingManage DNS records
Azure FirewallManaged network security serviceNetwork filtering, threat protection

Database Services

ServiceDescriptionUse Case
Azure SQL DatabaseManaged relational databaseEnterprise applications
Azure Cosmos DBGlobally distributed multi-model databaseGlobal apps, IoT, mobile apps
Azure Database for MySQLManaged MySQL databaseWeb applications, CMS
Azure Database for PostgreSQLManaged PostgreSQL databaseGeospatial, analytical apps
Azure Synapse AnalyticsData warehousing and big data analyticsData warehousing, BI
Azure Cache for RedisIn-memory data storeCaching, session store

Identity Services

ServiceDescriptionUse Case
Azure Active Directory (Azure AD)Identity and access managementSingle sign-on, MFA, RBAC
Azure AD B2CCustomer identity managementCustomer-facing applications
Managed IdentitiesAutomatically managed identities for Azure resourcesSecure service-to-service communication

Azure Management Tools

Core Management Tools

ToolDescriptionPurpose
Azure PortalWeb-based consoleVisual management of resources
Azure PowerShellCommand-line shellScripted management and automation
Azure CLICross-platform command-line interfaceScripted management and automation
Azure Cloud ShellBrowser-based shell environmentManagement without local installation
Azure Resource Manager (ARM)Deployment and management serviceInfrastructure as code
Azure Mobile AppMobile app for AzureMonitoring and alerts on the go

Monitoring Tools

ToolDescriptionUse Case
Azure MonitorPlatform for collecting and analyzing dataMonitoring and diagnostics
Application InsightsApplication performance managementWeb app monitoring
Log AnalyticsCollects and analyzes log dataTroubleshooting, analysis
Azure AdvisorPersonalized recommendationsOptimize resources
Azure Service HealthPersonalized guidance about service issuesStay informed about outages

Azure Security and Compliance

Security Services

ServiceDescriptionKey Features
Azure Security CenterUnified security management systemSecurity posture, threat protection
Microsoft Defender for CloudExtended security management across cloudsAdvanced threat protection
Azure SentinelCloud-native SIEM and SOARSecurity analytics, threat intelligence
Key VaultSecrets management and key managementStore credentials, certificates
DDoS ProtectionNetwork protection against DDoS attacksAutomatic detection, mitigation

Azure Security Best Practices

  • Implement defense in depth (layered security)
  • Use Azure RBAC for fine-grained access control
  • Enable multi-factor authentication (MFA)
  • Apply the principle of least privilege
  • Encrypt data at rest and in transit
  • Implement network security groups and application security groups
  • Keep systems patched and updated
  • Monitor and audit regularly

Compliance Programs

  • ISO 27001, ISO 27018
  • SOC 1, SOC 2, SOC 3
  • HIPAA, HITECH
  • FedRAMP
  • GDPR
  • PCI DSS

Cost Management and Governance

Azure Cost Factors

  • Resource type and consumption
  • Azure subscription type
  • Azure Marketplace
  • Resource location/region
  • Inbound/outbound traffic
  • Reserved instances vs. pay-as-you-go

Cost Management Tools

ToolDescriptionUse Case
Azure Cost ManagementMonitor, allocate, and optimize costsCost analysis, budgets
Azure Advisor Cost RecommendationsCost optimization suggestionsReduce waste, rightsize resources
Pricing CalculatorEstimate costs before deploymentProject planning, budgeting
Total Cost of Ownership (TCO) CalculatorCompare on-premises vs. cloud costsMigration planning
Azure ReservationsReserved capacity at discounted ratesVM instances, Azure SQL
Azure Spot VMsLow-cost VMs using excess capacityBatch processing, non-critical workloads

Governance Tools

ToolDescriptionBenefits
Azure PolicyCreate, assign, and manage policiesEnforce standards, assess compliance
Azure BlueprintsRepeatable sets of Azure resourcesStandardized environment setup
Management GroupsManage multiple subscriptionsHierarchical organization
Resource LocksPrevent accidental deletion/modificationCritical resource protection
Service Trust PortalAccess compliance documentsReview compliance offerings

Common Azure CLI Commands

# Login to Azure
az login

# Set subscription
az account set --subscription "Subscription Name"

# Create resource group
az group create --name MyResourceGroup --location eastus

# List all resource groups
az group list --output table

# Create a virtual machine
az vm create \
  --resource-group MyResourceGroup \
  --name MyVM \
  --image UbuntuLTS \
  --admin-username azureuser \
  --generate-ssh-keys

# List all VMs
az vm list --output table

# Start/stop VM
az vm start --resource-group MyResourceGroup --name MyVM
az vm stop --resource-group MyResourceGroup --name MyVM

# Create storage account
az storage account create \
  --name mystorageaccount \
  --resource-group MyResourceGroup \
  --location eastus \
  --sku Standard_LRS

# Create Azure SQL Database
az sql server create \
  --name mysqlserver \
  --resource-group MyResourceGroup \
  --location eastus \
  --admin-user serveradmin \
  --admin-password ComplexPassword123!

# Delete a resource group and all resources
az group delete --name MyResourceGroup --yes

Common PowerShell Commands

# Login to Azure
Connect-AzAccount

# Select subscription
Select-AzSubscription -SubscriptionName "Subscription Name"

# Create resource group
New-AzResourceGroup -Name "MyResourceGroup" -Location "EastUS"

# List resource groups
Get-AzResourceGroup | Format-Table

# Create a VM
New-AzVM -ResourceGroupName "MyResourceGroup" -Name "MyVM" -Location "EastUS" -VirtualNetworkName "MyVNet" -SubnetName "MySubnet" -SecurityGroupName "MyNSG" -PublicIpAddressName "MyPublicIP" -OpenPorts 80,3389

# Start/stop VM
Start-AzVM -ResourceGroupName "MyResourceGroup" -Name "MyVM"
Stop-AzVM -ResourceGroupName "MyResourceGroup" -Name "MyVM" -Force

# List all VMs
Get-AzVM | Format-Table Name,ResourceGroupName,Location

# Create storage account
New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -Location "EastUS" -SkuName "Standard_LRS"

# Remove resource group and all resources
Remove-AzResourceGroup -Name "MyResourceGroup" -Force

ARM Template Structure

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "storageAccountName": {
      "type": "string",
      "metadata": {
        "description": "Storage Account Name"
      }
    }
  },
  "variables": {
    "storageAccountSku": "Standard_LRS"
  },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2021-04-01",
      "name": "[parameters('storageAccountName')]",
      "location": "[resourceGroup().location]",
      "sku": {
        "name": "[variables('storageAccountSku')]"
      },
      "kind": "StorageV2",
      "properties": {
        "supportsHttpsTrafficOnly": true
      }
    }
  ],
  "outputs": {
    "storageAccountId": {
      "type": "string",
      "value": "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
    }
  }
}

Azure Deployment Strategies

StrategyDescriptionBenefits
Blue-Green DeploymentCreate identical environments, switch trafficMinimal downtime, easy rollback
Canary DeploymentGradually shift traffic to new versionControlled risk, real-world testing
Rolling DeploymentGradually replace instances with new versionMinimal impact on capacity
A/B TestingRoute subset of users to new versionTest features with real users

Common Azure Architectures

Web Application with Database

  • Front-end: App Service or Static Web Apps
  • API: App Service, Azure Functions
  • Database: Azure SQL Database, Cosmos DB
  • Caching: Redis Cache
  • CDN: Azure CDN

Microservices Architecture

  • Service orchestration: AKS, Service Fabric
  • API Gateway: API Management
  • Service-to-service communication: Event Grid, Service Bus
  • Monitoring: Application Insights
  • Identity: Azure AD, Managed Identities

Big Data and Analytics

  • Data ingestion: Event Hubs, IoT Hub
  • Storage: Data Lake Storage
  • Processing: HDInsight, Databricks
  • Analysis: Synapse Analytics
  • Visualization: Power BI

Common Azure Troubleshooting

IssueTroubleshooting Steps
VM Can’t ConnectCheck NSG rules, public IP, VM state
Web App Not RespondingCheck App Service logs, Application Insights
Database PerformanceCheck DTU usage, query performance, indexing
Network ConnectivityCheck NSGs, UDRs, firewall settings, peering
Azure AD AuthenticationCheck user permissions, MFA settings, conditional access

Resources for Further Learning

Azure Certification Path

CertificationDescriptionRecommended Experience
AZ-900Azure Fundamentals0-6 months
AZ-104Azure Administrator6+ months
AZ-204Azure Developer1-2 years developing in Azure
AZ-500Azure Security Engineer1-2 years security experience
AZ-305Azure Solutions Architect1-2 years designing cloud solutions
AZ-700Azure Network Engineer1-2 years networking experience
DP-900Azure Data Fundamentals0-6 months data experience
DP-203Azure Data Engineer1-2 years data engineering
AI-900Azure AI Fundamentals0-6 months AI experience
AI-102Azure AI Engineer1-2 years AI development

This comprehensive Azure Fundamentals cheat sheet provides a quick reference for anyone working with or studying Microsoft Azure cloud services. From core concepts to specific services and commands, use this guide to accelerate your Azure journey and build cloud solutions more effectively.

Scroll to Top